- Dovecot won't authenticate
If for any reason Dovecot IMAP4/POP3 clients won't authenticate with the following error:
Jun 14 08:40:56 imap-login: Info: Disconnected (no auth attempts in 0 secs): \
user=<>, rip=172.16.0.11, lip=172.16.1.50, TLS handshaking: SSL_accept() \
failed: error:14094412:SSL routines:ssl3_read_bytes:sslv3 alert bad certificate: \
SSL alert number 42, session=
Create either a signed or self-signed certificate and restart Dovecot.
- Squirrelmail won't authenticate
If for any reason you cannot login to squirrelmail with authentication errors open the
config file '/etc/squirrelmail/config_local.php' and edit the entry to read,
'$imap_auth_mech = 'login';' matching one 'auth_mechanisms = plain login' parameters
in Dovecot's configuration. On most toasters 'auth_mechanisms' is in 'toaster.conf'.
Make sure that Squirrelmail's webmail login is protected with https. Enter the following
at the top of Squirrelmail's Apache configuration file '/etc/httpd/conf/squirrelmail.conf':
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
This will ensure all traffic including login passwords are encrypted. In fact it is a good idea
to add this in all QMT webmail and administration sites including 'roundcubemail.conf' and
'toaster.conf'
It is also a good idea to lock down QMT administration to certain IP addresses defining
your own 'aclnet' variable
- QMT man pages don't work (ex. # man qmail-smtpd), enable them with the following command."
# echo "MANDATORY_MANPATH /var/qmail/man" >> /etc/man_db.conf
- Upgrading php-5.x to php-7.x (remi) on CentOS 7 causes QMT web failures, fixes below.
In file /usr/share/toaster/htdocs/mrtg/index.php (mrtg) lines 23-25
from:
eregi($vettore[0] . "(.*)" . $vettore[1] , $contents, $buffer);
$buffer = ereg_replace("SRC=\"", "src=\"/stats-toaster/?file=", $buffer[1] ) ;
$buffer = ereg_replace("<HR>", "", $buffer );
to:
preg_match("#" . $vettore[0] . "(.*)" . $vettore[1] . "#s", $contents, $buffer);
$buffer = preg_replace("/SRC=\"/", "src=\"/stats-toaster/?file=", $buffer[1] ) ;
$buffer = preg_replace("/<HR>/", "", $buffer );
In file /usr/share/toaster/include/admin.inc.php (admin-toaster) lines 15 and 16
from:
$contents = ereg_replace("\n", "", $contents ) ;
$contents = ereg_replace("\r", "", $contents ) ;
to:
$contents = preg_replace("\n", "", $contents ) ;
$contents = preg_replace("\r", "", $contents ) ;
- CentOS 5 QMT Install (testing clamav, openssl etc...)
setenforce 0 && sed -i -e 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config && getenforce
mirror=http://www.qmailtoaster.org
for file in CentOS-Base.repo CentOS-Debuginfo.repo CentOS-fasttrack.repo \
CentOS-Media.repo CentOS-Sources.repo CentOS-Vault.repo epel.repo \
epel-testing.repo remi.repo whtc-qmt.repo
do
echo $mirror/$file
wget --no-check-certificate $mirror/$file
mv $file /etc/yum.repos.d
done
yum update
yum install perl perl-Net-CIDR-Lite perl-Sys-Hostname-Long perl-Net-CIDR-Lite perl-IO-Zlib perl-Archive-Tar
yum remove sendmail
yum install \
--enablerepo=whtc-qmt-testing \
--enablerepo=whtc-qmt-current \
--enablerepo=remi \
vpopmail-toaster \
ucspi-tcp-toaster \
libdomainkeys-toaster \
clamav-toaster \
libsrs2-toaster \
simscan-toaster \
daemontools-toaster \
ripmime-toaster \
spamassassin \
qmail-toaster
***(other toaster packages @ http://mirror2.qmailtoaster.org)
chown -R qmaill:qmail /var/qmail/supervise/clamd
chown qmaill:qmail /var/log/qmail/clamd
chmod 750 /var/log/qmail/clamd
qmailctl start
(If mysql vpopmail db is not installed vpopmail auth error will occur in Dovecot log)
wget http://mirror2.qmailtoaster.org/archive/old_web_distros/centos/cnt5064/cnt5064-svcs.sh
chmod 755 cnt5064-svcs.sh
sed -i -e 's/MYSQLPW=YOUR_MYSQL_ROOT_PASSWORD/MYSQLPW=your-new-password/' ./cnt5064-svcs.sh
./cnt5064-svcs.sh
service dovecot start