WORKING QMAIL TOASTER - QMAIL, VPOPMAIL, DOVECOT AND ROUNDCUBE - dovecot

Am on an Amazon AWS EC2 Linux AMI Server. I used "Bill's Linux Qmail Toaster v. 0.9.4" at Bill's Linux Qmail Toaster v. 0.9.4 to install the various software packages there, specifically: daemontools, ucspi-tcp, qmail, vpopmail, dovecot, squirrel mail, autorespond, ezmlm-idx and qmailadmin. Qmail, Vpopmail and Dovecot are all working well, having tested as below...
Testing SMTP using telnet localhost 25 has no errors.
Testing IMAP using telnet localhost 143 has no errors.
Testing POP3 using telnet localhost 110 has no errors.
Question #1
Attempting to use squirrel mail brought the frontend error "ERROR: Connection dropped by IMAP server." which I couldn't figure where to check for error log(s). Someone please help. Where do I check to understand this error and fix it?
Question #2
I installed roundcube after squirrel mail failed. I followed the approach at RoundCube Installation. Attempting to login with roundcube shows no frontend error but does not login either. When I survey the roundcube/config/config.inc.php I find only the following basic settings...
$config = array();
$config['db_dsnw'] = 'mysqli://acc:passwd#localhost/roundcube';
$config['default_host'] = 'localhost';
$config['smtp_server'] = 'localhost';
$config['smtp_port'] = 25;
$config['smtp_user'] = '%u';
$config['smtp_pass'] = '%p';
$config['support_url'] = '';
$config['product_name'] = 'Roundcube Webmail';
$config['des_key'] = 'some_des_key';
$config['plugins'] = array(
'archive',
'zipdownload',
);
$config['skin'] = 'larry';
Are these settings essential for a successful roundcube setup?
Question #3
When I investigate dovecot.conf, which I got after applying the exact steps at Dovecot Installation I see that almost all options and paths are actually commented out, for instance:
base_dir = /var/run/dovecot/
login_dir = /var/run/dovecot/login
login_executable = /usr/local/libexec/dovecot/imap-login
mail_executable = /usr/local/libexec/dovecot/imap
...
login_executable = /usr/local/libexec/dovecot/pop3-login
mail_executable = /usr/local/libexec/dovecot/pop3
auth_socket_path = /var/run/dovecot/auth-master
...
auth_executable = /usr/local/libexec/dovecot/dovecot-auth
...
I haven't tried uncommenting because some like /var/run/dovecot/auth-master do not even seem to exist on my system.
Is this configuration file with such (apparent mistakes) usual and usable?

Related

Heroku SSL connection error unsupported protocol

I have been using Heroku for a while to host my Discord bot. It has been connecting to a MySQL database hosted on ClearDB successfully. However, very recently, whenever I use the bot and it tries to connect to the database, it throws this error:
2026 (HY000): SSL connection error: error:1425F102:SSL routines:ssl_choose_client_version:unsupported protocol
It has been working completely fine until now, and I haven't changed anything. For background, all I did was delete a pipeline and make my app a standalone app without any pipeline. Just in case this helps.
Is this because Heroku has been updated? How can I fix my bot? Let me know if you need any more information.
Any help is appreciated, and Thank You in advance!
EDIT:
Database connection code:
import mysql.connector
def create_conn():
conn = None
try:
conn = mysql.connector.connect(host="HOST",
database="DB",
user="USER",
password="PWD")
except Exception as e:
print(e)
return conn
def execute_query(query, params, fetchall=True):
conn = create_conn()
if conn:
cursor = conn.cursor()
cursor.execute(query % params)
try:
if fetchall:
results = cursor.fetchall()
else:
results = cursor.fetchone()
except:
results = None
conn.commit()
cursor.close()
conn.close()
return results
else:
return False
The database connection used to work, and still works when I run it on my testing machine, a raspberry pi.
EDIT 2:
requirements.txt:
aiohttp==3.6.3
async-timeout==3.0.1
attrs==20.3.0
CacheControl==0.12.6
cachetools==4.2.0
certifi==2020.12.5
cffi==1.14.4
chardet==3.0.4
click==7.1.2
cryptography==3.3.1
cssselect==1.1.0
cssutils==1.0.2
discord==1.0.1
discord-pretty-help==1.2.0
discord.py==1.6.0
emoji==0.6.0
Flask==1.1.2
google-api-core==1.24.1
google-api-python-client==1.12.8
google-auth==1.24.0
google-auth-httplib2==0.0.4
google-cloud-core==1.5.0
google-cloud-firestore==2.0.2
google-cloud-storage==1.35.0
google-crc32c==1.1.0
google-resumable-media==1.2.0
googleapis-common-protos==1.52.0
grpcio==1.34.0
gunicorn==20.0.4
httplib2==0.18.1
idna==2.8
importlib-metadata==3.3.0
itsdangerous==1.1.0
jeepney==0.6.0
Jinja2==2.11.2
keyring==21.8.0
lxml==4.6.2
MarkupSafe==1.1.1
msgpack==1.0.2
multidict==4.7.6
mysql-connector-python==8.0.22
numpy==1.19.4
pandas==1.1.5
premailer==3.7.0
proto-plus==1.13.0
protobuf==3.14.0
pyasn1==0.4.8
pyasn1-modules==0.2.8
pycparser==2.20
python-dateutil==2.8.1
python-dotenv==0.15.0
pytz==2020.4
requests==2.25.1
rsa==4.7
schedule==0.6.0
SecretStorage==3.3.0
six==1.15.0
typing-extensions==3.7.4.3
uritemplate==3.0.1
urllib3==1.26.2
Werkzeug==1.0.1
yagmail==0.14.245
yarl==1.5.1
zipp==3.4.0
Just in case you can turn of ssl by:
conn = mysql.connector.connect(host="HOST",
database="DB",
user="USER",
password="PWD",
ssl_disabled=True)
i'm not quite sure how to do this, but i'm pretty sure you have to disable SSL for it to work, hope this helps.
Clearly, you need to enforce an SSL connection between your app and MySQL.
If you are using ruby stack then follow the given options and your SSL error problem will be solved.
Download the CA, Client, and Private Key files from your ClearDB dashboard and place them in the root of the application’s filesystem.
Make sure you have OpenSSL installed, which you can find here for Unix/Linux/OS X and here for Windows.
*Due to the MySQL client library configuration used on Heroku, you will need to strip the password from the private key file, which can be done like this:
$ openssl rsa -in cleardb_id-key.pem -out cleardb_id-key-no-password.pem
You can now delete the cleardb_id-key.pem and rename cleardb_id-key-no-password.pem to cleardb_id-key.pem, which you will use with your app.
*Set the DATABASE_URL config variable with the value of your modified CLEARDB_DATABASE_URL, like this:
$ heroku config:add DATABASE_URL="mysql2://abc1223:dfk243#us-cdbr-east.cleardb.com/my_heroku_db?
sslca=cleardb-ca-cert.pem&sslcert=cleardb_id-cert.pem&sslkey=cleardb_id-key.pem&reconnect=true"
notice how we added the “reconnect=true” parameters to the end of the URL? This is so that your application will automatically reconnect to ClearDB in the event of a connection timeout.
From here, simply restart your application (if Heroku didn’t already do that for you), and as long as you specified the correct file names and paths to the certificates in your DATABASE_URL, your app will now connect via SSL to ClearDB.

How can i configure the smtp server running for gitlab(omnibus) which running on the same machine

I run the smtp server and gitlab on the same machine, and i am sure the the smtp server which runs the 25 port works because i receive the mail after running the this command --echo "This is the body of the email" | mail -s "This is the subject line" user#example.com. And i configure the gitlab like this in the /etc/gitlab/gitlab.rb
gitlab_rails['smtp_enable'] = true
gitlab_rails['smtp_address'] = "localhost"
gitlab_rails['smtp_port'] = 25
gitlab_rails['smtp_user_name'] = "myRootName"
gitlab_rails['smtp_password'] = "myRootPassword"
#gitlab_rails['smtp_domain'] = "example.com"
gitlab_rails['smtp_authentication'] = "login"
gitlab_rails['smtp_enable_starttls_auto'] = false
gitlab_rails['smtp_tls'] = false
gitlab_rails['smtp_openssl_verify_mode'] = false
Can someone help? Thanks!
If you run a local MTA on the gitlab server there is nothing you need to configure explicitly. The SMTP settings in the gitlab.rb are only required if you use an external server or needs special configuration.
We run gitlab on Debian 8 here with the default installation of postfix. Works out of the box. But exim4 should work just fine as well.
You DO have to configure the following properties:
gitlab_rails['gitlab_email_from'] = 'gitlab#example.com'
gitlab_rails['gitlab_email_display_name'] = 'GitLab'

