Cannot login to SOGO after install!

[jakemarchant]

Update:
I can login to SOGo when I go via IP instead of FQDN.
Updated SOGo and Dovecot logs.

Hi,

Been trying to setup a fresh install of MailCow today and have encountered a few issues and was hoping for some help!

Firstly the installation was just redirecting my domain to https and failing to proceed due to insecurities, proceeding at your own risk would just result in a further proxy handshake error. I fixed this one by replacing the cert.pem and key.pem in data/assets/ssl as referenced in https://mailcow.github.io/mailcow-dockerized-docs/firststeps-ssl/ .

After fixing the first problem I could log straight into my admin panel using the standard admin/moohoo login, I created a domain and a subsequent mailbox, I restarted SOGo via the web GUI but I could not login using the new username/password in the SOGo app...

I have tried running "docker-compose down && docker-compose up -d" to restart all of my containers.
I have tried running "docker-compose restart sogo-mailcow" to restart my SOGo container.
I have tried creating other users and logging in as those.
I have tried updating my installation (I was desperate!)
... And no luck!

Any help would be greatly appreciated.

SOGo Logs:

14/02/2018, 14:10:11	notice	[35]: <0x0x56022be8f2e0[WOHttpAdaptor]> notified the watchdog that we are ready
14/02/2018, 14:10:11	notice	[31]: <0x0x56022be8f110[WOHttpAdaptor]> notified the watchdog that we are ready
14/02/2018, 14:10:11	notice	[29]: <0x0x56022be8f360[WOHttpAdaptor]> notified the watchdog that we are ready
14/02/2018, 14:10:11	notice	[33]: <0x0x56022be8f110[WOHttpAdaptor]> notified the watchdog that we are ready
14/02/2018, 14:10:11	notice	[32]: <0x0x56022be8e7a0[WOHttpAdaptor]> notified the watchdog that we are ready
14/02/2018, 14:10:11	notice	[30]: <0x0x56022be8f110[WOHttpAdaptor]> notified the watchdog that we are ready
14/02/2018, 14:10:11	notice	[34]: <0x0x56022be8e750[WOHttpAdaptor]> notified the watchdog that we are ready
14/02/2018, 14:10:10	notice	[9]: <0x0x56022be246e0[WOWatchDog]> child spawned with pid 35
14/02/2018, 14:10:10	notice	[9]: <0x0x56022be246e0[WOWatchDog]> child spawned with pid 34
14/02/2018, 14:10:10	notice	[9]: <0x0x56022be246e0[WOWatchDog]> child spawned with pid 33
14/02/2018, 14:10:10	notice	[9]: <0x0x56022be246e0[WOWatchDog]> child spawned with pid 32
14/02/2018, 14:10:10	notice	[9]: <0x0x56022be246e0[WOWatchDog]> child spawned with pid 31
14/02/2018, 14:10:10	notice	[9]: <0x0x56022be246e0[WOWatchDog]> child spawned with pid 30
14/02/2018, 14:10:10	notice	[9]: <0x0x56022be246e0[WOWatchDog]> child spawned with pid 29
14/02/2018, 14:10:10	notice	[9]: <0x0x56022be246e0[WOWatchDog]> preparing 7 children
14/02/2018, 14:10:10	notice	[9]: <0x0x7fbba74a0da0[WOWatchDogChild]> watchdog request timeout set to 10 minutes
14/02/2018, 14:10:10	notice	[9]: <0x0x56022be246e0[WOWatchDog]> watchdog process pid: 9
14/02/2018, 14:10:10	notice	[9]: <0x0x56022be246e0[WOWatchDog]> listening on 0.0.0.0:20000
14/02/2018, 14:10:10	notice	[9]: All products loaded - current memory usage at 273 MB
14/02/2018, 14:10:10	notice	[9]: <0x0x56022bd26ad0[SOGoProductLoader]> PreferencesUI.SOGo, SchedulerUI.SOGo, MainUI.SOGo, AdministrationUI.SOGo, Mailer.SOGo, Appointments.SOGo, CommonUI.SOGo, ActiveSync.SOGo, MailerUI.SOGo, MailPartViewers.SOGo, Contacts.SOGo, ContactsUI.SOGo
14/02/2018, 14:10:10	notice	[9]: <0x0x56022bd26ad0[SOGoProductLoader]> SOGo products loaded from '/usr/lib/GNUstep/SOGo':
14/02/2018, 14:10:10	notice	[9]: vmem size check enabled: shutting down app when vmem > 384 MB. Currently at 205 MB
14/02/2018, 14:10:10	notice	[9]: version 3.2.10 (build @shiva.inverse 201801290300) -- starting
14/02/2018, 12:39:08	notice	[9]: <0x0x55bf6c6fad80[WOWatchDog]> all children exited. We now terminate.
