garymcLog onto incoming mail server (POP3): Your e-mail server rejected your login. Verify your user name and password in your account properties. Under Tools, click E-mail accounts.  The server responded: -ERR Plaintext authentication disallowed on non-secure (SSL/TLS) connections.00:00
jmarsdenThat's *way* better.  Set Outlook to use SSL (under More Settings, the Advanced tab) and retry00:00
jmarsdenSSL for POP3, that is, not SSL for SMTP, since you almost certainly do not have that set up at this point)00:01
garymcok looking for that option now00:01
jmarsdenIs this Outlook 2000, XP, 2003 or 2007 ?  Microsoft keeps moving stuff around ...00:02
jmarsdenalternatively, use a free email client such as Thunderbird instead :)00:02
dvheumenIt's probably not 2007, I think it defaults to secure connections00:03
garymc2007 it is00:04
garymccant find it :S00:04
dvheumen:| okay, my bad :P00:04
jmarsdenIt's there somewhere... I don't have 2007 here at home, let me see if I can remote to an office PC with it on ... but really, this is Microsoft support now, not ubuntu server support...00:04
garymclol ok00:05
dvheumena might be able to give a rough direction00:05
dvheumenTools -> Emailaccounts -> properties of this particular email account00:05
jmarsdengarymc: http://support.tigertech.net/outlook-2007-ssl00:05
dvheumenand then you should go to something like "More settings" or so00:05
jmarsdenSomeone out there provided us a nice web page with pretty graphics in it :)00:06
garymcahh ok00:06
garymcfound it00:06
jmarsdenOK, so check the box and watch the port change from 110 to 995, save the change, OK, Test Account...00:07
garymcok doing it. said about certificate00:08
jmarsdenCan you ignore the warnings and continue anyway?00:08
garymcnow i got a synatec message pop up LOL an encrytped email connection has been detected00:08
garymcSend test e-mail message: Establishing an encrypted connection to your outgoing (SMTP) server failed. If this problem continues, contact your server administrator or Internet service provider (ISP).00:08
jmarsdenOK, but did the receive part work, the POP3 part?00:09
dvheumenDid you use the test email function? ... Then you're making it more difficult for yourself, because that one also tests outgoing mail.00:09
garymcahh ok00:10
garymcwell i got 3 test email messages and the one we generated in the terminal00:11
garymcbut outlook did say we failed00:11
dvheumenyou probably failed in sending (test) messages00:11
garymcahh ok00:12
jmarsdengarymc: OK, so we're done for the receiving part.  If you set the port for SMTP in that Advanced dialog to be 25 instead of 587 will it then test cleanly?00:12
garymcjmarsden it must have worked cos I got some messages in my inbox00:12
dvheumenjmarsden, I'm planning a new Ubuntu Server installation as an additional server in an otherwise Windows-only-network :P and I've got some questions regarding AD integration. Would you mind a few questions?00:12
jmarsdenOr is your ISP blocking port 25?00:13
garymci wouldnt know00:13
jmarsdendvheumen: That's not exactly an area of strength for me, but go ahead and ask.00:13
jmarsdengarymc: Can you telnet mail.thefinancefacility.com 25    from your Windows PC ?00:13
garymci just open run then type that in yes?00:14
garymcyes im there00:14
dvheumen1. I've seen approaches of connecting to AD using likewise-open and without using it. Is there a favorite? 2. Can/Does a Samba printserver publish the printers to AD? (And I especially mean publish, so that a user can easily find it.)00:15
jmarsdendvheumen: Have you read/tried the stuff from https://help.ubuntu.com/9.10/serverguide/C/likewise-open.html00:15
dvheumenI have seen that server guide and it's going to be a lot of help to me :)00:15
jmarsden1. I think likewise open makes things way easier.  2. I don't know but I'd hope so.00:15
garymci could telnet it said ubunt postfix etc but i couldnt login like i can in ssh00:16
jmarsdengarymc: OK, so you're not being blocked.  So set that port to 25 in the Outlook Advanced dialog, and retest sending and receiving.00:16
jmarsdenThe port probably says 587 right now, change it to 25.  Leave the POP3 port set to 995, that is already fine :)00:17
garymcwhich one the incoming or outgoing. incoming is set to 993 and out is set on 2500:17
garymcsorry *99500:17
jmarsdenInteresting... try the Outlook test button again?00:18
jmarsdenI think this means you really will want to set up STARTTLS stuff for Postfix...00:19
garymcno joy00:19
garymcSend test e-mail message: Establishing an encrypted connection to your outgoing (SMTP) server failed. If this problem continues, contact your server administrator or Internet service provider (ISP).00:20
dvheumenKeep in mind that by just changing the port number, the secure connection is probably still active (combobox TLS), maybe you want to change the combobox to unencrypted or something.00:20
dvheumen(at least that's how it looks on the fancy graphics website :P)00:20
garymcit is set to auto. The choices are SSL TLS AUTO NONE00:20
jmarsdendvheumen: Ah, could be.00:20
jmarsdengarymc: Try NONE00:20
garymcTried none and got this error : Send test e-mail message: None of the authentication methods supported by this client are supported by your server.00:21
garymcso im recieving emails great00:21
garymcjust cant send now?00:21
jmarsdenRight.  There's a fix for that... a postfix config fix... it's an outlook oddity if I remember rightly... but I forget what teh fix is... let me try and find out...00:22
jmarsdengarymc: What does    postconf -n | grep broken     output   ?00:24
garymci get a symnatec Email proxy warning too in outlook. A yellow box pops up. Let me do that now00:24
jmarsdenOh man... try killing the symantec thing from getting in between Outlook and your mail server, and test again!00:24
garymcbroken_sasl_auth_clients = yes00:24
dvheumenor you can just right-click and disable it ;)00:25
jmarsdenThat's as it should be.00:25
