主题: 以IMAP登入該帳號, 進入 ”個人設定/篩選器 “會出現 “無法與伺服器連線”

==== 提供基本信息便于分析问题并得到快速回复 ====
- iRedMail 版本:IredAdmin-Pro-LDAP-1.7.0
- 使用的 Linux/BSD 发行版名称及版本号:CentOS6.2
- 与您的问题相关的日志信息:
====
以下為我的提問(因標題不可太長):

更改其原先 users/Profile of user/advance/ 的smtp設定 , 會有homeDirectory(home)=/var /vmailvmail1/ 錯誤訊息,
並致使 以webmail登入該帳號, 進入 ”個人設定/篩選器 “會出現 “無法與伺服器連線”

Hi ! 張大.

A). 因在測試STRATTLS , 發現此問題,
雖可從PhpLDAPadmin的 ”homeDirectory” 去修正其錯誤, 但感覺怪怪 , 理論上新增帳號設定後,應不會再去動它; 但只要一更動它(如變更Sending mails via SMTP 或Sending mails via SMTP over TLS/SSL選項), 該帳號就要手動去更正,(vmail / vmail1少了一條斜線 / )


B).其就如我05/16建議的提問 “若能從網域裡設定,也許會更方便…….”  . 若在網域裡一更動smtp通訊協定 ,必會造成user的homeDirectory全被更改的錯誤現象? 而不採用我的提議?

ps:若以上問題解決後,也許可考慮把 users profile /advance 的 smtp,pop3,impa設定移至網域裡設定, (甚至把iRedAdmin Pro 預設為STARTTLS ,該選項不用?)
這又是我的一個狂想吧!  張大! 請勿見笑!!

C).以下為系統測試設定:

Postfix部分的設定 , vi /etc/postfix/main.cf

main.cf  (SMTP部分)

smtpd_tls_security_level = may

#smtpd_tls_security_level = encrypt   
#原本加此參數, 外網寄來會被退 強制STARTTLS

smtpd_use_tls = yes
smtpd_tls_auth_only =no   
#yes遠端telnet ,無法啟動auth plain驗證

smtpd_enforce_tls =yes
smtpd_tls_loglevel = 2

vi /etc/postfix/master.cf
Master.cf  (SMTP部分)

127.0.0.1:10025 inet n  -   -   -   -  smtpd
    -o smtpd_delay_reject=no
#force starttls  (amavisd  內網不使用TLS,可斟酌情況使用)
    -o smtpd_enforce_tls=no


Roundcubemail部分的設定 vi /var/www/roundcubemail/config/main.inc.php

main.inc.php    (Webmail部分)

# DEBUG用
$rcmail_config['debug_level'] = 8;
$rcmail_config['imap_debug'] = true;
$rcmail_config['ldap_debug'] = true;
$rcmail_config['smtp_debug'] = true;

$rcmail_config['smtp_server'] = " tls://127.0.0.1";
$rcmail_config['smtp_auth_type'] = " LOGIN";
$rcmail_config['force_https'] =  true ; #自動轉為https

Dovecot部分的設定:vi /etc/dovecot/dovecot.conf
dovecot.conf  (IMAP部分)

#DEBUG用
mail_debug = yes
auth_verbose =no
auth_debug =  yes
auth_debug_passwords = yes
auth_verbose_passwords = no

ssl =  required
disable_plaintext_auth = yes

D). log

Maillog 

May 28 08:50:18 mail1 roundcube: IMAP Error: Login failed for www@aaaa.com from 203.xx.xx.xx. AUTHENTICATE PLAIN: Authentication failed. in /var/www/roundcubemail-0.7/program/include/rcube_imap.php on line 205 (POST /mail/?_task=login&_action=login)   
#此為我打錯user的密碼log

May 28 08:50:31 mail1 roundcube: IMAP Error: Login failed for www@aaaa.com from 203.xx.xx.xx. AUTHENTICATE PLAIN: Authentication failed. in /var/www/roundcubemail-0.7/program/include/rcube_imap.php on line 205 (POST /mail/?_task=login&_action=login)

#更改users profile /advance的SMTP屬性, 改採兩項皆打勾 ,出現連接plugin.managesieve錯誤log
May 28 09:32:04 mail1 roundcube: Failed to read from socket ():
May 28 09:32:04 mail1 roundcube: PHP Error: Unable to connect to managesieve on 127.0.0.1:4190 in /var/www/roundcubemail-0.7/plugins/managesieve/managesieve.php on line 286 (GET /mail/?_task=settings&_action=plugin.managesieve)

