Emails cannot be retrieved

NethServer Version: Nethserver 7.8.2003
Module: Email, Active Directory, Nextcloud

Hello everybody,
I’m having a problem getting mail through IMAP. Emails cannot be retrieved. The server is configured as a DC.

I only get the following error in the log.

Email: /var/log/imap:
Jun 5 23:43:10 gateway dovecot: imap-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=127.0.0.1, lip=127.0.0.1, TLS handshaking: SSL_accept() failed: error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca: SSL alert number 48, session=<D0bAJV2npMl/AAAB>

Nexctcloud: tail -f /var/lib/nethserver/nextcloud/nextcloud.log
{“reqId”:“Xtq-RFwbFckhCJ1-dzlHawAAAAo”,“level”:4,“time”:“2020-06-05T21:55:16+00:00”,“remoteAddr”:“192.168.1.31”,“user”:“ED26603A-FE52-49B7-B6E1-60F6AA040802”,“app”:“mail”,“method”:“POST”,“url”:"/nextcloud/index.php/apps/mail/api/accounts",“message”:“Creating account failed: Could not connect to IMAP: Error connecting to mail server.”,“userAgent”:“Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0”,“version”:“18.0.4.2”}

Do you have any ideas how I can fix the problem?

@mm2588

Hi Marcel

Welcome to the NethServer Community!

It seems you’re using only Nextcloud to access mails?
Does mail access work from a mail client (Outlook IMAP / Thunderbird)?
Can you login to Nextcloud?

My 2 cents
Andy

1 Like

Hi André,

Thank you for your answer.

I have access via Outlook.
IMAP: SSL/TLS Port:993
SMTP: STARTTLS Port: 587

Login in Nexctloud or SoGO works.

SoGO doesn’t work either. No mailboxes are displayed there and cannot be added. The same with Nextcloud.

Outlook Config

Nexctloud Config

@mm2588

Hi

I just requested if mail works, to pinpoint the error…

It seems as if mail itself is working.

The fact that SoGo and Nextcloud don’t display any mailboxes and can’t add any confirms that. Mail is handled by NethServer itself. This indicates to me that those two Web-Applications are having LDAP problems.

Are you using LDAP or AD as account provider?

If you can login to both, and both use the account provider (normally), then this indicates that those two DO have LDAP connections, but something there isn’t working as intended.
Do you have all updates installed? There have been quite a few since the 7.8.2003 update…

My 2 cents
Andy

Are you using LDAP or AD as account provider?
I am using Active Directory.
Nethserver is the domain controller.

Do you have all updates installed?
Yes.

@support_team

Need some help here!

Thx
Andy

Log Dovecot

LOG DOVECOT | Login via Outlook:
Jun 6 12:03:47 gateway dovecot: imap-login: Login: user=muellerm@srv.lan, method=PLAIN, rip=192.168.1.31, lip=192.168.1.1, mpid=7179, TLS, session=

LOG DOVECOT | Login via Nexctloud:
Jun 6 12:04:57 gateway dovecot: imap-login: Disconnected (disconnected before auth was ready, waited 0 secs): user=<>, rip=192.168.1.1, lip=192.168.1.1, TLS handshaking: SSL_accept() failed: error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca: SSL alert number 48, session=

Jun 6 12:04:57 gateway dovecot: imap-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=192.168.1.1, lip=192.168.1.1, TLS handshaking: SSL_accept() failed: error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca: SSL alert number 48, session=<4/uQgmenNKTAqAEB>

No USER in Log-File!!!

LOG Nexcloud | Login via Web / Mail-App:
{“reqId”:“XttqtoinwM9Q2C5BQLj5AwAAAAM”,“level”:4,“time”:“2020-06-06T10:06:47+00:00”,“remoteAddr”:“192.168.1.31”,“user”:“ED26603A-FE52-49B7-B6E1-60F6AA040802”,“app”:“mail”,“method”:“POST”,“url”:"/nextcloud/index.php/apps/mail/api/accounts",“message”:“Creating account failed: Could not connect to IMAP: Error connecting to mail server.”,“userAgent”:“Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0”,“version”:“18.0.4.2”}

User: ED26603A-FE52-49B7-B6E1-60F6AA040802

Can not help you with Nextcloud Email…
However because SOGo does not appear to be working for you; fixing that might give some insight why Nextcloud does not work. :thinking:

For SOGo:
You may (temporarily) enable extra debug-logging by uncommenting relevant lines, for starters ImapDebugEnabled and LDAPDebugEnabled , in /etc/sogo/sogo.conf (1) :

  /* 80 Debug */
  //SOGoDebugRequests = YES;
  //SoDebugBaseURL = YES;
  ImapDebugEnabled = YES;
  LDAPDebugEnabled = YES;
  //PGDebugEnabled = YES;
  //MySQL4DebugEnabled = YES;
  //SOGoUIxDebugEnabled = YES;
  //WODontZipResponse = YES;
  //SOGoEASDebugEnabled = YES;
  //WOLogFile = "/var/log/sogo/sogo.log";

Restart the SOGo deamon : systemctl restart sogod

Do some tests: for instance sent some mail from/to two local test user’s in SOGo and examine/report errors in the (sogo) log’s.

