Koozali.org: home of the SME Server
Contribs.org Forums => General Discussion => Topic started by: McKruger on September 03, 2013, 12:04:37 PM
-
Hi
I have create around 47 user which most of them are within our company.
Now when i test http://domainname/webmail and use a users login credentials it logs into horde no problem.
But when i create mailbox in outlook and use the same details its tells me that it cannot log into incoming server ?
The credentials are correct and the details im using to set up the mailbox are correct.
Is there a limit on users for logging into SME Server.
I have set the concurrencyLimitPerIP=100
-
when you try to log to the sme server, is it the same network, are you on the local network or outside of this network because if it is the case you have to forward some ports (993/995) and allow in the server-manager the imaps-pops for Internet comes.
Keep in mind it is not really IMAP protocol, it is IMAPS (over SSL)
moreover the login is not "user@domain.com" but "user"
there is no restriction i know over login restriction except for the concurrencyLimitPerIP for the imaps protocol see the fac
http://wiki.contribs.org/SME_Server:Documentation:FAQ:booklet#Email_Clients
perhaps you should take a look to the log of your SME Server too
-
for some reason most of the connections worked from outside.
Some i had to put in SSL and port 993 instead of 143 for incoming server.
Why is that ?
-
http://wiki.contribs.org/SME_Server:Documentation:FAQ:booklet#External_Access
SME Server is set up to act in secure ways as much we can do. Therefore connexions are over ssl for the server-manager (https:443),over ssl for pop and imap (imaps:993 and pops:995), over ssl for stmp (smtps : 465)
SSL is a secure way to communicate by Internet, it is not the ultimate way to hide your secret, but it is the minimal thing you have to do if you want to have a private life.
Moreover I suggest that you should read the documentation :D
http://wiki.contribs.org/SME_Server:Documentation and specially http://wiki.contribs.org/SME_Server:Documentation:Administration_Manual:Chapter13#E-mail
-
I have followed those procedures in setting email access up from an external locations.
I dont understand why some email accounts i can set up like this : (outside of local network)
Name: John Smith
Email: john@example.com
Incoming: domain.example.com
Outgoing: domain.example.com
Username: john
Password: examplepassword
Incoming Port: 143
Outgoing Port: 465(ssl)
-----------------------------------------------------------------
Then on some computers fail to connect to incoming server with credentials above which i then in turn have to do this : (outside of local network)
Name: John Smith
Email: john@example.com
Incoming: domain.example.com
Outgoing: domain.example.com
Username: john
Password: examplepassword
Incoming Port: 993(ssl)
Outgoing Port: 465(ssl)
---------------------------------------------------------
But thanks for your guys help.
-
Normaly you can't use imap protocol outside of your local network except if you use a vpn.
can you give back the following command
config show imap
and see : access=private
This is what you can see on my server
[root@sme8 ~]# config show imap
imap=service
ConcurrencyLimit=400
ConcurrencyLimitPerIP=12
TCPPort=143
access=private
status=enabled
[root@sme8 ~]# config show imaps
imaps=service
ConcurrencyLimit=4000
ConcurrencyLimitPerIP=120
TCPPort=993
access=public
status=enabled
If some of your users can reach the imap server outside of your network without you allow the service, you should raise a bug.
-
config show imap (some outside email accounts are able to access with TCPPort 143)
-------------------
ConcurrencyLimit=400
ConcurrencyLimitPerIP=100
TCPPort=143
access=private
status=enabled
AND
config show imaps
-----------------------
ConcurrencyLimit=400
ConcurrencyLimitPerIP=100
TCPPort=993
access=public
status=enabled
-
config show imap (some outside email accounts are able to access with TCPPort 143)
Therefore you should raise a bug, don't be afraid of that, this is the right direction http://bugs.contribs.org/
can you give back this command
db accounts show XXXX
where XXXX is the name of user that can reach the server by imap when he is outside of your local network
-
just brings back the user data for account
washieda=user
City=[City]
Company=[companyname]
Dept=Main
EmailForward=local
FirstName=washieda
ForwardAddress=
LastName=.
PasswordSet=yes
Phone=555-5555
Shell=/usr/bin/rssh
Street=[Street]
Uid=5035
VPNClientAccess=no
-
Maybe outlook is the key of the defeat (it is often the case :P ), i don't know. Perhaps on certain outlooks versions it can choice the IMAPS protocol if IMAP protocol fail.
You should raise a bug, some people more skilled than me, or more interested in outlooks could answer to you.
-
It is possible that somebody in bugzilla ask you the return of this command
/sbin/e-smith/audittools/newrpms
to see which contribs you have installed
/sbin/e-smith/audittools/templates
to see which template you have modified
could you post back the return of these command Line please.
I strongly believe that you have to force your outlook client to work with the IMAPS protocol while waiting to find out what it does not work
-
is your server in server & gateway mode or server only?
how is your server connected to wan?
how do the "external" users connect to the server?
-
Server is in server & gateway mode.
2 network cards, 1 for internal and 1 for external IP
external users connect via example.domainname.com
I have got the clients using outlook to work using incoming port 993(ssl) so im not too worried.
just wanted to know why it does it with some users and not with others.
-
there must be something wrong since port 143 in server and gateway mode is closed from wan..
please raise a bug, thank you
-
If you do this
iptables -L
you have some returns like this on my server, normally there are no mention to imap service except if it is allowed through the firewall
Chain InboundTCP_6324 (1 references)
target prot opt source destination
denylog all -- anywhere !sme8.stephdl.dyndns.org
REJECT tcp -- anywhere sme8.stephdl.dyndns.org tcp dpt:auth reject-with tcp-reset
ACCEPT tcp -- anywhere sme8.stephdl.dyndns.org tcp dpt:8843
ACCEPT tcp -- anywhere sme8.stephdl.dyndns.org tcp dpt:http
ACCEPT tcp -- anywhere sme8.stephdl.dyndns.org tcp dpt:imaps
ACCEPT tcp -- anywhere sme8.stephdl.dyndns.org tcp dpt:https
ACCEPT tcp -- anywhere sme8.stephdl.dyndns.org tcp dpt:pop3s
ACCEPT tcp -- anywhere sme8.stephdl.dyndns.org tcp dpt:smtp
ACCEPT tcp -- anywhere sme8.stephdl.dyndns.org tcp dpt:ssh
ACCEPT tcp -- anywhere sme8.stephdl.dyndns.org tcp dpt:smtps
it can differs a bit with your server as i use a server-only configuration