MRatWork Forum by Mustafa Ramadhan
Sawo Project - Kloxo-MR Discussions => Kloxo-MR Technical Helps => Topic started by: jtaco263 on 2016-03-30, 00:40:23
-
(http://i.imgur.com/eWvcZA9.png)
even gmail said it doesnt support smtp ssl connection but its rare because imap and pop3 are working with ssl
but its rare i tried using tls on port 25 and it work great but tls on port 465 and 587 have an error
-
Investigate /var/qmail/supervise/smtp/run, /var/qmail/supervise/smtp-ssl/run and /var/qmail/supervise/submission/run files.
-
Investigate /var/qmail/supervise/smtp/run, /var/qmail/supervise/smtp-ssl/run and /var/qmail/supervise/submission/run files.
/var/qmail/supervise/smtp/run:
#!/bin/sh
QMAILDUID=$(id -u qmaild)
NOFILESGID=$(id -g qmaild)
MAXSMTPD=$(cat /var/qmail/control/concurrencyincoming)
SMTPD="/var/qmail/bin/qmail-smtpd"
TCP_CDB="/etc/tcprules.d/tcp.smtp.cdb"
if [ -f /var/qmail/control/hostname ] ; then
HOSTNAME=$(cat /var/qmail/control/hostname)
else
HOSTNAME=$(hostname)
fi
VCHKPW="/home/vpopmail/bin/vchkpw"
if [ -f /var/qmail/control/norecordio ] ; then
RECORDIO=""
else
RECORDIO="/usr/bin/recordio"
fi
#BLACKLIST=`cat /var/qmail/control/blacklists`
#RBLSMTPD="/usr/bin/rblsmtpd"
if [ -f /var/qmail/control/spamdyke ] ; then
### MR -- content of SPAMDYKE is '/usr/bin/spamdyke -f /etc/spamdyke.conf'
VAR1=$(cat /var/qmail/control/spamdyke)
VAR2=" --tls-level=smtp-no-passthrough"
### MR -- special for smtp tls
SPAMDYKE=$VAR1$VAR2
else
SPAMDYKE=""
if [ -f /var/qmail/control/rblsmtpd ] ; then
### MR -- content of RBLSMTPD is '/usr/bin/rblsmtpd'
RBLSMTPD=$(cat /var/qmail/control/rblsmtpd)
BLACKLIST=$(cat /var/qmail/control/blacklists)
else
RBLSMTPD=""
BLACKLIST=""
fi
fi
if [ -f /var/qmail/control/softlimit ] ; then
### MR -- softlimit file must content with '/usr/bin/softlimit -m SOFTLIMITVAR'
### where SOFTLIMITVAR is 72000000 for 64bit and 18000000
### Note: incresing SOFTLIMITVAR if not enough (example: because 'login fail')
SOFTLIMIT=$(cat /var/qmail/control/softlimit)
else
SOFTLIMIT=""
fi
IP=0
PORT=25
### MR -- SSL must using SMTPS=1 and SSL=1 but non-SSL only SSL=0 (without SMTPS=0)
export SMTPAUTH="!" \
SSL=0 \
REQUIRE_AUTH=0 \
FORCE_TLS=0 \
DENY_TLS=0 \
AUTH=1 \
REQUIRE_AUTH=0 \
ALLOW_INSECURE_AUTH=1
### MR -- spamhaus.org recommended for not using $RBLSMTPD $BLACKLIST entry before $SMTPD
exec $SOFTLIMIT \
/usr/bin/tcpserver -v -R -H -l $HOSTNAME -x $TCP_CDB -c "$MAXSMTPD" \
-u "$QMAILDUID" -g "$NOFILESGID" $IP $PORT $RECORDIO \
$SPAMDYKE $RBLSMTPD $SMTPD $VCHKPW /bin/true 2>&1
/var/qmail/supervise/smtp-ssl/run:
#!/bin/sh
QMAILDUID=$(id -u qmaild)
NOFILESGID=$(id -g qmaild)
MAXSMTPD=$(cat /var/qmail/control/concurrencyincoming)
SMTPD="/var/qmail/bin/qmail-smtpd"
TCP_CDB="/etc/tcprules.d/tcp.smtp.cdb"
