1

Topic: some email client does not works

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 1.6.2
- Deployed with iRedMail Easy or the downloadable installer? Downloadable installer
- Linux/BSD distribution name and version: rocky Linu 9.1
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? No
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

Hello,
I'm new to iRedMail i moved away from Virtualmin. I'm in trouble on some things one of them is that I'm in trouble in make some email client working correctly.
As desktop email client I'm using eMClient that seems works fine.
I've most of the problem with Android clients as follow:

Bluemail seems works (even if it's not a good client for some problems I ever experiencing in Push and Fetch new email)

Gmail seems able to connet, receive IMAP emails but goes in error if I try to send emails

K-9 client show me a blank email list

Outlook or android does not works (but as it does not allow to modify created account, make tests is really annoying) 

I'm using a standard installation, I'm using the auto-generated SSL certificate and I'm using the following configuration on working clients:

BlueMail: IMAP - STARTTLS - port 143 - PLAIN authentication; SMTP - STARTTLS - port 587 - AUTOMATIC Authentication

eMClient: IMAP - Force use of SSL/TLS - port 143 ; SMTP -  Force use of SSL/TLS - port 587

I'm trying to find a reason looking into different logs, but I'm finding other things that needs a troubleshooting (fail2ban, dovecot and postfix) and It's really hard to understand if some log message could be the reason or not.

I really appreciate your help

thanks.

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: some email client does not works

well, without the logs during login/sending attempts, i can't really help you

3

Re: some email client does not works

Cthulhu wrote:

well, without the logs during login/sending attempts, i can't really help you

At the moment I'm trying to understand where I should find the right log that should be involved.

I'll try to catch the right ones, but in the meaning time, from your side any clients works correctly ?

Thanks

4

Re: some email client does not works

Outlook for Android test:

1) autodiscover and autoconfig is not used at all. It means I've to configure manually all fields.
2) First configuration using SSL/TLS port 143 & 587. Not working, Outloo continuously warn me about the non secure server, does not accept my approval.
3) Second configuration using Starttls ports 143 & 587. Warn about the certificate once but than it complete the configuration.

Dovecot is logging no messages (in no dovecot* files). the only one is of midnight 17 ours ago) : Feb 28 00:56:08 mx dovecot[1218]: auth: Error: auth client 0 disconnected with 1 pending requests: EOF

imap.log show more interesting things:

The most interestings looks the following:

Feb 28 17:16:03 mx dovecot[1218]: imap-login: Disconnected: Too many invalid commands (no auth attempts in 0 secs): user=<>, rip=5.91.232.209, lip=10.11.12.175, session=<tlR/6cT1V/MFW+jR>
Feb 28 17:16:07 mx dovecot[1218]: imap-login: Disconnected: Too many invalid commands (no auth attempts in 0 secs): user=<>, rip=5.91.232.209, lip=10.11.12.175, session=<ZKe76cT1d/MFW+jR>
Feb 28 17:16:09 mx dovecot[1218]: imap-login: Disconnected: Too many invalid commands (no auth attempts in 0 secs): user=<>, rip=5.91.232.209, lip=10.11.12.175, session=<9d7Z6cT1dPMFW+jR>
Feb 28 17:16:10 mx dovecot[1218]: imap-login: Disconnected: Too many invalid commands (no auth attempts in 0 secs): user=<>, rip=5.91.232.209, lip=10.11.12.175, session=<hDnw6cT1VPMFW+jR>


Feb 28 17:17:40 mx dovecot[1218]: imap-login: Disconnected: Connection closed: SSL_accept() failed: error:0A000416:SSL routines::sslv3 alert certificate unknown: SSL alert number 46 (no auth attempts in 0 secs): user=<>, rip=5.91.232.209, lip=10.11.12.175, TLS handshaking: SSL_accept() failed: error:0A000416:SSL routines::sslv3 alert certificate unknown: SSL alert number 46, session=<AFJI78T1TPMFW+jR>

I'have to close all clients for a while and try to catch only testing messages.

5

Re: some email client does not works

So you're using the self-signed SSL certificate that's generated during iRedMail installation?

I would suggest starting by setting up a proper certificate. Let's Encrypt offers a free one, and there's good documentation available here => https://docs.iredmail.org/letsencrypt.html

6

Re: some email client does not works

The cert needs to fit the mailserver (in your case it is mx.domain.tld) as alternative name, and it might be the case that fail2ban blocked the IP due to too many failed login attempts

7

Re: some email client does not works

RikuS wrote:

So you're using the self-signed SSL certificate that's generated during iRedMail installation?

I would suggest starting by setting up a proper certificate. Let's Encrypt offers a free one, and there's good documentation available here =>

Yes I use the self-signed created during the instalaltion.
Even if the certificate warning is annoying I've not found reasons that suggest to use a public one like Let's encrypt.

My idea is to be sure that everything works before introducing further configurations.

I'm wrong? using a public certificate may have a sense ?

8

Re: some email client does not works

Cthulhu wrote:

The cert needs to fit the mailserver (in your case it is mx.domain.tld) as alternative name, and it might be the case that fail2ban blocked the IP due to too many failed login attempts

my hostname is mx.domain.tlc and i use mx.domain.tlc as server address. The certificate, even if self-signed confirm the hostname.

Of course my server have a private address that is natted outside. But i don't know if it may be a problem or not

9

Re: some email client does not works

Check our brief info of MUA setup: https://docs.iredmail.org/#mua

For SMTP, please choose "Password" (if available) authentication instead of "AUTOMATIC" in your MUA. Also check /var/log/maillog on your server for detailed info for troubleshooting.

10 (edited by xerse 2023-03-04 17:54:09)

Re: some email client does not works

ZhangHuangbin wrote:

Check our brief info of MUA setup:

For SMTP, please choose "Password" (if available) authentication instead of "AUTOMATIC" in your MUA. Also check /var/log/maillog on your server for detailed info for troubleshooting.

Dear Mr. Zhang,
It looks that following the link you gave me and with tuning you suggest, at least K9-mail is able to works.

Also It is possible that testing different mailbox domains at the same time with different clients but few IPs fall me into some Fail2ban or simultaneous connection limits.

Anyway I hope this issue is solved.

Thanks