Difference between revisions of "Set up a mail server"
(→KMail) |
(→KMail) |
||
Line 173: | Line 173: | ||
Sending failed: An error occurred during authentication: SASL(-4):no mechanism available: No worthy mechs found | Sending failed: An error occurred during authentication: SASL(-4):no mechanism available: No worthy mechs found | ||
For changing authentication method to NTLM, nothing happens and no mail is sent. | For changing authentication method to NTLM, nothing happens and no mail is sent. | ||
+ | To circumvent this, just start saslauthd on the postfix server: | ||
+ | /etc/init.d/saslauthd start |
Revision as of 11:57, 12 August 2008
Contents |
Understand what you are doing
To set up a mail server, you must first be clear about
- what an MTA is
- what a MUA is
- what imap is
- what pop is
- what smtp is
- what an MX record is
- what sendmail is
To explain all this, here is a little story how a send and a receive of mail could take place: Alice wants to write a mail to Bob. Alice uses kmail as mail program. kmail is her mail user agent, her MUA. She writes to Bob whose address is bob@home.org. Of course, the content of her mail is secret so we won't tell it here. After she clicks "send", her MUA transmits the mail to Alice's outgoing mail server. This server has a little program on it called sendmail. This program looks up home.org's MX record. You can do this on your own using the command
dig -t mx home.org
It uses the IP address that it gets and, using the IP protocol, sends Alice's mail there.
Ok, and at this IP address, the message transfer agent of home.org can be reached. This is a server that "speaks" the simple mail transfer protocol SMTP. It can receive mails, and also send them. It has also run on Alice's outgoing mail server. The smtp server receives the mail for Bob and puts it into his mailbox. Bob is asleep at the moment.
The next morning, Bob wakes up and uses his kmail to check his mail. kmail must know how it gets Bob's mailbox. There are two possibilities for that. Either Bob has a pop service running on his server where his mailbox is. In this case, kmail just fetches all mails from the mailbox and (optionally) deletes them. Or Bob has an imap service running there. In this case, Bob gets all mails displayed in his kmail, but they remain on the server. First when Bob presses "delete" in his mail program, the mails are deleted from the mailbox.
Bob can also collect his mails from his various mail accounts around the net. This is where fetchmail comes into the game.
Know your options
- Well-known MTAs are postfix and sendmail (both use the command sendmail to send mail)
- Well-known MUAs include kmail and thunderbird
- imap and pop can be done by courier and cyrus
Set up your mail server
To setup your MTA, install postfix:
yast -i postfix
and run it:
/etc/init.d/postfix start
As a test, send yourself a mail:
sendmail -t root@127.0.0.1 << EOF this is test mail number 1 EOF
See if the mail has arrived:
cat /var/spool/mail/root [...] --09AAC18BAC06A.1217966943/whatever.dedicated.blah.de Content-Description: Undelivered Message Content-Type: message/rfc822 Received: by whatever.dedicated.blah.de (Postfix, from userid 0) id 09AAC18BAC06A; Tue, 5 Aug 2008 22:09:03 +0200 (CEST) Message-Id: <20080805200903.09AAC18BAC06A@whatever.dedicated.blah.de> Date: Tue, 5 Aug 2008 22:09:03 +0200 (CEST) From: root@whatever.dedicated.blah.de (root) To: undisclosed-recipients:; this is test mail number 1 --09AAC18BAC06A.1217966943/whatever.dedicated.blah.de--
To see if this has really changed something, we stop postfix now and see if it still works:
/etc/init.d/postfix stop cat /var/spool/mail/root
It has not arrived. To see that the mail is still in the mail queue, issue the command mailq and see the result:
tweedleburg:~ # mailq postqueue: warning: Mail system is down -- accessing queue directly -Queue ID- --Size-- ----Arrival Time---- -Sender/Recipient------- 8BD931648935 88 Mon Aug 4 21:14:48 root root@127.0.0.1 -- 0 Kbytes in 1 Request.
As you see, the mail is still in the mail queue and you get a warning "Mail system is down".