May 28 09:32:04 mail1 roundcube: Not currently in AUTHORISATION state (1):
May 28 09:32:04 mail1 roundcube: Failed to write to socket: connection lost ():
May 28 09:32:15 mail1 roundcube: Failed to read from socket ():
May 28 09:32:15 mail1 roundcube: PHP Error: Unable to connect to managesieve on 127.0.0.1:4190 in /var/www/roundcubemail-0.7/plugins/managesieve/managesieve.php on line 286 (GET /mail/?_task=settings&_action=plugin.managesieve)


Dovecot.log

03:00 凌晨OK
May 28 03:21:04 auth: Debug: master in: USER    1       www@aaaa.com        service=lda
May 28 03:21:04 auth: Debug: ldap(www@aaaa.com): user search: base=o=domains,dc=aaaa,dc=com scope=subtree filter=(&(objectClass=mailUser)(accountStatus=active)(enabledService=mail)(enabledService=lda)(|(mail=www@aaaa.com)(&(enabledService=shadowaddress)(shadowAddress=www@aaaa.com)))) fields=mail,homeDirectory,mailMessageStore,mailQuota
May 28 03:21:04 auth: Debug: ldap(www@aaaa.com): result: mail(user)=www@aaaa.com mailQuota(quota_rule=*:bytes=%$)=5242880000 mailMessageStore(mail=maildir:/var/vmail/%$/Maildir/)=vmail1/aaaa.com/w/w/w/www-2012.04.27.10.21.01/homeDirectory(home)=/var/vmail/vmail1/ aaaa.com/w/w/w/www-2012.04.27.10.21.01/   # homeDirector正常訊息

May 28 03:21:04 auth: Debug: master out: USER   1       www@aaaa.com        quota_rule=*:bytes=5242880000mail=maildir:/var/vmail/vmail1/aaaa.com/w/w/w/www-2012.04.27.10.21.01//Maildir/      home=/var/vmail/vmail1/aaaa.com/w/w/w/www-2012.04.27.10.21.01/
May 28 03:21:04 dict: Info: mysql(127.0.0.1): Connected to database iredadmin

May 28 08:50:29 auth: Debug: auth client connected (pid=6753)
May 28 08:50:29 auth: Debug: client in: AUTH    1       PLAIN   service=imap    secured lip=127.0.0.1   rip=127.0.0.1   lport=143       rport=47407     resp=d3d3QHRlY2hsaW5zLmNvbQB3d3dAdGVjaGxpbnMuY29tAHFxcXFxcXFx  # Mail Server端, 未設成SSL

May 28 08:50:29 auth: Debug: ldap(www@aaaa.com,127.0.0.1): bind search: base=o=domains,dc=aaaa,dc=com filter=(&(objectClass=mailUser)(accountStatus=active)(enabledService=mail)(enabledService=imapsecured)(|(mail=www@aaaa.com)(&(enabledService=shadowaddress)(shadowAddress=www@aaaa.com))))
May 28 08:50:29 auth: Debug: ldap(www@aaaa.com,127.0.0.1): result: mail(user)=www@aaaa.com
May 28 08:50:29 auth: Info: ldap(www@aaaa.com,127.0.0.1): invalid credentials (given password: 12345678)
May 28 08:50:31 auth: Debug: client out: FAIL   1       user=www@aaaa.com
May 28 08:50:31 imap-login: Info: Aborted login (auth failed, 1 attempts): user=<www@aaaa.com>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured
May 28 09:01:14 auth: Debug: Loading modules from directory: /usr/lib64/dovecot/auth

#更改users profile /advance的SMTP屬性, 改採兩項皆打勾 ,出現homeDirector被改
May 28 09:11:12 auth: Debug: auth client connected (pid=6961)
May 28 09:11:12 auth: Debug: client in: AUTH    1       PLAIN   service=imap    secured lip=127.0.0.1   rip=127.0.0.1 lport=143       rport=47411     resp=d3d3QHRlY2hsaW5zLmNvbQB3d3dAdGVjaGxpbnMuY29tAGFhYWFhYWFh
May 28 09:11:12 auth: Debug: ldap(www@aaaa.com,127.0.0.1): bind search: base=o=domains,dc=aaaa,dc=com filter=(&(objectClass=mailUser)(accountStatus=active)(enabledService=mail)(enabledService=imapsecured)(|(mail=www@aaaa.com)(&(enabledService=shadowaddress)(shadowAddress=www@aaaa.com))))
May 28 09:11:12 auth: Debug: ldap(www@aaaa.com,127.0.0.1): result: mail(user)=www@aaaa.com
May 28 09:11:12 auth: Debug: client out: OK     1       user=www@aaaa.com
May 28 09:11:12 auth: Debug: master in: REQUEST 1369440257      6961    1       b2fa381113bc2b9aa5bdf240fccfb5b1
May 28 09:11:12 auth: Debug: ldap(www@aaaa.com,127.0.0.1): user search: base=o=domains,dc=aaaa,dc=com scope=subtree filter=(&(objectClass=mailUser)(accountStatus=active)(enabledService=mail)(enabledService=imapsecured)(|(mail=www@aaaa.com)(&(enabledService=shadowaddress)(shadowAddress=www@aaaa.com)))) fields=mail,homeDirectory,mailMessageStore,mailQuota
May 28 09:11:12 auth: Debug: ldap(www@aaaa.com,127.0.0.1): result: mail(user)=www@aaaa.com mailQuota(quota_rule=*:bytes=%$)=5242880000 mailMessageStore(mail=maildir:/var/vmail/%$/Maildir/)=vmail1/aaaa.com/w/w/w/www-2012.04.27.10.21.01/ homeDirectory(home)=/var/vmailvmail1/aaaa.com/w/w/w/www-2012.04.27.10.21.01/
May 28 09:11:12 auth: Debug: master out: USER   1369440257      www@aaaa.com        quota_rule=*:bytes=5242880000 mail=maildir:/var/vmail/vmail1/aaaa.com/w/w/w/www-2012.04.27.10.21.01//Maildir/     home= /var/vmailvmail1/ aaaa.com/w/w/w/www-2012.04.27.10.21.01/   
# homeDirector錯誤訊息 少一斜線 /

May 28 09:11:12 imap-login: Info: Login: user=<www@aaaa.com>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=6965, secured

回复: 以IMAP登入該帳號, 進入 ”個人設定/篩選器 “會出現 “無法與伺服器連線”

rain6966 写道:

更改其原先 users/Profile of user/advance/ 的smtp設定 , 會有homeDirectory(home)=/var /vmailvmail1/ 錯誤訊息,

抱歉,此为 iRedAdmin-Pro-LDAP-1.7.2 及更早之前版本的一个 bug,patch 如下:

diff -r c0bd33634160 admin/ldap/1.7.2/libs/ldaplib/user.py
--- a/admin/ldap/1.7.2/libs/ldaplib/user.py    Mon May 28 16:56:14 2012 +0800
+++ b/admin/ldap/1.7.2/libs/ldaplib/user.py    Mon May 28 17:30:24 2012 +0800
@@ -805,6 +805,8 @@
             # Update storageBaseDirectory.
             if session.get('domainGlobalAdmin') is True:
                 self.storageBaseDirectory = str(data.get('storageBaseDirectory', cfg.general.get('storage_base_directory')))
+                if not self.storageBaseDirectory.endswith('/'):
+                    self.storageBaseDirectory = self.storageBaseDirectory + '/'
                 mod_attrs += [(ldap.MOD_REPLACE, 'storageBaseDirectory', self.storageBaseDirectory)]
 
                 # Update mailMessageStore.

简单来说,bug 在于在标签 "Advanced" 里点了“保存”后,iRedAdmin-Pro 没有自动为 storageBaseDirectory 的值追加一个 '/'。

回复: 以IMAP登入該帳號, 進入 ”個人設定/篩選器 “會出現 “無法與伺服器連線”

Hi張大:
謝謝您及時回覆.

愚蠢的問一個問題,我要如何修正bug?

find / -name user.py
/var/www/iRedAdmin-Pro-LDAP-1.7.0/controllers/ldap/user.py
/var/www/iRedAdmin-Pro-LDAP-1.7.0/libs/ldaplib/user.py

直接編輯此兩檔案
+ 的兩行更正?

Ps: 因本人linux剛剛學習中 .

回复: 以IMAP登入該帳號, 進入 ”個人設定/篩選器 “會出現 “無法與伺服器連線”

rain6966 写道:

問題,我要如何修正bug?

  • 下载这个回复帖子里的补丁文件(patch),保存并上传到您运行着 iRedAdmin-Pro-LDAP-1.7.2 的服务器。假设您上传后的文件是 /root/home_directory.patch。

  • 打开 Terminal 程序,如 gnome-terminal, xterm, rxvt,将当前工作路径切换到 iRedAdmin-Pro-LDAP-1.7.2 的目录。例如:

# cd /var/www/iRedAdmin-Pro-LDAP-1.7.2/
  • 检查这个 patch 是否能顺利打上(一定要加 --dry-run 参数):

# patch --dry-run -p0 < /root/home_directory.patch
patching file libs/ldaplib/user.py
  • 如果您看到了完全一致的输出信息,表示可以立即应用这个补丁。可以去掉 --dry-run 参数了:

# patch -p0 < /root/home_directory.patch

重启 Apache 即可。

Post's attachments

home_directory.patch 730 b, 4 downloads since 2012-05-28 

You don't have the permssions to download the attachments of this post.