$10 тому кто поможет настроить sendmail

[Umka]

разозлился и снес все нафиг. Начал ставить exim и dovecot по статье http://www.murphy.pp.ru/docs/kak-stavit-eximdovecot/
Вроде все стоит, но при подключении клиента пишет - хост разорвал соединение. А в логах вот что:

exim -

Код: Выделить всё

2008-02-28 22:09:42 socket bind() to port 25 for address (any IPv6) failed: Address already in use: waiting 30s before trying again (2 more tries)
2008-02-28 22:10:12 socket bind() to port 25 for address (any IPv6) failed: Address already in use: waiting 30s before trying again (1 more try)
2008-02-28 22:10:42 socket bind() to port 25 for address (any IPv6) failed: Address already in use: daemon abandoned
2008-02-28 22:11:03 exim 4.69 daemon started: pid=3336, -q30m, listening for SMTP on port 25 (IPv6 and IPv4) port 465 (IPv6 and IPv4) port 587 (IPv6 and IPv4)
2008-02-28 22:11:03 Start queue run: pid=3337
2008-02-28 22:11:04 1JTOt6-0000AE-DE == www@fitsudzha.net routing defer (-51): retry time not reached
2008-02-28 22:11:04 1JTOB6-000PgR-So == umka@fitsudzha.net routing defer (-51): retry time not reached
2008-02-28 22:11:04 1JTNx4-000PV1-Nn == root@fitsudzha.net routing defer (-51): retry time not reached
2008-02-28 22:11:04 1JTNFW-000Ote-JW == root@fitsudzha.net routing defer (-51): retry time not reached
2008-02-28 22:11:04 1JTN5s-000Okx-Cu == root@fitsudzha.net routing defer (-51): retry time not reached
2008-02-28 22:11:04 1JTN10-000Ogb-Uv == root@fitsudzha.net routing defer (-51): retry time not reached

и

Код: Выделить всё

2008-02-28 22:04:02 socket bind() to port 25 for address (any IPv6) failed: Address already in use: daemon abandoned
2008-02-28 22:05:38 socket bind() to port 25 for address (any IPv6) failed: Address already in use: daemon abandoned
2008-02-28 22:09:37 1JTNx4-000PV1-Nn failed to expand "${lookup mysql{SELECT domain FROM domains WHERE domain='${domain}' AND (type='LOCAL' OR type='VIRTUAL')}}" while checking a list: lookup of "SELECT domain FROM domains WHERE domain='fitsudzha.net' AND (type='LOCAL' OR type='VIRTUAL')" gave DEFER: MYSQL connection failed: Access denied for user 'mailuser'@'localhost' (using password: YES)
2008-02-28 22:10:42 socket bind() to port 25 for address (any IPv6) failed: Address already in use: daemon abandoned

- это я из теленета пытался отправить, логин не приняла...

а в maillog

Код: Выделить всё

Feb 28 05:14:10 fitsudzha newsyslog[490]: logfile first created
Feb 28 05:14:15 fitsudzha authdaemond: modules="authmysql", daemons=5
Feb 28 05:14:15 fitsudzha authdaemond: Installing libauthmysql
Feb 28 05:14:16 fitsudzha authdaemond: Installation complete: authmysql
Feb 28 05:14:48 fitsudzha sm-mta[787]: gethostbyaddr(192.168.50.200) failed: 2
Feb 28 05:14:48 fitsudzha sm-mta[788]: starting daemon (8.14.2): SMTP+queueing@00:30:00
Feb 28 05:14:48 fitsudzha sm-msp-queue[791]: starting daemon (8.14.2): queueing@00:30:00
Feb 28 07:15:04 fitsudzha sm-mta[5578]: m1S4F1rL005578: [192.168.50.31] did not issue MAIL/EXPN/VRFY/ETRN during connection to IPv4
Feb 28 07:15:35 fitsudzha sm-mta[5682]: m1S4FXJS005682: [192.168.50.31] did not issue MAIL/EXPN/VRFY/ETRN during connection to MSA
Feb 28 19:31:08 fitsudzha sm-mta[61230]: m1SGV6gp061230: ruleset=check_rcpt, arg1=<tackycrap@hushmail.com >, relay=[58.242.148.52], reject=550 5.7.1 <tackycrap@hushmail.com >... Relaying denied. IP name lookup failed [58.242.148.52]
Feb 28 19:31:09 fitsudzha sm-mta[61230]: m1SGV6gp061230: lost input channel from [58.242.148.52] to IPv4 after rcpt
Feb 28 19:31:09 fitsudzha sm-mta[61230]: m1SGV6gp061230: from=<freakshow@rock.com>, size=0, class=0, nrcpts=0, proto=SMTP, daemon=IPv4, relay=[58.242.148.52]
Feb 28 22:11:58 fitsudzha pop3d: /usr/local/sbin/pop3login: No such file or directory
Feb 28 22:31:16 fitsudzha imapd: /usr/local/sbin/imaplogin: No such file or directory
Feb 28 22:31:50 fitsudzha imapd: /usr/local/sbin/imaplogin: No such file or directory

В какую сторону копать?

[Хостинг HostFood.ru]

Тарифы на хостинг в России, от 12 рублей: https://www.host-food.ru/tariffs/hosting/
Тарифы на виртуальные сервера (VPS/VDS/KVM) в РФ, от 189 руб.: https://www.host-food.ru/tariffs/virtualny-server-vps/
Выделенные сервера, Россия, Москва, от 2000 рублей (HP Proliant G5, Intel Xeon E5430 (2.66GHz, Quad-Core, 12Mb), 8Gb RAM, 2x300Gb SAS HDD, P400i, 512Mb, BBU):
https://www.host-food.ru/tariffs/vydelennyi-server-ds/
Недорогие домены в популярных зонах: https://www.host-food.ru/domains/

[npu3pak]

MYSQL connection failed: Access denied for user 'mailuser'@'localhost' (using password: YES)

посмотри как выдавать права юзерам в mysql на базу данных - ключевые команды grant - рыть документацию mysql
таблицу существующих юзверей для mysql смотреть кажется так

mysql> use mysql;
mysql> select User,Password from user;
можно конечно поселектить всё но там дохрена параметров

2008-02-28 22:09:42 socket bind() to port 25 for address (any IPv6) failed: Address already in use: waiting 30s before trying again (2 more tries)
2008-02-28 22:10:12 socket bind() to port 25 for address (any IPv6) failed: Address already in use: waiting 30s before trying

что за демон занимал 25й порт до этого? или это так экзим презапускается?
и насчет статей - у лиссяры есть стопроцентно рабочий вариант - смотри на сайте, статьи раздел почтовые системы.

Feb 28 22:11:58 fitsudzha pop3d: /usr/local/sbin/pop3login: No such file or directory
Feb 28 22:31:16 fitsudzha imapd: /usr/local/sbin/imaplogin: No such file or directory
Feb 28 22:31:50 fitsudzha imapd: /usr/local/sbin/imaplogin: No such file or directory

что-то лажа какая то, куда бынарники стырили?
имхо надо обновить порты и поставить dovecot заново, но чтото я не припомню чтобы у dovecot такие бинарники были

и покажи сись.. тфу, конфиги)

[hizel]

/me плакаю под столом
лучше уж сись... показал бы

мыслю стоит копать в сторону технического английского без словаря

[Alex Keda]

Код: Выделить всё

/admin/

[um-ka]

npu3pak, с мускулем все в порядке, это полный лог,с настройкой и вводом паролей. А вот бинарники... пошел искать.
hizel, замечательные и полезные советы даете. Так и я умею...
lissyara ась?

[um-ka]

Перегрузил сервер, старые хвосты пропали. теперь с директорией пользователя проблемы

Код: Выделить всё

dovecot: Feb 29 06:36:08 Info: auth-worker(default): mysql: Connected to localhost (mail)
dovecot: Feb 29 06:36:15 Info: imap-login: Login: user=<umka>, method=PLAIN, rip=82.211.152.13, lip=77.243.5.34
dovecot: Feb 29 06:36:15 Error: IMAP(umka): stat(/var/mail//umka/cur) failed: Not a directory
dovecot: Feb 29 06:36:16 Error: IMAP(umka): open() failed with subscription file /var/mail//umka/subscriptions: Not a directory
dovecot: Feb 29 06:36:16 Error: IMAP(umka): stat(/var/mail//umka/cur) failed: Not a directory
dovecot: Feb 29 06:36:16 Error: IMAP(umka): stat(/var/mail//umka/cur) failed: Not a directory
dovecot: Feb 29 06:37:10 Info: IMAP(umka): Disconnected: Logged out

пошел курить документацию.

[npu3pak]

Перегрузил сервер, старые хвосты пропали. теперь с директорией пользователя проблемы

Код: Выделить всё

dovecot: Feb 29 06:36:08 Info: auth-worker(default): mysql: Connected to localhost (mail)
dovecot: Feb 29 06:36:15 Info: imap-login: Login: user=<umka>, method=PLAIN, rip=82.211.152.13, lip=77.243.5.34
dovecot: Feb 29 06:36:15 Error: IMAP(umka): stat(/var/mail//umka/cur) failed: Not a directory
dovecot: Feb 29 06:36:16 Error: IMAP(umka): open() failed with subscription file /var/mail//umka/subscriptions: Not a directory
dovecot: Feb 29 06:36:16 Error: IMAP(umka): stat(/var/mail//umka/cur) failed: Not a directory
dovecot: Feb 29 06:36:16 Error: IMAP(umka): stat(/var/mail//umka/cur) failed: Not a directory
dovecot: Feb 29 06:37:10 Info: IMAP(umka): Disconnected: Logged out

пошел курить документацию.

не нравится мне этот лишний слеш - в конфигах посмотри что прописано в качестве maildir для юзера.
ну и сделай чтото типа
ll /var/mail/
и
ll /var/mail/umka

чтобы посмотреть что диры там действительно существуют

[um-ka]

Таки нету там диров, я надеялся что они скриптом установки создадутся. Я вообще с IMAP не работал никогда (roundcube просит), что там хоть быть должно и с какими правами? ИМХО не дело в варе почту хранить, может на /usr переделать?

[um-ka]

не нравится мне этот лишний слеш - в конфигах посмотри что прописано в качестве maildir для юзера.

Да, лишний слеш настораживает. В конфиге только

Код: Выделить всё

default_mail_env = maildir:/var/mail/%d/%n

других записей maildir нету.

[um-ka]

Ага, нашел вот в /etc/dovecot-mysql.conf

Код: Выделить всё

password_query = SELECT password FROM users WHERE login = '%n' AND domain = '%d' AND status = '1'
user_query = SELECT uid, gid FROM users WHERE login = '%n' AND domain = '%d'

Не было домена... а в базе он есть. Роем дальше.

[_kirill_]

а создать базу не пробовал?

[um-ka]

Пробовал.

[Alex Keda]

оба...
а тут уже экзим поставили.
а я и пропустил - всё про админку советую ))

[um-ka]

Дык надо же чета делать. Поставил exim и dovecot по статье лиса, pop3 авторизация работает, smtp никак. В логах пусто. Я наверное скоро застрелю этот сервер. Третья неделя пошла...

[hizel]

sockstat предоставьте

2008-02-28 22:09:42 socket bind() to port 25 for address (any IPv6) failed: Address already in use: waiting 30s before trying again (2 more tries)
2008-02-28 22:10:12 socket bind() to port 25 for address (any IPv6) failed: Address already in use: waiting 30s before trying again (1 more try)
2008-02-28 22:10:42 socket bind() to port 25 for address (any IPv6) failed: Address already in use: daemon abandoned

это в логах продолжается?

[um-ka]

Что я мелю? Не работает imap авторизация!!!

Наверное лучше все по порядку:
Снес все что стояло раньше и поставил exim, dovecot и postfixadmin по статье Лиса (http://www.lissyara.su/?id=1173).
Postfixadmin немного буксует, не хочет создавать ящики из .../postfixadmin/admin//create-mailbox.php
Зато создает из .../postfixadmin/create-mailbox.php , но с этим я сам разрулю наверное.

Конфиг exim вот.

Код: Выделить всё

primary_hostname = mx.fitsudzha.net
hide mysql_servers = localhost/exim/exim/exim
domainlist local_domains = ${lookup mysql{SELECT `domain` FROM `domain` WHERE `domain`='${domain}' AND `active`='1'}}
domainlist relay_to_domains = ${lookup mysql{SELECT `domain` FROM `domain` WHERE `domain`='${domain}' AND `active`='1'}}
hostlist   relay_from_hosts = localhost:127.0.0.0/8:192.168.0.0/16
acl_smtp_rcpt = acl_check_rcpt
acl_smtp_data = acl_check_data
qualify_domain = fitsudzha.net
qualify_recipient = fitsudzha.net
allow_domain_literals = false
exim_user = mailnull
exim_group = mail
never_users = root
rfc1413_query_timeout = 0s
sender_unqualified_hosts = +relay_from_hosts
recipient_unqualified_hosts = +relay_from_hosts
ignore_bounce_errors_after = 45m
timeout_frozen_after = 15d
helo_accept_junk_hosts = 192.168.0.0/16
auto_thaw = 1h
smtp_banner = "$primary_hostname, ESMTP EXIM $version_number"
smtp_accept_max = 50
smtp_accept_max_per_connection = 25
smtp_connect_backlog = 30
smtp_accept_max_per_host = 20
split_spool_directory = true
remote_max_parallel = 15
return_size_limit = 70k
message_size_limit = 64M
helo_allow_chars = _
smtp_enforce_sync = false
log_selector =  +all_parents +connection_reject +incoming_interface +lost_incoming_connection +received_sender +received_recipients +smtp_confirmation +smtp_syntax_error +smtp_protocol_error -queue_run
syslog_timestamp = no
begin acl
acl_check_rcpt:
accept  hosts = :
deny    message = "incorrect symbol in address"
domains = +local_domains
local_parts   = ^[.] : ^.*[@%!/|]
deny    message = "incorrect symbol in address"
domains = !+local_domains
local_parts   = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
accept  local_parts = postmaster
domains = +local_domains
deny message = "HELO/EHLO require by SMTP RFC"
condition = ${if eq{$sender_helo_name}{}{yes}{no}}
accept  authenticated = *
deny message = "Your IP in HELO - access denied!"
hosts =  * : !+relay_from_hosts : !81-196.fitsudzha.net
condition     = ${if eq{$sender_helo_name}{$sender_host_address}{true}{false}}
deny condition = ${if eq{$sender_helo_name}{$interface_address}{yes}{no}}
hosts        = !127.0.0.1 : !localhost : *
message       = "main IP in your HELO! Access denied!"   
deny condition = ${if match{$sender_helo_name}{\N^\d+$\N}{yes}{no}}
hosts = !127.0.0.1 : !localhost : *
message = "can not be only number in HELO!"
deny message = "your hostname is bad (adsl, poll, ppp & etc)."
condition = ${if match{$sender_host_name} {adsl|dialup|pool|peer|dhcp} {yes}{no}}  
warn
 set acl_m0 = 30s
warn
hosts = +relay_from_hosts:77.243.5.0/28
 set acl_m0 = 0s
warn
logwrite = Delay $acl_m0 for $sender_host_name [$sender_host_address] with HELO=$sender_helo_name. Mail from $sender_address to $local_part@$domain.
delay = $acl_m0	
accept  domains = +local_domains
endpass
message = "In my mailserver not stored this user"
verify = recipient
accept  domains = +relay_to_domains
endpass
message = "main server not know how relay to this address"
verify  = recipient
deny message = "you in blacklist - $dnslist_domain \n $dnslist_text"
dnslists = opm.blitzed.org : cbl.abuseat.org : bl.csma.biz : dynablock.njabl.org
accept  hosts = +relay_from_hosts
deny message = "Homo hominus lupus est"
acl_check_data:
 deny malware = *
   message = "In e-mail found VIRUS - $malware_name"
accept   
begin routers
dnslookup:
  driver = dnslookup
  domains = ! +local_domains
  transport = remote_smtp
  ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
  no_more
system_aliases:
    driver = redirect
    allow_fail
    allow_defer
    data = ${lookup mysql{SELECT `goto` FROM `alias` WHERE `address`='${quote_mysql:$local_part@$domain}' OR `address`='${quote_mysql:@$domain}'}}
dovecot_user:
  driver = accept
  condition = ${lookup mysql{SELECT `goto` FROM `alias` WHERE `address`='${quote_mysql:$local_part@$domain}' OR `address`='${quote_mysql:@$domain}'}{yes}{no}}
transport = dovecot_delivery
begin transports
remote_smtp:
  driver = smtp
dovecot_delivery:
  driver = pipe
  command = /usr/local/libexec/dovecot/deliver -d $local_part@$domain
  message_prefix =
  message_suffix =
  delivery_date_add
  envelope_to_add
  return_path_add
  log_output
  user = mailnull
address_pipe:
driver = pipe
return_output
address_reply:
  driver = autoreply
begin retry
*                    *       F,2h,15m; G,16h,1h,1.5; F,4d,6h
begin rewrite
begin authenticators
auth_plain:
  driver = plaintext
  public_name = PLAIN
  server_condition = ${lookup mysql{SELECT `username` FROM `mailbox` WHERE `username` = '${quote_mysql:$auth2}' AND `password` = '${quote_mysql:$auth3}'}{yes}{no}}
  server_prompts = :
  server_set_id = $auth2  
auth_login:
  driver = plaintext
  public_name = LOGIN
  server_condition = ${lookup mysql{SELECT `username` FROM `mailbox` WHERE `username` = '${quote_mysql:$auth1}' AND `password` = '${quote_mysql:$auth2}'}{yes}{no}}
  server_prompts = Username:: : Password::
  server_set_id = $auth1  
auth_cram_md5:
  driver = cram_md5
  public_name = CRAM-MD5
  server_secret = ${lookup mysql{SELECT `password` FROM `mailbox` WHERE `username` = '${quote_mysql:$auth1}'}{$value}fail}
  server_set_id = $auth2  

