I have several virtual servers running. I just created few new ones. recently updated yesterday som packages. Since then I have been unable to connect to smtp from a crm application I loaded (Espocrm) - had this working earlier on the weekend. When I test the smtp connect from the command line (virtualmin test-smtp) I get :
no SASL mechanism found.
When I send email from usermin - it works but when I setup the smtp to send email through the app it logs the following:
[2024-03-25 20:56:00] ERROR: Email sending error: cannot connect to host; error = stream_socket_client(): Unable to connect to ssl://localhost:587 (Unknown error) (errno = 0 )
[2024-03-25 20:56:00] WARNING: Email sending:unknownError; 0
yes I have checked the firewall settings - Im on hetzner and have all of the ports required open and sestatus is disabled and the firewalld also has the correct ports open.
Ive tried localhost, the domain, ports 587, 465, 993 995 TLS and SSL and nothing - like I said I had no issues connecting to smtp before this weekend something went wrong since the update - it crashed my original esp site that was working and sending emails and then it just went kaput after a reboot which is why I created a new one.
and it says NO authentication failed even though i KNOW this is the correct password and user
but oddly enough I never have to do anything normally - I make sure mail server is turn on and view the mail client settings for the user -open the firewall ports and bobs your uncle it works straight off.
I updated whatever was in the queue - virtualmin recommendations - there was over 300 updates - the only updates that did not work were ImageMagick and a python aws library
They’re both TLS. SSL is deprecated and known insecure (Version history for TLS/SSL support in web browsers - Wikipedia). People use the two terms interchangeably, but no one is generally using SSL at this point. I think it was a mistake to use a new name, instead of just giving it new versions with the new features and removal of old misfeatures, but I don’t have any say in that.
465 is SMTP over TLS (by way of an OpenSSL tunnel).
587 uses STARTTLS to negotiate an encrypted connection after an initial non-encrypted handshake. It also uses OpenSSL, I assume, but I don’t know much about the innards.
Ok found it: Last few lines of the logs
Another quick note: using Dovecote and Cyrus - is Cyrus new and is there a special configuration required for Cyrus?
Mar 26 12:53:42 q3networks postfix/smtpd[238916]: connect from unknown[193.222.96.70]
Mar 26 12:53:44 q3networks postfix/smtpd[238916]: warning: unknown[193.222.96.70]: SASL LOGIN authentication failed: authentication failure
Mar 26 12:53:44 q3networks postfix/smtpd[238916]: disconnect from unknown[193.222.96.70] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4
Mar 26 12:53:45 q3networks dovecot[228399]: imap-login: Disconnected: Aborted login by logging out (auth failed, 2 attempts in 9 secs): user=<dom@q3networks.com>, method=PLAIN, rip=24.141.167.165, lip=10.10.10.11, TLS, session=<l8KWIZMUafUYjael>
Mar 26 12:53:45 q3networks dovecot[228399]: imap-login: Disconnected: Aborted login by logging out (auth failed, 2 attempts in 9 secs): user=<dom@q3networks.com>, method=PLAIN, rip=24.141.167.165, lip=10.10.10.11, TLS, session=<B0uXIZMUavUYjael>
Dovecot is the POP3/IMAP server. We do not use the Dovecot SASL authenticator, so Dovecot is not involved in this conversation.
Virtualmin configures saslauthd, which comes from the Cyrus project. It is not new, it’s the same SASL authenticator we’ve used from the very beginning. I’m unaware of any changes needed in configuration in the recent past (last change I recall was maybe ten years ago).
I am able to send out email through my crm app but only if I switch the account to another virtual server.
I was trying to send out using the crm vs on espo.q3crm.com to no avail. But when I switch to my q3networks account it works. It looks as though something is misconfigured on the new vs.