Linux Archive

Linux Archive (http://www.linux-archive.org/)
-   Debian User (http://www.linux-archive.org/debian-user/)
-   -   Squirrelmail:115 Can't Open SMTP Stream. (http://www.linux-archive.org/debian-user/125832-squirrelmail-115-cant-open-smtp-stream.html)

"Semih Gokalp" 07-16-2008 01:32 PM

Squirrelmail:115 Can't Open SMTP Stream.
 
Hi all.
I asked this problem to squirrelmail-users mail list but I could not answer about this problem so If it doesn't problem,I want to ask this problem to debian users mail list.



*
I have Debian 4.0 Etch and i use Postfix 2.3.8-2 and Dovecot
1.0.rc15-2etch4 IMAP and POP3 Server that is TLS support.I am using Mysql
for Virtual domain and authentication.

But i have error on browser like this:"Operation now in progress

Server replied: 115 Can't open SMTP stream." when i try send email on
squirrelmail.I have not a problem(All Authentication and all rules work
without any problem) when i use Thunderbird or Evolution.
I searched this error on google but i can not find beneficial post or documents about this problem.







If I dont use TLS parameters on Postfix main.cf,squirrelmail
send email without any problem but If I use TLS or choose "Secure SMTP
(TLS)**** : false" on squirrelmail "Server Setting",squirrelmail dont
sent email.







Squirrelmail "Server Setting" configuration like below:

General
-------
1.* Domain**************** : xyz.com
2.* Invert Time*********** : false









3.* Sendmail or SMTP****** : SMTP


SMTP Settings
-------------
4.** SMTP Server********** : 127.0.0.1
5.** SMTP Port************ : 25

6.** POP before SMTP****** : false
7.** SMTP Authentication** : login
8.** Secure SMTP (TLS)**** : true
9.** Header encryption key :

and output from mail.log with TLS support like below:

#
Jul 14 11:05:48 debian postfix/smtpd[4403]: connect from localhost[127.0.0.1]






Jul 14 11:05:48 debian postfix/smtpd[4403]: lost connection after UNKNOWN from localhost[127.0.0.1]
Jul 14 11:05:48 debian postfix/smtpd[4403]: disconnect from localhost[127.0.0.1]






#

and output from mail.log without TLS support (removed TLS parameters from main.cf and choosed "false" on squirrelmail Server Setting-Secure SMTP (TLS)**** : false):





#

Jul 14 11:06:46 debian postfix/smtpd[4463]: connect from localhost[127.0.0.1]
Jul 14 11:06:46 debian postfix/smtpd[4463]: E0ED83781E: client=localhost[127.0.0.1], sasl_method=LOGIN, sasl_username=a@xyz.com






Jul 14 11:06:46 debian postfix/cleanup[4467]: E0ED83781E: message-id=<e6ca13963aa61e59633f26690f8c9334.squirrel@mail .xyz.com>


Jul 14 11:06:46 debian postfix/qmgr[4401]: E0ED83781E: from=<a@xyz.com>, size=726, nrcpt=1 (queue active)

Jul 14 11:06:46 debian dovecot: imap-login: Login: user=<a@xyz.com>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured






Jul 14 11:06:47 debian postfix/smtpd[4463]: disconnect from localhost[127.0.0.1]
Jul 14 11:06:47 debian dovecot: IMAP(a@xyz.com): Disconnected: Logged out






#

I have only posted about TLS configuration parameters in Postfix main.cf like below:








smtpd_use_tls=yes
smtpd_tls_cert_file=/etc/ssl/certs/postfix.pem
smtpd_tls_key_file=/etc/ssl/private/postfix.pem
smtpd_tls_auth_only=yes

If I disable TLS,I have non-security authentication with email client programs(because auth is plain text) so I dont want to disable TLS.












What should i do for use squirrelmail without TLS problem ?

Thanks.


