PDA

View Full Version : Mailserver / Postfix Problems


oaky
11th November 2005, 12:03
First I followed the http://www.howtoforge.com/virtual_postfix_mysql_quota_courier Howto.

I had to solve a "small" problem with the mysql access, -> http://www.howtoforge.com/forums/showthread.php?p=6190#post6190.

and now I stuck (I think so ???) with a general mailserver problem.

I think my mailserver doesn't accept mails... and because of this I cannot activate my accounts.

mail.log
Nov 11 09:42:17 m34s12 postfix/qmgr[22811]: 8EF23334E0: from=<michael.eichriedler@aon.at>, size=1031, nrcpt=1 (queue active)
Nov 11 09:42:17 m34s12 postfix/qmgr[22811]: 8EF23334E0: to=<office@m34s12.vlinux.de>, relay=none, delay=3888, status=deferred (delivery temporarily suspended: connect to 127.0.0.1[127.0.0.1]: server dropped connection without sending the initial SMTP greeting)
Nov 11 09:42:17 m34s12 postfix/qmgr[22811]: 420B4334C5: from=<root@m34s12.vlinux.de>, size=624, nrcpt=1 (queue active)
Nov 11 09:42:17 m34s12 postfix/qmgr[22811]: 420B4334C5: to=<root@m34s12.vlinux.de>, orig_to=<root>, relay=none, delay=11836, status=deferred (delivery temporarily suspended: connect to 127.0.0.1[127.0.0.1]: server dropped connection without sending the initial SMTP greeting)
Nov 11 09:42:17 m34s12 postfix/qmgr[22811]: 4757A334C7: from=<root@m34s12.vlinux.de>, size=624, nrcpt=1 (queue active)
Nov 11 09:42:17 m34s12 postfix/qmgr[22811]: 4757A334C7: to=<root@m34s12.vlinux.de>, orig_to=<root>, relay=none, delay=11236, status=deferred (delivery temporarily suspended: connect to 127.0.0.1[127.0.0.1]: server dropped connection without sending the initial SMTP greeting)
Nov 11 09:45:02 m34s12 postfix/pickup[22810]: 90521334F1: uid=0 from=<root>
Nov 11 09:45:03 m34s12 postfix/cleanup[29056]: 90521334F1: message-id=<20051111094502.90521334F1@m34s12.vlinux.de>
Nov 11 09:45:03 m34s12 postfix/qmgr[22811]: 90521334F1: from=<root@m34s12.vlinux.de>, size=624, nrcpt=1 (queue active)
Nov 11 09:45:03 m34s12 amavis[18694]: DENIED ACCESS from IP 83.151.31.46
Nov 11 09:45:03 m34s12 postfix/smtp[29078]: connect to 127.0.0.1[127.0.0.1]: server dropped connection without sending the initial SMTP greeting (port 10024)
Nov 11 09:45:03 m34s12 postfix/smtp[29078]: 90521334F1: to=<root@m34s12.vlinux.de>, orig_to=<root>, relay=none, delay=1, status=deferred (connect to 127.0.0.1[127.0.0.1]: server dropped connection without sending the initial SMTP greeting)


As you can see in the log, I tried to send a mail from michael@### to office@### to activate the office account.
But what are these "root-mails" , as you get now, I am new in Linux...

So probably it's a simple problem and somebody can help me...

Michael

falko
11th November 2005, 12:45
It seems as if Postfix is running a bit unstable on 127.0.0.1.:confused:
Please post /etc/postfix/main.cf and the output of netstat -tap here.

oaky
11th November 2005, 12:50
/etc/postfix/main.cf

smtpd_banner = ESMTP (Debian/GNU)
biff = no
append_dot_mydomain = no
myhostname = m34s12.vlinux.de
mydomain = m34s12.vlinux.de
mydestination = localhost, localhost.localdomain
mynetworks = 127.0.0.0/8
alias_maps =
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
virtual_mailbox_base = /home/vmail
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
virtual_alias_domains =
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, proxy:mysql:/etc/postfix/mysql-virtual_email2email.cf
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
myorigin = /etc/mailname
relayhost =
inet_interfaces = all
smtpd_use_tls = yes
smtpd_tls_cert_file = /etc/postfix/smtpd.cert
smtpd_tls_key_file = /etc/postfix/smtpd.key
transport_maps = proxy:mysql:/etc/postfix/mysql-virtual_transports.cf
virtual_create_maildirsize = yes
virtual_mailbox_extended = yes


netstat -tap

Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 m34s12.vlinux.de:imaps *:* LISTEN 1843/couriertcpd
tcp 0 0 m34s12.vlinux.de:pop3s *:* LISTEN 1426/couriertcpd
tcp 0 0 m34s12.vlinux.de:10024 *:* LISTEN 1815/amavisd (maste
tcp 0 0 m34s12.vlinux.de:10025 *:* LISTEN 18678/master
tcp 0 0 m34s12.vlinux.de:mysql *:* LISTEN 4355/mysqld
tcp 0 0 m34s12.vlinux.de:pop3 *:* LISTEN 18272/couriertcpd
tcp 0 0 m34s12.vlinux.de:imap2 *:* LISTEN 18560/couriertcpd
tcp 0 0 m34s12.vlinux.de:www *:* LISTEN 409/apache
tcp 0 0 m34s12.vlinux.de:ftp *:* LISTEN 7311/inetd
tcp 0 0 m34s12.vlinux.de:ssh *:* LISTEN 7548/sshd
tcp 0 0 m34s12.vlinux.de:smtp *:* LISTEN 18678/master
tcp 0 0 m34s12.vlinux.de:mysql localhost:50854 ESTABLISHED4355/mysqld
tcp 0 0 localhost:50854 m34s12.vlinux.de:mysql ESTABLISHED7415/proxymap
tcp 0 0 m34s12.vlinux.de:10024 m34s12.vlinux.de:50858 TIME_WAIT -
tcp 0 480 m34s12.vlinux.de:ssh M078P026.adsl.hig:65255 ESTABLISHED26835/16
tcp 0 0 m34s12.vlinux.de:ssh M160P030.adsl.hig:65277 ESTABLISHED12435/5



I had syscp preinstalled on my debian sarge system.

I deinstalled it because I wanted a more transparent system.

Probably this is the source of all the problems....

falko
11th November 2005, 19:26
There seem to be missing a few lines (e.g. proxy_read_maps) in /etc/postfix/main.cf that are in the tutorial ( http://www.howtoforge.com/virtual_postfix_mysql_quota_courier_p2 ). Please run

postconf -e 'mynetworks = 127.0.0.0/8'
postconf -e 'virtual_alias_domains ='
postconf -e ' virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, proxy:mysql:/etc/postfix/mysql-virtual_email2email.cf'
postconf -e 'virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf'
postconf -e 'virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf'
postconf -e 'virtual_mailbox_base = /home/vmail'
postconf -e 'virtual_uid_maps = static:5000'
postconf -e 'virtual_gid_maps = static:5000'
postconf -e 'smtpd_sasl_auth_enable = yes'
postconf -e 'broken_sasl_auth_clients = yes'
postconf -e 'smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination'
postconf -e 'smtpd_use_tls = yes'
postconf -e 'smtpd_tls_cert_file = /etc/postfix/smtpd.cert'
postconf -e 'smtpd_tls_key_file = /etc/postfix/smtpd.key'
postconf -e 'transport_maps = proxy:mysql:/etc/postfix/mysql-virtual_transports.cf'
postconf -e 'virtual_create_maildirsize = yes'
postconf -e 'virtual_mailbox_extended = yes'
postconf -e 'virtual_mailbox_limit_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailbox_limit_maps.cf'
postconf -e 'virtual_mailbox_limit_override = yes'
postconf -e 'virtual_maildir_limit_message = "The user you are trying to reach is over quota."'
postconf -e 'virtual_overquota_bounce = yes'
postconf -e 'proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps'
and restart Postfix.

oaky
12th November 2005, 11:34
I inserted the missing lines and restarted postfix with /etc/init.d/postfix restart.

/etc/postfix/main.cf

smtpd_banner = ESMTP (Debian/GNU)
biff = no
append_dot_mydomain = no
myhostname = m34s12.vlinux.de
mydomain = m34s12.vlinux.de
mydestination = localhost, localhost.localdomain
mynetworks = 127.0.0.0/8
alias_maps =
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
virtual_mailbox_base = /home/vmail
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
virtual_alias_domains =
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, proxy:mysql:/etc/postfix/mysql-virtual_email2email.cf
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
myorigin = /etc/mailname
relayhost =
inet_interfaces = all
smtpd_use_tls = yes
smtpd_tls_cert_file = /etc/postfix/smtpd.cert
smtpd_tls_key_file = /etc/postfix/smtpd.key
transport_maps = proxy:mysql:/etc/postfix/mysql-virtual_transports.cf
virtual_create_maildirsize = yes
virtual_mailbox_extended = yes
virtual_mailbox_limit_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailbox_limit_maps.cf
virtual_mailbox_limit_override = yes
virtual_maildir_limit_message = "The user you are trying to reach is over quota."
virtual_overquota_bounce = yes
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps
content_filter = amavis:[127.0.0.1]:10024
receive_override_options = no_address_mappings


tail of /var/log/mail.info

Nov 12 09:25:39 m34s12 postfix/smtpd[16619]: connect from warsl404pip7.highway.telekom.at[195.3.96.91]
Nov 12 09:25:40 m34s12 postfix/smtpd[16619]: 04C4333612: client=warsl404pip7.highway.telekom.at[195.3.96.91]
Nov 12 09:25:40 m34s12 postfix/cleanup[16449]: 04C4333612: message-id=<20051112092539.04C4333612@m34s12.vlinux.de>
Nov 12 09:25:40 m34s12 postfix/qmgr[333]: 04C4333612: from=<michael.eichriedler@aon.at>, size=1031, nrcpt=1 (queue active)
Nov 12 09:25:40 m34s12 amavis[6817]: DENIED ACCESS from IP 83.151.31.46
Nov 12 09:25:40 m34s12 postfix/smtp[16499]: connect to 127.0.0.1[127.0.0.1]: server dropped connection without sending the initial SMTP greeting (port 10024)
Nov 12 09:25:40 m34s12 postfix/smtp[16499]: 04C4333612: to=<office@m34s12.vlinux.de>, relay=none, delay=1, status=deferred (connect to 127.0.0.1[127.0.0.1]: server dropped connection without sending the initial SMTP greeting)
Nov 12 09:25:40 m34s12 postfix/smtpd[16619]: disconnect from warsl404pip7.highway.telekom.at[195.3.96.91]

But it looks like there has nothing changed. :(

falko
12th November 2005, 15:48
Nov 12 09:25:40 m34s12 postfix/smtp[16499]: connect to 127.0.0.1[127.0.0.1]: server dropped connection without sending the initial SMTP greeting (port 10024)
Nov 12 09:25:40 m34s12 postfix/smtp[16499]: 04C4333612: to=<office@m34s12.vlinux.de>, relay=none, delay=1, status=deferred (connect to 127.0.0.1[127.0.0.1]: server dropped connection without sending the initial SMTP greeting)

Seems to be a problem with amavisd which runs on port 10024... Can you see that amavisd is running when you execute ps aux or netstat -tap?
Please compare your configuration with the amavisd part of the tutorial and check if there are differences...

oaky
14th November 2005, 16:45
I checked the amavisd configuration...

changed the following lines in /etc/init.d/saslauthd (I had an preinstalled debian ) from:

PWDIR=/var/run/saslauthd
PIDFILE="/var/run/${NAME}/saslauthd.pid"

to:

PWDIR="/var/spool/postfix/var/run/${NAME}"
PIDFILE="${PWDIR}/saslauthd.pid"
dir="root sasl 755 ${PWDIR}"

ps aux

amavis 7511 0.0 0.5 18116 5204 ? Ss 14:33 0:00 amavisd (master)
amavis 7512 0.0 1.0 18116 10080 ? S 14:33 0:00 amavisd (virgin child)
amavis 7513 0.0 0.3 18116 3008 ? S 14:33 0:00 amavisd (virgin child)
amavis 7514 0.0 0.3 18116 3008 ? S 14:33 0:00 amavisd (virgin child)
amavis 7515 0.0 0.3 18116 3008 ? S 14:33 0:00 amavisd (virgin child)

netstat -tap

tcp 0 0 m34s12.vlinux.de:10024 *:* LISTEN -

but...
Nov 14 14:33:57 m34s12 amavis[7511]: Found $zoo at /usr/bin/zoo
Nov 14 14:33:57 m34s12 amavis[7511]: Found $cpio at /bin/cpio
Nov 14 14:33:57 m34s12 amavis[7511]: Using internal av scanner code for (primary) Clam Antivirus-clamd
Nov 14 14:33:57 m34s12 amavis[7511]: Found secondary av scanner Clam Antivirus - clamscan at /usr/bin/clamscan
Nov 14 14:34:38 m34s12 postfix/smtpd[7606]: connect from alma.fh-salzburg.ac.at[193.170.110.13]
Nov 14 14:34:38 m34s12 postfix/smtpd[7606]: EA60032ECB: client=alma.fh-salzburg.ac.at[193.170.110.13]
Nov 14 14:34:39 m34s12 postfix/cleanup[7613]: EA60032ECB: message-id=<2880.10.40.42.101.1131980335.squirrel@webmail.fh-salzburg.ac.at>
Nov 14 14:34:39 m34s12 postfix/qmgr[4002]: EA60032ECB: from=<meichriedler.tks2002@fh-salzburg.ac.at>, size=2469, nrcpt=1 (queue active)
Nov 14 14:34:39 m34s12 postfix/smtpd[7606]: disconnect from alma.fh-salzburg.ac.at[193.170.110.13]
Nov 14 14:34:39 m34s12 postfix/qmgr[4002]: EA60032ECB: to=<office@m34s12.vlinux.de>, relay=none, delay=1, status=deferred (delivery temporarily suspended: connect to 127.0.0.1[127.0.0.1]: server dropped connection without sending the initial SMTP greeting)

oaky
15th November 2005, 10:25
It is definitly a problem with amavis!

I deactivated amavis and everything works fine....

falko
15th November 2005, 10:58
That's strange...:confused: Might be because it is a pre-installed Debian. You never know what you get when someone else installs a system for you...

oaky
15th November 2005, 11:06
...thanks a lot!

I will try to get also amavis running, but for now I am happy with this...:)

mority
11th July 2006, 21:06
I have pretty much the same problem as oaky.

When I try to send a mail to to a user on a virtual mail domain on the mail server I am getting these error messages in /var/log/mail.log:

Jul 11 17:53:48 m34sxx postfix/smtpd[9920]: connect from mail.gmx.net[213.165.64.21]
Jul 11 17:53:48 m34sxx postfix/smtpd[9920]: 150843ECCF: client=mail.gmx.net[213.165.64.21]
Jul 11 17:53:48 m34sxx postfix/cleanup[9927]: 150843ECCF: message-id=<44B3E5C7.90208@gmx.net>
Jul 11 17:53:48 m34sxx postfix/qmgr[9746]: 150843ECCF: from=<mo2001@gmx.net>, size=791, nrcpt=1 (queue active)
Jul 11 17:53:48 m34sxx amavis[10048]: DENIED ACCESS from IP 83.151.xx.xx
Jul 11 17:53:48 m34sxx postfix/smtp[9747]: connect to 127.0.0.1[127.0.0.1]: server dropped connection without sending the initial SMTP greeting (port 10024)
Jul 11 17:53:48 m34sxx postfix/smtp[9747]: 150843ECCF: to=<mo@foobar.com>, relay=none, delay=0, status=deferred (connect to 127.0.0.1[127.0.0.1]: server dropped connection without sending the initial SMTP greeting)
Jul 11 17:53:48 m34sxx postfix/smtpd[9920]: disconnect from mail.gmx.net[213.165.64.21]


I would say the line I marked bold is the crucial one. 83.151.xx.xx is the public static IP address of my server running postfix. So there must be something wrong in the amavis config. But what can I do about it? Please let me know if I should post any config files.


I tried to "deactivate" amavis as oaky did like this

/etc/init.d/amavis stop

but then I get this in /var/log/mail.log:

Jul 11 18:03:48 m34sxx postfix/smtpd[12454]: connect from mail.gmx.net[213.165.64.21]
Jul 11 18:03:49 m34sxx postfix/smtpd[12454]: 064C23ECD0: client=mail.gmx.net[213.165.64.21]
Jul 11 18:03:49 m34sxx postfix/cleanup[12461]: 064C23ECD0: message-id=<44B3E820.4000109@gmx.net>
Jul 11 18:03:49 m34sxx postfix/qmgr[9746]: 064C23ECD0: from=<mo2001@gmx.net>, size=795, nrcpt=1 (queue active)
Jul 11 18:03:49 m34sxx postfix/smtp[12462]: connect to 127.0.0.1[127.0.0.1]: Connection refused (port 10024)
Jul 11 18:03:49 m34sxx postfix/smtpd[12454]: disconnect from mail.gmx.net[213.165.64.21]
Jul 11 18:03:49 m34sxx postfix/smtp[12462]: 064C23ECD0: to=<mo@foobar.com>, relay=none, delay=0, status=deferred (connect to 127.0.0.1[127.0.0.1]: Connection refused)

falko
12th July 2006, 15:02
What's in /etc/postfix/main.cf (please strip out the comments)?
What's the output of netstat -tap (when amavisd is running) and iptables -L?

mority
12th July 2006, 15:47
Here goes the /etc/postfix/main.cf

smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no

append_dot_mydomain = no

myhostname = m34sxx.foobar.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = m34s10.foobar.com, localhost, localhost.localdomain
relayhost =
mynetworks = 127.0.0.0/8
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
virtual_alias_domains =
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, mysql:/etc/postfix/mysql-virtual_email2email.cf
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
virtual_mailbox_base = /home/vmail
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
smtpd_use_tls = yes
smtpd_tls_cert_file = /etc/postfix/smtpd.cert
smtpd_tls_key_file = /etc/postfix/smtpd.key
transport_maps = proxy:mysql:/etc/postfix/mysql-virtual_transports.cf
virtual_create_maildirsize = yes
virtual_mailbox_extended = yes
virtual_mailbox_limit_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailbox_limit_maps.cf
virtual_mailbox_limit_override = yes
virtual_maildir_limit_message = "The user you are trying to reach is over quota."
virtual_overquota_bounce = yes
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps
content_filter = amavis:[127.0.0.1]:10024
receive_override_options = no_address_mappings


Here is the output of 'netstat -tap':

Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 m34sxx.foobar.com:imaps *:* LISTEN 15619/couriertcpd
tcp 0 0 m34sxx.foobar.com:10024 *:* LISTEN 25831/amavisd (mast
tcp 0 0 m34sxx.foobar.com:10025 *:* LISTEN 9743/master
tcp 0 0 m34sxx.foobar.com:mysql *:* LISTEN 17778/mysqld
tcp 0 0 m34sxx.foobar.com:imap2 *:* LISTEN 10257/couriertcpd
tcp 0 0 m34sxx.foobar.com:sunrpc *:* LISTEN 15132/portmap
tcp 0 0 m34sxx.foobar.com:www *:* LISTEN 15818/apache2
tcp 0 0 m34sxx.foobar.com:ssh *:* LISTEN 5203/sshd
tcp 0 0 m34sxx.foobar.com:984 *:* LISTEN 15224/famd
tcp 0 0 m34sxx.foobar.com:smtp *:* LISTEN 9743/master
tcp 0 0 m34sxx.foobar.com:https *:* LISTEN 15818/apache2
LISHED29994/sshd: mo [pri


iptables does not give me output because it's a virtual server where I am not allowed to use iptables.

falko
13th July 2006, 15:42
I found this on the internet: http://www.irbs.net/internet/postfix/0402/2378.html

mority
13th July 2006, 17:24
Thanks for the link, falko!