if [ -f /var/qmail/control/hostname ] ; then
HOSTNAME=$(cat /var/qmail/control/hostname)
else
HOSTNAME=$(hostname)
fi
VCHKPW="/home/vpopmail/bin/vchkpw"
if [ -f /var/qmail/control/norecordio ] ; then
RECORDIO=""
else
RECORDIO="/usr/bin/recordio"
fi
#BLACKLIST=`cat /var/qmail/control/blacklists`
#RBLSMTPD="/usr/bin/rblsmtpd"
if [ -f /var/qmail/control/spamdyke ] ; then
### MR -- content of SPAMDYKE is '/usr/bin/spamdyke -f /etc/spamdyke.conf'
VAR1=$(cat /var/qmail/control/spamdyke)
VAR2=" --tls-level=smtps --tls-certificate-file=/var/qmail/control/servercert.pem"
### MR -- special for smtp-ssl
SPAMDYKE=$VAR1$VAR2
else
SPAMDYKE=""
if [ -f /var/qmail/control/rblsmtpd ] ; then
### MR -- content of RBLSMTPD is '/usr/bin/rblsmtpd'
RBLSMTPD=$(cat /var/qmail/control/rblsmtpd)
BLACKLIST=$(cat /var/qmail/control/blacklists)
else
RBLSMTPD=""
BLACKLIST=""
fi
fi
if [ -f /var/qmail/control/softlimit ] ; then
### MR -- softlimit file must content with '/usr/bin/softlimit -m SOFTLIMITVAR'
### where SOFTLIMITVAR is 72000000 for 64bit and 18000000
### Note: incresing SOFTLIMITVAR if not enough (example: because 'login fail')
SOFTLIMIT=$(cat /var/qmail/control/softlimit)
else
SOFTLIMIT=""
fi
IP=0
PORT=465
### MR -- SSL must using SMTPS=1 and SSL=1 but non-SSL only SSL=0 (without SMTPS=0);
### remove SMTPS=1 and change to REQUIRE_AUTH=1
export SMTPAUTH="!" \
SSL=1 \
REQUIRE_AUTH=0 \
FORCE_TLS=0 \
DENY_TLS=0 \
AUTH=1 \
REQUIRE_AUTH=1 \
ALLOW_INSECURE_AUTH=0
### MR -- spamhaus.org recommended for not using $RBLSMTPD $BLACKLIST entry before $SMTPD
exec $SOFTLIMIT \
/usr/bin/tcpserver -v -R -H -l $HOSTNAME -x $TCP_CDB -c "$MAXSMTPD" \
-u "$QMAILDUID" -g "$NOFILESGID" $IP $PORT $RECORDIO \
$SPAMDYKE $RBLSMTPD $SMTPD $VCHKPW /bin/true 2>&1
/var/qmail/supervise/submission/run:
#!/bin/sh
QMAILDUID=$(id -u qmaild)
NOFILESGID=$(id -g qmaild)
MAXSMTPD=$(cat /var/qmail/control/concurrencyincoming)
SMTPD="/var/qmail/bin/qmail-smtpd"
TCP_CDB="/etc/tcprules.d/tcp.smtp.cdb"
if [ -f /var/qmail/control/hostname ] ; then
HOSTNAME=$(cat /var/qmail/control/hostname)
else
HOSTNAME=$(hostname)
fi
VCHKPW="/home/vpopmail/bin/vchkpw"
if [ -f /var/qmail/control/norecordio ] ; then
RECORDIO=""
else
RECORDIO="/usr/bin/recordio"
fi
#BLACKLIST=`cat /var/qmail/control/blacklists`
#RBLSMTPD="/usr/bin/rblsmtpd"
if [ -f /var/qmail/control/spamdyke ] ; then
### MR -- content of SPAMDYKE is '/usr/bin/spamdyke -f /etc/spamdyke.conf'
VAR1=$(cat /var/qmail/control/spamdyke)
VAR2=" --tls-level=smtp-no-passthrough"
### MR -- special for smtp tls
SPAMDYKE=$VAR1$VAR2
else
SPAMDYKE=""
if [ -f /var/qmail/control/rblsmtpd ] ; then
### MR -- content of RBLSMTPD is '/usr/bin/rblsmtpd'
RBLSMTPD=$(cat /var/qmail/control/rblsmtpd)
BLACKLIST=$(cat /var/qmail/control/blacklists)
else
