Quantcast
Channel: iRedMail
Viewing all 45881 articles
Browse latest View live

Allowed FROM address with a different logged in user

December 27, 2018, 3:44 am
$
0
0

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (0.9.4):
- Deployed with iRedMail Easy or the downloadable installer?
- Linux/BSD distribution name and version: Ubuntu 16.04
- Store mail accounts in which backend (MySQL):
- Web server (Apache):
- Manage mail accounts with iRedAdmin-Pro?
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

Hello Guys,

A couple of days ago i had some problems that email users where able to send from random@nonexistingdomain.abc to anyone.

ZhangHuangbin adviced to enable the plugin "reject_sender_login_mismatch", which helped to prevent that users can send email with non existing FROM users. The only problem now is that a authenticated user "example: validmail@validdomain.com" in SSMTP (small program_ cannot send with a different FROM email like "secondexistingemail@secondexistingdomain.com", which is also existing in de alias list. In this case i am getting the message: "REJECT Sender login mismatch"

Question: Is it possible to login with a an existing alias email and send with different FROM domain which exist in the alias list.

My current configuration is:


Main.cf
# HELO restriction
smtpd_helo_required = yes
smtpd_helo_restrictions =
    permit_mynetworks
    permit_sasl_authenticated
    reject_non_fqdn_helo_hostname
    reject_invalid_helo_hostname
    check_helo_access pcre:/etc/postfix/helo_access.pcre

# Sender restrictions
smtpd_sender_restrictions =
    reject_unknown_sender_domain
    reject_non_fqdn_sender
    reject_unlisted_sender
    permit_sasl_authenticated
    permit_mynetworks
    reject_rbl_client zen.spamhaus.org=127.0.0.[2..11]
    reject_rbl_client b.barracudacentral.org=127.0.0.2
    check_sender_access pcre:/etc/postfix/reject_domains

# Recipient restrictions
smtpd_recipient_restrictions =
    reject_unknown_recipient_domain
    reject_non_fqdn_recipient
    reject_unlisted_recipient
    check_policy_service inet:127.0.0.1:7777
    permit_mynetworks
    permit_sasl_authenticated
    reject_unauth_destination
    reject_unlisted_sender
    reject_rbl_client zen.spamhaus.org=127.0.0.[2..11]
    reject_rbl_client b.barracudacentral.org=127.0.0.2
    check_sender_access pcre:/etc/postfix/reject_domains


Enabled Iredapd plugins:
plugins = ["reject_null_sender", "greylisting", "throttle", "amavisd_wblist", "sql_alias_access_policy"]

Hopefully someone can help me out.

Search

Re: Allowed FROM address with a different logged in user

December 27, 2018, 3:48 am
$
0
0

Ooh yeah,

i forgot to mention. That i comment out the iredapd plugin "reject_sender_login_mismatch" to prevent that mails getting rejected with the error: "REJECT Sender login mismatch"

Re: Allowed FROM address with a different logged in user

December 27, 2018, 4:12 am
$
0
0

Well i did some tests. In al the examples a valid  user is logged in on SSMTP program.


Example: 1
COMMAND: ssmtp info@validdomain.nl
To: info@validdomain.nl
From: sklfdjsldkf@sdfkjsfl.nl

Sssmtp: RCPT TO:<info@validdomain.nl> (450 4.1.8 <sklfdjsldkf@sdfkjsfl.nl>: Sender address rejected: Domain not found)

Which is good. = "sdfkjsfl.nl" is not an domain.



Example: 2
COMMAND: ssmtp info@validdomain.nl
To: info@validdomain.nl
From: sdsfd@validdomain.nl
Subject: test

ssmtp: RCPT TO:<info@validdomain.nl> (550 5.1.0 <sdsfd@validdomain.nl>: Sender address rejected: User unknown in virtual mailbox table)

Which is good = "sdsfd@validdomain.nl" does not exists in the alias list.



Example 3
COMMAND: ssmtp info@validdomain.nl
To: info@validdomain.nl
From: info@validdomain2.net (an second iredmail server)
Subject: test

Hello world
^C

Result: Message is send to info@validdomain.nl.

