# smtp sasl auth fehler



## tarapala (22. Jan. 2016)

Hallo ich versuche jetzt schon seit tagen meinen root "Debian 8" nach der anleitung mit ISPConfig 3 ans laufen zu bringen momentan ärger ich mich mit dem Emailempfang(pop) und smtp auth login rum. Ich zähle mich selber zu den Unix Neulingen noch aber behersche die sprache php und perl.
wäre top wenn einer ne idee hat, logs etc kann ich gerne posten.
LG

Emaillog ISP:
Jan 22 13:05:02 server1 postfix/smtpd[16321]: connect from localhost[127.0.0.1]
Jan 22 13:05:02 server1 postfix/smtpd[16321]: lost connection after CONNECT from localhost[127.0.0.1]
Jan 22 13:05:02 server1 postfix/smtpd[16321]: disconnect from localhost[127.0.0.1]
Jan 22 13:10:01 server1 dovecot: imap-login: Disconnected (disconnected before auth was ready, waited 0 secs): user=<>, rip=127.0.0.1, lip=127.0.0.1, secured, session=<VZ1JGespTwB/AAAB>
Jan 22 13:10:01 server1 postfix/smtpd[16463]: connect from localhost[127.0.0.1]
Jan 22 13:10:01 server1 dovecot: pop3-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=127.0.0.1, lip=127.0.0.1, secured, session=<QfFJGespFAB/AAAB>
Jan 20 19:36:41 server1 postfix/master[2426]: warning: process /usr/lib/postfix/smtpd pid 2822 exit status 1
Jan 20 19:36:41 server1 postfix/master[2426]: warning: /usr/lib/postfix/smtpd: bad command startup -- throttling
Jan 20 19:37:41 server1 postfix/smtpd[2835]: warning: SASL: Connect to private/auth failed: Connection refused
Jan 20 19:37:41 server1 postfix/smtpd[2835]: fatal: no SASL authentication mechanisms
Jan 22 13:15:02 server1 dovecot: pop3-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=127.0.0.1, lip=127.0.0.1, secured, session=<0YowK+spGgB/AAAB>
Jan 22 13:15:02 server1 postfix/smtpd[16565]: connect from localhost[127.0.0.1]
Jan 22 13:15:02 server1 postfix/smtpd[16565]: lost connection after CONNECT from localhost[127.0.0.1]
Jan 22 13:15:02 server1 postfix/smtpd[16565]: disconnect from localhost[127.0.0.1]
Jan 22 13:20:01 server1 dovecot: imap-login: Disconnected (disconnected before auth was ready, waited 0 secs): user=<>, rip=127.0.0.1, lip=127.0.0.1, secured, session=<dvEJPespWwB/AAAB>
Jan 22 13:20:01 server1 dovecot: pop3-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=127.0.0.1, lip=127.0.0.1, secured, session=<km4KPespIAB/AAAB>
Jan 22 13:20:01 server1 postfix/smtpd[16667]: connect from localhost[127.0.0.1]
Jan 22 13:20:01 server1 postfix/smtpd[16667]: lost connection after CONNECT from localhost[127.0.0.1]
Jan 22 13:20:01 server1 postfix/smtpd[16667]: disconnect from localhost[127.0.0.1]

Emailwarnung ISP:
Jan 20 19:48:00 server1 postfix/trivial-rewrite[3176]: warning: do not list domain myserver.eu in BOTH mydestination and virtual_mailbox_domains
an 21 20:17:29 server1 postfix/smtpd[11153]: warning: unknown[123.57.228.161]: SASL LOGIN authentication failed: Invalid authentication mechanism

Jan 22 01:35:47 server1 postfix/smtps/smtpd[738]: warning: TLS library problem: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol:s23_srvr.c:650:
Jan 22 01:35:47 server1 postfix/smtps/smtpd[740]: warning: TLS library problem: error:1408A10B:SSL routines:SSL3_GET_CLIENT_HELLO:wrong version number:s3_srvr.c:993:
Jan 22 01:35:50 server1 postfix/smtps/smtpd[738]: warning: TLS library problem: error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher:s3_srvr.c:1396:
Jan 22 03:21:01 server1 postfix/smtpd[3177]: warning: hostname iweb.com does not resolve to address 104.233.84.250
Jan 22 03:21:02 server1 postfix/smtpd[3177]: warning: unknown[104.233.84.250]: SASL LOGIN authentication failed: Invalid authentication mechanism
Emailerror ISP

Jan 20 19:42:18 server1 postfix/smtpd[3052]: fatal: no SASL authentication mechanisms
Jan 21 13:18:32 server1 dovecot: master: Error: systemd listens on port 993, but it's not configured in Dovecot. Closing.
Jan 21 13:18:32 server1 dovecot: master: Error: systemd listens on port 993, but it's not configured in Dovecot. Closing.
Nameserver:
-/- NS ns10.mynameserver.de
-/- NS ns9.mynameserver.de
-/- MX 100 mail.myserver.eu
-/- A my.ip
* A my.ip
ftp cname my.ip
imap cname my.ip
localhost a 127.0.0.1
mail a my.ip
pop cname my.ip
smtp cname my.ip
www a my.ip



EDIT:


----------



## tarapala (22. Jan. 2016)

/etc/dovecot/conf.d/10-master.conf

```
#default_process_limit = 100
#default_client_limit = 1000

# Default VSZ (virtual memory size) limit for service processes. This is mainly
# intended to catch and kill processes that leak memory before they eat up
# everything.
#default_vsz_limit = 256M

# Login user is internally used by login processes. This is the most untrusted
# user in Dovecot system. It shouldn't have access to anything at all.
#default_login_user = dovenull

# Internal user is used by unprivileged processes. It should be separate from
# login user, so that login processes can't disturb other processes.
#default_internal_user = dovecot

service imap-login {
  inet_listener imap {
    #port = 143
  }
  inet_listener imaps {
    #port = 993
    #ssl = yes
  }

  # Number of connections to handle before starting a new process. Typically
  # the only useful values are 0 (unlimited) or 1. 1 is more secure, but 0
  # is faster. <doc/wiki/LoginProcess.txt>
  #service_count = 1

  # Number of processes to always keep waiting for more connections.
  #process_min_avail = 0

  # If you set service_count=0, you probably need to grow this.
  #vsz_limit = $default_vsz_limit
}

service pop3-login {
  inet_listener pop3 {
    #port = 110
  }
  inet_listener pop3s {
    #port = 995
    #ssl = yes
  }
}

service lmtp {
  unix_listener lmtp {
    #mode = 0666
  }

  # Create inet listener only if you can't use the above UNIX socket
  #inet_listener lmtp {
    # Avoid making LMTP visible for the entire internet
    #address =
    #port =
  #}
}

service imap {
  # Most of the memory goes to mmap()ing files. You may need to increase this
  # limit if you have huge mailboxes.
  #vsz_limit = $default_vsz_limit

  # Max. number of IMAP processes (connections)
  #process_limit = 1024
}

service pop3 {
  # Max. number of POP3 processes (connections)
  #process_limit = 1024
}

service auth {
  # auth_socket_path points to this userdb socket by default. It's typically
  # used by dovecot-lda, doveadm, possibly imap process, etc. Users that have
  # full permissions to this socket are able to get a list of all usernames and
  # get the results of everyone's userdb lookups.
  #
  # The default 0666 mode allows anyone to connect to the socket, but the
  # userdb lookups will succeed only if the userdb returns an "uid" field that
  # matches the caller process's UID. Also if caller's uid or gid matches the
  # socket's uid or gid the lookup succeeds. Anything else causes a failure.
  #
  # To give the caller full permissions to lookup all users, set the mode to
  # something else than 0666 and Dovecot lets the kernel enforce the
  # permissions (e.g. 0777 allows everyone full permissions).
  unix_listener auth-userdb {
    mode = 0666
    user = postfix
    group = postfix
  }

  # Postfix smtp-auth
  unix_listener /var/spool/postfix/private/auth {
    mode = 0666
  }

  # Auth process is run as this user.
  #user = $default_internal_user
}

service auth-worker {
  # Auth worker process is run as root by default, so that it can access
  # /etc/shadow. If this isn't necessary, the user should be changed to
  # $default_internal_user.
  #user = root
}

service dict {
  # If dict proxy is used, mail processes should have access to its socket.
  # For example: mode=0660, group=vmail and global mail_access_groups=vmail
  unix_listener dict {
    #mode = 0600
    #user =
    #group =
  }
}
```
/etc/postfix/main.cf

```
# See /usr/share/postfix/main.cf.dist for a commented, more complete version


    # Debian specific:  Specifying a file name will cause the first
    # line of that file to be used as the name.  The Debian default
    # is /etc/mailname.
    #myorigin = /etc/mailname

    smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
    biff = no

    # appending .domain is the MUA's job.
    append_dot_mydomain = no

    # Uncomment the next line to generate "delayed mail" warnings
    #delay_warning_time = 4h

    readme_directory = /usr/share/doc/postfix

    # TLS parameters
    smtpd_tls_cert_file = /etc/postfix/smtpd.cert
    smtpd_tls_key_file = /etc/postfix/smtpd.key
    smtpd_use_tls = yes
    smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
    smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

    # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
    # information on enabling SSL in the smtp client.

    smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
    myhostname = myserver.eu
    alias_maps = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
    alias_database = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
    myorigin = /etc/mailname
    mydestination = localhost, localhost.localdomain
    relayhost =
    mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
    mailbox_size_limit = 0
    recipient_delimiter = +
    inet_interfaces = all
    default_transport = error
    relay_transport = error
    html_directory = /usr/share/doc/postfix/html
    inet_protocols = all
    virtual_alias_domains =
    virtual_alias_maps = hash:/var/lib/mailman/data/virtual-mailman, proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, proxy:mysql:/etc/postfix/mysql-virtual_email2email.cf
    virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
    virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
    virtual_mailbox_base = /var/vmail
    virtual_uid_maps = static:5000
    virtual_gid_maps = static:5000
    smtpd_sasl_auth_enable = yes
    broken_sasl_auth_clients = yes
    smtpd_sasl_authenticated_header = yes
    smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, check_recipient_access mysql:/etc/postfix/mysql-virtual_recipient.cf
    smtpd_tls_security_level = may
    transport_maps = hash:/var/lib/mailman/data/transport-mailman, proxy:mysql:/etc/postfix/mysql-virtual_transports.cf
    relay_domains = mysql:/etc/postfix/mysql-virtual_relaydomains.cf
    relay_recipient_maps = mysql:/etc/postfix/mysql-virtual_relayrecipientmaps.cf
    proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks
    smtpd_sender_restrictions = check_sender_access mysql:/etc/postfix/mysql-virtual_sender.cf
    smtpd_client_restrictions = check_client_access mysql:/etc/postfix/mysql-virtual_client.cf
    smtpd_client_message_rate_limit = 100
    maildrop_destination_concurrency_limit = 1
    maildrop_destination_recipient_limit = 1
    virtual_transport = dovecot
    header_checks = regexp:/etc/postfix/header_checks
    mime_header_checks = regexp:/etc/postfix/mime_header_checks
    nested_header_checks = regexp:/etc/postfix/nested_header_checks
    body_checks = regexp:/etc/postfix/body_checks
    owner_request_special = no
    smtp_tls_security_level = may
    smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
    smtpd_tls_protocols = !SSLv2,!SSLv3
    smtp_tls_protocols = !SSLv2,!SSLv3
    dovecot_destination_recipient_limit = 1
    smtpd_sasl_type = dovecot
    smtpd_sasl_path = private/auth
    content_filter = amavis:[127.0.0.1]:10024
    receive_override_options = no_address_mappings
    message_size_limit = 0
```