14/02/2018, 12:39:08	notice	[9]: <0x0x55bf6c6e1d80[WOWatchDogChild]> child 32 exited
14/02/2018, 12:39:08	notice	[9]: <0x0x55bf6c6fad80[WOWatchDog]> Terminating with SIGINT or SIGTERM
14/02/2018, 12:39:08	notice	[9]: <0x0x55bf6c6e1a00[WOWatchDogChild]> child 31 exited
14/02/2018, 12:39:08	notice	[9]: <0x0x55bf6c6fad80[WOWatchDog]> Terminating with SIGINT or SIGTERM
14/02/2018, 12:39:08	notice	[9]: <0x0x55bf6c6e2220[WOWatchDogChild]> child 33 exited
14/02/2018, 12:39:08	notice	[9]: <0x0x55bf6c6e18e0[WOWatchDogChild]> child 30 exited
14/02/2018, 12:39:08	notice	[9]: <0x0x55bf6c6e17c0[WOWatchDogChild]> child 29 exited
--	--	--
14/02/2018, 12:39:08	notice	[9]: <0x0x55bf6c6e11f0[WOWatchDogChild]> child 28 exited
14/02/2018, 12:39:08	notice	[9]: <0x0x55bf6c6e89d0[WOWatchDogChild]> child 27 exited
14/02/2018, 12:39:08	notice	[9]: <0x0x55bf6c6e89d0[WOWatchDogChild]> sending terminate signal to pid 27
14/02/2018, 12:39:08	notice	[9]: <0x0x55bf6c6e11f0[WOWatchDogChild]> sending terminate signal to pid 28
14/02/2018, 12:39:08	notice	[9]: <0x0x55bf6c6e17c0[WOWatchDogChild]> sending terminate signal to pid 29
14/02/2018, 12:39:08	notice	[9]: <0x0x55bf6c6e18e0[WOWatchDogChild]> sending terminate signal to pid 30
14/02/2018, 12:39:08	notice	[9]: <0x0x55bf6c6e1a00[WOWatchDogChild]> sending terminate signal to pid 31
14/02/2018, 12:39:08	notice	[9]: <0x0x55bf6c6e1d80[WOWatchDogChild]> sending terminate signal to pid 32
14/02/2018, 12:39:08	notice	[9]: <0x0x55bf6c6e2220[WOWatchDogChild]> sending terminate signal to pid 33
14/02/2018, 12:39:08	notice	[9]: <0x0x55bf6c6fad80[WOWatchDog]> Terminating with SIGINT or SIGTERM
14/02/2018, 12:36:42	notice	[32]: 192.168.11.102 "GET /SOGo/so/ HTTP/1.0" 200 7193/0 0.015 26592 72% 0
14/02/2018, 12:36:42	notice	[32]: 192.168.11.102 "GET /SOGo/so/jake@test.com/logoff HTTP/1.0" 302 0/0 1.424 - - 0
14/02/2018, 12:36:41	notice	[33]: 192.168.11.102 "POST /SOGo/so/jake@test.com/Mail/0/folderINBOX/expunge HTTP/1.0" 200 53/0 0.362 - - 0
14/02/2018, 12:36:40	notice	[33]: <0x0x55bf6cab33f0[NGImap4Client]> TLS started successfully.
14/02/2018, 12:36:40	notice	[32]: SOGoUserHomePage user 'jake@test.com' logged off
14/02/2018, 12:36:38	notice	[33]: 192.168.11.102 "POST /SOGo/so/jake@test.com/Mail/unseenCount HTTP/1.0" 200 21/31 0.342 - - 0
14/02/2018, 12:36:37	notice	[33]: <0x0x55bf6c4ab6a0[NGImap4Client]> TLS started successfully.
14/02/2018, 12:36:37	notice	[33]: 192.168.11.102 "POST /SOGo/so/jake@test.com/Mail/0/folderINBOX/view HTTP/1.0" 200 259/48 0.377 - - 584K
14/02/2018, 12:36:37	notice	[33]: <0x0x55bf6c4ab6a0[NGImap4Client]> TLS started successfully.
14/02/2018, 12:36:37	notice	[33]: 192.168.11.102 "GET /SOGo/so/jake@test.com/Mail/0/view HTTP/1.0" 200 932/0 8.358 - - 3M
14/02/2018, 12:36:36	notice	[33]: <0x0x55bf6ca1f6d0[NGImap4Client]> TLS started successfully.
14/02/2018, 12:36:28	notice	[32]: 192.168.11.102 "GET /SOGo/so/jake@test.com/Calendar/alarmslist?browserTime=1518611788 HTTP/1.0" 200 63/0 0.037 - - 476K
14/02/2018, 12:36:28	notice	[33]: <0x0x55bf6c4b82f0[SOGoCache]> Using host(s) 'memcached' as server(s)
14/02/2018, 12:36:28	notice	[33]: <0x0x55bf6c4b82f0[SOGoCache]> Cache cleanup interval set every 900.000000 seconds
14/02/2018, 12:36:28	notice	[32]: 192.168.11.102 "GET /SOGo/so/jake@test.com/Mail/view HTTP/1.0" 200 17786/0 0.151 76184 76% 2M
14/02/2018, 12:36:28	notice	[32]: 192.168.11.102 "GET /SOGo/so/jake@test.com/Mail HTTP/1.0" 302 0/0 0.002 - - 0
14/02/2018, 12:36:28	notice	[32]: 192.168.11.102 "GET /SOGo/jake%40test.com/view HTTP/1.0" 302 0/0 0.012 - - 0M
14/02/2018, 12:36:27	notice	[32]: 192.168.11.102 "GET /SOGo/jake%40test.com HTTP/1.0" 302 0/0 0.003 - - 0
14/02/2018, 12:36:26	notice	[32]: 192.168.11.102 "POST /SOGo/connect HTTP/1.0" 200 41/64 0.035 - - 0