Grtz Mark

  1. note
    this is a templated conf file, changes will be lost by a update event.
1 Like

SOGo works now.

@mark_nl Thanks!

Does anyone have an idea for Nextcloud?

Hi Marcel,

Glad at least SOGo is working which means the underlying mail-system works too. :grinning:

You may want to edit the Title of the post to clarify better the issue is setting up Nextcloud mail;
to trigger other people who might set nextcloud-mail up successfully before…

Gtrz, Mark

EDIT: looking at the log is seem to be an certificate issue:
Do you have a valid certificate or do you (still) use the self-signed server certificate?

LOG IMAP
Jun 17 19:10:49 gateway dovecot: imap-login: Disconnected (no auth attempts in 1 secs): user=<>, rip=127.0.0.1, lip=127.0.0.1, TLS handshaking: SSL_accept() failed: error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca: SSL alert number 48, session=<FZHOvUqoQN5/AAAB>

I use the standard certificate

I also tried another certificate. The same messages are in the log.

happen to know @pagaille used netxcloud-mail for a while, maybe he can shed some light on this.

EDIT: does this thread help?

It looks like nethserver is not correctly configured regarding certificates. You could try configuring nextcloud’s mail client to connect using PLAIN (“Keine”, not SSL).

I’m using letsencrypt -signed certificates, not self signed certificates. Maybe nextcloud doesn’t like self signed certificates ?

1 Like

Have a look at this : https://help.nextcloud.com/t/additional-settings-email-configuration-solved/22070/6

Unfortunately not a success.

The same problems are still there.

I tried it without encryption.

The funny thing is that other mail programs work. Only Nextcloud-Mail is not running.

Please send us a log without encryption.

Mail-Log / IMAP

Jun 27 20:58:33 gateway dovecot: imap-login: Login: user=muellerm@srv.lan, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=18385, secured, session=<63mBaRWpfIN/AAAB>
Jun 27 20:58:33 gateway dovecot: imap(muellerm@srv.lan): Logged out in=26 out=501

MailLog

Jun 27 21:04:41 gateway postfix/smtpd[21204]: connect from localhost[127.0.0.1]
Jun 27 21:04:41 gateway rspamd[2966]: ; proxy; proxy_accept_socket: accepted milter connection from /var/run/rspamd/worker-proxy port 0
Jun 27 21:04:41 gateway postfix/smtpd[21204]: SSL_accept error from localhost[127.0.0.1]: 0
Jun 27 21:04:41 gateway postfix/smtpd[21204]: warning: TLS library problem: 21204:error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca:s3_pkt.c:1493:SSL alert number 48:
Jun 27 21:04:41 gateway postfix/smtpd[21204]: lost connection after STARTTLS from localhost[127.0.0.1]
Jun 27 21:04:41 gateway postfix/smtpd[21204]: disconnect from localhost[127.0.0.1]
Jun 27 21:04:41 gateway rspamd[2966]: ; milter; rspamd_milter_process_command: got connection from 127.0.0.1:38764
Jun 27 21:04:41 gateway rspamd[2966]: ; proxy; proxy_milter_finish_handler: finished milter connection

Nextcloud-Log

{“reqId”:“XveXgfxvZs8O2FvrRBjGEAAAAAQ”,“level”:3,“time”:“2020-06-27T19:01:22+00:00”,“remoteAddr”:“192.168.1.31”,“user”:“ED26603A-FE52-49B7-B6E1-60F6AA040802”,“app”:“PHP”,“method”:“POST”,“url”:"/nextcloud/index.php/apps/mail/api/accounts",“message”:“Undefined offset: 1 at /usr/share/nextcloud/apps/mail/vendor/pear-pear.horde.org/Horde_Smtp/Horde/Smtp.php#1049”,“userAgent”:“Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0”,“version”:“19.0.0.12”}
{“reqId”:“XveXgfxvZs8O2FvrRBjGEAAAAAQ”,“level”:3,“time”:“2020-06-27T19:01:22+00:00”,“remoteAddr”:“192.168.1.31”,“user”:“ED26603A-FE52-49B7-B6E1-60F6AA040802”,“app”:“PHP”,“method”:“POST”,“url”:"/nextcloud/index.php/apps/mail/api/accounts",“message”:“Uninitialized string offset: 1 at /usr/share/nextcloud/apps/mail/vendor/pear-pear.horde.org/Horde_Smtp/Horde/Smtp/Exception.php#238”,“userAgent”:“Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0”,“version”:“19.0.0.12”}
{“reqId”:“XveXgfxvZs8O2FvrRBjGEAAAAAQ”,“level”:4,“time”:“2020-06-27T19:01:22+00:00”,“remoteAddr”:“192.168.1.31”,“user”:“ED26603A-FE52-49B7-B6E1-60F6AA040802”,“app”:“mail”,“method”:“POST”,“url”:"/nextcloud/index.php/apps/mail/api/accounts",“message”:“Creating account failed: Could not open secure TLS connection to the server.”,“userAgent”:“Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0”,“version”:“19.0.0.12”}

Nexctloud-Mail