Could not write xml file

Use this forum if you have installed hMailServer and want to ask a question related to a production release of hMailServer. Before posting, please read the troubleshooting guide. A large part of all reported issues are already described in detail here.
Post Reply
Viator
New user
New user
Posts: 14
Joined: 2012-11-01 19:51

Could not write xml file

Post by Viator » 2012-11-01 20:02

Hello!

I'm using hMailServer since ~2weeks. Since this computer is on the internet, I tried to secure the pc using rights. This caused some problems, so I set the old rights. Now I get the error "BACKUP ERROR: Could not write to the XML file." In the ERROR_hmailserver.DATE.log I can find "Severity: 1 (Critical), Code: HM5014, Source: BackupManager: OnBackupFailed, Description: BACKUP ERROR: Could not write to the XML file."

Since I gave all rights to almost everyone on the machine, I'm a litte bit lost now. Can please tell me where I should be able to find de XML File? So I can check the permissions there.

Thank's a lot.

Regards, Thorsten

Viator
New user
New user
Posts: 14
Joined: 2012-11-01 19:51

Re: Could not write xml file

Post by Viator » 2012-11-01 20:07

I startet the hMailServer Service using my own UserAccount, now Backing Up works fine.

Will move the mailserver to a proper installed machine.

Thanx, Thorsten

User avatar
mattg
Moderator
Moderator
Posts: 20305
Joined: 2007-06-14 05:12
Location: 'The Outback' Australia

Re: Could not write xml file

Post by mattg » 2012-11-02 01:12

Default install settings are safe in most environments.
Remember to allow PORTS through firewall, and not allow the hMailserver.exe application as a whole.

This product was designed for use on internet facing computers - it is after all a mail server.
Just 'cause I link to a page and say little else doesn't mean I am not being nice.
https://www.hmailserver.com/documentation

Viator
New user
New user
Posts: 14
Joined: 2012-11-01 19:51

Re: Could not write xml file

Post by Viator » 2012-11-06 16:31

Thank you for your answer.
mattg wrote:Default install settings are safe in most environments.
Remember to allow PORTS through firewall, and not allow the hMailserver.exe application as a whole.
I use portforwarding on the router and a firewall. So, this should be safe.
mattg wrote: This product was designed for use on internet facing computers - it is after all a mail server.
My "problem" is, that the user is always logged on because I use Thunderbird with some rules to forward mails from external IMAP accounts to the hMailServer (I do not like POP3 at all) and I do not want the user logged on to be able to read the mailstore.

User avatar
mattg
Moderator
Moderator
Posts: 20305
Joined: 2007-06-14 05:12
Location: 'The Outback' Australia

Re: Could not write xml file

Post by mattg » 2012-11-07 08:53

Viator wrote:My "problem" is, that the user is always logged on because I use Thunderbird with some rules to forward mails from external IMAP accounts to the hMailServer (I do not like POP3 at all) and I do not want the user logged on to be able to read the mailstore.
mattg wrote:This product was designed for use on internet facing computers - it is after all a mail server.
A logged on IMAP user can only read their own mail.
Just 'cause I link to a page and say little else doesn't mean I am not being nice.
https://www.hmailserver.com/documentation

Viator
New user
New user
Posts: 14
Joined: 2012-11-01 19:51

Re: Could not write xml file

Post by Viator » 2012-11-07 21:31

But the user logged on the machine directly could read all mails by just doubleclicking an mail in on of the files in "data" directory. The Thunderbird fetching the mails from the external accounts is running directly on the server. unfortunately there seems to be no way to run Thunderbird as a Service.

So far I got the mailserver running quite fine under his own account. I just have a problem backing up the files. When I start the backupscript by hand everything is fine. Also, if I configure that the schedules tast should run only when the user is logged in. As soon as I pass Username/Password credentials (does not matter if Administrator or MailAdmin) to the TaskScheduler the script does not execute any more. The logfile simply stays empty and nothing has been backed up but the HD LED flashes a few times.

The machine has a C: and a D: drive. 3 Users, Administrator, MailAdmin (should better be called MailServer) and MailUser. The Data ist stored on D:\MailStore where only MailAdmin (and System) has full access. Administrator and MailUser have no access at all. The hMailServer Service runs under the account of MailAdmin. Additionaly the User MailServer has full access to the hMailServer programdirectory.

The User MailServer has the right to execute batch (in German: Ausführung von Stapel ...)

As mentioned, this works fine, exept the backup script.

Do you (ore someone else) have any idea?

regards, Thorsten

random
Normal user
Normal user
Posts: 108
Joined: 2006-07-16 09:51
Location: Germany

Re: Could not write xml file

Post by random » 2012-11-08 00:05

Hi Viator,
Viator wrote:But the user logged on the machine directly could read all mails by just doubleclicking an mail in on of the files in "data" directory.
to prevent that you may use NTFS-Permissions (right-click the folder -> tab "Security").
The user hmailserver-service logs on as needs "change" rights for (at least) data, temp and log. As far as I know.
Administrators and system should have full access, as usual.

