1. First, you need to have sogod running without any complaints in /var/log/sogo/sogo.log 2. You have to check /var/log/apache2/webmail-ssl-error_log and make sure there are no fatal errors.
If you'd like to be hand-held to get this running, feel free to contact me at odhiambo at gmail dot com. I can spare some minutes to help you look at your server. On Thu, Nov 2, 2023 at 4:57 AM "alain25" <users@sogo.nu> wrote: > Hello, > I still have a 501 error despite the changes: > > 1) please attach your current /etc/sogo/sogo.conf file _complete_ > (passwords censored of course) > > { > // > // - Official SOGo document: > http://sogo.nu/support/index.html#/documentation > // - Mailing list: http://sogo.nu/support/index.html#/community > // > > // Daemon address and port > WOPort = 127.0.0.1:20000; > > // PID file > //WOPidFile = /var/run/sogo/sogo.pid; > > // Log file > WOLogFile = /var/log/sogo/sogo.log; > > // Enable verbose logging. Reference: > // > http://www.sogo.nu/nc/support/faq/article/how-to-enable-more-verbose-logging-in-sogo.html > //SOGoDebugRequests = YES; > //SOGoEASDebugEnabled = YES; > //ImapDebugEnabled = YES; > //LDAPDebugEnabled = YES; > //MySQL4DebugEnabled = YES; > //PGDebugEnabled = YES; > > // Define the URL to online help for SOGo. When set, an additional icon > // will appear near the logout button in SOGo's web interface. The URL > // will always be open in a blank target. > //SOGoHelpURL = ''; > > // set the maximum allowed size for content being sent to SOGo, this > can > // also limit the file attachment size being uploaded to SOGo when > // composing a mail. > // The value is in kilobyte. Default is 0 or disabled (unlimit). > WOMaxUploadSize = 15360; > > // Parameter used to set the maximum allowed email message size when > // composing a mail. > // The value is in kilobytes. By default, the value is 0, or disabled > so > // no limit will be set. > SOGoMaximumMessageSizeLimit = 15360; > > // Performance Tuning > // > // The amount of instances of SOGo that will be spawned to handle > multiple > // requests simultaneously. When started from the init script, that > amount > // is overriden by the `PREFORK=` setting in /etc/sysconfig/sogo or > // /etc/default/sogo. A value of 3 is a reasonable default for low > usage. > // The maximum value depends on the CPU and IO power provided by your > // machine: a value set too high will actually decrease performances > under > // high load. > // > // You should have at least one child per EAS device configured to use > // "push". You must also have more children than you have EAS devices > // configured to use "push" - in order to handle normal SOGo requests > to > // its Web or DAV interfaces. > // > // Defaults to 1 when unset, increase it if you see below error > message in > // sogo log file: 'No child available to handle incoming request' > // > // WARNING: > // - on RHEL/CentOS, this setting is controlled by parameter > // 'PREFORK=' defined in /etc/sysconfig/sogo. > // - on Debian/Ubuntu, this setting is controlled by parameter > // 'PREFORK=' defined in /etc/default/sogo. > WOWorkersCount = 10; > > // Parameter used to set the maximum amount of time, in seconds, SOGo > will > // wait before replying to a Ping command. > // If not set, it defaults to 10 seconds. > SOGoMaximumPingInterval = 3540; > > // Parameter used to set the maximum amount of time, in seconds, SOGo > will > // wait before replying to a Sync command. > // If not set, it defaults to 30 seconds. > SOGoMaximumSyncInterval = 3540; > > // Parameter used to set the maximum amount of time, in seconds, SOGo > will > // wait before doing an internal check for data changes (add, delete, > and > // update). This parameter must be lower than SOGoMaximumSyncInterval > and > // SOGoMaximumPingInterval. > // If not set, it defaults to 10 seconds. > SOGoInternalSyncInterval = 30; > > // Specifies the number of minutes after which a busy child process > will be > // killed by the parent process. > // Defaults to 10 (minutes). > WOWatchDogRequestTimeout = 61; > > // Overwrite the maximum number of items returned during a Sync > operation. > // Defaults to 0, which means no overwrite is performed. > // Setting this parameter to a value greater than 512 will have > unexpected > // behaviour with various ActiveSync clients. > //SOGoMaximumSyncWindowSize = 100; > > // Overwrite the maximum response size during a Sync operation. > // The value is in kilobytes. Setting this to 512 means the response > size > // will be of 524288 bytes or less (or a bit greater if needed for > syncing > // one item). Note that if you set the value too low and a mail message > // (or any other object like calendar events, tasks and contacts) > surpasses > // it, it will still be synced but only this item will be. > // Defaults to 0, which means no overwrite is performed. > // > // Say you have these five mails and you set the limit to 512KB: > // 1. 250 KB > // 2. 250 KB > // 3. 25 KB > // 4. 750 KB > // 5. 10 KB > // Sync iteration no. 1 will pick message 1, 2 and 3. > // Sync iteration no. 2 will pick message 4. > // Sync iteration no. 3 will pick message 5. > SOGoMaximumSyncResponseSize = 2048; > > // The maximum amount of memory (in megabytes) that a child can use. > // Reaching that value will force children processes to restart, in > order > // to preserve system memory. > // > // Error message when it reaches the value: > // "terminating app, vMem size limit (xxx MB) has been reached > (currently xxx MB)" > // > // Defaults to 384. > SxVMemLimit = 500; > > // Enable XSRF (also known as CSRF) protection. > SOGoXSRFValidationEnabled = YES; > > // IMAP connection pool. > // Your performance will slightly increase, as you won't open a new > // connection for every access to your IMAP server. > // But you will get a lot of simultaneous open connections to your IMAP > // server, so make sure he can handle them. > // For debugging it is reasonable to turn pooling off. > NGImap4DisableIMAP4Pooling = NO; > > SOGoProfileURL = "mysql:// > userDB:Password@192.168.10.250:3306/sogo/sogo_user_profile"; > OCSFolderInfoURL = "mysql:// > userDB:Password@192.168.10.250:3306/sogo/sogo_folder_info"; > OCSSessionsFolderURL = "mysql:// > userDB:Password@192.168.10.250:3306/sogo/sogo_sessions_folder"; > OCSEMailAlarmsFolderURL = "mysql:// > userDB:Password@192.168.10.250:3306/sogosogo_alarms_folder"; > > // With 3 parameters below, SOGo requires only 9 SQL tables in total > // instead of creating 4 SQL tables for each user. > > OCSCacheFolderURL = "mysql:// > userDB:Password@192.168.10.250:3306/sogo/sogo_cache_folder"; > OCSStoreURL = "mysql:// > userDB:Password@192.168.10.250:3306/sogo/sogo_store"; > OCSAclURL = "mysql://userDB:Password@192.168.10.250:3306/sogo/sogo_acl > "; > > // Default language in the web interface > SOGoLanguage = English; > > // Specify which module to show after login: Calendar, Mail, Contacts. > SOGoLoginModule = Mail; > > // Must login with full email address > SOGoForceExternalLoginWithEmail = YES; > > // Allow user to change full name and email address. > SOGoMailCustomFromEnabled = NO; > > // IMAP server > // Local connection is considered as secure by Dovecot, so 'imap://' > is fine. > // With remote IMAP server, use 'imaps://127.0.0.1:143/?tls=YES' > instead; > SOGoIMAPServer = "imap:// > 127.0.0.1:143/?tls=YES&tlsVerifyMode=allowInsecureLocalhost"; > > // Allow user to add other IMAP accounts that will be visible from the > SOGo > // Webmail interface. > // Default is NO. > //SOGoMailAuxiliaryUserAccountsEnabled = YES; > > // SMTP server > SOGoSMTPServer = "smtp:// > 127.0.0.1:587/?tls=YES&tlsVerifyMode=allowInsecureLocalhost"; > SOGoMailingMechanism = smtp; > SOGoSMTPAuthenticationType = PLAIN; > > // Enable managesieve service > // > // WARNING: Sieve scripts generated by SOGo is not compatible with > Roundcube > // webmail, don't use sieve service in both webmails, > otherwise > // it will be messy. > // FYI: > https://docs.iredmail.org/why.no.sieve.support.in.sogo.html > // > //SOGoSieveServer = "sieve:// > 127.0.0.1:4190/?tls=YES&tlsVerifyMode=allowInsecureLocalhost"; > //SOGoSieveScriptsEnabled = YES; > //SOGoVacationEnabled = YES; > //SOGoForwardEnabled = YES; > SOGoSieveFolderEncoding = UTF-8; > > // Memcached > SOGoMemcachedHost = 127.0.0.1; > > // Parameter used to set which usernames require administrative > privileges > // over all the users tables. For example, this could be used to post > // events in the users calendar without requiring the user to configure > // his/her ACLs. In this case you will need to specify those > superuser's > // usernames like this : > // SOGoSuperUsernames = (<username1>[,<username2>, ...]); > //SOGoSuperUsernames = (); > > SOGoTimeZone = "Africa/Nairobi"; > > SOGoFirstDayOfWeek = 1; > > SOGoRefreshViewCheck = every_5_minutes; > SOGoMailReplyPlacement = below; > > // Disable gravatar > SOGoExternalAvatarsEnabled = NO; > SOGoGravatarEnabled = NO; > > // Control WebDAV access to the Calendar / Contacts collections. > // This can be used to deny access to these resources from Thunderbird > // Lightning for example. > // Defaults to YES when unset. > //SOGoCalendarDAVAccessEnabled = NO; > //SOGoAddressBookDAVAccessEnabled = NO; > > // Allow users to share publicly (ie., requiring not authentication) > their > // calendars and address books. > // Defaults to NO when unset. > //SOGoEnablePublicAccess = YES; > > // > // Notifications > // > // Enable email-based alarms on events and tasks. > SOGoEnableEMailAlarms = YES; > > // Notify meeting participants > SOGoAppointmentSendEMailNotifications = YES; > > // Notify if a calendar or an address book has been created. > SOGoFoldersSendEMailNotifications = NO; > > // Notify involved users of a calendar or address book's ACLs. > SOGoACLsSendEMailNotifications = YES; > > // Notify when a modification is being done to his/her own calendar by > someone else. > SOGoNotifyOnExternalModifications = YES; > > SOGoPasswordChangeEnabled = YES; > > // Authentication using SQL > > SOGoUserSources = ( > { > type = sql; > id = users; > viewURL = "mysql:// > userDB:Password@192.168.10.250:3306/sogo/users"; > canAuthenticate = YES; > > // The algorithm used for password encryption when changing > // passwords without Password Policies enabled. > // Possible values are: plain, crypt, md5-crypt, ssha, ssha512. > userPasswordAlgorithm = ssha512; > prependPasswordScheme = YES; > > // Use `vmail.mailbox` as per-domain address book. > isAddressBook = YES; > displayName = "Domain Address Book"; > SOGoEnableDomainBasedUID = YES; > DomainFieldName = "domain"; > > // Listing of this LDAP source is only possible when > performing a > // search (respecting the SOGoSearchMinimumWordLength > parameter) > // or when explicitely typing a single dot. > // Defaults to YES when unset. > // > // WARNING: if you have many accounts in this address book, it > may > // reach server-side query size limit, or cause > // performance issue. > listRequiresDot = NO; > > ModulesConstraints = { > Mail = { c_webmail = y; }; > Calendar = { c_calendar = y; }; > ActiveSync = { c_activesync = y; }; > }; > }, > > //{ > // displayName = "Global Address Book"; > // type = sql; > // id = global_address_book; > // viewURL = "mysql://sogo:PASSWORD@127.0.0.1:3306/sogo/users"; > // canAuthenticate = NO; > // isAddressBook = YES; > // listRequiresDot = NO; > // SOGoEnableDomainBasedUID = YES; > // DomainFieldName = "domain"; > //}, > > // Display mailing aliases in address book. > // You need to create SQL view 'sogo.aliases' first. > // > // For MySQL: > // > // CREATE VIEW sogo.aliases (c_uid, c_name, c_password, c_cn, > mail, domain) > // AS SELECT address, name, '', name, address, domain > // FROM vmail.alias WHERE active=1; > // > //{ > // displayName = "Mailing Lists"; > // type = sql; > // id = aliases; > // viewURL = "mysql://sogo:PASSWORD@127.0.0.1:3306/sogo/aliases > "; > // canAuthenticate = NO; > // isAddressBook = YES; > // listRequiresDot = NO; > // SOGoEnableDomainBasedUID = YES; > // DomainFieldName = "domain"; > //}, > ); > > > // Authentication using LDAP > /* LDAP backend > SOGoUserSources = ( > { > // Used for user authentication > type = ldap; > id = users; > canAuthenticate = YES; > isAddressBook = NO; > displayName = "LDAP Authentication"; > > hostname = "PH_LDAP_URI"; > baseDN = "domainName=%d,PH_LDAP_BASEDN"; > bindDN = "PH_LDAP_BINDDN"; > bindPassword = "PH_LDAP_BINDPW"; > filter = "objectClass=mailUser AND accountStatus=active AND > enabledService=mail AND enabledService=sogo"; > scope = SUB; > > // always keep binding to the LDAP server using the DN of the > // currently authenticated user. bindDN and bindPassword are > still > // required to find DN of the user. > // Note: with default LDAP acl configured by iRedMail, user > doesn't > // have privilege to query PH_LDAP_BASEDN. > // so this doesn't work. > bindAsCurrentUser = YES; > > // The algorithm used for password encryption when changing > // passwords without Password Policies enabled. > // Possible values are: plain, crypt, md5-crypt, ssha, ssha512. > userPasswordAlgorithm = ssha512; > > CNFieldName = cn; > IDFieldName = mail; > // value of UIDFieldName must be unique on entire server > UIDFieldName = mail; > IMAPLoginFieldName = mail; > MailFieldNames = (mail); > bindFields = (mail); > > ModulesConstraints = { > Mail = { enabledService = sogowebmail; }; > Calendar = { enabledService = sogocalendar; }; > ActiveSync = { enabledService = sogoactivesync; }; > }; > > GroupObjectClasses = ( > "mailList", > "group", > "groupOfNames", > "groupOfUniqueNames", > "posixgroup" > ); > }, > { > // Used for global address book > type = ldap; > id = global_addressbook; > canAuthenticate = NO; > isAddressBook = YES; > displayName = "Global Address Book"; > bindAsCurrentUser = YES; > > // Listing of this LDAP source is only possible when > performing a > // search (respecting the SOGoSearchMinimumWordLength > parameter) > // or when explicitely typing a single dot. > // Defaults to YES when unset. > // > // WARNING: if you have many accounts in this address book, it > may > // reach server-side query size limit, or cause > // performance issue. > listRequiresDot = NO; > > hostname = "PH_LDAP_URI"; > baseDN = "domainName=%d,PH_LDAP_BASEDN"; > bindDN = "PH_LDAP_BINDDN"; > bindPassword = "PH_LDAP_BINDPW"; > filter = "((enabledService=mail AND accountStatus=active AND > enabledService=displayedInGlobalAddressBook) AND ((objectClass=mailUser AND > enabledService=sogo) OR (objectClass=mailList) OR > (objectClass=mailAlias)))"; > scope = SUB; > > IDFieldName = mail; > bindFields = (mail); > // value of UID field must be unique on whole server. > UIDFieldName = mail; > IMAPLoginFieldName = mail; > > CNFieldName = cn; > SearchFieldNames = (cn, sn, displayName, telephoneNumber, > mail, shadowAddress, departmentNumber); > > // Resources management (Free/Busy) > // Reference: > https://docs.iredmail.org/sogo.manage.resources.html > KindFieldName = "Kind"; > MultipleBookingsFieldName = "MultipleBookings"; > } > ); > LDAP backend */ > } > > > > 2) please attach your _complete_ Apache vHost config file(s) from > /etc/apache2/sites-available that is/are currently enabled (and therefore > linked to /etc/apache2/sites-enabled) > > # Webmail Interface > <VirtualHost *:80> > ServerAdmin ad...@davenet.fr > ServerName webmail.davenet.fr > ErrorLog /var/log/apache2/webmail-ssl-error_log > CustomLog /var/log/apache2/webmail-ssl-access_log common > LogLevel warn > > #SOGo > > Alias /SOGo.woa/WebServerResources/ \ > /usr/lib/GNUstep/SOGo/WebServerResources/ > Alias /SOGo/WebServerResources/ \ > /usr/lib/GNUstep/SOGo/WebServerResources/ > > <Directory /usr/lib/GNUstep/SOGo/> > AllowOverride None > > <IfVersion < 2.4> > Order deny,allow > Allow from all > </IfVersion> > <IfVersion >= 2.4> > Require all granted > </IfVersion> > > # Explicitly allow caching of static content to avoid browser specific > behavior. > # A resource's URL MUST change in order to have the client load the > new version. > <IfModule expires_module> > ExpiresActive On > ExpiresDefault "access plus 1 year" > </IfModule> > </Directory> > > ## Uncomment the following to enable proxy-side authentication, you will > then > ## need to set the "SOGoTrustProxyAuthentication" SOGo user default to YES > and > ## adjust the "x-webobjects-remote-user" proxy header in the "Proxy" > section > ## below. > # > ## For full proxy-side authentication: > #<Location /SOGo> > # AuthType XXX > # Require valid-user > # SetEnv proxy-nokeepalive 1 > # Allow from all > #</Location> > # > ## For proxy-side authentication only for CardDAV and GroupDAV from > external > ## clients: > #<Location /SOGo/dav> > # AuthType XXX > # Require valid-user > # SetEnv proxy-nokeepalive 1 > # Allow from all > #</Location> > > ProxyRequests Off > SetEnv proxy-nokeepalive 1 > ProxyPreserveHost On > > # When using CAS, you should uncomment this and install > cas-proxy-validate.py > # in /usr/lib/cgi-bin to reduce server overloading > # > # ProxyPass /SOGo/casProxy http://localhost/cgi-bin/cas-proxy-validate.py > # <Proxy http://localhost/app/cas-proxy-validate.py> > # Order deny,allow > # Allow from your-cas-host-addr > # </Proxy> > > # Redirect / to /SOGo > RedirectMatch ^/$ https://webmail.davenet.fr/SOGo > > # Enable to use Microsoft ActiveSync support > # Note that you MUST have many sogod workers to use ActiveSync. > # See the SOGo Installation and Configuration guide for more details. > # > ProxyPass /Microsoft-Server-ActiveSync \ > http://127.0.0.1:20000/SOGo/Microsoft-Server-ActiveSync \ > retry=60 connectiontimeout=5 timeout=360 > > ProxyPass /SOGo http://127.0.0.1:20000/SOGo retry=0 > > <Proxy http://127.0.0.1:20000/SOGo> > ## Adjust the following to your configuration > ## and make sure to enable the headers module > <IfModule headers_module> > #RequestHeader set "x-webobjects-server-port" "443" > #SetEnvIf Host (.*) HTTP_HOST=$1 > #RequestHeader set "x-webobjects-server-name" "%{HTTP_HOST}e" > env=HTTP_HOST > #RequestHeader set "x-webobjects-server-url" "https://%{HTTP_HOST}e" > env=HTTP_HOST > > RequestHeader set "x-webobjects-server-port" "443" > RequestHeader set "x-webobjects-server-name" "webmail.davenet.fr" > RequestHeader set "x-webobjects-server-url" "https://webmail.davenet.fr" > > ## When using proxy-side autentication, you need to uncomment and > ## adjust the following line: > RequestHeader unset "x-webobjects-remote-user" > # RequestHeader set "x-webobjects-remote-user" "%{REMOTE_USER}e" > env=REMOTE_USER > > RequestHeader set "x-webobjects-server-protocol" "HTTP/1.0" > </IfModule> > > AddDefaultCharset UTF-8 > > Order allow,deny > Allow from all > </Proxy> > > # For Apple autoconfiguration > <IfModule rewrite_module> > RewriteEngine On > RewriteRule ^/.well-known/caldav/?$ /SOGo/dav [R=301] > RewriteRule ^/.well-known/carddav/?$ /SOGo/dav [R=301] > </IfModule> > > RewriteEngine on > RewriteCond %{SERVER_NAME} =webmail.davenet.fr > RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent] > AddDefaultCharset Off > </VirtualHost> > > # > > > 3) attach the output of /var/log/sogo/sogo.log, in particular the lines > after a restart of sogod > > > root@webmail:/etc/apache2/sites-available# systemctl restart sogo > root@webmail:/etc/apache2/sites-available# tail -f /var/log/sogo/sogo.log > Oct 31 16:14:55 sogod [39263]: <0x0x55fc5b2a8820[WOWatchDog]> preparing 3 > children > Oct 31 16:14:55 sogod [39263]: <0x0x55fc5b2a8820[WOWatchDog]> child > spawned with pid 39265 > Oct 31 16:14:55 sogod [39263]: <0x0x55fc5b2a8820[WOWatchDog]> child > spawned with pid 39266 > Oct 31 16:14:55 sogod [39263]: <0x0x55fc5b2a8820[WOWatchDog]> child > spawned with pid 39267 > 2023-10-31 16:14:55.311 sogod[39265:39265] ERROR(+[GCSFolderManager > defaultFolderManager]): default 'OCSFolderInfoURL' is not a valid URL: > 'mysql://userDB:Password@192.168.10.250:3306/sogo/sogo_folder_info' > Oct 31 16:14:55 sogod [39265]: <0x0x55fc5b483f20[WOHttpAdaptor]> notified > the watchdog that we are ready > Oct 31 16:33:22 sogod [39267]: [WARN] <0x0x7f54c54e1f60[WOxElemBuilder]> > could not locate builders: WOxExtElemBuilder,WOxExtElemBuilder > 2023-10-31 16:33:22.482 sogod[39267:39267] EXCEPTION: <NSException: > 0x55fc5b6aa2f0> NAME:NSInvalidArgumentException REASON:Tried to add nil > value for key 'users' to dictionary INFO:{} > > Do you have a solution for this error? > > Thanks > Alain > > ____________________________________________ > Le Mardi, Octobre 31, 2023 10:51 CET, "Markus Winkler" (m...@irmawi.de) < > users@sogo.nu> a écrit: > > > Hello Alain, > > > > On 30.10.23 23:01, "alain25" (s...@osnetworking.com) wrote: > > > I always get a 501 error > > > > 1) please attach your _complete_ current /etc/sogo/sogo.conf (censored > > passwords of course) > > > > 2) please attach your _complete_ Apache vHost config file(s) from > > /etc/apache2/sites-available which is/are currently activated (and so > > linked to /etc/apache2/sites-enabled) > > > > 3) please attach the output of /var/log/sogo/sogo.log, especially the > lines > > after a restart of the sogod > > > > Without these essential information it's quite impossible to help. > > > > Thanks and regards > > Markus > > > > > -- > Merci > > -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254 7 3200 0004/+254 7 2274 3223 "Oh, the cruft.", egrep -v '^$|^.*#' ¯\_(ツ)_/¯ :-) [How to ask smart questions: http://www.catb.org/~esr/faqs/smart-questions.html]