[Kolab-devel] Kolab2 V2.1.0 Final SMTP over SSL >problemtalkingto server private/kolabpolicy: Socket operationonnon-socket

ComCept Net GmbH Andrea Soliva soliva at comcept.ch
Sun Jun 3 19:36:48 CEST 2007


Hi Thomas

Many thanks for that point but I do not understand you...can you give me
more details meaning how can I reconfigure the client to use SSL. The user
is working with outlook 2003.....what I also not understand is that he can
fetch the mails over TCP POP-SSL meaning Port 995 and for that he uses also
the authentication TLS or? 

If I look to the logs my understanding is that the authentication is
successful if the none fix IP from the internet is used in the trusted
network configuration. From this point I do not think that this is a problem
of the authentication itself. It is more that postfix accepts the connection
(authentication) and would hand over to kolabpolicy but kolabpolicy does not
accept it and this is the reason that for this connection the socket is not
available.

Can you give me more details....how can I use the function over SSL on
Outlook 2003?

I can test even I do not think that this has something to do with the
authentication because as mentioned out from the logs the authentication is
done successful if the none fix IP from the internet is in the trusted
network.

Kind regards

Andrea


-----Ursprüngliche Nachricht-----
Von: kolab-users-bounces at kolab.org [mailto:kolab-users-bounces at kolab.org] Im
Auftrag von Thomas Spuhler
Gesendet: Sonntag, 3. Juni 2007 18:38
An: kolab-users at kolab.org
Betreff: Re: AW: [Kolab-devel] Kolab2 V2.1.0 Final SMTP over SSL
>problemtalkingto server private/kolabpolicy: Socket operationonnon-socket