RBLSMTPD=""
BLACKLIST=""
fi
fi
if [ -f /var/qmail/control/softlimit ] ; then
### MR -- softlimit file must content with '/usr/bin/softlimit -m SOFTLIMITVAR'
### where SOFTLIMITVAR is 72000000 for 64bit and 18000000
### Note: incresing SOFTLIMITVAR if not enough (example: because 'login fail')
SOFTLIMIT=$(cat /var/qmail/control/softlimit)
else
SOFTLIMIT=""
fi
IP=0
PORT=587
### MR -- SSL must using SMTPS=1 and SSL=1 but non-SSL only SSL=0 (without SMTPS=0)
export SMTPAUTH="!" \
SSL=0 \
REQUIRE_AUTH=0 \
FORCE_TLS=1 \
DENY_TLS=0 \
AUTH=1 \
REQUIRE_AUTH=0 \
ALLOW_INSECURE_AUTH=0
### MR -- spamhaus.org recommended for not using $RBLSMTPD $BLACKLIST entry before $SMTPD
exec $SOFTLIMIT \
/usr/bin/tcpserver -v -R -H -l $HOSTNAME -x $TCP_CDB -c "$MAXSMTPD" \
-u "$QMAILDUID" -g "$NOFILESGID" $IP $PORT $RECORDIO \
$SPAMDYKE $RBLSMTPD $SMTPD $VCHKPW /bin/true 2>&1
-
@mratwork ? pls help
Investigate /var/qmail/supervise/smtp/run, /var/qmail/supervise/smtp-ssl/run and /var/qmail/supervise/submission/run files.
-
thanks mustafa >:(
-
Hi,
Check if smtp-ssl is running...
ps aux | grep smtp | grep 465
If not check, if the servercert.pem its OK!
-
Hi,
Check if smtp-ssl is running...
ps aux | grep smtp | grep 465
If not check, if the servercert.pem its OK!
thanks 4 the reply
is running or not?
qmaild 4270 0.0 0.0 1908 352 ? S Mar30 0:00 /usr/bin/tcpserver -v -R -H -l sv1.dattasolutions.com.mx -x /etc/tcprules.d/tcp.smtp.cdb -c 100 -u 7791 -g 2108 0 465 /usr/bin/recordio /var/qmail/bin/qmail-smtpd /home/vpopmail/bin/vchkpw /bin/true
and how do i check if servercert.pem its ok and where is located?
thanks 4 your help
-
My smtp have the cert...
qmaild 20113 0.0 0.0 4020 408 ? S Mar31 0:00 /usr/bin/tcpserver -v -R -H -l my.domain.net -x /etc/tcprules.d/tcp.smtp.cdb -c 100 -u 7791 -g 2108 0 465 /usr/bin/spamdyke -f /etc/spamdyke.conf --tls-level=smtps --tls-certificate-file=/var/qmail/control/servercert.pem /var/qmail/bin/qmail-smtpd /home/vpopmail/bin/vchkpw /bin/true
As you see i have the --tls-certificate-file that you dont have.
The file is located at /var/qmail/control/servercert.pem.
If you dont have your SSL connection will not work!
I attach the default servercert.pem
-
Did you enable spamdyke in 'server mail settings'?
-
Did you enable spamdyke in 'server mail settings'?
i did it but i disable it becuse no mails werre going out or in
-
So, what's 'my name' setting in 'server mail setttings'?.
-
So, what's 'my name' setting in 'server mail setttings'?.
smtp.mydomain.tld is that right or just a name like john doe?
-
So, what's 'my name' setting in 'server mail setttings'?.
smtp.mydomain.tld is that right or just a name like john doe?
Qmail defaultdomain and defaulthost use this 'my name'. So, use 'primary domain' for this 'my name'.