A server is a background program listening on a network port. What was smtp's port again?
tweedleburg:~ # cat /etc/services | grep smtp smtp 25/tcp mail # Simple Mail Transfer
It was 25. Let's see if postfix listens there, first install nmap:
yast -i nmap nmap localhost
no port 25. Start postfix again:
/etc/init.d/postfix start
And see:
tweedleburg:~ # nmap localhost Starting Nmap 4.20 ( http://insecure.org ) at 2008-08-05 06:19 CEST Interesting ports on localhost (127.0.0.1): Not shown: 1689 closed ports PORT STATE SERVICE 22/tcp open ssh 25/tcp open smtp [...]
TroubleShooting
postfix dies
If you call
/etc/init.d/postfix status
and get the message "dead", see /var/log/mail.err what happened. If you see something like
postfix/master[5573]: fatal: bind 127.0.0.1 port 25: Address already in use
use
lsof -i
to find out what process is blocking the smtp port and kill this process using the command kill.
imap server
set it up
To set up your imap server, use
yast -i courier-imap
configure it
Add
AUTHMODULES="authpwd"
to /etc/courier/imapd. This makes that imap users can authenticate as the local users in /etc/passwd.
start it
/etc/init.d/saslauthd start /etc/init.d/courier-imap start
verify it is running
tweedleburg:/mnt/loop/suse/x86_64 # nmap localhost Starting Nmap 4.20 ( http://insecure.org ) at 2008-08-05 06:30 CEST Interesting ports on localhost (127.0.0.1): Not shown: 1688 closed ports PORT STATE SERVICE 22/tcp open ssh 25/tcp open smtp 111/tcp open rpcbind 143/tcp open imap
verify you can login
Create a test user to see if you can login to your imap server:
useradd -m testuser
Set password as test password using the command
passwd testuser
Use telnet to connect directly to port 143, the imap-port:
telnet localhost 143 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. * OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE ACL ACL2=UNION] Courier-IMAP ready. Copyright 1998-2005 Double Precision, Inc. See COPYING for distribution information.
Type the imap-command for logging in
1 LOGIN testuser password * BYE [ALERT] Fatal error: Maildir: No such file or directory Connection closed by foreign host.
Now do a
mkdir /home/testuser/Maildir chown testuser:users /home/testuser/Maildir
Set up Maildirs
Instead of using mailboxes, we want to use Maildirs. So, change /etc/postfix/main.cf, replace
#home_mailbox = Maildir/
by
home_mailbox = Maildir/
and restart postfix:
/etc/init.d/postfix restart
Now look that you can receive mails:
sendmail -t testuser@localhost << EOF This is the 2nd test mail. EOF cat /home/testuser/Maildir/new/* [...] This is the 2nd test mail.
Now you can use kmail to read your mails.
KMail
Start kmail setup localhost as incoming and outgoing mail server. Send a mail to testuser@localhost. You may get:
Sending failed: Your SMTP server does not support authentication. The server responded: "5.5.1 Error: authentication not enabled"
In /etc/postfix/main.cf, set
smtp_sasl_auth_enable = yes smtpd_sasl_auth_enable = yes
Now you get "Sending failded. Most likely the password is wrong. The server responded: "5.7.8 Error: authentication failed: generic failure" Now you change in kmail the sending account's authentication method to DIGEST-MD5. Now you get
Sending failed: Your SMTP server does not support The server responded: "5.7.8 Error: authentication failed: no mechanism available"
Same is true for
- plain
- cram-md5
In kmail, change the sending account's authentication method to "LOGIN". Now you get
Sending failed: Authentication failed. Most likely the password is wrong. The server responded: "5.7.8 Error: authentication failed: generic failure"
For changing authentication method to GSSAPI, you get
Sending failed: An error occurred during authentication: SASL(-4):no mechanism available: No worthy mechs found
For changing authentication method to NTLM, nothing happens and no mail is sent. To circumvent this, just start saslauthd on the postfix server:
/etc/init.d/saslauthd start