Koozali.org: home of the SME Server
Obsolete Releases => SME Server 7.x => Topic started by: olddog11 on April 18, 2010, 11:36:08 AM
-
I have been able to set up an email account on Thunderbird for admin@MYDOMAIN but every time I try to configure an account for a user I receive the following alert:
Sending of password did not succeed. Mail server 192.168.0.100 responded: authorization failed.
I am using a valid user name and password, I can access i-bays using this user name and password
Does anyone know what I am doing wrong?
Thanks
-
Do the security settings on the thunderbird client (or lack of) match the security settings (or lack of) on the server email setup ??
-
When I set up security settings on Thunderbird I receive an alert which states “The mail server does not support secure authentication” and that authorization failed. When I turn off security settings on Thunderbird I just get a authorization failed.
-
olddog11
If Thunderbird works for the admin user, then it should also work for any other user, as long as the settings are correct etc. It works OK for me.
If you want us to check, you can post all the settings you are using in Thunderbird.
For test purposes, can you access webmail using the username and password combination ?
www.yourdomain/webmail
To my knowledge ibays cannot be accessed with a user name and password, only with the ibay name and password (ie for web access). I'm puzzled as to what type of access you are referring ?
-
Starting to get out of my depth now, I've read up how to access webmail and it does not seem to be working. I probably need to change firewall settings on my router – will try that next.
When I change my Thunderbird settings from admin to dave (my user name) all I do is replace admin for dave so the remaining settings are all the same, except for the password of course.
Sorry for the confusion with i-bays. What I mean is I can log onto my windows xp workstation using my user name and password which then gives me access to the file server (the i-bays).
-
olddog11
You need to enable webmail in server manager.
Have you read the manuals, please do.
-
mary
I have enabled webmail, read the instructions and open up the correct port on my router firewall.
Unfortunately still nothing, there must be something wrong somewhere but I cannot find it and I have spent hours and hours looking. Starting to get frustrated now but will persevere, I'm not wrong who gives up easily!
-
Seem to be getting somewhere now, it looks like I've accessed my server but I get the following:
NOT FOUND
The requested URL /mydomain/webmail/ was not found on this server
Does this give any clues?
-
Olddog
If your server and your workstation are all sitting on the same subnet eg 192.168.0.x, then you should not need to touch your router and you will need to look elsewhere. Why wouldnt they be on the same subnet.
Mary is a valueable contributor to these forums and I think you should heed the advice offered. Accessing webmail is very straightforward once enable. (https://servername or ip/webmail) Anothes read of the manuals would be rather useful I think.
At the very least, you need to post a lot more detail if anyone is to help you further. Your exact client & server settings would be a good start
-
The requested URL /mydomain/webmail/ was not found on this server
Does this give any clues?
I think Mary made an error with the instructions for accessing webmail. Try https://server/webmail and do whaever you have to to get past any message re security etc...
-
I kept reading the manuals and realised there was an error. I managed to get to the security warnings and got past those, that is when I received the Not found message.
I do appreciate all the help you and Mary offer and I do try to help myself by reading the manuals, this one has me stumped at present. It's probably something silly that I've missed. I am sure webmail is easy to access once you know how, most things seem easy when you know how to do it.
What client and server settings do you need?
-
p-jones
I think Mary made an error with the instructions for accessing webmail.
The URL I said is correct, sme will force the secure https protocol. Pehaps there is a name resolution problem.
All these should work if your system is setup correctly
http://serverIP/webmail
https://serverIP/webmail
http://www.yourdomain/webmail
which is effectively the same as
www.yourdomain/webmail
https://www.yourdomain/webmail
http://servername/webmail
https://servername/webmail
The network arrangement needs to be more fully described.
-
Thank you!
I have now accessed my webmail
Does this help to solve my original query as to why I cannot use Thunderbird to retrieve my email?
-
olddog11
Well that was just testing the user name and password combination as being valid.
So you are saying that using exactly the same user name and password as you used in Thunderbird, you can access that users mail via webmail, is that correct ?
If so, then I assume you have a configuration issue with Thunderbird (ie wrong settings), but it puzzles me that you say you can use the admin user account name and password in Thunderbird, and they work OK, but other users do not. Do I understand that correctly ?
