Guide updated on 29th of February 2016

Test authentification


Now we should be able to authenticate through POP3, POP3-SSL, IMAP, IMAP-SSL

Test courier-authlib

I suppose you still have the dummy account created when we've tested qmail

Check first if the created account is still there (without testing the authentification)

/home/vpopmail/bin/vuserinfo test@test.com

You should have an answer like this:

name: test
passwd: $1$E6ZeM1cj$B6/2kgZgjtycVtHteTPOC1
clear passwd: brol2
comment/gecos: test
uid: 0
gid: 0
flags: 0
gecos: test
limits: No user limits set.
dir: /home/vpopmail/domains/0/test.com/test
quota: NOQUOTA
usage: NOQUOTA
account created: Thu Jul 15 16:02:29 2010
last auth: Never logged in

If the account do no exist, please create it by following instructions on the test qmail page

Test now the authentification process

/usr/sbin/authtest postmaster@test.com brol
/usr/sbin/authtest test@test.com brol2

You should have an answer like this:

Authenticated: test@test.com (uid 89, gid 89)
Home Directory: /home/vpopmail/domains/test.com/test
Maildir: (none)
Quota: (none)
Encrypted Password: $1$Atj/HMvq$UBXjgO0sGl2Jy22b0Du0
Cleartext Password: brol2
Options: disablewebmail=0,disablepop3=0,disableimap=0

This is the sign authlib is working well!

HINT : Most of the authentification problems here are linked to /etc/courier/authmysqlrc configured in previous step

Test POP3 service

Let's test your new server's POP3 service...

telnet localhost 110

You should see something like this:

Trying 127.0.0.1...
Connected to localhost.localdomain.
Escape character is '^]'.
+OK Hello there.
user test@test.com
+OK Password required.
pass bril
-ERR Login failed.
pass brol2
+OK logged in.
quit
+OK Bye-bye.

This is the sign of a successfull POP connection to the server!

Test POP3-SSL service

Let's test your new server's POP3-SSL service...

openssl s_client -connect localhost:995 -quiet

You should see something like this:

depth=0 /C=US/ST=NY/L=New York/O=Courier Mail Server/OU=Automatically-generated POP3 SSL key/CN=localhost/emailAddress=postmaster@example.com
verify error:num=18:self signed certificate
verify return:1
depth=0 /C=US/ST=NY/L=New York/O=Courier Mail Server/OU=Automatically-generated POP3 SSL key/CN=localhost/emailAddress=postmaster@example.com
verify return:1
+OK Hello there.
user test@test.com
+OK Password required.
pass brol2
+OK logged in.
quit
+OK Bye-bye.

Test IMAP service

Let's test your new server's IMAP service...

telnet localhost 143

You should see something like this:

Trying 127.0.0.1...
Connected to localhost.localdomain.
Escape character is '^]'.
* OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE ACL ACL2=UNION STARTTLS] Courier-IMAP ready. Copyright 1998-2005 Double Precision, Inc. See COPYING for distribution information.
a login test@test.com brol2
a OK LOGIN Ok.
a logout
* BYE Courier-IMAP server shutting down
a OK LOGOUT completed

This is the sign of a successfull IMAP connection to the server!

HINT : The "a" that you see before the login commands is required.

Test IMAPS service

Let's test your new server's IMAP-SSL service...

openssl s_client -connect localhost:993 -quiet

You should see something like this:

depth=0 /C=US/ST=NY/L=New York/O=Courier Mail Server/OU=Automatically-generated IMAP SSL key/CN=localhost/emailAddress=postmaster@example.com
verify error:num=18:self signed certificate
verify return:1
depth=0 /C=US/ST=NY/L=New York/O=Courier Mail Server/OU=Automatically-generated IMAP SSL key/CN=localhost/emailAddress=postmaster@example.com
verify return:1
* OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE AUTH=PLAIN ACL ACL2=UNION] Courier-IMAP ready. Copyright 1998-2008 Double Precision, Inc. See COPYING for distribution information.
a login test@test.com brol2
a OK LOGIN Ok.
a logout
* BYE Courier-IMAP server shutting down
a OK LOGOUT completed

This is the sign of a successfull IMAPS connection to the server!

Delete the test acccount

/home/vpopmail/bin/vdeluser test@test.com
/home/vpopmail/bin/vdeldomain test.com

Monitor through MRTG


Users comments
Thibs - 26/03/2015 16:01

Try

grep passwd /etc/courier/authmysqlrc

to check where this 'passwd' table is defined

Giulio - 23/03/2015 09:16

Hi,

I made "cut & paste"...
I think Yes...apparently.

 

Thibs - 18/03/2015 19:52

Hello Giulio 

Does the query defined in MYSQL_SELECT_CLAUSE correspond to what you can see in configure-courier.php ? (especially the "from" part) ?