----------



## tarapala (22. Jan. 2016)

kleine anmerkung wenn ich nach dem pfad von sasl suche werde ich auch net fündig. der login zur mailadresse von thunderbird klappt nur der versand nicht allerdings wenn ich eine mail an die emailadresse  meines servers schicke bekomme ich auch die email zurückgeschickt-.-

bin für jede idee dankbar
lg


----------



## Till (22. Jan. 2016)

Welche Anleitung hast Du denn genomen?

Ich nutze die offizielle Anleitung hier mehrmals pro Woche:

https://www.howtoforge.com/tutorial/perfect-server-debian-8-jessie-apache-bind-dovecot-ispconfig-3/

Einfach blind copy/paste der Befehle, funktioniert immer. 

Die von Dir gepostete Dovecot datei wird auf einem ISPConfig Server gernicht verwendet, die Konfiguration steht in der dovecot.conf Datei und die wird von ISPConfig complett geschrieben, ist also immer richtig solange Du sie nicht manuell geändert hast.


----------



## tarapala (22. Jan. 2016)

ja genau diese version hab ich verwendet. manuell hab ich da nix verändert.
lg
/etc/dovecot/dovecot.conf

```
## Dovecot configuration file

# If you're in a hurry, see http://wiki2.dovecot.org/QuickConfiguration

# "doveconf -n" command gives a clean output of the changed settings. Use it
# instead of copy&pasting files when posting to the Dovecot mailing list.

# '#' character and everything after it is treated as comments. Extra spaces
# and tabs are ignored. If you want to use either of these explicitly, put the
# value inside quotes, eg.: key = "# char and trailing whitespace  "

# Most (but not all) settings can be overridden by different protocols and/or
# source/destination IPs by placing the settings inside sections, for example:
# protocol imap { }, local 127.0.0.1 { }, remote 10.0.0.0/8 { }

# Default values are shown for each setting, it's not required to uncomment
# those. These are exceptions to this though: No sections (e.g. namespace {})
# or plugin settings are added by default, they're listed only as examples.
# Paths are also just examples with the real defaults being based on configure
# options. The paths listed here are for configure --prefix=/usr
# --sysconfdir=/etc --localstatedir=/var

# Enable installed protocols
!include_try /usr/share/dovecot/protocols.d/*.protocol

# A comma separated list of IPs or hosts where to listen in for connections.
# "*" listens in all IPv4 interfaces, "::" listens in all IPv6 interfaces.
# If you want to specify non-default ports or anything more complex,
# edit conf.d/master.conf.
#listen = *, ::

# Base directory where to store runtime data.
#base_dir = /var/run/dovecot/

# Name of this instance. In multi-instance setup doveadm and other commands
# can use -i <instance_name> to select which instance is used (an alternative
# to -c <config_path>). The instance name is also added to Dovecot processes
# in ps output.
#instance_name = dovecot

# Greeting message for clients.
#login_greeting = Dovecot ready.

# Space separated list of trusted network ranges. Connections from these
# IPs are allowed to override their IP addresses and ports (for logging and
# for authentication checks). disable_plaintext_auth is also ignored for
# these networks. Typically you'd specify your IMAP proxy servers here.
#login_trusted_networks =

# Space separated list of login access check sockets (e.g. tcpwrap)
#login_access_sockets =

# With proxy_maybe=yes if proxy destination matches any of these IPs, don't do
# proxying. This isn't necessary normally, but may be useful if the destination
# IP is e.g. a load balancer's IP.
#auth_proxy_self =

# Show more verbose process titles (in ps). Currently shows user name and
# IP address. Useful for seeing who are actually using the IMAP processes
# (eg. shared mailboxes or if same uid is used for multiple accounts).
#verbose_proctitle = no

# Should all processes be killed when Dovecot master process shuts down.
# Setting this to "no" means that Dovecot can be upgraded without
# forcing existing client connections to close (although that could also be
# a problem if the upgrade is e.g. because of a security fix).
#shutdown_clients = yes

# If non-zero, run mail commands via this many connections to doveadm server,
# instead of running them directly in the same process.
#doveadm_worker_count = 0
# UNIX socket or host:port used for connecting to doveadm server
#doveadm_socket_path = doveadm-server

# Space separated list of environment variables that are preserved on Dovecot
# startup and passed down to all of its child processes. You can also give
# key=value pairs to always set specific settings.
#import_environment = TZ

##
## Dictionary server settings
##

# Dictionary can be used to store key=value lists. This is used by several
# plugins. The dictionary can be accessed either directly or though a
# dictionary server. The following dict block maps dictionary names to URIs
# when the server is used. These can then be referenced using URIs in format
# "proxy::<name>".

dict {
  #quota = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext
  #expire = sqlite:/etc/dovecot/dovecot-dict-sql.conf.ext
}

# Most of the actual configuration gets included below. The filenames are
# first sorted by their ASCII value and parsed in that order. The 00-prefixes
# in filenames are intended to make it easier to understand the ordering.
!include conf.d/*.conf

# A config file can also tried to be included without giving an error if
# it's not found:
!include_try local.conf
```


