Page 1 of 2 12 LastLast
Results 1 to 10 of 12

Thread: [SOLVED] zmtlsctl broke install

  1. #1
    babytof is offline Junior Member
    Join Date
    May 2008
    Location
    France
    Posts
    9
    Rep Power
    6

    Default [SOLVED] zmtlsctl broke install

    Hi all,
    Since yesterday my Zimbra installation was working fine. I want to free port 80 so I run a:
    Code:
    su - zimbra
    zmtlsctl https
    zmcontrol stop
    zmcontrol start
    but since that, all incoming email go to the deferred queue. Looking in logs I got:
    Code:
    , relay=127.0.0.1[127.0.0.1]:10024, delay=9604, delays=9603/0.03/0.01/0.01, dsn=4.4.2, status=deferred (lost connecti
    on with 127.0.0.1[127.0.0.1] while sending RCPT TO)
     postfix/qmgr[9441]: warning: connect to transport retry: No such file or directory
    May 22 10:28:53 nsXXXX postfix/qmgr[9441]: warning: connect to transport retry: No such file or directory
    cat /etc/shadow:
    Code:
    zimbra::14014:0:99999:7:::
    trying to log through ssh:
    Code:
    root@ns:~# su - zimbra
    zimbra@nsXXXX:~$ ssh -vi .ssh/zimbra_identity -o strictHostKeyChecking=no zimbra@nsXXXXX..XXX.XX
    OpenSSH_4.2p1 Debian-7ubuntu3.1, OpenSSL 0.9.8a 11 Oct 2005
    debug1: Reading configuration data /etc/ssh/ssh_config
    debug1: Applying options for *
    debug1: Connecting to nsXXXX.XX.XX [xx.xx.xx.xx] port 22.
    debug1: Connection established.
    debug1: identity file .ssh/zimbra_identity type 2
    debug1: Remote protocol version 2.0, remote software version OpenSSH_4.2p1 Debian-7ubuntu3.1
    debug1: match: OpenSSH_4.2p1 Debian-7ubuntu3.1 pat OpenSSH*
    debug1: Enabling compatibility mode for protocol 2.0
    debug1: Local version string SSH-2.0-OpenSSH_4.2p1 Debian-7ubuntu3.1
    debug1: SSH2_MSG_KEXINIT sent
    debug1: SSH2_MSG_KEXINIT received
    debug1: kex: server->client aes128-cbc hmac-md5 none
    debug1: kex: client->server aes128-cbc hmac-md5 none
    debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
    debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
    debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
    debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
    debug1: Host 'nsXXX.XX.XX' is known and matches the RSA host key.
    debug1: Found key in /opt/zimbra/.ssh/known_hosts:1
    debug1: ssh_rsa_verify: signature correct
    debug1: SSH2_MSG_NEWKEYS sent
    debug1: expecting SSH2_MSG_NEWKEYS
    debug1: SSH2_MSG_NEWKEYS received
    debug1: SSH2_MSG_SERVICE_REQUEST sent
    debug1: SSH2_MSG_SERVICE_ACCEPT received
    debug1: Authentications that can continue: publickey,password
    debug1: Next authentication method: publickey
    debug1: Offering public key: .ssh/zimbra_identity
    debug1: Remote: Forced command: /opt/zimbra/libexec/zmrcd
    debug1: Server accepts key: pkalg ssh-dss blen 433
    debug1: read PEM private key done: type DSA
    debug1: Remote: Forced command: /opt/zimbra/libexec/zmrcd
    debug1: Authentication succeeded (publickey).
    debug1: channel 0: new [client-session]
    debug1: Entering interactive session.
    
    ERROR: Invalid hostlist
    debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
    debug1: channel 0: free: client-session, nchannels 1
    Connection to nsXX.XX.XX closed.
    debug1: Transferred: stdin 0, stdout 0, stderr 39 bytes in 4.8 seconds
    debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 8.2
    debug1: Exit status 1
    I then try to revert back with a "zmtlsctl http" but still got the problem.

    version:
    Code:
    Release 5.0.5_GA_2201.UBUNTU6 UBUNTU6 NETWORK edition
    Can someone help me that ?