Конфиг dovecot:

Код: Выделить всё

base_dir = /var/run/dovecot/
protocols = imap pop3
listen = *
ssl_disable = yes    
disable_plaintext_auth = no
shutdown_clients = yes
log_path = /var/log/dovecot
log_timestamp = "%b %d %H:%M:%S "
syslog_facility = mail
login_dir = /var/run/dovecot/login
login_chroot = yes
login_user = dovecot
login_process_size = 64
login_process_per_connection = yes
login_processes_count = 3
login_max_processes_count = 64
login_greeting = привет МЕДВЕД! ;) http://fitsudzha.net
login_log_format_elements = user=<%u> method=%m rip=%r lip=%l %c
login_log_format = %$: %s
verbose_proctitle = yes
first_valid_uid = 25
first_valid_gid = 0
mail_extra_groups = mail
default_mail_env = maildir:/var/mail/exim/%n@%d
umask = 0077 
protocol imap {
 imap_client_workarounds = delay-newmail outlook-idle \
}
protocol pop3 {
pop3_uidl_format = %08Xu%08Xv
pop3_client_workarounds = outlook-no-nuls oe-ns-eoh
}
protocol lda {
 postmaster_address = ***@list.ru
 auth_socket_path = /var/run/dovecot/auth-master
}
auth default {
mechanisms = plain
socket listen {
 master {
 path = /var/run/dovecot/auth-master
 mode = 0600
 user = mailnull
#group = mail
  }
 }
passdb sql { 
  args = /usr/local/etc/dovecot-sql.conf
}
 userdb sql {
 args = /usr/local/etc/dovecot-sql.conf
}
 user = root
 }
plugin {
} 

Вот лог Dovecot:

Код: Выделить всё

dovecot: Mar 03 23:19:42 Info: imap-login: Login: user=<****@fitsudzha.net>, method=PLAIN, rip=82.211.152.13, lip=77.243.5.34
dovecot: Mar 03 23:19:42 Error: IMAP(****@fitsudzha.net): Unknown client workaround: \
dovecot: Mar 03 23:19:42 Error: child 15543 (imap) returned error 89
dovecot: Mar 03 23:19:48 Info: imap-login: Login: user=<****@fitsudzha.net>, method=PLAIN, rip=82.211.152.13, lip=77.243.5.34
dovecot: Mar 03 23:19:48 Error: IMAP(****@fitsudzha.net): Unknown client workaround: \
dovecot: Mar 03 23:19:48 Error: child 15545 (imap) returned error 89
dovecot: Mar 04 03:00:00 Error: Time just moved backwards by 2 seconds. I'll sleep now until we're back in present. http://wiki.dovecot.org/TimeMovedBackwards
dovecot: Mar 04 03:00:03 Error: imap-login: Time just moved backwards by 2 seconds. I'll sleep now until we're back in present. http://wiki.dovecot.org/TimeMovedBackwards
dovecot: Mar 04 03:00:03 Error: imap-login: Time just moved backwards by 2 seconds. I'll sleep now until we're back in present. http://wiki.dovecot.org/TimeMovedBackwards

