Page 2 of 6 FirstFirst 1234 ... LastLast
Results 11 to 20 of 54

Thread: Can Not Start MTA

  1. #11
    Join Date
    Aug 2005
    Location
    San Mateo, CA
    Posts
    4,789
    Rep Power
    19

    Default

    Quote Originally Posted by kevindods
    We have had similar SMTP probs with clients looping at TLS auth. Has anyone seen a solution? We have bodged to continue playing by selecting tls 'if available' in Thunderbird and not requiring it at the server end, most times this works. Didnt have this problem on beta 1, there was a missing -r in a conf file but its certainly there now!

    We will need to clear fedora and start again I think as the prodding has caused some fun and games with other services now - logger failing and most recently MTA not starting. uninstall and reinstall of Zimbra is not curing it.

    Thanks

    Kevin

    Have you tried to recreate your SSL certs?

  2. #12
    Join Date
    Oct 2005
    Posts
    181
    Rep Power
    10

    Default

    Yes we tried that and have stopped Zimbra services, uninstalled, re-installed and stripping out and reinstalling other services when we got bored ;-) At one point when we ran an update got an odd issue asking to update selinux which was disabled. We have wiped the server 3 times now and installed from scratch following the guidance as laid out but although we have had Zimbra working and behaving ostensibly well, it has never allowed tls sending on this beta (previous was fine) whether from a client on the local network or over the net.

    HTTPS web client works fine, used the command line switch detailed in the forums to switch between mixed and https modes. As per forum posts rebuilt certs, checked out LDAP etc . Others seem to have got it working so it must be us somewhere but not worked it out yet. Even tried other FC3 install CDs and a different server and downloaded zimbra tar again incase something odd was in there.

    It must be something obvious that we are missing and repeatedly missing so when we do work it out we will post here so that any other users with similar ability to read will have a better chance! ;-)

    Kevin

  3. #13
    Join Date
    Aug 2005
    Location
    San Mateo, CA
    Posts
    4,789
    Rep Power
    19

    Default

    Quote Originally Posted by kevindods
    Yes we tried that and have stopped Zimbra services, uninstalled, re-installed and stripping out and reinstalling other services when we got bored ;-) At one point when we ran an update got an odd issue asking to update selinux which was disabled. We have wiped the server 3 times now and installed from scratch following the guidance as laid out but although we have had Zimbra working and behaving ostensibly well, it has never allowed tls sending on this beta (previous was fine) whether from a client on the local network or over the net.

    HTTPS web client works fine, used the command line switch detailed in the forums to switch between mixed and https modes. As per forum posts rebuilt certs, checked out LDAP etc . Others seem to have got it working so it must be us somewhere but not worked it out yet. Even tried other FC3 install CDs and a different server and downloaded zimbra tar again incase something odd was in there.

    It must be something obvious that we are missing and repeatedly missing so when we do work it out we will post here so that any other users with similar ability to read will have a better chance! ;-)

    Kevin

    Anything in /var/log/zimbra.log? I know at least a few others had problems with SASL due to a bad url in the config file.

  4. #14
    Join Date
    Oct 2005
    Posts
    181
    Rep Power
    10

    Default

    only odd thing here seems to be that when recreating the certs and doing:

    zmcertinstall mta /opt/zimbra/ssl/ssl/server/smtpd.crt /opt/zimbra/ssl/ssl/ca/ca.key

    We get

    line 47 print: command not found

    Just as a note there seem to be some typos in couple of times the above line has been posted and some include a \ / in the middle.

    Seems it is not a unique place to find ourselves, as others have had something similar but I havent seen a solution posted, the threads die out or reckon the cert recreation works. As we have this error at the mta cert creation it does suggest we may be close to a solution. Certainly appears the certs arent being created as expected.

    Would be nice to find a solution with a 5th FC3 install ;-)

    Any further clues?

    Thanks

    Kevin

  5. #15
    Join Date
    Sep 2005
    Posts
    2,103
    Rep Power
    14

    Default line 47 error

    IIRC, the print errors were bugs I introduced in the error display sections of the script. I don't have it in front of me, but if you took a look at what was happening on line 47, that might give an idea of what's failing.

  6. #16
    Join Date
    Sep 2005
    Posts
    2,103
    Rep Power
    14

    Default line 47

    Ok, the line 47 error is trying to complain that the certificate file you gave it on the command line wasn't found.

    So, try this:

    su - zimbra
    sh -x bin/zmcreatecert

    Post the results.

  7. #17
    Join Date
    Oct 2005
    Posts
    181
    Rep Power
    10

    Default

    Hi

    I went back to basics and discovered that the required fetchmail also has a dependency of exim too. Didnt notice that before, so the wrong mta was started on port 25 but I wasnt getting a port conflict message up about it.

    Uninstalled Zimbra, killed Exim, chkconfig exim off, reinstalled, HTTPS mode and we are back to a state of all working but no TLS offered by the MTA.

    Ran the command requested and I have attached the result. Restarted services and checked the problem still existed and it does.

    Any further ideas?

    The linux techies here tell me if I get this sorted they will take on RH and the network version, they didnt say I shouldnt post here ;-)

    Thanks

    Kevin
    Attached Files Attached Files
    Last edited by kevindods; 11-29-2005 at 03:29 AM.

  8. #18
    Join Date
    Sep 2005
    Posts
    2,103
    Rep Power
    14

    Default cert install

    Ok, the cert creation looked fine.

    Try this (all one line):

    sh -x bin/zmcertinstall mta /opt/zimbra/ssl/ssl/server/server.crt /opt/zimbra/ssl/ssl/server/server.key

  9. #19
    Join Date
    Oct 2005
    Posts
    181
    Rep Power
    10

    Default that now allows tls

    That has moved on to allow us to attempt to log on with tls but the authentication fails - although webclient now works fine.

    Zimbra.log contains the info bellow, some errors on the cert still showing:-

    Nov 29 16:45:48 zimbra postfix/smtpd[11426]: 0000 16 03 01 00 30 ....0
    Nov 29 16:45:48 zimbra postfix/smtpd[11426]: read from 0910EEB8 [0911B34D] (48 bytes => -1 (0xFFFFFFFF))
    Nov 29 16:45:48 zimbra postfix/smtpd[11426]: SSL_accept:error in SSLv3 read certificate verify A
    Nov 29 16:45:48 zimbra postfix/smtpd[11426]: read from 0910EEB8 [0911B34D] (48 bytes => 48 (0x30))
    Nov 29 16:45:48 zimbra postfix/smtpd[11426]: 0000 60 c1 22 40 1d c5 ab 25|8d 87 fb 93 0c ac 64 58 `."@...% ......dX
    Nov 29 16:45:48 zimbra postfix/smtpd[11426]: 0010 20 96 b3 22 31 53 5c 5e|bb 6b 81 a9 e6 1f 72 cd .."1S\^ .k....r.
    Nov 29 16:45:48 zimbra postfix/smtpd[11426]: 0020 3e 63 23 a6 34 38 4f 16|22 df 8e d2 6f b8 df 9b >c#.48O. "...o...
    Nov 29 16:45:48 zimbra postfix/smtpd[11426]: SSL_accept:SSLv3 read finished A
    Nov 29 16:45:48 zimbra postfix/smtpd[11426]: SSL_accept:SSLv3 write change cipher spec A
    Nov 29 16:45:48 zimbra postfix/smtpd[11426]: SSL_accept:SSLv3 write finished A
    Nov 29 16:45:48 zimbra postfix/smtpd[11426]: write to 0910EEB8 [09129510] (59 bytes => 59 (0x3B))
    Nov 29 16:45:48 zimbra postfix/smtpd[11426]: 0000 14 03 01 00 01 01 16 03|01 00 30 c6 25 9b d4 fa ........ ..0.%...
    Nov 29 16:45:48 zimbra postfix/smtpd[11426]: 0010 b1 f8 83 f8 46 b0 fe 45|02 f2 ce 91 34 71 a7 5e ....F..E ....4q.^
    Nov 29 16:45:48 zimbra postfix/smtpd[11426]: 0020 1b 2e 49 1a 83 07 cb 7d|1d 46 87 af b6 84 2c 3a ..I....} .F....,:
    Nov 29 16:45:48 zimbra postfix/smtpd[11426]: 0030 10 4c 46 d7 09 c6 84 0a|25 91 11 .LF..... %..
    Nov 29 16:45:48 zimbra postfix/smtpd[11426]: SSL_accept:SSLv3 flush data
    Nov 29 16:45:48 zimbra postfix/smtpd[11426]: TLS connection established from unknown[85.133.120.65]: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)
    Nov 29 16:45:52 zimbra postfix/smtpd[11426]: warning: SASL authentication failure: Password verification failed
    Nov 29 16:45:52 zimbra postfix/smtpd[11426]: warning: unknown[85.133.120.65]: SASL PLAIN authentication failed
    Nov 29 16:45:52 zimbra postfix/smtpd[11426]: warning: unknown[85.133.120.65]: SASL LOGIN authentication failed
    Nov 29 16:45:54 zimbra postfix/smtpd[11426]: lost connection after AUTH from unknown[85.133.120.65]
    Nov 29 16:45:54 zimbra postfix/smtpd[11426]: disconnect from unknown[85.133.120.65]

    Password is correct, using the web the user authenticates.

    Other thing happening is the logger and snmp services wont now start, or if they do appear to start by the time you do a status check they are stopped. Could be unrelated to the certs issue.

    Cant see anything in the zimbra.log relating to errors on those services. Is there somewhere I can look to get details on the service errors?

    Thanks for the help, seems some movement forward. What I dont yet see is what we have been doing wrong on the install, perhaps when we see what is wrong we can work backwards!

    Cheers!

  10. #20
    Join Date
    Sep 2005
    Posts
    2,103
    Rep Power
    14

    Default ssl working

    I believe that the ssl portion of the connection is happy - the ssl warnings are due to it being a self-signed cert.

    The password verification failure is a different problem - are you using the full user@domain username?

    Is SASL logging anything?

    As for snmp/logger - check /tmp/swatch.out and /tmp/logswatch.out - perhaps they can't read /var/log/zimbra.log?

    For details on why things won't start - run
    sh -x bin/zmloggerctl status
    or
    sh -x bin/zmswatchctl status

Similar Threads

  1. Daily mail report always reports "No messages found"
    By McPringle in forum Installation
    Replies: 42
    Last Post: 06-13-2011, 08:57 AM
  2. Replies: 7
    Last Post: 02-03-2011, 06:01 AM
  3. Replies: 9
    Last Post: 06-15-2009, 09:31 AM
  4. After Install: MTA does´t start
    By pc-nico in forum Administrators
    Replies: 1
    Last Post: 06-15-2007, 06:54 AM
  5. Is it started or not
    By kwelipatton in forum Installation
    Replies: 10
    Last Post: 03-28-2006, 10:11 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •