Reinstalling and configuring postfix  [SOLVED]

Discussions about the usage of KeyHelp.
lmarcos
Posts: 78
Joined: Sun 26. Jan 2020, 12:55

Reinstalling and configuring postfix

Post by lmarcos »

Is there any way to reinstall and configure postfix from the control panel?
User avatar
Alexander
Keyweb AG
Posts: 3809
Joined: Wed 20. Jan 2016, 02:23

Re: Reinstalling and configuring postfix

Post by Alexander »

Hello,

there is no automatic solution for this - it has to be done manually.

In case you could explain in more detail what you have done / what has been misconfigured, probably you could be better helped to get Postfix working again etc.
Mit freundlichen Grüßen / Best regards
Alexander Mahr

**************************************************************
Keyweb AG - Die Hosting Marke
Neuwerkstr. 45/46, 99084 Erfurt / Germany
http://www.keyweb.de - http://www.keyhelp.de
**************************************************************
lmarcos
Posts: 78
Joined: Sun 26. Jan 2020, 12:55

Re: Reinstalling and configuring postfix

Post by lmarcos »

Well, trying to open the smtp port, I reinstalled postfix and after opening the smtp port in main.cf I was still getting errors when trying to send and receive emails. I could send from cli especifying the port, but not from rainloop or other servers (SSTLS error on smtp 587 and look up failure on smtp 25).

So I checked the main.cf file from another server with Keyhelp installed and copied part of the file, specifically, the dirs pointing to the keyhelp dirs. Then the msqlXXX files disappeared from the postfix dir.
lmarcos
Posts: 78
Joined: Sun 26. Jan 2020, 12:55

Re: Reinstalling and configuring postfix

Post by lmarcos »

Ok. It looks like postfix is up and running again, after purging and reconfiguring after installation.

Code: Select all

sudo apt-get purge postfix
apt-get install postfix 
dpkg-reconfigure postfix
If I run a test on https://www.wormly.com/test-smtp-server/host/ it goes ok.

But the problem with the disappeared msqlXXX files still remains. How can I regenerate them or find the keyhelp user password on the server?
These are the errors in the mail.err log
Jan 22 17:25:31 postfix/cleanup[6747]: error: unsupported dictionary type: mysql
Jan 22 17:25:31 postfix/cleanup[6747]: error: open /etc/postfix/header_checks: No such file or directory
And this is from mail.log
Jan 22 18:25:47 postfix/smtpd[13372]: connect from tools.wormly.com[172.104.20.135]
Jan 22 18:25:48 postfix/smtpd[13372]: 2A49D3DC: client=tools.wormly.com[172.104.20.135]
Jan 22 18:25:48 postfix/cleanup[13375]: 2A49D3DC: message-id=<a5eadcbb35f454411d513ef8e2a9a728@_>
Jan 22 18:25:48 postfix/qmgr[10329]: 2A49D3DC: from=<customers@wormly.com>, size=594, nrcpt=1 (queue active)
Jan 22 18:25:48 postfix/local[13376]: 2A49D3DC: to=<XXX>, relay=local, delay=0.77, delays=0.76/0.01/0/0, dsn=2.0.0, status=sent (delivered to mailbox)
Jan 22 18:25:48 postfix/qmgr[10329]: 2A49D3DC: removed
Jan 22 18:25:48 postfix/smtpd[13372]: disconnect from tools.wormly.com[172.104.20.135] ehlo=1 mail=1 rcpt=1 data=1 commands=4
Jan 22 18:27:31 postfix/smtpd[13468]: connect from cluster-a.mailcontrol.com[85.115.52.190]
Jan 22 18:27:31 postfix/smtpd[13468]: E93553DC: client=cluster-a.mailcontrol.com[85.115.52.190]
Jan 22 18:27:31 postfix/cleanup[13469]: E93553DC: message-id=<AM6PR03MB42298E46AF69337D80DCC2DDE25B9@AM6PR03MB4229.eurprd03.prod.outlook.com>
Jan 22 18:27:32 postfix/qmgr[10329]: E93553DC: from=<XXX>, size=23032, nrcpt=1 (queue active)
Jan 22 18:27:32 postfix/local[13471]: E93553DC: to=<XXX>, relay=local, delay=0.19, delays=0.17/0.01/0/0, dsn=2.0.0, status=sent (delivered to mailbox)
Jan 22 18:27:32 postfix/qmgr[10329]: E93553DC: removed
Jan 22 18:29:58 dovecot: imap(XXX): Disconnected for inactivity in=379 out=1522
Jan 22 18:29:58 dovecot: imap(XXX): Disconnected for inactivity in=860 out=2267
Jan 22 18:32:32 postfix/smtpd[13468]: timeout after END-OF-MESSAGE from cluster-a.mailcontrol.com[85.115.52.190]
Jan 22 18:32:37 postfix/smtpd[13468]: disconnect from cluster-a.mailcontrol.com[85.115.52.190] ehlo=2 starttls=1 mail=1 rcpt=1 data=1 commands=6
Jan 22 18:33:28 postfix/anvil[13269]: statistics: max connection rate 1/60s for (smtp:172.104.20.135) at Jan 22 18:23:28
Jan 22 18:33:28 postfix/anvil[13269]: statistics: max connection count 1 for (smtp:172.104.20.135) at Jan 22 18:23:28
Jan 22 18:33:28 postfix/anvil[13269]: statistics: max cache size 1 at Jan 22 18:23:28
Jan 22 18:43:37 dovecot: imap-login: Login: user=<xxx>, method=PLAIN, rip=31.4.137.111, lip=IP, mpid=14388, TLS, session=<eoNwRi/Wkr0fBIlv>
Jan 22 18:43:39 dovecot: imap-login: Login: user=<xxx>, method=PLAIN, rip=31.4.137.111, lip=IP, mpid=14390, TLS, session=<bsiWRi/Wk70fBIlv>
Jan 22 18:47:18 postfix/smtpd[14584]: connect from sonic306-20.consmr.mail.ir2.yahoo.com[77.238.176.206]
Jan 22 18:47:19 postfix/smtpd[14584]: NOQUEUE: reject: RCPT from sonic306-20.consmr.mail.ir2.yahoo.com[77.238.176.206]: 550 5.1.1 <YYY>: Recipient address rejected: User unknown in local recipient table; from=<xxx> to=<YYY> proto=ESMTP helo=<sonic306-20.consmr.mail.ir2.yahoo.com>
Jan 22 18:47:19 postfix/smtpd[14584]: disconnect from sonic306-20.consmr.mail.ir2.yahoo.com[77.238.176.206] ehlo=2 starttls=1 mail=1 rcpt=0/1 quit=1 commands=5/6
Will this and following from MLan help?
viewtopic.php?p=31703#p31703