Вот mainlog Exim-a:

Код: Выделить всё

2008-03-03 13:01:39 unexpected disconnection while reading SMTP command from (77.243.5.34) [118.168.138.44] I=[77.243.5.34]:25
2008-03-03 13:32:23 H=(77.243.5.34) [118.168.138.44] I=[77.243.5.34]:25 F=<rurdhd@hotmail.com> rejected RCPT <toxxx@mail2000.com.tw>: "main IP in your HELO! Access denied!"
2008-03-03 13:32:23 unexpected disconnection while reading SMTP command from (77.243.5.34) [118.168.138.44] I=[77.243.5.34]:25
2008-03-03 14:02:24 H=(77.243.5.34) [118.168.138.44] I=[77.243.5.34]:25 F=<rurdhd@hotmail.com> rejected RCPT <toxxx@mail2000.com.tw>: "main IP in your HELO! Access denied!"
2008-03-03 14:02:26 unexpected disconnection while reading SMTP command from (77.243.5.34) [118.168.138.44] I=[77.243.5.34]:25
2008-03-03 17:04:44 exim 4.69 daemon started: pid=671, -q30m, listening for SMTP on port 25 (IPv6 and IPv4)
2008-03-03 19:53:26 no host name found for IP address 58.242.150.219
2008-03-03 19:53:26 Delay 30s for  [58.242.150.219] with HELO=mailer. Mail from opel@rock.com to boobwire@hushmail.com.
2008-03-03 19:54:18 DNS list lookup defer (probably timeout) for 219.150.242.58.opm.blitzed.org: assumed not in list
2008-03-03 19:54:30 H=(mailer) [58.242.150.219] I=[77.243.5.34]:25 F=<opel@rock.com> rejected RCPT <boobwire@hushmail.com >: "you in blacklist - bl.csma.biz 
2008-03-03 19:54:30 unexpected disconnection while reading SMTP command from (mailer) [58.242.150.219] I=[77.243.5.34]:25
2008-03-03 23:13:28 1JWH25-0003z6-Li SIGINT received while reading local message
2008-03-03 23:15:07 auth_plain authenticator failed for (localhost) [::1] I=[::1]:25: 535 Incorrect authentication data (set_id=admin@mydomain.ru)
2008-03-03 23:15:16 SMTP syntax error in "zopa" H=(localhost) [::1] I=[::1]:25 unrecognized command
2008-03-03 23:20:16 SMTP command timeout on connection from (localhost) [::1] I=[::1]:25

77.243.5.34 внешний IP сервера, адреса не мои.

Вот rejectlog Exim-a:

Код: Выделить всё

2008-03-02 20:09:56 SMTP protocol synchronization error (input sent without waiting for greeting): rejected connection from H=[127.0.0.1] I=[127.0.0.1]:25 input="EHLO fitsudzha.net\r\n"
2008-03-03 00:37:52 SMTP protocol synchronization error (input sent without waiting for greeting): rejected connection from H=[127.0.0.1] I=[127.0.0.1]:25 input="EHLO fitsudzha.net\r\n"
2008-03-03 06:00:37 SMTP protocol synchronization error (next input sent too soon: pipelining was not advertised): rejected "GET http://www.scanproxy.com:80/px_judge.php?p=25 HTTP/1.0" H=[118.168.138.44] I=[77.243.5.34]:25 next input="Content-Type: text/html\r\nProxy-Connection: keep-alive\r\nHost: www.scanproxy.com\r\nAccept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, applicati"
2008-03-03 06:54:40 H=(77.243.5.34) [118.168.138.44] I=[77.243.5.34]:25 F=<rurdhd@hotmail.com> rejected RCPT <toxxx@mail2000.com.tw>: "main IP in your HELO! Access denied!"
2008-03-03 07:24:21 H=(77.243.5.34) [118.168.138.44] I=[77.243.5.34]:25 F=<rurdhd@hotmail.com> rejected RCPT <toxxx@mail2000.com.tw>: "main IP in your HELO! Access denied!"
2008-03-03 07:54:03 H=(77.243.5.34) [118.168.138.44] I=[77.243.5.34]:25 F=<rurdhd@hotmail.com> rejected RCPT <toxxx@mail2000.com.tw>: "main IP in your HELO! Access denied!"
2008-03-03 08:25:12 H=(77.243.5.34) [118.168.138.44] I=[77.243.5.34]:25 F=<rurdhd@hotmail.com> rejected RCPT <toxxx@mail2000.com.tw>: "main IP in your HELO! Access denied!"

Кто-то яростно стучится. Спам.

Вот maillog:

Код: Выделить всё

Mar  4 00:00:00 fitsudzha newsyslog[23669]: logfile turned over

В мозгу ступор. Спасайте!

[um-ka]

Что я мелю? Не работает imap авторизация!!!

Наверное лучше все по порядку:
Снес все что стояло раньше и поставил exim, dovecot и postfixadmin по статье Лиса (http://www.lissyara.su/?id=1173).
Postfixadmin немного буксует, не хочет создавать ящики из .../postfixadmin/admin//create-mailbox.php
Зато создает из .../postfixadmin/create-mailbox.php , но с этим я сам разрулю наверное.

Конфиг exim вот.

