Reinstalling and configuring postfix  [SOLVED]

For questions about the usage of KeyHelp and the configuration of it services.
lmarcos
Posts: 67
Joined: Sun 26. Jan 2020, 12:55

Re: Reinstalling and configuring postfix

Post by lmarcos »

Mmm, the parts in red, from another server, might be as follows, am I right?
smtp_tls_mandatory_protocols = !SSLv2 !SSLv3 !TLSv1 !TLSv1.1
smtpd_tls_mandatory_protocols = !SSLv2 !SSLv3 !TLSv1 !TLSv1.1
smtp_tls_protocols = !SSLv2 !SSLv3 !TLSv1 !TLSv1.1
smtpd_tls_protocols = !SSLv2 !SSLv3 !TLSv1 !TLSv1.1

tls_medium_cipherlist = ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
tls_preempt_cipherlist = no
User avatar
Alexander
Keyweb AG
Posts: 2606
Joined: Wed 20. Jan 2016, 02:23

Re: Reinstalling and configuring postfix

Post by Alexander »

lmarcos wrote: Mon 24. Jan 2022, 21:19 Mmm, the parts in red, from another server, might be as follows, am I right?
smtp_tls_mandatory_protocols = !SSLv2 !SSLv3 !TLSv1 !TLSv1.1
smtpd_tls_mandatory_protocols = !SSLv2 !SSLv3 !TLSv1 !TLSv1.1
smtp_tls_protocols = !SSLv2 !SSLv3 !TLSv1 !TLSv1.1
smtpd_tls_protocols = !SSLv2 !SSLv3 !TLSv1 !TLSv1.1

tls_medium_cipherlist = ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
tls_preempt_cipherlist = no
Yes - these are the default values, they will work.

If I understood you, I should start with the files section and go ahead from there, right?
Yes, as you already have postfix running again, not all commands are not needed. But they will not harm if they will be performed twice.

Do I need to run the first command or apt-get install postfix-policyd-spf-python?
Perform "apt-get install postfix-policyd-spf-python"

Changes to main.cf would be
Uncommenting #myorigin = /etc/mailname
Changing this? readme_directory = /usr/share/doc/postfix to no
Removing smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
Use the /home/keyhelp/www/keyhelp/install/templates/postfix/main.cf.twig as a base. Every directive from the template should also be found in the "real" main.cf. Every additional directive from the /etc/postfix/main.cf, which cannot be found in template should be removed. Comment/uncomment lines as they were in the template.
Mit freundlichen Grüßen / Best regards
Alexander Mahr

**************************************************************
Keyweb AG - Die Hosting Marke
Neuwerkstr. 45/46, 99084 Erfurt / Germany
http://www.keyweb.de - http://www.keyhelp.de
**************************************************************
lmarcos
Posts: 67
Joined: Sun 26. Jan 2020, 12:55

Re: Reinstalling and configuring postfix

Post by lmarcos »

And don't forget to restart dovecot :oops: One hour lost before realizing.

Anyway, I have another problem now. And that is that the emails are stuck in the queue, with this message
delivery temporarily suspended: connect to 127.0.0.1[127.0.0.1]:10024: Connection refused
Last edited by lmarcos on Tue 25. Jan 2022, 18:38, edited 2 times in total.
User avatar
24unix
Posts: 507
Joined: Sun 21. Jun 2020, 17:16
Location: Kollmar
Contact:

Re: Reinstalling and configuring postfix

Post by 24unix »

lmarcos wrote: Tue 25. Jan 2022, 18:24 And don't forget to restart dovecot :oops: One hour lost before realizing.

Anyway, I have another problem now. And that is that the emails are stuck in the queue, with this message
delivery temporarily suspended: connect to 127.0.0.1[127.0.0.1]:10024: Connection refused

Code: Select all

 # netstat -luntep|grep 10024
tcp        0      0 127.0.0.1:10024         0.0.0.0:*               LISTEN      118        14705      505/amavisd-new (ma
tcp6       0      0 ::1:10024               :::*                    LISTEN      118        14706      505/amavisd-new (ma

Check that Amavis is running:

Code: Select all

systemctl status amavis
Use secondary nameservers with Keyhelp: https://24unix.net/projects/bindAPI
Supports DynDNS, documentation will be updated soon.

