Postfix = TLS / SASL Wont Send Email

Discussion in 'Server Operation' started by carlosinfl, Mar 3, 2010.

  1. carlosinfl

    carlosinfl New Member

    I have Postfix up and working perfect. It receives and sends email fine with no TLS and SASL but I installed Dovecot and then generated some self signed certificates using 'openssl' and for some reason I can't send from my IMAP server. I get this in my logs:

    Mar  3 11:20:45 mail dovecot: imap-login: Login: user=<carlos>, method=PLAIN, rip=, lip=, TLS
    Mar  3 11:21:20 mail postfix/smtpd[1386]: connect from tuna.mydomain.tld[]
    Mar  3 11:21:20 mail postfix/smtpd[1386]: setting up TLS connection from tuna.mydomain.tld[]
    Mar  3 11:21:20 mail postfix/smtpd[1386]: SSL_accept error from tuna.mydomain.tld[]: 0
    Mar  3 11:21:20 mail postfix/smtpd[1386]: warning: TLS library problem: 1386:error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca:s3_pkt.c:1061:SSL alert number 48:
    Mar  3 11:21:20 mail postfix/smtpd[1386]: lost connection after STARTTLS from tuna.mydomain.tld[]
    Mar  3 11:21:20 mail postfix/smtpd[1386]: disconnect from tuna.mydomain.tld[]
    Does anyone know what could be causing this issue? I don't show any other errors in my logs but I am watching them over and over. Postfix receives mail perfect and I can send in plain text with no TLS enabled. Below is my output of 'postconf -n':

    alias_database = $alias_maps
    alias_maps = hash:/etc/postfix/aliases
    bounce_queue_lifetime = 1d
    command_directory = /usr/sbin
    config_directory = /etc/postfix
    daemon_directory = /usr/lib/postfix
    debug_peer_level = 2
    delay_warning_time = 4h
    home_mailbox = mail/
    html_directory = no
    inet_interfaces = all
    inet_protocols = ipv4
    mail_owner = postfix
    mailq_path = /usr/bin/mailq
    manpage_directory = /usr/share/man
    mydestination = $myhostname, $mydomain, mail.$mydomain
    mydomain =
    myhostname =
    mynetworks = $config_directory/mynetworks
    myorigin = $mydomain
    newaliases_path = /usr/bin/newaliases
    queue_directory = /var/spool/postfix
    readme_directory = no
    recipient_delimiter = +
    relayhost = 
    sample_directory = /etc/postfix/sample
    sendmail_path = /usr/sbin/sendmail
    setgid_group = postdrop
    smtp_helo_timeout = 60s
    smtp_sasl_auth_enable = yes
    smtp_tls_session_cache_database = btree:/var/lib/postfix/smtp_scache
    smtpd_recipient_restrictions = permit_sasl_authenticated,		permit_mynetworks,	reject_unauth_destination,	reject_non_fqdn_recipient,   	reject_unknown_recipient_domain,   	reject_non_fqdn_helo_hostname,   	reject_invalid_helo_hostname,	reject_rbl_client,   	reject_rbl_client,	check_policy_service inet:
    smtpd_sasl_auth_enable = yes
    smtpd_sasl_path = /var/run/dovecot/auth-client
    smtpd_sasl_security_options = noanonymous
    smtpd_sasl_type = dovecot
    smtpd_sender_restrictions = permit_sasl_authenticated, 	permit_mynetworks
    smtpd_tls_cert_file = /etc/ssl/certs/mail.crt
    smtpd_tls_key_file = /etc/ssl/private/mail.key
    smtpd_tls_loglevel = 1
    smtpd_tls_session_cache_database = btree:/var/lib/postfix/smtpd_scache
    smtpd_use_tls = yes
    unknown_local_recipient_reject_code = 450

Share This Page