Kolab2 V2.1.0 Final SMTP over SSL >problemtalkingto server private/kolabpolicy: Socket operationonnon-socket
Thomas Spuhler
thomas at btspuhler.com
Sun Jun 3 21:24:33 CEST 2007
Sorry
should be thunderbird not firefox
On Sunday 03 June 2007 12:14, Thomas Spuhler wrote:
> On Sunday 03 June 2007 10:36, ComCept Net GmbH Andrea Soliva wrote:
> > Hi Thomas
> >
> > Many thanks for that point but I do not understand you...can you give me
> > more details meaning how can I reconfigure the client to use SSL. The
> > user is working with outlook 2003.....what I also not understand is that
> > he can fetch the mails over TCP POP-SSL meaning Port 995 and for that he
> > uses also the authentication TLS or?
>
> I don't use outlook. I can tell it better in mozilla-Thunderbid: you have
two
> options for both sending e-mail and receiving e-mail, tls or ssl
> I am traveling a lot and tls works less and less. Hotels here as well as in
> G especially when sxxxcom it the wireless provider.
> I think the reason is that smtp over tls uses port 25 and many hotels etc
> block this port because of guest may send out spam.
>
> But I may be completely wrong in your case.
>
> > If I look to the logs my understanding is that the authentication is
> > successful if the none fix IP from the internet is used in the trusted
> > network configuration. From this point I do not think that this is a
> > problem of the authentication itself. It is more that postfix accepts the
> > connection (authentication) and would hand over to kolabpolicy but
> > kolabpolicy does not accept it and this is the reason that for this
> > connection the socket is not available.
> >
> > Can you give me more details....how can I use the function over SSL on
> > Outlook 2003?
> >
> > I can test even I do not think that this has something to do with the
> > authentication because as mentioned out from the logs the authentication
> > is done successful if the none fix IP from the internet is in the trusted
> > network.
> >
> > Kind regards
> >
> > Andrea
> >
> >
> > -----Ursprüngliche Nachricht-----
> > Von: kolab-users-bounces at kolab.org [mailto:kolab-users-bounces at kolab.org]
> > Im Auftrag von Thomas Spuhler
> > Gesendet: Sonntag, 3. Juni 2007 18:38
> > An: kolab-users at kolab.org
> > Betreff: Re: AW: [Kolab-devel] Kolab2 V2.1.0 Final SMTP over SSL
> >
> > >problemtalkingto server private/kolabpolicy: Socket
> > > operationonnon-socket
> >
> > On Saturday 02 June 2007 22:38, ComCept Net GmbH Andrea Soliva wrote:
> > > Yes Sir :-) Solaris 10 11/06 Sparc latest recommended cluster May 2007
> > >
> > > Why you are asking....this should have nothing to do with the below
> >
> > message
> >
> > > or?
> > >
> > > Andrea
> > >
> > > _____
> > >
> > > Von: kolab-users-bounces at kolab.org
> > > [mailto:kolab-users-bounces at kolab.org] Im Auftrag von Alain Spineux
> > > Gesendet: Samstag, 2. Juni 2007 20:51
> > > An: Kolab development coordination
> > > Cc: kolab-users at kolab.org
> > > Betreff: Re: [Kolab-devel] Kolab2 V2.1.0 Final SMTP over SSL >
> > > problemtalkingto server private/kolabpolicy: Socket operation
> > > onnon-socket
> > >
> > >
> > > Are you using SOLARIS ?
> > >
> > >
> > > On 6/2/07, ComCept Net GmbH Andrea Soliva <soliva at comcept.ch> wrote:
> > >
> > > Hi Alain
> > >
> > > I checked the /kolab/var/resmgr/resmgr.log. No errors at all also not
> > > in the time of test. The local connection with the untouched
> > > useraccount and with the absolut same configuration worked. Here as
> > > mentioned the logs
> >
> > from
> >
> > > this test/connection:
> > >
> > > LOCAL TEST WITH SAME ACCOUNT:
> > >
> > > Jun 02 13:12:04 kolab2 <info> postfix/smtpd[9033]: connect from
> > > PCG-GRT716S[xxx.xxx.xxx.x]
> > > Jun 02 13:12:04 kolab2 <info> postfix/smtpd[9033]: setting up TLS
> > > connection from PCG-GRT716S[xxx.xxx.xxx.x]
> > > Jun 02 13:12:04 kolab2 <info> postfix/smtpd[9033]: TLS connection
> > > established from PCG-GRT716S[xxx.xxx.xxx.x]: TLSv1 with cipher RC
> > > 4-MD5 (128/128 bits)
> > > Jun 02 13:12:04 kolab2 <info> postfix/smtpd[9033]: 808249D1F:
> > > client=PCG-GRT716S[xxx.xxx.xxx.x], sasl_method=LOGIN, sasl_username=
> > > <mailto:domenica at wojnowski.ch> domenica at wojnowski.ch
> > > Jun 02 13:12:04 kolab2 <info> postfix/cleanup[8895]: 808249D1F:
> > > message-id=<20070602111204.808249D1F at kolab2.comcept.ch
> > > <mailto:20070602111204.808249D1F at kolab2.comcept.ch> >
> > > Jun 02 13:12:04 kolab2 <info> postfix/qmgr[7038]: 808249D1F: from=<
> > > <mailto:domenica at wojnowski.ch> domenica at wojnowski.ch>, size=649,
> > > nrcpt=1 (queue active)
> > > Jun 02 13:12:04 kolab2 <info> postfix/smtpd[9033]: disconnect from
> > > PCG-GRT716S[xxx.xxx.xxx.x]
> > > Jun 02 13:12:04 kolab2 <info> postfix/smtpd[8898]: connect from
> > > localhost[127.0.0.1]
> > > Jun 02 13:12:04 kolab2 <info> postfix/smtpd[8898]: C63539DE2:
> > > client=localhost[127.0.0.1]
> > > Jun 02 13:12:04 kolab2 <info> postfix/cleanup[8899]: C63539DE2:
> > > message-id=<20070602111204.808249D1F at kolab2.comcept.ch>
> > > Jun 02 13:12:04 kolab2 <info> postfix/qmgr[7038]: C63539DE2: from=<
> > > <mailto:domenica at wojnowski.ch> domenica at wojnowski.ch>, size=824,
> > > nrcpt=1 (queue active)
> > > Jun 02 13:12:04 kolab2 <info> postfix/smtpd[8898]: disconnect from
> > > localhost[127.0.0.1]
> > > Jun 02 13:12:04 kolab2 <info> postfix/pipe[8896]: 808249D1F: to=<
> > > <mailto:domenica at wojnowski.ch> domenica at wojnowski.ch>,
> > > relay=kolabfilter, delay=0, status=sent (kola
> > > b2.comcept.ch)
> > > Jun 02 13:12:04 kolab2 <info> postfix/qmgr[7038]: 808249D1F: removed
> > >
> > > TEST WITH "NONE FIX IP FROM INTERNET" ENTERED IN TRUSTED NETWORK:
> > >
> > > Jun 02 13:23:23 kolab2 <info> postfix/smtpd[10675]: connect from
> > > 100-132.3-85.cust.bluewin.ch[85.3.132.100]
> > > Jun 02 13:23:23 kolab2 <info> postfix/smtpd[10675]: setting up TLS
> > > connection from 100-132.3-85.cust.bluewin.ch[85.3.132.100]
> > > Jun 02 13:23:23 kolab2 <info> postfix/smtpd[10675]: TLS connection
> > > established from 100-132.3-85.cust.bluewin.ch[85.3.132.100]: TLSv
> > > 1 with cipher RC4-MD5 (128/128 bits)
> > > Jun 02 13:23:23 kolab2 <info> postfix/smtpd[10675]: 8A8E7A179:
> > > client=100-132.3-85.cust.bluewin.ch[85.3.132.100], sasl_method=LOGIN,
> > > sasl_username=domenica at wojnowski.ch
> > > Jun 02 13:23:24 kolab2 <info> postfix/cleanup[10447]: 8A8E7A179:
> > > message-id=<000001c7a508$5d781260$2101a8c0 at Amilo>
> > > Jun 02 13:23:24 kolab2 <info> postfix/qmgr[10181]: 8A8E7A179:
> > > from=<domenica at wojnowski.ch>, size=2172, nrcpt=1 (queue active)
> > > Jun 02 13:23:24 kolab2 <info> postfix/smtpd[10450]: connect from
> > > localhost[127.0.0.1]
> > > Jun 02 13:23:24 kolab2 <info> postfix/smtpd[10450]: 69BC9A17B:
> > > client=localhost[127.0.0.1]
> > > Jun 02 13:23:24 kolab2 <info> postfix/cleanup[10451]: 69BC9A17B:
> > > message-id=<000001c7a508$5d781260$2101a8c0 at Amilo>
> > > Jun 02 13:23:24 kolab2 <info> postfix/qmgr[10181]: 69BC9A17B:
> > > from=<domenica at wojnowski.ch>, size=2345, nrcpt=1 (queue active)
> > > Jun 02 13:23:24 kolab2 <info> postfix/smtpd[10450]: disconnect from
> > > localhost[127.0.0.1]
> > > Jun 02 13:23:24 kolab2 <info> postfix/pipe[10448]: 8A8E7A179:
> > > to=<soliva at comcept.ch>, relay=kolabfilter, delay=1, status=sent (kolab
> > > 2.comcept.ch)
> > >
> > > You see that is 100% a confirmation that actually all is working fine
> > > but "only" within local trusted network or if the IP is configured as
> > > trusted network even this solution is not visible (because it is not a
> > > fix IP).
> > >
> > > What is here wrong.....except within the postfix.log I have no errors
> > > meaning I controlled all logs (really all :-).
> > >
> > > Any help and explanation really appriciated.
> > >
> > > Many thanks
> > >
> > > Andrea
> > >
> > >
> > >
> > >
> > > _____
> > >
> > > Von: kolab-devel-bounces at kolab.org
> > > [mailto:kolab-devel-bounces at kolab.org] Im Auftrag von Alain Spineux
> > > Gesendet: Samstag, 2. Juni 2007 18:10
> > > An: Kolab development coordination
> > > Cc: kolab-users at kolab.org
> > > Betreff: Re: [Kolab-devel] Kolab2 V2.1.0 Final SMTP over SSL >
> > > problemtalking to server private/kolabpolicy: Socket operation
> >
> > onnon-socket
> >
> > > You should look about error messages from the kolab policy.
> > > Maybe thei are in /kolab/var/resmgr/resmgr.log (not sure)
> > >
> > > Also can you give the log a the successful connection you got, when
> > > connected locally ?
> > >
> > > Regards.
> > >
> > > Alain
> > >
> > >
> > >
> > >
> > >
> > > On 6/2/07, ComCept Net GmbH Andrea Soliva <soliva at comcept.ch> wrote:
> > >
> > > Hi all
> > >
> > > I tested further with V2.1.0 Final and up to know it seems to work all
> >
> > fine
> >
> > > (internal trusted networks) with one exception:
> > >
> > > I'm working with Toltec and the E-Mail account is configured with Port
> > > POP over SSL TCP 995 as SMTP over SSL TCP 465. All is working fine
> > > without problems.
> > >
> > > The next test I did is I added a new domain wojnowski.ch and a user.
> > > This user is not in my trusted network meaning this user makes requests
> > > somewhere from the internet. On the firewall I opened:
> > >
> > > POP over SSL TCP 995 as SMTP over SSL TCP 465
> > >
> > > The Email account from the user is also configured with the specific
> > > ports as the certificat is installed. The issue we have is following:
> > >
> > > --> The user can fetch his emails over POP over SSL TCP 995 without
> > > problems. As soon as he tries to send a mail over SMTP over SSL TCP 465
> > > it would not work:
> > >
> > > ==> /kolab/var/postfix/log/postfix.log <==
> > > Jun 02 12:24:55 kolab2 <info> postfix/smtpd[2815]: connect from
> > > 147-164.3-85.cust.bluewin.ch[85.3.164.147]
> > > Jun 02 12:24:55 kolab2 <info> postfix/smtpd[2815]: setting up TLS
> > > connection from 147-164.3-85.cust.bluewin.ch[ 85.3.164.147
> > > <http://85.3.164.147> ] Jun 02 12:24:55 kolab2 <info>
> > > postfix/smtpd[2815]: TLS connection
> > > established from 147-164.3-85.cust.bluewin.ch[85.3.164.147]: TLSv1 with
> > > cipher RC4-MD5 (128/128 bits)
> > > Jun 02 12:24:56 kolab2 <warning> postfix/smtpd[2815]: warning: connect
> > > to private/kolabpolicy: Socket operation on non-socket
> > > Jun 02 12:24:56 kolab2 <warning> postfix/smtpd[2815]: warning: problem
> > > talking to server private/kolabpolicy: Socket operation on non-socket
> > > Jun 02 12:24:57 kolab2 <warning> postfix/smtpd[2815]: warning: connect
> > > to private/kolabpolicy: Socket operation on non-socket
> > > Jun 02 12:24:57 kolab2 <warning> postfix/smtpd[2815]: warning: problem
> > > talking to server private/kolabpolicy: Socket operation on non-socket
> > > Jun 02 12:24:57 kolab2 <info> postfix/smtpd[2815]: NOQUEUE: reject:
> > > RCPT from 147-164.3-85.cust.bluewin.ch[ 85.3.164.147
> > > <http://85.3.164.147> ]: 450 Server configuration
> > > problem; from=<domenica at wojnowski.ch> to=< soliva at comcept.ch
> > > <mailto:soliva at comcept.ch> > proto=ESMTP
> > > helo=<Amilo>
> > > Jun 02 12:25:00 kolab2 <info> postfix/smtpd[2815]: disconnect from
> > > 147-164.3-85.cust.bluewin.ch[85.3.164.147]
> > >
> > >
> > > As a test I configured the account in my local network (trusted
> > > network) with the same config as the user has. It works without
> > > problems. If I look to the error or warnings it seems to me that the
> > > kolabpolicy does not
> >
> > allow
> >
> > > this even the users is authenticating. The config over the manager
> > > interface
> > >
> > > looks like following:
> > >
> > > All services available except HTTP FreeBusy Service (Legacy) and POP3
> > > Service
> > >
> > > Quota not active
> > >
> > > Freebusy not set
> > >
> > > Priviliged networks set to 127.0.0.0/8, xxx.xxx.xxx.0/24,
> > > xxx.xxx.xxx.0/24,, xxx.xxx.xxx.0/24
> > >
> > > No Smart Relay Host set
> > >
> > > Accept Internet Email not active
> > >
> > > Domains both domains are visible
> > >
> > > Mail Filter settings set to "Reject the message with the except if it
> > > originates"
> > >
> > >
> > > Temporarly I entered the IP from the user "85.3.164.147" to the trusted
> > > network config and it worked fine. This user has now fix IP from this
> >
> > point
> >
> > > of view it is not visible to use such a config. At the moment I'm a
> > > little bit confiused meaning is this configuration I would like to have
> > > not visible meaning having user travelling around the world and using
> > > kolab2 for sending
> > >
> > > emails?
> > >
> > > Can somebody point me in the correct direction or is it something which
> > > should work and does not in V2.1.0 (Bug?).
> > >
> > > For any answer many thanks in advanced.
> > >
> > > Kind regards
> > >
> > > Andrea
> > >
> > > _______________________________________________
> > > Kolab-devel mailing list
> > > Kolab-devel at kolab.org
> > > https://kolab.org/mailman/listinfo/kolab-devel
> > > <https://kolab.org/mailman/listinfo/kolab-devel>
> > >
> > >
> > >
> > >
> > >
> > > --
> > > --
> > > Alain Spineux
> > > aspineux gmail com
> > > May the sources be with you
> > >
> > >
> > > _______________________________________________
> > > Kolab-devel mailing list
> > > Kolab-devel at kolab.org
> > > https://kolab.org/mailman/listinfo/kolab-devel
> >
> > There is a mix of tls and ssl in you above message. We have experienced
> > that
> > tls often doesn't work from the outside especially from hotels or certain
> > isp's. They must block it. try ssl
--
Best regards
Thomas Spuhler
More information about the users
mailing list