I am not quit sure if this is good. i mean the TO: info@validdomain.nl is an internal email address. In this case you should say: If the TO is an internal emailadres the FROM address should always be a valid alias emailaddress.




Example 4
COMMAND: ssmtp info@validdomain.nl
To: info@validdomain.nl
From: invalidemail@validdomain2.net (an second iredmail server)
Subject: test

Hello world^C

Result: Message is send to info@validdomain.nl.

Also this is an internal email where the FROM is from a different mailserver also the FROM email is invalid @ the other mailserver.

The last two examples chould me tricky.

Re: SOGo Login Error

December 27, 2018, 5:44 am
$
0
0
ZhangHuangbin wrote:
hainan wrote:

I transported vmail and roundcube tables to new server.

You need to apply all SQL related changes by following our upgrade tutorials:
https://docs.iredmail.org/iredmail.releases.html

Hi ZhangHuangbin

I mean; I installed fresh iRedMail. Then just move some user database tables from old server to new server. Old server database tables also updated. SOGO is not installed on the old server. So, I am guessing, iredadmin using additional SQL inserts for SOGo. How can i add  existing users (migrated from old server) for SOGo usage? Is there any tool for?

Thanks for support.

Hasan Alp İNAN

Its Safe this convination on postfix?

December 27, 2018, 5:58 am
$
0
0

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release):
- Deployed with iRedMail Easy or the downloadable installer?
- Linux/BSD distribution name and version:
- Store mail accounts in which backend (LDAP/MySQL/PGSQL):
- Web server (Apache or Nginx):
- Manage mail accounts with iRedAdmin-Pro?
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

Hi i m configuring Prestashop whit my  iRedmail server.
But when i  configure my  

smtp.mail: mail.xxxx.xxx
username: xxx@xxx.com
encryption: TLS
pass: xxxx
Port: 587

Said:
Unable to connect with TLS encryption

I change in /etc/postfix/main.cf

-o smtpd_tls_security_level=encrypt to

-o smtpd_tls_security_level=may

An change  to 

smtp.mail: mail.xxxx.xxx
username: xxx@xxx.com
encryption: none
pass: xxxx
Port: 587

Work well . but its any convinion use this ?
Thx

Re: Its Safe this convination on postfix?

December 27, 2018, 6:15 am
$
0
0

worked 2 times an now  i had this error

Failed to authenticate on SMTP server with username "xxx@xxx.com" using 2 possible authenticators

Re: Its Safe this convination on postfix?

December 27, 2018, 6:54 am
$
0
0

I fix this  adding DKIM.
and send wwhit php mail.
whit this  

Email picked up by Postfix locally goes through transport "pickup" (defined in /etc/postfix/master.cf). If you want to sign it, modify /etc/postfix/master.cf like this:

*) Find the "pickup" transport, like below:

pickup    unix  n       -       y       60      1       pickup

*) Append one line RIGHT AFTER it:

pickup    unix  n       -       y       60      1       pickup
  -o content_filter=smtp-amavis:[127.0.0.1]:10026

Warning: there must be at least one whitespace before '-o'.
*) Restart Postfix service.

With this change, ALL emails sent with 'sendmail' or 'mail' programs (or PHP mail function, etc) will go through Amavisd (sign DKIM signature, and more).

Re: Top sender and Top Recipient incorrectly displated

December 27, 2018, 6:20 pm
$
0
0

Hi ZhangHuangBin,

Noted on this, will test and let you know if it works.

Thanks.

Best Regards,
Jovi Tan

Search

Default bcc address for incoming(outgoing) emails for new user 無法設定

December 27, 2018, 11:34 pm
$
0
0

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release):  0.9.9
- Deployed with iRedMail Easy or the downloadable installer?
- Linux/BSD distribution name and version:  CentOS7.6
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): LDAP
- Web server (Apache or Nginx):Nginx
- Manage mail accounts with iRedAdmin-Pro? Yes
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

Hi 版主:

第二個網域
Profile of domain: > Advanced :

Default bcc address for incoming emails for new user
Default bcc address for outgoing emails for new user
無法設定

第一網域的設定是正常.