Iyi calismalar.Basarilar...
Semih Gokalp
Istanbul/Turkiye

Eduardo M KALINOWSKI 07-16-2008 01:40 PM

Squirrelmail:115 Can't Open SMTP Stream.
 
Semih Gokalp escreveu:

Hi all.
I asked this problem to squirrelmail-users mail list but I could not
answer about this problem so If it doesn't problem,I want to ask this
problem to debian users mail list.

I have Debian 4.0 Etch and i use Postfix 2.3.8-2 and Dovecot
1.0.rc15-2etch4 IMAP and POP3 Server that is TLS support.I am using
Mysql for Virtual domain and authentication.


But i have error on browser like this:"Operation now in progress
Server replied: 115 Can't open SMTP stream." when i try send email on
squirrelmail.I have not a problem(All Authentication and all rules
work without any problem) when i use Thunderbird or Evolution.
I searched this error on google but i can not find beneficial post or
documents about this problem.


If I dont use TLS parameters on Postfix main.cf
<http://main.cf>,squirrelmail send email without any problem but If I
use TLS or choose "Secure SMTP (TLS) : false" on squirrelmail
"Server Setting",squirrelmail dont sent email.


Squirrelmail "Server Setting" configuration like below:

General
-------
1. Domain : xyz.com <http://xyz.com>
2. Invert Time : false
3. Sendmail or SMTP : SMTP

SMTP Settings
-------------
4. SMTP Server : 127.0.0.1 <http://127.0.0.1>
5. SMTP Port : 25
6. POP before SMTP : false
7. SMTP Authentication : login
8. Secure SMTP (TLS) : true
9. Header encryption key :

and output from mail.log with TLS support like below:

#
Jul 14 11:05:48 debian postfix/smtpd[4403]: connect from
localhost[127.0.0.1 <http://127.0.0.1>]
Jul 14 11:05:48 debian postfix/smtpd[4403]: lost connection after
UNKNOWN from localhost[127.0.0.1 <http://127.0.0.1>]
Jul 14 11:05:48 debian postfix/smtpd[4403]: disconnect from
localhost[127.0.0.1 <http://127.0.0.1>]

#

and output from mail.log without TLS support (removed TLS parameters
from main.cf <http://main.cf> and choosed "false" on squirrelmail
Server Setting-Secure SMTP (TLS) : false):


#
Jul 14 11:06:46 debian postfix/smtpd[4463]: connect from
localhost[127.0.0.1 <http://127.0.0.1>]
Jul 14 11:06:46 debian postfix/smtpd[4463]: E0ED83781E:
client=localhost[127.0.0.1 <http://127.0.0.1>], sasl_method=LOGIN,
sasl_username=a@xyz.com <mailto:a@xyz.com>
Jul 14 11:06:46 debian postfix/cleanup[4467]: E0ED83781E:
message-id=<e6ca13963aa61e59633f26690f8c9334.squirrel@mail .xyz.com
<mailto:e6ca13963aa61e59633f26690f8c9334.squirrel@ mail.xyz.com>>
Jul 14 11:06:46 debian postfix/qmgr[4401]: E0ED83781E: from=<a@xyz.com
<mailto:a@xyz.com>>, size=726, nrcpt=1 (queue active)
Jul 14 11:06:46 debian dovecot: imap-login: Login: user=<a@xyz.com
<mailto:a@xyz.com>>, method=PLAIN, rip=127.0.0.1 <http://127.0.0.1>,
lip=127.0.0.1 <http://127.0.0.1>, secured
Jul 14 11:06:47 debian postfix/smtpd[4463]: disconnect from
localhost[127.0.0.1 <http://127.0.0.1>]
Jul 14 11:06:47 debian dovecot: IMAP(a@xyz.com <mailto:a@xyz.com>):
Disconnected: Logged out

#

I have only posted about TLS configuration parameters in Postfix
main.cf <http://main.cf> like below:


smtpd_use_tls=yes
smtpd_tls_cert_file=/etc/ssl/certs/postfix.pem
smtpd_tls_key_file=/etc/ssl/private/postfix.pem
smtpd_tls_auth_only=yes

If I disable TLS,I have non-security authentication with email client
programs(because auth is plain text) so I dont want to disable TLS.


What should i do for use squirrelmail without TLS problem ?


It could be that the "Secure SMTP (TLS)" setting means trying to use
TLS/SSL on connect, that is, just after the connection is opened. This
will not work. On port 25, exim uses the STARTTLS convention, in which a
normal unencrypted connection is opened and follows the SMTP protocol
normally, until the client issues the STARTTLS command. The server sends
and "OK" message, and only then the TLS handshake starts.


I don't know how (and if) SquirrelMail can be configured to use
STARTTLS. It is possible, however, to configure exim to listen on
another port using the TLS-on-connect convention.


However, if SquirrelMail and exim are on the same host, connecting via
the loopback interface (which seems to be case, since you specified
127.0.0.1 as the SMTP host), you should not need to worry that the
connections are encrypted.



--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

"Semih Gokalp" 07-17-2008 09:21 PM

Squirrelmail:115 Can't Open SMTP Stream.
 
Thanks for reply.

I don't know how (and if) SquirrelMail can be configured to use
STARTTLS. It is possible, however, to configure exim to listen on
another port using the TLS-on-connect convention.
*


Secure SMTP servers use tcp 465
port by TLS default.Source address: http://www.squirrelmail.org/docs/admin/admin-5.html#ss5.5

i tried but did not work.
However,
if SquirrelMail and exim are on the same host, connecting via the
loopback interface (which seems to be case, since you specified 127.0.0.1 as the SMTP host), you should not need to worry that the connections are encrypted.




Yes,Squirrelmail and Postfix are on the same host.Yes,I
know if i connect to localhost,I dont need TLS but some clients are
using Thunderbird so I can not disable TLS support from Postfix main.cf



In addition to I disabled TLS and I configured on either CRAM-MD5* and DIGEST-MD5* authentication and worked without any problem on squirrelmail.
But this time,only (!) DIGEST-MD5 did not work on Thunderbird.CRAM-MD5 worked on Thunderbird.

If i use DIGEST-MD5 mechanism,Thunderbird print error "Your Server doesnt support security authentication...."
Interesting !! I can use DIGEST-MD5 mechanism and login IMAP and SMTP server with Evolution without problem.


This is Thunderbird bug ? or* DIGEST-MD5 mechanism could not been sensed by Thunderbird ? anybody have an idea(s) ?

* I read and benefit from http://wiki.dovecot.org/Authentication/PasswordSchemes and http://wiki.dovecot.org/Authentication/Mechanisms sources web address.




Iyi calismalar.Basarilar...
Semih Gokalp
Istanbul/Turkiye

Eduardo M KALINOWSKI 07-17-2008 10:32 PM

Squirrelmail:115 Can't Open SMTP Stream.
 
Semih Gokalp wrote:
> Secure SMTP servers use tcp 465 port by TLS default.Source address:
> http://www.squirrelmail.org/docs/admin/admin-5.html#ss5.5
> i tried but did not work.

>From there, it seems Squirrelmail supports both TLS-on-connect (which
uses port 465) and STARTTLS, which I think is preferred. It does not
make clear how to specify which method is used, though.

To use TLS-on-connect, you must make sure that Postfix is configured to
listen on this port for that kind of connection.
> Yes,Squirrelmail and Postfix are on the same host.Yes,I know if i
> connect to localhost,I dont need TLS but some clients are using
> Thunderbird so I can not disable TLS support from Postfix main.cf
> <http://main.cf/>

Can't Postfix be configured to allow plain text auth only in encrypted
connections OR if the connection comes from localhost?

Another possibility, if SquirrelMail supports is, would be for it to
call the mailer directly (generally, this is done by invoking
/usr/lib/sendmail) instead of making a SMTP connection.

> In addition to I disabled TLS and I configured on either CRAM-MD5* and
> DIGEST-MD5* authentication and worked without any problem on squirrelmail.
> But this time,only (!) DIGEST-MD5 did not work on Thunderbird.CRAM-MD5
> worked on Thunderbird.
> If i use DIGEST-MD5 mechanism,Thunderbird print error "Your Server
> doesnt support security authentication...."
> Interesting !! I can use DIGEST-MD5 mechanism and login IMAP and SMTP
> server with Evolution without problem.
>
> This is Thunderbird bug ? or DIGEST-MD5 mechanism could not been
> sensed by Thunderbird ? anybody have an idea(s) ?
>
> * I read and benefit from
> http://wiki.dovecot.org/Authentication/PasswordSchemes and
> http://wiki.dovecot.org/Authentication/Mechanisms sources web address.

I'm not sure what Thunderbird supports and what it doesn't. But is not
unlikely that some methods are not supported .

--
Morava to longe, que o carteiro mandava suas cartas pelo correio.
-- J Soares

Eduardo M KALINOWSKI
eduardo@kalinowski.com.br
http://move.to/hpkb


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

"Thomas Preud'homme" 07-18-2008 05:30 PM

Squirrelmail:115 Can't Open SMTP Stream.
 
The Thursday 17 July 2008 23:21:03 Semih Gokalp, you wrote*:
> Thanks for reply.
>
> I don't know how (and if) SquirrelMail can be configured to use STARTTLS.
> It
>
> > is possible, however, to configure exim to listen on another port using
> > the TLS-on-connect convention.
>
> Secure SMTP servers use tcp 465 port by TLS default.Source address:
> http://www.squirrelmail.org/docs/admin/admin-5.html#ss5.5
> i tried but did not work.
>
> However, if SquirrelMail and exim are on the same host, connecting via the
>
> > loopback interface (which seems to be case, since you specified
> > 127.0.0.1as the SMTP host), you should not need to worry that the
> > connections are encrypted.
>
> Yes,Squirrelmail and Postfix are on the same host.Yes,I know if i connect
> to localhost,I dont need TLS but some clients are using Thunderbird so I
> can not disable TLS support from Postfix main.cf
>
>
> In addition to I disabled TLS and I configured on either CRAM-MD5* and
> DIGEST-MD5* authentication and worked without any problem on squirrelmail.
> But this time,only (!) DIGEST-MD5 did not work on Thunderbird.CRAM-MD5
> worked on Thunderbird.
> If i use DIGEST-MD5 mechanism,Thunderbird print error "Your Server doesnt
> support security authentication...."
> Interesting !! I can use DIGEST-MD5 mechanism and login IMAP and SMTP
> server with Evolution without problem.
>
> This is Thunderbird bug ? or DIGEST-MD5 mechanism could not been sensed by
> Thunderbird ? anybody have an idea(s) ?
>
> * I read and benefit from
> http://wiki.dovecot.org/Authentication/PasswordSchemes and
> http://wiki.dovecot.org/Authentication/Mechanisms sources web address.
>
>
>
> Iyi calismalar.Basarilar...
> Semih Gokalp
> Istanbul/Turkiye


I had the same problem a month before and during my search I found pages
mentioning thunderbird doesn't support DIGEST-MD5.


--
Thomas Preud'homme

Why debian : http://www.debian.org/intro/why_debian


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

"Semih Gokalp" 07-19-2008 08:14 AM

Squirrelmail:115 Can't Open SMTP Stream.
 
I had the same problem a month before and during my search I found pages


mentioning thunderbird doesn't support DIGEST-MD5.


So I have to use CRAM-MD5 and disable TLS support from Postfix and everything works without any error.


But still I dont understand,why squirrelmail could not send mail,when I
use Postfix with TLS support with any authentication mechanism.(Doesnt matter which i use authentication mechanism)

Still,I am searching page(s) about this problem.

Thanks for helped all replied.



*
Iyi calismalar.Basarilar...
Semih Gokalp
Istanbul/Turkiye


All times are GMT. The time now is 07:29 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.