Outlook Clients Can't connect to external email server

NethServer Version: 7.5

I am new to Nethserver but have been using Linux for many moons. I recently setup a Nethserver install with SAMBA AD for a client and (almost) everything went very well. The issue we ended up with is; they have an external email server and they can’t send or receive using Outlook. Also, their email address’ are not the same as their domain login names (which may or may not have anything to do with the issue). I’d appreciate any direction you can offer on how to troubleshoot this issue.

Thanks in advance

Welcome to Nethserver Community,

are there relevant errors in Outlook or in the Nethservers /var/log/maillog?

I assume the users connect their Outlook to Nethserver through IMAPS and the Nethserver forwards to a smarthost or do the Outlooks connect directly to an external server? Do you receive mails via Nethserver pop3 connector?

In this case you may change the Outlook profile to use another from address.

Outlook should connect directly to an external server. We were able to receive emails through the pop3 connector, I believe. I will confirm Monday.

We were able to receive emails via the pop3 connector, but were not able to send.

I think a wrong from mail address that is not allowed to send mails is used in the Outlook settings.

Sorry for German screenshot but just to show:

grafik

To check what’s going on please have a look at the logfile /var/log/maillog. You may use the log viewer in the web UI.

Unfortunately, the messages log isn’t available. I will get fresh logs ASAP but the email provider is having other issues today. I hope this will be helpful.

Jan 25 10:03:13 nethserver clamd[6399]: SelfCheck: Database modification detected. Forcing reload.
Jan 25 10:03:14 nethserver clamd[6399]: Reading databases from /var/lib/clamav
Jan 25 10:03:33 nethserver clamd[6399]: Database correctly reloaded (6929028 signatures)
Jan 25 10:05:03 nethserver dovecot: lda(new_user1@blah.com): Error: userdb lookup: connect(/var/run/dovecot/auth-userdb) failed: No such file or directory
Jan 25 10:05:03 nethserver dovecot: lda: Fatal: Internal error occurred. Refer to server log for more information.
Jan 25 10:05:03 nethserver getmail: Delivery error (command dovecot-lda 11918 error (75, ))
Jan 25 10:05:03 nethserver getmail: msg 3/6 (6889 bytes) msgid 1462314586/6961 from <user1@blah.com>
Jan 25 10:05:03 nethserver dovecot: lda(new_user1@blah.com): Error: userdb lookup: connect(/var/run/dovecot/auth-userdb) failed: No such file or directory
Jan 25 10:05:03 nethserver dovecot: lda: Fatal: Internal error occurred. Refer to server log for more information.
Jan 25 10:05:03 nethserver getmail: Delivery error (command dovecot-lda 11921 error (75, ))
Jan 25 10:05:03 nethserver getmail: msg 4/6 (4898 bytes) msgid 1462314586/6971 from <user1@blah.com>
Jan 25 10:05:03 nethserver dovecot: lda(new_user1@blah.com): Error: userdb lookup: connect(/var/run/dovecot/auth-userdb) failed: No such file or directory
Jan 25 10:05:03 nethserver dovecot: lda: Fatal: Internal error occurred. Refer to server log for more information.
Jan 25 10:05:03 nethserver getmail: Delivery error (command dovecot-lda 11923 error (75, ))
Jan 25 10:05:03 nethserver getmail: msg 5/6 (50881 bytes) msgid 1234567890/9876 from <darla@blah.com>
Jan 25 10:05:03 nethserver dovecot: lda(new_user1@blah.com): Error: userdb lookup: connect(/var/run/dovecot/auth-userdb) failed: No such file or directory
Jan 25 10:05:03 nethserver dovecot: lda: Fatal: Internal error occurred. Refer to server log for more information.
Jan 25 10:05:03 nethserver getmail: Delivery error (command dovecot-lda 11924 error (75, ))
Jan 25 10:05:03 nethserver getmail: msg 6/6 (8666 bytes) msgid 1234567890/9876 from <joebloe@xmail.com>
Jan 25 10:05:03 nethserver postfix/pickup[5463]: XxXxXxXxXxXx: uid=0 from=<root>
Jan 25 10:05:03 nethserver postfix/cleanup[11925]: XxXxXxXxXxXx: message-id=<20190125180503.XxXxXxXxXxXx@nethserver.blah.com>
Jan 25 10:05:03 nethserver postfix/qmgr[5030]: XxXxXxXxXxXx: from=<root@nethserver.blah.com>, size=1123, nrcpt=1 (queue active)
Jan 25 10:05:03 nethserver postfix/local[11928]: XxXxXxXxXxXx: to=<root@nethserver.blah.com>, orig_to=<root>, relay=local, delay=0.9, delays=0.89/0.01/0/0, dsn=2.0.0, status=sent (delivered to mailbox)
Jan 25 10:05:03 nethserver postfix/qmgr[5030]: XxXxXxXxXxXx: removed

Is dovecot running?

systemctl status dovecot -l

You may try to restart it with systemctl restart dovecot

I’m sorry for injecting confusion. Dovecot has been disabled since the logs were created and the problem is the same. There are no new entries in the maillog. Any ideas where else I might look? I am not on site at the moment, but I’ll try to get the logs from CPANEL and Outlook. Thanks so much for the assistance and any further suggestions are appreciated.

The pop3connector needs dovecot to work.as it

delivers the messages using dovecot-lda

http://docs.nethserver.org/projects/nethserver-devel/en/latest/nethserver-mail.html#nethserver-mail-getmail

Please post the Nethserver postfix config (get it on command line by typing config show postfix) and the Outlook client mail config too.

Just to be clear, We are not trying to use pop3connector or dovecot, we are trying to connect to the email server directly using Outlook. We did have them on for testing previously and found that we were able to receive but not send email (hence the confusion that I mentioned in my previous post as the logs were from that testing period). Will the postfix config be beneficial in this case? If so, I’ll get it right away. I just want to make sure we’re all on the same page. :slight_smile:

Thanks, now I understand, so no need for posting mail configs :smile:

In this case you may try to edit the outlook account to use a correct/allowed email address.
And please post some information about the Outlook mail account configuration and the Outlook error message.

The Outlook configuration works when connected to an unsecured network.

Outlook settings:



Here is the error Outlook presents:

Here is the log from cpanel:

[Wed Jan 30 16:04:30.970988 2019] [autoindex:error] [pid 8179] [client 222.222.000.121:50778] AH01276: Cannot serve directory /home/bla/archives.bla.com/ : No matching DirectoryIndex (index.html.var,index.htm,index.html,index.shtml,index.xhtml,index.wml,index.perl,index.pl,index.plx,index.ppl,index.cgi,index.jsp,index.js,index.jp,index.php4,index.php3,index.php,index.phtml,default.htm,default.html,home.htm,index.php5,Default.html,Default.htm,home.html) found, and server-generated directory index forbidden by Options directive [Wed Jan 30 15:49:15.618485 2019] [access_compat:error] [pid 8179] [client 1.2.3.4:60166] AH01797: client denied by server configuration: /home/bla/public_html/wp-content/plugins/hello.php, referer: ibla.com [Wed Jan 30 13:03:32.426749 2019] [access_compat:error] [pid 7466] [client 4.3.2.1:34579] AH01797: client denied by server configuration: /home/bla/public_html/wp-content/plugins/hello.php, referer: blacheesedip.com [Wed Jan 30 12:32:14.985571 2019] [autoindex:error] [pid 24446] [client 11.12.13.14:13672] AH01276: Cannot serve directory /home/bla/archives.bla.com/ : No matching DirectoryIndex (index.html.var,index.htm,index.html,index.shtml,index.xhtml,index.wml,index.perl,index.pl,index.plx,index.ppl,index.cgi,index.jsp,index.js,index.jp,index.php4,index.php3,index.php,index.phtml,default.htm,default.html,home.htm,index.php5,Default.html,Default.htm,home.html) found, and server-generated directory index forbidden by Options directive [Wed Jan 30 10:47:29 2019] [error] [client 111.222.000.123] File does not exist: /home/bla/archives.bla.com/404.shtml [Wed Jan 30 10:47:29 2019] [error] [client 111.222.000.123] File does not exist: /home/bla/archives.bla.com/vtigercrm [Wed Jan 30 10:16:24 2019] [error] [client 111.222.000.123] File does not exist: /home/bla/archives.bla.com/404.shtml [Wed Jan 30 10:16:24 2019] [error] [client 111.222.000.123] File does not exist: /home/bla/archives.bla.com/recordings [Wed Jan 30 08:51:53 2019] [error] [client 14.12.13.11] File does not exist: /home/bla/archives.bla.com/403.shtml [Wed Jan 30 08:51:53 2019] [error] [client 14.12.13.11] Directory index forbidden by Options directive: /home/bla/archives.bla.com/ [Wed Jan 30 08:51:01 2019] [error] [client 21.22.23.24] File does not exist: /home/bla/archives.bla.com/403.shtml, referer: https://www. BBBBB .com/survey/ [Wed Jan 30 08:51:01 2019] [error] [client 21.22.23.24] Directory index forbidden by Options directive: /home/bla/archives.bla.com/ , referer: https://www.BBBBB.com/survey/ [Wed Jan 30 08:43:34 2019] [error] [client 22.22.22.22] client denied by server configuration: /home/bla/public_html/wp-content/plugins/seriesengine_plugin/includes/viewcount.php, referer: https://bla.com/service-archives/ ?enmse=1&enmse_sid=18&enmse_mid=283&enmse_av=1 [Wed Jan 30 08:38:16 2019] [error] [client 33.33.33.33] File does not exist: /home/bla/archives.bla.com/403.shtml [Wed Jan 30 08:38:16 2019] [error] [client 33.33.33.33] Directory index forbidden by Options directive: /home/bla/archives.bla.com/ [Wed Jan 30 07:16:38 2019] [error] [client 44.44.44.44] client denied by server configuration: /home/bla/public_html/wp-content/uploads/libraries.php [Wed Jan 30 02:29:31 2019] [error] [client 55.55.55.55] PHP Fatal error: Uncaught exception ‘wfWAFStorageFileException’ with message ‘Unable to verify temporary file contents for atomic writing.’ in /home/bla/public_html/wp-content/plugins/wordfence/vendor/wordfence/wf-waf/src/lib/storage/file.php:47\nStack trace:\n#0 /home/bla/public_html/wp-content/plugins/wordfence/vendor/wordfence/wf-waf/src/lib/st[Wed Jan 30 07:16:37 2019] [error] [client 44.44.44.44] client denied by server configuration: /home/bla/public_html/wp-content/uploads/libraries.php [Wed Jan 30 02:28:26 2019] [error] [client 55.55.55.55] PHP Fatal error: Uncaught exception ‘wfWAFStorageFileException’ with message ‘Unable to verify temporary file contents for atomic writing.’ in /home/bla/public_html/wp-content/plugins/wordfence/vendor/wordfence/wf-waf/src/lib/storage/file.php:47\nStack trace:\n#0 /home/bla/public_html/wp-content/plugins/wordfence/vendor/wordfence/wf-waf/src/lib/storage/file.php(650): wfWAFStorageFile::atomicFilePutContents(’/home/blah…’, '<?php exit(‘Acc…’)\n#1 [internal function]: wfWAFStorageFile->saveConfig(‘synced’)\n#2 {main}\n thrown in /home/bla/public_html/wp-content/plugins/wordfence/vendor/wordfence/wf-waf/src/lib/storage/file.php on line 47 [Wed Jan 30 01:46:55 2019] [error] [client 66.66.66.66] File does not exist: /home/bla/archives.bla.com/403.shtml [Wed Jan 30 01:46:55 2019] [error] [client 66.66.66.66] Directory index forbidden by Options directive: /home/bla/archives.bla.com/ [Wed Jan 30 01:31:12 2019] [error] [client 44.44.44.44] client denied by server configuration: /home/bla/public_html/wp-content/uploads/link.php [Wed Jan 30 01:31:10 2019] [error] [client 44.44.44.44] client denied by server configuration: /home/bla/public_html/wp-content/uploads/link.php [Wed Jan 30 00:37:22 2019] [error] [client 66.66.66.66] File does not exist: /home/bla/archives.bla.com/400.shtml [Wed Jan 30 00:07:10 2019] [error] [client 66.66.66.66] File does not exist: /home/bla/archives.bla.com/404.shtml [Wed Jan 30 00:07:10 2019] [error] [client 66.66.66.66] File does not exist: /home/bla/archives.bla.com/vtigercrm [Wed Jan 30 00:05:11 2019] [error] [client 77.77.77.77] File does not exist: /home/bla/archives.bla.com/400.shtml

check where mail.blah.com points

ping mail.blah.com

Try to change the SMTP type of encrypted connection in “SSL” instead of “TLS”

I verified that the DNS record for the mail server points to our public IP. SSL setting produces the same result. As a matter of fact, SSL is the correct setting for our mail server. My assistant who is on-site forgot to change the setting when taking the screen shot. But he verified that the setting was correct when he tested the connection. We are using Samba 4 AD and the primary domain is the same but the usernames are not. I am wondering if this is causing an authentication conflict when the mail server responds? As I mentioned, everything works fine when Outlook connects off domain. I hope this helps to shed light on the issue.

Let’s summarize:

You have:

  • A Nethserver NG 7.x acting as AD domain controller
  • Various Windows clients that athenticate themselves on Nethserver
  • Outlook is installed on the clients but it is configured as a IMAP client and it is connected to an external email server on the cloud

I think the Outlook authentication is unrelated to the Nethserver authentication.

So:

Nethserver acts as gateway/firewall of the lan too?
Gateway/Firewall of the lan is another appliance?
The rights ports (993, 465) are opened correctly on the firewall?
There is a antivirus installed on the clients that act as proxy on IMAPS/SMTPS ports?

We use the same configuration, only with thunderbird and it works perfect.

We only had to install the certificate of the mail server.

You can try to use port 587 with STARTTLS for smtp. Most smtp-servers provide that port.
I don’t have outlook, but is there a setting for “SSL/TLS” on imap, if yes, try that.

Nethserver is the gateway / firewall of the lan.
Both ports in question are open to the outside. I’ll verify that antivirus isn’t interfering and update.

Thanks

From LAN, the mail domain resolves to NethServer IP or to the external server?

external server.

There is no antivirus interference.