Giulio - 16/03/2015 11:50

Hi, I activated Debug in /etc/courier/authdaemonrc..

This is what I found:

mailserver authdaemond: mysql_query failed, reconnecting: Table 'vpopmail.passwd' doesn't exist

I cannot find where the query is defined, because there is a table named vpopmail...and not vpopmail.passwd;

Thanks

Giulio

Giulio - 16/03/2015 11:28

Hi
I installed debian 7.4 (updated).
I'm struggling with :

root@mailserver:~# /home/vpopmail/bin/vuserinfo giulio@mailserver.cad
name:   giulio
passwd: $1$z3tMCyIs$habeokq9aYKmRSqHAZwMT1
clear passwd: ronin064
comment/gecos: Giulio
uid:    0
gid:    0
flags:  0
gecos: Giulio
limits: No user limits set.
dir:       /home/vpopmail/domains/mailserver.cad/giulio.nuti
quota:     NOQUOTA
usage:     NOQUOTA
account created: Mon Mar 16 01:46:44 2015
last auth: Never logged in

/usr/sbin/authtest giulio@mailserver.cad ronin064
Authentication FAILED: Input/output error

In /var/log/qmail/qmail-smtpd
qmail-smtpd[6936]: MFCHECK pass [192.168.1.64] mailserver.cad
qmail-smtpd[6936]: MAIL FROM:<giulio@mailserver.cad>
qmail-smtpd[6936]: RCPT TO:<xxxx@mailserver.cad>
948d8c simscan:[6936]:RELAYCLIENT:0.0116s:-:192.168.1.64:giulio@mailserver.cad:pina@mailserver.cad
tcpserver: end 6936 status 0
tcpserver: status: 0/30

 mailserver pop3d: authentication error: Input/output error

I can't figure out which is the problem...
I deleted and re-created the accounts... Nothing changes...

Thanks
Giulio

Thibs - 28/02/2015 14:09

Hello Gordon,

What is the result of 

pyzor ping

Check the permission of the file /etc/mail/spamassassin/servers (it should be 644)

root@harrenhal:~# ls -lah /etc/mail/spamassassin/servers
-rw-r--r-- 1 root root 23 Feb 16 17:10 /etc/mail/spamassassin/servers
Gordon - 24/02/2015 06:45

Hi,

I have followed your guideusing debian 7.8, looks like most things are working except inbound mail. see error below

spamd[4034]: pyzor: check failed: internal error, python traceback seen in response

Looking on the web suggests it's a permission error, but i'm a newbie so wanted check with you if this is a known issue on the gyuide, or have i dobe something wrong, all help would be greatly received.

 

Thx

G

 

Tomaszg - 23/02/2013 10:12

For EVERYone who hits this error: purge all broken links from /etc/ssl/certs/ directory, like this one:

/etc/ssl/certs/1afa10c2.0 -> /etc/mail/tls/sendmail-client.crt

or

/etc/ssl/certs/8b14ccc1.0

Tomaszg - 23/02/2013 09:41

Ok, errno=104 is OS related problem. From syslog:

Feb 23 10:38:42 myhost imapd-ssl: couriertls: /etc/courier/imapd.pem: error:02001002:system library:fopen:No such file or directory
Feb 23 10:38:45 myhost pop3d-ssl: couriertls: /etc/ssl/certs/1afa10c2.0: No such file or directory
Tomaszg - 23/02/2013 08:57

Now stuck @:

 

openssl s_client -connect localhost:995 -quiet

write:errno=104

openssl s_client -connect localhost:993 -quiet
write:errno=104

And again I don't know what I missed, regenerated certificates, permissions to cert are fine.. :) ehh

 

Thibs - 31/01/2013 22:10

The answer is in your message :

"Unknown MySQL server host 'localhost ..'" : it means that MySQL has not been installed as explained on http://qmailrocks.thibs.com/package-install.php#mysql

Please follow this guide from the beginning

Md. abul kalam azad - 31/01/2013 11:35

authentification process failed when applying command:

/usr/sbin/authtest postmaster@test.com brol
/usr/sbin/authtest test@test.com brol2

and get error in log:

Jan 31 05:30:01 dns authdaemond: failed to connect to mysql server (server=localhost .., userid=vpopmailuser.): Unknown MySQL server host 'localhost ..' (1)


 Please help me to solve this problem

Tomaszg - 11/04/2012 11:02

 

Ok found root cause after invoking:

qmailctl restart

in /var/log/qmail/qmail-smtpdssl/current

entry:

sslserver: fatal: unable to load certificate

Then I've realised permissions weren't ok.

So I did again this part:

cd /var/qmail/control
chmod 640 servercert.pem
chown vpopmail:vchkpw servercert.pem
rm clientcert.pem
cp servercert.pem clientcert.pem
chown root:qmail clientcert.pem
chmod 640 clientcert.pem

and it worked.

Don't know why it stopped working..

Tomaszg - 11/04/2012 10:41

We just had power failure and server went offline due battery discharged.

Now it's back online, seems that it can receive emails (995 works), but SMTP-SSL on port 465 doesn't work:

openssl s_client -crlf -connect localhost:465 -quiet
connect: Connection refused
connect:errno=111

Port 465 does not figure on list:

netstat -tupan | grep LISTEN

Investigating..

Thibs - 06/03/2012 18:20

@Wayne : I've done a page explicitely for an update http://qmailrocks.thibs.com/upgrade-from-qmailrocks.php

Wayne - 23/09/2011 04:14

Absolutely great site Mr. Thibs, well thought out and professionaly presented.

Just a helpful hint I hope! Should one ever get errors like 'permission denied/ login failed' here during the tests, along with 'chdir(..) failed!' it could be because the uid of vpopmail created at "create needed users/groups" does not match the uid specified in the select clause at "configure courier and courier-authlib".

This happened to me because I must migrate an existing qmail/vpopmail site and use those uid/gid numbers.

Again, thanks

p.s. I built a new debian box 6.0.2.1 amd64 and everything installed and worked perfectly.

Thibs - 22/09/2011 20:47

@Rashed : Did you follow my tips :

HINT : Most of the authentification problems here are due to white space before or after login/password in /etc/courier/authmysqlrc configured in previous step

I can try helping you but it's not always easy to guess the problem only with messages in this forum

Rashed mhabub - 22/09/2011 11:43

When I execute

/usr/sbin/authtest postmaster@test.com brol

It shows 'Authentication FAILED: Input/output error.'

in the /etc/courier/authmysqlrc file i have copy and paste your sample given here and then replace password by 'bestway'  but i think it is not configured ok. Could you please help me.

Thibs - 19/09/2011 20:28

Hello Escu,

This page is about getting the received mail from the server and your error message seems to be about sending e-mails from your client machine to Internet through your server.

Did you suceed with the tests on page test-qmail.php ?

Escu - 18/09/2011 11:24

Installerd ok, Tested ok, but..when i try to test with microsoft outlook - i got several errors:

1. ssl - cannot authentificate.

2. non-ssl - authentificate but can't send e-mail: none of the authentification methods supported by this client are supported by your server.

Thibs - 01/09/2011 14:10

@Qmailix : If you have followed this step, you've installed John M. Simpson's combined patches

As you can see on his explanation page, it uses qmail-smtpd-auth which is an adaptation of the original patch. For security reason, AUTH is only available for SSL connections

You have an authentification sample on this page

Qmailix - 01/09/2011 12:45

What about SMTP auth??? It doesn't seem to work for me and it is not mentioned here, so is it not included?? I thought the original QMR guide included it?? What did I miss? Any help muchly appreciated. Thanx

Thibs - 27/08/2011 20:58

David : you right ! Open bugs (e.g.: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=426062) exists about this subject in Debian bugs system.

That's the reason why on http://qmailrocks.thibs.com/configure-courier.php I first delete the *.pem files and ten re-create the symlinks

David - 27/08/2011 14:40

When testing the IMAPS and POP3-SSL courier would fail with "write:errno=104".

Looking at the logs I found this:

imapd-ssl: couriertls: /etc/ssl/certs/edc85c27.0: No such file or directory

I figured I tripped up at generating the certificates so I retracted my steps from there.

Turns out dpkg-reconfigure for the courier packages did create a symlink in /etc/ssl/certs/ to a now missing certificate that was removed when I purged the sendmail MTA at an earlier step.

Couldn't precisely figure out why that was, but after fixing the symlink everything appeared to function fine.

Prado - 24/03/2011 07:55

I received an error when testing IMAP service - after

a login test@test.com brol2": "* OK [ALERT] Filesystem notification initialization error -- contact your mail administrator
 (check for configuration errors with the FAM/Gamin library)


Fixed it with this:

http://www.tutorialnut.com/index.php/2010/05/18/quick-fix-filesystem-notification-initialization-error-contact-your-mail-administrator-check-for-configuration-errors-with-the-famgamin-library/

 

Thibs - 20/10/2010 17:48

Did you install imap package as described on http://qmailrocks.thibs.com/package-install.php#courier and did you configure it as described on  http://qmailrocks.thibs.com/configure-courier.php ?

Mabiala kienda - 06/10/2010 10:14

I received an error to access IMAP - NO Error in IMAP command received by server

And when a tray to connect to my mail i received an error - Connection to IMAP server failled

I need help


Color Coded Qmail Installation Key
  Regular Black Text     Qmail installation notes and summaries by the author.
  Bold Black Text     Commands to be run by you, the installer.
  Bold/Regular Red Text    Vital and/or critical information.
  Regular Blue text     Denotes helpful tips and hints or hyperlinks.
  Regular Orange Text     Command line output.
  Bold/Regular green text     Denotes the contents of a file or script.