Postfix: mail transport unavailable

Discussion in 'General' started by Wader, Jun 1, 2011.

  1. Wader

    Wader New Member

    Hi there,

    I've just moved to a new dedi using ubuntu 10.04.2 following linodes setup guide for ISPConfig. http://library.linode.com/web-applications/control-panels/ispconfig/ubuntu-10.04-lucid

    Everything seems to be working as intended other than my mail server. Firstly i had issues with ClamAV to which i disabled, however now i seem to be receiving the error "mail transport unavaliable". I have about 80 emails waiting in the mailqueue.

    Here is the output from "postconf -n"

    Code:
    alias_database = hash:/etc/aliases
    alias_maps = hash:/etc/aliases
    append_dot_mydomain = no
    biff = no
    body_checks = regexp:/etc/postfix/body_checks
    broken_sasl_auth_clients = yes
    config_directory = /etc/postfix
    header_checks = regexp:/etc/postfix/header_checks
    html_directory = /usr/share/doc/postfix/html
    inet_interfaces = all
    mailbox_size_limit = 0
    mime_header_checks = regexp:/etc/postfix/mime_header_checks
    mydestination = iwader.co.uk, localhost, localhost.localdomain
    myhostname = iwader.co.uk
    mynetworks = 127.0.0.0/8 [::1]/128
    myorigin = /etc/mailname
    nested_header_checks = regexp:/etc/postfix/nested_header_checks
    proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virt                                                                                                 ual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipien                                                                                                 t_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonica                                                                                                 l_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps
    readme_directory = /usr/share/doc/postfix
    recipient_delimiter = +
    relay_domains = mysql:/etc/postfix/mysql-virtual_relaydomains.cf
    relay_recipient_maps = mysql:/etc/postfix/mysql-virtual_relayrecipientmaps.cf
    relayhost =
    smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
    smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
    smtpd_client_restrictions = check_client_access mysql:/etc/postfix/mysql-virtual                                                                                                 _client.cf
    smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, che                                                                                                 ck_recipient_access mysql:/etc/postfix/mysql-virtual_recipient.cf, reject_unauth                                                                                                 _destination
    smtpd_sasl_auth_enable = yes
    smtpd_sasl_authenticated_header = yes
    smtpd_sender_restrictions = check_sender_access mysql:/etc/postfix/mysql-virtual                                                                                                 _sender.cf
    smtpd_tls_cert_file = /etc/postfix/smtpd.cert
    smtpd_tls_key_file = /etc/postfix/smtpd.key
    smtpd_tls_security_level = may
    smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
    smtpd_use_tls = yes
    transport_maps = proxy:mysql:/etc/postfix/mysql-virtual_transports.cf
    virtual_alias_domains =
    virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, mysq                                                                                                 l:/etc/postfix/mysql-virtual_email2email.cf
    virtual_gid_maps = static:5000
    virtual_mailbox_base = /var/vmail
    virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
    virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
    virtual_transport = maildrop
    virtual_uid_maps = static:5000
    
    As far as i know all my dns is exactly the same as before (updated to the new ip ofcourse)
     
  2. till

    till Super Moderator Staff Member ISPConfig Developer

  3. Wader

    Wader New Member

    Yes thats the same guide i followed to disable it, however looking at the error logs this morning it would seem its still trying to use Amavis.

    Code:
    Jun 1 08:41:05 velocity postfix/qmgr[22287]: warning: connect to transport private/amavis: Connection refused
    This line appears in the warn logs many times, even though the use of Amavis and ClamAV has been disabled.
     
  4. cbj4074

    cbj4074 Member

    Apologies for "bumping" this post, but I had the same issue and was able to find a resolution that seems to be worth documenting.

    I, too, followed the guide at http://www.faqforge.com/linux/contr...ilter-and-antivirus-functions-in-ispconfig-3/ in order to disable Amavis and ClamAV on a low-memory server.

    Of course, at the time, I did not absorb the most important piece of the article, which is at the bottom (should it be moved to the top?):

    After performing ISPConfig3 and OS updates, mail delivery ceased to function. I'm not sure if I elected to reconfigure services, but if that is the default, then I probably did.