----------



## Till (22. Jan. 2016)

Das ist keine Datei von ISPConfig. Entweder ispconfig ist noch nicht installiert oder Du hast dovecot reinstalliert nach der ispconfig Installation.

Führe mal aus:

cd /tmp
wget http://www.ispconfig.org/downloads/ISPConfig-3-stable.tar.gz
tar xvfz ISPConfig-3-stable.tar.gz
cd ispconfig3_install/install
php -q update.php

und dann wäjle ja wenn der updater danach fragt ob er die dienste neu konfigurieren soll.


----------



## tarapala (22. Jan. 2016)

hab ich gemacht hab allerdings immer noch probleme mit dem smtp 
emailprotokoll:

```
Jan 22 15:39:05 server1 amavis[21770]: Module MIME::Parser 5.505
Jan 22 15:39:05 server1 amavis[21770]: Module MIME::Tools 5.505
Jan 22 15:39:05 server1 amavis[21770]: Module Mail::DKIM::Verifier 0.4
Jan 22 15:39:05 server1 amavis[21770]: Module Mail::Header 2.13
Jan 22 15:39:05 server1 amavis[21770]: Module Mail::Internet 2.13
Jan 22 15:39:05 server1 amavis[21770]: Module Mail::SPF v2.009
Jan 22 15:39:05 server1 amavis[21770]: Module Mail::SpamAssassin 3.004000
Jan 22 15:39:05 server1 amavis[21770]: Module Net::DNS 0.81
Jan 22 15:39:05 server1 amavis[21770]: Module Net::LibIDN 0.12
Jan 22 15:39:05 server1 amavis[21770]: Module Net::Server 2.008
Jan 22 15:39:05 server1 amavis[21770]: Module NetAddr::IP 4.075
Jan 22 15:39:05 server1 amavis[21770]: Module Scalar::Util 1.38
Jan 22 15:39:05 server1 amavis[21770]: Module Socket 2.013
Jan 22 15:39:05 server1 amavis[21770]: Module Socket6 0.25
Jan 22 15:39:05 server1 amavis[21770]: Module Time::HiRes 1.9726
Jan 22 15:39:05 server1 amavis[21770]: Module URI 1.64
Jan 22 15:39:05 server1 amavis[21770]: Module Unix::Syslog 1.1
Jan 22 15:39:05 server1 amavis[21770]: Amavis::ZMQ code NOT loaded
Jan 22 15:39:05 server1 amavis[21770]: Amavis::DB code loaded
Jan 22 15:39:05 server1 amavis[21770]: SQL base code loaded
Jan 22 15:39:05 server1 amavis[21770]: SQL::Log code NOT loaded
Jan 22 15:39:05 server1 amavis[21770]: SQL::Quarantine NOT loaded
Jan 22 15:39:05 server1 amavis[21770]: Lookup::SQL code loaded
Jan 22 15:39:05 server1 amavis[21770]: Lookup::LDAP code NOT loaded
Jan 22 15:39:05 server1 amavis[21770]: AM.PDP-in proto code loaded
Jan 22 15:39:05 server1 amavis[21770]: SMTP-in proto code loaded
Jan 22 15:39:05 server1 amavis[21770]: Courier proto code NOT loaded
Jan 22 15:39:05 server1 amavis[21770]: SMTP-out proto code loaded
Jan 22 15:39:05 server1 amavis[21770]: Pipe-out proto code NOT loaded
Jan 22 15:39:05 server1 amavis[21770]: BSMTP-out proto code NOT loaded
Jan 22 15:39:05 server1 amavis[21770]: Local-out proto code loaded
Jan 22 15:39:05 server1 amavis[21770]: OS_Fingerprint code NOT loaded
Jan 22 15:39:05 server1 amavis[21770]: ANTI-VIRUS code loaded
Jan 22 15:39:05 server1 amavis[21770]: ANTI-SPAM code loaded
Jan 22 15:39:05 server1 amavis[21770]: ANTI-SPAM-EXT code NOT loaded
Jan 22 15:39:05 server1 amavis[21770]: ANTI-SPAM-C code NOT loaded
Jan 22 15:39:05 server1 amavis[21770]: ANTI-SPAM-SA code loaded
Jan 22 15:39:05 server1 amavis[21770]: Unpackers code loaded
Jan 22 15:39:05 server1 amavis[21770]: DKIM code NOT loaded
Jan 22 15:39:05 server1 amavis[21770]: Tools code NOT loaded