By the way, the relayed message is not appearing on rainloop.
Last edited by lmarcos on Sat 22. Jan 2022, 20:22, edited 3 times in total.
User avatar
24unix
Posts: 1560
Joined: Sun 21. Jun 2020, 17:16
Location: Kollmar
Contact:

Re: Reinstalling and configuring postfix

Post by 24unix »

lmarcos wrote: Sat 22. Jan 2022, 18:46

Code: Select all

sudo apt-get purge postfix
apt-get install postfix 
dpkg-reconfigure postfix
Just a sidenote:

If you are root, you don't need to add sudo.

If you are not, apt-get install will fail …
mfg Micha
--
If Bill Gates had a nickel for every time Windows crashed …
… oh wait, he does.
lmarcos
Posts: 78
Joined: Sun 26. Jan 2020, 12:55

Re: Reinstalling and configuring postfix

Post by lmarcos »

24unix wrote: Sat 22. Jan 2022, 18:55
lmarcos wrote: Sat 22. Jan 2022, 18:46

Code: Select all

sudo apt-get purge postfix
apt-get install postfix 
dpkg-reconfigure postfix
Just a sidenote:

If you are root, you don't need to add sudo.

If you are not, apt-get install will fail …
I know.

By the way, main.cf mentions these folders

Code: Select all

alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
But none of these exist in my installation.
User avatar
24unix
Posts: 1560
Joined: Sun 21. Jun 2020, 17:16
Location: Kollmar
Contact:

Re: Reinstalling and configuring postfix

Post by 24unix »

lmarcos wrote: Sat 22. Jan 2022, 19:39
24unix wrote: Sat 22. Jan 2022, 18:55
lmarcos wrote: Sat 22. Jan 2022, 18:46

Code: Select all

sudo apt-get purge postfix
apt-get install postfix 
dpkg-reconfigure postfix
Just a sidenote:

If you are root, you don't need to add sudo.

If you are not, apt-get install will fail …
I know.

By the way, main.cf mentions these folders

Code: Select all

alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
But none of these exist in my installation.
/etc/aliases has to look like so:

Code: Select all

# --------------------------------------------------
#  This file is managed by KeyHelp.
#  If you want to change its content, please use
#  the corresponding configuration menu.
# --------------------------------------------------
hostmaster: root
postmaster: root
webmaster: root
abuse: root
root: me@mydomain.net
But don't modify them by hand, go to
Settings -> Configuration -> Miscellaneous -> Email Addresses of Server Domain

Add the technical ones from above and yourself as the forwarder.

/etc/mailname should contain your FQDN where you reverse DNS points to.
mfg Micha
--
If Bill Gates had a nickel for every time Windows crashed …
… oh wait, he does.
lmarcos
Posts: 78
Joined: Sun 26. Jan 2020, 12:55

Re: Reinstalling and configuring postfix

Post by lmarcos »

Thanks, but those folders do not exist right now, even though the aliases are configured in Keyhelp. And the regular users!
I guess those folders dissapeared at the same time the mysqlXXX files in etc/postfix I want to recreate without breaking anything else (like I did when I tried to reopen por 587, btw) :oops:

These are the missing files:
mysql-virtual-alias-maps.cf
mysql-virtual-mailbox-domains.cf
mysql-virtual-mailbox-maps.cf
lmarcos
Posts: 78
Joined: Sun 26. Jan 2020, 12:55

Re: Reinstalling and configuring postfix

Post by lmarcos »

By the way, this is the suggestion in the other post, but I don't know if it will help since I've used Google translate and it looks like the other user problem had another origin.
MLan wrote: Sat 30. Oct 2021, 17:40

Code: Select all

apt-get install postfix-mysql
könnte da weiterhelfen
User avatar
24unix
Posts: 1560
Joined: Sun 21. Jun 2020, 17:16
Location: Kollmar
Contact:

Re: Reinstalling and configuring postfix

Post by 24unix »

dpkg -l|grep postfix-mysql

Shows you, if you have it.

I guess you have, but managed to house your setup otherwise.

When you use Keyhelp, you don’t have to care about opening ports and so on.

Is it a live system? Else I would just bootstrap a fresh Debian Bullseye ans start from scratch.
mfg Micha
--
If Bill Gates had a nickel for every time Windows crashed …
… oh wait, he does.
lmarcos
Posts: 78
Joined: Sun 26. Jan 2020, 12:55

Re: Reinstalling and configuring postfix

Post by lmarcos »

24unix wrote: Sat 22. Jan 2022, 20:35 dpkg -l|grep postfix-mysql

Shows you, if you have it.
Well, I didn't have it, so I've installed it. It has gotten rid of the mail.err error, but it hasn't created the connection to the user table.
The files with the

Code: Select all

user = keyhelp
password = XXXXXX
hosts = 127.0.0.1
dbname = keyhelp
...
are still missing.

These are the messages on the mail log.
Jan 23 12:58:06 postfix/smtpd[32179]: connect from localhost[127.0.0.1]
Jan 23 12:58:06 postfix/smtpd[32179]: lost connection after CONNECT from localhost[127.0.0.1]
Jan 23 12:58:06 postfix/smtpd[32179]: disconnect from localhost[127.0.0.1] commands=0/0
Jan 23 12:58:06 dovecot: pop3-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=127.0.0.1, lip=127.0.0.1, TLS handshaking: SSL_accept() syscall failed: Success, session=<zNKqkD7W+tx/AAAB>
Jan 23 12:58:06 dovecot: imap-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=127.0.0.1, lip=127.0.0.1, TLS handshaking: SSL_accept() syscall failed: Success, session=<w9aqkD7WsoN/AAAB>
Jan 23 13:08:29 postfix/smtpd[887]: connect from sonic312-25.consmr.mail.ir2.yahoo.com[77.238.178.96]
Jan 23 13:08:30 postfix/smtpd[887]: NOQUEUE: reject: RCPT from sonic312-25.consmr.mail.ir2.yahoo.com[77.238.178.96]: 550 5.1.1 <info@XXX>: Recipient address rejected: User unknown in local recipient table; from=<XXX> to=<info@XXX> proto=ESMTP helo=<sonic312-25.consmr.mail.ir2.yahoo.com>
Jan 23 13:08:30 postfix/smtpd[887]: disconnect from sonic312-25.consmr.mail.ir2.yahoo.com[77.238.178.96] ehlo=2 starttls=1 mail=1 rcpt=0/1 quit=1 commands=5/6
24unix wrote: Sat 22. Jan 2022, 20:35Is it a live system? Else I would just bootstrap a fresh Debian Bullseye ans start from scratch.
Live system with Nextcloud, Dolibrarr and Prestashop installed, the first two on their own subdomains. Everytime one of them updates, I get the shudders.

