Page 2 of 2
Re: Reinstalling and configuring postfix
Posted: Mon 24. Jan 2022, 21:19
by lmarcos
Mmm, the parts in red, from another server, might be as follows, am I right?
smtp_tls_mandatory_protocols = !SSLv2 !SSLv3 !TLSv1 !TLSv1.1
smtpd_tls_mandatory_protocols = !SSLv2 !SSLv3 !TLSv1 !TLSv1.1
smtp_tls_protocols = !SSLv2 !SSLv3 !TLSv1 !TLSv1.1
smtpd_tls_protocols = !SSLv2 !SSLv3 !TLSv1 !TLSv1.1
tls_medium_cipherlist = ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
tls_preempt_cipherlist = no
Re: Reinstalling and configuring postfix
Posted: Tue 25. Jan 2022, 08:48
by Alexander
lmarcos wrote: ↑Mon 24. Jan 2022, 21:19
Mmm, the parts in red, from another server, might be as follows, am I right?
smtp_tls_mandatory_protocols = !SSLv2 !SSLv3 !TLSv1 !TLSv1.1
smtpd_tls_mandatory_protocols = !SSLv2 !SSLv3 !TLSv1 !TLSv1.1
smtp_tls_protocols = !SSLv2 !SSLv3 !TLSv1 !TLSv1.1
smtpd_tls_protocols = !SSLv2 !SSLv3 !TLSv1 !TLSv1.1
tls_medium_cipherlist = ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
tls_preempt_cipherlist = no
Yes - these are the default values, they will work.
If I understood you, I should start with the files section and go ahead from there, right?
Yes, as you already have postfix running again, not all commands are not needed. But they will not harm if they will be performed twice.
Do I need to run the first command or apt-get install postfix-policyd-spf-python?
Perform "apt-get install postfix-policyd-spf-python"
Changes to main.cf would be
Uncommenting #myorigin = /etc/mailname
Changing this? readme_directory = /usr/share/doc/postfix to no
Removing smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
Use the /home/keyhelp/www/keyhelp/install/templates/postfix/main.cf.twig as a base. Every directive from the template should also be found in the "real" main.cf. Every additional directive from the /etc/postfix/main.cf, which cannot be found in template should be removed. Comment/uncomment lines as they were in the template.
Re: Reinstalling and configuring postfix
Posted: Tue 25. Jan 2022, 18:24
by lmarcos
And don't forget to restart dovecot
One hour lost before realizing.
Anyway, I have another problem now. And that is that the emails are stuck in the queue, with this message
delivery temporarily suspended: connect to 127.0.0.1[127.0.0.1]
Connection refused
Re: Reinstalling and configuring postfix
Posted: Tue 25. Jan 2022, 18:35
by 24unix
lmarcos wrote: ↑Tue 25. Jan 2022, 18:24
And don't forget to restart dovecot
One hour lost before realizing.
Anyway, I have another problem now. And that is that the emails are stuck in the queue, with this message
delivery temporarily suspended: connect to 127.0.0.1[127.0.0.1]
Connection refused
Code: Select all
# netstat -luntep|grep 10024
tcp 0 0 127.0.0.1:10024 0.0.0.0:* LISTEN 118 14705 505/amavisd-new (ma
tcp6 0 0 ::1:10024 :::* LISTEN 118 14706 505/amavisd-new (ma
Check that Amavis is running:
Re: Reinstalling and configuring postfix
Posted: Tue 25. Jan 2022, 18:41
by lmarcos
I restarted first amavis and then the server. But still
# netstat -luntep|grep 10024
returns nothing.
Re: Reinstalling and configuring postfix
Posted: Tue 25. Jan 2022, 18:49
by 24unix
What gives
If it's running, try
Re: Reinstalling and configuring postfix
Posted: Tue 25. Jan 2022, 18:53
by lmarcos
24unix wrote: ↑Tue 25. Jan 2022, 18:49
What gives
If it's running, try
amavis.service - LSB: Starts amavisd-new mailfilter
Loaded: loaded (/etc/init.d/amavis; generated)
Active: active (exited) since Tue 2022-01-25 18:35:19 CET; 17min ago
Docs: man:systemd-sysv-generator(8)
Process: 1161 ExecStart=/etc/init.d/amavis start (code=exited, status=0/SUCCESS)
Jan 25 18:35:15 systemd[1]: Starting LSB: Starts amavisd-new mailfilter...
Jan 25 18:35:15 amavis[1161]: Starting amavisd: changed ownership of '/var/run/amavis' fr
Jan 25 18:35:18 amavis[1314]: starting. /usr/sbin/amavisd-new at ama
Jan 25 18:35:19 amavis[2009]: (!)Net::Server: 2022/01/25-18:35:19 Can't connect to UNIX s
Jan 25 18:35:19 amavis[1161]: amavisd-new.
Jan 25 18:35:19 systemd[1]: Started LSB: Starts amavisd-new mailfilter.
Returns nothing.
The socket message was Can't connect to UNIX socket at file /var/lib/amavis and something else
Re: Reinstalling and configuring postfix
Posted: Tue 25. Jan 2022, 19:00
by 24unix
Try to find error messages from amavis.
Re: Reinstalling and configuring postfix
Posted: Tue 25. Jan 2022, 19:18
by lmarcos
I can't find any in the mail logs. The only one is the one when running the systemctl status
starting. /usr/sbin/amavisd-new at hostname amavisd-new-2.11.0 (20160426), Unicode aware, LC_ALL="C", LANG="
Jan 25 19:17:27 hostname amavis[6072]: (!)Net::Server: 2022/01/25-19:17:27 Can't connect to UNIX socket at file /var/lib/amavis/amavisd.sock [Permission denied
Jan 25 19:17:27 hostname amavis[6035]:
Looks like the owner of the file is root.
Re: Reinstalling and configuring postfix
Posted: Tue 25. Jan 2022, 19:33
by 24unix
Code: Select all
# ll /var/lib/amavis/amavisd.sock
srwxr-x--- amavis amavis 0 B Thu Jan 13 15:26:54 2022 amavisd.sock
Try:
Code: Select all
chown -R amavis:amavis /var/lib/amavis
Re: Reinstalling and configuring postfix [SOLVED]
Posted: Wed 26. Jan 2022, 08:02
by lmarcos
That finally made it!!
Emails are coming in and out.
Thanks very much, 24unix and Alexander!