Dovecot Logs:

14/02/2018, 12:36:41	info	imap(jake@test.com): Logged out in=147 out=1591
14/02/2018, 12:36:38	info	imap(jake@test.com): Logged out in=146 out=1480
14/02/2018, 12:36:37	info	imap(jake@test.com): Logged out in=220 out=1652
14/02/2018, 12:36:37	info	imap(jake@test.com): Logged out in=155 out=1587
14/02/2018, 12:36:36	info	ssl-params: SSL parameters regeneration completed
14/02/2018, 12:36:07	info	ssl-params: Generating SSL parameters
14/02/2018, 12:36:07	info	master: Dovecot v2.2.33.2 (d6601f4ec) starting up for imap, sieve, lmtp, pop3
14/02/2018, 12:35:42	info	ssl-params: SSL parameters regeneration completed
14/02/2018, 12:34:56	info	ssl-params: Generating SSL parameters
14/02/2018, 12:29:24	info	imap(jake@test.com): Logged out in=146 out=1480
14/02/2018, 12:29:23	info	imap(jake@test.com): Logged out in=220 out=1652
14/02/2018, 12:29:23	info	imap(jake@test.com): Logged out in=155 out=1595
14/02/2018, 12:29:00	info	ssl-params: SSL parameters regeneration completed
14/02/2018, 12:28:52	info	ssl-params: Generating SSL parameters
14/02/2018, 12:23:16	info	imap(jake@test.com): Logged out in=146 out=1480
14/02/2018, 12:23:16	info	imap(jake@test.com): Logged out in=220 out=1652
14/02/2018, 12:23:15	info	imap(jake@test.com): Logged out in=155 out=1587
14/02/2018, 12:23:15	info	imap(jake@test.com): Logged out in=147 out=1599
14/02/2018, 12:16:25	info	imap(jake@test.com): Logged out in=146 out=1480
14/02/2018, 12:16:25	info	imap(jake@test.com): Logged out in=220 out=1652
14/02/2018, 12:16:24	info	imap(jake@test.com): Logged out in=155 out=1587
14/02/2018, 12:16:09	info	imap(jake@test.com): Logged out in=147 out=1591
14/02/2018, 12:16:08	info	imap(jake@test.com): Logged out in=146 out=1480
14/02/2018, 12:16:07	info	imap(jake@test.com): Logged out in=220 out=1652
14/02/2018, 12:16:07	info	imap(jake@test.com): Logged out in=155 out=1595
14/02/2018, 12:14:52	info	imap(jake@test.com): Logged out in=146 out=1480
14/02/2018, 12:14:52	info	imap(jake@test.com): Logged out in=220 out=1652
14/02/2018, 12:14:52	info	imap(jake@test.com): Logged out in=155 out=1587
14/02/2018, 12:13:10	info	ssl-params: SSL parameters regeneration completed
14/02/2018, 12:12:26	info	ssl-params: Generating SSL parameters
14/02/2018, 12:12:26	info	master: Dovecot v2.2.33.2 (d6601f4ec) starting up for imap, sieve, lmtp, pop3
--	--	--
14/02/2018, 12:11:39	info	ssl-params: SSL parameters regeneration completed
14/02/2018, 12:10:07	info	ssl-params: Generating SSL parameters

[hogesar]

Further to this:

1. We have a 1&1 domain secured with an ssl
2. This forwards to our external ip
3. The external IP points to an internal server which has an apache reverse proxy over to another internal server (a virtual box running on the same server, to be precise).

We cannot log in via https://mail2.tactile-solutions.co.uk/SOGo . The authentication fails immediately (no delay). We get a forbidden and /connect request responds with "{"LDAPPasswordPolicyError": 65535}". There is no log in the sogo logs.

HOWEVER, if we go non-https and navigate to the virtual box running sogo via http://192.1**.**.**/SOGo/ we can log in fine, and everything works. In addition, i've noticed the titles for the login page are different. Navigating to internal IP the page title is "SOGo Groupware". Navigating to it via mail2.tactile the page title is simply "SOGo". So it must be doing something different?

[andryyy]

Can you post your reverse proxy settings?

Furthermore you'd need to pass the real connecting IPs to Postfix. You should be using proxy protocol then as NAT does not pass the users real IP.

[stale]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.