Results 1 to 8 of 8

Thread: [SOLVED] mail queues on non-standard SSH port

  1. #1
    Join Date
    May 2006
    Location
    www.sjobeck.com
    Posts
    41
    Rep Power
    9

    Default [SOLVED] mail queues on non-standard SSH port

    Hi, all, thanks for great forum for such great software. Love it.

    We move our SSH daemon to a non-standard port just to slow the kiddies down just an extra hair bit so that their port scans trip or bots so we know theyre out theyre poking at us, anyway, when doing so it breaks the mail queues since they connect to the machine via SSH. How does one tweak the mail queues config' so it connects to the machine on our SSH
    port? and or via another method other than SSH?

    Thanks much.

    Jason Sjobeck
    The Sjöbeck Company LLC > Homepage > Portland, Oregon, US > Asterisk Consultants

    Thanks very much.

    Peace. Love. Linux.

    Jason Sjobeck
    xmpp:jason@sjobeck.com
    *Asterisk Consultant To The Stars *

  2. #2
    Join Date
    Jun 2007
    Location
    Philippines
    Posts
    193
    Rep Power
    8

    Default

    This might be a late reply.

    But this maybe able to help you.

    Mail Queue Monitoring - ZimbraWiki

    Let me know if this solves your problem.

  3. #3
    Join Date
    May 2006
    Location
    www.sjobeck.com
    Posts
    41
    Rep Power
    9

    Default

    Thanks very much. That is the thread I missed & the one I need. I ran the command to change it to port 22222, and it gave me an error about my IMAP SSL and IMAP SSL Proxy conflicting, so I corrected that by following the advice on the forums site about configuring ports in perdition, putting the IMAP Proxy on 993 & the real IMAP port on 7993. Then I restarted everything using zmcontrol stop && zmcontrol start. Then tried to view the queues in the portal & I get this:

    Message: system failure: exception during auth {RemoteManager: jefferson.cascadetelephony.com->zimbra@jefferson.cascadetelephony.com:22222}
    Error code: service.FAILURE
    Method: ZmCsfeCommand.prototype.invoke
    Details:soap:Receiver


    2. I also see that my commercial SSL cert' is no longer in use but the default Zimbra cert' is back to being in use. I wonder why this happened? I will have to re-do my steps of installing my cert'. Shucks. Damn.

    Any advice on the above error output about using port 22222 is most appreciated.

    Thanks much.

    Jason Sjobeck
    Thanks very much.

    Peace. Love. Linux.

    Jason Sjobeck
    xmpp:jason@sjobeck.com
    *Asterisk Consultant To The Stars *

  4. #4
    Join Date
    May 2006
    Location
    www.sjobeck.com
    Posts
    41
    Rep Power
    9

    Default

    So ....... hmmmmmm ....... I seem to
    have borked this thing pretty good right now. I fussed with some port numbers as spelled-out here:

    Configuring Perdition - ZimbraWiki

    and am now not able to connect to IMAP4s so checked the listening ports & sure enough, it is listening on the ports the old proaxy was configured to listen on, but not the default ports for imap & pop. When I try to change those, I get this:

    [zimbra@jefferson conf]$ zmprov ms jefferson.cascadetelephony.com zimbraPop3BindPort 110 zimbraImapBindPort 143 zimbraPop3SSLBindPort 995 zimbraImapSSLBindPort 993
    ERROR: service.INVALID_REQUEST (invalid request: port 993 conflict between zimbraImapSSLBindPort and zimbraImapSSLProxyBindPort on server jefferson.cascadetelephony.com)
    [zimbra@jefferson conf]$


    I wonder why it wont "take" my change. When I run this:

    [root@jefferson conf]# /opt/zimbra/bin/zmprov ms jefferson.cascadetelephony.com zimbraPop3ProxyBindPort "" zimbraImapProxyBindPort "" zimbraPop3SSLProxyBindPort "" zimbraImapSSLProxyBindPort ""


    For reference, I am seeing this right now:
    [zimbra@jefferson conf]$ zmprov getServer jefferson.cascadetelephony.com | grep -i port
    zimbraAdminPort: 7071
    zimbraImapBindPort: 7143
    zimbraImapProxyBindPort: 143
    zimbraImapSSLBindPort: 7993
    zimbraImapSSLProxyBindPort: 993
    zimbraLmtpBindPort: 7025
    zimbraMailPort: 8080
    zimbraMailSSLPort: 4443
    zimbraNotifyBindPort: 7035
    zimbraNotifySSLBindPort: 7036
    zimbraPop3BindPort: 7110
    zimbraPop3ProxyBindPort: 110
    zimbraPop3SSLBindPort: 7995
    zimbraPop3SSLProxyBindPort: 995
    zimbraRemoteManagementPort: 22222
    zimbraSmtpPort: 25


    Any and all advice is greatly appreciated. Thanks for the advice on getting imap & pop back to the default ports. I still need to repair my commercial cert', I suppose, once I do, but that is livable considering this mess I made.
    Thanks very much.

    Peace. Love. Linux.

    Jason Sjobeck
    xmpp:jason@sjobeck.com
    *Asterisk Consultant To The Stars *

  5. #5
    Join Date
    Jun 2007
    Location
    Philippines
    Posts
    193
    Rep Power
    8

    Default

    [root@jefferson conf]# /opt/zimbra/bin/zmprov ms jefferson.cascadetelephony.com zimbraPop3ProxyBindPort "" zimbraImapProxyBindPort "" zimbraPop3SSLProxyBindPort "" zimbraImapSSLProxyBindPort ""
    I believe you have to run this as zimbra user....

  6. #6
    Join Date
    May 2006
    Location
    www.sjobeck.com
    Posts
    41
    Rep Power
    9

    Default

    Randall: yes, thanks for the possible tip, I did try running it both as root (as you correct caught) and as zimbra, no difference.

    All: I ought to note that I am perfectly fine with running the perdition/proxy in front of imap & pop if I can get it to work. But, I cant seem to get that to work either. In fact, the more I go down this path, the more I think I would like to run the proxy, so perhaps I am in need of a push down a different path. Let me rephrase please. How can I get this to work with perdition/proxy on the port's default ports and the real ports over to 7### & get everything to work? It seems I did have it configured this way once but it would not successfully authenticate any of the remote users (most of whom are using Mail.app on Apple). When I hit that authentication issue, perhaps I ought to have forged ahead there & figured that out, instead I thought it was a misconfiguration around these issues & so I un-did it.
    Thanks very much.

    Peace. Love. Linux.

    Jason Sjobeck
    xmpp:jason@sjobeck.com
    *Asterisk Consultant To The Stars *

  7. #7
    Join Date
    May 2006
    Location
    www.sjobeck.com
    Posts
    41
    Rep Power
    9

    Default

    oh, I get it now, I stopped using the imap proxy and went back to using just straight imap, which is bound to another cert' than the one I configured, since the cert' I configured was for perdition. So, that's why the user's starting seeing the factory default installed cert' when I stopped perdition. Makes perfect sense now, but I just had to walk my way through it once to wrap my brain around it. Nothing to see here, please move on, just some guy talking to himself, please move on.



    Thanks.

    sjobeck
    Thanks very much.

    Peace. Love. Linux.

    Jason Sjobeck
    xmpp:jason@sjobeck.com
    *Asterisk Consultant To The Stars *

  8. #8
    Join Date
    May 2006
    Location
    www.sjobeck.com
    Posts
    41
    Rep Power
    9

    Default

    Just for completness, I have moved the rest of the issues from this thread to here:

    http://www.zimbra.com/forums/adminis...ntication.html

Similar Threads

  1. Problems with port 25
    By yogiman in forum Installation
    Replies: 57
    Last Post: 06-13-2011, 01:55 PM
  2. Replies: 7
    Last Post: 02-03-2011, 06:01 AM
  3. fresh install down may be due to tomcat
    By gon in forum Installation
    Replies: 10
    Last Post: 07-25-2007, 08:09 AM
  4. DynDNS and Zimbra
    By afterwego in forum Installation
    Replies: 30
    Last Post: 04-01-2007, 03:34 PM
  5. receiveing mail
    By maybethistime in forum Administrators
    Replies: 15
    Last Post: 12-09-2005, 03:55 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •