1 (edited by yoog 2014-05-13 00:07:47)

Topic: What am I doing wrong?

==== Required information ====
- iRedMail version: 0.8.6
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): LDAP (/var/vmail)
- Linux/BSD distribution name and version: Ubuntu 12.04
- Related log if you're reporting an issue: I am not sure which log to incluse.
====

root@mailserver:~# amavisd-new testkeys
TESTING#1: dkim._domainkey.mydomain.com => pass

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: What am I doing wrong?

yoog wrote:

when try to reply from those account it comes back undeliverable after long delay of 4 to 5 hours.

Could you please paste the full bounced mail content? It contains technical details about why mail failed.

Also, do you have correct A/MX records in DNS for your mail domain name?

3 (edited by yoog 2014-05-13 00:08:08)

Re: What am I doing wrong?

ZhangHuangbin wrote:
yoog wrote:

when try to reply from those account it comes back undeliverable after long delay of 4 to 5 hours.

Could you please paste the full bounced mail content? It contains technical details about why mail failed.

Also, do you have correct A/MX records in DNS for your mail domain name?

Here is the "View Source" by  KMail Viewer. I am not sure if this tell anything or not. Please let me know if you need more informaation.

I believe MX record is correct otherwise it would not work with hMailServer. I am using register.com as my registrar.

4

Re: What am I doing wrong?

*) Is 'phx.gbl' your mail domain? It doesn't have A and MX record in DNS.
*) We need bounce message returned by mail sender, not the email you composed.

5 (edited by yoog 2014-05-13 00:12:19)

Re: What am I doing wrong?

ZhangHuangbin wrote:

*) Is 'phx.gbl' your mail domain? It doesn't have A and MX record in DNS.
*) We need bounce message returned by mail sender, not the email you composed.

1) phx.gbl is NOT my mail domain

2) Here is the message returned by mailserver alongwith time stamp of the original message and reply to help you understand how long does it take to bouce the e-mail. This time it took a way too long to return.
Deleted details/message as matter is resolved.

6 (edited by yoog 2014-05-13 00:12:35)

Re: What am I doing wrong?

Deleted details/message as matter is resolved.

7

Re: What am I doing wrong?

yoog wrote:

Unable to deliver message to the following recipients, due to being unable to connect successfully to the destination mail server.
       postmaster@ormondkwikstop.com

<postmaster@ormondkwikstop.com>:
Mail server for "ormondkwikstop.com" unreachable for too long :

Does your ISP block port 25? I cannot telnet to your server.

8 (edited by yoog 2014-05-13 00:13:03)

Re: What am I doing wrong?

Deleted details/message as matter is resolved.

9 (edited by yoog 2014-05-13 00:10:23)

Re: What am I doing wrong?

Deleted detailes message as matter is resolved.

10

Re: What am I doing wrong?

yoog wrote:

On Router NAT, I have forwarded port 23 to 25 to my mailserver, then I can telnet to the server but is it advisable?

Please stop telnet service, and don't forward port 23 to 25.

I cannot connect to your server with telnet command (not telnet service):

$ telnet mailserver.ormondkwikstop.com 25
Trying 24.73.226.66...
telnet: connect to address 24.73.226.66: Operation timed out
telnet: Unable to connect to remote host

11 (edited by yoog 2014-05-13 00:13:19)

Re: What am I doing wrong?

Deleted details/message as matter is resolved.

12

Re: What am I doing wrong?

I checked port 25 of your server, looks like it should work now:

$ telnet 24.73.226.66 25
Trying 24.73.226.66...
Connected to mailserver.ormondkwikstop.com.
Escape character is '^]'.
220 mailserver.ormondkwikstop.com ESMTP Postfix (Ubuntu)

Did you try to send some more testing email from Gmail/Yahoo/Hotmail/...?

13 (edited by yoog 2014-05-12 23:39:40)

Re: What am I doing wrong?

ZhangHuangbin wrote:

I checked port 25 of your server, looks like it should work now:

$ telnet 24.73.226.66 25
Trying 24.73.226.66...
Connected to mailserver.ormondkwikstop.com.
Escape character is '^]'.
220 mailserver.ormondkwikstop.com ESMTP Postfix (Ubuntu)

Did you try to send some more testing email from Gmail/Yahoo/Hotmail/...?

You are correct. It is working now but in order to make it work I had to open port 25 on my router.

I have two more questions:
Let me ask you one now: How would I use my free CLASS 1 certificate I received from STARTSSL with iRedMail?

Once again I am very thankful to you for your help.

14

Re: What am I doing wrong?

yoog wrote:

How would I use my free CLASS 1 certificate I received from STARTSSL with iRedMail?

It's better to check document provided by your SSL provider.

Also, you can search this forum, many users shared their settings.

15

Re: What am I doing wrong?

ZhangHuangbin wrote:
yoog wrote:

How would I use my free CLASS 1 certificate I received from STARTSSL with iRedMail?

It's better to check document provided by your SSL provider.

Also, you can search this forum, many users shared their settings.

I will do that.
Thanks

16 (edited by yoog 2014-05-14 02:49:03)

Re: What am I doing wrong?

I went to StartSSL.com web site and their instruction is:
**************************************************************************************************************************
Apache Web Server

First of all you have to load the mod_ssl module. Many distributions and packages have this module shipped by default, otherwise check the documentation of Apache how to do this.

To configure a default SSL/TLS aware virtual server, you should add at least the following lines to your httpd.conf or ssl.conf file:

    LoadModule ssl_module modules/mod_ssl.so

    Listen 443

    <VirtualHost _default_:443>
       DocumentRoot /home/httpd/private
       ErrorLog /usr/local/apache/logs/error_log
       TransferLog /usr/local/apache/logs/access_log
       SSLEngine on
       SSLProtocol all -SSLv2
       SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM

       SSLCertificateFile /usr/local/apache/conf/ssl.crt
       SSLCertificateKeyFile /usr/local/apache/conf/ssl.key
       SSLCertificateChainFile /usr/local/apache/conf/sub.class1.server.ca.pem
       CustomLog /usr/local/apache/logs/ssl_request_log \
          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
    </VirtualHost>



Download the sub.class1.server.ca.pem for the above configuration. Make sure to change the path according to your apache installation. For windows you need to use something like c:\apache\httpd.

If you have a higher validated server certificate you need to use the class2 or class3 intermediate CA certificate.
*********************************************************************************************************************************
I pasted code from "LoadModule .................</VirtualHost>" in /etc/apache1/httpd.conf file with certificate apppropriate path (/etc/ssl/private/) for key and certificate but then I cannot access https://your_server/mail/, I end up getting site unreachable error. Any suggestions?

17

Re: What am I doing wrong?

yoog wrote:

I pasted code from "LoadModule .................</VirtualHost>" in /etc/apache1/httpd.conf file with certificate apppropriate path (/etc/ssl/private/) for key and certificate but then I cannot access https://your_server/mail/, I end up getting site unreachable error. Any suggestions?

You don't need to copy code.

The most important lines are below 3:

       SSLCertificateFile /usr/local/apache/conf/ssl.crt
       SSLCertificateKeyFile /usr/local/apache/conf/ssl.key
       SSLCertificateChainFile /usr/local/apache/conf/sub.class1.server.ca.pem

So you need these 3 files.

Or, you can pay me to help solve it with our remote support service:
http://www.iredmail.org/support.html

18

Re: What am I doing wrong?

ZhangHuangbin wrote:
yoog wrote:

I pasted code from "LoadModule .................</VirtualHost>" in /etc/apache1/httpd.conf file with certificate apppropriate path (/etc/ssl/private/) for key and certificate but then I cannot access https://your_server/mail/, I end up getting site unreachable error. Any suggestions?

You don't need to copy code.

The most important lines are below 3:

       SSLCertificateFile /usr/local/apache/conf/ssl.crt
       SSLCertificateKeyFile /usr/local/apache/conf/ssl.key
       SSLCertificateChainFile /usr/local/apache/conf/sub.class1.server.ca.pem

So you need these 3 files.

Or, you can pay me to help solve it with our remote support service:
http://www.iredmail.org/support.html

The only reason I copied the code is due limited ability to modify proper files. StartSSL.com suggested to paste the code in httpd.conf file and that's why I did it but it had side effects. Now, per your suggestion, I have all those 3 files in my /etc/ssl/private directory, but do I just insert three lines of code in httpd.conf? I will give it a shot and see what happens.

Regarding, paid remote support, I have that option open but, I just want to learn and do it myself. I must tell you that iRedMail has been the EASIEST deployment of all tutorial out there on the web and your support has been exceptional. I have been reading for past three months to set up mail server but trust me it is too much to digest for a novice like me.

19

Re: What am I doing wrong?

yoog wrote:

I have all those 3 files in my /etc/ssl/private directory, but do I just insert three lines of code in httpd.conf?

*) We already have these 3 parameters in /etc/apache2/sites-available/default-ssl.
*) Please make sure Apache daemon user 'www-data' has permission to read these files.