ich habe hier ein sonderbares Problem: Seit 2 Jahren habe ich einen Mailserver (auf einem Vserver) der bisher zufverlässig meinen Mailverkehr übernommen hat. das ganze nutzt Dovecot, Postfix, MySQL und Rspamd.
Als Weboberfläche nutze ich roundcube.
Nun habe ich festgestellt, dass ich "Accountfehler" auf meinen Applegeräten bekomme und mich bei roundcube nicht mehr anmelden kann. Die Fehlermeldung in der Weboberfläche ist: "Verbindung zum Speicherserver fehlgeschlagen"
so ganz aus dem nichts kommt das allerdings nicht. Ich hatte vor ein paar Tagen ein Update gemacht bei dem mir gesagt wurde, dass openssl gedowngraded wird (?!). leider kann ich den zusammenhang nicht 100% nachvollziehen, desswegen habe ich die Probleme erstmal darauf geschoben. Danach habe ich mit ein aktuelles Openssl gebaut und installiert. Das Problem ist immernoch da. Weiterhin habe ich die Zertifikate über den certbot neu generiert per "certbot certonly --standalone --rsa-key-size 4096 -d mail.meinedomain.de -d imap.meinedomain.de -d smtp.meinedomain.de"
Ich habe nun mal angefangen zu buddeln ob ich irgendwo eine fehlermeldung bekomme. Leider kann ich damit nicht wirklich etwas anfangen und hoffe, dass vielleicht jemand hier mich auf die richtige Fährte schubsen kann?:
im Roundcube log bekomme ich folgendes:
Code: Alles auswählen
[16-Mar-2021 09:50:30 +0100]: <hlhlf5en> IMAP Error: Login failed for mail@meinedomain.de against imap.meinedomain.de from 62.91.65.124. Could not connect to ssl://imap.meinedomain.de:993: Unknown reason in /var/lib/roundcube/program/lib/Roundcube/rcube_imap.php on line 200 (POST /?_task=login&_action=login)
Code: Alles auswählen
Mar 16 09:54:36 mail dovecot: imap(contact@meinedomain.de): Error: net_connect_unix(/run/dovecot/imap-postlogin) failed: No such file or directory (connection created 0 msecs ago, client created 0 msecs ago: session=4TkIhKO9cvk+W0Fy, rip=62.91.65.114, auth_pid=13261, client-pid=13262, client-id=1)
Mar 16 09:54:36 mail dovecot: imap-login: Login: user=<contact@meinedomain.de>, method=PLAIN, rip=62.91.65.114, lip=167.86.122.228, mpid=13266, TLS, session=<4TkIhKO9cvk+W0Fy>
Mar 16 09:54:36 mail dovecot: imap-login: Login: user=<mail@meinedomain.de>, method=PLAIN, rip=62.91.65.114, lip=167.86.122.228, mpid=13267, TLS, session=<+1sIhKO9c/k+W0Fy>
Mar 16 09:54:36 mail dovecot: imap(mail@meinedomain.de): Error: net_connect_unix(/run/dovecot/imap-postlogin) failed: No such file or directory (connection created 1 msecs ago, client created 1 msecs ago: session=+1sIhKO9c/k+W0Fy, rip=62.91.65.114, auth_pid=13261, client-pid=13263, client-id=1)
Mar 16 09:54:36 mail dovecot: imap-login: Login: user=<contact@meinedomain.de>, method=PLAIN, rip=62.91.65.114, lip=167.86.122.228, mpid=13270, TLS, session=<d3UMhKO9dPk+W0Fy>
Mar 16 09:54:36 mail dovecot: imap(contact@meinedomain.de): Error: net_connect_unix(/run/dovecot/imap-postlogin) failed: No such file or directory (connection created 0 msecs ago, client created 0 msecs ago: session=d3UMhKO9dPk+W0Fy, rip=62.91.65.114, auth_pid=13261, client-pid=13268, client-id=1)
Mar 16 09:54:36 mail dovecot: imap(mail@meinedomain.de): Error: net_connect_unix(/run/dovecot/imap-postlogin) failed: No such file or directory (connection created 0 msecs ago, client created 0 msecs ago: session=jtMMhKO9dfk+W0Fy, rip=62.91.65.114, auth_pid=13261, client-pid=13269, client-id=1)
Mar 16 09:54:36 mail dovecot: imap-login: Login: user=<mail@meinedomain.de>, method=PLAIN, rip=62.91.65.114, lip=167.86.122.228, mpid=13271, TLS, session=<jtMMhKO9dfk+W0Fy>
Mar 16 09:54:36 mail dovecot: imap-login: Login: user=<mail@meinedomain.de>, method=PLAIN, rip=62.91.65.114, lip=167.86.122.228, mpid=13274, TLS, session=<VaQQhKO9d/k+W0Fy>
Mar 16 09:54:36 mail dovecot: imap(mail@meinedomain.de): Error: net_connect_unix(/run/dovecot/imap-postlogin) failed: No such file or directory (connection created 0 msecs ago, client created 0 msecs ago: session=VaQQhKO9d/k+W0Fy, rip=62.91.65.114, auth_pid=13261, client-pid=13273, client-id=1)
Mar 16 09:54:36 mail dovecot: imap(contact@meinedomain.de): Error: net_connect_unix(/run/dovecot/imap-postlogin) failed: No such file or directory (connection created 0 msecs ago, client created 0 msecs ago: session=naUQhKO9dvk+W0Fy, rip=62.91.65.114, auth_pid=13261, client-pid=13272, client-id=1)
Mar 16 09:54:36 mail dovecot: imap-login: Login: user=<contact@meinedomain.de>, method=PLAIN, rip=62.91.65.114, lip=167.86.122.228, mpid=13275, TLS, session=<naUQhKO9dvk+W0Fy>
Mar 16 09:54:36 mail dovecot: imap(mail@meinedomain.de): Error: net_connect_unix(/run/dovecot/imap-postlogin) failed: No such file or directory (connection created 0 msecs ago, client created 0 msecs ago: session=pmwUhKO9ePk+W0Fy, rip=62.91.65.114, auth_pid=13261, client-pid=13276, client-id=1)
Mar 16 09:54:36 mail dovecot: imap-login: Login: user=<mail@meinedomain.de>, method=PLAIN, rip=62.91.65.114, lip=167.86.122.228, mpid=13278, TLS, session=<pmwUhKO9ePk+W0Fy>
Code: Alles auswählen
Mar 16 09:57:00 mail dovecot: imap-login: Disconnected (disconnected before auth was ready, waited 0 secs): user=<>, rip=2a02:c207:3005:1551::1, lip=2a02:c207:3005:1551::1, TLS handshaking: SSL_accept() failed: error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca: SSL alert number 48, session=<Z9aljKO9CNYqAsIHMAUVUQAAAAAAAAAB>
postconf -n sag folgendes:
Code: Alles auswählen
append_dot_mydomain = no
biff = no
bounce_queue_lifetime = 1h
inet_interfaces = 127.0.0.1, ::1, 167.86.122.228, 2a02:c207:3005:1551::1
local_recipient_maps = $virtual_mailbox_maps
mailbox_size_limit = 0
maximal_backoff_time = 15m
maximal_queue_lifetime = 1h
message_size_limit = 52428800
milter_default_action = accept
milter_mail_macros = i {mail_addr} {client_addr} {client_name} {auth_authen}
milter_protocol = 6
minimal_backoff_time = 5m
mua_client_restrictions = permit_mynetworks,permit_sasl_authenticated,reject
mua_relay_restrictions = reject_non_fqdn_recipient,reject_unknown_recipient_domain,permit_mynetworks,permit_sasl_authenticated,reject
mua_sender_restrictions = permit_mynetworks,reject_non_fqdn_sender,reject_sender_login_mismatch,permit_sasl_authenticated,reject
myhostname = mail.meinedomain.de
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
non_smtpd_milters = inet:localhost:11332
postscreen_access_list = permit_mynetworks cidr:/etc/postfix/postscreen_access
postscreen_blacklist_action = drop
postscreen_dnsbl_action = drop
postscreen_dnsbl_sites = ix.dnsbl.manitu.net*2 zen.spamhaus.org*2
postscreen_dnsbl_threshold = 2
postscreen_greet_action = drop
queue_run_delay = 5m
recipient_delimiter = +
smtp_dns_support_level = dnssec
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
smtp_tls_ciphers = high
smtp_tls_policy_maps = mysql:/etc/postfix/sql/tls-policy.cf
smtp_tls_protocols = !SSLv2, !SSLv3
smtp_tls_security_level = dane
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_client_restrictions = permit_mynetworks check_client_access hash:/etc/postfix/without_ptr reject_unknown_client_hostname
smtpd_data_restrictions = reject_unauth_pipelining
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks reject_invalid_helo_hostname reject_non_fqdn_helo_hostname reject_unknown_helo_hostname
smtpd_milters = inet:localhost:11332
smtpd_recipient_restrictions = check_recipient_access mysql:/etc/postfix/sql/recipient-access.cf
smtpd_relay_restrictions = reject_non_fqdn_recipient reject_unknown_recipient_domain permit_mynetworks reject_unauth_destination
smtpd_tls_cert_file = /etc/letsencrypt/live/mail.meinedomain.de/fullchain.pem
smtpd_tls_ciphers = high
smtpd_tls_key_file = /etc/letsencrypt/live/mail.meinedomain.de/privkey.pem
smtpd_tls_protocols = !SSLv2, !SSLv3
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
tls_high_cipherlist = EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA256:EECDH:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!IDEA:!ECDSA:kEDH:CAMELLIA128-SHA:AES128-SHA
tls_preempt_cipherlist = yes
tls_ssl_options = NO_COMPRESSION
virtual_alias_maps = mysql:/etc/postfix/sql/aliases.cf
virtual_mailbox_domains = mysql:/etc/postfix/sql/domains.cf
virtual_mailbox_maps = mysql:/etc/postfix/sql/accounts.cf
virtual_transport = lmtp:unix:private/dovecot-lmtp
Code: Alles auswählen
openssl version
OpenSSL 1.1.1j 16 Feb 2021
Code: Alles auswählen
ps aux | grep dovecot
root 1059 0.0 0.0 4400 3332 ? Ss 08:49 0:00 /usr/sbin/dovecot -F
dovecot 1346 0.0 0.0 3912 1084 ? S 08:49 0:00 dovecot/anvil
root 1347 0.0 0.0 4296 2948 ? S 08:49 0:00 dovecot/log
root 1351 0.0 0.0 5604 4200 ? S 08:49 0:00 dovecot/config
dovecot 2965 0.0 0.0 4048 2684 ? S 08:51 0:00 dovecot/stats
dovecot 6437 0.0 0.0 3924 1028 ? S 09:21 0:00 dovecot/indexer
root 16344 0.0 0.0 6076 820 pts/0 R+ 10:20 0:00 grep dovecot