Archive for the ‘Email’ Category
I get the following error message after an Ubuntu upgrade: s_connect() failed: Permission denied Invalid user specified.
After running a system upgrade on your Ubuntu based ISPConfig 3 server, it might happen that aptitude overwrites some config files from postfix especially the main.cf file. To fix this, download the latest ISPConfig 3 installer, unpack it and run the update.php script. Choose “yes” when the updater asks if the services shall be reconfigured. ISPConfig will replace the configuration files that had been modified by the ubuntu upgrade.
cd /tmp
wget http://www.ispconfig.org/downloads/ISPConfig-3-stable.tar.gz
tar xvfz ISPConfig-3-stable.tar.gz
cd ispconfig3_install/install
php -q update.php
Install postfix with MySQL support on CentOS 5.3 (64Bit)
The following article explains the steps to compile postfix MTA with MySQL support on CentOS 5.3 as e.g. needed for ISPConfig 3.
Remove the postfix package from CentOS which does not has MySQL support:
/etc/init.d/postfix stop rpm -e --nodeps postfix
Download the postfix source RPM and install it:
cd /tmp wget http://mirror.rackspace.com/CentOS/5.3/os/SRPMS/postfix-2.3.3-2.1.el5_2.src.rpm rpm -i postfix-2.3.3-2.1.el5_2.src.rpm
Edit the spec file to enable MySQL support.
vi /usr/src/redhat/SPECS/postfix.spec
and change the line:
%define MYSQL 0
to:
%define MYSQL 1
Install a few prerequisites before we build the new postfix RPM package
yum install pcre-devel mysql-devel
Build the postfix RPM with MySQL support:
rpmbuild -ba /usr/src/redhat/SPECS/postfix.spec
and install it.
cd /usr/src/redhat/RPMS/x86_64 rpm -i postfix-2.3.3-2.1.x86_64.rpm
Start postfix and configure it to be started at boot time:
/etc/init.d/postfix start chkconfig --levels 235 postfix on
How to enable DKIM email signatures in amavisd-new and ISPConfig 3
DKIM is a system to verify the sender and integrity of emails. ISPConfig 3 uses amavisd-new as content filter for spam and virus scanning and amavisd-new is also able to sign messages with DKIM. The next steps explain how to configure amavisd-new to sign messages for a domain named “example.com” with DKIM. The steps below should work with any amavisd-new setup even if you do not use ISPConfig.
1) Create the domain key:
mkdir /var/db/dkim/ amavisd genrsa /var/db/dkim/example-foo.key.pem 2) Configure amavisd to use this key for the domain example.com. Edit the amavisd configuration file <p class="command">vi /etc/amavisd/amavisd.conf
and add the following lines:
$enable_dkim_verification = 1; $enable_dkim_signing = 1; dkim_key('example.com', 'foo', '/var/db/dkim/example-foo.key.pem'); @dkim_signature_options_bysender_maps = ( { '.' => { ttl => 21*24*3600, c => 'relaxed/simple' } } ); @mynetworks = qw(0.0.0.0/8 127.0.0.0/8 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16); # list your internal networks 3) Run the command: <p class="command">amavisd showkeys
to get the public key that has to be added as TXT record in the DNS server of the example.com DNS server.
4) Thest the setup with the command:
amavisd testkeys
and if it works properly, restart amavisd:
/etc/init.d/amavis restart
Here is a more detailed description in the amavisd-new manual on how to setup DKIM in amavisd-new:
http://www.ijs.si/software/amavisd/amavisd-new-docs.html#dkim
Blocking .exe attachments with postfix or amavisd-new and ISPConfig 3
If you use postfix and / or amavisd-new on the mail server, you can use the following recipes to block emails with executable (exe, bat, scr) attachments.
Block the attachments with a postfix header filter
In ISPConfig, click on “Email in the upper menu, then on “Content filter” in the left menu and click on the “Add new content filter” button. Enter the following details:
Filter:
MIME-Header Filter
Regexp. Pattern:
/^Content-(Disposition|Type).*name\s*=\s*"?(.*\.(bat|exe|scr))(\?=)?"?\s*(;|$)/x
Data:
File extension is blacklisted on this server
Action:
DISCARD
Use amavisd-new to block the emails with executable attachments.
Edit the amavisd configuration file (/etc/amavisd.conf or /etc/amavisd/amavisd.conf)
vi /etc/amavisd/amavisd.conf
and add the following lines:
$banned_filename_re = new_RE(
qr’.\.(bat|exe|scr)$’i,
qr’^\.(exe|zip|lha|tnef)$’i,
);
then restart amavisd-new:
/etc/init.d/amavis restart
ISPConfig 3: How to send copys of incoming emails to other mailboxes
A copy of a incoming email can be sent to a second email address by adding a cc command to the “Custom Rules” field of the mailbox in ISPConfig.
ISPConfig supports sieve as well as maildrop filter rules. The rule language depends on the LDA / POP3 / IMAP-Daemon that you use on your server. If you use courier, then the filter language is maildrop. When dovecot is installed, then the filter language is ieve.
Example in maildrop syntax:
To send a copy to the email address info@example.tld, add the following code at the beginning of the custom rules field.
cc "!info@example.tld"
Example in sieve syntax:
redirect "info@example.tld"; keep;
ISPConfig 2: External mailserver setting does not work
Problem: I have set the website to external mailserver in ISPConfig but emails get still delivered to the local server.
Solution: Set all co-domains of this website to external mailserver too. You find the external mailserver setting on the options tab of every co-domain.
Postfix: “queue file write error”
If you get an error like:
Aug 21 12:41:03 webb4 postfix/sendmail[11234]: fatal: web1_user(12967): queue file write error
in your mail log, then the vale for message_size_limit in postfix main.cf is too low. Edit postfix main.cf:
vi /etc/postfix/main.cf
and set the message size limit to a higher value. E.g.
mesage_size_limit = 900000000
and restart postfix:
/etc/init.d/postfix restart
If there is no message_size_limit set in main.cf, just add the line.
How can an email user in ISPConfig 3 change his password?
To allow email users in ISPConfig 3 that do not have a client login to change their password, you can use one of these webmail plugins:
Plugin for roundcube:
http://www.howtoforge.com/forums/showthread.php?t=37077
Plugin for Squirrelmail:
http://www.howtoforge.com/forums/showthread.php?t=35297
Tutorial about installing the squirrelmail plugin:
http://www.howtoforge.com/how-to-configure-squirrelmail-to-allow-users-to-change-their-email-passwords-on-an-ispconfig-3-server
How to renew SSL certificates for courier pop3 and imap server on Debian or Ubuntu?
This articles describes the renewal of SSL certificates for courier pop3 and imap server. This is nescessary e.g. when the certificates are expired or contain the wrong hostname.
First delete the exsiting certificates:
rm -f /etc/courier/imapd.pem
rm -f /etc/courier/pop3d.pem
Then edit the template that contains the details for the ecrtificates so that the hostname in the certificate matches the hsotanme of your server and that the email address matches your postmaster email address:
vi /etc/courier/imapd.cnf
vi /etc/courier/pop3d.cnf
and create the new certificates:
mkimapdcert
mkpop3dcert
Courier pop3 and imap have to be restarted so they pick up the new ecrtificates:
/etc/init.d/courier-imap-ssl restart
/etc/init.d/courier-pop-ssl restart
Postfix: One of the users on the system has a CatchAll-email address. He receives all emails, even those intended for users of another site on the same server.
Please check if the domain of the users that receives all emails is the same as the domain $mydomain in /etc/postfix/main.cf. If this is the case, change $mydomain and run
postfix reload
on the shell.
You should never enter a domain that is used for a virtual site on the server as $mydomain in /etc/postfix/main.cf!