I have installed the univention corporate server (4.4-3) and install Mail Server to set it as a standalone mail server. Suddenly the clients stop working and accessing the univention server (thunderbird and nextcloud mail) when trying to enter the mail and the settings again as the old-time I did in thunderbird says wrong settings or user name or password… It was working very well and nothing updated but suddenly stop working! I have updated to the latest version (4.4-4) still have the same problem.
Any help, please?!
I would suggest looking through the log files and trying to find some error messages that would point to the problem. You don’t have any information to work with yet.
In the System Diagnostic I found these 2 problems:
1- Critical: KDC service check
2- Problem: SAML certificate verification failed!
I don’t have much experience with those errors. Never had any real issues with Kerberos or Samba on UCS. I’d try and hunt down any logs for those services and see if there was any clue there.
I also have my UCS running on Proxmox so I might be inclined to try snapshotting the server and seeing if those buttons helped at all. Look like they might just be fixes for problems related to ip and dns so that may or may not be your issue. Again, more info from logs would probably be very useful.
Yes - might be a DNS problem. Try restarting the bind9 and samba-ad-dc services and see if it helps:
service bind9 restart
service samba-ad-dc restart
If it’s not a production system (or your clients cannot access it anyway), you can also just restart the complete machine.
Greetings
Daniel Tröder
I did restart the 2 services and I have restarted the complete machine same problem persist.
Any new ideas?
From where I can get the log files?
What kind of error message is shown by the mail clients?
Mail related log messages are stored in /var/log/mail. log.
mail.log (15.8 KB)
PS: The email and the password are correct and was working perfectly before the problem.
It looks like your amavis (virus + spam scanner) is not running. Please try to restart via
service amavis restart and then check the status after ~20 seconds: service amavis status.
According to your previous screenshots, there are several vital services that seem to have problems.
Were there any unusual events when this error started to happen? Was the harddisk/any partition full?
Any failed update? Or something like that?
Best regards,
Sönke
-
sudo service amavis status
[sudo] password for admin:
● amavis.service - LSB: Starts amavisd-new mailfilter
Loaded: loaded (/etc/init.d/amavis; generated; vendor preset: enabled)
Active: active (exited) since Thu 2020-03-26 11:08:31 EET; 3 days ago
Docs: man:systemd-sysv-generator(8)
Process: 751 ExecStart=/etc/init.d/amavis start (code=exited, status=0/SUCCESS
Tasks: 0 (limit: 4915)
Memory: 0B
CPU: 0
CGroup: /system.slice/amavis.service -
df -h
Filesystem Size Used Avail Use% Mounted on
udev 10M 0 10M 0% /dev
tmpfs 792M 15M 777M 2% /run
/dev/mapper/vg_ucs-root 189G 4.7G 174G 3% /
tmpfs 2.0G 4.0K 2.0G 1% /dev/shm
tmpfs 5.0M 0 5.0M 0% /run/lock
tmpfs 2.0G 0 2.0G 0% /sys/fs/cgroup
/dev/vda1 472M 117M 331M 27% /boot
Notes:
- the amavis is active before and after the service restart
- there is a lot of free disk space
- fully updated, and I had remove and reinstall the Mail application
It’s not. 0 tasks and 0 MB memory usage and 0 CPU usage is: not running.
The output should look similar to this:
● amavis.service - LSB: Starts amavisd-new mailfilter
Loaded: loaded (/etc/init.d/amavis; generated; vendor preset: enabled)
Active: active (running) since Mon 2020-03-30 06:42:22 CEST; 4h 11min ago
Docs: man:systemd-sysv-generator(8)
Process: 12822 ExecStop=/etc/init.d/amavis stop (code=exited, status=0/SUCCESS)
Process: 12836 ExecStart=/etc/init.d/amavis start (code=exited, status=0/SUCCESS)
Tasks: 3 (limit: 4915)
Memory: 206.1M
CPU: 1min 3.893s
CGroup: /system.slice/amavis.service
├─ 8227 /usr/sbin/amavisd-new (ch8-avail)
├─12878 /usr/sbin/amavisd-new (master)
└─21638 /usr/sbin/amavisd-new (ch3-avail)
Please check /var/log/mail.log for problems.
I have run the following command: apt install amavis and applications are installed, restart the service now i think it is working
amavis.service - LSB: Starts amavisd-new mailfilter
Loaded: loaded (/etc/init.d/amavis; generated; vendor preset: enabled)
Active: active (running) since Mon 2020-03-30 12:24:32 EEST; 16min ago
Docs: man:systemd-sysv-generator(8)
Process: 731 ExecStart=/etc/init.d/amavis start (code=exited, status=0/SUCCESS)
Tasks: 3 (limit: 4915)
Memory: 80.1M
CPU: 615ms
CGroup: /system.slice/amavis.service
├─1227 /usr/sbin/amavisd-new (master)
├─1312 /usr/sbin/amavisd-new (virgin child)
└─1314 /usr/sbin/amavisd-new (ch1-avail)
Mar 30 12:24:32 mail amavis[1227]: No decoder for .lrz
Mar 30 12:24:32 mail amavis[1227]: No decoder for .lz4
Mar 30 12:24:32 mail amavis[1227]: No decoder for .lzo
Mar 30 12:24:32 mail amavis[1227]: No decoder for .rar
Mar 30 12:24:32 mail amavis[1227]: No decoder for .rpm
Mar 30 12:24:32 mail amavis[1227]: No decoder for .swf
Mar 30 12:24:32 mail amavis[1227]: No decoder for .zoo
Mar 30 12:24:32 mail amavis[1227]: Deleting db files __db.002,__db.001,snmp.db,nanny.db,__db.003 in /var/lib/amavis/
Mar 30 12:24:32 mail amavis[1227]: Creating db in /var/lib/amavis/db/; BerkeleyDB 0.55, libdb 5.3
Mar 30 12:26:28 mail amavis[1314]: (01314-01) Passed CLEAN {RelayedInbound}, [127.0.0.1]
And i restarted the sever same issue have till now
New Log file:
mail.log (44.4 KB)
When trying to add an account to Nextcloud Mail client, I have this issue message maybe it will help.
Creating account failed: Could not open secure TLS connection to the IMAP server.
Have you lately installed/deinstalled some software?
What does dpkg -l univention-mail-server return?
What does dpkg -l 'univention-server*' return?
dpkg -l univention-mail-server
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name Version Architecture Description
++±=======================-================-================-===================================================
ii univention-mail-server 13.0.1-2A~4.4.0. all UCS - postfix configuration
dpkg -l ‘univention-server*’
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name Version Architecture Description
++±=======================-================-================-===================================================
un univention-server-backu (no description available)
ii univention-server-maste 14.0.0-12A~4.4.0 all UCS - master domain controller
un univention-server-membe (no description available)
ii univention-server-overv 2.0.1-4A~4.4.0.2 all Univention Server Overview - Web interface for over
un univention-server-slave (no description available)
The IMAP server writes its logs into another file. Please check it, when an error related to IMAP happens: /var/log/dovecot.log
I had newly install a fresh version of the latest univention server and directly check the Mail server option to be installed. After the new fresh install of the univention server with the mail server application I download the Thunderbird client and run int directly in the univention server. I manual configure my mail same as the tutorial in the YouTube channel and to be sure that Thunderbird is seeing the mail server after entering all the data (mail, password, incoming and outgoing IP) I make a re-test and auto detect the Port and SSL and Authentication clicking done does not work. The message is “Unable to log in at server. Probably wrong configuration, username or password”. I did a fresh new install to test from where the problem is!
PS: amavis is active and runing
I’m not sure the Thunderbirds autodetection sets the correct settings.
Please post here (textually or as a screenshot) the configured connection settings.
We upgraded to 4.4-4 as well a while back, just ran into this issue, when trying to add a new mail client recently.
Anyone that had their mail client configured in the past was still able to connect to send and receive email.
Anyone that tries to set up a new Thunderbird client now since the upgrade, cannot, they get the same above error.
The solution was to first “tail -f /var/log/dovecot.log” as troeder suggested.
The log showed that UCS did not trust the cert. To fix I did the following:
- Uninstalled newer version of Thunderbird 78, went back to 68.8.0.
- downloaded the root cert off the UCS manager web interface.
- Went into account settings of the user > security > Manager certs. Note if this is the first time setting up account, select “advanced settings” to perform the rest of the steps below.
- Import the UCS cert to authority so Thunderbird trusts it. Saved settings.
- Selected “get mail” on Thunderbird, was finally prompted to accept the cert, which I did. Now the client can receive email.
- Sent a test email, and was prompted to accept a cert to send email, which I did.
now the client can send emails.
Not sure why the latest Thunderbird 78 does not exhibit the same behavior, seems to refuse to trust the cert being sent to it from the UCS system.