I changed the line

@inet_acl = qw( 127.0.0.1 );

to

@inet_acl = qw( 83.151.31.44 );

according to the information from the link. And this seems to me to have fixed amavis. But now I get many error messages about ClamAV failing to scan or something and the mail still does not get delivered :(

Here is the excerpt from /var/log/mail.log:

Jul 13 14:17:24 m34s10 postfix/smtpd[6441]: connect from mail.gmx.de[213.165.64.21]
Jul 13 14:17:24 m34s10 postfix/smtpd[6441]: A9F7E3ECD3: client=mail.gmx.de[213.165.64.21]
Jul 13 14:17:24 m34s10 postfix/cleanup[6446]: A9F7E3ECD3: message-id=<44B65614.3060804@gmx.net>
Jul 13 14:17:24 m34s10 postfix/qmgr[5816]: A9F7E3ECD3: from=<mo2001@gmx.net>, size=770, nrcpt=1 (queue active)
Jul 13 14:17:24 m34s10 postfix/smtpd[6441]: disconnect from mail.gmx.de[213.165.64.21]
Jul 13 14:17:24 m34s10 amavis[6333]: (06333-01) Clam Antivirus-clamd FAILED - unknown status: /var/lib/amavis/amavis-20060713T161724-06333/parts: lstat() failed. ERROR\n
Jul 13 14:17:24 m34s10 amavis[6333]: (06333-01) WARN: all primary virus scanners failed, considering backups
Jul 13 14:17:29 m34s10 dccproc[6454]: socket(UDP): Address family not supported by protocol
Jul 13 14:17:29 m34s10 postfix/smtpd[6455]: connect from localhost[127.0.0.1]
Jul 13 14:17:29 m34s10 postfix/smtpd[6455]: 6BE2D3ECD6: client=localhost[127.0.0.1]
Jul 13 14:17:29 m34s10 postfix/cleanup[6446]: 6BE2D3ECD6: message-id=<44B65614.3060804@gmx.net>
Jul 13 14:17:29 m34s10 postfix/qmgr[5816]: 6BE2D3ECD6: from=<mo2001@gmx.net>, size=1229, nrcpt=1 (queue active)
Jul 13 14:17:29 m34s10 postfix/smtpd[6455]: disconnect from localhost[127.0.0.1]
Jul 13 14:17:29 m34s10 amavis[6333]: (06333-01) Passed, <mo2001@gmx.net> -> <mo@eurosprachdienst.com>, Message-ID: <44B65614.3060804@gmx.net>, Hits: 1.177
Jul 13 14:17:29 m34s10 postfix/smtp[6447]: A9F7E3ECD3: to=<mo@eurosprachdienst.com>, relay=127.0.0.1[127.0.0.1], delay=5, status=sent (250 2.6.0 Ok, id=06333-01, from MTA: 250 Ok: queued as 6BE2D3ECD6)
Jul 13 14:17:29 m34s10 postfix/qmgr[5816]: A9F7E3ECD3: removed
Jul 13 14:17:43 m34s10 postfix/virtual[6487]: fatal: mysql:/etc/postfix/mysql-virtual_mailboxes.cf: proxy map is not allowed for security sensitive data
Jul 13 14:17:44 m34s10 postfix/master[5813]: warning: process /usr/lib/postfix/virtual pid 6487 exit status 1
Jul 13 14:17:44 m34s10 postfix/master[5813]: warning: /usr/lib/postfix/virtual: bad command startup -- throttling
Jul 13 14:18:44 m34s10 postfix/virtual[6592]: fatal: mysql:/etc/postfix/mysql-virtual_mailboxes.cf: proxy map is not allowed for security sensitive data
Jul 13 14:18:45 m34s10 postfix/master[5813]: warning: process /usr/lib/postfix/virtual pid 6592 exit status 1
Jul 13 14:18:45 m34s10 postfix/master[5813]: warning: /usr/lib/postfix/virtual: bad command startup -- throttling

falko
14th July 2006, 13:15
Jul 13 14:17:24 m34s10 amavis[6333]: (06333-01) Clam Antivirus-clamd FAILED - unknown status: /var/lib/amavis/amavis-20060713T161724-06333/parts: lstat() failed. ERROR\n

Please check the ClamAV part in amavisd.conf:

@av_scanners = (

### http://www.clamav.net/
['Clam Antivirus-clamd',
\&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd.ctl"],
qr/\bOK$/, qr/\bFOUND$/,
qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
# NOTE: run clamd under the same user as amavisd; match the socket
# name (LocalSocket) in clamav.conf to the socket name in this entry
# When running chrooted one may prefer: ["CONTSCAN {}\n","$MYHOME/clamd"],

);

@av_scanners_backup = (

### http://www.clamav.net/
['Clam Antivirus - clamscan', 'clamscan',
"--stdout --no-summary -r --tempdir=$TEMPBASE {}", [0], [1],
qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],

);

Maybe also a reboot helps. If not, then this is probably because you have a vserver... But then the backup scanner should still work.