On Saturday 02 June 2007 22:38, ComCept Net GmbH Andrea Soliva wrote:
> Yes Sir :-) Solaris 10 11/06 Sparc latest recommended cluster May 2007
>
> Why you are asking....this should have nothing to do with the below
message
> or?
>
> Andrea
>
>   _____
>
> Von: kolab-users-bounces at kolab.org [mailto:kolab-users-bounces at kolab.org]
> Im Auftrag von Alain Spineux
> Gesendet: Samstag, 2. Juni 2007 20:51
> An: Kolab development coordination
> Cc: kolab-users at kolab.org
> Betreff: Re: [Kolab-devel] Kolab2 V2.1.0 Final SMTP over SSL >
> problemtalkingto server private/kolabpolicy: Socket operation onnon-socket
>
>
> Are you using SOLARIS ?
>
>
> On 6/2/07, ComCept Net GmbH Andrea Soliva <soliva at comcept.ch> wrote:
>
> Hi Alain
>
> I checked the /kolab/var/resmgr/resmgr.log. No errors at all also not in
> the time of test. The local connection with the untouched useraccount and
> with the absolut same configuration worked. Here as mentioned the logs
from
> this test/connection:
>
> LOCAL TEST WITH SAME ACCOUNT:
>
> Jun 02 13:12:04 kolab2 <info> postfix/smtpd[9033]: connect from
> PCG-GRT716S[xxx.xxx.xxx.x]
> Jun 02 13:12:04 kolab2 <info> postfix/smtpd[9033]: setting up TLS
> connection from PCG-GRT716S[xxx.xxx.xxx.x]
> Jun 02 13:12:04 kolab2 <info> postfix/smtpd[9033]: TLS connection
> established from PCG-GRT716S[xxx.xxx.xxx.x]: TLSv1 with cipher RC
> 4-MD5 (128/128 bits)
> Jun 02 13:12:04 kolab2 <info> postfix/smtpd[9033]: 808249D1F:
> client=PCG-GRT716S[xxx.xxx.xxx.x], sasl_method=LOGIN, sasl_username=
> <mailto:domenica at wojnowski.ch> domenica at wojnowski.ch
> Jun 02 13:12:04 kolab2 <info> postfix/cleanup[8895]: 808249D1F:
> message-id=<20070602111204.808249D1F at kolab2.comcept.ch
> <mailto:20070602111204.808249D1F at kolab2.comcept.ch> >
> Jun 02 13:12:04 kolab2 <info> postfix/qmgr[7038]: 808249D1F: from=<
> <mailto:domenica at wojnowski.ch>  domenica at wojnowski.ch>, size=649, nrcpt=1
> (queue active)
> Jun 02 13:12:04 kolab2 <info> postfix/smtpd[9033]: disconnect from
> PCG-GRT716S[xxx.xxx.xxx.x]
> Jun 02 13:12:04 kolab2 <info> postfix/smtpd[8898]: connect from
> localhost[127.0.0.1]
> Jun 02 13:12:04 kolab2 <info> postfix/smtpd[8898]: C63539DE2:
> client=localhost[127.0.0.1]
> Jun 02 13:12:04 kolab2 <info> postfix/cleanup[8899]: C63539DE2:
> message-id=<20070602111204.808249D1F at kolab2.comcept.ch>
> Jun 02 13:12:04 kolab2 <info> postfix/qmgr[7038]: C63539DE2: from=<
> <mailto:domenica at wojnowski.ch>  domenica at wojnowski.ch>, size=824, nrcpt=1
> (queue active)
> Jun 02 13:12:04 kolab2 <info> postfix/smtpd[8898]: disconnect from
> localhost[127.0.0.1]
> Jun 02 13:12:04 kolab2 <info> postfix/pipe[8896]: 808249D1F: to=<
> <mailto:domenica at wojnowski.ch> domenica at wojnowski.ch>, relay=kolabfilter,
> delay=0, status=sent (kola
> b2.comcept.ch)
> Jun 02 13:12:04 kolab2 <info> postfix/qmgr[7038]: 808249D1F: removed
>
> TEST WITH "NONE FIX IP FROM INTERNET" ENTERED IN TRUSTED NETWORK:
>
> Jun 02 13:23:23 kolab2 <info> postfix/smtpd[10675]: connect from
> 100-132.3-85.cust.bluewin.ch[85.3.132.100]
> Jun 02 13:23:23 kolab2 <info> postfix/smtpd[10675]: setting up TLS
> connection from 100-132.3-85.cust.bluewin.ch[85.3.132.100]
> Jun 02 13:23:23 kolab2 <info> postfix/smtpd[10675]: TLS connection
> established from 100-132.3-85.cust.bluewin.ch[85.3.132.100]: TLSv
> 1 with cipher RC4-MD5 (128/128 bits)
> Jun 02 13:23:23 kolab2 <info> postfix/smtpd[10675]: 8A8E7A179:
> client=100-132.3-85.cust.bluewin.ch[85.3.132.100], sasl_method=LOGIN,
>  sasl_username=domenica at wojnowski.ch
> Jun 02 13:23:24 kolab2 <info> postfix/cleanup[10447]: 8A8E7A179:
> message-id=<000001c7a508$5d781260$2101a8c0 at Amilo>
> Jun 02 13:23:24 kolab2 <info> postfix/qmgr[10181]: 8A8E7A179:
> from=<domenica at wojnowski.ch>, size=2172, nrcpt=1 (queue active)
> Jun 02 13:23:24 kolab2 <info> postfix/smtpd[10450]: connect from
> localhost[127.0.0.1]
> Jun 02 13:23:24 kolab2 <info> postfix/smtpd[10450]: 69BC9A17B:
> client=localhost[127.0.0.1]
> Jun 02 13:23:24 kolab2 <info> postfix/cleanup[10451]: 69BC9A17B:
> message-id=<000001c7a508$5d781260$2101a8c0 at Amilo>
> Jun 02 13:23:24 kolab2 <info> postfix/qmgr[10181]: 69BC9A17B:
> from=<domenica at wojnowski.ch>, size=2345, nrcpt=1 (queue active)
> Jun 02 13:23:24 kolab2 <info> postfix/smtpd[10450]: disconnect from
> localhost[127.0.0.1]
> Jun 02 13:23:24 kolab2 <info> postfix/pipe[10448]: 8A8E7A179:
> to=<soliva at comcept.ch>, relay=kolabfilter, delay=1, status=sent (kolab
> 2.comcept.ch)
>
> You see that is 100% a confirmation that actually all is working fine but
> "only" within local trusted network or if the IP is configured as trusted
> network even this solution is not visible (because it is not a fix IP).
>
> What is here wrong.....except within the postfix.log I have no errors
> meaning I controlled all logs (really all :-).
>
> Any help and explanation really appriciated.
>
> Many thanks
>
> Andrea
>
>
>
>
>   _____
>
> Von: kolab-devel-bounces at kolab.org [mailto:kolab-devel-bounces at kolab.org]
