Re: Network is unreachable email error

To: debian-user@lists.debian.org
Subject: Re: Network is unreachable email error
From: Mihira Fernando <mihiratheace@gmail.com>
Date: Wed, 12 Dec 2007 18:29:57 +0000
Message-id: <[🔎] 200712121829.58274.mihiratheace@gmail.com>
In-reply-to: <[🔎] 95455e980712120258y7e7f3cai66b63338b743326c@mail.gmail.com>
References: <[🔎] 95455e980712081935o21a42181g44828a61faa567bd@mail.gmail.com> <[🔎] 475EE644.2090306@gmail.com> <[🔎] 95455e980712120258y7e7f3cai66b63338b743326c@mail.gmail.com>

On Wed December 12 2007 10:58 am, hce wrote:
> Almost, but it has following error for certificates, it seems that was
> a ssl proglem, but I don't know how to fix it:
>
> Dec 12 21:50:42 debian postfix/master[2740]: reload configuration
> /etc/postfix Dec 12 21:50:42 debian postfix/qmgr[4881]: B7BFE62:
> from=<webmail.hce@gmail.com>, size=455, nrcpt=1 (queue active)
> Dec 12 21:50:45 debian postfix/smtp[4884]: certificate verification
> failed for smtp.gmail.com: num=20:unable to get local issuer
> certificate
> Dec 12 21:50:45 debian postfix/smtp[4884]: certificate verification
> failed for smtp.gmail.com: num=27:certificate not trusted
> Dec 12 21:50:45 debian postfix/smtp[4884]: certificate verification
> failed for smtp.gmail.com: num=21:unable to verify the first
> certificate
> Dec 12 21:50:46 debian postfix/smtp[4884]: warning: SASL
> authentication failure: No worthy mechs found
> Dec 12 21:50:46 debian postfix/smtp[4884]: B7BFE62: SASL
> authentication failed; cannot authenticate to server
> smtp.gmail.com[64.233.167.109]: no mechanism available
> Dec 12 21:50:49 debian postfix/smtp[4884]: certificate verification
> failed for smtp.gmail.com: num=20:unable to get local issuer
> certificate
> Dec 12 21:50:49 debian postfix/smtp[4884]: certificate verification
> failed for smtp.gmail.com: num=27:certificate not trusted
> Dec 12 21:50:49 debian postfix/smtp[4884]: certificate verification
> failed for smtp.gmail.com: num=21:unable to verify the first
> certificate
> Dec 12 21:50:50 debian postfix/smtp[4884]: warning: SASL
> authentication failure: No worthy mechs found
> Dec 12 21:50:50 debian postfix/smtp[4884]: B7BFE62:
> to=<webmail.hce@gmail.com>, relay=smtp.gmail.com[64.233.167.111]:587,
> delay=1022, delays=1015/0.17/7.1/0, dsn=4.7.0, status=deferred (SASL
> authentication failed; cannot authenticate to server
> smtp.gmail.com[64.233.167.111]: no mechanism available)
>
>
> I should clarify that my main.cf was copied from a friend's Ubuntu
> machine. Not sure if something was missing? I did check that
> /etc/ssl/certs/ssl-cert-snakeoil.pem and
> /etc/ssl/private/ssl-cert-snakeoil.key did exist.
Ubuntu may have its own customizations that Debian does not have. NEVER copy 
and paste a main.cf from someone else!
>
> $ sudo /usr/sbin/postconf -n
> alias_database = hash:/etc/aliases
> alias_maps = hash:/etc/aliases
> append_dot_mydomain = yes
> biff = no
> canonical_maps = hash:/etc/postfix/canonical
> config_directory = /etc/postfix
> inet_interfaces = loopback-only
> inet_protocols = ipv4
> mailbox_size_limit = 51200000
> masquerade_domains = localhost
> mydestination =
> myhostname = debian
> mynetworks = 127.0.0.0/8
> myorigin = /etc/mailname
> recipient_delimiter = +
> relayhost = smtp.gmail.com:587
> smtp_sasl_auth_enable = yes
> smtp_sasl_mechanism_filter = login
> smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
> smtp_sasl_security_options = noanonymous
> smtp_sasl_type = cyrus
> smtp_tls_CApath = /etc/ssl/certs
> smtp_tls_security_level = may
> smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache
> smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
> smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
> smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
> smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
> smtpd_use_tls = yes
>
>
>  How can I fix it?

Asusming that above listed is your server's postconf output,
As root run : 
Lets not use unknown variables here so :

# postconf -e smtpd_banner=$myhostname

Your forgot the square brackets for the relayhost. This is not a must but it 
helps speed things up as square brackets stops postfix from doing MX lookups.

#postconf -e relayhost=[smtp.gmail.com]:587

AFAIK, no need to use CApaths for relaying with Gmail.
# postconf -e smtp_tls_CApath=

and reload Postfix.

Mihira.

-- 
Random Quotes From Megas XLR
Coop: You see? The mysteries of the Universe are revealed when you break 
stuff.
Jamie: When in doubt, blow up a planet.
Kiva: It's an 80 foot robot, if we can't see it, absolutely it's not here.
Glorft Technician: Unnecessary use of force in capturing the Earthers has been 
approved.

Reply to:

Follow-Ups:
- Re: Network is unreachable email error
  - From: hce <webmail.hce@gmail.com>

References:
- Network is unreachable email error
  - From: hce <webmail.hce@gmail.com>
- Re: Network is unreachable email error
  - From: Mihira Fernando <mihiratheace@gmail.com>
- Re: Network is unreachable email error
  - From: hce <webmail.hce@gmail.com>

Prev by Date: Re: Kernel (Enable PAE)
Next by Date: Re: How to start KDE from a console prompt?
Previous by thread: Re: Network is unreachable email error
Next by thread: Re: Network is unreachable email error
Index(es):
- Date
- Thread