[00:00] Log onto incoming mail server (POP3): Your e-mail server rejected your login. Verify your user name and password in your account properties. Under Tools, click E-mail accounts. The server responded: -ERR Plaintext authentication disallowed on non-secure (SSL/TLS) connections. [00:00] That's *way* better. Set Outlook to use SSL (under More Settings, the Advanced tab) and retry [00:01] SSL for POP3, that is, not SSL for SMTP, since you almost certainly do not have that set up at this point) [00:01] ok looking for that option now [00:02] Is this Outlook 2000, XP, 2003 or 2007 ? Microsoft keeps moving stuff around ... [00:02] alternatively, use a free email client such as Thunderbird instead :) [00:03] It's probably not 2007, I think it defaults to secure connections [00:04] 2007 it is [00:04] cant find it :S [00:04] :| okay, my bad :P [00:04] It's there somewhere... I don't have 2007 here at home, let me see if I can remote to an office PC with it on ... but really, this is Microsoft support now, not ubuntu server support... [00:05] lol ok [00:05] a might be able to give a rough direction [00:05] Tools -> Emailaccounts -> properties of this particular email account [00:05] garymc: http://support.tigertech.net/outlook-2007-ssl [00:05] and then you should go to something like "More settings" or so [00:06] Someone out there provided us a nice web page with pretty graphics in it :) [00:06] ahh ok [00:06] found it [00:07] OK, so check the box and watch the port change from 110 to 995, save the change, OK, Test Account... [00:08] ok doing it. said about certificate [00:08] Can you ignore the warnings and continue anyway? [00:08] now i got a synatec message pop up LOL an encrytped email connection has been detected [00:08] Send test e-mail message: Establishing an encrypted connection to your outgoing (SMTP) server failed. If this problem continues, contact your server administrator or Internet service provider (ISP). [00:09] OK, but did the receive part work, the POP3 part? [00:09] Did you use the test email function? ... Then you're making it more difficult for yourself, because that one also tests outgoing mail. [00:10] ahh ok [00:11] well i got 3 test email messages and the one we generated in the terminal [00:11] but outlook did say we failed [00:11] you probably failed in sending (test) messages [00:12] ahh ok [00:12] garymc: OK, so we're done for the receiving part. If you set the port for SMTP in that Advanced dialog to be 25 instead of 587 will it then test cleanly? [00:12] jmarsden it must have worked cos I got some messages in my inbox [00:12] jmarsden, I'm planning a new Ubuntu Server installation as an additional server in an otherwise Windows-only-network :P and I've got some questions regarding AD integration. Would you mind a few questions? [00:13] Or is your ISP blocking port 25? [00:13] i wouldnt know [00:13] dvheumen: That's not exactly an area of strength for me, but go ahead and ask. [00:13] garymc: Can you telnet mail.thefinancefacility.com 25 from your Windows PC ? [00:14] i just open run then type that in yes? [00:14] yes im there [00:15] 1. I've seen approaches of connecting to AD using likewise-open and without using it. Is there a favorite? 2. Can/Does a Samba printserver publish the printers to AD? (And I especially mean publish, so that a user can easily find it.) [00:15] dvheumen: Have you read/tried the stuff from https://help.ubuntu.com/9.10/serverguide/C/likewise-open.html [00:15] I have seen that server guide and it's going to be a lot of help to me :) [00:15] 1. I think likewise open makes things way easier. 2. I don't know but I'd hope so. [00:15] okay [00:16] i could telnet it said ubunt postfix etc but i couldnt login like i can in ssh [00:16] garymc: OK, so you're not being blocked. So set that port to 25 in the Outlook Advanced dialog, and retest sending and receiving. [00:17] The port probably says 587 right now, change it to 25. Leave the POP3 port set to 995, that is already fine :) [00:17] which one the incoming or outgoing. incoming is set to 993 and out is set on 25 [00:17] sorry *995 [00:18] Interesting... try the Outlook test button again? [00:19] I think this means you really will want to set up STARTTLS stuff for Postfix... [00:19] no joy [00:20] Send test e-mail message: Establishing an encrypted connection to your outgoing (SMTP) server failed. If this problem continues, contact your server administrator or Internet service provider (ISP). [00:20] Keep in mind that by just changing the port number, the secure connection is probably still active (combobox TLS), maybe you want to change the combobox to unencrypted or something. [00:20] (at least that's how it looks on the fancy graphics website :P) [00:20] it is set to auto. The choices are SSL TLS AUTO NONE [00:20] dvheumen: Ah, could be. [00:20] garymc: Try NONE [00:21] Tried none and got this error : Send test e-mail message: None of the authentication methods supported by this client are supported by your server. [00:21] so im recieving emails great [00:21] just cant send now? [00:22] Right. There's a fix for that... a postfix config fix... it's an outlook oddity if I remember rightly... but I forget what teh fix is... let me try and find out... [00:24] garymc: What does postconf -n | grep broken output ? [00:24] i get a symnatec Email proxy warning too in outlook. A yellow box pops up. Let me do that now [00:24] Oh man... try killing the symantec thing from getting in between Outlook and your mail server, and test again! [00:24] broken_sasl_auth_clients = yes [00:25] or you can just right-click and disable it ;) [00:25] That's as it should be. [00:27] OMG this synatec stuff sucks [00:28] what's wrong? [00:28] it weont turn off [00:28] what did you try? [00:29] " Oh man... try killing the symantec thing ..." -- there was a reason I said that :) Close Outlook, log out of Windows, log back in, try disabling it. That may work better (I think it's hard to disable when it is already acting as an email proxy, but that's from a rather vague memory)... [00:31] so if i log out will this chat room stay open? or am i gonna have to load up again? [00:31] You'll have to restart your IRC client and reconnect here, if your IRC client is on the same WIndows PC you are testing from. [00:32] well [00:32] just returned from ciname [00:32] cinema ;) [00:32] awesome movie, Avatar is ;) [00:32] yeah its good. You see it in 3d? [00:32] yupp [00:33] ok brb [00:33] Dolbi Digital 3D [00:33] Dolby [00:33] Jeniczek|afk: Hint: you are no longer |afk , or else we are all talking to a bot :) [00:33] oh === Jeniczek|afk is now known as Jeniczek [00:37] you know, I can't find any information on ACL (setfacl/getfacl) on the serverguide for karmic. Is this not important? [00:38] dvheumen: Almost nothing uses ACLs on Unix/POSIX filesystems. [00:39] everyone just sticks with normal Unix permissions. [00:39] ah okay, so that me thinking too much in Windows-mode :P good to know [00:40] Hi [00:40] well that didnt work [00:40] welcome back... you still can't disable symantec from interfering with your email connections? [00:40] i dont think it has any bearing on the emails though. its just like a warning message to say it an encrypted email [00:41] It may not be the problem, but it may be... hard to know until you disable it, really. [00:41] Maybe I missed this, but is postfix configured to or not to use encryption for SMTP communication? [00:42] I suspect by default it is not. We could try adding STARTTLS support to it, but it would be nice to know the issue isn't Symantec tryinmg to hard to protect garymc from himself... [00:42] *trying too hard .... [00:42] yeah im trying to suss out this symnatec crap [00:42] garymc, what version of symantec is running? [00:42] You really should be able to disable it temporarily. [00:43] is it Symantec Corporate, or Symantec Endpoint Protection? [00:43] 'cause I know for sure you can right click a Symantec Endpoint Protection client and choose 'disable ...' [00:44] or you could just start the client and configure it differently (if the configuration options aren't locked) [00:44] its built into norton isnt it? [00:44] Ive disabled all of norton and cant find the symnatec stuff [00:44] garymc, Norton is the consumer version, Symantec is the corporate version [00:45] Hmm, looks like postfix actually does get configuredto accept STARTTLS by default when you use the dovecot-postfix package... nice :) [00:45] so thats good? [00:45] jmarsden, okay, so 'TLS' should be selected in the combobox of the account security settings [00:46] Yes, except it means the message from Outlook makes less sense... I'll try sending gary a test msg from a server I run that I know does TLS by default and see what happens... [00:47] i just sent myself a message from my yahoo account. it went to my junk mail folder [00:48] 0there's no man on my ubunutu server install?!? [00:48] mrp: what happens when you type man man [00:49] garymc: Your mail server has working STARTTLS, so the issue is with SMTP authentication somewhere... [00:50] ok [00:50] is that on my server [00:50] Yes... testing... [00:50] got your email [00:52] so what can i do to test it? [00:52] Yes... and if I connect to your server using openssl s_client and play around, it shows me 250-AUTH PLAIN LOGIN and 250-AUTH=PLAIN LOGIN so that part looks OK to me... [00:53] try thunderbird maybe? [00:53] garymc: Well, you can use openssl s_client -connect thefinancefacilityc,om:25 --starttls smtp # but then you have to know what to do to authenticate using SMTP by hand ... so yes, dvheumen's idea is probably reasonable. [00:54] prob is all the people who work with me use outlook. I dont think they will want to chage to thunderbird [00:54] garymc, it's just for testing [00:55] if it works, then you can probably conclude that Symantec isn't interfering [00:55] and you can continue searching for Outlook settings [00:55] oh ok [00:55] thunderbird [00:56] is it a firefox add on? [00:56] no, a separate app, you can find it at mozilla.com [00:56] jmarsden, that command 'openssl s_client' is nice, didn't know that one, might come in handy some day :P [00:56] garymc: I need to do some other work related computing, but will stay online here and catch up from time to time... [00:57] ok im in the uk where are you? [00:57] dvheumen: It's a handy test tool, yes. [00:57] its 1 am here [00:57] garymc: California. I'm from the UK, though. [00:57] What part of the UK [00:57] Born in Bristol, but family is in Yorkshire. [00:58] cool [00:58] just installing thunderbird [01:01] okay, I'm gonna tell you in advanced. I don't have any experience with thunderbird and secure SMTP connections. But the idea is to set up the connection just as we would (and tried) in Outlook. And test it. If you can't get it to work at all, then Symantec might be interfering [01:01] If you can get it to work, then it must be something in Outlook. [01:01] Hey thunderbird found the settings itself [01:01] This way you can narrow down the search [01:01] incoming mail server : imap.thefinancefacility.com [01:02] outgoing : smtp.thefinancefacility.com [01:03] hmmm [01:05] what? [01:05] outgoing was amber not green [01:06] did it say anything about the meaning of the color? [01:06] or some warning or error message or something? [01:07] ok sending an email in thunderbird heres my error message: Sending of message failed. [01:07] An error occurred sending mail: Unable to authenticate to SMTP server mail.thefinancefacility.com. The server does not support authentication (SMTP-AUTH) but you have chosen to use authentication. Untick 'Use name and password' for that server or contact your service provider. [01:08] oh, yeah right, that's probably also the problem in Outlook. [01:08] Try disabling authentication in thunderbird [01:08] (better to continue testing in thunderbird at first) [01:09] so it seems that TLS is accepted, you just doesn't need to authenticate ... (or maybe I'm too hasty in my conclusion) [01:09] *don't [01:09] now trying to find that in thunder bird :P [01:10] try to find the account settings. I'm not familiar with Thunderbird 3 yet, but I've seen a separate section for "Outgoing Mail" in Thunderbird 2, so you might be looking for that in T3 too [01:10] it says secure authentication none in thunderbird [01:11] none? okay ... just keep it like that for now [01:11] ow w8 [01:11] sorry, misunderstood uhhh.... [01:11] New bug: #514963 in samba (main) "package samba-common-bin 2:3.4.0-3ubuntu5.4 failed to install/upgrade: subprocess installed post-installation script returned error exit status 2" [Undecided,New] https://launchpad.net/bugs/514963 [01:12] so are there a username and password entered for SMTP? [01:12] because you probably don't want those to be used [01:14] yes i disabled them [01:14] still not working [01:14] is the error the same? [01:14] boo hoo :( [01:15] i really need to get something working by monday or im screwed [01:16] then what is the error message? [01:16] garymc: Then you shouldn't be attempting this, given your level of experience with installing and testing email servers! [01:16] lol i know [01:17] Gicven " The server does not support authentication (SMTP-AUTH)", something is weird, because my openssl s_client test shows that it *is* accepting AUTH over STARTTLS connections. [01:17] but if i can just get sending and recieving wokring then ill get the rest of it up eventually [01:17] yeah its prob just something stupid thats stopping it [01:17] If a mail server sends and receives, what else do you want it to do? Make coffee? [01:18] if it could ;P [01:18] No i mean AntiVirus and spamassassin etc [01:18] and webmail [01:19] I think you should try again with a clear head, not at 1 in the night :P [01:19] garymc: Sleep for six hours, then come back here. I [01:20] will probably still be here :) [01:20] so no other tests i can make? [01:20] before bed [01:20] And I may be somewhat freer to focus on helping you than I am now... there are things I could test, but that I can't teach you to do quickly. [01:21] So ... you can test brushing your teeth before bed, if you like :) :) [01:22] lol ok [01:22] thanks for all your help [01:22] hopefully speak 2moro [01:22] night night [01:22] You're welcome. Sleep well. [01:22] garymc, good luck tomorrow [01:22] one last error message in thunderbird [01:22] Sending of message failed. [01:22] The message could not be sent because the connection to SMTP server mail.thefinancefacility.com timed out. Try again or contact your network administrator. [01:23] dream about it tonight :P [01:23] and you'll have the answer in the morning ;) [01:24] i doubt it [01:24] but oh well catch you laters [01:27] jmarsden, well I hope I can get the same patient support when I stumble upon a problem with Ubuntu Server, 'cause this was pretty impressive ;) [01:27] (next week or so ...) [01:28] Thanks :) I'm often here, and help when I can... [01:28] okay, that's good to know [01:36] Hi again, having trouble sleeping [01:36] :P [01:36] just sent a test message from gary@thefinancefacility.com to gary@thefinancefacility.com and it sent it [01:37] but tried to send one to my yahoo account and get this message [01:37] An error occurred while sending mail. The mail server responded: 5.7.1 : Relay access denied. Please check the message recipient gmckla@yahoo.co.uk and try again. [01:37] is that any better of help? [01:39] garymc, that's another kind of problem [01:39] it is? [01:39] i havnt changed no settings? [01:39] this has to do with relay settings on the mailserver, should be completely separate from the authentication problem [01:39] ow w8, you send from thunderbird? [01:40] yes [01:40] hmmm, interesting [01:40] so how do you fix relay settings? [01:40] i don't have a clue on that one, I'm not at all familiar with postfix [01:42] garymc: Fixing the auth will fix that, the server will relay for you if you authebticate to it to prove you are really a user of it. Now go to sleep :) [01:42] ARRRR..... missus is in bed and neice is in my speck so dont look like im gonna get any sleep [01:42] :S [01:44] postconf -n |grep smtpd_recipient_restrictions # to see why this works, it will have a permit_sasl_authenticated in there... [01:44] I need to work on other things right now... [01:45] ok jmarsden no worries [01:45] http://pastebin.ca/1772645 [01:45] lol [01:50] garymc, so this essentially says, if the client is an authenticated user, then relaying is allowed, otherwise only mail to locally managed domains is allowed [01:50] so you're back at the authentication problem (sorry :P) [01:51] i take it you dont know how to sort that? [01:51] causing it? [01:51] causing it? is it postfix or dovecot [01:51] garymc, well, actually I'm now at a point where I have some ideas, but it's difficult to help you via text [01:51] its a sending problem, your communicating with postfix [01:52] so I suspect postfix [01:52] (or thunderbird of course) [01:52] ill pastbin my postfix /main.cf [01:53] will that help? [01:53] the authentication problem occurs in this communication I think: client (currently thunderbird) --- (Symantec, transparently proxying, maybe interfering, maybe not) ---> Postfix [01:53] it won't help, because I have never worked with postfix [01:53] :P [01:54] ok [01:54] im going to bed [01:54] bye bye thanks for the help === 50UAAANDT is now known as lamont [03:18] not sure if this is the appropriate room, however i'm running Ubuntu 8.04 LTS & OpenVPN is running fine. Have the server and a Windows XP client and Ubuntu 9.10 (NBR) connected just fine. Both clients see all Samba shares etc... Issue is they can't ping eachother, anyone know if there's a way to get them to see eachother? [03:26] n/m, i got it folks. /etc/openvpn/server.conf , uncomment: client-to-client , incase anyone needs it. === Guest20795 is now known as bogeyd6 [04:14] altf2o: this was the right channel - just many people gone for the weekend [04:25] MTecknology: good to know. I've always wanted remote access to my local Samba shares\printers, good to know OpenVPN made it very simple [04:28] altf2o: glad it's working for you === freeflying is now known as ZhengpengHou === ZhengpengHou is now known as freeflying [04:59] I need help, i got stuck at this place I am getting this same page again and again - http://i47.tinypic.com/2zqdkx2.jpg [06:05] Anybody have any idea what happened here? http://paste.ubuntu.com/366029/ [07:21] sounds like all your memory was locked or something, dunno [07:21] why are you running pae kernel? you have >4gigs ram in a non-64bit system? [08:32] patdk-lap: that's just the -server kernel [08:33] patdk-lap: I'm going to go to sleep; hilight me with anything you wanna say or msg; thanks much [08:33] * MTecknology passes out from physical and mental exhaustion === Guest98536 is now known as jussi01 [11:10] jmarsden: got the second server upgraded. that had even more problems! ended up migrating it from Xen to KVM to alleviate them [11:40] New bug: #389763 in kvm (main) "ERROR: Missing kernel headers Kosmic" [Undecided,New] https://launchpad.net/bugs/389763 [11:41] hello, can someone help me to install Kloxo Lxadmin to in Hyper VM (VPS) ? [11:59] Neither of those things sounds like Ubuntu [12:11] New bug: #515099 in samba (main) "package samba-common 2:3.4.0-3ubuntu5.4 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/515099 [12:15] [from #bind] i have this http://pastebin.com/m4f4fc7db setup on my local server, just practicing, and its not working, as you can see i can't open any urls and even the ping response comes from multiple subdomains [12:27] Hi, anyone know how i sort my relay for my email server in postfix and dovecot? I can send emails to the same domain but not any outside it [12:28] Hey jmarsden you still up? [12:32] everyone must be a sleep [12:43] garymc: relayhost in /etc/postfix/main.cf ? [12:43] yeah [12:44] kervel : relayhost = [12:44] there is nothing there [12:45] garymc: where is the machine ? is it a server or is it at home [12:45] its a server at my office [12:45] ah [12:45] and if you try to send an email, is there anything in /var/log/mail.log ? [12:46] it is possible the ISP you are using blocks port 25 outgoing (mine does) [12:46] in that case you need to configure relayhost to relay all mail to the smtp server of your ISP [12:47] hold on [12:47] im checking the logs [12:47] eg "relayhost = smtp.btcentralplus.com" [12:47] or something like that. no idea if thats the right server [12:47] but why would i do that. I thought my server would have sent the mail? [12:48] well the mailserver sends mail by contacting the mailserver of the recipient [12:48] eg if you send to somebody@gmail.com, the mailserver will try to contact the mailserver of gmail.com to deliver the email [12:49] that will not work if your isp blocks this kind of traffic (which is common) [12:49] so instead of doing your mailserver -> gmail.com mailserver [12:49] you do your mailserver -> isp mailserver -> gmail.com mailserver [12:49] which is less likely to be blocked [12:50] probably your mail.log will give you more information [12:51] heres my mail log http://pastebin.ca/1773016 [12:53] ah this is another proble [12:53] m [12:53] what? [12:53] your mailserver refuses to relay mail for 86-158-86-203 [12:53] i guess the program you use to send mail with and your mailserver are on a different machine [12:54] yeah thats my home ip, but its a dynamic ip [12:54] program = thunderbird / ... [12:54] on windows xp [12:54] ok, now probably its a good thing [12:54] home ip -- office ip are not in the same network [12:54] nope [12:54] im 10 miles from my office on my home internet [12:55] if your mailserver would accept mail from every possible IP and relay it, it would be used as a spam gateway in no time [12:55] yes i understand. but how do the likes of an email provider do it? [12:55] so mailservers are configured to relay mail for their own network only [12:55] well [12:55] an ISP will always relay mail for all its customers [12:56] for the ISP, all their customers are in "their network" [12:56] so thats easy [12:56] to check if somebody is a customer or not (by ip address) [12:56] your mailserver has no way to know if it is you who sends mail or a spammer [12:56] ok i have email for my other sites held at fasthosts.com but my ISP is BT [12:56] so im a little confused [12:57] i thought maybe username password match and it would le tme send? [12:57] well let me tell you what is "relaying" mail [12:57] tell me which mail domain is configured on your server [12:57] or give me an example if you dont want to disclose [12:57] thefinancefacility.com [12:57] ok [12:57] well [12:57] mail.thefinancefacility.com [12:57] ?? [12:58] if i use your mailserver to send to thefinancefacility.com then it will always accept the mail [12:58] because then your mailserver acts as endpoint not as relay [12:58] yes cos its internal [12:58] i can recieve outside emails fine, just cant send [12:59] :S [12:59] receive and send are completely different [12:59] receive is dovecot, username and password [12:59] ok [12:59] your postfix is using for sending mails and doesnt use password [12:59] so it uses ip authentication [12:59] eg in your main.cf you will find this line: [13:00] mynetworks = blablabla [13:00] yes [13:00] a mailserver will RELAY a mail if the ip address where the mail comes from is in the mynetworks [13:00] otherwise it wont [13:00] mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 81.138.225.161 [13:00] so you could add the whole bt network to mynetworks and then it will work, but thats a great spam risk [13:00] but im on a dynamic ip at home so my ip always changes [13:01] and you also risk being blocked by your isp because of open relay [13:01] yes [13:01] now there are some solutions for this, but not easy [13:01] ok [13:01] first of all , why don4t u use the smtp server of your home isp to send email [13:01] that one will always work [13:01] eg relay [13:03] eg in your thunderbird, specify your dovecot as INCOMING server just like now but specify outgoing server the one of your isp [13:03] thats the easy solution [13:04] the difficult solutions are: [13:04] ok but no good [13:04] why not ? [13:04] im gonna need the difficult one [13:04] ah [13:04] Cos i have a couple employees who need to access their email from home and possibly send them, they are all differnt ISPS [13:04] they all use outlook [13:04] kervel: we already tried to talk garymc out of accidentally running an open relay [13:05] http://wiki.dovecot.org/HowTo/PopBSMTPAndDovecot [13:05] twb im not going to accidently run an open relay [13:05] see the section POP3 (imap) before SMTP [13:05] thats one solution [13:05] the other solution is SMTP authentication, where your postfix also uses username and password [13:06] the second sounds better [13:06] http://www.linuxmail.info/postfix-smtp-auth-dovecot-sasl/ [13:07] garymc: as already told you its a nonstandard setup and it will require some digging and googline [13:07] googling [13:07] kervel: you mean exposing smtp/ssl to the internet on the submission port, and requiring autentication for relaying? [13:07] twb: yes [13:08] Yeah, that's the least worst approach if you have end users outside your network, who are too dumb to use ssh + mutt :-) [13:08] reason why this is difficult : you want it to use the same auth as your imap/pop server so you will need to have a matching configuration on incoming and outgoing [13:08] eg for cyrus its different than for dovecot [13:08] kervel: can't you just use pam? [13:09] twb: maybe. the auth plugin framework for these things is called SASL iirc [13:09] kervel: that's for the client to talk to the daemon, surely? [13:09] http://www.postfix.org/SASL_README.html [13:10] yes ... [13:10] The daemon talking to an SSO user database (ldap, flat files, whatever) is pam [13:10] twb: check the link i just sent ... sasl is apparently more than just a protocol [13:11] twb: postfix can be configured using cyrus sasl and also dovecot protocol whatever that may be [13:11] twb: pam and sasl use different password encryption afaik [13:11] twb so that means if you use pam+sasl you can only do cleartext passwords [13:11] pam doesn't use encryption at all. [13:12] pam is just an API that defines how applications can ask questions like "is this user who they say they are?" [13:13] yeah i need to implement this. [13:13] twb: you are probably right, but in the end passwords are encrypted in /etc/shadow and this has some effects [13:13] anyway, not related to pam probably indeed [13:13] See if im at the office I can use this email to send and recieve great. I see the problem when leaving the office network [13:13] but still there [13:13] garymc: i would suggest checking the urls i just pasted here [13:14] so i prob need this postfix SASL implemeted [13:14] garymc: looks like it [13:15] or is it SASL auth [13:15] cos i thought i had SASL auth implemented but obviously not [13:16] garymc: you need to have it implemented AND you need to have your clients configured so that they use username/password for smtp [13:16] which is not the default [13:16] ok [13:16] Dovecot SASL configuration for the Postfix SMTP server in http://www.postfix.org/SASL_README.html [13:16] i understand that its just doing it im having probs with [13:18] ill read through thatkervel, i have actully done what it says here but it doesnt work [13:18] kervel : i have actully done what it says here but it doesnt work [13:19] garymc: there is a big part about troubleshooting too in the howto .. i suggest looking at it [13:19] ok [13:19] thanks [13:21] btw one more thing garymc i stopped doing this running my own mailserver long ago [13:21] its too much pain .. every single mistake you make can result in a disaster [13:22] eg lost mail [13:22] yeah i understand [13:22] now i use a professional mail host who can do it much better than me .. [13:22] im prob gonna just go back to my provider but they are soo bad [13:22] emails down all the time etc etc [13:22] yeah ... then find another one [13:23] take into account that running your own mailserver means backups and restores, user support, calling to administrators of other companies to ask why they block your mailserver , ... [13:23] its a hard job [13:24] people will call you to ask why they cant send 40meg attachments [13:24] and things like that [13:29] :S [13:36] nigthmare [14:27] i have setup bind to be authoritative for only domain.com, i still see /var/log/syslog saying named[14880]: client 192.168.50.6#33870: query (cache) 'twitter.com/A/IN' denied, why? [14:45] how can i configure bind to only answer for domain.com instead of listening every request and denying it then? [14:47] error404notfound, its called forwarders [14:47] it will answer only the domains it carries and forwards all other requests [14:48] bogeyd6, but i don't want it to forward requests, won't it consume bandwidth? [14:48] so you want to deny everything but the domains it has zones for? [14:49] and the bandwidth it consumes is completely minimal [14:51] https://help.ubuntu.com/8.04/serverguide/C/dns.html [14:55] bogeyd6, hmmm, well if its minimal, i can live with that :P [14:56] please help me in installing forum [14:57] I uploaded all the files through FTP but unable to open the install.php file [14:59] check permissions [15:03] kijo, if you uploaded as your username you need to sudo chown www-data /directory/to/files [15:03] or you can chgrp it [15:03] then sudo chmod g+r /directory to files [15:05] bogeyd6, i have http://pastebin.com/m4f4fc7db except that now i have uncommented forwarders and restarted bind. [15:05] but i still can't resolve any urls, get same deny error [15:26] http://pastebin.com/m76bae9b9 contains my bind configuration, my syslog on server, dig response on client and resolv.conf on client, u am unable to browse any site... [15:36] error404notfound, what happens if you do a request on the client for example.com? [15:37] cyphermox, i can't connect, no response. [15:38] no response, or refused? [15:41] cyphermox, i think refused, can't check right now... [15:41] ah [15:47] cyphermox, lemme check now :) [15:48] error404notfound, if what you're trying to achieve is an internal, caching nameserver only, I'd check two things: making sure the root server hints are in place (zone .), and I'd remove "recursion no;" and replace it with "allow-recursion{192.168.50.0/24;}; allow-query {192.168.50.0/24;};" [15:48] cyphermox, yup, doing that :) [15:49] i instead created an acl and using that [15:49] yup [15:52] followed http://support.menandmice.com/jforum/posts/list/25.page and created an acl named trusted, using that in allow-query allow-query-cache allow-recursion etc [15:52] cyphermox, that fixed it :) [15:52] thanks man :) [15:53] cool [15:54] that was my first experience combining openvpn and bind to serve private services only to vpn machines [16:08] can anyone actually help me get my email server accepting me when im away from the network? [16:09] im reading everything and just dont understand what i need to impement and how [16:11] garymc, do you have smtp auth on the email server? [16:12] i thought i did, but now im not so sure [16:12] how can i tell? [16:12] all emails work fine when im in the office network. I can send out recieve etc [16:13] but when i come home and try to send an email from gary@mydomain.com to jack@yahoo.co.uk it wont work [16:13] smtp auth means you'll have to authenticate to send mails [16:13] could you help me with this? [16:13] I know ive set the postfix/main.cf [16:14] smtpd_sasl_auth_enable = yes [16:18] http://linuxgazette.net/142/pfeiffer.html [16:18] ok sasl auth is installed and running [16:24] you just need inbound mail relay in your case [16:27] lenios : so how do i go about doing this? [16:29] just follow the instructions on the page i linked [16:47] lenios followed that link you provided and still no joy. [16:48] When i telnet mydomain.com 25 [16:48] then run command "ehlo mydomain.com" the 250-AUTH DIGEST-MD5 CRAM-MD5 doesnt show up ? :S [16:50] garymc, do you want me to check? [16:55] bogeyd6, can you help with http://ubuntuforums.org/showthread.php?t=1395050 ? [17:02] dvheumen yes if you could please :) [17:03] garymc, what was the domain name again. I should be able to get the same info when I connect [17:04] thefinancefacility.com [17:04] okay, i'll have a look [17:04] the TTLS is there but no AUTH [17:07] I have a home server that isnt used much so I would like to spin down data drives when not in use for 3 hours. I am looked at hdparm but I am not sure if using hdparm -S permanantly sets the standby time for the drive (even after reboot) or if this is the best way [17:09] okay, so I did also not see AUTH, but that might be because 'telnet ... 25' creates a plaintext connection, not a secure one [17:09] so I'm now trying to figure out how to set up a secure connection :P [17:10] ok but the guides say otherwise [17:10] hmmm okay, that's good to know [17:10] in that case it would seem that it is not accepted as a valid option [17:11] hmmm... when I enter 'AUTH' as a command (was just a guess) it gives me '503 5.5.1 Error: authentication not enabled' [17:12] this gives me the impression that a postfix config options is incorrect ... remember, I haven't done anything with postfix yet, so I'm guessing here [17:12] yes [17:13] thats what im saying i just cant work it out [17:16] okay, I've scanned through the linuxgazette article that was posted here earlier. That seemed to be a good guide, and if you've followed/checked your configuration according to the linuxgazette article, I'm afraid I am out of ideas [17:18] ok thanks for trying [17:18] :S [17:22] is spindown the same as standby for a hard drive? [17:41] Anyone else help me get my mail server working? [17:58] garymc: maybe AUTH is available only after STARTTLS ? [17:59] man 5 postconf, and search for smtpd_tls_auth_only [17:59] how is that set up in main.cf ? [18:03] hold on [18:05] smtpd_tls_auth_only = yes [18:05] thats 3rd line from bottom of file [18:06] if I understand correctly, that means it you need to TLS first, then AUTH [18:06] ? [18:07] so it won't work over unencrypted connection [18:07] [01/31-195919] man 5 postconf, and search for smtpd_tls_auth_only [18:09] i dont understan man 5 postconf [18:09] that's what I suspected :P [18:10] :S [18:10] garymc: you mean you don't know how to use 'man' or you don't understand what it says for that option? [18:10] cemc, is there any way to start an interactive terminal after TLS is established. I've seen a command 'openssl s_client -connect host:port -starttls smtp' but this exits after tls info is displayed [18:11] cert and such [18:11] ive never used man [18:11] garymc: uh, wrong answer :) [18:11] hehe [18:12] how can you not know about man ? try it and see. just type 'man 5 postconf' in a terminal [18:12] that should bring up the manpage for all the postfix config options [18:12] it's kinda like F1 :-) [18:15] garymc: it's more basic than 'googleing it', you really should know about it when trying to set anything up on a linux server [18:15] dvheumen: hm good question [18:15] tnx :P [18:15] learned the other command yesterday ... I'm in shape :) [18:16] hm, it doesn't exit for me, that openssl command [18:16] hmmm... then it maybe is something else, I'll give it another try [18:17] 'read:errno=0' is what I get, the other stuff is just information [18:18] dvheumen: what server, let me see [18:18] I'm trying the server garymc is trying to configure, in order to see whether AUTH options are available [18:19] mail.thefinancefacility.com [18:19] thats it [18:19] yeah, same for me too, errno=0, weird [18:20] garymc: anything in the logs? [18:20] nothing that i understand [18:20] just denied stuff [18:23] garymc: try this: tail -f /var/log/mail.log, then in another terminal: openssl s_client -connect thefinancefacility.com:25 -starttls smtp [18:23] and see what appears in the logs after you do that [18:25] so open the mail.log now and see what it says? [18:27] hi. I'd like to ask you if is possible to run as root in this PHP Shell Commander http://sourceforge.net/projects/shcmd/ [18:27] garymc: open a terminal, type sudo tail -f /var/log/mail.log [18:27] garymc: then open another terminal and type: openssl s_client -connect thefinancefacility.com:25 -starttls smtp [18:28] done that [18:28] when you press enter, see what appears on the other terminal. anything? [18:28] yes heres a pastebin [18:28] http://pastebin.ca/1773307 [18:29] just what I thought, something's not set up right, and after you connect it craps out, and ends the connection [18:30] see that fatal error? :) [18:30] yes [18:31] dont know what is set wrong though? [18:32] what do you have for smtpd_sasl_type= ? [18:34] in postfix/main.cf? [18:34] yes [18:35] smtpd_sasl_type= dovecot [18:35] https://help.ubuntu.com/community/PostfixDovecotSASL - maybe you should read this [18:37] pretty sure ive done all that [18:37] ill look through it again now [18:39] garymc: don't just look, try to understand it. don't just copy-paste options from the page to your config files... try to see which option does what. and 'man' is your friend ;) and read the comments in the config files [18:40] ok [18:55] is it a big deal if your powersupply doesn't fit in the mobo's powerslot? [18:56] mines fits, but 4 slots still need to be connected but this old powersupply has different fittings [18:56] seems like an old atx powersupply [19:01] what I'm really asking is can a 20pin atx connector work in 24 pin slot [19:03] I think there are converters available [19:06] ahh k thaks [19:06] *thanks [19:09] cemc how can i find out the correct path for my postfix que directory? [19:09] at the minute it is this : smtpd_sasl_path = private/auth-client [19:09] thats what it is set to in my /postfix main.cf [19:12] cemc I followed that guide to the tee and still no change :( [19:13] jmarsden : are you about? [19:13] garymc: the default postfix queue dir is /var/spool/postfix [19:13] yeah i just found the path but still not working [19:15] ahh its such a bummer [19:16] garymc: is dovecot running ok? [19:16] it says it is [19:17] garymc: could you pastebin dovecot.conf and main.cf ? [19:20] yep [19:21] http://pastebin.ca/1773372 dovecot.conf [19:22] http://pastebin.ca/1773377 main.cf [19:22] garymc, :)))) [19:22] again with the authentication [19:23] you do realize if you follow the online guide it WILL work [19:23] yes [19:23] garymc: do you have a dovecot-postfix.conf ? [19:23] well it all seems to be a shambkes now [19:23] yes [19:23] garymc: did you see what it says in dovecot.conf at the top ? [19:24] prob the best thing you can do gary is purge all the package and start fresh with the online guide [19:24] cemc whoops ;) [19:24] !dovecot [19:24] IMAP and POP are protocols for fetching email. The officially-supported server in Ubuntu is Dovecot (packages "dovecot-imapd" for IMAP, and "dovecot-pop3d" for POP) - See also !MailServer for information on the SMTP protocol [19:24] !mailserver | garymc [19:24] garymc: Ubuntu supports the Simple Mail Transfer Protocol (SMTP) and provides mail server software of many kinds. You can install a basic email handling configuration with the "Mail server" task during installation, or with the "tasksel" command. See also https://help.ubuntu.com/community/MailServer and https://help.ubuntu.com/9.04/serverguide/C/email-services.html [19:25] fo shizzle garymc [19:25] ?? [19:25] fo shizzle? [19:25] ;-) [19:31] cemc : dovecot-postfix.conf is set correctly according to the documentation [19:47] which is the correct file in /etc/apt.conf.d/ to place apt proxy directives? [19:52] ah, just created a new one, works fine [20:46] hi. I want to run a few guests on a VM , mostly ubuntu desktop [20:47] so i setup the server 9.-10 and experimented with QEMU a bit [20:48] but i am confused if it would be easier to have X (and SDL) and a management interface on the box [20:50] just found JeOS. Is it a special server edition , right? [20:50] and the docs say it's for guest (too?) [20:52] i got stuck at a step in installation of forum software , could someone please help me out [20:56] uffiole, if I remember correctly, JeOS is a slimmed down kernel for guest installations, because they all have the same simple virtualized hardware [20:56] kiko__, I don't think I can help, but what software is it? [20:57] its SMF and i am at 80% done but getting a problem :-( [20:57] is it a PHP problem? [20:57] PHP error message or something [20:57] no not php [20:58] okay, let's give it a try [20:58] what is the problem? [21:02] okay, that one works, plz continue here [21:03] ok [21:04] after entering all the details in that step i am getting this page all the time - http://i47.tinypic.com/2yovkad.jpg [21:05] so that happens when you click continue? [21:05] does the URL in the address bar change? [21:07] well, it's clear that the URL in the last screenshot is not correct [21:07] so you might want to find out why the URL changes and why this new URL doesn't work [21:08] is it URL ? [21:08] what do you mean? [21:09] is it coz the url contains ' _ ' ? [21:10] I don't know, because I don't know what the correct URL is. But you might want to compare the URLs of the two steps (the working one and the failing one) and see if there's a difference [21:11] URL are same [21:14] exactly? or is the 'step' at the end different? [21:20] hello people [21:20] i am installing ubuntu server on my new system [21:20] i got 2 hard drivves [21:20] 80gb and 40 gb [21:20] can i install it on raid? [21:23] so noones here [21:24] i will be using it for 2 x phpbb web sites [21:24] yes the url are exactly same [21:25] can i install os and everything on 40gb and www and mysql data on 80? [21:25] wizzy_: then it is 2 disks - not raid [21:25] well i am thinking [21:26] raid is for backing [21:26] but i might have some traffic so probably ill use 2 disks [21:26] so /var should be on 80 gb [21:26] and os on 40 gbs right? [21:27] i will be only user of linux [21:27] it will be 1 www and 2 forums sites (phpbb [21:31] dvheumen, ok thx. i continue another day.... bye [21:35] so now i got 2gb SWAP , 500mb /boot 15gb / . 23gb /home [21:35] am i good? [21:36] and /var and /tmp are on 80gb with 20gb free space [21:36] New bug: #514989 in php5 (main) "PHP process output (?) that breaks bash completion" [Undecided,New] https://launchpad.net/bugs/514989 [21:36] could anybody tell me how I would update the mysql from root to user? [21:39] www files are in /etc/apache right? [21:39] wizzy_, no, apache configuration is in /etc/apache2, website files are in /var/www [21:40] ok so its good that i will put /var on 80gb disk [21:40] Anyone here use Exim with /etc/aliases (*: /var/www/scripts/maildaemon.php) [21:40] ../var has 55gb / enough for 1 web site and 2 myslq databases? [21:41] far more than enough [21:41] ok thank you [21:41] 1GB would probably be enough [21:41] I know there is a simple code but I forgot what to use [21:41] New bug: #515269 in samba (main) "Samba server starts before cups does" [Undecided,New] https://launchpad.net/bugs/515269 [21:41] on 40gb i got /boot,/,swap and /home [21:41] on 80 gb i got /tmp and /var [21:41] am i missing something? [21:42] or should i just continue [21:42] ? [21:42] /usr will have a significant amount of data in it, so make sure / is big enough [21:42] can anybody tell me how to update user in mysql like from root to user? [21:42] at least 4GB [21:42] ../ is 15gb [21:43] that's plenty [21:43] ok so i will continue [21:43] then i will have one more question [21:43] i got 2 routers [21:44] wireless which is connected to modem and i got another one which is connected with wireless [21:44] so i gotta open port 80 and 22 in both of them for server ip [21:44] what if i will want to connect with ssh from my other pc on lan [21:44] probably not, but you need to be more specific [21:44] ok ok [21:45] is the second router connected to the first via wireless? [21:45] ill do sceme and ill post you link [21:45] ok [21:45] give me a min [21:48] gman --- http://lh4.ggpht.com/_cXxRH_xn2yM/S2X6lEdyZsI/AAAAAAAAArA/VHj4PcHh75c/s640/sceme.JPG [21:48] 1 is modem [21:48] 2 is wireless/wired router [21:48] 3 is router in my room [21:48] 4 is ubuntu server box [21:49] ok, is 3 connected to 2 via wireless, and is it in wireless bridging mode, or is it routing [21:49] no via ethernet cable [21:49] ok [21:49] on 3, is it connected to 2 on the WAN port, or the switch [21:50] as in, 3's WAN, or 3's switch [21:50] 3 is connected normally into 4 ports [21:51] like you would connect pc to is [21:51] that's not what I meant [21:51] 3 is plugged into 2's switch [21:51] but on 3, is that cord in the WAN port or the switch [21:51] WAN [21:51] ok [21:52] it works cause on 3 i got laptop from which i am chatting now [21:52] in that case, yes, you need forwarding on both routers, and the only way to access the web server from computers connected to 2 is via 3's IP address [21:52] on 2, forward ports 80 and 22 to 3's address [21:52] ok so 2 has 192.168.1.1 3 has 192.168.0.1 and router has 192.168.1.100 [21:52] and on 3, forward 80 and 22 to server's address [21:53] ok [21:53] thank you [21:54] but still if i want to access ssh from laptop on LAN i will have to write servers IP [21:55] from behind router 3, yes [21:55] from router 2, use router 3's IP [21:55] ok [21:55] laptop on wireless i will put 3s router ip [21:59] ok i got some kind of problem [22:00] "ubuntu login : one or more of the mounts listed in /etc/fstab cannot yet be mounted (esc for recovery shell ) swap:waiting for /dev/mapper/cryptswap1" [22:01] ok i clicked enter and it went to login [22:01] lol [22:10] ok kinda weird when i type free is shows my RAM and in swap it shows 0 on total 0 on used and 0 on free [22:11] ?? === stimble_ is now known as stimble [22:34] can anybody tell me how to update user in mysql like from root to user? [23:12] !noroot [23:12] We do not support having a root password set. See !root and !wfm for more information. [23:50] !root [23:50] Do not try to guess the root password, that is impossible. Instead, realise the truth... there is no root password. Then you will see that it is 'sudo' that grants you access and not the root password. Look at https://help.ubuntu.com/community/RootSudo