Virtual server users can’t log into email, FTP; server receives email, but cannot send

To begin, here are my server’s software and versions:

Operating system CentOS Linux 7.8.2003 Perl version 5.016003 Path to Perl /usr/bin/perl BIND version 9.11 Postfix version 2.10.1 Mail injection command /usr/lib/sendmail -t Apache version 2.4.6 PHP versions 7.4.8 Webalizer version 2.23-08 Logrotate version 3.8.6 MySQL version 5.7.31 SpamAssassin version 3.4.0 I can add system level users and FTP works fine (but email logins do not work).

If I add users to any virtual host via VirtualMin for email or FTP access, the system can receive email for that user and I can go look at their mail queue and read the incoming emails.

However, the username.domain login name format appears not to work for either email or FTP, in that login attempts for either using the username.domain login name format fail on bad passwords.

I am using Postfix and Proftpd. Before I had to manually change the inet_interfaces setting in /etc/postfix/main.cf to ‘all’ from its default setting of ‘localhost’, and verified that I had port 25 open for SMTP, I could neither send nor receive email from the system.

Now the mail server can receive email for virtual users, but under no circumstances can the server send anything that isn’t to itself, i.e, within the localhost zone.

And, the username.domain style users cannot log in (but the system level users where the name in the /etc/passwd and /etc/shadow files where the username is expressed as ‘username’ instead of ‘username.domain’ can access FTP just fine.

I have tried other FTP engines. The behavior is the same with respect to FTP logins. This leads me to believe that this is a Webmin/Virtualmin problem, not a system level problem.

I have to get my email running. Anybody have any idea what’s going on?? Other users appear to have this working out of the box. Alas, I am not among them.

Found this in my /var/log/maillog, which may have bearing on the issue:

dovecot: imap-login: Warning: Auth process not responding, delayed sending initial response (greeting): user=<>, rip=104.34.157.176, lip=66.70.179.100, TLS, session= Jul 29 21:22:25 ns548855

Status: 
Closed (fixed)

Comments

This one is urgent. Should I escalate to a paid support ticket?

Category: Bug report » Support request

This one is urgent.

Ilia's picture
Submitted by Ilia on Fri, 07/31/2020 - 05:00

Hi,

However, the username.domain login name format appears not to work for either email or FTP, in that login attempts for either using the username.domain login name format fail on bad passwords.

Does this user exist on your system? Does the user style username@domain exist on the system instead? You can check it in Webmin/System/Users and Groups module.

What error message do you get on ProFTPd when connecting to the server? Are you connecting using ftp:// or sftp:// protocol?

Before I had to manually change the inet_interfaces setting in /etc/postfix/main.cf to ‘all’ from its default setting of ‘localhost’, and verified that I had port 25 open for SMTP, I could neither send nor receive email from the system.

That is disturbing to hear, as Virtualmin post-configuration does exactly that. Have you installed Virtualmin using install.sh script?

What is the output of:

cat /etc/proftpd/conf.d/virtualmin.conf

The issues you are having is not common. I assume something went wrong upon initial installation. You can check/attach /root/virtualmin-install.log file for details.

We have determined that hostname settings issues in /etc/resolv.conf and /etc/system/network files were at the root of our FTP problems.

Once we fixed that, FTP logins for virtual domains just worked directly.

So now it's down to Email. We were missing DMARC and SPF records in our domains, so we fixed that. And we updated our SSL certificates, just to be sure. Now it's down to a Postfix config issue. Virtual domain email addresses are now able to receive email so far.

We're still not able to send mail, and that's likely a DNS issue as well. I have to wait for the domain changes to propagate before I can test the theory.

Ilia's picture
Submitted by Ilia on Sat, 08/01/2020 - 03:27

Bleargh,

Dovecot and its issues should be worked out by:

  1. Checking its status -
systemctl status dovecot
  1. Checking status of saslauthd -
systemctl status saslauthd
  1. Checking logs a the moment when trying to connect to fetch mail -
/var/log/maillog

Going back and starting over on the configuration basically solved the problems. It wasn't Webmin / Virtualmin's fault, really.

I used this tutorial, and followed it step by step, character by character, to the absolute letter, and my mail server now works, and so does FTP.

https://www.trustfm.net/ebooks/DedicatedServer.php