Kolab2 V2.1.0 Final SMTP over SSL >problemtalkingto server private/kolabpolicy: Socket operationonnon-socket

Alain Spineux aspineux at gmail.com
Sun Jun 3 22:15:03 CEST 2007


This is not the problem now because he said it was working when adding
remote IP in the networks.


On 6/3/07, Thomas Spuhler <thomas at btspuhler.com> wrote:
>
> Sorry
> should be thunderbird not firefox
>
> On Sunday 03 June 2007 12:14, Thomas Spuhler wrote:
> > On Sunday 03 June 2007 10:36, ComCept Net GmbH Andrea Soliva wrote:
> > > Hi Thomas
> > >
> > > Many thanks for that point but I do not understand you...can you give
> me
> > > more details meaning how can I reconfigure the client to use SSL. The
> > > user is working with outlook 2003.....what I also not understand is
> that
> > > he can fetch the mails over TCP POP-SSL meaning Port 995 and for that
> he
> > > uses also the authentication TLS or?
> >
> > I don't use outlook. I can tell it better in mozilla-Thunderbid: you
> have
> two
> > options for both sending e-mail and receiving e-mail, tls or ssl
> > I am traveling a lot and tls works less and less. Hotels here as well as
> in
> > G especially when sxxxcom it the wireless provider.
> > I think the reason is that smtp over tls uses port 25 and many hotels
> etc
> > block this port because of guest may send out spam.
> >
> > But I may be completely wrong in your case.
> >
> > > If I look to the logs my understanding is that the authentication is
> > > successful if the none fix IP from the internet is used in the trusted
> > > network configuration. From this point I do not think that this is a
> > > problem of the authentication itself. It is more that postfix accepts
> the
> > > connection (authentication) and would hand over to kolabpolicy but
> > > kolabpolicy does not accept it and this is the reason that for this
> > > connection the socket is not available.
> > >
> > > Can you give me more details....how can I use the function over SSL on
> > > Outlook 2003?
> > >
> > > I can test even I do not think that this has something to do with the
> > > authentication because as mentioned out from the logs the
> authentication
> > > is done successful if the none fix IP from the internet is in the
> trusted
> > > network.
> > >
> > > Kind regards
> > >
> > > Andrea
> > >
> > >
> > > -----Ursprüngliche Nachricht-----
> > > Von: kolab-users-bounces at kolab.org [mailto:
> kolab-users-bounces at kolab.org]
> > > Im Auftrag von Thomas Spuhler
> > > Gesendet: Sonntag, 3. Juni 2007 18:38
> > > An: kolab-users at kolab.org
> > > Betreff: Re: AW: [Kolab-devel] Kolab2 V2.1.0 Final SMTP over SSL
> > >
> > > >problemtalkingto server private/kolabpolicy: Socket
> > > > operationonnon-socket
> > >
> > > On Saturday 02 June 2007 22:38, ComCept Net GmbH Andrea Soliva wrote:
> > > > Yes Sir :-) Solaris 10 11/06 Sparc latest recommended cluster May
> 2007
> > > >
> > > > Why you are asking....this should have nothing to do with the below
> > >
> > > message
> > >
> > > > or?
> > > >
> > > > Andrea
> > > >
> > > >   _____
> > > >
> > > > Von: kolab-users-bounces at kolab.org
> > > > [mailto:kolab-users-bounces at kolab.org] Im Auftrag von Alain Spineux
> > > > Gesendet: Samstag, 2. Juni 2007 20:51
> > > > An: Kolab development coordination
> > > > Cc: kolab-users at kolab.org
> > > > Betreff: Re: [Kolab-devel] Kolab2 V2.1.0 Final SMTP over SSL >
> > > > problemtalkingto server private/kolabpolicy: Socket operation
> > > > onnon-socket
> > > >
> > > >
> > > > Are you using SOLARIS ?
> > > >
> > > >
> > > > On 6/2/07, ComCept Net GmbH Andrea Soliva <soliva at comcept.ch> wrote:
> > > >
> > > > Hi Alain
> > > >
> > > > I checked the /kolab/var/resmgr/resmgr.log. No errors at all also
> not
> > > > in the time of test. The local connection with the untouched
> > > > useraccount and with the absolut same configuration worked. Here as
> > > > mentioned the logs
> > >
> > > from
> > >
> > > > this test/connection:
> > > >
> > > > LOCAL TEST WITH SAME ACCOUNT:
> > > >
> > > > Jun 02 13:12:04 kolab2 <info> postfix/smtpd[9033]: connect from
> > > > PCG-GRT716S[xxx.xxx.xxx.x]
> > > > Jun 02 13:12:04 kolab2 <info> postfix/smtpd[9033]: setting up TLS
> > > > connection from PCG-GRT716S[xxx.xxx.xxx.x]
> > > > Jun 02 13:12:04 kolab2 <info> postfix/smtpd[9033]: TLS connection
> > > > established from PCG-GRT716S[xxx.xxx.xxx.x]: TLSv1 with cipher RC
> > > > 4-MD5 (128/128 bits)
> > > > Jun 02 13:12:04 kolab2 <info> postfix/smtpd[9033]: 808249D1F:
> > > > client=PCG-GRT716S[xxx.xxx.xxx.x], sasl_method=LOGIN, sasl_username=
> > > > <mailto:domenica at wojnowski.ch> domenica at wojnowski.ch
> > > > Jun 02 13:12:04 kolab2 <info> postfix/cleanup[8895]: 808249D1F:
> > > > message-id=<20070602111204.808249D1F at kolab2.comcept.ch
> > > > <mailto:20070602111204.808249D1F at kolab2.comcept.ch> >
> > > > Jun 02 13:12:04 kolab2 <info> postfix/qmgr[7038]: 808249D1F: from=<
> > > > <mailto:domenica at wojnowski.ch>  domenica at wojnowski.ch>, size=649,
> > > > nrcpt=1 (queue active)
> > > > Jun 02 13:12:04 kolab2 <info> postfix/smtpd[9033]: disconnect from
> > > > PCG-GRT716S[xxx.xxx.xxx.x]
> > > > Jun 02 13:12:04 kolab2 <info> postfix/smtpd[8898]: connect from
> > > > localhost[127.0.0.1]
> > > > Jun 02 13:12:04 kolab2 <info> postfix/smtpd[8898]: C63539DE2:
> > > > client=localhost[127.0.0.1]
> > > > Jun 02 13:12:04 kolab2 <info> postfix/cleanup[8899]: C63539DE2:
> > > > message-id=<20070602111204.808249D1F at kolab2.comcept.ch>
> > > > Jun 02 13:12:04 kolab2 <info> postfix/qmgr[7038]: C63539DE2: from=<
> > > > <mailto:domenica at wojnowski.ch>  domenica at wojnowski.ch>, size=824,
> > > > nrcpt=1 (queue active)
> > > > Jun 02 13:12:04 kolab2 <info> postfix/smtpd[8898]: disconnect from
> > > > localhost[127.0.0.1]
> > > > Jun 02 13:12:04 kolab2 <info> postfix/pipe[8896]: 808249D1F: to=<
> > > > <mailto:domenica at wojnowski.ch> domenica at wojnowski.ch>,
> > > > relay=kolabfilter, delay=0, status=sent (kola
> > > > b2.comcept.ch)
> > > > Jun 02 13:12:04 kolab2 <info> postfix/qmgr[7038]: 808249D1F: removed
> > > >
> > > > TEST WITH "NONE FIX IP FROM INTERNET" ENTERED IN TRUSTED NETWORK:
> > > >
> > > > Jun 02 13:23:23 kolab2 <info> postfix/smtpd[10675]: connect from
> > > > 100-132.3-85.cust.bluewin.ch[85.3.132.100]
> > > > Jun 02 13:23:23 kolab2 <info> postfix/smtpd[10675]: setting up TLS
> > > > connection from 100-132.3-85.cust.bluewin.ch[85.3.132.100]
> > > > Jun 02 13:23:23 kolab2 <info> postfix/smtpd[10675]: TLS connection
> > > > established from 100-132.3-85.cust.bluewin.ch[85.3.132.100]: TLSv
> > > > 1 with cipher RC4-MD5 (128/128 bits)
> > > > Jun 02 13:23:23 kolab2 <info> postfix/smtpd[10675]: 8A8E7A179:
> > > > client=100-132.3-85.cust.bluewin.ch[85.3.132.100],
> sasl_method=LOGIN,
> > > >  sasl_username=domenica at wojnowski.ch
> > > > Jun 02 13:23:24 kolab2 <info> postfix/cleanup[10447]: 8A8E7A179:
> > > > message-id=<000001c7a508$5d781260$2101a8c0 at Amilo>
> > > > Jun 02 13:23:24 kolab2 <info> postfix/qmgr[10181]: 8A8E7A179:
> > > > from=<domenica at wojnowski.ch>, size=2172, nrcpt=1 (queue active)
> > > > Jun 02 13:23:24 kolab2 <info> postfix/smtpd[10450]: connect from
> > > > localhost[127.0.0.1]
> > > > Jun 02 13:23:24 kolab2 <info> postfix/smtpd[10450]: 69BC9A17B:
> > > > client=localhost[127.0.0.1]
> > > > Jun 02 13:23:24 kolab2 <info> postfix/cleanup[10451]: 69BC9A17B:
> > > > message-id=<000001c7a508$5d781260$2101a8c0 at Amilo>
> > > > Jun 02 13:23:24 kolab2 <info> postfix/qmgr[10181]: 69BC9A17B:
> > > > from=<domenica at wojnowski.ch>, size=2345, nrcpt=1 (queue active)
> > > > Jun 02 13:23:24 kolab2 <info> postfix/smtpd[10450]: disconnect from
> > > > localhost[127.0.0.1]
> > > > Jun 02 13:23:24 kolab2 <info> postfix/pipe[10448]: 8A8E7A179:
> > > > to=<soliva at comcept.ch>, relay=kolabfilter, delay=1, status=sent
> (kolab
> > > > 2.comcept.ch)
> > > >
> > > > You see that is 100% a confirmation that actually all is working
> fine
> > > > but "only" within local trusted network or if the IP is configured
> as
> > > > trusted network even this solution is not visible (because it is not
> a
> > > > fix IP).
> > > >
> > > > What is here wrong.....except within the postfix.log I have no
> errors
> > > > meaning I controlled all logs (really all :-).
> > > >
> > > > Any help and explanation really appriciated.
> > > >
> > > > Many thanks
> > > >
> > > > Andrea
> > > >
> > > >
> > > >
> > > >
> > > >   _____
> > > >
> > > > Von: kolab-devel-bounces at kolab.org
> > > > [mailto:kolab-devel-bounces at kolab.org] Im Auftrag von Alain Spineux
> > > > Gesendet: Samstag, 2. Juni 2007 18:10
> > > > An: Kolab development coordination
> > > > Cc: kolab-users at kolab.org
> > > > Betreff: Re: [Kolab-devel] Kolab2 V2.1.0 Final SMTP over SSL >
> > > > problemtalking to server private/kolabpolicy: Socket operation
> > >
> > > onnon-socket
> > >
> > > > You should look about error messages from the kolab policy.
> > > > Maybe thei are in /kolab/var/resmgr/resmgr.log (not sure)
> > > >
> > > > Also can you give the log a the successful connection you got, when
> > > > connected locally ?
> > > >
> > > > Regards.
> > > >
> > > > Alain
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > On 6/2/07, ComCept Net GmbH Andrea Soliva <soliva at comcept.ch> wrote:
> > > >
> > > > Hi all
> > > >
> > > > I tested further with V2.1.0 Final and up to know it seems to work
> all
> > >
> > > fine
> > >
> > > > (internal trusted networks) with one exception:
> > > >
> > > > I'm working with Toltec and the E-Mail account is configured with
> Port
> > > > POP over SSL TCP 995 as SMTP over SSL TCP 465. All is working fine
> > > > without problems.
> > > >
> > > > The next test I did is I added a new domain wojnowski.ch and a user.