garymcOMG this synatec stuff sucks00:27
dvheumenwhat's wrong?00:28
garymcit weont turn off00:28
dvheumenwhat did you try?00:28
jmarsden"<jmarsden> Oh man... try killing the symantec thing ..."    -- there was a reason I said that :)  Close Outlook, log out of Windows, log back in, try disabling it.  That may work better (I think it's hard to disable when it is already acting as an email proxy, but that's from a rather vague memory)...00:29
garymcso if i log out will this chat room stay open? or am i gonna have to load up again?00:31
jmarsdenYou'll have to restart your IRC client and reconnect here, if your IRC client is on the same WIndows PC you are testing from.00:31
Jeniczek|afkjust returned from ciname00:32
Jeniczek|afkcinema ;)00:32
Jeniczek|afkawesome movie, Avatar is ;)00:32
garymcyeah its good. You see it in 3d?00:32
garymcok brb00:33
Jeniczek|afkDolbi Digital 3D00:33
jmarsdenJeniczek|afk: Hint: you are no longer |afk , or else we are all talking to a bot :)00:33
=== Jeniczek|afk is now known as Jeniczek
dvheumenyou know, I can't find any information on ACL (setfacl/getfacl) on the serverguide for karmic. Is this not important?00:37
jmarsdendvheumen: Almost nothing uses ACLs on Unix/POSIX filesystems.00:38
jmarsdeneveryone just sticks with normal Unix permissions.00:39
dvheumenah okay, so that me thinking too much in Windows-mode :P good to know00:39
garymcwell that didnt work00:40
jmarsdenwelcome back... you still can't disable symantec from interfering with your email connections?00:40
garymci dont think it has any bearing on the emails though. its just like a warning message to say it an encrypted email00:40
jmarsdenIt may not be the problem, but it may be... hard to know until you disable it, really.00:41
dvheumenMaybe I missed this, but is postfix configured to or not to use encryption for SMTP communication?00:41
jmarsdenI suspect by default it is not.  We could try adding STARTTLS support to it, but it would be nice to know the issue isn't Symantec tryinmg to hard to protect garymc from himself...00:42
jmarsden*trying too hard ....00:42
garymcyeah im trying to suss out this symnatec crap00:42
dvheumengarymc, what version of symantec is running?00:42
jmarsdenYou really should be able to disable it temporarily.00:42
dvheumenis it Symantec Corporate, or Symantec Endpoint Protection?00:43
dvheumen'cause I know for sure you can right click a Symantec Endpoint Protection client and choose 'disable ...'00:43
dvheumenor you could just start the client and configure it differently (if the configuration options aren't locked)00:44
garymcits built into norton isnt it?00:44
garymcIve disabled all of norton and cant find the symnatec stuff00:44
dvheumengarymc, Norton is the consumer version, Symantec is the corporate version00:44
jmarsdenHmm, looks like postfix actually does get configuredto accept STARTTLS by default when you use the dovecot-postfix package... nice :)00:45
garymcso thats good?00:45
dvheumenjmarsden, okay, so 'TLS' should be selected in the combobox of the account security settings00:45
jmarsdenYes, except it means the message from Outlook makes less sense... I'll try sending gary a test msg from a server I run that I know does TLS by default and see what happens...00:46
garymci just sent myself a message from my yahoo account. it went to my junk mail folder00:47
mrp0there's no man on my ubunutu server install?!?00:48
jmarsdenmrp: what happens when you type    man man00:48
jmarsdengarymc: Your mail server has working STARTTLS, so the issue is with SMTP authentication somewhere...00:49
garymcis that on my server00:50
jmarsdenYes... testing...00:50
garymcgot your email00:50
garymcso what can i do to test it?00:52
jmarsdenYes... and if I connect to your server using openssl s_client and play around, it shows me 250-AUTH PLAIN LOGIN   and 250-AUTH=PLAIN LOGIN   so that part looks OK to me...00:52
dvheumentry thunderbird maybe?00:53
jmarsdengarymc: Well, you can use openssl s_client -connect thefinancefacilityc,om:25 --starttls smtp     # but then you have to know what to do to authenticate using SMTP by hand ... so yes, dvheumen's idea is probably reasonable.00:53
garymcprob is all the people who work with me use outlook. I dont think they will want to chage to thunderbird00:54
dvheumengarymc, it's just for testing00:54
dvheumenif it works, then you can probably conclude that Symantec isn't interfering00:55
dvheumenand you can continue searching for Outlook settings00:55
garymcoh ok00:55
garymcis it a firefox add on?00:56
dvheumenno, a separate app, you can find it at mozilla.com00:56
dvheumenjmarsden, that command 'openssl s_client' is nice, didn't know that one, might come in handy some day :P00:56
jmarsdengarymc: I need to do some other work related computing, but will stay online here and catch up from time to time...00:56
garymcok im in the uk where are you?00:57
jmarsdendvheumen: It's a handy test tool, yes.00:57
garymcits 1 am here00:57
jmarsdengarymc: California.  I'm from the UK, though.00:57
garymcWhat part of the UK00:57
jmarsdenBorn in Bristol, but family is in Yorkshire.00:57
garymcjust installing thunderbird00:58
dvheumenokay, I'm gonna tell you in advanced. I don't have any experience with thunderbird and secure SMTP connections. But the idea is to set up the connection just as we would (and tried) in Outlook. And test it. If you can't get it to work at all, then Symantec might be interfering01:01
dvheumenIf you can get it to work, then it must be something in Outlook.01:01
garymcHey thunderbird found the settings itself01:01
dvheumenThis way you can narrow down the search01:01
garymcincoming mail server : imap.thefinancefacility.com01:01
garymcoutgoing : smtp.thefinancefacility.com01:02
garymcoutgoing was amber not green01:05
dvheumendid it say anything about the meaning of the color?01:06
dvheumenor some warning or error message or something?01:06
garymcok sending an email in thunderbird heres my error message: Sending of message failed.01:07