By the way, thanks for your help :)
User avatar
24unix
Posts: 1560
Joined: Sun 21. Jun 2020, 17:16
Location: Kollmar
Contact:

Re: Reinstalling and configuring postfix

Post by 24unix »

lmarcos wrote: Sun 23. Jan 2022, 13:14 By the way, thanks for your help :)
You're welcome.

Does /etc/keyhelp/config/config.json exists?
mfg Micha
--
If Bill Gates had a nickel for every time Windows crashed …
… oh wait, he does.
lmarcos
Posts: 78
Joined: Sun 26. Jan 2020, 12:55

Re: Reinstalling and configuring postfix

Post by lmarcos »

24unix wrote: Sun 23. Jan 2022, 13:21Does /etc/keyhelp/config/config.json exists?
Yes, it does exist, and it has the password for keyhelp DB :D

But I've seen the virtual host files and lines in main.cf are missing as well. :o I suppose it's related to the previous error.

Do I follow the instructions here https://docs.slackware.com/howtos:netwo ... ql:postfix ?
User avatar
Alexander
Keyweb AG
Posts: 3809
Joined: Wed 20. Jan 2016, 02:23

Re: Reinstalling and configuring postfix

Post by Alexander »

Hello,

Do you still have the /var/log/keyhelp/install.log? Please open it and look for this:

Code: Select all

================================================================================
  Postfix
================================================================================
Below you will see all commands / actions, which were performed during KeyHelp installation for installing Postfix.

Lines which are labeled with "exec" are CLI commands, which just needs to be executed (Some strings are hidden "***NAME_OF_THE_HIDDEN_PROPERTY***" and may have to be replaced).

Lines below "exec" are the outputs of the performed command.

Lines starting with "files" are file operations. The first path ist the source template file, second path is the destination.

Prepend /home/keyhelp/www/keyhelp/install/templates/to get the full path to the source template file.
For example: "/home/keyhelp/www/keyhelp/install/templates/postfix/mysql-virtual-mailbox-domains.cf"

Copy this file to the specified location and replace the placeholders like "##PLACEHOLDER_NAME##".
The database credentials can be found in /etc/keyhelp/config/config.json

--

Be aware, the main.cf.twig is a Twig template file, which contains directives, which only make sense in a Twig environment.
Twig directives starting with "{%" or "{{" should be ignored.
It may be better to compare this file with your current main.cf and make only selective changes instead of overwriting the whole file.
Mit freundlichen Grüßen / Best regards
Alexander Mahr

**************************************************************
Keyweb AG - Die Hosting Marke
Neuwerkstr. 45/46, 99084 Erfurt / Germany
http://www.keyweb.de - http://www.keyhelp.de
**************************************************************
lmarcos
Posts: 78
Joined: Sun 26. Jan 2020, 12:55

Re: Reinstalling and configuring postfix

Post by lmarcos »

Yes, I have the file. And these are the exec and files lines from the log. If I understood you, I should start with the files section and go ahead from there, right? Do I need to run the first command or apt-get install postfix-policyd-spf-python? There's no folder for the postfix-policyd-spf-python.

Code: Select all

  exec  | /usr/share/debconf/fix_db.pl
  exec  | echo "postfix postfix/mailname string ***HOSTNAME***" | sudo debconf-set-selections
  exec  | echo "postfix postfix/main_mailer_type string 'Internet Site'" | sudo debconf-set-selections
  exec  | DEBIAN_FRONTEND=noninteractive apt-get install -y postfix postfix-mysql postfix-policyd-spf-python
 exec  | DEBIAN_FRONTEND=dialog

  files | postfix/main.cf => /etc/postfix/main.cf
  files | postfix/master.cf => /etc/postfix/master.cf
  files | postfix/header_checks => /etc/postfix/header_checks
  files | postfix/mysql-virtual-mailbox-domains.cf => /etc/postfix/mysql-virtual-mailbox-domains.cf
  files | postfix/mysql-virtual-mailbox-maps.cf => /etc/postfix/mysql-virtual-mailbox-maps.cf
  files | postfix/mysql-virtual-alias-maps.cf => /etc/postfix/mysql-virtual-alias-maps.cf

  exec  | echo "***HOSTNAME***" > /etc/mailname
  exec  | openssl dhparam -out /etc/postfix/dh512.pem 512
  exec  | openssl dhparam -out /etc/postfix/dh1024.pem 1024
  exec  | openssl dhparam -out /etc/postfix/dh2048.pem 2048
  exec  | chmod 0600 /etc/postfix/mysql-virtual-mailbox-domains.cf
  exec  | chmod 0600 /etc/postfix/mysql-virtual-mailbox-maps.cf
  exec  | chmod 0600 /etc/postfix/mysql-virtual-alias-maps.cf
  exec  | service postfix restart
Changes to main.cf would be
Uncommenting #myorigin = /etc/mailname
Changing this? readme_directory = /usr/share/doc/postfix to no
Removing smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
&
Adding (in the parts in red, removing whatever starts with "{%" or "{{ or removing those parts altogether?)
# Max mail size in byte
message_size_limit = 36700160

# TLS parameters
smtpd_use_tls = yes
smtpd_tls_auth_only = yes

smtpd_tls_cert_file = /etc/ssl/keyhelp/mail.pem
smtpd_tls_key_file = /etc/ssl/keyhelp/mail.pem
smtpd_tls_CAfile = /etc/ssl/keyhelp/mail-ca.crt
smtp_tls_CApath = /etc/ssl/certs
smtpd_tls_CApath = /etc/ssl/certs

smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache

smtp_tls_mandatory_protocols = !SSLv2 !SSLv3 {% for protocol in _sys.tls.protocol.postfix.disabled %}!{{ protocol }} {% endfor ~%}
smtpd_tls_mandatory_protocols = !SSLv2 !SSLv3 {% for protocol in _sys.tls.protocol.postfix.disabled %}!{{ protocol }} {% endfor ~%}
smtp_tls_protocols = !SSLv2 !SSLv3 {% for protocol in _sys.tls.protocol.postfix.disabled %}!{{ protocol }} {% endfor ~%}
smtpd_tls_protocols = !SSLv2 !SSLv3 {% for protocol in _sys.tls.protocol.postfix.disabled %}!{{ protocol }} {% endfor ~%}


smtp_tls_security_level = may
smtpd_tls_security_level = may

# TLS cypher for PFS
smtp_tls_mandatory_ciphers = high
smtpd_tls_mandatory_ciphers = high

# medium for now, otherwise breakes with older SMTP
smtp_tls_ciphers = medium
smtpd_tls_ciphers = medium

smtpd_tls_dh512_param_file = /etc/postfix/dh512.pem
smtpd_tls_dh1024_param_file = /etc/postfix/dh2048.pem

smtpd_tls_exclude_ciphers = RC4, 3DES, aNULL
smtp_tls_exclude_ciphers = RC4, 3DES, aNULL
smtpd_tls_eecdh_grade = ultra
tls_eecdh_strong_curve = prime256v1
tls_eecdh_ultra_curve = secp384r1

{% if _sys.tls.ciphers %}
tls_medium_cipherlist = {{ _sys.tls.ciphers }}
{% endif %}
tls_preempt_cipherlist = {{ _sys.tls.protocol.postfix.minimum == 'TLSv1' ? 'yes' : 'no' }}


# Dovecot Settings for deliver, SASL Auth and virtual transport
# uncomment those line to use Dovecot
mailbox_command = /usr/lib/dovecot/deliver

#dovecot_destination_recipient_limit = 1
#transport_maps = hash:/etc/postfix/transport
mailbox_transport = dovecot

smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth

# Handing off local delivery to Dovecot's LMTP, and telling it where to store mail
virtual_transport = lmtp:unix:private/dovecot-lmtp
#virtual_transport = dovecot

# Virtual domains, users, and aliases
virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf
virtual_alias_maps = mysql:/etc/postfix/mysql-virtual-alias-maps.cf

# Spam filter
content_filter = amavis:127.0.0.1:10024

# Concerning the peer
smtpd_soft_error_limit = 5
smtpd_error_sleep_time = 10s

smtpd_helo_required = yes

smtpd_client_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_multi_recipient_bounce,
reject_unauth_destination

smtpd_helo_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
# check_helo_access regexp:/etc/postfix/helo_access,
reject_invalid_hostname,
reject_non_fqdn_hostname

# Concerning the envelope
smtpd_sender_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_non_fqdn_sender,
reject_unauth_destination,
reject_unknown_sender_domain,
reject_unknown_client,
reject_non_fqdn_hostname

smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination,
reject_unauth_pipelining,
reject_non_fqdn_recipient,
check_policy_service unix:private/policy

smtpd_recipient_limit = 50
smtpd_recipient_overshoot_limit = 50

# Header checks
header_checks = regexp:/etc/postfix/header_checks

# Mail filters (OpenDKIM)
milter_protocol = 6
milter_default_action = accept
smtpd_milters = inet:127.0.0.1:12345
non_smtpd_milters = inet:127.0.0.1:12345
Post Reply