Can't access email or ftp account

FarOutLiving · August 18, 2011, 4:03am

Hello,
I just installed virtualmin using the install.sh script on Ubuntu 10.04. I created a virtual domain, and then an email+ftp user for the domain. The only possible relevant deviants from default was disabling the spam/virus options.

I then tried to configure Thunderbird on a Mac to access the email account. The account can not be created, because Thunderbird can not connect to the mail server. The /var/log/mail.log file simply shows postfix/smtpd “connect to/disconnect from” pairs. Possibly related or simply troubling, syslog shows a reoccuring postfix error:

postfix/local[28970]: BB5342788123E: to=www-data@domain.com, orig_to=, relay=local, delay=7.9, delays=7.1/0.1/0/0.7, dsn=5.2.0, status=bounced (can’t create user output file. Command output: procmail: Unable to treat as directory “/var/www/Maildir” procmail: Lock failure on “/var/www/Maildir.lock” procmail: Error while writing to “/var/www/Maildir” )

In a similar vein, with similar conclusion, configuring Cyberduck to access the ftp account appears to authenticate and claims to be starting ftp subsystem not goes no further. auth.log shows:
sshd[29325]: Accepted password for deron.domain.com from 1.1.1.1 port 50957 ssh2
sshd[29325]: pam_unix(sshd:session): session opened for user deron.domain.com by (uid=0)
sshd[29348]: subsystem request for sftp by user deron.domain.com

I don’t know if they are different or related issues, but the worst is I can’t even be sure I am configuring the email or ftp applications properly. If someone could be so kind as to point me to appropriate documentation on troubleshooting and configuration I would appreciate it, or any personal insight. The documentation I have found on this site is very silent on these matters.

Deron

Eric · August 18, 2011, 4:11am

Howdy,

Well, maybe we should start with a simple test that shouldn’t require any configuration…

If you use a web browser to browse to port 20000 your server, try logging in as your email user there. That’s the Usermin webmail client.

By default, email users have a username in the format “user.domain”.

Are you able to log into Usermin as your email user?

-Eric

FarOutLiving · August 19, 2011, 5:14pm

Hello Eric,

Rebooting the server seems to have resolved some of my issues.

I am able to sign in to usermin and send/receive mail to select folks. The ones I can’t send to I presume is because I don’t have reverse DNS for this (temporary) location. Once it is moved to its final location I should be able to resolve that (I better!)

I was also able to get Thunderbird to check the email, and it might be sending ok (I’m getting 2 copies, but I’m not sure what is causing that, and I get weird errors some time) but until I have reverse dns working I can live with it as is and presume the other issues are resolved by that action.

But the reboot did not fix the FTP issues. I’ve tried every common configuration to try and connect but can not. Any suggestions?

Thanks for your attention,
Deron

Eric · August 19, 2011, 7:36pm

As far as FTP goes – I’ve sometimes seen that have trouble in certain circumstances when the ftp connection tracking kernel module isn’t loaded.

Try runningthis command:

modprobe nf_conntrack_ftp

After that, does FTP work for you?

-Eric

FarOutLiving · August 30, 2011, 8:43pm

Sorry for the time lag. We where doing some test of a new drive array and had the whole thing tore apart.

FTP still does not work for me. It appears that SFTP almost works. When I use Cyberduck on the Mac, this is the steps I get:

Resolving thedomain.com
Opening SFTP connection to thedomain.com
Authenticating as deron.thedomain.com
Starting SFTP

But it then stops. it looks like it connected, but failed at the last moment.

Using any other connection method (ftp, ftps) never gets anywhere. I can sftp to root however, so I know it is at least partially working. Of course, I would prefer to not hand out root password info for folks to upload to the server

Thanks for your help.

FarOutLiving · August 30, 2011, 9:24pm

When I say I can sftp using root, I mean root for the whole machine, not some user named root in the virtual domain.

When I try and connect using deron.thedomain.com, /var/log/auth.log on the server shows:

Aug 30 17:04:08 mdv sshd[4675]: Accepted password for deron.thedomain.com from xx.xx.xx.xx port 54637 ssh2
Aug 30 17:04:08 mdv sshd[4675]: pam_unix(sshd:session): session opened for user deron.thedomain.com by (uid=0)
Aug 30 17:04:12 mdv sshd[4717]: subsystem request for sftp by user deron.thedomain.com

Nothing appears in syslog

Deron

FarOutLiving · September 1, 2011, 4:21am

Looking at the client machine trying to access ftp and the auth logs, it was clear to me that the basic initial connection was working. But it was like it was getting bumped as soon as it was connected. So that let me to think that sftp is a function(?) of ssh and ssh was not enabled for the user account.

So I was able to get FTP (well SFTP specifically) to work by editing passwd and changing shell from null to bash. Never could figure out how I might enable SSH access for a user in virtualmin, but I don’t really want that anyway. I just wanted them to be able to use FTP

So, how is FTP supposed to work on this? Is “straight” ftp supposed to work? Where can I find documentation of any sorts on this???

Deron

Eric · September 1, 2011, 4:50am

Both FTP and SSH require a valid shell in order to be able to login. Having /dev/null as a shell is okay for an email user, but you may not be able to login via FTP that way.

You can tweak all that by going into Edit Mail and FTP Users, click the username to edit, then choose Other User Permissions.

From there, you can set the Login Permissions for that user.

-Eric