Are you looking for a PHP coder?
Or maybe a UNIX/Linux admin? I'm available for hire.
lmarcos
Posts: 67
Joined: Sun 26. Jan 2020, 12:55

Re: Reinstalling and configuring postfix

Post by lmarcos »

I restarted first amavis and then the server. But still

# netstat -luntep|grep 10024

returns nothing.
User avatar
24unix
Posts: 507
Joined: Sun 21. Jun 2020, 17:16
Location: Kollmar
Contact:

Re: Reinstalling and configuring postfix

Post by 24unix »

What gives

Code: Select all

systemctl status amavis
If it's running, try

Code: Select all

netstat -luntep|grep amavisd
Use secondary nameservers with Keyhelp: https://24unix.net/projects/bindAPI
Supports DynDNS, documentation will be updated soon.

Are you looking for a PHP coder?
Or maybe a UNIX/Linux admin? I'm available for hire.
lmarcos
Posts: 67
Joined: Sun 26. Jan 2020, 12:55

Re: Reinstalling and configuring postfix

Post by lmarcos »

24unix wrote: Tue 25. Jan 2022, 18:49 What gives

Code: Select all

systemctl status amavis
If it's running, try

Code: Select all

netstat -luntep|grep amavisd
amavis.service - LSB: Starts amavisd-new mailfilter
Loaded: loaded (/etc/init.d/amavis; generated)
Active: active (exited) since Tue 2022-01-25 18:35:19 CET; 17min ago
Docs: man:systemd-sysv-generator(8)
Process: 1161 ExecStart=/etc/init.d/amavis start (code=exited, status=0/SUCCESS)

Jan 25 18:35:15 systemd[1]: Starting LSB: Starts amavisd-new mailfilter...
Jan 25 18:35:15 amavis[1161]: Starting amavisd: changed ownership of '/var/run/amavis' fr
Jan 25 18:35:18 amavis[1314]: starting. /usr/sbin/amavisd-new at ama
Jan 25 18:35:19 amavis[2009]: (!)Net::Server: 2022/01/25-18:35:19 Can't connect to UNIX s
Jan 25 18:35:19 amavis[1161]: amavisd-new.
Jan 25 18:35:19 systemd[1]: Started LSB: Starts amavisd-new mailfilter.

Code: Select all

netstat -luntep|grep amavisd
Returns nothing.

The socket message was Can't connect to UNIX socket at file /var/lib/amavis and something else
User avatar
24unix
Posts: 507
Joined: Sun 21. Jun 2020, 17:16
Location: Kollmar
Contact:

Re: Reinstalling and configuring postfix

Post by 24unix »

Try to find error messages from amavis.
Use secondary nameservers with Keyhelp: https://24unix.net/projects/bindAPI
Supports DynDNS, documentation will be updated soon.

Are you looking for a PHP coder?
Or maybe a UNIX/Linux admin? I'm available for hire.
lmarcos
Posts: 67
Joined: Sun 26. Jan 2020, 12:55

Re: Reinstalling and configuring postfix

Post by lmarcos »

I can't find any in the mail logs. The only one is the one when running the systemctl status
starting. /usr/sbin/amavisd-new at hostname amavisd-new-2.11.0 (20160426), Unicode aware, LC_ALL="C", LANG="
Jan 25 19:17:27 hostname amavis[6072]: (!)Net::Server: 2022/01/25-19:17:27 Can't connect to UNIX socket at file /var/lib/amavis/amavisd.sock [Permission denied
Jan 25 19:17:27 hostname amavis[6035]:
Looks like the owner of the file is root.
User avatar
24unix
Posts: 507
Joined: Sun 21. Jun 2020, 17:16
Location: Kollmar
Contact:

Re: Reinstalling and configuring postfix

Post by 24unix »

Code: Select all

# ll /var/lib/amavis/amavisd.sock
srwxr-x--- amavis amavis 0 B Thu Jan 13 15:26:54 2022   amavisd.sock
Try:

Code: Select all

chown -R amavis:amavis /var/lib/amavis
Use secondary nameservers with Keyhelp: https://24unix.net/projects/bindAPI
Supports DynDNS, documentation will be updated soon.

Are you looking for a PHP coder?
Or maybe a UNIX/Linux admin? I'm available for hire.
lmarcos
Posts: 67
Joined: Sun 26. Jan 2020, 12:55

Re: Reinstalling and configuring postfix  [SOLVED]

Post by lmarcos »

That finally made it!!

Emails are coming in and out.

Thanks very much, 24unix and Alexander!
Post Reply