garymcAn error occurred sending mail: Unable to authenticate to SMTP server mail.thefinancefacility.com. The server does not support authentication (SMTP-AUTH) but you have chosen to use authentication. Untick 'Use name and password' for that server or contact your service provider.01:07
dvheumenoh, yeah right, that's probably also the problem in Outlook.01:08
dvheumenTry disabling authentication in thunderbird01:08
dvheumen(better to continue testing in thunderbird at first)01:08
dvheumenso it seems that TLS is accepted, you just doesn't need to authenticate ... (or maybe I'm too hasty in my conclusion)01:09
garymcnow trying to find that in thunder bird :P01:09
dvheumentry to find the account settings. I'm not familiar with Thunderbird 3 yet, but I've seen a separate section for "Outgoing Mail" in Thunderbird 2, so you might be looking for that in T3 too01:10
garymcit says secure authentication none in thunderbird01:10
dvheumennone? okay ... just keep it like that for now01:11
dvheumenow w801:11
dvheumensorry, misunderstood uhhh....01:11
uvirtbotNew bug: #514963 in samba (main) "package samba-common-bin 2:3.4.0-3ubuntu5.4 failed to install/upgrade: subprocess installed post-installation script returned error exit status 2" [Undecided,New] https://launchpad.net/bugs/51496301:11
dvheumenso are there a username and password entered for SMTP?01:12
dvheumenbecause you probably don't want those to be used01:12
garymcyes i disabled them01:14
garymcstill not working01:14
dvheumenis the error the same?01:14
garymcboo hoo :(01:14
garymci really need to get something working by monday or im screwed01:15
dvheumenthen what is the error message?01:16
jmarsdengarymc: Then you shouldn't be attempting this, given your level of experience with installing and testing email servers!01:16
garymclol i know01:16
jmarsdenGicven " The server does not support authentication (SMTP-AUTH)", something is weird, because my openssl s_client test shows that it *is* accepting AUTH over STARTTLS connections.01:17
garymcbut if i can just get sending and recieving wokring then ill get the rest of it up eventually01:17
garymcyeah its prob just something stupid thats stopping it01:17
jmarsdenIf a mail server sends and receives, what else do you want it to do?  Make coffee?01:17
garymcif it could ;P01:18
garymcNo i mean AntiVirus and spamassassin etc01:18
garymcand webmail01:18
dvheumenI think you should try again with a clear head, not at 1 in the night :P01:19
jmarsdengarymc: Sleep for six hours, then come back here. I01:19
jmarsdenwill probably still be here :)01:20
garymcso no other tests i can make?01:20
garymcbefore bed01:20
jmarsdenAnd I may be somewhat freer to focus on helping you than I am now... there are things I could test, but that I can't teach you to do quickly.01:20
jmarsdenSo ... you can test brushing your teeth before bed, if you like :) :)01:21
garymclol ok01:22
garymcthanks for all your help01:22
garymchopefully speak 2moro01:22
garymcnight night01:22
jmarsdenYou're welcome.  Sleep well.01:22
dvheumengarymc, good luck tomorrow01:22
garymcone last error message in thunderbird01:22
garymcSending of message failed.01:22
garymcThe message could not be sent because the connection to SMTP server mail.thefinancefacility.com timed out. Try again or contact your network administrator.01:22
dvheumendream about it tonight :P01:23
dvheumenand you'll have the answer in the morning ;)01:23
garymci doubt it01:24
garymcbut oh well  catch you laters01:24
dvheumenjmarsden, well I hope I can get the same patient support when I stumble upon a problem with Ubuntu Server, 'cause this was pretty impressive ;)01:27
dvheumen(next week or so ...)01:27
jmarsdenThanks :)  I'm often here, and help when I can...01:28
dvheumenokay, that's good to know01:28
garymcHi again, having trouble sleeping01:36
garymcjust sent a test message from gary@thefinancefacility.com to gary@thefinancefacility.com and it sent it01:36
garymcbut tried to send one to my yahoo account and get this message01:37
garymcAn error occurred while sending mail. The mail server responded:  5.7.1 <gmckla@yahoo.co.uk>: Relay access denied. Please check the message recipient gmckla@yahoo.co.uk and try again.01:37
garymcis that any better of help?01:37
dvheumengarymc, that's another kind of problem01:39
garymcit is?01:39
garymci havnt changed no settings?01:39
dvheumenthis has to do with relay settings on the mailserver, should be completely separate from the authentication problem01:39
dvheumenow w8, you send from thunderbird?01:39
dvheumenhmmm, interesting01:40
garymcso how do you fix relay settings?01:40
dvheumeni don't have a clue on that one, I'm not at all familiar with postfix01:40
jmarsdengarymc: Fixing the auth will fix that, the server will relay for you if you authebticate to it to prove you are really a user of it.  Now go to sleep :)01:42
garymcARRRR..... missus is in bed and neice is in my speck so dont look like im gonna get any sleep01:42
jmarsdenpostconf -n |grep smtpd_recipient_restrictions   # to see why this works, it will have a permit_sasl_authenticated in there...01:44
jmarsdenI need to work on other things right now...01:44
garymcok jmarsden no worries01:45
dvheumengarymc, so this essentially says, if the client is an authenticated user, then relaying is allowed, otherwise only mail to locally managed domains is allowed01:50
dvheumenso you're back at the authentication problem (sorry :P)01:50
garymci take it you dont know how to sort that?01:51
garymc causing it?01:51
garymc causing it? is it postfix or dovecot01:51
dvheumengarymc, well, actually I'm now at a point where I have some ideas, but it's difficult to help you via text01:51
dvheumenits a sending problem, your communicating with postfix01:51
dvheumenso I suspect postfix01:52
dvheumen(or thunderbird of course)01:52
garymcill pastbin my postfix /main.cf01:52
garymcwill that help?01:53
dvheumenthe authentication problem occurs in this communication I think: client (currently thunderbird) --- (Symantec, transparently proxying, maybe interfering, maybe not) ---> Postfix01:53
dvheumenit won't help, because I have never worked with postfix01:53
garymcim going to bed01:54
garymcbye bye thanks for the help01:54
=== 50UAAANDT is now known as lamont
altf2onot sure if this is the appropriate room, however i'm running Ubuntu 8.04 LTS & OpenVPN is running fine. Have the server and a Windows XP client and Ubuntu 9.10 (NBR) connected just fine. Both clients see all Samba shares etc... Issue is they can't ping eachother, anyone know if there's a way to get them to see eachother?03:18
altf2on/m, i got it folks.  /etc/openvpn/server.conf , uncomment:  client-to-client  , incase anyone needs it.03:26
=== Guest20795 is now known as bogeyd6
MTecknologyaltf2o: this was the right channel - just many people gone for the weekend04:14
altf2oMTecknology: good to know. I've always wanted remote access to my local Samba shares\printers, good to know OpenVPN made it very simple04:25
MTecknologyaltf2o: glad it's working for you04:28
=== freeflying is now known as ZhengpengHou
=== ZhengpengHou is now known as freeflying
jiko_I need help, i got stuck at this place I am getting this same page again and again - http://i47.tinypic.com/2zqdkx2.jpg04:59
MTecknologyAnybody have any idea what happened here?  http://paste.ubuntu.com/366029/06:05
patdk-lapsounds like all your memory was locked or something, dunno07:21
patdk-lapwhy are you running pae kernel? you have >4gigs ram in a non-64bit system?07:21
MTecknologypatdk-lap: that's just the -server kernel08:32
MTecknologypatdk-lap: I'm going to go to sleep; hilight me with anything you wanna say or msg; thanks much08:33
* MTecknology passes out from physical and mental exhaustion08:33
=== Guest98536 is now known as jussi01
simmerzjmarsden: got the second server upgraded. that had even more problems! ended up migrating it from Xen to KVM to alleviate them11:10
uvirtbotNew bug: #389763 in kvm (main) "ERROR: Missing kernel headers  Kosmic" [Undecided,New] https://launchpad.net/bugs/38976311:40
alexxx`hello, can someone help me to install Kloxo Lxadmin to in Hyper VM (VPS) ?11:41
twbNeither of those things sounds like Ubuntu11:59
uvirtbotNew bug: #515099 in samba (main) "package samba-common 2:3.4.0-3ubuntu5.4 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/51509912:11
error404notfound[from #bind] i have this http://pastebin.com/m4f4fc7db setup on my local server, just practicing, and its not working, as you can see i can't open any urls and even the ping response comes from multiple subdomains12:15
garymcHi, anyone know how i sort my relay for my email server in postfix and dovecot? I can send emails to the same domain but not any outside it12:27
garymcHey jmarsden you still up?12:28
garymceveryone must be a sleep12:32
kervelgarymc: relayhost in /etc/postfix/main.cf ?12:43
garymckervel : relayhost =12:44
garymcthere is nothing there12:44
kervelgarymc: where is the machine ? is it a server or is it at home12:45
garymcits a server at my office12:45
kerveland if you try to send an email, is there anything in /var/log/mail.log ?12:45
kervelit is possible the ISP you are using blocks port 25 outgoing (mine does)12:46
kervelin that case you need to configure relayhost to relay all mail to the smtp server of your ISP12:46
garymchold on12:47
garymcim checking the logs12:47
kerveleg "relayhost = smtp.btcentralplus.com"12:47
kervelor something like that. no idea if thats the right server12:47
garymcbut why would i do that. I thought my server would have sent the mail?12:47
kervelwell the mailserver sends mail by contacting the mailserver of the recipient12:48
kerveleg if you send to somebody@gmail.com, the mailserver will try to contact the mailserver of gmail.com to deliver the email12:48
kervelthat will not work if your isp blocks this kind of traffic (which is common)12:49
kervelso instead of doing your mailserver -> gmail.com mailserver12:49
kervelyou do your mailserver -> isp mailserver -> gmail.com mailserver12:49
kervelwhich is less likely to be blocked12:49
kervelprobably your mail.log will give you more information12:50
garymcheres my mail log http://pastebin.ca/177301612:51
kervelah this is another proble12:53
kervelyour mailserver refuses to relay mail for 86-158-86-20312:53
kerveli guess the program you use to send mail with and your mailserver are on a different machine12:53
garymcyeah thats my home ip, but its a dynamic ip12:54
kervelprogram = thunderbird / ...12:54
garymcon windows xp12:54
kervelok, now probably its a good thing12:54
kervelhome ip -- office ip are not in the same network12:54
garymcim 10 miles from my office on my home internet12:54
kervelif your mailserver would accept mail from every possible IP and relay it, it would be used as a spam gateway in no time12:55
garymcyes i understand. but how do the likes of an email provider do it?12:55
kervelso mailservers are configured to relay mail for their own network only12:55
kervelan ISP will always relay mail for all its customers12:55
kervelfor the ISP, all their customers are in "their network"12:56
kervelso thats easy12:56
kervelto check if somebody is a customer or not (by ip address)12:56
kervelyour mailserver has no way to know if it is you who sends mail or a spammer12:56
garymcok i have email for my other sites held at fasthosts.com but my ISP is BT12:56
garymcso im a little confused12:56
garymci thought maybe username password match and it would le tme send?12:57
kervelwell let me tell you what is "relaying" mail12:57
kerveltell me which mail domain is configured on your server12:57
kervelor give me an example if you dont want to disclose12:57
kervelif i use your mailserver to send to thefinancefacility.com then it will always accept the mail12:58
kervelbecause then your mailserver acts as endpoint not as relay12:58
garymcyes cos its internal12:58
garymci can recieve outside emails fine, just cant send12:58
kervelreceive and send are completely different12:59
kervelreceive is dovecot, username and password12:59
kervelyour postfix is using for sending mails and doesnt use password12:59
kervelso it uses ip authentication12:59
kerveleg in your main.cf you will find this line:12:59
kervelmynetworks = blablabla13:00
kervela mailserver will RELAY a mail if the ip address where the mail comes from is in the mynetworks13:00
kervelotherwise it wont13:00
garymcmynetworks = [::ffff:]/104 [::1]/128
kervelso you could add the whole bt network to mynetworks and then it will work, but thats a great spam risk13:00
garymcbut im on a dynamic ip at home so my ip always changes13:00
kerveland you also risk being blocked by your isp because of open relay13:01
kervelnow there are some solutions for this, but not easy13:01
kervelfirst of all , why don4t u use the smtp server of your home isp to send email13:01
kervelthat one will always work13:01
kerveleg relay13:01
kerveleg in your thunderbird, specify your dovecot as INCOMING server just like now but specify outgoing server the one of your isp13:03
kervelthats the easy solution13:03
kervelthe difficult solutions are:13:04
garymcok but no good13:04
kervelwhy not ?13:04
garymcim gonna need the difficult one13:04
garymcCos i have a couple employees who need to access their email from home and possibly send them, they are all differnt ISPS13:04
garymcthey all use outlook13:04
twbkervel: we already tried to talk garymc out of accidentally running an open relay13:04
garymctwb im not going to accidently run an open relay13:05
kervelsee the section POP3 (imap) before SMTP13:05
kervelthats one solution13:05
kervelthe other solution is SMTP authentication, where your postfix also uses username and password13:05
garymcthe second sounds better13:06
kervelgarymc: as already told you its a nonstandard setup and it will require some digging and googline13:07
twbkervel: you mean exposing smtp/ssl to the internet on the submission port, and requiring autentication for relaying?13:07
kerveltwb: yes13:07
twbYeah, that's the least worst approach if you have end users outside your network, who are too dumb to use ssh + mutt :-)13:08
kervelreason why this is difficult : you want it to use the same auth as your imap/pop server so you will need to have a matching configuration on incoming and outgoing13:08
kerveleg for cyrus its different than for dovecot13:08
twbkervel: can't you just use pam?13:08
kerveltwb: maybe. the auth plugin framework for these things is called SASL iirc13:09
twbkervel: that's for the client to talk to the daemon, surely?13:09
kervelyes ...13:10
twbThe daemon talking to an SSO user database (ldap, flat files, whatever) is pam13:10
kerveltwb: check the link i just sent ... sasl is apparently more than just a protocol13:10
kerveltwb: postfix can be configured using cyrus sasl and also dovecot protocol whatever that may be13:11
kerveltwb: pam and sasl use different password encryption afaik13:11
kerveltwb so that means if you use pam+sasl you can only do cleartext passwords13:11
twbpam doesn't use encryption at all.13:11
twbpam is just an API that defines how applications can ask questions like "is this user who they say they are?"13:12
garymcyeah i need to implement this.13:13
kerveltwb: you are probably right, but in the end passwords are encrypted in /etc/shadow and this has some effects13:13
kervelanyway, not related to pam probably indeed13:13
garymcSee if im at the office I can use this email to send and recieve great. I see the problem when leaving the office network13:13
kervelbut still there13:13
kervelgarymc: i would suggest checking the urls i just pasted here13:13
garymcso i prob need this postfix SASL implemeted13:14
kervelgarymc: looks like it13:14
garymcor is it SASL auth13:15
garymccos i thought i had SASL auth implemented but obviously not13:15
kervelgarymc: you need to have it implemented AND you need to have your clients configured so that they use username/password for smtp13:16
kervelwhich is not the default13:16
kervelDovecot SASL configuration for the Postfix SMTP server in http://www.postfix.org/SASL_README.html13:16
garymci understand that its just doing it im having probs with13:16
garymcill read through thatkervel, i have actully done what it says here but it doesnt work13:18
garymckervel : i have actully done what it says here but it doesnt work13:18
kervelgarymc: there is a big part about troubleshooting too in the howto .. i suggest looking at it13:19
kervelbtw one more thing garymc i stopped doing this running my own mailserver long ago13:21
kervelits too much pain .. every single mistake you make can result in a disaster13:21
kerveleg lost mail13:22
garymcyeah i understand13:22
kervelnow i use a professional mail host who can do it much better than me ..13:22
garymcim prob gonna just go back to my provider but they are soo bad13:22
garymcemails down all the time etc etc13:22
kervelyeah ... then find another one13:22
kerveltake into account that running your own mailserver means backups and restores, user support, calling to administrators of other companies to ask why they block your mailserver , ...13:23
kervelits a hard job13:23
kervelpeople will call you to ask why they cant send 40meg attachments13:24
kerveland things like that13:24
error404notfound i have setup bind to be authoritative for only domain.com, i still see /var/log/syslog saying named[14880]: client query (cache) 'twitter.com/A/IN' denied, why?14:27
error404notfoundhow can i configure bind to only answer for domain.com instead of listening every request and denying it then?14:45
bogeyd6error404notfound, its called forwarders14:47
bogeyd6it will answer only the domains it carries and forwards all other requests14:47
error404notfoundbogeyd6, but i don't want it to forward requests, won't it consume bandwidth?14:48
bogeyd6so you want to deny everything but the domains it has zones for?14:48
bogeyd6and the bandwidth it consumes is completely minimal14:49
error404notfoundbogeyd6, hmmm, well if its minimal, i can live with that :P14:55
kijoplease help me in installing forum14:56
kijoI uploaded all the files through FTP but unable to open the install.php file14:57
mealstromcheck permissions14:59
bogeyd6kijo, if you uploaded as your username you need to sudo chown www-data /directory/to/files15:03
bogeyd6or you can chgrp it15:03
bogeyd6then sudo chmod g+r /directory to files15:03
error404notfoundbogeyd6, i have http://pastebin.com/m4f4fc7db except that now i have uncommented forwarders and restarted bind.15:05
error404notfoundbut i still can't resolve any urls, get same deny error15:05
error404notfoundhttp://pastebin.com/m76bae9b9 contains my bind configuration, my syslog on server, dig response on client and resolv.conf on client, u am unable to browse any site...15:26
cyphermoxerror404notfound, what happens if you do a request on the client for example.com?15:36
error404notfoundcyphermox, i can't connect, no response.15:37
cyphermoxno response, or refused?15:38
error404notfoundcyphermox, i think refused, can't check right now...15:41
error404notfoundcyphermox, lemme check now :)15:47
cyphermoxerror404notfound, if what you're trying to achieve is an internal, caching nameserver only, I'd check two things: making sure the root server hints are in place (zone .), and I'd remove "recursion no;" and replace it with "allow-recursion{;};  allow-query {;};"15:48
error404notfoundcyphermox, yup, doing that :)15:48
error404notfoundi instead created an acl and using that15:49
error404notfoundfollowed http://support.menandmice.com/jforum/posts/list/25.page and created an acl named trusted, using that in allow-query allow-query-cache allow-recursion etc15:52
error404notfoundcyphermox, that fixed it :)15:52
error404notfoundthanks man :)15:52
error404notfoundthat was my first experience combining openvpn and bind to serve private services only to vpn machines15:54
garymccan anyone actually help me get my email server accepting me when im away from the network?16:08
garymcim reading everything and just dont understand what i need to impement and how16:09
leniosgarymc, do you have smtp auth on the email server?16:11
garymci thought i did, but now im not so sure16:12
garymchow can i tell?16:12
garymcall emails work fine when im in the office network. I can send out recieve etc16:12
garymcbut when i come home and try to send an email from gary@mydomain.com to jack@yahoo.co.uk it wont work16:13
leniossmtp auth means you'll have to authenticate to send mails16:13
garymccould you help me with this?16:13
garymcI know ive set the postfix/main.cf16:13
garymcsmtpd_sasl_auth_enable = yes16:14
garymcok sasl auth is installed and running16:18
leniosyou just need inbound mail relay in your case16:24
garymclenios : so how do i go about doing this?16:27
leniosjust follow the instructions on the page i linked16:29
garymclenios followed that link you provided and still no joy.16:47
garymcWhen i telnet mydomain.com 2516:48
garymcthen run command "ehlo mydomain.com" the 250-AUTH DIGEST-MD5 CRAM-MD5 doesnt show up ? :S16:48
dvheumengarymc, do you want me to check?16:50
error404notfoundbogeyd6, can you help with http://ubuntuforums.org/showthread.php?t=1395050 ?16:55
garymcdvheumen yes if you could please :)17:02
dvheumengarymc, what was the domain name again. I should be able to get the same info when I connect17:03
dvheumenokay, i'll have a look17:04
garymcthe TTLS is there but no AUTH17:04
android60I have a home server that isnt used much so I would like to spin down data drives when not in use for 3 hours. I am looked at hdparm but I am not sure if using hdparm -S permanantly sets the standby time for the drive (even after reboot) or if this is the best way17:07
dvheumenokay, so I did also not see AUTH, but that might be because 'telnet ... 25' creates a plaintext connection, not a secure one17:09
dvheumenso I'm now trying to figure out how to set up a secure connection :P17:09
garymcok but the guides say otherwise17:10
dvheumenhmmm okay, that's good to know17:10
dvheumenin that case it would seem that it is not accepted as a valid option17:10
dvheumenhmmm... when I enter 'AUTH' as a command (was just a guess) it gives me '503 5.5.1 Error: authentication not enabled'17:11
dvheumenthis gives me the impression that a postfix config options is incorrect ... remember, I haven't done anything with postfix yet, so I'm guessing here17:12
garymcthats what im saying i just cant work it out17:13
dvheumenokay, I've scanned through the linuxgazette article that was posted here earlier. That seemed to be a good guide, and if you've followed/checked your configuration according to the linuxgazette article, I'm afraid I am out of ideas17:16
garymcok thanks for trying17:18
android60is spindown the same as standby for a hard drive?17:22
garymcAnyone else help me get my mail server working?17:41
cemcgarymc: maybe AUTH is available only after STARTTLS ?17:58
cemcman 5 postconf, and search for smtpd_tls_auth_only17:59
cemchow is that set up in main.cf ?17:59
garymchold on18:03
garymcsmtpd_tls_auth_only = yes18:05
garymcthats 3rd line from bottom of file18:05
cemcif I understand correctly, that means it you need to TLS first, then AUTH18:06
cemcso it won't work over unencrypted connection18:07
cemc[01/31-195919] <cemc> man 5 postconf, and search for smtpd_tls_auth_only18:07
garymci dont understan man 5 postconf18:09
dvheumenthat's what I suspected :P18:09
cemcgarymc: you mean you don't know how to use 'man' or you don't understand what it says for that option?18:10
dvheumencemc, is there any way to start an interactive terminal after TLS is established. I've seen a command 'openssl s_client -connect host:port -starttls smtp' but this exits after tls info is displayed18:10
dvheumencert and such18:11
garymcive never used man18:11
cemcgarymc: uh, wrong answer :)18:11
cemchow can you not know about man ? try it and see. just type 'man 5 postconf' in a terminal18:12
cemcthat should bring up the manpage for all the postfix config options18:12
cemcit's kinda like F1 :-)18:12
cemcgarymc: it's more basic than 'googleing it', you really should know about it when trying to set anything up on a linux server18:15
cemcdvheumen: hm good question18:15
dvheumentnx :P18:15
dvheumenlearned the other command yesterday ... I'm in shape :)18:15
cemchm, it doesn't exit for me, that openssl command18:16
dvheumenhmmm... then it maybe is something else, I'll give it another try18:16
dvheumen'read:errno=0' is what I get, the other stuff is just information18:17
cemcdvheumen: what server, let me see18:18
dvheumenI'm trying the server garymc is trying to configure, in order to see whether AUTH options are available18:18
garymcthats it18:19
cemcyeah, same for me too, errno=0, weird18:19
cemcgarymc: anything in the logs?18:20
garymcnothing that i understand18:20
garymcjust denied stuff18:20
cemcgarymc: try this: tail -f /var/log/mail.log, then in another terminal:  openssl s_client -connect thefinancefacility.com:25 -starttls smtp18:23
cemcand see what appears in the logs after you do that18:23
garymcso open the mail.log now and see what it says?18:25
dudkohi. I'd like to ask you if is possible to run as root in this PHP Shell Commander http://sourceforge.net/projects/shcmd/18:27
cemcgarymc: open a terminal, type sudo tail -f /var/log/mail.log18:27
cemcgarymc: then open another terminal and type: openssl s_client -connect thefinancefacility.com:25 -starttls smtp18:27
garymcdone that18:28
cemcwhen you press enter, see what appears on the other terminal. anything?18:28
garymcyes heres a pastebin18:28
cemcjust what I thought, something's not set up right, and after you connect it craps out, and ends the connection18:29
cemcsee that fatal error? :)18:30
garymcdont know what is set wrong though?18:31
cemcwhat do you have for smtpd_sasl_type= ?18:32
garymcin postfix/main.cf?18:34
garymcsmtpd_sasl_type= dovecot18:35
cemchttps://help.ubuntu.com/community/PostfixDovecotSASL - maybe you should read this18:35
garymcpretty sure ive done all that18:37
garymcill look through it again now18:37
cemcgarymc: don't just look, try to understand it. don't just copy-paste options from the page to your config files... try to see which option does what. and 'man' is your friend ;) and read the comments in the config files18:39
ghostlinesis it a big deal if your powersupply doesn't fit in the mobo's powerslot?18:55
ghostlinesmines fits, but 4 slots still need to be connected but this old powersupply has different fittings18:56
ghostlinesseems like an old atx powersupply18:56
ghostlineswhat I'm really asking is can a 20pin atx connector work in 24 pin slot19:01
dvheumenI think there are converters available19:03
ghostlinesahh k thaks19:06
garymccemc how can i find out the correct path for my postfix que directory?19:09
garymcat the minute it is this : smtpd_sasl_path = private/auth-client19:09
garymcthats what it is set to in my /postfix main.cf19:09
garymccemc I followed that guide to the tee and still no change :(19:12
garymcjmarsden : are you about?19:13
cemcgarymc: the default postfix queue dir is /var/spool/postfix19:13
garymcyeah i just found the path but still not working19:13
garymcahh its such a bummer19:15
cemcgarymc: is dovecot running ok?19:16
garymcit says it is19:16
cemcgarymc: could you pastebin dovecot.conf and main.cf ?19:17
garymchttp://pastebin.ca/1773372 dovecot.conf19:21
garymchttp://pastebin.ca/1773377 main.cf19:22
bogeyd6garymc, :))))19:22
bogeyd6again with the authentication19:22
bogeyd6you do realize if you follow the online guide it WILL work19:23
cemcgarymc: do you have a dovecot-postfix.conf ?19:23
garymcwell it all seems to be a shambkes now19:23
cemcgarymc: did you see what it says in dovecot.conf at the top ?19:23
bogeyd6prob the best thing you can do gary is purge all the package and start fresh with the online guide19:24
garymccemc whoops ;)19:24
ubottuIMAP and POP are protocols for fetching email. The officially-supported server in Ubuntu is Dovecot (packages "dovecot-imapd" for IMAP, and "dovecot-pop3d" for POP) - See also !MailServer for information on the SMTP protocol19:24
bogeyd6!mailserver | garymc19:24
ubottugarymc: Ubuntu supports the Simple Mail Transfer Protocol (SMTP) and provides mail server software of many kinds. You can install a basic email handling configuration with the "Mail server" task during installation, or with the "tasksel" command. See also https://help.ubuntu.com/community/MailServer and https://help.ubuntu.com/9.04/serverguide/C/email-services.html19:24
bogeyd6fo shizzle garymc19:25
garymcfo shizzle?19:25
garymccemc : dovecot-postfix.conf is set correctly according to the documentation19:31
qman__which is the correct file in /etc/apt.conf.d/ to place apt proxy directives?19:47
qman__ah, just created a new one, works fine19:52
uffiolehi. I want to run a few guests on a VM , mostly ubuntu desktop20:46
uffioleso i setup the server 9.-10 and experimented with QEMU a bit20:47
uffiolebut i am confused if it would be easier to have X (and SDL) and a management interface on the box20:48
uffiolejust found JeOS. Is it a special server edition , right?20:50
uffioleand the docs say it's for guest (too?)20:50
kiko__i got stuck at a step in installation of forum software , could someone please help me out20:52
dvheumenuffiole, if I remember correctly, JeOS is a slimmed down kernel for guest installations, because they all have the same simple virtualized hardware20:56
dvheumenkiko__, I don't think I can help, but what software is it?20:56
kiko__its SMF and i am at 80% done but getting a problem :-(20:57
dvheumenis it a PHP problem?20:57
dvheumenPHP error message or something20:57
kiko__no not php20:57
dvheumenokay, let's give it a try20:58
dvheumenwhat is the problem?20:58
dvheumenokay, that one works, plz continue here21:02
kiko__after entering all the details in that step i am getting this page all the time - http://i47.tinypic.com/2yovkad.jpg21:04
dvheumenso that happens when you click continue?21:05
dvheumendoes the URL in the address bar change?21:05
dvheumenwell, it's clear that the URL in the last screenshot is not correct21:07
dvheumenso you might want to find out why the URL changes and why this new URL doesn't work21:07
kiko__is it URL ?21:08
dvheumenwhat do you mean?21:08
kiko__is it coz the url contains '  _ '  ?21:09
dvheumenI don't know, because I don't know what the correct URL is. But you might want to compare the URLs of the two steps (the working one and the failing one) and see if there's a difference21:10
kiko__URL are same21:11
dvheumenexactly? or is the 'step' at the end different?21:14
wizzy_hello people21:20
wizzy_i am installing ubuntu server on my new system21:20
wizzy_i got 2 hard drivves21:20
wizzy_80gb and 40 gb21:20
wizzy_can i install it on raid?21:20
wizzy_so noones here21:23
wizzy_i will be using it for 2 x phpbb web sites21:24
kiko__yes the url are exactly same21:24
wizzy_can i install os and everything on 40gb and www and mysql data on 80?21:25
guntbertwizzy_: then it is 2 disks - not raid21:25
wizzy_well i am thinking21:25
wizzy_raid is for backing21:26
wizzy_but i might have some traffic so probably ill use 2 disks21:26
wizzy_so /var should be on 80 gb21:26
wizzy_and os on 40 gbs right?21:26
wizzy_i will be only user of linux21:27
wizzy_it will be 1 www and 2 forums sites (phpbb21:27
uffioledvheumen, ok thx.  i continue another day.... bye21:31
wizzy_so now i got 2gb SWAP , 500mb /boot 15gb / . 23gb /home21:35
wizzy_am i good?21:35
wizzy_and /var and /tmp are on 80gb with 20gb free space21:36
uvirtbotNew bug: #514989 in php5 (main) "PHP process output (?) that breaks bash completion" [Undecided,New] https://launchpad.net/bugs/51498921:36
Timreichhartcould anybody tell me how I would update the mysql from root to user?21:36
wizzy_www files are in /etc/apache right?21:39
qman__wizzy_, no, apache configuration is in /etc/apache2, website files are in /var/www21:39
wizzy_ok so its good that i will put /var on 80gb disk21:40
TDJACRAnyone here use Exim with /etc/aliases (*: /var/www/scripts/maildaemon.php)21:40
wizzy_../var has 55gb / enough for 1 web site and 2 myslq databases?21:40
qman__far more than enough21:41
wizzy_ok thank you21:41
qman__1GB would probably be enough21:41
TimreichhartI know there is a simple code but I forgot what to use21:41
uvirtbotNew bug: #515269 in samba (main) "Samba server starts before cups does" [Undecided,New] https://launchpad.net/bugs/51526921:41
wizzy_on 40gb i got /boot,/,swap and /home21:41
wizzy_on 80 gb i got /tmp and /var21:41
wizzy_am i missing something?21:41
wizzy_or should i just continue21:42
qman__ /usr will have a significant amount of data in it, so make sure / is big enough21:42
Timreichhartcan anybody tell me how to update user in mysql like from root to user?21:42
qman__at least 4GB21:42
wizzy_../ is 15gb21:42
qman__that's plenty21:43
wizzy_ok so i will continue21:43
wizzy_then i will have one more question21:43
wizzy_i got 2 routers21:43
wizzy_wireless which is connected to modem and i got another one which is connected with wireless21:44
wizzy_so i gotta open port 80 and 22 in both of them for server ip21:44
wizzy_what if i will want to connect with ssh from my other pc on lan21:44
qman__probably not, but you need to be more specific21:44
wizzy_ok ok21:44
qman__is the second router connected to the first via wireless?21:45
wizzy_ill do sceme and ill post you link21:45
wizzy_give me a min21:45
wizzy_gman --- http://lh4.ggpht.com/_cXxRH_xn2yM/S2X6lEdyZsI/AAAAAAAAArA/VHj4PcHh75c/s640/sceme.JPG21:48
wizzy_1 is modem21:48
wizzy_2 is wireless/wired router21:48
wizzy_3 is router in my room21:48
wizzy_4 is ubuntu server box21:48
qman__ok, is 3 connected to 2 via wireless, and is it in wireless bridging mode, or is it routing21:49
wizzy_no via ethernet cable21:49
qman__on 3, is it connected to 2 on the WAN port, or the switch21:49
qman__as in, 3's WAN, or 3's switch21:50
wizzy_3 is connected normally into 4 ports21:50
wizzy_like you would connect pc to is21:51
qman__that's not what I meant21:51
qman__3 is plugged into 2's switch21:51
qman__but on 3, is that cord in the WAN port or the switch21:51
wizzy_it works cause on 3 i got laptop from which i am chatting now21:52
qman__in that case, yes, you need forwarding on both routers, and the only way to access the web server from computers connected to 2 is via 3's IP address21:52
qman__on 2, forward ports 80 and 22 to 3's address21:52
wizzy_ok so 2 has   3 has and router has
qman__and on 3, forward 80 and 22 to server's address21:52
wizzy_thank you21:53
wizzy_but still if i want to access ssh from laptop on LAN i will have to write servers IP21:54
qman__from behind router 3, yes21:55
qman__from router 2, use router 3's IP21:55
wizzy_laptop on wireless i will put 3s router ip21:55
wizzy_ok i got some kind of problem21:59
wizzy_"ubuntu login : one or more of the mounts listed in /etc/fstab cannot yet be mounted (esc for recovery shell ) swap:waiting for /dev/mapper/cryptswap1"22:00
wizzy_ok i clicked enter and it went to login22:01
wizzy__ok kinda weird when i type free is shows my RAM and in swap it shows 0 on total 0 on used and 0 on free22:10
=== stimble_ is now known as stimble
Timreichhartcan anybody tell me how to update user in mysql like from root to user?22:34
ubottuWe do not support having a root password set. See !root and !wfm for more information.23:12
ubottuDo not try to guess the root password, that is impossible. Instead, realise the truth... there is no root password. Then you will see that it is 'sudo' that grants you access and not the root password. Look at https://help.ubuntu.com/community/RootSudo23:50

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!