Hi all, I'm setting up a CentOS box with the next mailserver combination: Postfix+Amavisd-new+ClamAV+Spamassassin
An encrypted communications are a requisite, so I've already configured IMAP+SSL (port 993) and SMTP+SSL (port 465). The system works well if I've amavisd-new deactived: Jul 28 13:16:58 mail postfix/smtpd[20202]: initializing the server-side TLS engine Jul 28 13:16:58 mail postfix/smtpd[20202]: connect from 221.Red-88-11-247.dynamicIP.rima-tde.net[88.11.247.221] Jul 28 13:16:58 mail postfix/smtpd[20202]: setting up TLS connection from 221.Red-88-11-247.dynamicIP.rima-tde.net[88.11.247. 221] Jul 28 13:16:58 mail postfix/smtpd[20202]: SSL_accept:before/accept initialization Jul 28 13:16:58 mail postfix/smtpd[20202]: SSL_accept:error in SSLv2/v3 read client hello A Jul 28 13:16:58 mail postfix/smtpd[20202]: SSL_accept:error in SSLv3 read client hello B Jul 28 13:16:58 mail postfix/smtpd[20202]: SSL_accept:error in SSLv3 read client hello B Jul 28 13:16:58 mail postfix/smtpd[20202]: SSL_accept:SSLv3 read client hello B Jul 28 13:16:58 mail postfix/smtpd[20202]: SSL_accept:SSLv3 write server hello A Jul 28 13:16:58 mail postfix/smtpd[20202]: SSL_accept:SSLv3 write certificate A Jul 28 13:16:58 mail postfix/smtpd[20202]: SSL_accept:SSLv3 write key exchange A Jul 28 13:16:58 mail postfix/smtpd[20202]: SSL_accept:SSLv3 write server done A Jul 28 13:16:58 mail postfix/smtpd[20202]: SSL_accept:SSLv3 flush data Jul 28 13:16:58 mail postfix/smtpd[20202]: SSL_accept:error in SSLv3 read client certificate A Jul 28 13:16:58 mail postfix/smtpd[20202]: SSL_accept:error in SSLv3 read client certificate A Jul 28 13:16:58 mail postfix/smtpd[20202]: SSL_accept:SSLv3 read client key exchange A Jul 28 13:16:58 mail postfix/smtpd[20202]: SSL_accept:error in SSLv3 read certificate verify A Jul 28 13:16:58 mail last message repeated 3 times Jul 28 13:16:58 mail postfix/smtpd[20202]: SSL_accept:SSLv3 read finished A Jul 28 13:16:58 mail postfix/smtpd[20202]: SSL_accept:SSLv3 write change cipher spec A Jul 28 13:16:58 mail postfix/smtpd[20202]: SSL_accept:SSLv3 write finished A Jul 28 13:16:58 mail postfix/smtpd[20202]: SSL_accept:SSLv3 flush data Jul 28 13:16:58 mail postfix/smtpd[20202]: TLS connection established from 221.Red-88-11-247.dynamicIP.rima-tde.net[88.11.247 .221]: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits) Jul 28 13:16:58 mail dovecot: auth(default): client in: AUTH 1 PLAIN service=smtp resp=<hidden> Jul 28 13:16:58 mail dovecot: auth-worker(default): mysql: Connected to localhost (openvispadmin) Jul 28 13:16:58 mail dovecot: auth-worker(default): sql([EMAIL PROTECTED]): query: SELECT password FROM mailbox WHERE username = '[EMAIL PROTECTED]' Jul 28 13:16:58 mail dovecot: auth(default): client out: OK 1 [EMAIL PROTECTED] Jul 28 13:16:58 mail postfix/smtpd[20202]: E5A01D50274: client=221.Red-88-11-247.dynamicIP.rima-tde.net[88.11.247.221], sasl_ method=PLAIN, [EMAIL PROTECTED] Jul 28 13:16:59 mail postfix/cleanup[20211]: E5A01D50274: message-id=<[EMAIL PROTECTED]> Jul 28 13:16:59 mail postfix/qmgr[20200]: E5A01D50274: from=<[EMAIL PROTECTED]>, size=705, nrcpt=1 (queue active) Jul 28 13:16:59 mail postfix/smtpd[20202]: disconnect from 221.Red-88-11-247.dynamicIP.rima-tde.net[88.11.247.221] Jul 28 13:17:03 mail postfix/smtp[20213]: E5A01D50274: to=<[EMAIL PROTECTED]>, relay=gmail-smtp-in.l.google.com[66.249.91.27 ]:25, delay=4.5, delays=0.4/0.01/0.72/3.4, dsn=2.0.0, status=sent (250 2.0.0 OK 1185621423 c22si1389232ika) Jul 28 13:17:03 mail postfix/qmgr[20200]: E5A01D50274: removed But, If I active amavisd-new service: Jul 28 13:19:17 mail postfix/smtpd[20280]: TLS connection established from 221.Red-88-11-247.dynamicIP.rima-tde.net[88.11.247 .221]: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits) Jul 28 13:19:17 mail dovecot: auth(default): client in: AUTH 1 PLAIN service=smtp resp=<hidden> Jul 28 13:19:17 mail dovecot: auth-worker(default): sql([EMAIL PROTECTED]): query: SELECT