Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 21

Thread: Mail delivered for a while then simply queued

  1. #11
    billybofh is offline Senior Member
    Join Date
    Sep 2005
    Posts
    51
    Rep Power
    9

    Default

    After lots more fiddling, it now seems to be trying to use SSL, but failing :

    Code:
    Feb 20 16:08:15 xxxxx postfix/smtpd[31353]: connect from localhost.localdomain[127.0.0.1]
    Feb 20 16:08:15 xxxxx postfix/smtpd[31353]: setting up TLS connection from localhost.localdomain[127.0.0.1]
    Feb 20 16:08:15 xxxxx postfix/smtpd[31353]: SSL_accept:before/accept initialization
    Feb 20 16:08:15 xxxxx postfix/smtpd[31353]: read from 08223128 [0822F090] (11 bytes => -1 (0xFFFFFFFF))
    Feb 20 16:08:15 xxxxx postfix/smtpd[31353]: SSL_accept:error in SSLv2/v3 read client hello A
    Feb 20 16:08:15 xxxxx postfix/smtpd[31353]: read from 08223128 [0822F090] (11 bytes => 11 (0xB))
    Feb 20 16:08:15 xxxxx postfix/smtpd[31353]: 0000 80 7c 01 03 01 00 63 00|00 00 10                 .|....c. ...
    Feb 20 16:08:15 xxxxx postfix/smtpd[31353]: read from 08223128 [0822F09B] (115 bytes => -1 (0xFFFFFFFF))
    Feb 20 16:08:15 xxxxx postfix/smtpd[31353]: SSL_accept:error in SSLv2/v3 read client hello B
    Feb 20 16:08:15 xxxxx postfix/smtpd[31353]: read from 08223128 [0822F09B] (115 bytes => 115 (0x73))
    Feb 20 16:08:15 xxxxx postfix/smtpd[31353]: 0000 00 00 39 00 00 38 00 00|35 00 00 16 00 00 13 00  ..9..8.. 5.......
    ...
    Code:
    Feb 20 16:08:15 xxxx postfix/smtpd[31353]: SSL_accept:SSLv3 read finished A
    Feb 20 16:08:15 xxxxx postfix/smtpd[31353]: SSL_accept:SSLv3 write change cipher spec A
    Feb 20 16:08:15 xxxxx postfix/smtpd[31353]: SSL_accept:SSLv3 write finished A
    Feb 20 16:08:15 xxxxx postfix/smtpd[31353]: write to 08223128 [08245CE8] (59 bytes => 59 (0x3B))
    Feb 20 16:08:15 xxxxx postfix/smtpd[31353]: 0000 14 03 01 00 01 01 16 03|01 00 30 6d a9 ed ab b3  ........ ..0m....
    Feb 20 16:08:15 xxxxx postfix/smtpd[31353]: 0010 ab 09 5e 4a 5d 68 5b db|a5 72 72 6a 79 a7 c4 3d  ..^J]h[. .rrjy..=
    Feb 20 16:08:15 xxxxx postfix/smtpd[31353]: 0020 ce 51 c9 62 72 2c 1e f4|16 a6 2a 9f a2 99 a5 c3  .Q.br,.. ..*.....
    Feb 20 16:08:15 xxxxx postfix/smtpd[31353]: 0030 52 88 8d 99 21 87 50 10|ac 26 32                 R...!.P. .&2
    Feb 20 16:08:15 xxxxx postfix/smtpd[31353]: SSL_accept:SSLv3 flush data
    Feb 20 16:08:15 xxxxx postfix/smtpd[31353]: TLS connection established from localhost.localdomain[127.0.0.1]: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)
    Feb 20 16:08:15 xxxxx sendmail[626]: STARTTLS=client, relay=[127.0.0.1], version=TLSv1/SSLv3, verify=FAIL, cipher=DHE-RSA-AES256-SHA, bits=256/256
    And this seems to lead to the 100's of messages being queued in the active spool again....
    Last edited by billybofh; 02-20-2006 at 09:18 AM.

  2. #12
    marcmac is offline Expert Member
    Join Date
    Sep 2005
    Posts
    2,103
    Rep Power
    13

    Default

    sasl problem - you're probably finding the wrong version of the library. ldd /opt/zimbra/postfix/libexec/master will show which one you're getting. Fix is to mod /etc/ld.so.conf and run ldconfig. Covered elsewhere in the forums.

    ssl problem - it looks like sendmail is trying to deliver, but postfix wants to use ssl - is sendmail rejecting postfix's cert, since it's self-signed? Can you add the CA to sendmail's CA path? (Not sure how to do this). Cleaning up and recreating the certs is covered in the forums. You can allow plaintext auth in postfix, it's in the admin console.

  3. #13
    billybofh is offline Senior Member
    Join Date
    Sep 2005
    Posts
    51
    Rep Power
    9

    Default

    Hi,

    An ldd shows me :
    Code:
    # ldd /opt/zimbra/postfix/libexec/master
            libpcre.so.0 => /lib/libpcre.so.0 (0x00310000)
            libldap-2.2.so.7 => /opt/zimbra/lib/libldap-2.2.so.7 (0x0059e000)
            liblber-2.2.so.7 => /opt/zimbra/lib/liblber-2.2.so.7 (0x0032b000)
            libz.so.1 => /usr/lib/libz.so.1 (0x0033b000)
            libm.so.6 => /lib/tls/libm.so.6 (0x00111000)
            libsasl2.so.2 => /opt/zimbra/cyrus-sasl/lib/libsasl2.so.2 (0x003d6000)
            libpthread.so.0 => /lib/tls/libpthread.so.0 (0x0035d000)
            libssl.so.4 => /lib/libssl.so.4 (0x005e0000)
            libcrypto.so.4 => /lib/libcrypto.so.4 (0x00461000)
            libnsl.so.1 => /lib/libnsl.so.1 (0x003b6000)
            libresolv.so.2 => /lib/libresolv.so.2 (0x003a1000)
            libc.so.6 => /lib/tls/libc.so.6 (0x001e4000)
            /lib/ld-linux.so.2 (0x001cb000)
            libdl.so.2 => /lib/libdl.so.2 (0x00134000)
            libgssapi_krb5.so.2 => /usr/lib/libgssapi_krb5.so.2 (0x00138000)
            libkrb5.so.3 => /usr/lib/libkrb5.so.3 (0x0014c000)
            libcom_err.so.2 => /lib/libcom_err.so.2 (0x0034d000)
            libk5crypto.so.3 => /usr/lib/libk5crypto.so.3 (0x0036f000
    Which looks like I'm getting the correct sasl.

    Clearing up the certs seems to mostly assume I'm running a single box. As I'm running 3 is the process different? Most searches for it return comments about searching the forums as it's already been covered....

  4. #14
    billybofh is offline Senior Member
    Join Date
    Sep 2005
    Posts
    51
    Rep Power
    9

    Default

    I've done a completely fresh install on the 3 machines (clean OS, clean zimbra install) and am immediately gettting this on the MTA box :

    Code:
    Feb 21 13:08:13 xxxxx amavis[3829]: (03829-01) Checking: B72yuE2m4xSD [127.0.0.1] <root@xxxxxx> -> <user1@xxxxxx>
    Feb 21 13:08:13 xxxxxx postfix/smtpd[12454]: initializing the server-side TLS engine
    Feb 21 13:08:13 xxxxxx postfix/smtpd[12454]: warning: cannot get certificate from file /opt/zimbra/conf/smtpd.crt
    Feb 21 13:08:13 xxxxxx postfix/smtpd[12454]: warning: TLS library problem: 12454:error:02001002:system library:fopen:No such file or directory:bss_file.c:259:fopen('/opt/zimbra/conf/smtpd.crt','r'):
    Feb 21 13:08:13 xxxxxx postfix/smtpd[12454]: warning: TLS library problem: 12454:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:261:
    Feb 21 13:08:13 xxxxxx postfix/smtpd[12454]: warning: TLS library problem: 12454:error:140DC002:SSL routines:SSL_CTX_use_certificate_chain_file:system lib:ssl_rsa.c:758:
    Feb 21 13:08:13 xxxxxx postfix/smtpd[12454]: cannot load RSA certificate and key data
    Feb 21 13:08:13 xxxxxx postfix/smtpd[12454]: connect from localhost.localdomain[127.0.0.1]
    Feb 21 13:08:13 xxxxxx postfix/smtpd[12454]: 619FDB7F22: client=localhost.localdomain[127.0.0.1]
    This is with the same 3 machine setup (1xLDAP, 1xMTA, 1xMailstore) running zcs-NETWORK-3.0.0_GA_156.RHEL4 on CentOS 4 (server install, web & samba de-selected, yum update & yum install of the dependancy rpms - reboot. No vm's or anything else strange). I guess the installer script is missing something. I'd rather not mess around with the install/cert files until I hear back a suggestion as I don't want to potentially alter anything from the install.

