[Kolab-devel] [OVERVIEW] Kolab2 V2.1.0 Final SMTP over SSL >problemtalkingto server private/kolabpolicy: Socket operationonnon-socket

ComCept Net GmbH Andrea Soliva soliva at comcept.ch
Mon Jun 4 19:23:56 CEST 2007


Hi Developer

Because it is probably a little bit confiusing (was a lot of mails
transfered depending this case...) I would like to post again a overview
which gives you the ability to look at the case in one mail and not in
several's:

I opened on the firewall port TCP 995 POP over SSL and TCP 465 SMTP TLS. Now
a user (non fix IP) has configured Outlook 2003 with this specific ports (I
checked it and it is proper configured). Also the cert was correct imported.
If the user is trying to get to the kolab2 server with TCP 995 POP over SSL
all is working perfect. If the user is trying to use TCP 465 SMTP TLS
authentication on the server is from my point of view correct only the hand
over to the kolabsocket (kolabpolicy does not allow this because connection
from postfix to kolabsocket is not accepted).

I configured the account from the user in the local network to test same
constellation and this works fine. After that I configured temporarly the
none fix IP address of the user from the internet (dhcp) in the Admin
WebInterface in the field trusted networks and made a test (see below). This
is also working perfect. 

>From my point of view the function/authentication is here but kolabpolicy
does not allow this. Out of the config I have (some trusted networs
configured) I have to say this looks like a bug. Bevor I open a entry in the
bug tracker I would like to have a statement from your site if I understand
all correct meaning that this should work out of the box? I'm not 100% sure
if this should work out of the kolabpolicy and out of the box?

Below the confirmation that authentication is working but only in the local
network and if IP is entered as trusted even it is a none fix IP from the
internet:
 
LOCAL TEST WITH USER ACCOUNT:
****************************
 
Jun 02 13:12:04 kolab2 <info> postfix/smtpd[9033]: connect from
PCG-GRT716S[xxx.xxx.xxx.x]
Jun 02 13:12:04 kolab2 <info> postfix/smtpd[9033]: setting up TLS connection
from PCG-GRT716S[xxx.xxx.xxx.x]
Jun 02 13:12:04 kolab2 <info> postfix/smtpd[9033]: TLS connection
established from PCG-GRT716S[xxx.xxx.xxx.x]: TLSv1 with cipher RC4-MD5
(128/128 bits)
Jun 02 13:12:04 kolab2 <info> postfix/smtpd[9033]: 808249D1F:
client=PCG-GRT716S[xxx.xxx.xxx.x], sasl_method=LOGIN,
sasl_username=domenica at wojnowski.ch
Jun 02 13:12:04 kolab2 <info> postfix/cleanup[8895]: 808249D1F:
message-id=<20070602111204.808249D1F at kolab2.comcept.ch >
Jun 02 13:12:04 kolab2 <info> postfix/qmgr[7038]: 808249D1F: from=<
domenica at wojnowski.ch >, size=649, nrcpt=1 (queue active)
Jun 02 13:12:04 kolab2 <info> postfix/smtpd[9033]: disconnect from
PCG-GRT716S[xxx.xxx.xxx.x]
Jun 02 13:12:04 kolab2 <info> postfix/smtpd[8898]: connect from
localhost[127.0.0.1]
Jun 02 13:12:04 kolab2 <info> postfix/smtpd[8898]: C63539DE2:
client=localhost[127.0.0.1]
Jun 02 13:12:04 kolab2 <info> postfix/cleanup[8899]: C63539DE2:
message-id=<20070602111204.808249D1F at kolab2.comcept.ch >
Jun 02 13:12:04 kolab2 <info> postfix/qmgr[7038]: C63539DE2: from=<
domenica at wojnowski.ch >, size=824, nrcpt=1 (queue active)
Jun 02 13:12:04 kolab2 <info> postfix/smtpd[8898]: disconnect from
localhost[127.0.0.1]
Jun 02 13:12:04 kolab2 <info> postfix/pipe[8896]: 808249D1F:
to=<domenica at wojnowski.ch >, relay=kolabfilter, delay=0, status=sent (kola
b2.comcept.ch)
Jun 02 13:12:04 kolab2 <info> postfix/qmgr[7038]: 808249D1F: removed
 
TEST WITH "NONE FIX IP FROM INTERNET" ENTERED IN TRUSTED NETWORK:
*****************************************************************
 
Jun 02 13:23:23 kolab2 <info> postfix/smtpd[10675]: connect from
100-132.3-85.cust.bluewin.ch[85.3.132.100]
Jun 02 13:23:23 kolab2 <info> postfix/smtpd[10675]: setting up TLS
connection from 100-132.3-85.cust.bluewin.ch[85.3.132.100]
Jun 02 13:23:23 kolab2 <info> postfix/smtpd[10675]: TLS connection
established from 100-132.3-85.cust.bluewin.ch[85.3.132.100]: TLSv1 with
cipher RC4-MD5 (128/128 bits)
Jun 02 13:23:23 kolab2 <info> postfix/smtpd[10675]: 8A8E7A179:
client=100-132.3-85.cust.bluewin.ch[85.3.132.100], sasl_method=LOGIN,
sasl_username=domenica at wojnowski.ch
Jun 02 13:23:24 kolab2 <info> postfix/cleanup[10447]: 8A8E7A179:
message-id=<000001c7a508$5d781260$2101a8c0 at Amilo >
Jun 02 13:23:24 kolab2 <info> postfix/qmgr[10181]: 8A8E7A179:
from=<domenica at wojnowski.ch>, size=2172, nrcpt=1 (queue active)
Jun 02 13:23:24 kolab2 <info> postfix/smtpd[10450]: connect from
localhost[127.0.0.1]
Jun 02 13:23:24 kolab2 <info> postfix/smtpd[10450]: 69BC9A17B:
client=localhost[127.0.0.1]
Jun 02 13:23:24 kolab2 <info> postfix/cleanup[10451]: 69BC9A17B:
message-id=<000001c7a508$5d781260$2101a8c0 at Amilo> 
Jun 02 13:23:24 kolab2 <info> postfix/qmgr[10181]: 69BC9A17B:
from=<domenica at wojnowski.ch>, size=2345, nrcpt=1 (queue active)
Jun 02 13:23:24 kolab2 <info> postfix/smtpd[10450]: disconnect from
localhost[127.0.0.1]
Jun 02 13:23:24 kolab2 <info> postfix/pipe[10448]: 8A8E7A179:
to=<soliva at comcept.ch>, relay=kolabfilter, delay=1, status=sent
(kolab2.comcept.ch)
 
You see that is 100% a confirmation that actually all is working fine but
"only" within local trusted network or if the IP is configured as trusted
network even this solution is not visible (because it is not a fix IP).
 
Except within the postfix.log I have no errors meaning I controlled all logs
(really all :-).
 
Any help and explanation/statement really appriciated.
 
Many thanks
 
Andrea

Mail: soliva at comcept.ch 




More information about the devel mailing list