  2. #2
    uxbod's Avatar
    uxbod is offline Moderator
    Join Date
    Nov 2006
    Location
    UK
    Posts
    8,016
    Rep Power
    24

    Default

    Welcome to the forums

    As you have changed the web server mode you may need to fix the SMTP authentication aswell :- SMTP Auth Problems - Zimbra :: Wiki

  3. #3
    babytof is offline Junior Member
    Join Date
    May 2008
    Location
    France
    Posts
    9
    Rep Power
    6

    Default

    Yes I already read that
    Code:
    zimbra@nsXX:~$ zmprov getServer nsXX.XX | grep Auth
    zimbraMtaAuthEnabled: TRUE
    zimbraMtaAuthHost: nsXX.XX
    zimbraMtaAuthTarget: TRUE
    zimbraMtaAuthURL: https://nsXX.XX/service/soap/
    zimbraMtaTlsAuthOnly: TRUE
    zimbra@nsXX:~$ zmprov getServer nsXXXX | grep Mode
    zimbraBackupMode: Standard
    zimbraMailMode: https
    zimbraMailReferMode: wronghost
    zimbraReverseProxyImapStartTlsMode: only
    zimbraReverseProxyPop3StartTlsMode: only
    Thanks for your help

  4. #4
    babytof is offline Junior Member
    Join Date
    May 2008
    Location
    France
    Posts
    9
    Rep Power
    6

    Default

    What type of return should I get with :
    Code:
    root@ns:~# su - zimbra
    zimbra@nsXXXX:~$ ssh -vi .ssh/zimbra_identity -o strictHostKeyChecking=no zimbra@nsXXXXX..XXX.XX
    Exploring in verbose mode it seems to me that I've not an authentication problem but I get no bash login prompt. The process wait until I send a character and then exit with "connection close"

    It that correct behavior ?

    Thanks

  5. #5
    babytof is offline Junior Member
    Join Date
    May 2008
    Location
    France
    Posts
    9
    Rep Power
    6

    Default

    after lots of researchs and tests I can't find a way to have a stable zimbra install. Sometimes emails are received correctly, sometimes they get stucks in the deferred queue. It seems that it depends mainly on the AV/AS config: sometimes I need to disable AS to receive email, sometimes not !
    One constant: I found that everytime email works I have a "relay=mon.serveur[XX.XX.XX.XX]:7025" line in zimbra.log and a "relay=127.0.0.1[127.0.0.1]:10024" when they are deferred.
    I'm not sure if internal communication should be on the public IP or the internal 127.0.0.1.

    Any clue on that ?

    Thanks a lot for helping

  6. #6
    uxbod's Avatar
    uxbod is offline Moderator
    Join Date
    Nov 2006
    Location
    UK
    Posts
    8,016
    Rep Power
    24

    Default

    Amavis should be communicating on the localhost address. If you are getting deferred messages then you need to check your DNS setup. Please provide the following
    Code:
    cat /etc/hosts
    cat /etc/resolv.conf
    dig _domainname_ mx
    dig _domainname_ any
    host `hostname` <- note backticks and not double quotes

  7. #7
    babytof is offline Junior Member
    Join Date
    May 2008
    Location
    France
    Posts
    9
    Rep Power
    6

    Default

    Thanks for your help, here is what you ask for:

    root@ns38128:~# cat /etc/hosts
    # Do not remove the following line, or various programs
    # that require network functionality will fail.
    127.0.0.1 localhost.localdomain localhost
    91.121.11.58 ns38128.ovh.net ns38128 mail mail.ns38128.ovh.net maprofession.com
    # The following lines are desirable for IPv6 capable hosts
    #(added automatically by netbase upgrade)
    ::1 ip6-localhost ip6-loopback
    feo0::0 ip6-localnet
    ff00::0 ip6-mcastprefix
    ff02::1 ip6-allnodes
    ff02::2 ip6-allrouters
    ff02::3 ip6-allhosts
    root@ns38128:~# cat /etc/resolv.conf
    nameserver 127.0.0.1
    nameserver 91.121.11.58
    nameserver 213.186.33.99
    root@ns38128:~# dig maprofession.com mx

    ; <<>> DiG 9.3.2 <<>> maprofession.com mx
    ;; global options: printcmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 60057
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 3

    ;; QUESTION SECTION:
    ;maprofession.com. IN MX

    ;; ANSWER SECTION:
    maprofession.com. 86221 IN MX 1 ns38128.ovh.net.