    Issuing the command

    Code:
    # egrep '(warning|error|fatal|panic):' /var/log/mail.log | more
    
    made it apparent that the problem was indeed Amavis:

    Code:
    postfix/qmgr[XXXX]: warning: connect to transport private/amavis: Connection refused
    
    After examining

    Code:
    /etc/postfix/main.cf
    I noticed that the lines I had commented per the KB article cited above were re-added at the bottom:

    Code:
    content_filter = amavis:[127.0.0.1]:10024
    receive_override_options = no_address_mappings
    
    So, I re-commented the lines and restarted Postfix.

    Still, the problem was not resolved... until I re-queued all of the previously-queued mail:

    Code:
    # postsuper -r ALL
    
    Problem solved.

    I'm no expert in this regard, but it seems that Postfix may have been using cached configuration files (even though I had restarted the service several times after re-commenting the lines in question), as evidenced by

    Code:
    # grep -r "amavis" /etc/postfix
    /etc/postfix/master.cf:#amavis unix - - - - 2 smtp
    /etc/postfix/main.cf:#content_filter = amavis:[127.0.0.1]:10024
    /etc/postfix/main.cf~:#content_filter = amavis:[127.0.0.1]:10024
    /etc/postfix/main.cf~:content_filter = amavis:[127.0.0.1]:10024
    /etc/postfix/master.cf~:#amavis unix - - - - 2 smtp
    /etc/postfix/main.cf~3:#content_filter = amavis:[127.0.0.1]:10024
    /etc/postfix/main.cf~2:#content_filter = amavis:[127.0.0.1]:10024
    /etc/postfix/main.cf.bak:#content_filter = amavis:[127.0.0.1]:10024
    /etc/postfix/main.cf.bak:content_filter = amavis:[127.0.0.1]:10024
    
    Any expert comments as to why re-queuing the undelivered mail resolved the issue are appreciated.
     
    kj_ likes this.
  5. till

    till Super Moderator Staff Member ISPConfig Developer

    What you describe here is the normal behaviour of postfix and not related to any config file caching. A restart of postfix doe snot requeue emails. If a email delivery fails temporarily, postfix adds the email to to the queue and retries delivery after a given timespan or when the messages are requeued manually.
     
  6. cbj4074

    cbj4074 Member

    Thanks for the clarification, Till.

    Given your remarks, I have another question :)

    After re-commenting the applicable lines in Postfix's configuration file and restarting the service, I attempted to flush the mail queue with

    Code:
    # postqueue -f
    
    The queued messages still failed to be delivered.

    So, once mail is queued while Amavis is mis-configured, said mail cannot be delivered successfully with a flush (even after the configuration issues are resolved)? The mail must be re-queued, instead?
     
  7. till

    till Super Moderator Staff Member ISPConfig Developer

    amavisd acts similar to a mailserver, just that it listens only on localhost with IP 10024. If a mail is received by postfix and the postfix configuration redirected the email to this "internal" mailserver on port 10024, then a postqueue -f will just try to redeliver the emails to amavisd as amavisd is stored as next step for email processing in the mail inside the mailqueue while a full requeue will tell postfix to act as if the email is received again so that it decides again where to deliver the email.
     
  8. Rodrigo Kulb

    Rodrigo Kulb New Member

    Hello Till,

    I'm having the same problem that although all emails that you receive from external servers get the status (mail transport unavailable). Then run the $ postsuper -r ALL command. But only by running this command. Otherwise they remain as mail transport unavailable. I'm using ISPCONFIG 3 + postifx + dovecot.
     
  9. cbj4074

    cbj4074 Member

    @Rodrigo Kulb
    It would be helpful for you to go back and look at my post earlier in the thread and follow the same troubleshooting steps.
    In other words, what's the output from this command?
    Code:
    sudo egrep '(warning|error|fatal|panic):' /var/log/mail.log | more
    
     
  10. Rodrigo Kulb

    Rodrigo Kulb New Member

    Hello cbj4074,
    I make all stages up but i even have this return:
    Jan 6 16:41:44 diretoriodemall postfix/qmgr[50369]: warning: connect to transport private/amavis: Connection refused

    When I run this command the messages are sent

    [email protected]:~# postsuper -r ALL
    postsuper: Requeued: 6 messages
     
    Last edited: Jan 6, 2019
  11. till

    till Super Moderator Staff Member ISPConfig Developer

    Amavis seems to be down. Restart amavisd.
     
  12. Rodrigo Kulb

    Rodrigo Kulb New Member

    Hello till,
    This is the problem, as in the example above.
    I am disabling amavis in ispconfig, when enabled neither with this command (postsuper -r ALL) the emails work. When I disable amavis by running this command (postsuper -r ALL) the emails not work.
    Below my conf.
    #main.conf
    Code:
    # See /usr/share/postfix/main.cf.dist for a commented, more complete version
    
    
    # Debian specific: Specifying a file name will cause the first
    # line of that file to be used as the name. The Debian default
    # is /etc/mailname.
    #myorigin = /etc/mailname
    
    smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
    biff = no
    
    # appending .domain is the MUA's job.
    append_dot_mydomain = no
    
    # Uncomment the next line to generate "delayed mail" warnings
    #delay_warning_time = 4h
    
    readme_directory = /usr/share/doc/postfix
    
    # TLS parameters
    #smtpd_tls_cert_file = /etc/postfix/smtpd.cert
    #smtpd_tls_key_file = /etc/postfix/smtpd.key
    #smtpd_use_tls = yes
    #smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
    #smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
    
    # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
    # information on enabling SSL in the smtp client.
    
    # TESTE smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
    myhostname = *****************
    alias_maps = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
    alias_database = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
    myorigin = /etc/mailname
    mydestination = *****************, localhost, localhost.localdomain, rev.varapido.com.br
    relayhost = cloud-smtp.whservidor.com
    mynetworks = 127.0.0.0/8 [::1]/128 *****************
    mailbox_size_limit = 0
    recipient_delimiter = +
    inet_interfaces = all
    inet_protocols = ipv4
    html_directory = /usr/share/doc/postfix/html
    virtual_alias_domains =
    virtual_alias_maps = hash:/var/lib/mailman/data/virtual-mailman, proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, proxy:mysql:/etc/postfix/mysql-virtual_email2email.cf
    virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
    virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
    virtual_mailbox_base = /var/vmail
    virtual_uid_maps = mysql:/etc/postfix/mysql-virtual_uids.cf
    virtual_gid_maps = mysql:/etc/postfix/mysql-virtual_gids.cf
    sender_bcc_maps = proxy:mysql:/etc/postfix/mysql-virtual_outgoing_bcc.cf
    smtpd_sasl_auth_enable = yes
    broken_sasl_auth_clients = yes
    smtpd_sasl_authenticated_header = yes
    smtpd_restriction_classes = greylisting
    greylisting = check_policy_service inet:127.0.0.1:10023
    smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_rbl_client zen.spamhaus.org, check_recipient_access mysql:/etc/postfix/mysql-virtual_recipient.cf, check_recipient_access mysql:/etc/postfix/mysql-virtual_policy_greylist.cf
    # smtpd_tls_security_level = may
    transport_maps = hash:/var/lib/mailman/data/transport-mailman, proxy:mysql:/etc/postfix/mysql-virtual_transports.cf
    relay_domains = mysql:/etc/postfix/mysql-virtual_relaydomains.cf
    relay_recipient_maps = mysql:/etc/postfix/mysql-virtual_relayrecipientmaps.cf
    smtpd_sender_login_maps = proxy:mysql:/etc/postfix/mysql-virtual_sender_login_maps.cf
    proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $sender_bcc_maps $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $smtpd_sender_login_maps
    smtpd_helo_required = yes
    smtpd_helo_restrictions = permit_sasl_authenticated, permit_mynetworks, check_helo_access regexp:/etc/postfix/helo_access, reject_invalid_hostname, reject_non_fqdn_hostname, reject_invalid_helo_hostname, reject_unknown_helo_hostname, check_helo_access regexp:/etc/postfix/blacklist_helo
    smtpd_sender_restrictions = check_sender_access regexp:/etc/postfix/tag_as_originating.re , permit_mynetworks, permit_sasl_authenticated, check_sender_access mysql:/etc/postfix/mysql-virtual_sender.cf, check_sender_access regexp:/etc/postfix/tag_as_foreign.re
    smtpd_client_restrictions = check_client_access mysql:/etc/postfix/mysql-virtual_client.cf
    smtpd_client_message_rate_limit = 100
    maildrop_destination_concurrency_limit = 1
    maildrop_destination_recipient_limit = 1
    virtual_transport = dovecot
    header_checks = regexp:/etc/postfix/header_checks
    mime_header_checks = regexp:/etc/postfix/mime_header_checks
    nested_header_checks = regexp:/etc/postfix/nested_header_checks
    body_checks = regexp:/etc/postfix/body_checks
    owner_request_special = no
    #smtp_tls_security_level = may
    #smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
    # smtpd_tls_protocols = !SSLv2,!SSLv3
    # smtp_tls_protocols = !SSLv2,!SSLv3
    # smtpd_tls_exclude_ciphers = RC4, aNULL
    # smtp_tls_exclude_ciphers = RC4, aNULL
    dovecot_destination_recipient_limit = 1
    smtpd_sasl_type = dovecot
    smtpd_sasl_path = private/auth
    # content_filter = amavis:[127.0.0.1]:10026
    receive_override_options = no_address_mappings
    message_size_limit = 0
    compatibility_level = 2
    
    
     
  13. till

    till Super Moderator Staff Member ISPConfig Developer

    Restart amavis and then check the mail.log to see if you get any error messages why amavis is not able to start.
     
  14. Rodrigo Kulb

    Rodrigo Kulb New Member

    It starts normally, I want to disable it, I believe it is locking the messages. When I disable I get the emails by running the command (postsuper -r ALL). I would like to know why I need to run this command. I would like to receive automatically without having to run this command.
     
  15. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    If amavis is not running, mails are not delivered. Once you find out why amavis is not running it can be fixed and mails are delivered.
    So like @till wrote, start amavis and read the log to see what is happening.
    Did you reveal what operating system and what version this host has? And what version ISPConfig?
     
    Rodrigo Kulb and till like this.
  16. till

    till Super Moderator Staff Member ISPConfig Developer

    Amavis is not locking the messages, actually, postfix is locking them and the messages are waiting in the queue for amavis to become reachable again. Amavis is an integral part of the mail system and required for many functions like antivirus, spam filtering, and DKIM mail signing, so it is required for incoming and outgoing emails. If you remove it, then most parts of the ISPConfig mail settings will stop working, so I won't do that if you want to keep a working mail setup.
     
  17. Rodrigo Kulb

    Rodrigo Kulb New Member

    Ubuntu 16.04.5 LTS (Xenial Xerus)) ISPConfig 3.1dev
    This is the error return

    Jan 7 14:41:56 diretoriodemall postfix/qmgr[58204]: warning: connect to transport private/amavis: Connection refused
    Jan 7 14:41:56 diretoriodemall postfix/error[58322]: 3CC09A222F: to=<[email protected]>, relay=none, delay=11, delays=11/0.02/0/0.02, dsn=4.3.0, status=deferred (mail transport unavailable)
     
  18. till

    till Super Moderator Staff Member ISPConfig Developer

    That's an error from postfix and not the message from a restarting or failing amavis. Restart amavis (the exact command can vary depending on the opertaing system you use), it shoulod be one of these commands:

    service amavis restart
    service amavisd restart
    service amavisd-new restart

    and then look into the mail log directly, you will find a bunch of messages from amavis which detail why it fails to start.
     
