1. First, you need to have sogod running without any complaints in
/var/log/sogo/sogo.log
2. You have to check /var/log/apache2/webmail-ssl-error_log and make sure
there are no fatal errors.
If you'd like to be hand-held to get this running, feel free to contact me
at odhiambo at gmail dot com. I can spare some minutes to help you look at
your server.
On Thu, Nov 2, 2023 at 4:57 AM "alain25" <users@sogo.nu> wrote:
> Hello,
> I still have a 501 error despite the changes:
>
> 1) please attach your current /etc/sogo/sogo.conf file _complete_
> (passwords censored of course)
>
> {
> //
> // - Official SOGo document:
> http://sogo.nu/support/index.html#/documentation
> // - Mailing list: http://sogo.nu/support/index.html#/community
> //
>
> // Daemon address and port
> WOPort = 127.0.0.1:20000;
>
> // PID file
> //WOPidFile = /var/run/sogo/sogo.pid;
>
> // Log file
> WOLogFile = /var/log/sogo/sogo.log;
>
> // Enable verbose logging. Reference:
> //
> http://www.sogo.nu/nc/support/faq/article/how-to-enable-more-verbose-logging-in-sogo.html
> //SOGoDebugRequests = YES;
> //SOGoEASDebugEnabled = YES;
> //ImapDebugEnabled = YES;
> //LDAPDebugEnabled = YES;
> //MySQL4DebugEnabled = YES;
> //PGDebugEnabled = YES;
>
> // Define the URL to online help for SOGo. When set, an additional icon
> // will appear near the logout button in SOGo's web interface. The URL
> // will always be open in a blank target.
> //SOGoHelpURL = '';
>
> // set the maximum allowed size for content being sent to SOGo, this
> can
> // also limit the file attachment size being uploaded to SOGo when
> // composing a mail.
> // The value is in kilobyte. Default is 0 or disabled (unlimit).
> WOMaxUploadSize = 15360;
>
> // Parameter used to set the maximum allowed email message size when
> // composing a mail.
> // The value is in kilobytes. By default, the value is 0, or disabled
> so
> // no limit will be set.
> SOGoMaximumMessageSizeLimit = 15360;
>
> // Performance Tuning
> //
> // The amount of instances of SOGo that will be spawned to handle
> multiple
> // requests simultaneously. When started from the init script, that
> amount
> // is overriden by the `PREFORK=` setting in /etc/sysconfig/sogo or
> // /etc/default/sogo. A value of 3 is a reasonable default for low
> usage.
> // The maximum value depends on the CPU and IO power provided by your
> // machine: a value set too high will actually decrease performances
> under
> // high load.
> //
> // You should have at least one child per EAS device configured to use
> // "push". You must also have more children than you have EAS devices
> // configured to use "push" - in order to handle normal SOGo requests
> to
> // its Web or DAV interfaces.
> //
> // Defaults to 1 when unset, increase it if you see below error
> message in
> // sogo log file: 'No child available to handle incoming request'
> //
> // WARNING:
> // - on RHEL/CentOS, this setting is controlled by parameter
> // 'PREFORK=' defined in /etc/sysconfig/sogo.
> // - on Debian/Ubuntu, this setting is controlled by parameter
> // 'PREFORK=' defined in /etc/default/sogo.
> WOWorkersCount = 10;
>
> // Parameter used to set the maximum amount of time, in seconds, SOGo
> will
> // wait before replying to a Ping command.
> // If not set, it defaults to 10 seconds.
> SOGoMaximumPingInterval = 3540;
>
> // Parameter used to set the maximum amount of time, in seconds, SOGo
> will
> // wait before replying to a Sync command.
> // If not set, it defaults to 30 seconds.
> SOGoMaximumSyncInterval = 3540;
>
> // Parameter used to set the maximum amount of time, in seconds, SOGo
> will
> // wait before doing an internal check for data changes (add, delete,
> and
> // update). This parameter must be lower than SOGoMaximumSyncInterval
> and
> // SOGoMaximumPingInterval.
> // If not set, it defaults to 10 seconds.
> SOGoInternalSyncInterval = 30;
>
> // Specifies the number of minutes after which a busy child process
> will be
> // killed by the parent process.
> // Defaults to 10 (minutes).
> WOWatchDogRequestTimeout = 61;
>
> // Overwrite the maximum number of items returned during a Sync
> operation.
> // Defaults to 0, which means no overwrite is performed.
> // Setting this parameter to a value greater than 512 will have
> unexpected
> // behaviour with various ActiveSync clients.
> //SOGoMaximumSyncWindowSize = 100;
>
> // Overwrite the maximum response size during a Sync operation.
> // The value is in kilobytes. Setting this to 512 means the response
> size
> // will be of 524288 bytes or less (or a bit greater if needed for
> syncing
> // one item). Note that if you set the value too low and a mail message
> // (or any other object like calendar events, tasks and contacts)
> surpasses
> // it, it will still be synced but only this item will be.
> // Defaults to 0, which means no overwrite is performed.
> //
> // Say you have these five mails and you set the limit to 512KB:
> // 1. 250 KB
> // 2. 250 KB
> // 3. 25 KB
> // 4. 750 KB
> // 5. 10 KB
> // Sync iteration no. 1 will pick message 1, 2 and 3.
> // Sync iteration no. 2 will pick message 4.
> // Sync iteration no. 3 will pick message 5.
> SOGoMaximumSyncResponseSize = 2048;
>
> // The maximum amount of memory (in megabytes) that a child can use.
> // Reaching that value will force children processes to restart, in
> order
> // to preserve system memory.
> //
> // Error message when it reaches the value:
> // "terminating app, vMem size limit (xxx MB) has been reached
> (currently xxx MB)"
> //
> // Defaults to 384.
> SxVMemLimit = 500;
>
> // Enable XSRF (also known as CSRF) protection.
> SOGoXSRFValidationEnabled = YES;
>
> // IMAP connection pool.
> // Your performance will slightly increase, as you won't open a new
> // connection for every access to your IMAP server.
> // But you will get a lot of simultaneous open connections to your IMAP
> // server, so make sure he can handle them.
> // For debugging it is reasonable to turn pooling off.
> NGImap4DisableIMAP4Pooling = NO;
>
> SOGoProfileURL = "mysql://
> userDB:Password@192.168.10.250:3306/sogo/sogo_user_profile";
> OCSFolderInfoURL = "mysql://
> userDB:Password@192.168.10.250:3306/sogo/sogo_folder_info";
> OCSSessionsFolderURL = "mysql://
> userDB:Password@192.168.10.250:3306/sogo/sogo_sessions_folder";
> OCSEMailAlarmsFolderURL = "mysql://
> userDB:Password@192.168.10.250:3306/sogosogo_alarms_folder";
>
> // With 3 parameters below, SOGo requires only 9 SQL tables in total
> // instead of creating 4 SQL tables for each user.
>
> OCSCacheFolderURL = "mysql://
> userDB:Password@192.168.10.250:3306/sogo/sogo_cache_folder";
> OCSStoreURL = "mysql://
> userDB:Password@192.168.10.250:3306/sogo/sogo_store";
> OCSAclURL = "mysql://userDB:Password@192.168.10.250:3306/sogo/sogo_acl
> ";
>
> // Default language in the web interface
> SOGoLanguage = English;
>
> // Specify which module to show after login: Calendar, Mail, Contacts.
> SOGoLoginModule = Mail;
>
> // Must login with full email address
> SOGoForceExternalLoginWithEmail = YES;
>
> // Allow user to change full name and email address.
> SOGoMailCustomFromEnabled = NO;
>
> // IMAP server
> // Local connection is considered as secure by Dovecot, so 'imap://'
> is fine.
> // With remote IMAP server, use 'imaps://127.0.0.1:143/?tls=YES'
> instead;
> SOGoIMAPServer = "imap://
> 127.0.0.1:143/?tls=YES&tlsVerifyMode=allowInsecureLocalhost";
>
> // Allow user to add other IMAP accounts that will be visible from the
> SOGo
> // Webmail interface.
> // Default is NO.