Thanks.

Re: Default bcc address for incoming(outgoing) emails for new user 無法設定

December 28, 2018, 3:32 am
$
0
0

抱歉,“第一网域”和“第二个网域”是什么意思?是指第一个和第二个 mail domain?

Re: Top sender and Top Recipient incorrectly displated

December 28, 2018, 5:45 am
$
0
0

Just had the same issue after upgrading from 0.9.2 to 0.9.9. ZhangHuangbin solution worked for me, thanks.

Re: IredAdmin version

December 28, 2018, 7:14 am
$
0
0

I restarted all 3 service, same issue, after restarting server i get the error:

[crit] 277#277: *7 connect() to unix:/var/run/uwsgi_iredadmin.socket failed (2: No such file or directory) while connecting to upstream, client: XX.XX.XX.XX, server: example.org, request: "GET / HTTP/1.1", upstream: "uwsgi://unix:/var/run/uwsgi_iredadmin.socket:", host: "example.org"

Re: IredAdmin version

December 28, 2018, 8:10 am
$
0
0

Yep got it, new config is need with ired subdomain:

location / {
    root /opt/www/iredadmin;
    uwsgi_pass 127.0.0.1:7791;
    uwsgi_param UWSGI_CHDIR /opt/www/iredadmin;
    uwsgi_param UWSGI_SCRIPT iredadmin;
    include uwsgi_params;
}

up running and showing new versio, thanks!

Re: Default bcc address for incoming(outgoing) emails for new user 無法設定

December 28, 2018, 6:52 pm
$
0
0

Hi 版主:

是的;  除安裝iRedMail時建立的mail domain外,再新增第2個 mail domain.

Thanks.

Possible error in 0.9.9 upgrade instructions?

December 28, 2018, 7:45 pm
$
0
0

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 0.9.9
- Deployed with iRedMail Easy or the downloadable installer? DL installer
- Linux/BSD distribution name and version:  Debian Stretch
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? No
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

Pardon me if this was discussed elsewhere, but in the 0.9.9 upgrade instructions (https://docs.iredmail.org/upgrade.iredm … 0.9.9.html), under the section 'Fixed: SOGo backup script doesn't set correct permission on backup files', the user is advised to enter the line 'chmod 0400 backup_sogo.sh'. This permission setting will not allow the script to be executable(?) Is that intentional?

Search

Re: Possible error in 0.9.9 upgrade instructions?

December 28, 2018, 10:36 pm
$
0
0

This is intended. The script will be ran by root like "bash /var/vmail/backup/backup_sogo.sh" by cron job.

Re: IredAdmin version

December 28, 2018, 10:38 pm
$
0
0
Mrniceone wrote:

    uwsgi_pass 127.0.0.1:7791;
    uwsgi_param UWSGI_CHDIR /opt/www/iredadmin;
    uwsgi_param UWSGI_SCRIPT iredadmin;
    include uwsgi_params;

You can use these same settings in old /etc/nginx/templates/iredadmin.tmpl, no subdomain required.

What's the content of your /etc/nginx/templates/iredadmin.tmpl now?

Re: Default bcc address for incoming(outgoing) emails for new user 無法設定

December 28, 2018, 11:09 pm
$
0
0

我在本地无法重现这个错误。
请问您是如何添加的?使用的 bcc destination address 是否本地用户?如果是的话这些帐号是否真实存在?

