postfix/dovecot/roundcube:“连接存储服务器失败”

tag-icon tag-icon dovecot roundcube
postfix/dovecot/roundcube:“连接存储服务器失败”

我已经按照这里的说明在 Debian 机器上设置了 Roundcube:https://www.server-world.info/en/note?os=Debian_10&p=httpd&f=14

尝试登录 Web 界面时,我收到“连接到存储服务器失败”的消息。使用该openssl命令时,我可以正常远程登录a authenticate login。当我远程选择收件箱时,邮箱会自动在用户目录中生成。因此,roundcube 和 dovecot 之间肯定存在一些脱节。

这是在 Roundcube 上每次失败尝试的日志中的大约 3 次:

Oct  5 18:44:47 mail dovecot: imap-login: Debug: SSL: where=0x10, ret=1: before SSL initialization
Oct  5 18:44:47 mail dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: before SSL initialization
Oct  5 18:44:47 mail dovecot: imap-login: Debug: SSL: where=0x2002, ret=-1: before SSL initialization
Oct  5 18:44:47 mail dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: before SSL initialization
Oct  5 18:44:47 mail dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3/TLS read client hello
Oct  5 18:44:47 mail dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3/TLS write server hello
Oct  5 18:44:47 mail dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3/TLS write certificate
Oct  5 18:44:47 mail dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3/TLS write key exchange
Oct  5 18:44:47 mail dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3/TLS write server done
Oct  5 18:44:47 mail dovecot: imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv3/TLS write server done
Oct  5 18:44:47 mail dovecot: imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv3/TLS write server done
Oct  5 18:44:47 mail dovecot: imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv3/TLS write server done
Oct  5 18:44:47 mail dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3/TLS write server done
Oct  5 18:44:47 mail dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3/TLS read client key exchange
Oct  5 18:44:47 mail dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3/TLS read change cipher spec
Oct  5 18:44:47 mail dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3/TLS read finished
Oct  5 18:44:47 mail dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3/TLS write session ticket
Oct  5 18:44:47 mail dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3/TLS write change cipher spec
Oct  5 18:44:47 mail dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3/TLS write finished
Oct  5 18:44:47 mail dovecot: imap-login: Debug: SSL: where=0x20, ret=1: SSL negotiation finished successfully
Oct  5 18:44:47 mail dovecot: imap-login: Debug: SSL: where=0x2002, ret=1: SSL negotiation finished successfully
Oct  5 18:44:47 mail dovecot: imap-login: Debug: SSL alert: close notify
Oct  5 18:44:47 mail dovecot: imap-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=xxx.xxx.xxx.xxx, lip=xxx.xxx.xxx.xxx, TLS, session=<wJBr4PCwYrQD5UF7>
Oct  5 18:44:47 mail dovecot: imap-login: Debug: SSL alert: close notify

Roundcube 配置:

$config = array();
$config['default_host'] = 'tls://example.com';
$config['smtp_server'] = 'tls://example.com';
$config['smtp_port'] = 587;
$config['smtp_user'] = '%u';
$config['smtp_pass'] = '%p';
$config['support_url'] = '';
$config['product_name'] = 'Webmail';
$config['des_key'] = 'abcd1234';
$config['plugins'] = array(
);
$config['skin'] = 'larry';
$config['enable_spellcheck'] = false;
$config['default_port'] = 143;
$config['smtp_auth_type'] = 'LOGIN';
$config['smtp_helo_host'] = 'mail.smartlu63.org';
$config['main_domain'] = 'smartlu63.org';
$config['useragent'] = 'Union Webmail';
$config['imap_conn_options'] = array( 'ssl' => array( 'verify_peer' => true, 'CN_match' => 'smartlu63.org', 'allow_self_signed' => true, 'ciphers' => 'HIGH:!SSLv2:!SSLv3',),);

Dovecot 配置

auth_debug = yes
auth_debug_passwords = yes
auth_mechanisms = plain login
auth_verbose = yes
auth_verbose_passwords = yes
disable_plaintext_auth = no
mail_debug = yes
mail_location = maildir:~/Maildir
mail_privileged_group = mail
namespace inbox {
  inbox = yes
  location =
  mailbox Drafts {
    special_use = \Drafts
  }
  mailbox Junk {
    special_use = \Junk
  }
  mailbox Sent {
    special_use = \Sent
  }
  mailbox "Sent Messages" {
    special_use = \Sent
  }
  mailbox Trash {
    special_use = \Trash
  }
  prefix =
}
passdb {
  driver = pam
}
plugin {
  sieve = file:~/sieve;active=~/.dovecot.sieve
}
protocols = " imap pop3"
service auth {
  unix_listener /var/spool/postfix/private/auth {
    group = postfix
    mode = 0666
    user = postfix
  }
}
ssl_cert = </etc/dovecot/private/dovecot.pem
ssl_client_ca_dir = /etc/ssl/certs
ssl_dh = # hidden, use -P to show it
ssl_key = # hidden, use -P to show it
userdb {
  driver = passwd
}
verbose_ssl = yes

注意:我卸载了筛选包以尽量减少配置的复杂性。

答案1

将值$config['default_host']从 =设置tls://mail.example.com为 就mail.example.com成功了。不知道为什么。

答案2

值得一提的是,我遇到了同样的问题,这是因为 DNS 记录没有在这些设置的值中正确声明 URL:

$config['default_host'] = 'tls://mail.mydomain.tld';
$config['smtp_host'] = 'tls://smtp.mydomain.tld';
$config['imap_host'] = 'tls://imap.mydomain.tld';

一旦 DNS 记录了这些,一切就都正常了。

答案3

ROUNDCUBE:“连接到存储服务器失败”-安全证书名称更改问题

我们在对安全证书进行早期更新时遇到了同样的问题。当我们运行时$certbot --nginx,它更新了我们所有的证书,包括我们遇到问题的证书,但证书名称中却添加了“-0001”。

因此,在我们所有的 nginx 配置文件中,“foo.com”都变成了“foo.com-0001”。示例:

ssl_cert = </etc/letsencrypt/live/foo.com/fullchain.pem>

...变成:

ssl_cert = </etc/letsencrypt/live/foo.com-0001/fullchain.pem>

...在dovecot 10-ssl.conf文件中。

证书名称的更改给 dovecot 和 postfix 都带来了问题,因为它们的配置文件中证书名称仍为“foo.com”[不是 foo.com-0001]。这导致收到“连接到存储...”失败消息。

解决方案

更新证书名称修复了 dovecot 和 roundcube 的问题 - 显然我们也更新了 postfix!

这是一个相当模糊的问题类型......但它可能会对未来的搜索者有所帮助!

相关内容