  5. #15
    marcmac is offline Expert Member
    Join Date
    Sep 2005
    Posts
    2,103
    Rep Power
    13

    Default certs

    On the mta:
    zmcreateca
    zmcreatecert
    zmcertinstall mta cert_path key_path (cert path and key path will be under /opt/zimbra/ssl/ssl)

    On the ldap host:
    zmcreateca
    zmcreatecert

    on the mailstore:
    zmcreateca
    zmcreatecert
    zmcertinstall mailbox

  6. #16
    billybofh is offline Senior Member
    Join Date
    Sep 2005
    Posts
    51
    Rep Power
    9

    Default

    Is this as the zimbra user?

  7. #17
    billybofh is offline Senior Member
    Join Date
    Sep 2005
    Posts
    51
    Rep Power
    9

    Default

    Just bumping this to see if anyone knows...

  8. #18
    phoenix is online now Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,504
    Rep Power
    57

    Default

    Did you try it? Have you looked in the forums?
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  9. #19
    marcmac is offline Expert Member
    Join Date
    Sep 2005
    Posts
    2,103
    Rep Power
    13

    Default

    yes, as the zimbra user.

  10. #20
    billybofh is offline Senior Member
    Join Date
    Sep 2005
    Posts
    51
    Rep Power
    9

    Default

    Ok - followed the instructions exactly and am now back to the errors I was getting earlier :

    Code:
    Feb 23 10:19:37 xxxxxx postfix/smtpd[8864]: initializing the server-side TLS engine
    Feb 23 10:19:37 xxxxxx postfix/smtpd[8864]: connect from localhost.localdomain[127.0.0.1]
    Feb 23 10:19:37 xxxxxx postfix/smtpd[8864]: setting up TLS connection from localhost.localdomain[127.0.0.1]
    Feb 23 10:19:37 xxxxxx postfix/smtpd[8864]: SSL_accept:before/accept initialization
    Feb 23 10:19:37 xxxxxx postfix/smtpd[8864]: read from 08224C28 [0822EE48] (11 bytes => -1 (0xFFFFFFFF))
    Feb 23 10:19:37 xxxxxx postfix/smtpd[8864]: SSL_accept:error in SSLv2/v3 read client hello A
    Feb 23 10:19:37 xxxxxx postfix/smtpd[8864]: read from 08224C28 [0822EE48] (11 bytes => 11 (0xB))
    Feb 23 10:19:37 xxxxxx postfix/smtpd[8864]: 0000 80 7c 01 03 01 00 63 00|00 00 10                 .|....c. ...
    Feb 23 10:19:37 xxxxxx postfix/smtpd[8864]: read from 08224C28 [0822EE53] (115 bytes => -1 (0xFFFFFFFF))
    Feb 23 10:19:37 xxxxxx postfix/smtpd[8864]: SSL_accept:error in SSLv2/v3 read client hello B
    Feb 23 10:19:37 xxxxxx postfix/smtpd[8864]: read from 08224C28 [0822EE53] (115 bytes => 115 (0x73))
    Code:
    Feb 23 10:19:37 xxxxxx postfix/smtpd[8864]: 0020 ad 04 2c 20 1e be a7 fa|a3 69 3d 2d 76 21 2f ff  .., .... .i=-v!/.
    Feb 23 10:19:37 xxxxxx postfix/smtpd[8864]: 0030 15 ff 9e 41 d8 a1 93 9b|f6 3d 89                 ...A.... .=.
    Feb 23 10:19:37 xxxxxx postfix/smtpd[8864]: SSL_accept:SSLv3 flush data
    Feb 23 10:19:37 xxxxxx postfix/smtpd[8864]: TLS connection established from localhost.localdomain[127.0.0.1]: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)
    Feb 23 10:19:37 xxxxxx sendmail[8863]: STARTTLS=client, relay=[127.0.0.1], version=TLSv1/SSLv3, verify=FAIL, cipher=DHE-RSA-AES256-SHA, bits=256/256
    Feb 23 10:19:37 xxxxxx postfix/smtpd[8864]: 730102A6EE1: client=localhost.localdomain[127.0.0.1], sasl_sender=root@xxxxxx

Page 2 of 3 FirstFirst 123 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Problems with port 25
    By yogiman in forum Installation
    Replies: 57
    Last Post: 06-13-2011, 01:55 PM
  2. Replies: 7
    Last Post: 02-03-2011, 07:01 AM
  3. fresh install down may be due to tomcat
    By gon in forum Installation
    Replies: 10
    Last Post: 07-25-2007, 08:09 AM
  4. DynDNS and Zimbra
    By afterwego in forum Installation
    Replies: 30
    Last Post: 04-01-2007, 03:34 PM
  5. receiveing mail
    By maybethistime in forum Administrators
    Replies: 15
    Last Post: 12-09-2005, 04:55 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •