Re: [qmailtoaster] STARTTLS on CENT-6.9

2017-06-22 Thread ag 
Hi Eric,
Hi Jaime,

thanks for your suggestions.
I tested if the file was there, if it is a valid certificate, I have a
script to create the file on renewals, all that is done.
What I have unusual is: My certfile is a link.
When testing the certificate by:
openssl x509 -noout -in /var/qmail/control/servercert.pem -dates
and get:
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:05:e5:90:e9:e7:50:85:52:24:f8:10:3a:29:c7:24:bb:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, O=Let's Encrypt, CN=Let's Encrypt Authority X3
Validity
Not Before: Jun 12 21:01:00 2017 GMT
Not After : Sep 10 21:01:00 2017 GMT
~~~

The certificate is there, is valid.
I copied the servercert.pem to /var/qmail/control/ now, restartet qmail
and tested, now it works with STARTTLS

Must have been an issue with owner and/or rights.

Thanks a lot for pointing me in the correct direction.
I am always very happy to see how quick problems can be solved on this list-

Once again, many thanks

Andreas




> Just throwing a +1 for Eric asking about the servercert.pem file. You have
> to copy the Let's Encrypt cert over to there (and also have it copy it
> over
> each time the cert is renewed, approximately every 90 days). I have some
> shell scripts I'm running weekly to handle making sure the Let'sEncrypt
> cert
> is renewed and the servercert.pem file is updated
>
> From:  Eric Broch 
> Reply-To:  
> Date:  Thursday, June 22, 2017 at 10:17 AM
> To:  
> Subject:  Re: [qmailtoaster] STARTTLS on CENT-6.9
>
>
>
>
> Hi Andreas,
>
>
> I'm not sure if you're a coder, but here's the section of code in
> qmail-smtpd.c that sends STARTTLS upon meeting certain criteria.
>
>
>
> 
>
>
> #ifdef TLS
>if (!ssl && (stat("control/servercert.pem",&st) == 0))
>  out("\r\n250-STARTTLS");
>  #endif
>
>
>
> 
>
>
> Looks like you need 1) TLS defined, 2) ssl variable not 0, and 3) a
> certificate.
>
>
> TLS should be compiled into qmail
>
>
>
> The first thing I'd check is the presence of a certificate
> /var/qmail/control/servercert.pem. If it exists we can start checking the
> ssl variable.
>
>
> Eric
>
>
>
>
>
>
>
> On 6/22/2017 5:13 AM, Andreas Galatis wrote:
>
>
>>
>>
>>
>> Hello List,
>>
>>
>>
>> since some time my qmailserver does not offer STARTTLS on ports 25 and
>> 587
>>
>>
>>
>> Dovecot offers STARTTLS, everything is fine.
>>
>> Qmail does not.
>>
>>
>>
>> I have another qmailserver with on CENT working fine and offering
>> STARTTLS,
>> tlsserverciphers are the same, same openssl- 1.0.1e-57
>>
>> Both servers have certificates from LetsEncrypt, issued this month.
>>
>>
>>
>> I cannot find the difference
>>
>> Here the answer when connecting:
>>
>> telnet localhost 25
>>
>> Trying 127.0.0.1...
>>
>> Connected to localhost.
>>
>> Escape character is '^]'.
>>
>> 220 unet.de - Welcome to Qmail Toaster Ver. 1.3 SMTP Server ESMTP
>>
>> ehlo mail.unet.de
>>
>> 250-unet.de - Welcome to Qmail Toaster Ver. 1.3 SMTP Server
>>
>> 250-STARTTLS
>>
>> 250-PIPELINING
>>
>> 250-8BITMIME
>>
>> 250-SIZE 2000
>>
>> 250 AUTH LOGIN PLAIN CRAM-MD5
>>
>>
>>
>> telnet localhost 25
>>
>> Trying 127.0.0.1...
>>
>> Connected to mail.unet.de.
>>
>> Escape character is '^]'.
>>
>> 220 unet.de - Welcome to Qmail Toaster Ver. 1.3 SMTP Server ESMTP
>>
>> ehlo mail.unet.de
>>
>> 250-unet.de - Welcome to Qmail Toaster Ver. 1.3 SMTP Server
>>
>> 250-PIPELINING
>>
>> 250-8BITMIME
>>
>> 250-SIZE 2000
>>
>> 250 AUTH LOGIN PLAIN CRAM-MD5
>>
>>
>>
>> Any help is very  appreceated
>>
>>
>>
>> Andreas
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>
>
> --
> Eric Broch
> White Horse Technical Consulting (WHTC)
>
>
>
>


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] Problem with dkim install

2017-02-01 Thread ag 
Hi Fabio,

do you have dknewkey in your path? (on my toaster it is in /usr/bin/,
belongs to libdomainkeys...rpm)

Andreas

> Hi all,
> I've  done a fresh install of QMT on Centos7, everything went smooth
> without any problems.
> But I'm blocked on dkim install, I've followed these instructions :
> https://github.com/qmtoaster/dkim/blob/master/README.md
> but on 7th step "dknewkey /var/qmail/control/dkim/global.key >
> /var/qmail/control/dkim/public.txt" I have a command not found error.
> For sure I'm missing some step but I can't figure out what it is.
>
> Thank for any help
>  Fabio Mecchia
>


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] Squirrel mail Send Problem in Centos 7

2016-08-15 Thread ag 
Hi Rick,

did you configure your webmail server in dovecot
(/etc/dovecot/auth-vpopmail.conf.ext on my servers)?
In SquirrelMails config: Did you set the dovecot-port to submission? If
set to you have to setup authentication, otherwise put in port 144 to
allow sending without username:password

Hope that helps

Iodok
> I installed QT on a standalone server and a Proxmox VM for testing. I am
> looking to move an older QT server running on Centos 5. I used the
> packages from:
>
> ftp://ftp.whitehorsetc.com/pub/repo/qmt/CentOS/7/current/x86_64/1.qmail-centos7-install.README
> .
>
> Everything seems to be working ok. I am able to send email from POP3 and
> IMAP clients. I am receiving mail ok.
>
> The problem I am having is with Squirrel mail. I can sign on and view mail
> ok but when I try to send mail I am getting:
>
>  Message not sent. Server replied:
>  Temporary authentication failure
>  454 oops, problem with child and I can't
> auth (#4.3.0)
>
> I looked thru the archives and have increased the soft limit, uninstalled
> and reinstalled Squirrel mail, restarted Dovecot, rebooted. This is
> occurring on both Centos 7 servers.
>
> Am I missing a setting in Squirrel mail conf? Dovecot? Permissions
> somewhere ?
>
> Thanks in advance,
>
> Rick
>
>
>
>
>
>
>
>
> -
> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
>
>


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] Email security from users

2016-05-12 Thread ag 
Hi Manikandan,

what do you think about appliances for archiving emails?
If you archive all emails, you keep track of all emails received and sent,
have the ability to limit and secure access to the archive...

Iodok

> Hi Friends,
>
> I am running centos 6 with qmailtaoster + dovecot and facing new problems
> with our users.
>
> 1. How can we stop allowing users to permanently delete mails from our
> mail
> client like Purge or Shift delete?
> We are using Squirrelmail,Outlook and thunderbird email client
>
> 2  If any employee sends mail from our company email to their personal
> email we need a mail alert or copy of that email to any particular email.
> Is there any way?
>
>  3. I want to monitor both outbound and Inbound mails of all employees .
> It
> needs to be saved for future reference or verification purpose.
>
> Please help and advise required.
>
>
> --
> *Thanks,*
> *Manikandan.C*
> *System Administrator*
>


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] 26601 seconds or 65 seconds

2007-10-31 Thread ag 
Hi J.
That's just the uptime of the service. Dont worry about that.

Bye
> Friends,
>
> If I do a qmailctl stat   some of the numbers seem High
>
> Here is what i get - should I be concerned
>
> In some of the wiki documentation I see numbers like 65 seconds - I have
> in the 20K of seconds
>
> [EMAIL PROTECTED] ~]# qmailctl stat
>
> authlib: up (pid 13200) 26601 seconds
>
> clamd: up (pid 13192) 26601 seconds
>
> imap4: up (pid 14173) 1 seconds
>
> imap4-ssl: up (pid 14168) 1 seconds
>
> pop3: up (pid 13234) 26601 seconds
>
> pop3-ssl: up (pid 14183) 1 seconds
>
> send: up (pid 14178) 1 seconds
>
> smtp: up (pid 13254) 26600 seconds
>
> spamd: up (pid 13263) 26600 seconds
>
> submission: up (pid 13240) 26601 seconds
>
> authlib/log: up (pid 13212) 26601 seconds
>
> clamd/log: up (pid 13194) 26601 seconds
>
> imap4/log: up (pid 13187) 26601 seconds
>
> imap4-ssl/log: up (pid 13225) 26601 seconds
>
> pop3/log: up (pid 13237) 26601 seconds
>
> pop3-ssl/log: up (pid 13221) 26601 seconds
>
> send/log: up (pid 13180) 26601 seconds
>
> smtp/log: up (pid 13260) 26600 seconds
>
> spamd/log: up (pid 13272) 26600 seconds
>
> submission/log: up (pid 13242) 26600 seconds
>
>
>
> thanks
>
>
>
> j
>



-
 QmailToaster hosted by: VR Hosted 
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]