Postfix relay on multiple local smtp servers

I have two SMTP servers listening on ports 2525 and 2526.
But I have only 1 public IP address.
I'd like to use postfix (already installed on my server) to receive emails only for domain xxx.company.com and domain yyy.company.com, and redirect those emails to server 1 (port 2525) for domain xxx.company.com and server 2 (port 2526) for domain yyy.company.com.
Postfix will not be used to send emails. Just receive.
I tried several postfix configurations but I haven't figured out how to do this properly.
For now, I end up with this:
In main.cf:
mydomain = company.com
mydestination = xxx.company.com, yyy.company.com
relay_domains = xxx.company.com, yyy.company.com
transport_maps = hash:/etc/postfix/transport
local_recipient_maps =
unknown_local_recipient_reject_code = 550
In transport.cf:
*xxx.company.com 2525:[localhost]
*yyy.company.com 2526:[localhost]
In master.cf, the following line has been uncommented:
local unix - n n - - local
But I still have an "unknown user" error if my maillog file.
I would like to be more accurate for local_recipients so I don't let the entire world enter my postfix.
Does anyone have an out-of-the-box example of such kind of configuration ?
Thanks,
Jeremy B.
Your main.cf should be
#/etc/postfix/main.cf
mydomain = company.com
mydestination = xxx.company.com, yyy.company.com
relay_domains =
transport_maps = hash:/etc/postfix/transport
local_recipient_maps = hash:/etc/postfix/local_users
also add the following files
#/etc/postfix/local_users
# Here ACCEPT can be anything,postfix doesn't use it.
someuser#xxx.company.com ACCEPT
someuser#yyy.company.com ACCEPT
#/etc/postfix/transport
xxx.company.com smtp:[localhost]:2525
yyy.company.com smtp:[localhost]:2526
# modify localhost, if the server1 and server2 is not on localhost
Hope that helps.

Debian Exim4 SMTP-AUTH stopped working

I have a strange problem that recently popped on my Debian Squeeze server.
I've had Exim4 configured to use SMTP-AUTH with encryption setup and running on this box for a long time, but now it doesn't work.
At first I thought it was maybe my certificates expired, but that wasn't the case, they're good for several more years.
It appears that the server isn't listening on port 25 any longer.
If I try to telnet to port 25 it times out.
If I run netstat -tulpen on the server nothing is listening on port 25.
I'm using the splitconf for Exim4.
In conf.d/main I'm enabling MAIN_TLS_ENABLE=true
In conf.d/auth/30_exim4-config_examples I have the following
# Authenticate against local passwords using sasl2-bin
# Requires exim_uid to be a member of sasl group, see README.Debian.gz
plain_saslauthd_server:
driver = plaintext
public_name = PLAIN
server_condition = ${if saslauthd{{$auth2}{$auth3}}{1}{0}}
server_set_id = $auth2
server_prompts = :
.ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS
server_advertise_condition = ${if eq{$tls_cipher}{}{}{*}}
.endif
#
login_saslauthd_server:
driver = plaintext
public_name = LOGIN
server_prompts = "Username:: : Password::"
# don't send system passwords over unencrypted connections
server_condition = ${if saslauthd{{$auth1}{$auth2}}{1}{0}}
server_set_id = $auth1
.ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS
server_advertise_condition = ${if eq{$tls_cipher}{}{}{*}}
.endif
On the server if I run this command:
swaks -a -tls -q HELO -s localhost -au A_USER_NAME -ap '<>'
I get this ...
=== Trying localhost:25...
* Error connecting 0.0.0.0 to localhost:25:
* IO::Socket::INET: connect: Connection refused
Can someone point me to some more advanced debugging techniques?
OK. I figured it out.
Comcast blocks port 25. I don't know why this is coming up now, unless they've recently started blocking it.
I had to change a line in /etc/default/exim4
From this
SMTPLISTENEROPTIONS='-oX 25 -oP /var/run/exim4/exim.pid'
To this
SMTPLISTENEROPTIONS='-oX 465:25 -oP /var/run/exim4/exim.pid'
I also added this to /etc/exim4/conf.d/main/03_exim4-config_tlsoptions
tls_on_connect_ports=465
It's odd that this just popped up, unless a Debian package updated the /etc/default/exim4 file. It's confusing, but it's working. Hopefully this will be helpful to someone in the future.
Cheers.

Running Asky BrowserQuest on localhost

I've been trying to run Askys version of BrowserQuest on my local machine - but without any luck.
Im getting the following errors when im trying to start the server:
server/js/databasehandler.js error message:
var cls = require("./lib/class"),
Player = require('./player'),
Messages = require("./message"),
redis = require("redis"),
client = redis.createClient(xxxx, xxxx, {socket_nodelay: true});
I also tried to change xxxx xxxx to port and host of my redis server (databasehandler.js file), when I'm getting another error: Unexpected number.
Askys BrowserQuest:
https://github.com/browserquest/BrowserQuest-Asky
Is there any differences between the regular version and Askys when it comes to installing it? I have the original version of BrowserQuest up and running but Asky's doesnt work whatsoever, been following the readmes and the "tutorial" from
https://github.com/mozilla/BrowserQuest/tree/master/server.