The user you want to prevent from accessing files must not have admin rights on that machine. Otherwise you may need to redesign your infrastructure. Preventing an admin from accessing files is IMHO not practical.
An admin would also have already access to the thunderbird data files.
Viator wrote:When I start the backupscript by hand everything is fine. Also, if I configure that the schedules tast should run only when the user is logged in.
Which version of windows do you use?
How the task is configured?
If you start manually: Do you start the task manually or the script by simply double-clicking?
Viator wrote:As soon as I pass Username/Password credentials (does not matter if Administrator or MailAdmin) to the TaskScheduler the script does not execute any more. The logfile simply stays empty and nothing has been backed up but the HD LED flashes a few times.
Depending on your windows version there is a log (Win7: History-Tab of the Task in question).
There should be an error telling what's wrong?
Viator wrote:The Data ist stored on D:\MailStore where only MailAdmin (and System) has full access. Administrator and MailUser have no access at all. The hMailServer Service runs under the account of MailAdmin.
Please post the exact permissons:
Open cmd.exe and type "icacls d:\MailStore" (without the "), post the output here. Screenshot will do if the complete output is visible.
MailAdmin needs change permissions for "Folder, subfolders and files".
Viator wrote:The User MailServer has the right to execute batch (in German: Ausführung von Stapel ...)
The right to "log on as a batch job" is needed to run a Task. Seems okay to me.

By the way: Using Thunderbird to forward mails to hMailServer is a bit unusual. You can pull all mails using hMailServer by POP3 and still leave them on the originating server if you want to.

lg
random

User avatar
mattg
Moderator
Moderator
Posts: 20305
Joined: 2007-06-14 05:12
Location: 'The Outback' Australia

Re: Could not write xml file

Post by mattg » 2012-11-08 01:44

random wrote:By the way: Using Thunderbird to forward mails to hMailServer is a bit unusual. You can pull all mails using hMailServer by POP3 and still leave them on the originating server if you want to.
+1

As is having a regular user log onto a server.
As random says your issue seems more about windows permissions specific to your environment rather than hMailserver.
Just 'cause I link to a page and say little else doesn't mean I am not being nice.
https://www.hmailserver.com/documentation

Viator
New user
New user
Posts: 14
Joined: 2012-11-01 19:51

Re: Could not write xml file

Post by Viator » 2012-11-08 15:15

Hi random!
random wrote:
Viator wrote:But the user logged on the machine directly could read all mails by just doubleclicking an mail in on of the files in "data" directory.
to prevent that you may use NTFS-Permissions (right-click the folder -> tab "Security").
The user hmailserver-service logs on as needs "change" rights for (at least) data, temp and log. As far as I know.
Administrators and system should have full access, as usual.

The user you want to prevent from accessing files must not have admin rights on that machine. Otherwise you may need to redesign your infrastructure. Preventing an admin from accessing files is IMHO not practical.
An admin would also have already access to the thunderbird data files.
The way I did it was choosen because we have the same Administrator password on all machines and I do not want that an Administrator can read the mails. We are a small Company selling Security Products, so Security is a very important issue here.

random wrote:
Viator wrote:When I start the backupscript by hand everything is fine. Also, if I configure that the schedules tast should run only when the user is logged in.
Which version of windows do you use?
How the task is configured?
If you start manually: Do you start the task manually or the script by simply double-clicking?
- Windows 7 Ultimate 32Bit
- Using "Aufgabenplanung" (Taskplaner in English?)
- doubleclicking the script. If I start the Tast it says "Wird Ausgefüht" but nothing happens.
random wrote:
Viator wrote:As soon as I pass Username/Password credentials (does not matter if Administrator or MailAdmin) to the TaskScheduler the script does not execute any more. The logfile simply stays empty and nothing has been backed up but the HD LED flashes a few times.
Depending on your windows version there is a log (Win7: History-Tab of the Task in question).
There should be an error telling what's wrong?
Argl. Just activated the history and tried to backup the data to reproduce the error and guess what. it's working.
So many thanx for your input, even if the "solution" is magic :-)
random wrote: By the way: Using Thunderbird to forward mails to hMailServer is a bit unusual. You can pull all mails using hMailServer by POP3 and still leave them on the originating server if you want to.
Seems to be - on the first sight.

- but first of all iI don't like POP3 at all. It just causes traffic.
- I have several accounts on several servers. One for almost every company I'm work for plus several gmx, gmail and windows live addresses to which i get status information. Since - as mentioned - I dont like POP (or lets say any polling at all) I use IMAP Idle.
I don't want to leave the message on the originating server at all. In fact I delete the messages after forwarding them. But I want to receive the massages fast. That's why I'm using IMAP (idle)


btw - hMailServer is great.

Viator
New user
New user
Posts: 14
Joined: 2012-11-01 19:51

Re: Could not write xml file

Post by Viator » 2012-11-08 15:21

mattg wrote:
random wrote:By the way: Using Thunderbird to forward mails to hMailServer is a bit unusual. You can pull all mails using hMailServer by POP3 and still leave them on the originating server if you want to.
+1

As is having a regular user log onto a server.
As random says your issue seems more about windows permissions specific to your environment rather than hMailserver.

I know, that this is not very common. But since there is no tool to fetch mail from multiple accounts using IMAP idle [1] , this is the only way to have all my mail in one account. I dont want to configure ~10 Accounts on every Client I use aund I dont want to use POP either.

I know, that is more - no not more, it IS - a windows problem. But I was hoping to find the gurus here. And at the end we got it running. Even if I don't know how ;-)

[1] also fetchmail on linux does not support multiple IMAP Idle accounts.

Thank you guys for your input.
Thorsten

User avatar
mattg
Moderator
Moderator
Posts: 20305
Joined: 2007-06-14 05:12
Location: 'The Outback' Australia

Re: Could not write xml file

Post by mattg » 2012-11-09 01:13

You should add your vote to this poll > http://www.hmailserver.com/forum/viewto ... =2&t=14809
Just 'cause I link to a page and say little else doesn't mean I am not being nice.
https://www.hmailserver.com/documentation

Viator
New user
New user
Posts: 14
Joined: 2012-11-01 19:51

Re: Could not write xml file

Post by Viator » 2012-11-09 14:52

mattg wrote:You should add your vote to this poll > http://www.hmailserver.com/forum/viewto ... =2&t=14809
Done. Thank you.

Post Reply