#1  
Old 8th March 2012, 18:20
3DPeruna 3DPeruna is offline
Member
 
Join Date: Jan 2007
Posts: 50
Thanks: 8
Thanked 0 Times in 0 Posts
Question Issues with Gmail Delivery

I've got a relatively new ISPConfig 3 server running with the free SSL. Everything was running well until last Thursdayish. At that point email, primarily from Gmail, started to get rejected or rejected and delayed, or just delayed. This is an email sent from someone who got a rejection:

Code:
This is an automatically generated Delivery Status Notification

THIS IS A WARNING MESSAGE ONLY.

YOU DO NOT NEED TO RESEND YOUR MESSAGE.

Delivery to the following recipient has been delayed:

    paul@xxxxxxxx.com

Message will be retried for 2 more day(s)

Technical details of temporary failure:
Google tried to deliver your message, but it was rejected by the recipient domain. We recommend contacting the other email provider for further information about the cause of this error. The error that the other server returned was: 454 454 4.7.0 TLS not available due to local problem (state 9).

----- Original message -----

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
       d=gmail.com; s=20120113;
       h=mime-version:in-reply-to:references:date:message-id:subject:from:to
        :content-type;
       bh=oze4JDDYpelUVo7WQEQEgHCWUukAnK83ecV8+hy5l88=;
       b=EF0U1HtuWtd710KH0AH3/l4x0jbpiC2IVo4DSA+6TXjpYaZhrJo6+Fd5g/7/q63WpK
        qsuoqDjvOU0oKfgg7mOdQkgn/Q1XbX4LS8uLkjpcUcSZIrvC/kSBHxk41Z+6ynUhl4iH
        Y+5qG8kRm3+DGtFbNKzZxc2lxPJSCk/i8Uim6U6MncbTnItvedfg9lX85MZVutqWU8+K
        6NSFhZYwmTn7IE6mZZLUbpzBFePH6Mz/xvMPtbMC32T5/xPDb1fCFh4f1p+T3cTg1iYG
        koRRm3lVCuQCVsbHz+kZD7U0Obnr2O9MIjsVtdVgrUOH2ZS4VieNZbCYg58ers+6O9Xf
        P6Wg==
MIME-Version: 1.0
Received: by 10.204.9.194 with SMTP id m2mr9011495bkm.92.1330991982401; Mon,
 05 Mar 2012 15:59:42 -0800 (PST)
Received: by 10.204.33.201 with HTTP; Mon, 5 Mar 2012 15:59:42 -0800 (PST)
In-Reply-To: <4F54DB5B.4060401@protospace.com>
References: <CALTDuYEknA+j2kJtfa_nDzB=ODCN8sbpUOsYBvYxpMMri=tiCw@mail.gmail.com>
       <4F54DB5B.4060401@protospace.com>
Date: Mon, 5 Mar 2012 17:59:42 -0600
Message-ID: <CALTDuYFh7BabQz=zEQ2P0qjgbgx2rEi7S84BWTGCA1JZ7di-Rw@mail.gmail.com>
Subject: Re:
From: XXXXXXXX <xxxxxxxxx@gmail.com>
To: XXXXX <xxxx@XXXXXXXX.com>
Content-Type: multipart/alternative; boundary=0015175d02a24f583d04ba87b843
It seems to only be happening from Gmail... any ideas?
Reply With Quote
Sponsored Links
  #2  
Old 8th March 2012, 19:01
kwickcut kwickcut is offline
Senior Member
 
Join Date: Nov 2005
Location: nj usa
Posts: 223
Thanks: 14
Thanked 11 Times in 10 Posts
Default

Quote:
Technical details of temporary failure:
Google tried to deliver your message, but it was rejected by the recipient domain. We recommend contacting the other email provider for further information about the cause of this error. The error that the other server returned was: 454 454 4.7.0 TLS not available due to local problem (state 9).

--
We recommend contacting the other email provider this is you
i am not 100% sure but looks like you ssl cert is no good or something is wrong with it
__________________
Operating system Ubuntu Linux 10.04.4
ISPConfig Version: 3.0.4.3
Webmin version 1.580
Kernel and CPU Linux 2.6.32-40-server on x86_64
Processor information AMD Phenom(tm) II X4 945 Processor, 4 cores
Real memory 4.0 GB total
Reply With Quote
  #3  
Old 8th March 2012, 19:50
3DPeruna 3DPeruna is offline
Member
 
Join Date: Jan 2007
Posts: 50
Thanks: 8
Thanked 0 Times in 0 Posts
Default

Thanks... I recreated the certificates, creating a class 1 following these instructions: http://www.howtoforge.com/securing-y...-from-startssl. Unfortunately, it doesn't appear to have changed much. Gmail still isn't delivering mail in a timely manner.

But, it does maybe point to an issue on my server.

Code:
# See /usr/share/postfix/main.cf.dist for a commented, more complete version


# Debian specific:  Specifying a file name will cause the first
# line of that file to be used as the name.  The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

readme_directory = /usr/share/doc/postfix

# TLS parameters
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtpd_use_tls = yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.

myhostname = mydomain.com
alias_maps = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
alias_database = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
myorigin = /etc/mailname
mydestination = mydomain.com, localhost, localhost.localdomain
relayhost =
mynetworks = 127.0.0.0/8 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
html_directory = /usr/share/doc/postfix/html
virtual_alias_domains =
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, proxy:mysql:/etc/postfix/mysql-virtual_email2email.cf$
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
virtual_mailbox_base = /var/vmail
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_sasl_authenticated_header = yes
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
smtpd_tls_security_level = may
transport_maps = proxy:mysql:/etc/postfix/mysql-virtual_transports.cf
relay_domains = mysql:/etc/postfix/mysql-virtual_relaydomains.cf
relay_recipient_maps = mysql:/etc/postfix/mysql-virtual_relayrecipientmaps.cf
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_$
smtpd_sender_restrictions = check_sender_access mysql:/etc/postfix/mysql-virtual_sender.cf
smtpd_client_restrictions = check_client_access mysql:/etc/postfix/mysql-virtual_client.cf
smtpd_client_message_rate_limit = 100
maildrop_destination_concurrency_limit = 1
maildrop_destination_recipient_limit = 1
virtual_transport = maildrop
header_checks = regexp:/etc/postfix/header_checks
mime_header_checks = regexp:/etc/postfix/mime_header_checks
nested_header_checks = regexp:/etc/postfix/nested_header_checks
body_checks = regexp:/etc/postfix/body_checks
owner_request_special = no
content_filter = amavis:[127.0.0.1]:10024
receive_override_options = no_address_mappings
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
smtpd_tls_auth_only = no
smtp_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_CAfile = /usr/local/ispconfig/interface/ssl/startssl.chain.class1.server.crt
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
message_size_limit = 0
Something amiss here? (note: myhostname = mydomain.com actually has my domain in it)
Reply With Quote
  #4  
Old 8th March 2012, 22:17
3DPeruna 3DPeruna is offline
Member
 
Join Date: Jan 2007
Posts: 50
Thanks: 8
Thanked 0 Times in 0 Posts
Default

I've verified that I can receive mail from Hotmail, Yahoo and just about every other provider EXCEPT Gmail.

Anybody else experience this?
Reply With Quote
  #5  
Old 9th March 2012, 15:04
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,735 Times in 2,571 Posts
Default

Are there any errors in your mail log (in the /var/log/ directory)?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #6  
Old 9th March 2012, 15:24
3DPeruna 3DPeruna is offline
Member
 
Join Date: Jan 2007
Posts: 50
Thanks: 8
Thanked 0 Times in 0 Posts
Default

Falko: No, both logs are empty of errors. /var/log/mail.log just shows regular traffic and /var/log/mail.err doesn't have anything.

However, I ran tail -f /var/log/syslog, then went to Gmail and sent a message and watched the log. This is what came up:

Code:
Mar  9 08:19:14 myserver postfix/smtpd[4131]: warning: cannot get RSA certificate from file /etc/postfix/smtpd.crt: disabling TLS support
Mar  9 08:19:14 myserver postfix/smtpd[4131]: warning: TLS library problem: 4131:error:02001002:system library:fopen:No such file or directory:bss_file.c:398:fopen('/etc/postfix/smtpd.crt','r'):
Mar  9 08:19:14 myserver postfix/smtpd[4131]: warning: TLS library problem: 4131:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:400:
Mar  9 08:19:14 myserver postfix/smtpd[4131]: warning: TLS library problem: 4131:error:140DC002:SSL routines:SSL_CTX_use_certificate_chain_file:system lib:ssl_rsa.c:722:
Mar  9 08:19:14 myserver postfix/smtpd[4131]: connect from mail-we0-f169.google.com[74.125.82.169]
Mar  9 08:19:15 myserver postfix/cleanup[4132]: 12B6D1EA0673: message-id=<20120309141915.12B6D1EA0673@myserver.com>
Mar  9 08:19:15 myserver postfix/smtpd[4131]: disconnect from mail-we0-f169.google.com[74.125.82.169]
Mar  9 08:19:15 myserver postfix/qmgr[4042]: 12B6D1EA0673: from=<double-bounce@myserver.com>, size=943, nrcpt=1 (queue active)
Mar  9 08:19:15 myserver postfix/local[4133]: 12B6D1EA0673: to=<root@myserver.com>, orig_to=<postmaster>, relay=local, delay=0.15, delays=0.09/0.01/0/0.04, dsn=2.0.0, status=sent (delivered to mailbox)
Mar  9 08:19:15 myserver postfix/qmgr[4042]: 12B6D1EA0673: removed
Reply With Quote
  #7  
Old 10th March 2012, 14:30
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,735 Times in 2,571 Posts
Default

Shouldn't /etc/postfix/smtpd.crt be /etc/postfix/smtpd.cert? What's the output of
Code:
ls -la /etc/postfix/
?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
The Following User Says Thank You to falko For This Useful Post:
3DPeruna (10th March 2012)
  #8  
Old 10th March 2012, 17:50
3DPeruna 3DPeruna is offline
Member
 
Join Date: Jan 2007
Posts: 50
Thanks: 8
Thanked 0 Times in 0 Posts
Thumbs up

Thanks Falko!

Stupid typos!
Reply With Quote
  #9  
Old 7th May 2012, 00:17
scmeis1 scmeis1 is offline
Junior Member
 
Join Date: May 2012
Posts: 5
Thanks: 0
Thanked 0 Times in 0 Posts
 
Default

You not the only one that has issues with Gmail. I have been watching this thread for a bit, but I do not have a spelling error.

I am curious, did that fix your issue?
Reply With Quote
Reply

Bookmarks

Tags
error, gmail, tls

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Not receiving e-mail, Squirrelmail with ISPConfig3 xstnc Server Operation 14 10th March 2012 14:29
ISPConfig "backend" completely unfunctional after a restart Xaymar Installation/Configuration 1 22nd August 2011 22:31
My Server Is Sending Spam. How Do I Block This? LordJ Server Operation 1 7th July 2011 19:34
Stange mail problem The-Ghost Installation/Configuration 6 25th April 2010 19:59
ISPConfig 3 Send/Receive mail not working. Acidut General 6 4th April 2010 11:24


All times are GMT +2. The time now is 21:45.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.