Jan 22 15:39:05 server1 amavis[21770]: Found $file at /usr/bin/file
Jan 22 15:39:05 server1 amavis[21770]: Found $altermime at /usr/bin/altermime
Jan 22 15:39:05 server1 amavis[21770]: Internal decoder for .mail
Jan 22 15:39:05 server1 amavis[21770]: Found decoder for .Z at /bin/uncompress
Jan 22 15:39:05 server1 amavis[21770]: Found decoder for .gz at /bin/gzip -d
Jan 22 15:39:05 server1 amavis[21770]: Found decoder for .bz2 at /bin/bzip2 -d
Jan 22 15:39:05 server1 amavis[21770]: Found decoder for .xz at /usr/bin/xz -dc
Jan 22 15:39:05 server1 amavis[21770]: Found decoder for .lzma at /usr/bin/xz -dc --format=lzma
Jan 22 15:39:05 server1 amavis[21770]: No ext program for .lrz, tried: lrzip -q -k -d -o -, lrzcat -q -k
Jan 22 15:39:05 server1 amavis[21770]: Found decoder for .lzo at /usr/bin/lzop -d
Jan 22 15:39:05 server1 amavis[21770]: No ext program for .lz4, tried: lz4c -d
Jan 22 15:39:05 server1 amavis[21770]: No ext program for .rpm, tried: rpm2cpio.pl, rpm2cpio
Jan 22 15:39:05 server1 amavis[21770]: Found decoder for .cpio at /bin/pax
Jan 22 15:39:05 server1 amavis[21770]: Found decoder for .tar at /bin/pax
Jan 22 15:39:05 server1 amavis[21770]: Found decoder for .deb at /usr/bin/ar
Jan 22 15:39:05 server1 amavis[21770]: No ext program for .rar, tried: unrar-free
Jan 22 15:39:05 server1 amavis[21770]: Found decoder for .arj at /usr/bin/arj
Jan 22 15:39:05 server1 amavis[21770]: Found decoder for .arc at /usr/bin/nomarch
Jan 22 15:39:05 server1 amavis[21770]: Found decoder for .zoo at /usr/bin/zoo
Jan 22 15:39:05 server1 amavis[21770]: Found decoder for .doc at /usr/bin/ripole
Jan 22 15:39:05 server1 amavis[21770]: Found decoder for .cab at /usr/bin/cabextract
Jan 22 15:39:05 server1 amavis[21770]: Internal decoder for .tnef
Jan 22 15:39:05 server1 amavis[21770]: No ext program for .zip, tried: 7za, 7z
Jan 22 15:39:05 server1 amavis[21770]: No ext program for .kmz, tried: 7za, 7z
Jan 22 15:39:05 server1 amavis[21770]: Internal decoder for .zip
Jan 22 15:39:05 server1 amavis[21770]: Internal decoder for .kmz
Jan 22 15:39:05 server1 amavis[21770]: No ext program for .7z, tried: 7zr, 7za, 7z
Jan 22 15:39:05 server1 amavis[21770]: No ext program for .jar, tried: 7z
Jan 22 15:39:05 server1 amavis[21770]: No ext program for .rar, tried: 7z
Jan 22 15:39:05 server1 amavis[21770]: No ext program for .swf, tried: 7z
Jan 22 15:39:05 server1 amavis[21770]: No ext program for .lha, tried: 7z
Jan 22 15:39:05 server1 amavis[21770]: No ext program for .iso, tried: 7z
Jan 22 15:39:05 server1 amavis[21770]: No ext program for .rpm, tried: 7z
Jan 22 15:39:05 server1 amavis[21770]: Found decoder for .exe at /usr/bin/arj
Jan 22 15:39:05 server1 amavis[21770]: No decoder for .7z
Jan 22 15:39:05 server1 amavis[21770]: No decoder for .F
Jan 22 15:39:05 server1 amavis[21770]: No decoder for .iso
Jan 22 15:39:05 server1 amavis[21770]: No decoder for .jar
Jan 22 15:39:05 server1 amavis[21770]: No decoder for .lha
Jan 22 15:39:05 server1 amavis[21770]: No decoder for .lrz
Jan 22 15:39:05 server1 amavis[21770]: No decoder for .lz4
Jan 22 15:39:05 server1 amavis[21770]: No decoder for .rar