  19. Rodrigo Kulb

    Rodrigo Kulb New Member

    service amavis restart
    service amavisd-snmp-subagent restart
    service amavis-mc restart
    Code:
    Jan  7 14:55:01 diretoriodemall amavis[58020]: (58020-01) (!)ClamAV-clamd av-scanner FAILED: run_av error: Too many retries to talk to /var/run/clamav/clamd.ctl (All attempts (1) failed connecting to /var/run/clamav/clamd.ctl) at (eval 103) line 613.\n
    Jan  7 14:55:08 diretoriodemall amavis[58021]: (58021-01) (!)ClamAV-clamd av-scanner FAILED: run_av error: Too many retries to talk to /var/run/clamav/clamd.ctl (All attempts (1) failed connecting to /var/run/clamav/clamd.ctl) at (eval 103) line 613.\n
    Jan  7 14:55:43 diretoriodemall postfix/trivial-rewrite[61596]: warning: do not list domain 200-98-113-98.clouduol.com.br in BOTH mydestination and virtual_mailbox_domains
    Jan  7 14:55:43 diretoriodemall postfix/trivial-rewrite[61596]: warning: do not list domain 200-98-113-98.clouduol.com.br in BOTH mydestination and virtual_mailbox_domains
    Jan  7 14:55:50 diretoriodemall amavis[58020]: (58020-02) (!)ClamAV-clamd av-scanner FAILED: run_av error: Too many retries to talk to /var/run/clamav/clamd.ctl (All attempts (1) failed connecting to /var/run/clamav/clamd.ctl) at (eval 103) line 613.\n
    Jan  7 14:55:50 diretoriodemall amavis[58021]: (58021-02) (!)ClamAV-clamd av-scanner FAILED: run_av error: Too many retries to talk to /var/run/clamav/clamd.ctl (All attempts (1) failed connecting to /var/run/clamav/clamd.ctl) at (eval 103) line 613.\n
    Jan  7 14:56:03 diretoriodemall postfix/smtpd[61593]: warning: unknown[188.136.143.42]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
    Jan  7 14:56:05 diretoriodemall postfix/smtpd[61963]: warning: unknown[185.218.234.134]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
    Jan  7 14:56:05 diretoriodemall postfix/smtpd[61984]: warning: unknown[185.218.234.134]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
    Jan  7 14:56:08 diretoriodemall postfix/smtpd[61963]: warning: unknown[185.218.234.134]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
    Jan  7 14:56:08 diretoriodemall postfix/smtpd[61984]: warning: unknown[185.218.234.134]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
    Jan  7 14:56:10 diretoriodemall postfix/smtpd[61963]: warning: unknown[185.218.234.134]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
    Jan  7 14:56:10 diretoriodemall postfix/smtpd[61984]: warning: unknown[185.218.234.134]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
    Jan  7 14:56:15 diretoriodemall postfix/trivial-rewrite[61596]: warning: do not list domain 200-98-113-98.clouduol.com.br in BOTH mydestination and virtual_mailbox_domains
    Jan  7 14:56:17 diretoriodemall postfix/trivial-rewrite[61596]: warning: do not list domain 200-98-113-98.clouduol.com.br in BOTH mydestination and virtual_mailbox_domains
    Jan  7 14:56:23 diretoriodemall amavis[58021]: (58021-02-2) (!)ClamAV-clamd av-scanner FAILED: run_av error: Too many retries to talk to /var/run/clamav/clamd.ctl (All attempts (1) failed connecting to /var/run/clamav/clamd.ctl) at (eval 103) line 613.\n
    Jan  7 14:56:24 diretoriodemall amavis[58020]: (58020-02-2) (!)ClamAV-clamd av-scanner FAILED: run_av error: Too many retries to talk to /var/run/clamav/clamd.ctl (All attempts (1) failed connecting to /var/run/clamav/clamd.ctl) at (eval 103) line 613.\n
    Jan  7 14:57:04 diretoriodemall postfix/trivial-rewrite[61596]: warning: do not list domain 200-98-113-98.clouduol.com.br in BOTH mydestination and virtual_mailbox_domains
    Jan  7 14:57:12 diretoriodemall amavis[58021]: (58021-02-3) (!)ClamAV-clamd av-scanner FAILED: run_av error: Too many retries to talk to /var/run/clamav/clamd.ctl (All attempts (1) failed connecting to /var/run/clamav/clamd.ctl) at (eval 103) line 613.\n
    Jan  7 14:57:13 diretoriodemall amavis[58020]: (58020-02-3) (!)ClamAV-clamd av-scanner FAILED: run_av error: Too many retries to talk to /var/run/clamav/clamd.ctl (All attempts (1) failed connecting to /var/run/clamav/clamd.ctl) at (eval 103) line 613.\n
    
     
  20. till

    till Super Moderator Staff Member ISPConfig Developer

    1st error:

    The server hostname cannot be used as virtual mailbox domain, login to ispconfig and remove the mail domain
    200-98-113-98.clouduol.com.br that you seem to have added there.

    2. error:

    Clamav server / clamav daemon seems to be stopped. Start it as amavis needs it to scan emails.
     
    Rodrigo Kulb likes this.

Share This Page