> Im Auftrag von Alain Spineux
> Gesendet: Samstag, 2. Juni 2007 18:10
> An: Kolab development coordination
> Cc: kolab-users at kolab.org
> Betreff: Re: [Kolab-devel] Kolab2 V2.1.0 Final SMTP over SSL >
> problemtalking to server private/kolabpolicy: Socket operation
onnon-socket
>
>
>
>
> You should look about error messages from the kolab policy.
> Maybe thei are in /kolab/var/resmgr/resmgr.log (not sure)
>
> Also can you give the log a the successful connection you got, when
> connected locally ?
>
> Regards.
>
> Alain
>
>
>
>
>
> On 6/2/07, ComCept Net GmbH Andrea Soliva <soliva at comcept.ch> wrote:
>
> Hi all
>
> I tested further with V2.1.0 Final and up to know it seems to work all
fine
> (internal trusted networks) with one exception:
>
> I'm working with Toltec and the E-Mail account is configured with Port POP
> over SSL TCP 995 as SMTP over SSL TCP 465. All is working fine without
> problems.
>
> The next test I did is I added a new domain wojnowski.ch and a user. This
> user is not in my trusted network meaning this user makes requests
> somewhere from the internet. On the firewall I opened:
>
> POP over SSL TCP 995 as SMTP over SSL TCP 465
>
> The Email account from the user is also configured with the specific ports
> as the certificat is installed. The issue we have is following:
>
> --> The user can fetch his emails over POP over SSL TCP 995 without
> problems. As soon as he tries to send a mail over SMTP over SSL TCP 465 it
> would not work:
>
> ==> /kolab/var/postfix/log/postfix.log <==
> Jun 02 12:24:55 kolab2 <info> postfix/smtpd[2815]: connect from
> 147-164.3-85.cust.bluewin.ch[85.3.164.147]
> Jun 02 12:24:55 kolab2 <info> postfix/smtpd[2815]: setting up TLS
> connection from 147-164.3-85.cust.bluewin.ch[ 85.3.164.147
> <http://85.3.164.147> ] Jun 02 12:24:55 kolab2 <info> postfix/smtpd[2815]:
> TLS connection
> established from 147-164.3-85.cust.bluewin.ch[85.3.164.147]: TLSv1 with
> cipher RC4-MD5 (128/128 bits)
> Jun 02 12:24:56 kolab2 <warning> postfix/smtpd[2815]: warning: connect to
> private/kolabpolicy: Socket operation on non-socket
> Jun 02 12:24:56 kolab2 <warning> postfix/smtpd[2815]: warning: problem
> talking to server private/kolabpolicy: Socket operation on non-socket
> Jun 02 12:24:57 kolab2 <warning> postfix/smtpd[2815]: warning: connect to
> private/kolabpolicy: Socket operation on non-socket
> Jun 02 12:24:57 kolab2 <warning> postfix/smtpd[2815]: warning: problem
> talking to server private/kolabpolicy: Socket operation on non-socket
> Jun 02 12:24:57 kolab2 <info> postfix/smtpd[2815]: NOQUEUE: reject: RCPT
> from 147-164.3-85.cust.bluewin.ch[ 85.3.164.147 <http://85.3.164.147> ]:
> 450 Server configuration
> problem; from=<domenica at wojnowski.ch> to=< soliva at comcept.ch
> <mailto:soliva at comcept.ch> > proto=ESMTP
> helo=<Amilo>
> Jun 02 12:25:00 kolab2 <info> postfix/smtpd[2815]: disconnect from
> 147-164.3-85.cust.bluewin.ch[85.3.164.147]
>
>
> As a test I configured the account in my local network (trusted network)
> with the same config as the user has. It works without problems. If I look
> to the error or warnings it seems to me that the kolabpolicy does not
allow
> this even the users is authenticating. The config over the manager
> interface
>
> looks like following:
>
> All services available except HTTP FreeBusy Service (Legacy) and POP3
> Service
>
> Quota not active
>
> Freebusy not set
>
> Priviliged networks set to 127.0.0.0/8, xxx.xxx.xxx.0/24,
> xxx.xxx.xxx.0/24,, xxx.xxx.xxx.0/24
>
> No Smart Relay Host set
>
> Accept Internet Email not active
>
> Domains both domains are visible
>
> Mail Filter settings set to "Reject the message with the except if it
> originates"
>
>
> Temporarly I entered the IP from the user "85.3.164.147" to the trusted
> network config and it worked fine. This user has now fix IP from this
point
> of view it is not visible to use such a config. At the moment I'm a little
> bit confiused meaning is this configuration I would like to have not
> visible meaning having user travelling around the world and using kolab2
> for sending
>
> emails?
>
> Can somebody point me in the correct direction or is it something which
> should work and does not in V2.1.0 (Bug?).
>
> For any answer many thanks in advanced.
>
> Kind regards
>
> Andrea
>
> _______________________________________________
> Kolab-devel mailing list
> Kolab-devel at kolab.org
> https://kolab.org/mailman/listinfo/kolab-devel
> <https://kolab.org/mailman/listinfo/kolab-devel>
>
>
>
>
>
> --
> --
> Alain Spineux
> aspineux gmail com
> May the sources be with you
>
>
> _______________________________________________
> Kolab-devel mailing list
> Kolab-devel at kolab.org
> https://kolab.org/mailman/listinfo/kolab-devel

There is a  mix of tls and ssl in you above message. We have experienced
that 
tls often doesn't work from the outside especially from hotels or certain 
isp's. They must block it. try ssl

-- 
Best regards
Thomas Spuhler




More information about the devel mailing list