Jan 22 15:39:05 server1 amavis[21770]: No decoder for .rpm
Jan 22 15:39:05 server1 amavis[21770]: No decoder for .swf
Jan 22 15:39:05 server1 amavis[21770]: Using primary internal av scanner code for ClamAV-clamd
Jan 22 15:39:05 server1 amavis[21770]: Found secondary av scanner ClamAV-clamscan at /usr/bin/clamscan
Jan 22 15:39:05 server1 amavis[21770]: Deleting db files __db.003,snmp.db,__db.001,nanny.db,__db.002 in /var/lib/amavis/db
Jan 22 15:39:05 server1 amavis[21770]: Creating db in /var/lib/amavis/db/; BerkeleyDB 0.54, libdb 5.3
Jan 22 15:39:06 server1 dovecot: master: Warning: Killed with signal 15 (by pid=1 uid=0 code=kill)
Jan 22 15:39:06 server1 dovecot: anvil: Warning: Killed with signal 15 (by pid=1 uid=0 code=kill)
Jan 22 15:39:06 server1 dovecot: log: Warning: Killed with signal 15 (by pid=1 uid=0 code=kill)
Jan 22 15:39:06 server1 dovecot: config: Warning: Killed with signal 15 (by pid=1 uid=0 code=kill)
Jan 22 15:39:06 server1 dovecot: master: Dovecot v2.2.13 starting up for imap, pop3 (core dumps disabled)
Jan 22 15:39:19 server1 dovecot: imap-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=95.222.30.85, lip=85.25.150.4, TLS: SSL_read() failed: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca: SSL alert number 48, session=<wgs5L+0pLQBf3h5V>
Jan 22 15:39:47 server1 postfix/smtpd[21944]: connect from aftr-95-222-30-85.unity-media.net[95.222.30.85]
Jan 22 15:39:50 server1 postfix/smtpd[21944]: disconnect from aftr-95-222-30-85.unity-media.net[95.222.30.85]
Jan 22 15:40:02 server1 postfix/smtpd[21944]: connect from localhost[127.0.0.1]
Jan 22 15:40:02 server1 postfix/smtpd[21944]: lost connection after CONNECT from localhost[127.0.0.1]
Jan 22 15:40:02 server1 postfix/smtpd[21944]: disconnect from localhost[127.0.0.1]
Jan 22 15:40:02 server1 dovecot: pop3-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=127.0.0.1, lip=127.0.0.1, secured, session=<g8a9Me0pFwB/AAAB>
```
email warn :

```
Jan 22 13:44:41 server1 postfix/smtpd[17187]: warning: hostname iweb.com does not resolve to address 104.233.84.250
Jan 22 13:44:41 server1 postfix/smtpd[17187]: warning: unknown[104.233.84.250]: SASL LOGIN authentication failed: Invalid authentication mechanism
Jan 22 15:27:40 server1 postfix/smtpd[20092]: warning: TLS library problem: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca:s3_pkt.c:1294:SSL alert number 48:
Jan 22 15:39:06 server1 dovecot: master: Warning: Killed with signal 15 (by pid=1 uid=0 code=kill)
Jan 22 15:39:06 server1 dovecot: anvil: Warning: Killed with signal 15 (by pid=1 uid=0 code=kill)
Jan 22 15:39:06 server1 dovecot: log: Warning: Killed with signal 15 (by pid=1 uid=0 code=kill)
Jan 22 15:39:06 server1 dovecot: config: Warning: Killed with signal 15 (by pid=1 uid=0 code=kill)
```
email fehler :

```
Jan 20 19:42:18 server1 postfix/smtpd[3052]: fatal: no SASL authentication mechanisms
Jan 21 13:18:32 server1 dovecot: master: Error: systemd listens on port 993, but it's not configured in Dovecot. Closing.
Jan 21 13:18:32 server1 dovecot: master: Error: systemd listens on port 993, but it's not configured in Dovecot. Closing.
```
leider verstehe ich die hälfte der fehlermeldungen nicht


