dovecot - Aug 2018 - dovecot and postfix, help?

Hi all,


First a disclaimer. I have played with linux off and on for years, but 
this is my first time trying to run a server completely on my own from 
start to finish, well it's on a vps, but still. I'm pretty techie, but a
lot of this stuff is new to me, so I apologize for any *duh!* questions. 
That said, I've so far installed dovecot, postfix, wordpress, and 
related programs mostly successfully by following tutorials. I say 
mostly successfully, because I'm having a really hard time trying to get 
dovecot and postfix to behave together, and I'm about at the end of what 
I know how to find on google.


If you're still with me and not groaning at yet another newbie asking 
wtf did I do wrong questions, thank you! My basic setup is running 
ubuntu 18 with up to date dovecot and postfix. Sasl is installed, and 
I'm using a custom domain with all records successfully pointing to the 
VPS.


As I mentioned, I've been following tutorials. My goal is to have a mail 
server which can send and receive emails using this custom domain both 
from the shell and, much more often, from my primary computer using 
thunderbird. As there will likely only be two of us using this, I'm 
completely fine with the setup using mailboxes that actually have linux 
accounts. I'm also using maildir as the mailbox type. Furthermore, I 
want to make sure to use ssl on any mail connections.. Normal passwords 
but ssl being used.


So, following one tutorial I set up postfix and dovecot, then went to 
test it. The result was that while on the shell, I could send email to 
my gmail account from the domain and receive it just fine. I could also 
send mail from my gmail account to the domain and receive it on the 
shel. I even managed to get imap to work, so I could receive domain 
emails in thunderbird, after playing around with tb's settings. However, 
if using tb I attempted to send an email using the custom domain, smtp 
failed to connect.


I verified with my VPS provider that no, they do not block port 25, 465 
or 587. I also verified that at&t, my home ISP, does not block outgoing 
smtp traffic, considering I am using google's for my gmail account. 
After hitting google again, I realized two things. One, for some reason 
port 25 never got opened on UFW, so I fixed that. Second, for some 
reason in all the stuff I did, postfix never got configured to use SSL.


I found yet another tutorial, and ran through it to set up SSL with 
postfix. However, in doing this I had to change a path for sasl, only to 
find out later that doing that broke dovecot! Imap completely and 
utterly stopped behaving.


Back to google again, and this time I found something a bit more up to 
date which explained how to interconnect postfix and dovecot. It goes 
through using mysql too, but I don't need that, so I skipped that part. 
Changed the sasl path back to what it should be, told dovecot and 
postfix to talk to each other and... Nope, still nothing.


I saw a warning that I should not use different certificates for postfix 
and dovecot, so I told dovecot to look at the smtpd certificate that I 
made. Not sure if that's what's breaking this or something completely 
different, as I'm also brand new to the ssl certificate creation 
process. So, here's the current status of using thunderbird with my domain.


mail sent from gmail to new domain, never comes back in thunderbird but 
doesn't bounce, either.

Mail sent via thunderbird to gmail from domain, works, but shows up as 
from my gmail domain as well, which makes me think it's defaulting to 
the gmail account even though the domain's smtp info is set up. This 
could be because just before writing this message, I got the accept this 
certificate dialog over and over again for the domain and had to cancel 
out of it.



One final point. I looked at /var/log/mail.log and, while at first I 
found an error in the path to one of the certificates, once I fixed that 
no error shows up. I restarted both postfix and dovecot, tried 
refreshing thunderbird and still no emails showed up. I see the 
connection in the log, but no errors.


Anyone have ideas? Even maybe just point me in the right direction for 
what to check?

Christy S wrote on Fri, 17 Aug 2018 18:05:47 -0500:
> I see the 
> connection in the log, but no errors.
what do you see?

And, also, what exactly do you want to do? (e.g. with what do you send 
which email from->to via what, how should this affect your server and what 
do you check on your server?).

Test *one* thing at a time. e.g. first test if you can fetch mail, then if 
you can send mail, unencrypted. Then change to encryption and test that. 
It doesn't make sense to test everything at once. And only once a certain 
step works go to the next!

Note, dovecot is for fetching mail with a client, not for sending. And for 
authentication for postfix if you want. So, on this list you should focus 
on getting mail from your server with Thunderbird. What does Thunderbird 
say about that? If it doesn't work it surely gives you errors. If it 
doesn't give you errors it works (but you may not have mail on the server, 
that's a different story).


Kai

One tip: for checking whether or not you have access to your vps @ 
host:port you ought to use netcat or telnet from your localhost:

https://www.digitalocean.com/community/tutorials/how-to-use-netcat-to-establish-and-test-tcp-and-udp-connections-on-a-vps

I frequently use telnet since you can also type in the protocol to a 
server (assuming the server expects ascii) and get a response out of it. 
E.g.

Type:
 ??? $ telnet xyzzy.com 80
Server response:
Trying 104.31.88.30...
 ??? Connected to xyzzy.com.
 ??? Escape character is '^]'.
Type:
 ??? GET / HTTP/1.0
Server response:
 ??? <!DOCTYPE html>
 ??? <head>
 ??? ??? <title>XYZZY</title>
 ??? ??? <meta charset="UTF-8" />
 ??? ??? <meta name="viewport" 
content="width=device-width,initial-scale=1,maximum-scale=1" />
 ??? </head>
 ??? <body>
 ??? ? <h1>You are in a twisty maze of passages, all alike.</h1>
 ??? ? [snip]
 ??? </body></html>

And yes in this case "curl" would be more a appropriate utility (for 
http) but not for other protocols that curl doesn't support.

If you telnet to a port that isn't opened and being listened on:

$ telnet localhost 4321
Trying ::1...
telnet: connect to address ::1: Connection refused
Trying 127.0.0.1...
telnet: connect to address 127.0.0.1: Connection refused
Trying fe80::1...
telnet: connect to address fe80::1: Connection refused
telnet: Unable to connect to remote host

Good day
Mike





On 8/17/18 18:05, Christy S wrote:
> Hi all,
>
>
> First a disclaimer. I have played with linux off and on for years, but 
> this is my first time trying to run a server completely on my own from 
> start to finish, well it's on a vps, but still. I'm pretty techie,
but
> a lot of this stuff is new to me, so I apologize for any *duh!* 
> questions. That said, I've so far installed dovecot, postfix, 
> wordpress, and related programs mostly successfully by following 
> tutorials. I say mostly successfully, because I'm having a really hard 
> time trying to get dovecot and postfix to behave together, and I'm 
> about at the end of what I know how to find on google.
>
>
> If you're still with me and not groaning at yet another newbie asking 
> wtf did I do wrong questions, thank you! My basic setup is running 
> ubuntu 18 with up to date dovecot and postfix. Sasl is installed, and 
> I'm using a custom domain with all records successfully pointing to 
> the VPS.
>
>
> As I mentioned, I've been following tutorials. My goal is to have a 
> mail server which can send and receive emails using this custom domain 
> both from the shell and, much more often, from my primary computer 
> using thunderbird. As there will likely only be two of us using this, 
> I'm completely fine with the setup using mailboxes that actually have 
> linux accounts. I'm also using maildir as the mailbox type. 
> Furthermore, I want to make sure to use ssl on any mail connections.. 
> Normal passwords but ssl being used.
>
>
> So, following one tutorial I set up postfix and dovecot, then went to 
> test it. The result was that while on the shell, I could send email to 
> my gmail account from the domain and receive it just fine. I could 
> also send mail from my gmail account to the domain and receive it on 
> the shel. I even managed to get imap to work, so I could receive 
> domain emails in thunderbird, after playing around with tb's settings. 
> However, if using tb I attempted to send an email using the custom 
> domain, smtp failed to connect.
>
>
> I verified with my VPS provider that no, they do not block port 25, 
> 465 or 587. I also verified that at&t, my home ISP, does not block 
> outgoing smtp traffic, considering I am using google's for my gmail 
> account. After hitting google again, I realized two things. One, for 
> some reason port 25 never got opened on UFW, so I fixed that. Second, 
> for some reason in all the stuff I did, postfix never got configured 
> to use SSL.
>
>
> I found yet another tutorial, and ran through it to set up SSL with 
> postfix. However, in doing this I had to change a path for sasl, only 
> to find out later that doing that broke dovecot! Imap completely and 
> utterly stopped behaving.
>
>
> Back to google again, and this time I found something a bit more up to 
> date which explained how to interconnect postfix and dovecot. It goes 
> through using mysql too, but I don't need that, so I skipped that 
> part. Changed the sasl path back to what it should be, told dovecot 
> and postfix to talk to each other and... Nope, still nothing.
>
>
> I saw a warning that I should not use different certificates for 
> postfix and dovecot, so I told dovecot to look at the smtpd 
> certificate that I made. Not sure if that's what's breaking this or
> something completely different, as I'm also brand new to the ssl 
> certificate creation process. So, here's the current status of using 
> thunderbird with my domain.
>
>
> mail sent from gmail to new domain, never comes back in thunderbird 
> but doesn't bounce, either.
>
> Mail sent via thunderbird to gmail from domain, works, but shows up as 
> from my gmail domain as well, which makes me think it's defaulting to 
> the gmail account even though the domain's smtp info is set up. This 
> could be because just before writing this message, I got the accept 
> this certificate dialog over and over again for the domain and had to 
> cancel out of it.
>
>
>
> One final point. I looked at /var/log/mail.log and, while at first I 
> found an error in the path to one of the certificates, once I fixed 
> that no error shows up. I restarted both postfix and dovecot, tried 
> refreshing thunderbird and still no emails showed up. I see the 
> connection in the log, but no errors.
>
>
> Anyone have ideas? Even maybe just point me in the right direction for 
> what to check?
>
>