Код: Выделить всё

primary_hostname = mx.fitsudzha.net
hide mysql_servers = localhost/exim/exim/exim
domainlist local_domains = ${lookup mysql{SELECT `domain` FROM `domain` WHERE `domain`='${domain}' AND `active`='1'}}
domainlist relay_to_domains = ${lookup mysql{SELECT `domain` FROM `domain` WHERE `domain`='${domain}' AND `active`='1'}}
hostlist   relay_from_hosts = localhost:127.0.0.0/8:192.168.0.0/16
acl_smtp_rcpt = acl_check_rcpt
acl_smtp_data = acl_check_data
qualify_domain = fitsudzha.net
qualify_recipient = fitsudzha.net
allow_domain_literals = false
exim_user = mailnull
exim_group = mail
never_users = root
rfc1413_query_timeout = 0s
sender_unqualified_hosts = +relay_from_hosts
recipient_unqualified_hosts = +relay_from_hosts
ignore_bounce_errors_after = 45m
timeout_frozen_after = 15d
helo_accept_junk_hosts = 192.168.0.0/16
auto_thaw = 1h
smtp_banner = "$primary_hostname, ESMTP EXIM $version_number"
smtp_accept_max = 50
smtp_accept_max_per_connection = 25
smtp_connect_backlog = 30
smtp_accept_max_per_host = 20
split_spool_directory = true
remote_max_parallel = 15
return_size_limit = 70k
message_size_limit = 64M
helo_allow_chars = _
smtp_enforce_sync = false
log_selector =  +all_parents +connection_reject +incoming_interface +lost_incoming_connection +received_sender +received_recipients +smtp_confirmation +smtp_syntax_error +smtp_protocol_error -queue_run
syslog_timestamp = no
begin acl
acl_check_rcpt:
accept  hosts = :
deny    message = "incorrect symbol in address"
domains = +local_domains
local_parts   = ^[.] : ^.*[@%!/|]
deny    message = "incorrect symbol in address"
domains = !+local_domains
local_parts   = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
accept  local_parts = postmaster
domains = +local_domains
deny message = "HELO/EHLO require by SMTP RFC"
condition = ${if eq{$sender_helo_name}{}{yes}{no}}
accept  authenticated = *
deny message = "Your IP in HELO - access denied!"
hosts =  * : !+relay_from_hosts : !81-196.fitsudzha.net
condition     = ${if eq{$sender_helo_name}{$sender_host_address}{true}{false}}
deny condition = ${if eq{$sender_helo_name}{$interface_address}{yes}{no}}
hosts        = !127.0.0.1 : !localhost : *
message       = "main IP in your HELO! Access denied!"   
deny condition = ${if match{$sender_helo_name}{\N^\d+$\N}{yes}{no}}
hosts = !127.0.0.1 : !localhost : *
message = "can not be only number in HELO!"
deny message = "your hostname is bad (adsl, poll, ppp & etc)."
condition = ${if match{$sender_host_name} {adsl|dialup|pool|peer|dhcp} {yes}{no}}  
warn
 set acl_m0 = 30s
warn
hosts = +relay_from_hosts:77.243.5.0/28
 set acl_m0 = 0s
warn
logwrite = Delay $acl_m0 for $sender_host_name [$sender_host_address] with HELO=$sender_helo_name. Mail from $sender_address to $local_part@$domain.
delay = $acl_m0	
accept  domains = +local_domains
endpass
message = "In my mailserver not stored this user"
verify = recipient
accept  domains = +relay_to_domains
endpass
message = "main server not know how relay to this address"
verify  = recipient
deny message = "you in blacklist - $dnslist_domain \n $dnslist_text"
dnslists = opm.blitzed.org : cbl.abuseat.org : bl.csma.biz : dynablock.njabl.org
accept  hosts = +relay_from_hosts
deny message = "Homo hominus lupus est"
acl_check_data:
 deny malware = *
   message = "In e-mail found VIRUS - $malware_name"
accept   
begin routers
dnslookup:
  driver = dnslookup
  domains = ! +local_domains
  transport = remote_smtp
  ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
  no_more
system_aliases:
    driver = redirect
    allow_fail
    allow_defer
    data = ${lookup mysql{SELECT `goto` FROM `alias` WHERE `address`='${quote_mysql:$local_part@$domain}' OR `address`='${quote_mysql:@$domain}'}}
dovecot_user:
  driver = accept
  condition = ${lookup mysql{SELECT `goto` FROM `alias` WHERE `address`='${quote_mysql:$local_part@$domain}' OR `address`='${quote_mysql:@$domain}'}{yes}{no}}
transport = dovecot_delivery
begin transports
remote_smtp:
  driver = smtp
dovecot_delivery:
  driver = pipe
  command = /usr/local/libexec/dovecot/deliver -d $local_part@$domain
  message_prefix =
  message_suffix =
  delivery_date_add
  envelope_to_add
  return_path_add
  log_output
  user = mailnull
address_pipe:
driver = pipe
return_output
address_reply:
  driver = autoreply
begin retry
*                    *       F,2h,15m; G,16h,1h,1.5; F,4d,6h
begin rewrite
begin authenticators
auth_plain:
  driver = plaintext
  public_name = PLAIN
  server_condition = ${lookup mysql{SELECT `username` FROM `mailbox` WHERE `username` = '${quote_mysql:$auth2}' AND `password` = '${quote_mysql:$auth3}'}{yes}{no}}
  server_prompts = :
  server_set_id = $auth2  
auth_login:
  driver = plaintext
  public_name = LOGIN
  server_condition = ${lookup mysql{SELECT `username` FROM `mailbox` WHERE `username` = '${quote_mysql:$auth1}' AND `password` = '${quote_mysql:$auth2}'}{yes}{no}}
  server_prompts = Username:: : Password::
  server_set_id = $auth1  
auth_cram_md5:
  driver = cram_md5
  public_name = CRAM-MD5
  server_secret = ${lookup mysql{SELECT `password` FROM `mailbox` WHERE `username` = '${quote_mysql:$auth1}'}{$value}fail}
  server_set_id = $auth2  

Конфиг dovecot:

Код: Выделить всё

base_dir = /var/run/dovecot/
protocols = imap pop3
listen = *
ssl_disable = yes    
disable_plaintext_auth = no
shutdown_clients = yes
log_path = /var/log/dovecot
log_timestamp = "%b %d %H:%M:%S "
syslog_facility = mail
login_dir = /var/run/dovecot/login
login_chroot = yes
login_user = dovecot
login_process_size = 64
login_process_per_connection = yes
login_processes_count = 3
login_max_processes_count = 64
login_greeting = привет МЕДВЕД! ;) http://fitsudzha.net
login_log_format_elements = user=<%u> method=%m rip=%r lip=%l %c
login_log_format = %$: %s
verbose_proctitle = yes
first_valid_uid = 25
first_valid_gid = 0
mail_extra_groups = mail
default_mail_env = maildir:/var/mail/exim/%n@%d
umask = 0077 
protocol imap {
 imap_client_workarounds = delay-newmail outlook-idle \
}
protocol pop3 {
pop3_uidl_format = %08Xu%08Xv
pop3_client_workarounds = outlook-no-nuls oe-ns-eoh
}
protocol lda {
 postmaster_address = ***@list.ru
 auth_socket_path = /var/run/dovecot/auth-master
}
auth default {
mechanisms = plain
socket listen {
 master {
 path = /var/run/dovecot/auth-master
 mode = 0600
 user = mailnull
#group = mail
  }
 }
passdb sql { 
  args = /usr/local/etc/dovecot-sql.conf
}
 userdb sql {
 args = /usr/local/etc/dovecot-sql.conf
}
 user = root
 }
plugin {
} 

Вот лог Dovecot:

Код: Выделить всё

dovecot: Mar 03 23:19:42 Info: imap-login: Login: user=<****@fitsudzha.net>, method=PLAIN, rip=82.211.152.13, lip=77.243.5.34
dovecot: Mar 03 23:19:42 Error: IMAP(****@fitsudzha.net): Unknown client workaround: \
dovecot: Mar 03 23:19:42 Error: child 15543 (imap) returned error 89
dovecot: Mar 03 23:19:48 Info: imap-login: Login: user=<****@fitsudzha.net>, method=PLAIN, rip=82.211.152.13, lip=77.243.5.34
dovecot: Mar 03 23:19:48 Error: IMAP(****@fitsudzha.net): Unknown client workaround: \
dovecot: Mar 03 23:19:48 Error: child 15545 (imap) returned error 89
dovecot: Mar 04 03:00:00 Error: Time just moved backwards by 2 seconds. I'll sleep now until we're back in present. http://wiki.dovecot.org/TimeMovedBackwards
dovecot: Mar 04 03:00:03 Error: imap-login: Time just moved backwards by 2 seconds. I'll sleep now until we're back in present. http://wiki.dovecot.org/TimeMovedBackwards
dovecot: Mar 04 03:00:03 Error: imap-login: Time just moved backwards by 2 seconds. I'll sleep now until we're back in present. http://wiki.dovecot.org/TimeMovedBackwards

Вот mainlog Exim-a:

Код: Выделить всё

2008-03-03 13:01:39 unexpected disconnection while reading SMTP command from (77.243.5.34) [118.168.138.44] I=[77.243.5.34]:25
2008-03-03 13:32:23 H=(77.243.5.34) [118.168.138.44] I=[77.243.5.34]:25 F=<rurdhd@hotmail.com> rejected RCPT <toxxx@mail2000.com.tw>: "main IP in your HELO! Access denied!"
2008-03-03 13:32:23 unexpected disconnection while reading SMTP command from (77.243.5.34) [118.168.138.44] I=[77.243.5.34]:25
2008-03-03 14:02:24 H=(77.243.5.34) [118.168.138.44] I=[77.243.5.34]:25 F=<rurdhd@hotmail.com> rejected RCPT <toxxx@mail2000.com.tw>: "main IP in your HELO! Access denied!"
2008-03-03 14:02:26 unexpected disconnection while reading SMTP command from (77.243.5.34) [118.168.138.44] I=[77.243.5.34]:25
2008-03-03 17:04:44 exim 4.69 daemon started: pid=671, -q30m, listening for SMTP on port 25 (IPv6 and IPv4)
2008-03-03 19:53:26 no host name found for IP address 58.242.150.219
2008-03-03 19:53:26 Delay 30s for  [58.242.150.219] with HELO=mailer. Mail from opel@rock.com to boobwire@hushmail.com.
2008-03-03 19:54:18 DNS list lookup defer (probably timeout) for 219.150.242.58.opm.blitzed.org: assumed not in list
2008-03-03 19:54:30 H=(mailer) [58.242.150.219] I=[77.243.5.34]:25 F=<opel@rock.com> rejected RCPT <boobwire@hushmail.com >: "you in blacklist - bl.csma.biz 
2008-03-03 19:54:30 unexpected disconnection while reading SMTP command from (mailer) [58.242.150.219] I=[77.243.5.34]:25
2008-03-03 23:13:28 1JWH25-0003z6-Li SIGINT received while reading local message
2008-03-03 23:15:07 auth_plain authenticator failed for (localhost) [::1] I=[::1]:25: 535 Incorrect authentication data (set_id=admin@mydomain.ru)
2008-03-03 23:15:16 SMTP syntax error in "zopa" H=(localhost) [::1] I=[::1]:25 unrecognized command
2008-03-03 23:20:16 SMTP command timeout on connection from (localhost) [::1] I=[::1]:25