----------



## tarapala (22. Jan. 2016)

hab auch das ssl cerfi neu erstellen lassen incl permission etc


----------



## tarapala (22. Jan. 2016)

Zeitstempel: 22.01.2016 15:38:57
Fehler: mail.meinserver.eu:143 verwendet ein ungültiges Sicherheitszertifikat.

Dem Zertifikat wird nicht vertraut, weil es vom Aussteller selbst signiert wurde.
Es wurden keine Server-Namen gefunden, für die dieses Zertifikat gültig ist.

(Fehlercode: sec_error_unknown_issuer)
anmerkung cerfi hab ich jedesmal bestätigt und die versendete mail kann er auch nicht in gesendet speichgern. wenn ich über squirremail mich einloggen will sagt er unknown user or password


----------



## Till (22. Jan. 2016)

Hast Du bei squirrelmail auch wirklich die vollständige emailadresse als name angegeben? Der Username eines mail users ist immer die komplette mail adresse. Zum ssl cert fehler, der ist ok, ist ja ein selbstsigniertes ssl cert, musst Du nur akzeptieren.


----------



## tarapala (22. Jan. 2016)

ja immer name@server.domaine
das ding is ich hab das cerfi akzeptiert, wie kann ich das den imnachinein akzeptieren? bzw wie bekomme ich ein gültiges ssl cerfi?

update: login in squirremail geht nach dem ispconfig update. er zeigt m,ir auch die mails an die ich intern verschicke.

wenn ich an mein msn konto eine mail verschicken will sagt er 

```
Message not sent. Server replied:

    Requested action not taken: mailbox unavailable
    550 5.1.1 <xxx@msn.com>: Recipient address rejected: msn.com
```


----------



## Till (22. Jan. 2016)

Steht Dein server in nem rechenzentrum?


----------



## tarapala (22. Jan. 2016)

ja von server4you
der emailempfang geht auf jedenfall jetzt <3 also wenn ich von meiner msn adresse an mein server schicke kommt es an

systemlog :

```
Jan 22 16:24:00 server1 named[21911]: client 104.44.223.52#7773 (ns1.bizhost.biz): query (cache) 'ns1.bizhost.biz/A/IN' denied
Jan 22 16:24:00 server1 named[21911]: client 104.44.223.53#13646 (ns2.bizhost.biz): query (cache) 'ns2.bizhost.biz/A/IN' denied
Jan 22 16:24:00 server1 named[21911]: client 104.44.223.52#54221 (mod.az): query (cache) 'mod.az/A/IN' denied
Jan 22 16:24:01 server1 CRON[23270]: (root) CMD (/usr/local/ispconfig/server/server.sh 2>&1 > /dev/null | while read line; do echo `/bin/date` "$line" >> /var/log/ispconfig/cron.log; done)
Jan 22 16:24:20 server1 dovecot: imap-login: Login: user=<name@myserver.eu>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=23280, secured, session=<XR440O0pbAB/AAAB>
Jan 22 16:24:20 server1 dovecot: imap(tara@bad-timing.eu): Disconnected: Logged out in=79 out=742
Jan 22 16:24:22 server1 dovecot: imap-login: Login: user=<name@myserver.eu>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=23282, secured, session=<5u1L0O0pbQB/AAAB>
Jan 22 16:24:22 server1 dovecot: imap(name@myserver.eu): Disconnected: Logged out in=79 out=742
Jan 22 16:24:22 server1 dovecot: imap-login: Login: user=<name@myserver.eu>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=23284, secured, session=<AexX0O0pbgB/AAAB>
Jan 22 16:24:22 server1 dovecot: imap(name@myserver.eu): Disconnected: Logged out in=292 out=1895
Jan 22 16:24:25 server1 dovecot: imap-login: Login: user=<name@myserver.eu>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=23286, secured, session=<u7h70O0pbwB/AAAB>
Jan 22 16:24:25 server1 dovecot: imap(name@myserver.eu): Disconnected: Logged out in=79 out=742
Jan 22 16:24:26 server1 dovecot: imap-login: Login: user=<name@myserver.eu>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=23288, secured, session=<Sp2J0O0pcAB/AAAB>
Jan 22 16:24:26 server1 dovecot: imap(name@myserver.eu): Disconnected: Logged out in=79 out=742
Jan 22 16:25:01 server1 CRON[23291]: (root) CMD (/usr/local/ispconfig/server/server.sh 2>&1 > /dev/null | while read line; do echo `/bin/date` "$line" >> /var/log/ispconfig/cron.log; done)
Jan 22 16:25:01 server1 CRON[23292]: (getmail) CMD (/usr/local/bin/run-getmail.sh > /dev/null 2>> /dev/null)
Jan 22 16:25:02 server1 pure-ftpd: (?@127.0.0.1) [INFO] New connection from 127.0.0.1
Jan 22 16:25:02 server1 pure-ftpd: (?@127.0.0.1) [INFO] Logout.
Jan 22 16:25:02 server1 dovecot: pop3-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=127.0.0.1, lip=127.0.0.1, secured, session=<arKt0u0pOgB/AAAB>
Jan 22 16:25:02 server1 dovecot: imap-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=127.0.0.1, lip=127.0.0.1, secured, session=<L7Ot0u0pdQB/AAAB>
```
liegt es vlt am nameserver?


----------



## tarapala (23. Jan. 2016)

das versenden via smtp leider noch nicht. Ich hab den ersten build der soweit funktioniert


----------



## tarapala (23. Jan. 2016)

ich hab mal in der /etc/postfix/main.cf mal 
	
	



```
smtpd_tls_loglevel = 3
```
aktieviert und bekommen folgenden log raus:

Emailprotokoll ISP:

```
Jan 23 15:54:57 server1 postfix/smtpd[8145]: SSL_accept:unknown state
Jan 23 15:54:57 server1 postfix/smtpd[8145]: read from 7F90592EA8C0 [7F90592F09A3] (5 bytes => 5 (0x5))
Jan 23 15:54:57 server1 postfix/smtpd[8145]: 0000 16 03 03 00 46 ....F
Jan 23 15:54:57 server1 postfix/smtpd[8145]: read from 7F90592EA8C0 [7F90592F09A8] (70 bytes => 70 (0x46))
Jan 23 15:54:57 server1 postfix/smtpd[8145]: 0000 10 00 00 42 41 04 a5 fd|01 61 11 99 c9 ba 32 0f ...BA... .a....2.
Jan 23 15:54:57 server1 postfix/smtpd[8145]: 0010 93 06 89 fc 44 8e 1e 14|4b 58 22 20 74 4c 46 8a ....D... KX" tLF.
Jan 23 15:54:57 server1 postfix/smtpd[8145]: 0020 84 4d 58 98 a1 5a 80 44|22 e0 be af 81 79 99 60 .MX..Z.D "....y.`
Jan 23 15:54:57 server1 postfix/smtpd[8145]: 0030 46 47 37 e5 be af f5 45|e5 85 06 0e af 10 5e 71 FG7....E ......^q
Jan 23 15:54:57 server1 postfix/smtpd[8145]: 0040 5b 98 ed 5f a1 7a [.._.z
Jan 23 15:54:57 server1 postfix/smtpd[8145]: SSL_accept:unknown state
Jan 23 15:54:57 server1 postfix/smtpd[8145]: read from 7F90592EA8C0 [7F90592F09A3] (5 bytes => 5 (0x5))
Jan 23 15:54:57 server1 postfix/smtpd[8145]: 0000 14 03 03 00 01 .....
Jan 23 15:54:57 server1 postfix/smtpd[8145]: read from 7F90592EA8C0 [7F90592F09A8] (1 bytes => 1 (0x1))
Jan 23 15:54:57 server1 postfix/smtpd[8145]: 0000 01 .
Jan 23 15:54:57 server1 postfix/smtpd[8145]: read from 7F90592EA8C0 [7F90592F09A3] (5 bytes => 5 (0x5))
Jan 23 15:54:57 server1 postfix/smtpd[8145]: 0000 16 03 03 00 28 ....(
Jan 23 15:54:57 server1 postfix/smtpd[8145]: read from 7F90592EA8C0 [7F90592F09A8] (40 bytes => 40 (0x28))
Jan 23 15:54:57 server1 postfix/smtpd[8145]: 0000 00 00 00 00 00 00 00 00|e1 2a e7 02 72 e2 c1 51 ........ .*..r..Q
Jan 23 15:54:57 server1 postfix/smtpd[8145]: 0010 49 bd f3 a6 d4 7d a1 37|8a 85 d2 ee 0e 3e 14 f7 I....}.7 .....>..
Jan 23 15:54:57 server1 postfix/smtpd[8145]: 0020 b2 c8 ea 91 3f f0 db 67| ....?..g
Jan 23 15:54:57 server1 postfix/smtpd[8145]: SSL_accept:unknown state
Jan 23 15:54:57 server1 postfix/smtpd[8145]: url/ip]: Issuing session ticket, key expiration: 1453562696
Jan 23 15:54:57 server1 postfix/smtpd[8145]: SSL_accept:unknown state
Jan 23 15:54:57 server1 postfix/smtpd[8145]: SSL_accept:unknown state
Jan 23 15:54:57 server1 postfix/smtpd[8145]: SSL_accept:unknown state
Jan 23 15:54:57 server1 postfix/smtpd[8145]: write to 7F90592EA8C0 [7F90592FE360] (258 bytes => 258 (0x102))

Jan 23 15:54:57 server1 postfix/smtpd[8145]: SSL_accept:unknown state
Jan 23 15:54:57 server1 postfix/smtpd[8145]: Anonymous TLS connection established from url/ip]: TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)
Jan 23 15:54:58 server1 postfix/smtpd[8145]: NOQUEUE: reject: RCPT from url/ip]: 550 5.1.1 <xxr@xx.com>: Recipient address rejected: msn.com; from=<xx@xx.eu> to=<xx@xx.com> proto=ESMTP helo=<[192.168.178.20]>
Jan 23 15:54:59 server1 postfix/smtpd[8145]: disconnect from url/ip]
Jan 23 15:55:01 server1 postfix/smtpd[8145]: connect from localhost[127.0.0.1]
Jan 23 15:55:01 server1 postfix/smtpd[8145]: lost connection after CONNECT from localhost[127.0.0.1]
Jan 23 15:55:01 server1 postfix/smtpd[8145]: disconnect from localhost[127.0.0.1]
```

die Cerfi stellen hab ich nicht kopiert.
mfg


----------



## florian030 (23. Jan. 2016)

Recipient address rejected: msn.com - das ist ja nun nicht sonderlich überraschend. Komplett siehet die Adresse nicht aus. Anonymisierte Logs sind extrem kontraprodukiv. 
Hast Du Deine IP sonst mal auf Blacklisten getestet?
Du kannst auch mal mit dpkg-reconfigure postfix ggf. Postfix (nochmal) auf internet site setzen.
Sonst poste mal Dein main.cf und master.cf.


----------



## tarapala (24. Jan. 2016)

```
dpkg-reconfigure postfix
```
hat das problem gelöst. vielen dank jetzt funktioniert auch der emailversand (smtp)
lg


----------

