Ubuntu 16.04.5
Apache2
MySQL
Postfix w/MySQL
Dovecot
SASL2
UFW
I am trying to install a working mail server and client on this machine. I followed this tutorial which allows authentication through MySQL. I have all DB entries set correctly, I have set up the domain/mailbox in PostfixAdmin. All was going well until the Test login in RoundCube install. The user is unable to connect through port 993 to log in.
Connecting to localhost...
IMAP connect: NOT OK(Login failed for noreply@example.com from /ip address/. Could not connect to localhost:993: Connection refused)
I have tried Telneting remotely to {IP address} 993 with Connection refused
as well.
The server is running on a static IP address. RoundCube is located in the ../html/webmail/
directory and is working fine, but things like PHPMyAdmin are located at http://{ipaddress}/phpmyadmin
since there are multiple virtual hosts for web services.
UFW has all necessary IMAP/POP3 ports allowed.
To Action From
-- ------ ----
Apache Full ALLOW Anywhere
20/tcp ALLOW Anywhere
21/tcp ALLOW Anywhere
990/tcp ALLOW Anywhere
40000:50000/tcp ALLOW Anywhere
22 ALLOW Anywhere
80 ALLOW Anywhere
443 ALLOW Anywhere
8080 ALLOW Anywhere
Postfix ALLOW Anywhere
993 ALLOW Anywhere
143 ALLOW Anywhere
110 ALLOW Anywhere
995 ALLOW Anywhere
25 ALLOW Anywhere
25/tcp ALLOW Anywhere
Apache Full (v6) ALLOW Anywhere (v6)
20/tcp (v6) ALLOW Anywhere (v6)
21/tcp (v6) ALLOW Anywhere (v6)
990/tcp (v6) ALLOW Anywhere (v6)
40000:50000/tcp (v6) ALLOW Anywhere (v6)
22 (v6) ALLOW Anywhere (v6)
80 (v6) ALLOW Anywhere (v6)
443 (v6) ALLOW Anywhere (v6)
8080 (v6) ALLOW Anywhere (v6)
Postfix (v6) ALLOW Anywhere (v6)
993 (v6) ALLOW Anywhere (v6)
143 (v6) ALLOW Anywhere (v6)
110 (v6) ALLOW Anywhere (v6)
995 (v6) ALLOW Anywhere (v6)
25 (v6) ALLOW Anywhere (v6)
25/tcp (v6) ALLOW Anywhere (v6)
Dovecot is running
# 2.2.22 (fe789d2): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.13 (7b14904)
# OS: Linux 4.4.0-141-generic x86_64 Ubuntu 16.04.5 LTS ext4
auth_debug = yes
auth_debug_passwords = yes
auth_mechanisms = plain login
auth_verbose = yes
auth_verbose_passwords = plain
mail_debug = yes
mail_location = maildir:/var/mail/vmail/%d/%n/Maildir
mail_privileged_group = mail
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext
namespace inbox {
inbox = yes
location =
mailbox Drafts {
special_use = \Drafts
}
mailbox Junk {
special_use = \Junk
}
mailbox Sent {
special_use = \Sent
}
mailbox "Sent Messages" {
special_use = \Sent
}
mailbox Trash {
special_use = \Trash
}
prefix =
}
passdb {
args = /etc/dovecot/dovecot-sql.conf.ext
driver = sql
}
plugin {
sieve = file:~/sieve;active=~/.dovecot.sieve
}
protocols = " imap sieve"
service auth {
unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0600
user = postfix
}
unix_listener auth-userdb {
mode = 0600
user = vmail
}
user = dovecot
}
ssl = no
userdb {
args = uid=vmail gid=vmail home=/var/mail/vmail/%d/%n
driver = static
}
verbose_ssl = yes
protocol lda {
mail_plugins = " sieve"
}
Postfix config
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
inet_interfaces = all
inet_protocols = all
mailbox_size_limit = 0
mydestination = $myhostname, example.com, {rootusername}, localhost.localdomain, localhost, example2.com, example3.com
myhostname = {rootusername}
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
myorigin = /etc/mailname
readme_directory = no
recipient_delimiter = +
relayhost =
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_tls_auth_only = no
smtpd_tls_cert_file = /etc/letsencrypt/live/example.com/fullchain.pem
smtpd_tls_key_file = /etc/letsencrypt/live/example.com/privkey.pem
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
virtual_alias_maps = mysql:/etc/postfix/sql/mysql_virtual_alias_maps.cf
virtual_mailbox_domains = mysql:/etc/postfix/sql/mysql_virtual_domains_maps.cf
virtual_mailbox_maps = mysql:/etc/postfix/sql/mysql_virtual_mailbox_maps.cf
The cert/key files are not needed, I tried adding them to see if there'd be any difference. The SSL certs are for the domain and certain subdomains, there is no mail.example.com.
What seems weird is that nothing is listening on port 993, Dovecot is listening on 4190?
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State User Inode PID/Program name
tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN 111 14759 1084/mysqld
tcp 0 0 0.0.0.0:587 0.0.0.0:* LISTEN 0 34677 6207/master
tcp 0 0 0.0.0.0:143 0.0.0.0:* LISTEN 0 43563 7001/dovecot
tcp 0 0 0.0.0.0:465 0.0.0.0:* LISTEN 0 34683 6207/master
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 0 16213 1149/sshd
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 0 34671 6207/master
tcp 0 0 0.0.0.0:4190 0.0.0.0:* LISTEN 0 43523 7001/dovecot
tcp 0 212 xx.xxx.xx.xxx:22 xxx.xx.xxx.xxx:53808 ESTABLISHED 0 75664 12943/sshd: ********
tcp6 0 0 :::587 :::* LISTEN 0 34678 6207/master
tcp6 0 0 :::143 :::* LISTEN 0 43564 7001/dovecot
tcp6 0 0 :::80 :::* LISTEN 0 18106 1614/apache2
tcp6 0 0 :::465 :::* LISTEN 0 34684 6207/master
tcp6 0 0 :::21 :::* LISTEN 0 12274 1012/vsftpd
tcp6 0 0 :::22 :::* LISTEN 0 16215 1149/sshd
tcp6 0 0 :::25 :::* LISTEN 0 34672 6207/master
tcp6 0 0 :::443 :::* LISTEN 0 18110 1614/apache2
tcp6 0 0 :::4190 :::* LISTEN 0 43524 7001/dovecot
tcp6 0 0 xx.xxx.xx.xxx:80 xxx.xx.xxx.xxx:53832 TIME_WAIT 0 0 -
Why would Dovecot listen on 4190? I have made sure all configurations are correct, restarting all needed services, even tried rebooting the system. Is there an obvious mistake I'm making?
Best Answer
So after some debugging I found that:
Mistake 1: Assuming
993
was the correct port. Dovecot is running on143
. The correct setting for server in Roundcube istls://localhost
.Mistake 2: In
/etc/dovecot/dovecot-sql.conf.ext
connect
andpassword_query
must be on seperate lines. Possibly due to copy/pasting from tutorials.Right:
Wrong
Recommendation
Set
log_path = /var/log/dovecot.log
to differentiate errors from sys errors. Dovecot will log what you've messed up.Hope this helps someone in the future.