Re: IredAdmin version

December 28, 2018, 11:11 pm
$
0
0

Content is:

# Settings for iRedAdmin.

# static files under /iredadmin/static
location ~ ^/iredadmin/static/(.*) {
    alias /opt/www/iredadmin/static/$1;
}

# Handle newsletter-style subscription/unsubscription supported in iRedAdmin-Pro.
location ~ ^/newsletter/ {
    include /etc/nginx/templates/hsts.tmpl;

    include uwsgi_params;
    uwsgi_pass 127.0.0.1:7791;
    uwsgi_param UWSGI_CHDIR /opt/www/iredadmin;
    uwsgi_param UWSGI_SCRIPT iredadmin;
    uwsgi_param SCRIPT_NAME /iredadmin;
    uwsgi_param REQUEST_URI /iredadmin/$request_uri;
}

# Python scripts
location ~ ^/iredadmin(.*) {
    rewrite ^/iredadmin(/.*)$ $1 break;

    include /etc/nginx/templates/hsts.tmpl;

    include uwsgi_params;
    uwsgi_pass 127.0.0.1:7791;
    uwsgi_param UWSGI_CHDIR /opt/www/iredadmin;
    uwsgi_param UWSGI_SCRIPT iredadmin;
    uwsgi_param SCRIPT_NAME /iredadmin;

    # Access control
    #allow 127.0.0.1;
    #allow 192.168.1.10;
    #allow 192.168.1.0/24;
    #deny all;
}

# iRedAdmin: redirect /iredadmin to /iredadmin/
location = /iredadmin {
    rewrite ^ /iredadmin/;
}

Only the iredadmin templates have changed in the directory.
Maybe it is something to add to the upgrade manual?

I've iRedadmin as a subdomain, used the "subdomain"  template.
It is all working now, Thanks big_smile!

Re: Default bcc address for incoming(outgoing) emails for new user 無法設定

December 29, 2018, 12:33 am
$
0
0
ZhangHuangbin wrote:

如果是的话这些帐号是否真实存在?

Hi 版主:
是我一時做測試時, 忘了把Bcc的帳號建起來.
我在 Profile of domain >BCC : 設置一本地用戶aa@ , (實際尚未建立此aa@帳號, 系統未有檢核動作, 可設定成功)
而在 Profile of domain >Advanced裡, 設Default bcc 此步驟 , 系統會檢核aa@ 是否存在 , 而造成無法設定.

感謝回覆.

Viewing all 45881 articles
Browse latest View live
More Pages to Explore .....
Search

Latest Images

Firefox UX: On Purpose: Collectively Defining Our Team’s Mission Statement

Firefox UX: On Purpose: Collectively Defining Our Team’s Mission Statement

April 19, 2024, 7:03 am
New $4.5 million East Bay trail path will connect bicyclists, pedestrians to...

New $4.5 million East Bay trail path will connect bicyclists, pedestrians to...

April 18, 2024, 11:05 am
Photographer Gifts for Clients / Print Packaging / 4x6 Photo Box by...

Photographer Gifts for Clients / Print Packaging / 4x6 Photo Box by...

April 17, 2024, 6:48 pm
Deepfake Video of Aamir Khan circulates Online

Deepfake Video of Aamir Khan circulates Online

April 17, 2024, 3:07 am
Very Hungry Caterpillar™ Shirt: World of Eric Carle™+ Little Goodall by...

Very Hungry Caterpillar™ Shirt: World of Eric Carle™+ Little Goodall by...

April 14, 2024, 8:14 am
Have you seen Michael Wines? Burien man has been missing since Saturday,...

Have you seen Michael Wines? Burien man has been missing since Saturday,...

April 12, 2024, 3:59 pm
Stay Salty POTS Awareness Stretchy Stacking Bracelets | Set of Three|...

Stay Salty POTS Awareness Stretchy Stacking Bracelets | Set of Three|...

April 11, 2024, 5:27 pm
19 Reader-Favourite March Purchases — From Steals To Splurges

19 Reader-Favourite March Purchases — From Steals To Splurges

April 11, 2024, 5:07 am
Fake lip ring, silver lip ring, simple lip ring, unisex lip ring by AIRlab

Fake lip ring, silver lip ring, simple lip ring, unisex lip ring by AIRlab

April 9, 2024, 4:00 pm
People's Blog • First Pictures of the Eclipse ! ! !

People's Blog • First Pictures of the Eclipse ! ! !

April 8, 2024, 1:08 pm