Kolab2 V2.1.0 Final SMTP over SSL >problemtalkingto server private/kolabpolicy: Socket operationonnon-socket

Thomas Spuhler thomas at btspuhler.com
Sun Jun 3 21:14:15 CEST 2007


On Sunday 03 June 2007 10:36, ComCept Net GmbH Andrea Soliva wrote:
> Hi Thomas
>
> Many thanks for that point but I do not understand you...can you give me
> more details meaning how can I reconfigure the client to use SSL. The user
> is working with outlook 2003.....what I also not understand is that he can
> fetch the mails over TCP POP-SSL meaning Port 995 and for that he uses also
> the authentication TLS or?
I don't use outlook. I can tell it better in mozilla-firefox: you have two 
options for both sending e-mail and receiving e-mail, tls or ssl
I am traveling a lot and tls works less and less. Hotels here as well as in G 
especially when sxxxcom it the wireless provider. 
I think the reason is that smtp over tls uses port 25 and many hotels etc 
block this port because of guest may send out spam.

But I may be completely wrong in your case.
>
> If I look to the logs my understanding is that the authentication is
> successful if the none fix IP from the internet is used in the trusted
> network configuration. From this point I do not think that this is a
> problem of the authentication itself. It is more that postfix accepts the
> connection (authentication) and would hand over to kolabpolicy but
> kolabpolicy does not accept it and this is the reason that for this
> connection the socket is not available.
>
> Can you give me more details....how can I use the function over SSL on
> Outlook 2003?
>
> I can test even I do not think that this has something to do with the
> authentication because as mentioned out from the logs the authentication is
> done successful if the none fix IP from the internet is in the trusted
> network.
>
> Kind regards
>
> Andrea
>
>
> -----Ursprüngliche Nachricht-----
> Von: kolab-users-bounces at kolab.org [mailto:kolab-users-bounces at kolab.org]
> Im Auftrag von Thomas Spuhler
> Gesendet: Sonntag, 3. Juni 2007 18:38
> An: kolab-users at kolab.org
> Betreff: Re: AW: [Kolab-devel] Kolab2 V2.1.0 Final SMTP over SSL
>
> >problemtalkingto server private/kolabpolicy: Socket operationonnon-socket
>
> On Saturday 02 June 2007 22:38, ComCept Net GmbH Andrea Soliva wrote:
> > Yes Sir :-) Solaris 10 11/06 Sparc latest recommended cluster May 2007
> >
> > Why you are asking....this should have nothing to do with the below
>
> message
>
> > or?
> >
> > Andrea
> >
> >   _____
> >
> > Von: kolab-users-bounces at kolab.org [mailto:kolab-users-bounces at kolab.org]
> > Im Auftrag von Alain Spineux
> > Gesendet: Samstag, 2. Juni 2007 20:51
> > An: Kolab development coordination
> > Cc: kolab-users at kolab.org
> > Betreff: Re: [Kolab-devel] Kolab2 V2.1.0 Final SMTP over SSL >
> > problemtalkingto server private/kolabpolicy: Socket operation
> > onnon-socket
> >
> >
> > Are you using SOLARIS ?