77.243.5.34 внешний IP сервера, адреса не мои.

Вот rejectlog Exim-a:

Код: Выделить всё

2008-03-02 20:09:56 SMTP protocol synchronization error (input sent without waiting for greeting): rejected connection from H=[127.0.0.1] I=[127.0.0.1]:25 input="EHLO fitsudzha.net\r\n"
2008-03-03 00:37:52 SMTP protocol synchronization error (input sent without waiting for greeting): rejected connection from H=[127.0.0.1] I=[127.0.0.1]:25 input="EHLO fitsudzha.net\r\n"
2008-03-03 06:00:37 SMTP protocol synchronization error (next input sent too soon: pipelining was not advertised): rejected "GET http://www.scanproxy.com:80/px_judge.php?p=25 HTTP/1.0" H=[118.168.138.44] I=[77.243.5.34]:25 next input="Content-Type: text/html\r\nProxy-Connection: keep-alive\r\nHost: www.scanproxy.com\r\nAccept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, applicati"
2008-03-03 06:54:40 H=(77.243.5.34) [118.168.138.44] I=[77.243.5.34]:25 F=<rurdhd@hotmail.com> rejected RCPT <toxxx@mail2000.com.tw>: "main IP in your HELO! Access denied!"
2008-03-03 07:24:21 H=(77.243.5.34) [118.168.138.44] I=[77.243.5.34]:25 F=<rurdhd@hotmail.com> rejected RCPT <toxxx@mail2000.com.tw>: "main IP in your HELO! Access denied!"
2008-03-03 07:54:03 H=(77.243.5.34) [118.168.138.44] I=[77.243.5.34]:25 F=<rurdhd@hotmail.com> rejected RCPT <toxxx@mail2000.com.tw>: "main IP in your HELO! Access denied!"
2008-03-03 08:25:12 H=(77.243.5.34) [118.168.138.44] I=[77.243.5.34]:25 F=<rurdhd@hotmail.com> rejected RCPT <toxxx@mail2000.com.tw>: "main IP in your HELO! Access denied!"

Кто-то яростно стучится. Спам.

Вот maillog:

Код: Выделить всё

Mar  4 00:00:00 fitsudzha newsyslog[23669]: logfile turned over

В мозгу ступор. Спасайте!

[um-ka]

Код: Выделить всё

[root@fitsudzha /usr/local/etc/exim]# sockstat | grep 143          ?   5168?Mar  4 21:11?
dovecot  imap-login 15411 0  tcp4   *:143                 *:*                         ?  10052?Mar  4 21:12?
dovecot  imap-login 15544 0  tcp4   *:143                 *:*                         ?   3851?Mar  4 21:12?
dovecot  imap-login 691   0  tcp4   *:143                  *:*                         ?       ?            ?
root        dovecot    679   5  tcp4   *:143                  *:*        

[hizel]

не работает Imap смотрим задумчиво на dovecot
у вас в конфиге dovect-а
сцылка на /usr/local/etc/dovecot-sql.conf
привидите его и неплохо заодно
select-ы из mysql к которым обращается dovecot

[um-ka]

Он меня и по telnet футболит. Dovecot.sql.conf точно такой как в статье Лисяры, тока пароли мои. Загвоздка в том что по POP3 через telnet захожу без проблем. Только POP мне не нужен, потому как в качестве web-морды roundkube планирую юзать, а он только по IMAP. Вот такие пироги с котятами. Прибить dovecot из портов и поставить с их сайта исходники?

[InventoR]

Советую мозг не сушить до такой степени, конфиги с настройками которые здесь приведены, работают пол оборота, а то что не работает, причина легко вылавливаеться в логах.

[um-ka]

Интересно, зачем я тогда столько времени трахаюсь? Может быть потому что не работает? Вот лежат конфиги и логи. Вылавливай!

[Alex Keda]

2 тредстартер
а сам?

[InventoR]

Код: Выделить всё

2008-03-03 00:37:52 SMTP protocol synchronization error (input sent without waiting for greeting): rejected connection from H=[127.0.0.1]

синхронизацию отключи.

Код: Выделить всё

# cat /usr/local/etc/exim/configure |grep sync
smtp_enforce_sync = true
        control = no_enforce_sync
#

И напиши конкретно что сейчас не работает )))
И как тестируеш.

[um-ka]

Dovecot заработал, smtp авторизация не пашет. Отфутболивает. Завтра с работы напишу подробно.