1 Topic by windigo

  • windigo
  • Member
  • Offline
  • Registered: 2011-11-02
  • Posts: 11

Topic: trouble to reach my iredmail server.

======== ==== Required information ====
- iRedMail version: 0.7.3
- Store mail accounts in which backend : MySQL
- Linux/BSD distribution name and version: Ubuntu server 11.04 32 bits
- Related log if you're reporting an issue:
====

Hello,

I have trouble to reach my iredmail server. (ex: webmail.mydomain.com)

everything work fine in local or with vpn  (ex: webmail.mydomain.com)
but nothing from external or without vpn
It look like a redirection issue but I can't find where it is

Thanks

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,770

Re: trouble to reach my iredmail server.

Do you have correct DNS setting for this domain name?

3 Reply by windigo

  • windigo
  • Member
  • Offline
  • Registered: 2011-11-02
  • Posts: 11

Re: trouble to reach my iredmail server.

ZhangHuangbin wrote:

Do you have correct DNS setting for this domain name?


yes the DNS look like good.

A(host) = iredmail -> ip
CName(alias) = webmail -> iredmail.mydomain.com
MX = iredmail.mydomain.com

4 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,770

Re: trouble to reach my iredmail server.

windigo wrote:

but nothing from external or without vpn

If you send from an external account (e.g. Gmail/Yahoo/Hotmail), you should receive a bounce message, please paste this bounce message body here, it contains technical info to help troubleshoot.

5 Reply by schefmar

  • schefmar
  • Member
  • Offline
  • Registered: 2014-08-09
  • Posts: 4

Re: trouble to reach my iredmail server.

ZhangHuangbin wrote:
windigo wrote:

but nothing from external or without vpn

If you send from an external account (e.g. Gmail/Yahoo/Hotmail), you should receive a bounce message, please paste this bounce message body here, it contains technical info to help troubleshoot.

Hello, I will be taking over the troubleshooting, it seems our sysadmin "windigo" is off for a 2 week vacation, as former sysadmin I have been asked to try to solve this problem.

The trouble is not with outgoing smtp/pop3 or imap, email software such as Microsoft mail, thunderbird etc all work fine. The problem is with the webmail (roundcube) interface. Customers from our IP subnet are able to reach the webmail without any problems, but customers outside our IP subnet cannot. The webbrowser title shows "Roundcube mail:: etc" but nothing else appears.

Trying to access directly with the IP address/roundcube does not work either. However, if only the IP address is entered in the browser, I get the default Apache web page.

This seems to have started after 2 of our users had their passwords stolen and our mail server was spamming with those stolen credentials. That problem has since been solved, I do not believe that root access has been gained on the system. The configuration files for the virtual servers are unchanged, everything else looks ok. I have tried to temporarily turn off iptables, but this does not change anything. Perhaps this is a fail2ban issue ? Would not stopping iptables show this ?

Any help will be much appreciated, Thanks.
In the /var/log/apache2/error.log I get lines such as "(70007)The timeout specified has expired:". Perhaps this is related ?

As per your suggestion I have sent an email from linuxmail.org to our mail server, the message goes through without a bounce message.

6 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,770

Re: trouble to reach my iredmail server.

Did you check your Apache config files under /etc/apache2/? And rules on your firewall/gateway devices?

schefmar wrote:

I have tried to temporarily turn off iptables, but this does not change anything. Perhaps this is a fail2ban issue ? Would not stopping iptables show this ?

It's ok. Restarting iptables will flush all existing rules and load default rules.

7 Reply by schefmar

  • schefmar
  • Member
  • Offline
  • Registered: 2014-08-09
  • Posts: 4

Re: trouble to reach my iredmail server.

ZhangHuangbin wrote:

Did you check your Apache config files under /etc/apache2/? And rules on your firewall/gateway devices?

schefmar wrote:

I have tried to temporarily turn off iptables, but this does not change anything. Perhaps this is a fail2ban issue ? Would not stopping iptables show this ?

It's ok. Restarting iptables will flush all existing rules and load default rules.

firewall/gateway/ISP seem ok, iredmail is a VirtualBox VM, I created another VM, minimal server (no iredmail), same Ubuntu version, same physical host, same domain registrar, using apache2 virtual host configs similar to iredmail (different names/IPs) and the new VM works as expected. So firewall/gateway etc are Ok.

Back in january I had made md5 sums of all files in /etc, I compared with the current files, all are the same as before, so configs in /etc are Ok too.

Are there any other configs elsewhere than in /etc that could be causing trouble ? Could mysql database corruption cause this type of trouble ?

Thanks again for your help

8 Reply by schefmar

  • schefmar
  • Member
  • Offline
  • Registered: 2014-08-09
  • Posts: 4

Re: trouble to reach my iredmail server.

Did some more testing today. Seems that some types of files can be accessed on the virtual server but others cannot.

Example : say that virtual server URL is mymail.mydomain.ca
if I type "http://mymail.mydomain.ca" , browser just sits and hangs, only title displayed

If I create a text file, html with javascript or php file in the roundcube directory, they can be accessed and work ok
   "http://mymail.mydomain.ca/test.txt" -> display contents of test.txt
   "http://mymail.mydomain.ca/jtest.html" -> display html & executes javascript within jtest.html
   "http://mymail.mydomain.ca/phptest.php" -> executes php code within phptest.php

However, jpg files or binary files cannot be accessed.

This is indeed a very strange problem

Thanks again for your help

9 Reply by schefmar

  • schefmar
  • Member
  • Offline
  • Registered: 2014-08-09
  • Posts: 4

Re: trouble to reach my iredmail server.

Hello,

Still further testing seems to indicate that our ISP doesn't like binary files coming out of our web server(s)

For the moment I will check with our ISP, I believe that it is no longer an iredmail issue, further testing has shown this behavior from all our webservers and our switch directly connected to the ISP's equipment,

Thanks again for your help & your fine software,

Sorry to have taken up some of your time.