1 Topic by Akiba (edited by Akiba 2016-12-14 07:49:11)

  • Akiba
  • Member
  • Offline
  • Registered: 2016-12-14
  • Posts: 32

Topic: server became unavailable by www or mail client

==== Required information ====
- iRedMail version (check /etc/iredmail-release):
- Linux/BSD distribution name and version:
- Store mail accounts in which backend (LDAP/MySQL/PGSQL):
- Web server (Apache or Nginx):
- Manage mail accounts with iRedAdmin-Pro?
- Related log if you're reporting an issue:
======== Required information ====
- iRedMail version (check /etc/iredmail-release): 0.9.5-1
- Linux/BSD distribution name and version: Ubuntu 16.04
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? No
- Related log if you're reporting an issue:
====
Thanks for IredMail. It's working great. But there is an issue: it's just stopped being available by the server primary domain.

# hostname -f
mail.east-central.eu

It's neither reachable by the web browser (mail.east-central.eu/mail) nor an email client, which reports missing connection. It's not even available by IP number from the browser.
Interestingly:

  • ssh is working normally for all domains

  • I can connect to the server using some other domains (e.g. https://mail.edusos.pl/mail/) When I do I can login as postmaster@east-central.eu and send and receive mail)

  • I set up Thunderbird to work with one of the secondary domains about 2 hours ago, which worked fine initially, but it can't connect now. Edit: thunderbird reports rejected connection.

I haven't installed letsencrypt yet. The only difference for the secondary domains is that I've redirected them from my registrar to Cloudflare.
I also performed some OS upgrades recently.
Please share how I can start investigating this issue. It's my first mail server.

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by Akiba

  • Akiba
  • Member
  • Offline
  • Registered: 2016-12-14
  • Posts: 32

Re: server became unavailable by www or mail client

Find below yesterday's log for unmatched entries.
Please help me figure it out. My IP is 89.68.149.114 and it is marked as "Received disconnect from".
What other logs should I attach?
To me it looks as if default iredmail certs have stopped working, or is it something else?
---
**Unmatched Entries**
fatal: Unable to negotiate with 123.31.31.91 port 56657: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1 [preauth] : 1 time(s)
Disconnected from 89.68.149.114 port 48766 : 1 time(s)
Received disconnect from 94.254.146.121 port 65330:11: disconnected by user : 1 time(s)
Exiting on signal 15 : 1 time(s)
Received disconnect from 89.97.55.33 port 45643:11: disconnected by user [preauth] : 1 time(s)
Received disconnect from 163.172.233.77 port 38329:11: Bye Bye [preauth] : 1 time(s)
Disconnected from 91.223.133.33 port 37970 [preauth] : 1 time(s)
fatal: Unable to negotiate with 218.7.159.173 port 58958: no matching cipher found. Their offer: aes256-cbc,rijndael-cbc@lysator.liu.se,aes192-cbc,aes128-cbc,arcfour128,arcfour,3des-cbc,none [preauth] : 1 time(s)
Disconnected from 94.254.146.121 port 65330 : 1 time(s)
Disconnected from 89.97.55.33 port 45643 [preauth] : 1 time(s)
fatal: Unable to negotiate with 123.31.31.91 port 63646: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1 [preauth] : 1 time(s)
Disconnected from 195.154.16.210 port 43788 [preauth] : 1 time(s)
Disconnected from 94.254.146.121 port 65331 : 1 time(s)
fatal: Unable to negotiate with 123.31.31.91 port 50393: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1 [preauth] : 1 time(s)
Received disconnect from 41.230.11.146 port 60126:11: Bye Bye [preauth] : 1 time(s)
Received disconnect from 94.254.146.121 port 65331:11: disconnected by user : 1 time(s)
fatal: Unable to negotiate with 123.31.31.91 port 62222: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1 [preauth] : 1 time(s)
Connection reset by 41.230.11.146 port 60463 [preauth] : 1 time(s)
Received disconnect from 89.68.149.114 port 48766:11: disconnected by user : 1 time(s)
fatal: Unable to negotiate with 123.31.31.91 port 56478: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1 [preauth] : 1 time(s)
Received disconnect from 195.154.16.210 port 43788:11: Bye Bye [preauth] : 1 time(s)
Disconnected from 41.230.11.146 port 60126 [preauth] : 1 time(s)
fatal: Unable to negotiate with 192.40.88.18 port 51113: no matching cipher found. Their offer: aes256-cbc,rijndael-cbc@lysator.liu.se,aes192-cbc,aes128-cbc,arcfour128,arcfour,3des-cbc,none [preauth] : 1 time(s)
Received disconnect from 91.223.133.33 port 37970:11: Bye Bye [preauth] : 1 time(s)
fatal: Unable to negotiate with 195.154.56.58 port 64902: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1,diffie-hellman-group-exchange-sha1 [preauth] : 1 time(s)
Disconnected from 163.172.233.77 port 38329 [preauth] : 1 time(s)
fatal: Unable to negotiate with 123.31.31.91 port 50682: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1 [preauth] : 1 time(s)