> >
> >
> > On 6/2/07, ComCept Net GmbH Andrea Soliva <soliva at comcept.ch> wrote:
> >
> > Hi Alain
> >
> > I checked the /kolab/var/resmgr/resmgr.log. No errors at all also not in
> > the time of test. The local connection with the untouched useraccount and
> > with the absolut same configuration worked. Here as mentioned the logs
>
> from
>
> > this test/connection:
> >
> > LOCAL TEST WITH SAME ACCOUNT:
> >
> > Jun 02 13:12:04 kolab2 <info> postfix/smtpd[9033]: connect from
> > PCG-GRT716S[xxx.xxx.xxx.x]
> > Jun 02 13:12:04 kolab2 <info> postfix/smtpd[9033]: setting up TLS
> > connection from PCG-GRT716S[xxx.xxx.xxx.x]
> > Jun 02 13:12:04 kolab2 <info> postfix/smtpd[9033]: TLS connection
> > established from PCG-GRT716S[xxx.xxx.xxx.x]: TLSv1 with cipher RC
> > 4-MD5 (128/128 bits)
> > Jun 02 13:12:04 kolab2 <info> postfix/smtpd[9033]: 808249D1F:
> > client=PCG-GRT716S[xxx.xxx.xxx.x], sasl_method=LOGIN, sasl_username=
> > <mailto:domenica at wojnowski.ch> domenica at wojnowski.ch
> > Jun 02 13:12:04 kolab2 <info> postfix/cleanup[8895]: 808249D1F:
> > message-id=<20070602111204.808249D1F at kolab2.comcept.ch
> > <mailto:20070602111204.808249D1F at kolab2.comcept.ch> >
> > Jun 02 13:12:04 kolab2 <info> postfix/qmgr[7038]: 808249D1F: from=<
> > <mailto:domenica at wojnowski.ch>  domenica at wojnowski.ch>, size=649, nrcpt=1
> > (queue active)
> > Jun 02 13:12:04 kolab2 <info> postfix/smtpd[9033]: disconnect from
> > PCG-GRT716S[xxx.xxx.xxx.x]
> > Jun 02 13:12:04 kolab2 <info> postfix/smtpd[8898]: connect from
> > localhost[127.0.0.1]
> > Jun 02 13:12:04 kolab2 <info> postfix/smtpd[8898]: C63539DE2:
> > client=localhost[127.0.0.1]
> > Jun 02 13:12:04 kolab2 <info> postfix/cleanup[8899]: C63539DE2:
> > message-id=<20070602111204.808249D1F at kolab2.comcept.ch>
> > Jun 02 13:12:04 kolab2 <info> postfix/qmgr[7038]: C63539DE2: from=<
> > <mailto:domenica at wojnowski.ch>  domenica at wojnowski.ch>, size=824, nrcpt=1
> > (queue active)
> > Jun 02 13:12:04 kolab2 <info> postfix/smtpd[8898]: disconnect from
> > localhost[127.0.0.1]
> > Jun 02 13:12:04 kolab2 <info> postfix/pipe[8896]: 808249D1F: to=<
> > <mailto:domenica at wojnowski.ch> domenica at wojnowski.ch>, relay=kolabfilter,
> > delay=0, status=sent (kola
> > b2.comcept.ch)
> > Jun 02 13:12:04 kolab2 <info> postfix/qmgr[7038]: 808249D1F: removed
> >
> > TEST WITH "NONE FIX IP FROM INTERNET" ENTERED IN TRUSTED NETWORK:
> >
> > Jun 02 13:23:23 kolab2 <info> postfix/smtpd[10675]: connect from
> > 100-132.3-85.cust.bluewin.ch[85.3.132.100]
> > Jun 02 13:23:23 kolab2 <info> postfix/smtpd[10675]: setting up TLS
> > connection from 100-132.3-85.cust.bluewin.ch[85.3.132.100]
> > Jun 02 13:23:23 kolab2 <info> postfix/smtpd[10675]: TLS connection
> > established from 100-132.3-85.cust.bluewin.ch[85.3.132.100]: TLSv
> > 1 with cipher RC4-MD5 (128/128 bits)
> > Jun 02 13:23:23 kolab2 <info> postfix/smtpd[10675]: 8A8E7A179:
> > client=100-132.3-85.cust.bluewin.ch[85.3.132.100], sasl_method=LOGIN,
> >  sasl_username=domenica at wojnowski.ch
> > Jun 02 13:23:24 kolab2 <info> postfix/cleanup[10447]: 8A8E7A179:
> > message-id=<000001c7a508$5d781260$2101a8c0 at Amilo>
> > Jun 02 13:23:24 kolab2 <info> postfix/qmgr[10181]: 8A8E7A179:
> > from=<domenica at wojnowski.ch>, size=2172, nrcpt=1 (queue active)
> > Jun 02 13:23:24 kolab2 <info> postfix/smtpd[10450]: connect from
> > localhost[127.0.0.1]
> > Jun 02 13:23:24 kolab2 <info> postfix/smtpd[10450]: 69BC9A17B:
> > client=localhost[127.0.0.1]
> > Jun 02 13:23:24 kolab2 <info> postfix/cleanup[10451]: 69BC9A17B:
> > message-id=<000001c7a508$5d781260$2101a8c0 at Amilo>
> > Jun 02 13:23:24 kolab2 <info> postfix/qmgr[10181]: 69BC9A17B:
> > from=<domenica at wojnowski.ch>, size=2345, nrcpt=1 (queue active)
> > Jun 02 13:23:24 kolab2 <info> postfix/smtpd[10450]: disconnect from
> > localhost[127.0.0.1]
> > Jun 02 13:23:24 kolab2 <info> postfix/pipe[10448]: 8A8E7A179:
> > to=<soliva at comcept.ch>, relay=kolabfilter, delay=1, status=sent (kolab
> > 2.comcept.ch)
> >
> > You see that is 100% a confirmation that actually all is working fine but
> > "only" within local trusted network or if the IP is configured as trusted
> > network even this solution is not visible (because it is not a fix IP).
> >
> > What is here wrong.....except within the postfix.log I have no errors
> > meaning I controlled all logs (really all :-).
> >
> > Any help and explanation really appriciated.
> >
> > Many thanks
> >
> > Andrea
> >
> >
> >
> >
> >   _____
> >
> > Von: kolab-devel-bounces at kolab.org [mailto:kolab-devel-bounces at kolab.org]
> > Im Auftrag von Alain Spineux
> > Gesendet: Samstag, 2. Juni 2007 18:10
> > An: Kolab development coordination
> > Cc: kolab-users at kolab.org
> > Betreff: Re: [Kolab-devel] Kolab2 V2.1.0 Final SMTP over SSL >
> > problemtalking to server private/kolabpolicy: Socket operation
>
> onnon-socket
>
> > You should look about error messages from the kolab policy.
> > Maybe thei are in /kolab/var/resmgr/resmgr.log (not sure)
> >
> > Also can you give the log a the successful connection you got, when
> > connected locally ?
> >
> > Regards.
> >
> > Alain
> >
> >
> >
> >
> >
> > On 6/2/07, ComCept Net GmbH Andrea Soliva <soliva at comcept.ch> wrote:
> >
> > Hi all
> >
> > I tested further with V2.1.0 Final and up to know it seems to work all
>
> fine
>
> > (internal trusted networks) with one exception:
> >
> > I'm working with Toltec and the E-Mail account is configured with Port
> > POP over SSL TCP 995 as SMTP over SSL TCP 465. All is working fine
> > without problems.
> >
> > The next test I did is I added a new domain wojnowski.ch and a user. This
> > user is not in my trusted network meaning this user makes requests
> > somewhere from the internet. On the firewall I opened:
> >
> > POP over SSL TCP 995 as SMTP over SSL TCP 465
> >
> > The Email account from the user is also configured with the specific
> > ports as the certificat is installed. The issue we have is following:
> >
> > --> The user can fetch his emails over POP over SSL TCP 995 without
> > problems. As soon as he tries to send a mail over SMTP over SSL TCP 465
> > it would not work:
> >
> > ==> /kolab/var/postfix/log/postfix.log <==
> > Jun 02 12:24:55 kolab2 <info> postfix/smtpd[2815]: connect from
> > 147-164.3-85.cust.bluewin.ch[85.3.164.147]
> > Jun 02 12:24:55 kolab2 <info> postfix/smtpd[2815]: setting up TLS
> > connection from 147-164.3-85.cust.bluewin.ch[ 85.3.164.147
> > <http://85.3.164.147> ] Jun 02 12:24:55 kolab2 <info>
> > postfix/smtpd[2815]: TLS connection
> > established from 147-164.3-85.cust.bluewin.ch[85.3.164.147]: TLSv1 with
> > cipher RC4-MD5 (128/128 bits)
> > Jun 02 12:24:56 kolab2 <warning> postfix/smtpd[2815]: warning: connect to
> > private/kolabpolicy: Socket operation on non-socket
> > Jun 02 12:24:56 kolab2 <warning> postfix/smtpd[2815]: warning: problem
> > talking to server private/kolabpolicy: Socket operation on non-socket
> > Jun 02 12:24:57 kolab2 <warning> postfix/smtpd[2815]: warning: connect to
> > private/kolabpolicy: Socket operation on non-socket
> > Jun 02 12:24:57 kolab2 <warning> postfix/smtpd[2815]: warning: problem
> > talking to server private/kolabpolicy: Socket operation on non-socket
> > Jun 02 12:24:57 kolab2 <info> postfix/smtpd[2815]: NOQUEUE: reject: RCPT
> > from 147-164.3-85.cust.bluewin.ch[ 85.3.164.147 <http://85.3.164.147> ]:
> > 450 Server configuration
> > problem; from=<domenica at wojnowski.ch> to=< soliva at comcept.ch
> > <mailto:soliva at comcept.ch> > proto=ESMTP
> > helo=<Amilo>
> > Jun 02 12:25:00 kolab2 <info> postfix/smtpd[2815]: disconnect from
> > 147-164.3-85.cust.bluewin.ch[85.3.164.147]
> >
> >
> > As a test I configured the account in my local network (trusted network)
> > with the same config as the user has. It works without problems. If I
> > look to the error or warnings it seems to me that the kolabpolicy does
> > not
>
> allow
>
> > this even the users is authenticating. The config over the manager
> > interface
> >
> > looks like following:
> >
> > All services available except HTTP FreeBusy Service (Legacy) and POP3
> > Service
> >
> > Quota not active
> >
> > Freebusy not set
> >
> > Priviliged networks set to 127.0.0.0/8, xxx.xxx.xxx.0/24,
> > xxx.xxx.xxx.0/24,, xxx.xxx.xxx.0/24
> >
> > No Smart Relay Host set
> >
> > Accept Internet Email not active
> >
> > Domains both domains are visible
> >
> > Mail Filter settings set to "Reject the message with the except if it
> > originates"
> >
> >
> > Temporarly I entered the IP from the user "85.3.164.147" to the trusted
> > network config and it worked fine. This user has now fix IP from this
>
> point
>
> > of view it is not visible to use such a config. At the moment I'm a
> > little bit confiused meaning is this configuration I would like to have
> > not visible meaning having user travelling around the world and using
> > kolab2 for sending
> >
> > emails?
> >
> > Can somebody point me in the correct direction or is it something which
> > should work and does not in V2.1.0 (Bug?).
> >
> > For any answer many thanks in advanced.
> >
> > Kind regards
> >
> > Andrea
> >
> > _______________________________________________
> > Kolab-devel mailing list
> > Kolab-devel at kolab.org
> > https://kolab.org/mailman/listinfo/kolab-devel
> > <https://kolab.org/mailman/listinfo/kolab-devel>
> >
> >
> >
> >
> >
> > --
> > --
> > Alain Spineux
> > aspineux gmail com
> > May the sources be with you
> >
> >
> > _______________________________________________
> > Kolab-devel mailing list
> > Kolab-devel at kolab.org
> > https://kolab.org/mailman/listinfo/kolab-devel
>
> There is a  mix of tls and ssl in you above message. We have experienced
> that
> tls often doesn't work from the outside especially from hotels or certain
> isp's. They must block it. try ssl

-- 

Thomas




More information about the users mailing list