-
Mary
You understand everything correctly and believe me, it puzzles me as well.
I am not sure if this is significant or not but I cannot use the same format for server name as it states in the manuals i.e. mail.dgb.homelinux.com it does not work if I do that but if I put the IP address of 192.168.0.100 as the server name then it works for admin account but not for the dave account
-
Whilst I have not yet found a solution to the initial problem of not being able to receive my email through Thunderbird, I have had some success. I have been testing various email clients and thought it may be helpful to others, who have a similar problem, to detail my findings.
The only email client I have found, so far, that will allow a user to access email on my server is Evolution. I have found that this works on both a Fedora 12 client workstation and windows XP client, however on XP I find Evolution to be very slow to start up and unstable – it works fine on a Fedora desktop though.
I have tried the following email clients and found that none of them will allow a user to log into my server email. Thunderbird – on XP and Fedora 12, Outlook Express – on XP, Eudora – on XP.
I would be interested to know if anyone else has had these problems because I can find very little reference to it in this forum. I am therefore assuming most people can get Outlook Express and Thunderbird etc. to work. Hopefully though this may be of some help to those who cannot get these email clients to work with the SME Server.
-
olddog11
I have tried the following email clients and found that none of them will allow a user to log into my server email. Thunderbird – on XP and Fedora 12, Outlook Express – on XP, Eudora – on XP.
Thunderbird & Outlook Express (on Win 2K or WinXP) work OK with sme server, as does Thunderbird & Windows Mail (on Win Vista & Win 7), either locally or remotely.
If there is a seperate firewall in front of your server you need to open appropriate ports for secure traffic eg for IMAP, 465 (outgoing) & 993 (incoming), which also means forwarding the incoming port to your sme server.
Re correct settings to use, for example, in OE or Win Mail, you DO NOT set the email client to Logon using Secure Password Authentication, you DO set the email client Outgoing Mail Server to use My server requires authentication (Use same settings as my incoming mail server), you DO set the client for connecting securely to the incoming and outgoing servers, eg for IMAP set the client to use ports 465 & 993 and select SSL for both.
Similarly setup for Thunderbird, but their is an issue re TLS setting, see Email FAQ linked at top of forums.
For the mail server names, use the sme mail server name of mail.yourdomain.com or www.yourdomain.com or servername.yourdomain.com, but DNS must be configured to work correctly both locally and remotely, for name resolution to work correctly.
See the sme Manual, Appendix section for issues re DNS setup etc, and other chapters re Domains, and Hostnames and addresses, for good information on the topic. Also see the wiki Howto article on Domain practical usage tips, that may help get your domain name working correctly if it is not already.
I thought I saw a page which shows how to setup email clients for sme, but cannot remember where, or quickly find it, so I suggest you search more.
In OE I suspect you are enabling Logon using a Secure Password Authentication to sme, which is not supported, so do not do that. In Thunderbird there may be the wrong TLS setting.
Please post a full description of your network, what mode your sme server is only (server only or server gateway), what firewall is/is not being used, and ALL the settings you use in a email client. Also are you accessing from the LAN or from external locations ?
Please be accurate and do not leave out any details, if you want your problem diagnosed and fixed.
I suspect misconfiguration of your network and misconfiguration of your email clients, along with some misunderstanding of what you are doing.
So please provide the information requested.
-
Thanks for making the effort to work with me on this one.
My server is in server only mode and is located behind a separate router, with the router controlling the firewall. I have opened up to following ports on my firewall for inbound services:
Allow POP3 (UDP:110), SMTP (TCP:25), and HTTPS (TCP:443)
Outbound services allows all (default setting for the router)
I do not have a static IP address but use Dynamic DNS and I have set the router up to use this.