3 Reply by Akiba

  • Akiba
  • Member
  • Offline
  • Registered: 2016-12-14
  • Posts: 32

Re: server became unavailable by www or mail client

It connects properly over an anonymiser:
https://ssl-proxy.my-addr.org/myaddrpro … l.eu/mail/
Why is this happening and how can I prevent it in the future?
I don't remember providing the wrong credentials myself. The only suspicious action was that Thunderbird had me confirm the certs about 10 times.
A.

4 Reply by devedames

  • devedames
  • devedames
  • Member
  • Offline
  • Registered: 2015-04-08
  • Posts: 42

Re: server became unavailable by www or mail client

Akiba wrote:

==== Required information ====
- iRedMail version (check /etc/iredmail-release):
- Linux/BSD distribution name and version:
- Store mail accounts in which backend (LDAP/MySQL/PGSQL):
- Web server (Apache or Nginx):
- Manage mail accounts with iRedAdmin-Pro?
- Related log if you're reporting an issue:
======== Required information ====
- iRedMail version (check /etc/iredmail-release): 0.9.5-1
- Linux/BSD distribution name and version: Ubuntu 16.04
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? No
- Related log if you're reporting an issue:
====
Thanks for IredMail. It's working great. But there is an issue: it's just stopped being available by the server primary domain.

# hostname -f
mail.east-central.eu

It's neither reachable by the web browser (mail.east-central.eu/mail) nor an email client, which reports missing connection. It's not even available by IP number from the browser.
Interestingly:

  • ssh is working normally for all domains

  • I can connect to the server using some other domains (e.g. https://mail.edusos.pl/mail/) When I do I can login as postmaster@east-central.eu and send and receive mail)

  • I set up Thunderbird to work with one of the secondary domains about 2 hours ago, which worked fine initially, but it can't connect now. Edit: thunderbird reports rejected connection.

I haven't installed letsencrypt yet. The only difference for the secondary domains is that I've redirected them from my registrar to Cloudflare.
I also performed some OS upgrades recently.
Please share how I can start investigating this issue. It's my first mail server.


Do you manage your DNS Server?

5 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,788

Re: server became unavailable by www or mail client

Akiba wrote:

I don't remember providing the wrong credentials myself. The only suspicious action was that Thunderbird had me confirm the certs about 10 times.

Maybe blocked by Fail2ban + iptables due to several password failures, or other errors.
Try to login from another IP address, check iptables firewall, make sure your IP is not blocked, then try again.

6 Reply by Akiba

  • Akiba
  • Member
  • Offline
  • Registered: 2016-12-14
  • Posts: 32

Re: server became unavailable by www or mail client

[

Do you manage your DNS Server?

No, I'm using my registrar's DNS for the main domain. It seems I got locked out by fail2ban. I hope it'll be better when I install my  own certificates and I'll need to have some control over my iptables, firewall, etc. I could do with a handy tool.

7 Reply by Akiba

  • Akiba
  • Member
  • Offline
  • Registered: 2016-12-14
  • Posts: 32

Re: server became unavailable by www or mail client

ZhangHuangbin wrote:

check iptables firewall, make sure your IP is not blocked, then try again.

Yeah, I could do with some controls, so I can see what's happening and react when needed, such as an Android app. Can you think of something?

8 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,788

Re: server became unavailable by www or mail client

Akiba wrote:

Yeah, I could do with some controls, so I can see what's happening and react when needed, such as an Android app. Can you think of something?

I'm not sure what you exactly mean sad