> //SOGoMailAuxiliaryUserAccountsEnabled = YES;
>
> // SMTP server
> SOGoSMTPServer = "smtp://
> 127.0.0.1:587/?tls=YES&tlsVerifyMode=allowInsecureLocalhost";
> SOGoMailingMechanism = smtp;
> SOGoSMTPAuthenticationType = PLAIN;
>
> // Enable managesieve service
> //
> // WARNING: Sieve scripts generated by SOGo is not compatible with
> Roundcube
> // webmail, don't use sieve service in both webmails,
> otherwise
> // it will be messy.
> // FYI:
> https://docs.iredmail.org/why.no.sieve.support.in.sogo.html
> //
> //SOGoSieveServer = "sieve://
> 127.0.0.1:4190/?tls=YES&tlsVerifyMode=allowInsecureLocalhost";
> //SOGoSieveScriptsEnabled = YES;
> //SOGoVacationEnabled = YES;
> //SOGoForwardEnabled = YES;
> SOGoSieveFolderEncoding = UTF-8;
>
> // Memcached
> SOGoMemcachedHost = 127.0.0.1;
>
> // Parameter used to set which usernames require administrative
> privileges
> // over all the users tables. For example, this could be used to post
> // events in the users calendar without requiring the user to configure
> // his/her ACLs. In this case you will need to specify those
> superuser's
> // usernames like this :
> // SOGoSuperUsernames = (<username1>[,<username2>, ...]);
> //SOGoSuperUsernames = ();
>
> SOGoTimeZone = "Africa/Nairobi";
>
> SOGoFirstDayOfWeek = 1;
>
> SOGoRefreshViewCheck = every_5_minutes;
> SOGoMailReplyPlacement = below;
>
> // Disable gravatar
> SOGoExternalAvatarsEnabled = NO;
> SOGoGravatarEnabled = NO;
>
> // Control WebDAV access to the Calendar / Contacts collections.
> // This can be used to deny access to these resources from Thunderbird
> // Lightning for example.
> // Defaults to YES when unset.
> //SOGoCalendarDAVAccessEnabled = NO;
> //SOGoAddressBookDAVAccessEnabled = NO;
>
> // Allow users to share publicly (ie., requiring not authentication)
> their
> // calendars and address books.
> // Defaults to NO when unset.
> //SOGoEnablePublicAccess = YES;
>
> //
> // Notifications
> //
> // Enable email-based alarms on events and tasks.
> SOGoEnableEMailAlarms = YES;
>
> // Notify meeting participants
> SOGoAppointmentSendEMailNotifications = YES;
>
> // Notify if a calendar or an address book has been created.
> SOGoFoldersSendEMailNotifications = NO;
>
> // Notify involved users of a calendar or address book's ACLs.
> SOGoACLsSendEMailNotifications = YES;
>
> // Notify when a modification is being done to his/her own calendar by
> someone else.
> SOGoNotifyOnExternalModifications = YES;
>
> SOGoPasswordChangeEnabled = YES;
>
> // Authentication using SQL
>
> SOGoUserSources = (
> {
> type = sql;
> id = users;
> viewURL = "mysql://
> userDB:Password@192.168.10.250:3306/sogo/users";
> canAuthenticate = YES;
>
> // The algorithm used for password encryption when changing
> // passwords without Password Policies enabled.
> // Possible values are: plain, crypt, md5-crypt, ssha, ssha512.
> userPasswordAlgorithm = ssha512;
> prependPasswordScheme = YES;
>
> // Use `vmail.mailbox` as per-domain address book.
> isAddressBook = YES;
> displayName = "Domain Address Book";
> SOGoEnableDomainBasedUID = YES;
> DomainFieldName = "domain";
>
> // Listing of this LDAP source is only possible when
> performing a
> // search (respecting the SOGoSearchMinimumWordLength
> parameter)
> // or when explicitely typing a single dot.
> // Defaults to YES when unset.
> //
> // WARNING: if you have many accounts in this address book, it
> may
> // reach server-side query size limit, or cause
> // performance issue.
> listRequiresDot = NO;
>
> ModulesConstraints = {
> Mail = { c_webmail = y; };
> Calendar = { c_calendar = y; };
> ActiveSync = { c_activesync = y; };
> };
> },
>
> //{
> // displayName = "Global Address Book";
> // type = sql;
> // id = global_address_book;
> // viewURL = "mysql://sogo:PASSWORD@127.0.0.1:3306/sogo/users";
> // canAuthenticate = NO;
> // isAddressBook = YES;
> // listRequiresDot = NO;
> // SOGoEnableDomainBasedUID = YES;
> // DomainFieldName = "domain";
> //},
>
> // Display mailing aliases in address book.
> // You need to create SQL view 'sogo.aliases' first.
> //
> // For MySQL:
> //
> // CREATE VIEW sogo.aliases (c_uid, c_name, c_password, c_cn,
> mail, domain)
> // AS SELECT address, name, '', name, address, domain
> // FROM vmail.alias WHERE active=1;
> //
> //{
> // displayName = "Mailing Lists";
> // type = sql;
> // id = aliases;
> // viewURL = "mysql://sogo:PASSWORD@127.0.0.1:3306/sogo/aliases
> ";
> // canAuthenticate = NO;
> // isAddressBook = YES;
> // listRequiresDot = NO;
> // SOGoEnableDomainBasedUID = YES;
> // DomainFieldName = "domain";
> //},
> );
>
>
> // Authentication using LDAP
> /* LDAP backend
> SOGoUserSources = (
> {
> // Used for user authentication
> type = ldap;
> id = users;
> canAuthenticate = YES;
> isAddressBook = NO;
> displayName = "LDAP Authentication";
>
> hostname = "PH_LDAP_URI";
> baseDN = "domainName=%d,PH_LDAP_BASEDN";
> bindDN = "PH_LDAP_BINDDN";
> bindPassword = "PH_LDAP_BINDPW";
> filter = "objectClass=mailUser AND accountStatus=active AND
> enabledService=mail AND enabledService=sogo";
> scope = SUB;
>
> // always keep binding to the LDAP server using the DN of the
> // currently authenticated user. bindDN and bindPassword are
> still
> // required to find DN of the user.
> // Note: with default LDAP acl configured by iRedMail, user
> doesn't
> // have privilege to query PH_LDAP_BASEDN.
> // so this doesn't work.
> bindAsCurrentUser = YES;
>
> // The algorithm used for password encryption when changing
> // passwords without Password Policies enabled.
> // Possible values are: plain, crypt, md5-crypt, ssha, ssha512.
> userPasswordAlgorithm = ssha512;
>
> CNFieldName = cn;
> IDFieldName = mail;
> // value of UIDFieldName must be unique on entire server
> UIDFieldName = mail;
> IMAPLoginFieldName = mail;
> MailFieldNames = (mail);
> bindFields = (mail);
>
> ModulesConstraints = {
> Mail = { enabledService = sogowebmail; };
> Calendar = { enabledService = sogocalendar; };
> ActiveSync = { enabledService = sogoactivesync; };
> };
>
> GroupObjectClasses = (
> "mailList",
> "group",
> "groupOfNames",
> "groupOfUniqueNames",
> "posixgroup"
> );
> },
> {
> // Used for global address book
> type = ldap;
> id = global_addressbook;
> canAuthenticate = NO;
> isAddressBook = YES;
> displayName = "Global Address Book";
> bindAsCurrentUser = YES;
>
> // Listing of this LDAP source is only possible when
> performing a
> // search (respecting the SOGoSearchMinimumWordLength
> parameter)
> // or when explicitely typing a single dot.
> // Defaults to YES when unset.
> //
> // WARNING: if you have many accounts in this address book, it
> may
> // reach server-side query size limit, or cause
> // performance issue.
> listRequiresDot = NO;
>
> hostname = "PH_LDAP_URI";
> baseDN = "domainName=%d,PH_LDAP_BASEDN";
> bindDN = "PH_LDAP_BINDDN";
> bindPassword = "PH_LDAP_BINDPW";
> filter = "((enabledService=mail AND accountStatus=active AND
> enabledService=displayedInGlobalAddressBook) AND ((objectClass=mailUser AND
> enabledService=sogo) OR (objectClass=mailList) OR
> (objectClass=mailAlias)))";
> scope = SUB;
>
> IDFieldName = mail;
> bindFields = (mail);
> // value of UID field must be unique on whole server.
> UIDFieldName = mail;
> IMAPLoginFieldName = mail;
>
> CNFieldName = cn;
> SearchFieldNames = (cn, sn, displayName, telephoneNumber,
> mail, shadowAddress, departmentNumber);
>
> // Resources management (Free/Busy)
> // Reference:
> https://docs.iredmail.org/sogo.manage.resources.html
> KindFieldName = "Kind";
> MultipleBookingsFieldName = "MultipleBookings";
> }
> );
> LDAP backend */
> }
>
>
>
> 2) please attach your _complete_ Apache vHost config file(s) from
> /etc/apache2/sites-available that is/are currently enabled (and therefore
> linked to /etc/apache2/sites-enabled)
>
> # Webmail Interface
> <VirtualHost *:80>
> ServerAdmin ad...@davenet.fr
> ServerName webmail.davenet.fr
> ErrorLog /var/log/apache2/webmail-ssl-error_log
> CustomLog /var/log/apache2/webmail-ssl-access_log common
> LogLevel warn
>
> #SOGo
>
> Alias /SOGo.woa/WebServerResources/ \
> /usr/lib/GNUstep/SOGo/WebServerResources/
> Alias /SOGo/WebServerResources/ \
> /usr/lib/GNUstep/SOGo/WebServerResources/
>
> <Directory /usr/lib/GNUstep/SOGo/>
> AllowOverride None
>
> <IfVersion < 2.4>
> Order deny,allow
> Allow from all
> </IfVersion>
> <IfVersion >= 2.4>
> Require all granted
> </IfVersion>
>
> # Explicitly allow caching of static content to avoid browser specific
> behavior.
> # A resource's URL MUST change in order to have the client load the
> new version.
> <IfModule expires_module>
> ExpiresActive On
> ExpiresDefault "access plus 1 year"
> </IfModule>
> </Directory>
>
> ## Uncomment the following to enable proxy-side authentication, you will
> then
> ## need to set the "SOGoTrustProxyAuthentication" SOGo user default to YES
> and
> ## adjust the "x-webobjects-remote-user" proxy header in the "Proxy"
> section
> ## below.
> #
> ## For full proxy-side authentication:
> #<Location /SOGo>
> # AuthType XXX
> # Require valid-user
> # SetEnv proxy-nokeepalive 1
> # Allow from all
> #</Location>
> #
> ## For proxy-side authentication only for CardDAV and GroupDAV from
> external
> ## clients:
> #<Location /SOGo/dav>
> # AuthType XXX
> # Require valid-user
> # SetEnv proxy-nokeepalive 1
> # Allow from all
> #</Location>
>
> ProxyRequests Off
> SetEnv proxy-nokeepalive 1
> ProxyPreserveHost On
>
> # When using CAS, you should uncomment this and install
> cas-proxy-validate.py
> # in /usr/lib/cgi-bin to reduce server overloading
> #
> # ProxyPass /SOGo/casProxy http://localhost/cgi-bin/cas-proxy-validate.py
> # <Proxy http://localhost/app/cas-proxy-validate.py>
> # Order deny,allow
> # Allow from your-cas-host-addr
> # </Proxy>
>
> # Redirect / to /SOGo
> RedirectMatch ^/$ https://webmail.davenet.fr/SOGo
>
> # Enable to use Microsoft ActiveSync support
> # Note that you MUST have many sogod workers to use ActiveSync.
> # See the SOGo Installation and Configuration guide for more details.
> #
> ProxyPass /Microsoft-Server-ActiveSync \
> http://127.0.0.1:20000/SOGo/Microsoft-Server-ActiveSync \
> retry=60 connectiontimeout=5 timeout=360
>
> ProxyPass /SOGo http://127.0.0.1:20000/SOGo retry=0
>
> <Proxy http://127.0.0.1:20000/SOGo>
> ## Adjust the following to your configuration
> ## and make sure to enable the headers module
> <IfModule headers_module>
> #RequestHeader set "x-webobjects-server-port" "443"
> #SetEnvIf Host (.*) HTTP_HOST=$1
> #RequestHeader set "x-webobjects-server-name" "%{HTTP_HOST}e"
> env=HTTP_HOST
> #RequestHeader set "x-webobjects-server-url" "https://%{HTTP_HOST}e";
> env=HTTP_HOST
>
> RequestHeader set "x-webobjects-server-port" "443"
> RequestHeader set "x-webobjects-server-name" "webmail.davenet.fr"
> RequestHeader set "x-webobjects-server-url" "https://webmail.davenet.fr";
>
> ## When using proxy-side autentication, you need to uncomment and
> ## adjust the following line:
> RequestHeader unset "x-webobjects-remote-user"
> # RequestHeader set "x-webobjects-remote-user" "%{REMOTE_USER}e"
> env=REMOTE_USER
>
> RequestHeader set "x-webobjects-server-protocol" "HTTP/1.0"
> </IfModule>
>
> AddDefaultCharset UTF-8
>
> Order allow,deny
> Allow from all
> </Proxy>
>
> # For Apple autoconfiguration
> <IfModule rewrite_module>
> RewriteEngine On
> RewriteRule ^/.well-known/caldav/?$ /SOGo/dav [R=301]
> RewriteRule ^/.well-known/carddav/?$ /SOGo/dav [R=301]
> </IfModule>
>
> RewriteEngine on
> RewriteCond %{SERVER_NAME} =webmail.davenet.fr
> RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
> AddDefaultCharset Off
> </VirtualHost>
>
> #
>
>
> 3) attach the output of /var/log/sogo/sogo.log, in particular the lines
> after a restart of sogod
>
>
> root@webmail:/etc/apache2/sites-available# systemctl restart sogo
> root@webmail:/etc/apache2/sites-available# tail -f /var/log/sogo/sogo.log
> Oct 31 16:14:55 sogod [39263]: <0x0x55fc5b2a8820[WOWatchDog]> preparing 3
> children
> Oct 31 16:14:55 sogod [39263]: <0x0x55fc5b2a8820[WOWatchDog]> child
> spawned with pid 39265
> Oct 31 16:14:55 sogod [39263]: <0x0x55fc5b2a8820[WOWatchDog]> child
> spawned with pid 39266
> Oct 31 16:14:55 sogod [39263]: <0x0x55fc5b2a8820[WOWatchDog]> child
> spawned with pid 39267
> 2023-10-31 16:14:55.311 sogod[39265:39265] ERROR(+[GCSFolderManager
> defaultFolderManager]): default 'OCSFolderInfoURL' is not a valid URL:
> 'mysql://userDB:Password@192.168.10.250:3306/sogo/sogo_folder_info'
> Oct 31 16:14:55 sogod [39265]: <0x0x55fc5b483f20[WOHttpAdaptor]> notified
> the watchdog that we are ready
> Oct 31 16:33:22 sogod [39267]: [WARN] <0x0x7f54c54e1f60[WOxElemBuilder]>
> could not locate builders: WOxExtElemBuilder,WOxExtElemBuilder
> 2023-10-31 16:33:22.482 sogod[39267:39267] EXCEPTION: <NSException:
> 0x55fc5b6aa2f0> NAME:NSInvalidArgumentException REASON:Tried to add nil
> value for key 'users' to dictionary INFO:{}
>
> Do you have a solution for this error?
>
> Thanks
> Alain
>
> ____________________________________________
> Le Mardi, Octobre 31, 2023 10:51 CET, "Markus Winkler" (m...@irmawi.de) <
> users@sogo.nu> a écrit:
>
> > Hello Alain,
> >
> > On 30.10.23 23:01, "alain25" (s...@osnetworking.com) wrote:
> > > I always get a 501 error
> >
> > 1) please attach your _complete_ current /etc/sogo/sogo.conf (censored
> > passwords of course)
> >
> > 2) please attach your _complete_ Apache vHost config file(s) from
> > /etc/apache2/sites-available which is/are currently activated (and so
> > linked to /etc/apache2/sites-enabled)
> >
> > 3) please attach the output of /var/log/sogo/sogo.log, especially the
> lines
> > after a restart of the sogod
> >
> > Without these essential information it's quite impossible to help.
> >
> > Thanks and regards
> > Markus
>
>
>
>
> --
> Merci
>
>
--
Best regards,
Odhiambo WASHINGTON,
Nairobi,KE
+254 7 3200 0004/+254 7 2274 3223
"Oh, the cruft.", egrep -v '^$|^.*#' ¯\_(ツ)_/¯ :-)
[How to ask smart questions:
http://www.catb.org/~esr/faqs/smart-questions.html]