Jul 13 14:17:43 m34s10 postfix/virtual[6487]: fatal: mysql:/etc/postfix/mysql-virtual_mailboxes.cf: proxy map is not allowed for security sensitive data
Have a look here: http://www.howtoforge.com/forums/showpost.php?p=14652&postcount=4

mority
14th July 2006, 16:47
I deleted those "proxy:" strings according to your instructions from the link. Now I get the following in /var/log/mail.log (clamav is still failing in the first place but the backup scanner seems to work now) and the first email got delivered to my own little mail server. Hooray and great thanks to you, falko! :)


Jul 14 13:38:21 m34s10 postfix/smtpd[18976]: connect from mail.gmx.net[213.165.64.21]
Jul 14 13:38:22 m34s10 postfix/smtpd[18976]: 1C5BC3EAF5: client=mail.gmx.net[213.165.64.21]
Jul 14 13:38:22 m34s10 postfix/cleanup[18984]: 1C5BC3EAF5: message-id=<44B79E71.7090900@gmx.net>
Jul 14 13:38:22 m34s10 postfix/qmgr[17952]: 1C5BC3EAF5: from=<mo2001@gmx.net>, size=772, nrcpt=1 (queue active)
Jul 14 13:38:22 m34s10 postfix/smtpd[18976]: disconnect from mail.gmx.net[213.165.64.21]
Jul 14 13:38:29 m34s10 amavis[7420]: (07420-05) Clam Antivirus-clamd FAILED - unknown status: /var/lib/amavis/amavis-20060714T153826-07420/parts: lstat() failed. ERROR\n
Jul 14 13:38:29 m34s10 amavis[7420]: (07420-05) WARN: all primary virus scanners failed, considering backups
Jul 14 13:38:43 m34s10 dccproc[19018]: socket(UDP): Address family not supported by protocol
Jul 14 13:38:43 m34s10 postfix/smtpd[19019]: connect from localhost[127.0.0.1]
Jul 14 13:38:43 m34s10 postfix/smtpd[19019]: BF8013ECC8: client=localhost[127.0.0.1]
Jul 14 13:38:43 m34s10 postfix/cleanup[18984]: BF8013ECC8: message-id=<44B79E71.7090900@gmx.net>
Jul 14 13:38:43 m34s10 postfix/qmgr[17952]: BF8013ECC8: from=<mo2001@gmx.net>, size=1231, nrcpt=1 (queue active)
Jul 14 13:38:43 m34s10 postfix/smtpd[19019]: disconnect from localhost[127.0.0.1]
Jul 14 13:38:43 m34s10 postfix/virtual[19022]: BF8013ECC8: to=<mo@eurosprachdienst.com>, relay=virtual, delay=0, status=sent (delivered to maildir)
Jul 14 13:38:43 m34s10 postfix/qmgr[17952]: BF8013ECC8: removed
Jul 14 13:38:43 m34s10 amavis[7420]: (07420-05) Passed, <mo2001@gmx.net> -> <mo@eurosprachdienst.com>, Message-ID: <44B79E71.7090900@gmx.net>, Hits: 0.615
Jul 14 13:38:44 m34s10 postfix/smtp[18985]: 1C5BC3EAF5: to=<mo@eurosprachdienst.com>, relay=127.0.0.1[127.0.0.1], delay=22, status=sent (250 2.6.0 Ok, id=07420-05, from MTA: 250 Ok: queued as BF8013ECC8)
Jul 14 13:38:44 m34s10 postfix/qmgr[17952]: 1C5BC3EAF5: removed

falko
15th July 2006, 15:06
Looks ok (apart from the ClamAV error, but if your backup scanner works, it's ok). :)

mority
16th July 2006, 16:12
IMAP and receiving mails is working perfect now, but I still got a problem with sending mail. The authentication at the database does not seem to work here.
Here's a log entry I found in /var/log/auth.log:

Jul 16 12:54:19 m34s10 postfix/smtpd[8630]: sql_select option missing
Jul 16 12:54:19 m34s10 postfix/smtpd[8630]: auxpropfunc error no mechanism available
Jul 16 12:54:19 m34s10 postfix/smtpd[8630]: _sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: sql
Jul 16 12:54:27 m34s10 saslauthd[5022]: pam_mysql: MySQL err Access denied for user 'mail_admin'@'localhost' (using password: YES)
Jul 16 12:54:27 m34s10 saslauthd[5022]: DEBUG: auth_pam: pam_authenticate failed: Authentication failure
Jul 16 12:54:27 m34s10 saslauthd[5022]: do_auth : auth failure: [user=mo@agrav.org] [service=smtp] [realm=agrav.org] [mech=pam] [reason=PAM auth error]
Jul 16 12:54:28 m34s10 saslauthd[5024]: pam_mysql: MySQL err Access denied for user 'mail_admin'@'localhost' (using password: YES)
Jul 16 12:54:28 m34s10 saslauthd[5024]: DEBUG: auth_pam: pam_authenticate failed: Authentication failure
Jul 16 12:54:28 m34s10 saslauthd[5024]: do_auth : auth failure: [user=mo@agrav.org] [service=smtp] [realm=agrav.org] [mech=pam] [reason=PAM auth error]


I double checked the content of /etc/pam.d/smtp. It is definitely the right database user and password in there. I also tried to put the password in double quotes since I use special characters in it but I keep getting thos Authentication error messages for MySQL in auth.log. Do you have any idea to this issue, too?

falko
17th July 2006, 16:39
Does /etc/pam.d/smtp look like this?
auth required pam_mysql.so user=mail_admin passwd=mail_admin_password host=127.0.0.1 db=mail table=users usercolumn=email passwdcolumn=password crypt=1
account sufficient pam_mysql.so user=mail_admin passwd=mail_admin_password host=127.0.0.1 db=mail table=users usercolumn=email passwdcolumn=password crypt=1
Please use a password without special characters for now.

mority
17th July 2006, 17:29
Please use a password without special characters for now.

I replaced the password for one without special characters and now sending mail works too. Thanks again.

coyote
17th July 2007, 12:08
I habe the same problem like the users before, but I can't solve it with your suggestions. When I activate Amavis in main.cf I get this error:

Jul 17 10:46:12 vsXXXX amavis[5145]: (!) DENIED ACCESS from IP XXX.XXX.XXX.XXX, policy bank ''

Without Amavis Postfix works fine.

Can anyone help?

falko
18th July 2007, 19:29
What's in /etc/postfix/main.cf and /etc/postfix/master.cf?
What's the output of netstat -tap and ifconfig?

coyote
18th July 2007, 20:04
main.cf


command_directory = /usr/sbin
daemon_directory = /usr/lib/postfix
program_directory = /usr/lib/postfix
inet_interfaces = all
mynetworks_style = host
mynetworks = 127.0.0.1 serv-1-0-20
myhostname = vXXXX5.vserver4free.de
mydomain = vXXXX5.vserver4free.de.local
myorigin = $mydomain
smtpd_banner = $myhostname VHCS2 2.4 Rhea Managed ESMTP 2.4.8 RC1
setgid_group = postdrop
mydestination = $myhostname, $mydomain
append_dot_mydomain = no
append_at_myorigin = yes
local_transport = local
virtual_transport = virtual
transport_maps = hash:/etc/postfix/vhcs2/transport
mail_spool_directory = /var/mail
mailbox_size_limit = 0
mailbox_command = procmail -a "$EXTENSION"
biff = no
alias_database = hash:/etc/aliases
local_destination_recipient_limit = 1
local_recipient_maps = unix:passwd.byname $alias_database
vhcs2-arpl_destination_recipient_limit = 1
virtual_mailbox_base = /var/mail/virtual
virtual_mailbox_limit = 0
virtual_mailbox_domains = hash:/etc/postfix/vhcs2/domains
virtual_mailbox_maps = hash:/etc/postfix/vhcs2/mailboxes
virtual_alias_maps = hash:/etc/postfix/vhcs2/aliases
virtual_minimum_uid = 1000
virtual_uid_maps = static:1000
virtual_gid_maps = static:8
smtpd_sasl_auth_enable = yes
smtpd_sasl2_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain =
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_sasl_authenticated,
permit_mynetworks,
reject_unauth_destination
content_filter = smtp-amavis:[127.0.0.1]:10024


master.cf

smtp inet n - - - - smtpd
pickup fifo n - - 60 1 pickup
cleanup unix n - - - 0 cleanup
qmgr fifo n - - 300 1 qmgr
tlsmgr unix - - - 1000? 1 tlsmgr
rewrite unix - - - - - trivial-rewrite
bounce unix - - - - 0 bounce
defer unix - - - - 0 bounce
trace unix - - - - 0 bounce
verify unix - - - - 1 verify
flush unix n - - 1000? 0 flush
proxymap unix - - n - - proxymap
smtp unix - - - - - smtp
relay unix - - - - - smtp -o fallback_relay=
showq unix n - - - - showq
error unix - - - - - error
discard unix - - - - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - - - - lmtp
anvil unix - - - - 1 anvil
scache unix - - - - 1 scache
smtp-amavis unix - - n - 2 smtp
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes
-o disable_dns_lookups=yes
localhost:10025 inet n - y - - smtpd -o content_filter=
-o mynetworks=127.0.0.0/8
-o smtpd_client_restrictions=permit_mynetworks,reject
trace unix - - - - 0 bounce
verify unix - - - - 1 verfiy
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix - n n - 2 pipe
flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman unix - - n - - pipe
flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
${nexthop} ${user}
vhcs2-arpl unix - n n - - pipe flags=O user=vmail argv=/var/www/vhcs2/engine/messager/vhcs2-arpl-msgr

587 inet n - - - - smtpd -o smtpd_client_restrictions=permit_sasl_authenticate d,reject_unauth_destination



netstat -tap

tcp 0 0 vsxxx5.vserver4fr:10024 *:* LISTEN 7088/amavisd (maste
tcp 0 0 vsxxx5.vserver4fr:10025 *:* LISTEN 7390/master
tcp 0 0 vsxxx5.vserver4fr:mysql *:* LISTEN 19174/mysqld
tcp 0 0 vsxxx5.vserv:submission *:* LISTEN 7390/master
tcp 0 0 vsxxx5.vserver4fre:pop3 *:* LISTEN 27599/couriertcpd
tcp 0 0 vsxxx5.vserver4fr:imap2 *:* LISTEN 27594/couriertcpd
tcp 0 0 vsxxx5.vserver4free:www *:* LISTEN 19024/apache2
tcp 0 0 vsxxx5.vserver4fre:9876 *:* LISTEN 23680/vhcs2_daemon
tcp 0 0 vsxxx5.vserver4free:ftp *:* LISTEN 23662/proftpd: (acc
tcp 0 0 vsxxx5.vserver4free:ssh *:* LISTEN 14927/sshd
tcp 0 0 vsxxx5.vserver4fre:smtp *:* LISTEN 7390/master


ifconfig

eth0 Link encap:Ethernet HWaddr 00:XX:XX:E2:23:6E
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:87194199 errors:0 dropped:0 overruns:0 frame:0
TX packets:95478609 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:644955214 (615.0 MiB) TX bytes:3381963262 (3.1 GiB)
Interrupt:201 Base address:0xb800

eth0:0vs3 Link encap:Ethernet HWaddr 00:XX:XX:E2:23:6E
inet addr:8X.XXX.XXX.X7 Bcast:0.0.0.0 Mask:255.255.255.255
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:201 Base address:0xb800


Are these logs helpful?

falko
19th July 2007, 15:55
Jul 17 10:46:12 vsXXXX amavis[5145]: (!) DENIED ACCESS from IP XXX.XXX.XXX.XXX, policy bank ''Does this IP address match the one from the ifconfig output?

I think the problem must be somewhere in your amavisd configuration.

coyote
19th July 2007, 19:42
Yes, it match with the IP from ifconfig-output

falko
20th July 2007, 17:20
Can you see this IP address somewhere in your amavisd configuration?

coyote
22nd July 2007, 14:03
No, I can't find my IP-Adress in the amavisd.conf

falko
23rd July 2007, 14:16
Is there maybe a subnet in the amavisd configuration that contains your IP address?

phantomk
5th August 2007, 09:58
Just to let you know, I figured out why the error was occurring, well at least for me :)

Make sure you do not have the following in main.cf for postfix:
smtp_bind_address = Your.I.P.Address
Not sure why it causes the problem, all I know is that once I commented the above line out, it worked like a charm :)

irDante
7th August 2007, 15:24
hmm..getting the same problem here.

I did an apt-get install webmin, which upgraded a few files....at the end of the webmin install it told me that there was an error with amavis...

apt-get install amavis
Reading Package Lists... Done
Building Dependency Tree... Done
Note, selecting amavisd-new instead of amavis
amavisd-new is already the newest version.
0 upgraded, 0 newly installed, 0 to remove and 99 not upgraded.
1 not fully installed or removed.
Need to get 0B of archives.
After unpacking 0B of additional disk space will be used.
Setting up amavisd-new (2.4.2-6.1) ...
Creating/updating amavis user account...
Starting amavisd: Found incompatible config file flag!
Due to safety concerns, amavisd-new will not be started.
Refer to /usr/share/doc/amavisd-new/README.Debian for instructions.
invoke-rc.d: initscript amavis, action "start" failed.
dpkg: error processing amavisd-new (--configure):
subprocess post-installation script returned error exit status 1
Errors were encountered while processing:
amavisd-new
E: Sub-process /usr/bin/dpkg returned an error code (1)


mail log.
Aug 7 13:48:20 localhost postfix/smtp[31910]: connect to 127.0.0.1[127.0.0.1]: Connection refused (port 10024)
Aug 7 13:48:20 localhost postfix/smtp[31911]: connect to 127.0.0.1[127.0.0.1]: Connection refused (port 10024)
Aug 7 13:48:20 localhost postfix/smtp[31910]: 77D954C01E: to=<adamh@kzn.da.org.za>, relay=none, delay=2605, status=deferred (connect to 127.0.0.1[127.0.0.1]: Connection refused)
Aug 7 13:48:20 localhost postfix/smtp[31910]: connect to 127.0.0.1[127.0.0.1]: Connection refused (port 10024)
Aug 7 13:48:20 localhost postfix/smtp[31911]: 8D14E4C01B: to=<sec@kzn.da.org.za>, relay=none, delay=3213, status=deferred (connect to 127.0.0.1[127.0.0.1]: Connection refused)
Aug 7 13:48:20 localhost postfix/smtp[31910]: 832264C01C: to=<suerog@mweb.co.za>, relay=none, delay=3179, status=deferred (connect to 127.0.0.1[127.0.0.1]: Connection refused)

the strange thing here is...i looked in the /etc/amavis for the amavis.conf file...there was nothing. i had a backup which i copied back...but still not working.

/etc/init.d/amavis restart
Stopping amavisd: (not running).
Starting amavisd: Found incompatible config file flag!
Due to safety concerns, amavisd-new will not be started.
Refer to /usr/share/doc/amavisd-new/README.Debian for instructions.

i have gone though all the above advice....still nothing?

:confused:

irDante
7th August 2007, 20:50
hi. just to let you know, i fixed it.

If you have tried to upgrade amavis to newer version which is now amavis-new it breaks amavis.

at the time of apt-get install amavis, the install takes /etc/amavis/amavis.conf or /etc/amavis.conf and renames it to amavis.conf.disabled

the install then fails asking you to read more about the changes.

simply rename the amavis.conf.disabled to amavis.conf.WHATEVER and remove the amavis.conf.disabled file.

then run the apt-get install amavis again, and it will complete the install fine.

start amavis if needed,

hope this helps you

:)