NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Postfix Discussion> 2007-04

Can't seem to connect

From: Dehnert James Sr (jdehnertnorcalnetworks.com)
Date: Mon Apr 30 2007 - 11:21:22 CDT

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I have a system here that I built on my man, and then moved into a
DMZ. Things were working great until I moved it, and judging by the
messages iI think I have it looking for a valid hostname somewhere.

I had this system set up in my office but after I re-IP'd it I can no
longer make smtp connections. with smtpd -v I'm getting the
following complaints. This is from trying to connect on port 25.

Apr 30 08:58:36 mail1 postfix/smtpd[16423]: proxymap stream disconnect
Apr 30 08:58:36 mail1 postfix/smtpd[16423]: auto_clnt_close:
disconnect private/tlsmgr stream
Apr 30 08:58:53 mail1 postfix/smtpd[16423]: connection established
Apr 30 08:58:53 mail1 postfix/smtpd[16423]: master_notify: status 0
Apr 30 08:58:53 mail1 postfix/smtpd[16423]: name_mask: resource
Apr 30 08:58:53 mail1 postfix/smtpd[16423]: name_mask: software
Apr 30 08:58:53 mail1 postfix/smtpd[16423]: connect from unknown
[76.197.19.129]
Apr 30 08:58:53 mail1 postfix/smtpd[16423]: match_list_match:
unknown: no match
Apr 30 08:58:53 mail1 postfix/smtpd[16423]: match_list_match:
76.197.19.129: no match
Apr 30 08:58:53 mail1 postfix/smtpd[16423]: match_list_match:
unknown: no match
Apr 30 08:58:53 mail1 postfix/smtpd[16423]: match_list_match:
76.197.19.129: no match
Apr 30 08:58:53 mail1 postfix/smtpd[16423]: match_hostname: unknown
~? 127.0.0.0/8
Apr 30 08:58:53 mail1 postfix/smtpd[16423]: match_hostaddr:
76.197.19.129 ~? 127.0.0.0/8
Apr 30 08:58:53 mail1 postfix/smtpd[16423]: match_hostname: unknown
~? 192.168.100.0/24
Apr 30 08:58:53 mail1 postfix/smtpd[16423]: match_hostaddr:
76.197.19.129 ~? 192.168.100.0/24
Apr 30 08:58:53 mail1 postfix/smtpd[16423]: match_hostname: unknown
~? 192.168.200.0/24
Apr 30 08:58:53 mail1 postfix/smtpd[16423]: match_hostaddr:
76.197.19.129 ~? 192.168.200.0/24
Apr 30 08:58:53 mail1 postfix/smtpd[16423]: match_list_match:
unknown: no match
Apr 30 08:58:53 mail1 postfix/smtpd[16423]: match_list_match:
76.197.19.129: no match
Apr 30 08:58:53 mail1 postfix/smtpd[16423]: send attr request = connect
Apr 30 08:58:53 mail1 postfix/smtpd[16423]: send attr ident = smtp:
76.197.19.129
Apr 30 08:58:53 mail1 postfix/smtpd[16423]: private/anvil: wanted
attribute: status
Apr 30 08:58:53 mail1 postfix/smtpd[16423]: input attribute name: status
Apr 30 08:58:53 mail1 postfix/smtpd[16423]: input attribute value: 0
Apr 30 08:58:53 mail1 postfix/smtpd[16423]: private/anvil: wanted
attribute: count
Apr 30 08:58:53 mail1 postfix/smtpd[16423]: input attribute name: count
Apr 30 08:58:53 mail1 postfix/smtpd[16423]: input attribute value: 1
Apr 30 08:58:53 mail1 postfix/smtpd[16423]: private/anvil: wanted
attribute: rate
Apr 30 08:58:53 mail1 postfix/smtpd[16423]: input attribute name: rate
Apr 30 08:58:53 mail1 postfix/smtpd[16423]: input attribute value: 2
Apr 30 08:58:53 mail1 postfix/smtpd[16423]: private/anvil: wanted
attribute: (list terminator)
Apr 30 08:58:53 mail1 postfix/smtpd[16423]: input attribute name: (end)
Apr 30 08:58:53 mail1 postfix/smtpd[16423]: > unknown[76.197.19.129]:
220 mail1.centellax.com ESMTP Postfix
Apr 30 08:58:53 mail1 postfix/smtpd[16423]: < unknown[76.197.19.129]:
EHLO [192.168.5.197]
Apr 30 08:58:53 mail1 postfix/smtpd[16423]: > unknown[76.197.19.129]:
250-mail1.centellax.com
Apr 30 08:58:53 mail1 postfix/smtpd[16423]: > unknown[76.197.19.129]:
250-PIPELINING
Apr 30 08:58:53 mail1 postfix/smtpd[16423]: > unknown[76.197.19.129]:
250-SIZE 10240000
Apr 30 08:58:53 mail1 postfix/smtpd[16423]: > unknown[76.197.19.129]:
250-VRFY
Apr 30 08:58:53 mail1 postfix/smtpd[16423]: > unknown[76.197.19.129]:
250-ETRN
Apr 30 08:58:53 mail1 postfix/smtpd[16423]: match_list_match:
unknown: no match
Apr 30 08:58:53 mail1 postfix/smtpd[16423]: match_list_match:
76.197.19.129: no match
Apr 30 08:58:53 mail1 postfix/smtpd[16423]: > unknown[76.197.19.129]:
250-STARTTLS
Apr 30 08:58:53 mail1 postfix/smtpd[16423]: > unknown[76.197.19.129]:
250-ENHANCEDSTATUSCODES
Apr 30 08:58:53 mail1 postfix/smtpd[16423]: > unknown[76.197.19.129]:
250-8BITMIME
Apr 30 08:58:53 mail1 postfix/smtpd[16423]: > unknown[76.197.19.129]:
250 DSN
Apr 30 08:58:53 mail1 postfix/smtpd[16423]: smtp_get: EOF
Apr 30 08:58:53 mail1 postfix/smtpd[16423]: match_hostname: unknown
~? 127.0.0.0/8
Apr 30 08:58:53 mail1 postfix/smtpd[16423]: match_hostaddr:
76.197.19.129 ~? 127.0.0.0/8
Apr 30 08:58:53 mail1 postfix/smtpd[16423]: match_hostname: unknown
~? 192.168.100.0/24
Apr 30 08:58:53 mail1 postfix/smtpd[16423]: match_hostaddr:
76.197.19.129 ~? 192.168.100.0/24
Apr 30 08:58:53 mail1 postfix/smtpd[16423]: match_hostname: unknown
~? 192.168.200.0/24
Apr 30 08:58:53 mail1 postfix/smtpd[16423]: match_hostaddr:
76.197.19.129 ~? 192.168.200.0/24
Apr 30 08:58:53 mail1 postfix/smtpd[16423]: match_list_match:
unknown: no match
Apr 30 08:58:53 mail1 postfix/smtpd[16423]: match_list_match:
76.197.19.129: no match
Apr 30 08:58:53 mail1 postfix/smtpd[16423]: send attr request =
disconnect
Apr 30 08:58:53 mail1 postfix/smtpd[16423]: send attr ident = smtp:
76.197.19.129
Apr 30 08:58:53 mail1 postfix/smtpd[16423]: private/anvil: wanted
attribute: status
Apr 30 08:58:53 mail1 postfix/smtpd[16423]: input attribute name: status
Apr 30 08:58:53 mail1 postfix/smtpd[16423]: input attribute value: 0
Apr 30 08:58:53 mail1 postfix/smtpd[16423]: private/anvil: wanted
attribute: (list terminator)
Apr 30 08:58:53 mail1 postfix/smtpd[16423]: input attribute name: (end)
Apr 30 08:58:53 mail1 postfix/smtpd[16423]: lost connection after
EHLO from unknown[76.197.19.129]
Apr 30 08:58:53 mail1 postfix/smtpd[16423]: disconnect from unknown
[76.197.19.129]
Apr 30 08:58:53 mail1 postfix/smtpd[16423]: master_notify: status 1
Apr 30 08:58:53 mail1 postfix/smtpd[16423]: connection closed

postconf -n is...

postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
debug_peer_level = 2
html_directory = /usr/share/doc/postfix-2.4.0-documentation/html
inet_interfaces = all
mail_owner = postfix
mail_spool_directory = /var/spool/mail/
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
mydomain = centellax.com
myhostname = mail1.centellax.com
mynetworks = 127.0.0.0/8,192.168.100.0/24,192.168.200.0/24
mynetworks_style = subnet
myorigin = $mydomain
newaliases_path = /usr/bin/newaliases.postfix
proxy_interfaces = 72.245.21.52
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.4.0-documentation/readme
sample_directory = /usr/share/doc/postfix-2.2.10/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtpd_client_restrictions =
smtpd_delay_reject = yes
smtpd_enforce_tls = no
smtpd_recipient_restrictions = permit_sasl_authenticated,
permit_mynetworks, reject_unauth_destination, permit
smtpd_sasl_authenticated_header = yes
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous, noplaintext
smtpd_sasl_tls_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_tls_CAfile = /etc/postfix/certs/cacert.pem
smtpd_tls_cert_file = /etc/postfix/certs/mail_public_cert.pem
smtpd_tls_key_file = /etc/postfix/certs/mail_private_key.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:/var/spool/postfix/
smtpd_tls_session_cache
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom
unknown_local_recipient_reject_code = 550

This system had an IP address of 192.168.200.25 and is in a DMZ
behind the address 72.245.21.52.

master.cf has the following at the top..

#
========================================================================
==
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
#
========================================================================
==
smtp inet n - n - - smtpd -v
submission inet n - n - - smtpd -v
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject

can anyone tell me what it is I've overlooked? I'm still pawing
through this line by line myself.

Thanks,
Zeke

--
James "Zeke" Dehnert
mailto:jdehnertnorcalnetworks.com
Phone: +1 707.546.6620 x602 Fax: +1 707.324.8043
"Life is racing, everything else is just waiting"

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]