    ;; AUTHORITY SECTION:
    maprofession.com. 86215 IN NS dns11.ovh.net.
    maprofession.com. 86215 IN NS ns11.ovh.net.

    ;; ADDITIONAL SECTION:
    ns38128.ovh.net. 604800 IN A 91.121.11.58
    ns11.ovh.net. 109560 IN A 213.251.128.130
    dns11.ovh.net. 112765 IN A 213.251.188.130

    ;; Query time: 0 msec
    ;; SERVER: 127.0.0.1#53(127.0.0.1)
    ;; WHEN: Wed May 28 09:23:15 2008
    ;; MSG SIZE rcvd: 152
    root@ns38128:~# dig maprofession.com any

    ; <<>> DiG 9.3.2 <<>> maprofession.com any
    ;; global options: printcmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29956
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 2, ADDITIONAL: 3

    ;; QUESTION SECTION:
    ;maprofession.com. IN ANY

    ;; ANSWER SECTION:
    maprofession.com. 86200 IN MX 1 ns38128.ovh.net.
    maprofession.com. 86194 IN NS ns11.ovh.net.
    maprofession.com. 86194 IN NS dns11.ovh.net.
    maprofession.com. 86194 IN A 91.121.20.26

    ;; AUTHORITY SECTION:
    maprofession.com. 86194 IN NS dns11.ovh.net.
    maprofession.com. 86194 IN NS ns11.ovh.net.

    ;; ADDITIONAL SECTION:
    ns38128.ovh.net. 604800 IN A 91.121.11.58
    ns11.ovh.net. 109539 IN A 213.251.128.130
    dns11.ovh.net. 112744 IN A 213.251.188.130

    ;; Query time: 0 msec
    ;; SERVER: 127.0.0.1#53(127.0.0.1)
    ;; WHEN: Wed May 28 09:23:36 2008
    ;; MSG SIZE rcvd: 196
    root@ns38128:~# host `hostname`
    ns38128.ovh.net has address 91.121.11.58
    ns38128.ovh.net mail is handled by 10 mail.ns38128.ovh.net.

  8. #8
    uxbod's Avatar
    uxbod is offline Moderator
    Join Date
    Nov 2006
    Location
    UK
    Posts
    8,016
    Rep Power
    24

    Default

    Hmmm, your server is reporting its hostname as ns38128.ovh.net, with the primary MX for it being mail.ns38128.ovh.net. Therefore your hosts file should look like
    Code:
    127.0.0.1 localhost.localdomain localhost
    91.121.11.58 mail.ns38128.ovh.net ns38128.ovh.net ns38128 mail
    what is maprofession.com ? as the digs you have performed were against that domain and not ovh.net ?

  9. #9
    babytof is offline Junior Member
    Join Date
    May 2008
    Location
    France
    Posts
    9
    Rep Power
    6

    Default

    ns38128.ovh.net is the name of the server
    I need to manage mail for 2 domains and maprofession.com is the second domain. My tests where run on the maprofession.com domain, this is why I put the dig on that domain.

  10. #10
    uxbod's Avatar
    uxbod is offline Moderator
    Join Date
    Nov 2006
    Location
    UK
    Posts
    8,016
    Rep Power
    24

    Default

    Okay so your hosts file should look like
    Code:
    127.0.0.1 localhost.localdomain localhost
    91.121.11.58 ns38128.ovh.net ns38128
    you do not need to add maprofession.com into it, you just need a MX record for that domain which points to host ns38128.ovh.net. And then for the ovh.net domain you will require two records
    Code:
    IN MX 10 ns38128
    ns38128 IN A 91.121.11.58
    once these changes have been made run the same checks again and post please.

Page 1 of 2 12 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. install oss fc7 not run well
    By epelaez in forum Installation
    Replies: 1
    Last Post: 03-05-2008, 03:26 PM
  2. changing zimbraAdmin to 8443 broke my install
    By illscientific in forum Installation
    Replies: 5
    Last Post: 11-10-2007, 05:40 PM
  3. Replies: 21
    Last Post: 09-27-2007, 11:49 AM
  4. Replies: 16
    Last Post: 11-29-2006, 10:36 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •