|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Dave (dave.mehler
gmail.com)
Date: Tue Apr 22 2008 - 18:33:07 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hello,
Thanks for your reply. I've not added any smtpd restrictions to
master.cf and my email client is configured for authentication. I can
retrieve email, but using the same settings, in oe6 it's use same settings
as incoming mail server, sending does not happen. I don't know if this is
related, but if i set the virtual_transport to dovecot in main.cf, reload
postfix suddenly email is not delivered, it arrives, but is deferred with an
error can not open log file /var/log/dovecot.log permission denied. If i
comment out virtual_transport all works fine with mail delivery.
Thanks.
Dave.
----- Original Message -----
From: "mouss" <moussnetoyen.net>
Cc: <postfix-userspostfix.org>
Sent: Monday, April 21, 2008 2:42 AM
Subject: Re: postfix and dovecot sasl not relaying mail
> Dave wrote:
>> Hello Ralf,
>> Thanks for your reply. Your suggestion worked, I removed the
>> smtpd_client_restrictions and it worked. But then i tried to change
>> something and busted it, now it's not relaying again. The error message
>> is the same,
>>
>> Apr 17 23:06:30 s15298471 postfix/smtpd[3944]: NOQUEUE: reject: RCPT from
>> unknown[68.51.57.178]: 554 5.7.1 Service unavailable; Client host
>> [68.51.57.178] blocked using zen.spamhaus.org;
>> http://www.spamhaus.org/query/bl?ip=68.51.57.178; from=<userexample.com>
>
> do not truncate log lines.
>
> if the transaction is rejected, then it didn't match
> permit_sasl_authenticated, so the client was not authenticated. make sure
> you configure your client to authenticate. if you did but it does not,
> check your logs.
>
> if you altered master.cf, make sure you did not set smtpd restrictions on
> the smtpd service as this would override main.cf settings.
>
>> I can retrieve mail just fine, but sending isn't happy.
>> Here's my current postfix and dovecot configs.
>> Thanks.
>> Dave.
>>
>> # main.cf
>> address_verify_map = btree:/var/spool/postfix/verified_senders
>> alias_database = hash:/etc/postfix/aliases
>> alias_maps = hash:/etc/postfix/aliases
>> biff = no
>> broken_sasl_auth_clients = yes
>> canonical_maps = hash:/etc/postfix/canonical
>> command_directory = /usr/sbin
>> config_directory = /etc/postfix
>> daemon_directory = /usr/libexec/postfix
>> default_privs = nobody
>> disable_vrfy_command = yes
>> empty_address_recipient = MAILER-DAEMON
>> home_mailbox = Maildir/
>> html_directory = no
>> inet_interfaces = 74.208.64.129
>> invalid_hostname_reject_code = 554
>> local_recipient_maps = proxy:unix:passwd.byname $alias_maps
>> mail_owner = postfix
>> mailbox_size_limit = 1000000000
>> mailq_path = /usr/bin/mailq.postfix
>> manpage_directory = /usr/share/man
>> multi_recipient_bounce_reject_code = 554
>> mydestination = localhost
>> mydomain = example.com
>> myhostname = mail.example.com
>> mynetworks_style = host
>> myorigin = $mydomain
>> newaliases_path = /usr/bin/newaliases.postfix
>> non_fqdn_reject_code = 554
>> queue_directory = /var/spool/postfix
>> queue_minfree = 25000000
>> readme_directory = /usr/share/doc/postfix-2.4.5/README_FILES
>> recipient_delimiter = +
>> relay_domains_reject_code = 554
>> sample_directory = /usr/share/doc/postfix-2.4.5/samples
>> sendmail_path = /usr/sbin/sendmail.postfix
>> setgid_group = postdrop
>> show_user_unknown_table_name = no
>> smtp_tls_note_starttls_offer = yes
>> smtp_use_tls = yes
>> smtpd_banner = $myhostname
>> smtpd_client_connection_count_limit = 2
>> smtpd_client_connection_rate_limit = 5
>> smtpd_data_restrictions = reject_unauth_pipelining
>> smtpd_error_sleep_time = 10s
>> smtpd_hard_error_limit = 5
>> smtpd_helo_required = yes
>> smtpd_recipient_restrictions = permit_sasl_authenticated,
>> permit_mynetworks, reject_unauth_destination, reject_invalid_hostname,
>> reject_non_fqdn_hostname, reject_non_fqdn_sender,
>> reject_non_fqdn_recipient, reject_unknown_sender_domain,
>> reject_unknown_recipient_domain, reject_unverified_recipient
>> reject_multi_recipient_bounce, check_helo_access
>> pcre:/etc/postfix/helo_checks.pcre check_recipient_access
>> hash:/etc/postfix/recipient_access check_sender_access
>> hash:/etc/postfix/common_spam_senderdomains reject_rhsbl_sender
>> dsn.rfc-ignorant.org reject_rbl_client multi.uribl.com, reject_rbl_client
>> images.rbl.msrbl.net, reject_rbl_client list.dsbl.org
>> reject_rbl_client zen.spamhaus.org,
>> smtpd_restriction_classes = has_our_domain_as_sender
>> smtpd_sasl_auth_enable = yes
>> smtpd_sasl_local_domain = example.com
>> smtpd_sasl_path = private/auth
>> smtpd_sasl_security_options = noanonymous
>> smtpd_sasl_type = dovecot
>> smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks,
>> reject_non_fqdn_sender, reject_unknown_sender_domain,
>> reject_unauth_pipelining reject_sender_login_mismatch reject_rhsbl_sender
>> dsn.rfc-ignorant.org,
>> smtpd_soft_error_limit = 2
>> smtpd_tls_CAfile = /etc/postfix/ssl/ca-cert.pem
>> smtpd_tls_auth_only = yes
>> smtpd_tls_cert_file = /etc/postfix/ssl/smtp.cert
>> smtpd_tls_key_file = /etc/postfix/ssl/smtp.key
>> smtpd_tls_loglevel = 1
>> smtpd_tls_received_header = yes
>> smtpd_tls_session_cache_timeout = 3600s
>> smtpd_use_tls = yes
>> strict_rfc821_envelopes = yes
>> tls_random_source = dev:/dev/urandom
>> unknown_address_reject_code = 554
>> unknown_client_reject_code = 554
>> unknown_hostname_reject_code = 554
>> unknown_local_recipient_reject_code = 554
>> unknown_relay_recipient_reject_code = 554
>> unknown_virtual_alias_reject_code = 554
>> unknown_virtual_mailbox_reject_code = 554
>> unverified_recipient_reject_code = 554
>> unverified_sender_reject_code = 554
>> virtual_alias_maps = hash:/etc/postfix/virtual
>> virtual_gid_maps = static:5000
>> virtual_mailbox_base = /home/vmail
>> virtual_mailbox_domains = /etc/postfix/vhosts
>> virtual_mailbox_maps = hash:/etc/postfix/vmaps
>> virtual_minimum_uid = 1000
>> virtual_transport = dovecot
>> virtual_uid_maps = static:5000
>>
>>
>> # 1.0.3: /etc/dovecot.conf
>> base_dir: /var/run/dovecot/
>> log_path: /var/log/dovecot.log
>> protocols: pop3s
>> listen: 74.208.64.129
>> ssl_ca_file: /etc/dovecot/ca-cert.pem
>> ssl_cert_file: /etc/dovecot/pop.cert
>> ssl_key_file: /etc/dovecot/pop.key
>> ssl_cipher_list: ALL:!LOW
>> disable_plaintext_auth: yes
>> login_dir: /var/run/dovecot/login
>> login_executable: /usr/libexec/dovecot/pop3-login
>> mail_extra_groups: mail
>> mail_location: maildir:/home/vmail/%d/%n
>> maildir_copy_with_hardlinks: yes
>> mail_executable: /usr/libexec/dovecot/pop3
>> mail_plugin_dir: /usr/lib64/dovecot/pop3
>> pop3_client_workarounds: outlook-no-nuls oe-ns-eoh
>> auth default:
>> user: vmail
>> verbose: yes
>> passdb:
>> driver: passwd-file
>> args: /etc/dovecot/passwd
>> userdb:
>> driver: passwd-file
>> args: /etc/dovecot/users
>> socket:
>> type: listen
>> client:
>> path: /var/spool/postfix/private/auth
>> mode: 432
>> user: postfix
>> group: postfix
>> master:
>> path: /var/run/dovecot/auth-master
>> mode: 384
>>
>> ----- Original Message ----- From: "Ralf Hildebrandt"
>> <Ralf.Hildebrandtcharite.de>
>> To: <postfix-userspostfix.org>
>> Sent: Friday, April 18, 2008 1:53 AM
>> Subject: Re: postfix and dovecot sasl not relaying mail
>>
>>
>>> * Dave <dave.mehlergmail.com>:
>>>
>>>> Apr 17 23:06:29 s15298471 postfix/smtpd[3944]: connect from
>>>> unknown[68.51.57.178]
>>>> Apr 17 23:06:29 s15298471 postfix/smtpd[3944]: setting up TLS
>>>> connection
>>>> from unknown[68.51.57.178]
>>>> Apr 17 23:06:29 s15298471 postfix/smtpd[3944]: TLS connection
>>>> established
>>>> from unknown[68.51.57.178]: TLSv1 with cipher RC4-MD5 (128/128 bits)
>>>> Apr 17 23:06:30 s15298471 postfix/smtpd[3944]: NOQUEUE: reject: RCPT
>>>> from
>>>> unknown[68.51.57.178]: 554 5.7.1 Service unavailable; Client host
>>>> [68.51.57.178] blocked using zen.spamhaus.org;
>>>> http://www.spamhaus.org/query/bl?ip=68.51.57.178;
>>>> from=<userexample.com>
>>>> to=<user1example2.com> proto=ESMTP helo=<satellite>
>>>> Apr 17 23:06:30 s15298471 postfix/smtpd[3944]: disconnect from
>>>> unknown[68.51.57.178]
>>>
>>> The RBL rejects the request, before permit_sasl_authenticated can
>>> allow it.
>>>
>>>> smtpd_client_restrictions = check_recipient_access
>>>> hash:/etc/postfix/recipient_access reject_rbl_client
>>>> images.rbl.msrbl.net,
>>>> reject_rbl_client list.dsbl.org reject_rbl_client zen.spamhaus.org,
>>>
>>> Remove these smtpd_client_restrictions. Put the stuff into
>>> smtpd_recipient_restrictions instead, somewhere after
>>> reject_unauth_destination
>>>
>>> --
>>> Ralf Hildebrandt (Ralf.Hildebrandtcharite.de) snickebocharite.de
>>> Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450
>>> 570-155
>>> http://www.arschkrebs.de
>>> Chaos reigns within.
>>> Reflect, repent, and reboot.
>>> Order shall return.
>>
>
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]