==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 0.9.9
- Deployed with iRedMail Easy or the downloadable installer?
- Linux/BSD distribution name and version: FreeBSD 12
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Web server (Apache or Nginx):Nginx
- Manage mail accounts with iRedAdmin-Pro?
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====
Installation went well! It works! Нourly server sends a message
newsyslog: error in config file; unknown user:
/var/log/php-fpm/php-fpm.log ${root}:${wheel} 600 7 * 24 Z
newsyslog: error in config file;
↧
↧
Error: net_connect_unix(/var/run/dovecot/stats-writer) failed
==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 0.9.9
- Deployed with iRedMail Easy or the downloadable installer?
- Linux/BSD distribution name and version: FreeBSD
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Web server (Apache or Nginx): Apache
- Manage mail accounts with iRedAdmin-Pro? Yes 3.0.0
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====
Why do I get this error and how do I fix it?
Dec 29 18:01:18 mx postfix/pipe[67136]: 03F93D68FB: to=<xx@xxx.dk>, relay=dovecot, delay=0.82, delays=0.11/0.01/0/0.69, dsn=2.0.0, status=sent (delivered via dovecot service (lda(xx@xxx.dk,)Error: net_connect_unix(/var/run/dovecot/stats-writer) failed: Permission deni))
↧
Roundcube 2FA 'Remember me' function stopped working
==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 0.9.9
- Deployed with iRedMail Easy or the downloadable installer? installer
- Linux/BSD distribution name and version: Debian Stretch
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? No
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====
I've been using the 2FA plugin with Roundcube ever since my installation of 0.9.8 earlier this year and it has been working as expected. Recently however I have been experiencing the issue of a 2FA auth code being required at every login, vs. every 30 days as selected. IOW, the 'remember me for 30 days' option was working fine, but seems to have stopped working for reasons unknown. I have cookies enabled, and this happens with multiple browsers (Firefox and IE) so it does not seem to be related to a specific local browser or setting. I can't relate any change made on the local machine or server to the problem (although I suppose it must be a result of one, just can't guess what it is.) This was with Roundcube 1.3.6 and I just updated to 1.3.8 as a result of an iredmail 0.99 update, but no change and the problem persists. I have tried the obvious things such as disabling and re-enabling 2FA, etc., but no change.
Any ideas where I might look?
↧
Re: Possible error in 0.9.9 upgrade instructions?
Thanks, I did not realize that a script could be run without an execute permission, but further research reveals that indeed it can. Sorry for my error.
↧
Re: Outlook-ActiveSync Not Connecting
georgy.goshin wrote:
pnjo23 wrote:And your SSL certificate, did you replace the default self signed cert with a trusted one?
I use Let's Encrypt. SOGO page is works good and show correct cert
One more idea - how do you reference the SSL certs? Best way is it to create symbolic links as described here https://docs.iredmail.org/letsencrypt.html as opposed to integrating the SSL certs into individual services (Nginx, Postfix etc) to be double sure nothing is missed.
↧
↧
Re: Outlook-ActiveSync Not Connecting
I've rechecked every SSL config and found in dovecot.conf the following
#ssl_ca = </path/to/ca
ssl_cert = </etc/pki/tls/certs/iRedMail.crt
ssl_key = </etc/pki/tls/private/iRedMail.key
Replaced according to the manual to
ssl_ca = </etc/pki/tls/private/iRedMail.key
But this not helped at all - the server can not be found. Which path (port) is trying to open Outlook when checking this type of connection?
↧
Re: Outlook-ActiveSync Not Connecting
packet sniffer shows some packets to port 443 and responses but of course I can't examine to while SSL
↧
Re: Outlook-ActiveSync Not Connecting
georgy.goshin wrote:
I've rechecked every SSL config and found in dovecot.conf the following
#ssl_ca = </path/to/ca
ssl_cert = </etc/pki/tls/certs/iRedMail.crt
ssl_key = </etc/pki/tls/private/iRedMail.keyReplaced according to the manual to
ssl_ca = </etc/pki/tls/private/iRedMail.key
But this not helped at all - the server can not be found. Which path (port) is trying to open Outlook when checking this type of connection?
Change this back to default setting and create symbolic links as follows:
mv /etc/pki/tls/certs/iRedMail.crt{,.bak} # Backup. Rename iRedMail.crt to iRedMail.crt.bak
mv /etc/pki/tls/private/iRedMail.key{,.bak} # Backup. Rename iRedMail.key to iRedMail.key.bak
ln -s /etc/letsencrypt/live/mail.mydomain.com/fullchain.pem /etc/pki/tls/certs/iRedMail.crt
ln -s /etc/letsencrypt/live/mail.mydomain.com/privkey.pem /etc/pki/tls/private/iRedMail.key
↧
Re: Outlook-ActiveSync Not Connecting
georgy.goshin wrote:
packet sniffer shows some packets to port 443 and responses but of course I can't examine to while SSL
Also when I'm trying to telnet to ports 80 or 443 from client to server ant type some commands like GET / I see the errors in nginx logs, but when Outlook trying to check the server, I see nothing in logs but can see the packets with the sniffer.
↧
↧
Re: Outlook-ActiveSync Not Connecting
Here is my current SSL related configuration
[root@ired nginx]# grep -r ssl /etc/dovecot/dovecot.conf /etc/nginx/templates/ssl.tmpl
/etc/dovecot/dovecot.conf:ssl_protocols = !SSLv2 !SSLv3
/etc/dovecot/dovecot.conf:ssl = required
/etc/dovecot/dovecot.conf:verbose_ssl = no
/etc/dovecot/dovecot.conf:ssl_ca = </etc/pki/tls/certs/iRedMail.crt
/etc/dovecot/dovecot.conf:ssl_cert = </etc/pki/tls/certs/iRedMail.crt
/etc/dovecot/dovecot.conf:ssl_key = </etc/pki/tls/private/iRedMail.key
/etc/dovecot/dovecot.conf:ssl_cipher_list = ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5
/etc/dovecot/dovecot.conf:ssl_prefer_server_ciphers = yes
/etc/dovecot/dovecot.conf:# With disable_plaintext_auth=yes AND ssl=required, STARTTLS is mandatory.
/etc/dovecot/dovecot.conf:# Set disable_plaintext_auth=no AND ssl=yes to allow plain password transmitted
/etc/dovecot/dovecot.conf: # ssl = yes
/etc/dovecot/dovecot.conf: # ssl = yes
/etc/nginx/templates/ssl.tmpl:ssl on;
/etc/nginx/templates/ssl.tmpl:ssl_protocols TLSv1.2;
/etc/nginx/templates/ssl.tmpl:ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5;
/etc/nginx/templates/ssl.tmpl:ssl_prefer_server_ciphers on;
/etc/nginx/templates/ssl.tmpl:ssl_dhparam /etc/pki/tls/dh2048_param.pem;
/etc/nginx/templates/ssl.tmpl:# To use your own ssl cert (e.g. LetsEncrypt), please create symbol link to
/etc/nginx/templates/ssl.tmpl:# ssl cert/key used below, so that we can manage this config file with Ansible.
/etc/nginx/templates/ssl.tmpl:ssl_certificate /etc/pki/tls/certs/iRedMail.crt;
/etc/nginx/templates/ssl.tmpl:ssl_certificate_key /etc/pki/tls/private/iRedMail.key;
And the files (links)
[root@ired nginx]# ls -l /etc/pki/tls/certs/iRedMail.crt /etc/pki/tls/certs/iRedMail.crt /etc/pki/tls/private/iRedMail.key /etc/pki/tls/certs/iRedMail.crt /etc/pki/tls/private/iRedMail.key
lrwxrwxrwx 1 root root 49 Dec 30 10:55 /etc/pki/tls/certs/iRedMail.crt -> /etc/letsencrypt/live/ired.X.com/fullchain.pem
lrwxrwxrwx 1 root root 49 Dec 30 10:55 /etc/pki/tls/certs/iRedMail.crt -> /etc/letsencrypt/live/ired.X.com/fullchain.pem
lrwxrwxrwx 1 root root 49 Dec 30 10:55 /etc/pki/tls/certs/iRedMail.crt -> /etc/letsencrypt/live/ired.X.com/fullchain.pem
lrwxrwxrwx 1 root root 47 Dec 25 17:59 /etc/pki/tls/private/iRedMail.key -> /etc/letsencrypt/live/ired.X.com/privkey.pem
lrwxrwxrwx 1 root root 47 Dec 25 17:59 /etc/pki/tls/private/iRedMail.key -> /etc/letsencrypt/live/ired.X.com/privkey.pem
↧
Re: Outlook-ActiveSync Not Connecting
OK, switching the NGINX log level shows the following
SSL_do_handshake() failed (SSL: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol) while SSL handshaking
↧
Re: Outlook-ActiveSync Not Connecting
georgy.goshin wrote:
OK, switching the NGINX log level shows the following
SSL_do_handshake() failed (SSL: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol) while SSL handshaking
Your Nginx is set to only accept TLS1.2 connections, yet your outlook is negotiating handshake with weaker TLS/SSL protocol. Try allowing TLS 1.1 / 1.0 in Nginx to test.
↧
Re: Outlook-ActiveSync Not Connecting
OK, I found the workaround
ssl_protocols TLSv1 TLSv1.2;
TLSv1 is necessary in NGINX SSL configuration
↧
↧
restful api from change password
hello
I would like the service api to change the password mail server.
a use service api in application c#.
thank you
↧
i need to remove 127.0.0.1 from header
==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): v0.9.8
- Deployed with iRedMail Easy or the downloadable installer?
- Linux/BSD distribution name and version: centos7
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): mysql
- Web server (Apache or Nginx):nginx
- Manage mail accounts with iRedAdmin-Pro?no
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====
i need to remove 127.0.0.1 from header
Received: from mail.domain.me (mail.domain.me [127.0.0.1]) by mail.domain.me (Postfix) with ESMTP id 56567E109A
Received: from _ (mail.domain.me [127.0.0.1]) by mail.domain.me (Postfix) with ESMTPSA id EF6BDE1098
↧
can not install iredmail
Reading package lists... Done
[ INFO ] Fetching source tarballs ...
[ INFO ] + 1 of 5: https://dl.iredmail.org/yum/misc/iRedAd … .3.tar.bz2
[ INFO ] + 2 of 5: https://dl.iredmail.org/yum/misc/mlmmjadmin-1.9.tar.gz
[ INFO ] + 3 of 5: https://dl.iredmail.org/yum/misc/iRedAPD-2.3.tar.bz2
[ INFO ] + 4 of 5: https://dl.iredmail.org/yum/misc/netdata-1.11.1.gz.run
[ INFO ] + 5 of 5: https://dl.iredmail.org/yum/misc/roundc … ete.tar.gz
[ INFO ] Validate downloaded source tarballs ...
sha256sum: misc/iRedAdmin-0.9.3.tar.bz2: No such file or directory
misc/iRedAdmin-0.9.3.tar.bz2: FAILED open or read
sha256sum: misc/mlmmjadmin-1.9.tar.gz: No such file or directory
misc/mlmmjadmin-1.9.tar.gz: FAILED open or read
sha256sum: misc/iRedAPD-2.3.tar.bz2: No such file or directory
misc/iRedAPD-2.3.tar.bz2: FAILED open or read
sha256sum: misc/netdata-1.11.1.gz.run: No such file or directory
misc/netdata-1.11.1.gz.run: FAILED open or read
sha256sum: misc/roundcubemail-1.3.8-complete.tar.gz: No such file or directory
misc/roundcubemail-1.3.8-complete.tar.gz: FAILED open or read
sha256sum: WARNING: 5 listed files could not be read
[ FAILED ]
<< ERROR >> Package verification failed. Script exit ...
↧
Easiest way to upgrade to latest version
==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 0.9.7
- Deployed with iRedMail Easy or the downloadable installer?No
- Linux/BSD distribution name and version: Debian
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL I think
- Web server (Apache or Nginx):Nginx
- Manage mail accounts with iRedAdmin-Pro?No
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====
I started to upgrade from 0.9.7 to 0.9.8 and ran into an issue. I think I got the iRedAPD upgraded fine. I went to upgrade iRedadmin and ran into some errors running the upgrade script.
I think what I would like to do is backup all of my mail then install the latest version from the easy method and then import my mail back in.
Is this possible to do and is there any instructions on how to do this?
Thanks
Dan
↧
↧
i need to remove 127.0.0.1 from header
==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): v0.9.8
- Deployed with iRedMail Easy or the downloadable installer?
- Linux/BSD distribution name and version: centos7
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): mysql
- Web server (Apache or Nginx):nginx
- Manage mail accounts with iRedAdmin-Pro?no
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====
i need to remove 127.0.0.1 from header
Received: from mail.domain.me (mail.domain.me [127.0.0.1]) by mail.domain.me (Postfix) with ESMTP id 56567E109A
Received: from _ (mail.domain.me [127.0.0.1]) by mail.domain.me (Postfix) with ESMTPSA id EF6BDE1098
↧
Upgrade with remote MySQL?
==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version: 0.9.9
- Deployed with downloadable installer
- FreeBSD
- MySQL backend
- Nginx
- iRedAdmin-Pro? No
====
Hi. I have a working 0.9.9 server. All is well. I am going to move it to a new server. I use a separate MySQL server. I don't run MySQL server on the mail server. So when the new mail server is running, it will use the same database server.
I want to run the iRedMail.sh script on my new mail server, because it installs, compiles, and configures all the daemons. If I run the iRedMail.sh script, it will connect to the database server. Will it update/rewrite/change the MySQL tables there? I have a lot of users, domains, aliases, etc. I want to keep the MySQL tables the way they are.
I read the migration instructions and I don't see how to migrate to a new server without building the MySQL server from scratch. The instructions talk about how to export and reload the SQL tables, but I don't need to do that. I don't really want to do that unless I must.
What's the right way to do it?
Thanks,
Paco
↧
Going to 3.2 of LDAP Pro, uwsgi causes iRedAdmin-Pro to no longer work
==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release):
- Deployed with iRedMail Easy or the downloadable installer?
- Linux/BSD distribution name and version:
- Store mail accounts in which backend (LDAP/MySQL/PGSQL):
- Web server (Apache or Nginx):
- Manage mail accounts with iRedAdmin-Pro?
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====
version of iRedMail: 0.9.9
deployed with: often upgraded, manually
Ubuntu 16.04LTS
LDAP
Nginx
iRedAdmin-Pro
Immediately after boot, surf to {mail server}/iredadmin, nginx log file spouts:
tail -n 1 error.log
2018/12/30 16:25:29 [crit] 1496#1496: *5 connect() to unix:/var/run/uwsgi_iredadmin.socket failed (2: No such file or directory) while connecting to upstream, client: 10.166.130.12, server: mail.mobydog.net, request: "GET /iredadmin HTTP/2.0", upstream: "uwsgi://unix:/var/run/uwsgi_iredadmin.socket:", host: "mailsrv.mobydog.net"
And /var/log/uwsgi/apps/iredadmin.log has:
[uWSGI] getting INI configuration from /usr/share/uwsgi/conf/default.ini
realpath() of /etc/uwsgi/apps-enabled/iredadmin.ini failed: No such file or directory [core/utils.c line 3619]
↧
More Pages to Explore .....