> > > > This user is not in my trusted network meaning this user makes
> requests
> > > > somewhere from the internet. On the firewall I opened:
> > > >
> > > > POP over SSL TCP 995 as SMTP over SSL TCP 465
> > > >
> > > > The Email account from the user is also configured with the specific
> > > > ports as the certificat is installed. The issue we have is
> following:
> > > >
> > > > --> The user can fetch his emails over POP over SSL TCP 995 without
> > > > problems. As soon as he tries to send a mail over SMTP over SSL TCP
> 465
> > > > it would not work:
> > > >
> > > > ==> /kolab/var/postfix/log/postfix.log <==
> > > > Jun 02 12:24:55 kolab2 <info> postfix/smtpd[2815]: connect from
> > > > 147-164.3-85.cust.bluewin.ch[85.3.164.147]
> > > > Jun 02 12:24:55 kolab2 <info> postfix/smtpd[2815]: setting up TLS
> > > > connection from 147-164.3-85.cust.bluewin.ch[ 85.3.164.147
> > > > <http://85.3.164.147> ] Jun 02 12:24:55 kolab2 <info>
> > > > postfix/smtpd[2815]: TLS connection
> > > > established from 147-164.3-85.cust.bluewin.ch[85.3.164.147]: TLSv1
> with
> > > > cipher RC4-MD5 (128/128 bits)
> > > > Jun 02 12:24:56 kolab2 <warning> postfix/smtpd[2815]: warning:
> connect
> > > > to private/kolabpolicy: Socket operation on non-socket
> > > > Jun 02 12:24:56 kolab2 <warning> postfix/smtpd[2815]: warning:
> problem
> > > > talking to server private/kolabpolicy: Socket operation on
> non-socket
> > > > Jun 02 12:24:57 kolab2 <warning> postfix/smtpd[2815]: warning:
> connect
> > > > to private/kolabpolicy: Socket operation on non-socket
> > > > Jun 02 12:24:57 kolab2 <warning> postfix/smtpd[2815]: warning:
> problem
> > > > talking to server private/kolabpolicy: Socket operation on
> non-socket
> > > > Jun 02 12:24:57 kolab2 <info> postfix/smtpd[2815]: NOQUEUE: reject:
> > > > RCPT from 147-164.3-85.cust.bluewin.ch[ 85.3.164.147
> > > > <http://85.3.164.147> ]: 450 Server configuration
> > > > problem; from=<domenica at wojnowski.ch> to=< soliva at comcept.ch
> > > > <mailto:soliva at comcept.ch> > proto=ESMTP
> > > > helo=<Amilo>
> > > > Jun 02 12:25:00 kolab2 <info> postfix/smtpd[2815]: disconnect from
> > > > 147-164.3-85.cust.bluewin.ch[85.3.164.147]
> > > >
> > > >
> > > > As a test I configured the account in my local network (trusted
> > > > network) with the same config as the user has. It works without
> > > > problems. If I look to the error or warnings it seems to me that the
> > > > kolabpolicy does not
> > >
> > > allow
> > >
> > > > this even the users is authenticating. The config over the manager
> > > > interface
> > > >
> > > > looks like following:
> > > >
> > > > All services available except HTTP FreeBusy Service (Legacy) and
> POP3
> > > > Service
> > > >
> > > > Quota not active
> > > >
> > > > Freebusy not set
> > > >
> > > > Priviliged networks set to 127.0.0.0/8, xxx.xxx.xxx.0/24,
> > > > xxx.xxx.xxx.0/24,, xxx.xxx.xxx.0/24
> > > >
> > > > No Smart Relay Host set
> > > >
> > > > Accept Internet Email not active
> > > >
> > > > Domains both domains are visible
> > > >
> > > > Mail Filter settings set to "Reject the message with the except if
> it
> > > > originates"
> > > >
> > > >
> > > > Temporarly I entered the IP from the user "85.3.164.147" to the
> trusted
> > > > network config and it worked fine. This user has now fix IP from
> this
> > >
> > > point
> > >
> > > > of view it is not visible to use such a config. At the moment I'm a
> > > > little bit confiused meaning is this configuration I would like to
> have
> > > > not visible meaning having user travelling around the world and
> using
> > > > kolab2 for sending
> > > >
> > > > emails?
> > > >
> > > > Can somebody point me in the correct direction or is it something
> which
> > > > should work and does not in V2.1.0 (Bug?).
> > > >
> > > > For any answer many thanks in advanced.
> > > >
> > > > Kind regards
> > > >
> > > > Andrea
> > > >
> > > > _______________________________________________
> > > > Kolab-devel mailing list
> > > > Kolab-devel at kolab.org
> > > > https://kolab.org/mailman/listinfo/kolab-devel
> > > > <https://kolab.org/mailman/listinfo/kolab-devel>
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > --
> > > > --
> > > > Alain Spineux
> > > > aspineux gmail com
> > > > May the sources be with you
> > > >
> > > >
> > > > _______________________________________________
> > > > Kolab-devel mailing list
> > > > Kolab-devel at kolab.org
> > > > https://kolab.org/mailman/listinfo/kolab-devel
> > >
> > > There is a  mix of tls and ssl in you above message. We have
> experienced
> > > that
> > > tls often doesn't work from the outside especially from hotels or
> certain
> > > isp's. They must block it. try ssl
>
> --
> Best regards
> Thomas Spuhler
>
> _______________________________________________
> Kolab-users mailing list
> Kolab-users at kolab.org
> https://kolab.org/mailman/listinfo/kolab-users
>



-- 
--
Alain Spineux
aspineux gmail com
May the sources be with you
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kolab.org/pipermail/users/attachments/20070603/cda4eb8a/attachment.html>


More information about the users mailing list