My domain name is dgb.homelinux.com and is registered with dyndns.com
I am accessing my server from the LAN – I am trying to get that up and running correctly before I even consider external locations
Email settings on SME Server:
POP3 Server Access: Allow access only from local networks
IMAP Server Access: Allow access only from local networks
Virus scanning: Enabled
Spam Filtering: Disabled
Executable content blocking: Disabled
Email Retrieval Mode: Standard (SMTP)
SMTP Authentication: Allow SSMTP (secure)
Email to unknown users: Send to Administrator
Address of internal mail server: blank
Address of internet providers mail server: smtp.virgin.net
Mange domain settings:
Domain name: dgb.homelinux.com
Brief description: Primary domain
i-bay: Primary
Domain DNS servers: Resolve locally
Email configuration on OE
My incoming mail server is a POP3 server
Incoming mail POPS: server1 (note server 1 is the name of my server – I have also tried various domain name configurations here such as mail.dgb.homelinux.com but I get an error which says that the host mail.dgb.homelinux.com could not be found. It can find server1 but I get the following error message.
Your server has unexpectedly terminated the connection. Possible causes for this include server problems, network problems, or a long period of inactivity. Account: 'dgb.homelinux.com', Server: 'server1', Protocol: POP3, Port: 995, Secure(SSL): Yes, Error Number: 0x800CCC0F
Outgoing mail (SMTP): smtp.virgin.net
Incoming mail server
Account name: dave
Password: set to the user password for my sme username
Logon using secure password identification is NOT set.
Outgoing Mail Server
My server requires authentication IS set.
This is set to use the same as my incoming mail server.
NOTE: I cannot use my mail server to send outgoing mail as I do not have a dynamic email address address (outgoing email is rejected by Spamhaus. I send outgoing email through my ISP's server and that works okay.
Server port numbers
Outgoing mail (SMTP): 25
SSL: This IS set
Incoming mail (POP3): 995
SSL: This IS set
I have tried to include all of the information you require but if I have omitted any then please let me know and I will supply more.
Many thanks for you interest so far in my problem, I dare say the solution is something simple but I cannot find it. I have done extensive reading of the SME manuals to try to figure this out for myself but as you see I am missing something somewhere.
-
olddog11
No time to study your answer fully at the moment, but secure smtp (SSMTP) is port 465
Change your setting and see what happens.
....pause.....
OK, some further comments. You appear to have name resolution problems on your local network. You can fix this different ways, something like the following.
1) You add your sme server into your router and configure your workstations to use the router as the gateway and DNS server.
2) You disable the DNS server function in the router and then use the sme server as your DNS server. In your workstations you would specify the router IP as the gateway and the sme server IP as the DNS server.
Note in the sme server Configure this server screens, you should also specify the router IP as the gateway for your server, if not already done.
Re opening ports on your router/firewall, you need to forward them to the sme server IP. Also you should forward port 80 for web, and any other ports needed to access sme server eg port 22 or 2222 (depending what you use) for ssh access.
If you are accessing your sme mail server externally then you need to open and forward the secure mail ports too.
Outgoing mail (SMTP): smtp.virgin.net
Better to send mail via your sme server, although in your configuration the above should work OK.
In your local email client you can specify the sme server IP for incoming and outgoing server address, to workaround name resolution problems (temporary fix until you get both internal and external name resolution working OK.
Address of internet providers mail server: smtp.virgin.net
NOTE: I cannot use my mail server to send outgoing mail as I do not have a dynamic email address address (outgoing email is rejected by Spamhaus. I send outgoing email through my ISP's server and that works okay.
What you wrote does not make sense, your sme server IS configured to send mail via your ISP, so if you send mail via your sme server then it will automatically be sent via your ISP, thus avoiding problems with spam rejection etc, unless of course your ISP is listed on Spamhaus list (which can commonly occur).
I suggest you use IMAP rather than POP, as you leave the mail on the server and can then access it from anywhere (in the world).
I would just ask is there any compelling reason you want to use sme in server only mode behind a router/firewall, you have a more complicated setup. It is easier to use sme as a gateway server and reconfigure your router/modem into bridged mode (passthrough) thus giving all router functionality to the sme server.
It is more easily maintained and setup that way, and at least some of the problems you are experiencing above, would not have occurred.
-
Incoming mail POPS: server1 (note server 1 is the name of my server – I have also tried various domain name configurations here such as mail.dgb.homelinux.com but I get an error which says that the host mail.dgb.homelinux.com could not be found. It can find server1 but I get the following error message.
One of the things you want to make sure is also that your server is the one that hands out the DHCP address for your network and not your router. In that way, the PC's are directed to use your server for DNS name resolution and the PC's should resolve mail.dgb.homelinux.com to the ip of your server.
For example, I also run my server in server only with a separate ADSL gateway/router and in WinXP the ipconfig lists as follows:
U:\>ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : AUADL02
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : through-ip.com
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . : through-ip.com
Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet for hp
Physical Address. . . . . . . . . : 00-11-85-0F-5C-BD
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 10.1.0.246
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.1.0.1
DHCP Server . . . . . . . . . . . : 10.1.0.20
DNS Servers . . . . . . . . . . . : 10.1.0.20
Primary WINS Server . . . . . . . : 10.1.0.20
Lease Obtained. . . . . . . . . . : Sunday, 25 April 2010 3:11:06 PM
Lease Expires . . . . . . . . . . : Monday, 26 April 2010 3:11:06 PM
U:\>
The gateway is 10.1.0.1 and the server itself is 10.1.0.20. As you can see, all lookup services are directed to the server.
-
I would just ask is there any compelling reason you want to use sme in server only mode behind a router/firewall, you have a more complicated setup.
The reason I am using the server in server only mode is as follows:
I am trying to teach myself how to set up a business network and understand more about Linux in general. I am doing this in my spare time and at home, having set up a small network in my workshop. This has to work alongside my families normal home computing needs with desktop and laptops being used independently from my “hobby”. General home computing therefore uses the same router as my network, I am trying run both side by side. Maybe this is being too ambitious and not possible.
I have tried to think this all through logically and come to the conclusion that I should be able to achieve this, please let me know if this is not possible. I run my network mainly at weekends and therefore turn my server off during the week meaning I cannot run my home requirements through the server and I would probably not want to, hence keeping it in server only mode. As I am working at the limits of my computing knowledge I do not want to mess things up completely and disrupt my families home computing requirements, stopping my daughters chatting online would be more than my life's worth!
I have been trying some of the suggestions that have been put forward, so far with no luck but I will keep trying when I have the time – thanks for all the help.
-
I have been able to set up an email account on Thunderbird for admin@MYDOMAIN but every time I try to configure an account for a user I receive the following alert
just a (maybe silly) question: does it means that you are using username@domain as username?
-
just a (maybe silly) question: does it means that you are using username@domain as username?
No, I am using my username only.
-
The reason I am using the server in server only mode is as follows:
I am trying to teach myself how to set up a business network and understand more about Linux in general. I am doing this in my spare time and at home, having set up a small network in my workshop. This has to work alongside my families normal home computing needs with desktop and laptops being used independently from my “hobby”. General home computing therefore uses the same router as my network, I am trying run both side by side. Maybe this is being too ambitious and not possible.
One way that you could consider is to run your server in server-gateway mode and run a secondary private LAN segment to connect your test PC to your server. In this way the test PC get it IP address from the DHCP in your server and the DNS issues you describe go away.
The server is setup to use the router as its gateway and the rest of the PC's in your home still directly connect directly to the router and won't be affected by the server being there or not (but don't easily connect to it and it sounds like this is what you want).
I used to run my server like that with the internal segment IP addresses being 10.1.0.XX and the outside IP segment 10.0.0.XX. This generally works Ok with the only issue that for the PC's on your test segment, you go through 2 layers of network address translations (NAT) and this sometimes confuses some PC applications (generally those that try to setup secured network connections like VPN's from your PC to another location on the Internet.
-
olddog11
please let me know if this is not possible.
It is possible and you have been given 3 suggestions of how to make it all work. Having a seperate router firewall means that more complicated and specific configuration of your network is required to make it work, but it is relatively easy to do.
Follow Marcos tips for configuring your workstations, which are essentially the same as suggestion 2) I made earlier.
I have been trying some of the suggestions that have been put forward, so far with no luck....
You need to tell us specifically what you changed and what the error or problem now is. Just saying I did something and it still doesn't work is useless to us to diagnose your problem.
As I see it minimally, you change the port to 465 and use the sme server IP address for the incoming and outgoing mail host in your email client. From what you have described you should at least be able to send an email to yourself. Please advise outcome of those specific changes.
Then you can move on to fixing other issues.
-
You need to tell us specifically what you changed and what the error or problem now is. Just saying I did something and it still doesn't work is useless to us to diagnose your problem.
I agree with you completely, the purpose of this post was to answer your question as to why I have my server in server only mode. I then added the briefest of detail about what I had done so far with the help you gave, in hindsight perhaps I should not have commented on that at all.
I have been given a lot of information from both Mary and Marco all of which I shall digest and try to understand before attempting to put some of it into practice. This will take me several days but I will let you know how I get on.
Just a couple of queries before I start re-configuring my server.
1) If I set up my server as a DHCP server do I switch off this service on the router? There is only supposed to be one DHCP server on a network but then how will my home computers (external to the network) receive the DHCP service? Am I correct in thinking that I CAN have both the server and router set up to give DHCP on the basis that there is still only one DHCP service on the LAN and my router supplies DHCP to my home computers external to the LAN.
If this is the case would it be best to set different address ranges on the server and router to avoid the same IP being given or would that not matter on the basis that the home computers are outside of the LAN?
2) If my server is in server and gateway mode do I still connect it directly to the router?
My apologies if some of this does not make sense or I am asking obvious questions but I feel a little out of my depth at the moment and still sinking! I keep reading the manuals and with your help it is gradually falling into place.
As I see it minimally, you change the port to 465 and use the sme server IP address for the incoming and outgoing mail host in your email client. From what you have described you should at least be able to send an email to yourself. Please advise outcome of those specific changes.
After setting the port to 465 I can send email using smtp.virgin.net as the outgoing server but NOT if I use the servers IP address, it does not accept my username and password.
-
olddog11
You can only have one DHCP server on your network. Splitting your network is only complicating matters further.
...but NOT if I use the servers IP address, it does not accept my username and password.
You should be using the username and password that is configured on the sme server, not your ISP username & pw.
-
You should be using the username and password that is configured on the sme server, not your ISP username & pw.
I am using my SME server username and password.
This brings me right back to my initial problem of password authentification failure.
Just to recap
I can receive email using the evolution email client on both windows XP and Fedora 12 using my SME server username and password.
I can access my webmail using my SME server username and password.
I cannot receive my email using either of the following email clients using my SME server username and password:
Thunderbird, Outlook Express, or Eudora. I think that my username and/or password with these email clients is not being recognised or accepted even though I am using the correct username and password.
-
I cannot receive my email using either of the following email clients using my SME server username and password:
Thunderbird, Outlook Express, or Eudora. I think that my username and/or password with these email clients is not being recognised or accepted even though I am using the correct username and password.
IMHO you should open a bug..
-
olddog11 & Stefano
IMHO you should open a bug..
I tend to agree, simply to formalise the process and get a more strict hierarchy of question, answer and follow through.
olddog11's problems seem to be configuration/network setup related though rather than a bug.
-
I have finally found out why I could not retrieve my mail through Thunderbird, (authentication always failed.)
I thought I would post the solution just in case anyone else falls into the same trap as I did.
My password included a £ sign and this character causes authentication to fail, when I changed it to a - (dash), everything worked fine. I do not know if there are other characters that do not work but if anyone has this problem it could be worth trying different ones.
Linux always encourages the use of strong passwords but it seems like you can make them too strong!
I gave up with SME Server at the time and used Zentyal but I'm not one to give up easily and now I'm back!
-
My password included a £ sign and this character causes authentication to fail, when I changed it to a - (dash), everything worked fine. I do not know if there are other characters that do not work but if anyone has this problem it could be worth trying different ones.
please raise a bug for this, thank you
-
please raise a bug for this, thank you
And when done please post a pointer to it here for future readers. Thanks in advance.
-
Stefano/Cactus
I have searched through the SME Bugzilla site and it appears that a bug report for this was originally raised on 25/10/2006 (Bug 2006) http://bugs.contribs.org/show_bug.cgi?id=2006
I do not fully understand bug reporting but I believe they should not be reported again if one already exists.
If that is the case do you want me to leave alone or do you still want me to report this?
-
If that is the case do you want me to leave alone or do you still want me to report this?
That is the case and we do not need you to report it again. However to keep posted on the progress on th ebug you could create a bugzilla account and add you account to the CC field so updates will be sent to your e-mailaddress.