password FROM mailbox WHERE username = '[EMAIL PROTECTED]' Jul 28 13:19:17 mail dovecot: auth(default): client out: OK 1 [EMAIL PROTECTED] Jul 28 13:19:17 mail postfix/smtpd[20280]: DDF9FD50274: client=221.Red-88-11-247.dynamicIP.rima-tde.net[88.11.247.221], sasl_ method=PLAIN, [EMAIL PROTECTED] Jul 28 13:19:18 mail postfix/cleanup[20286]: DDF9FD50274: message-id=<[EMAIL PROTECTED]> Jul 28 13:19:18 mail postfix/qmgr[20200]: DDF9FD50274: from=<[EMAIL PROTECTED]>, size=707, nrcpt=1 (queue active) Jul 28 13:19:18 mail postfix/smtpd[20280]: disconnect from 221.Red-88-11-247.dynamicIP.rima-tde.net[88.11.247.221] Jul 28 13:19:18 mail postfix/smtpd[20291]: initializing the server-side TLS engine Jul 28 13:19:18 mail postfix/smtpd[20291]: connect from tartarus[127.0.0.1] Jul 28 13:19:18 mail amavis[20277]: (20277-01) Negative SMTP resp to DATA: 530 5.7.0 Must issue a STARTTLS command first Jul 28 13:19:18 mail amavis[20277]: (20277-01) Negative SMTP resp. to QUIT: 530 5.7.0 Must issue a STARTTLS command first Jul 28 13:19:18 mail amavis[20277]: (20277-01) (!)FWD via SMTP: <[EMAIL PROTECTED]> -> <[EMAIL PROTECTED]>,BODY=7BIT 530 5.6.0 Failed, id=20277-01, from MTA([127.0.0.1]:10025): 530 5.7.0 Must issue a STARTTLS command first Jul 28 13:19:18 mail postfix/smtpd[20292]: initializing the server-side TLS engine Jul 28 13:19:18 mail postfix/smtpd[20291]: disconnect from tartarus[127.0.0.1] Jul 28 13:19:18 mail postfix/smtpd[20291]: connect from tartarus[127.0.0.1] Jul 28 13:19:18 mail amavis[20277]: (20277-01) Negative SMTP resp to DATA: 530 5.7.0 Must issue a STARTTLS command first Jul 28 13:19:18 mail amavis[20277]: (20277-01) Negative SMTP resp. to QUIT: 530 5.7.0 Must issue a STARTTLS command first Jul 28 13:19:18 mail amavis[20277]: (20277-01) (!)SEND via SMTP: <> -> <[EMAIL PROTECTED]>,ENVID=AM..20070728T111918Z@ tartarus.opengea.org 530 5.6.0 Failed, id=20277-01, from MTA([127.0.0.1]:10025): 530 5.7.0 Must issue a STARTTLS command firs t Jul 28 13:19:18 mail amavis[20277]: (20277-01) (!)NOTICE: UNABLE TO SEND DSN to <[EMAIL PROTECTED]>: 530 5.7.0 Must is sue a STARTTLS command first Jul 28 13:19:18 mail amavis[20277]: (20277-01) Blocked MTA-BLOCKED, [88.11.247.221] [88.11.247.221] <[EMAIL PROTECTED] > -> <[EMAIL PROTECTED]>, Message-ID: <[EMAIL PROTECTED]>, mail_id: UJKjc5b0FyX3, Hits: 1.571, size: 707, 497 ms Jul 28 13:19:18 mail postfix/smtpd[20291]: disconnect from tartarus[127.0.0.1] Jul 28 13:19:18 mail postfix/smtp[20288]: DDF9FD50274: to=<[EMAIL PROTECTED]>, relay=127.0.0.1[127.0.0.1]:10024, delay=0.91, delays=0.4/0.01/0.01/0.49, dsn=5.7.0, status=bounced (host 127.0.0.1[127.0.0.1] said: 530 5.7.0 Must issue a STARTTLS comman d first (in reply to end of DATA command)) Jul 28 13:19:18 mail postfix/cleanup[20286]: AF8CAD50276: message-id=<[EMAIL PROTECTED]> Jul 28 13:19:18 mail postfix/qmgr[20200]: AF8CAD50276: from=<>, size=2533, nrcpt=1 (queue active) Jul 28 13:19:18 mail postfix/bounce[20294]: DDF9FD50274: sender non-delivery notification: AF8CAD50276 The MTA shows the next delivery error: This is the mail system at host mail. I'm sorry to have to inform you that your message could not be delivered to one or more recipients. It's attached below. For further assistance, please send mail to <postmaster> If you do so, please include this problem report. You can delete your own text from the attached returned message. The mail system <[EMAIL PROTECTED]>: host 127.0.0.1[127.0.0.1] said: 530 5.7.0 Must issue a STARTTLS command first (in reply to end of DATA command) Reporting-MTA: dns; mail X-Intergrid-MailServer-Queue-ID: DDF9FD50274 X-Intergrid-MailServer-Sender: rfc822; [EMAIL PROTECTED] Arrival-Date: Sat, 28 Jul 2007 13:19:17 +0200 (CEST) Final-Recipient: rfc822; [EMAIL PROTECTED] Original-Recipient: rfc822;[EMAIL PROTECTED] Action: failed Status: 5.7.0 Remote-MTA: dns; 127.0.0.1 Diagnostic-Code: smtp; 530 5.7.0 Must issue a STARTTLS command first ¿Any clue? I've tried several options and I'm sure the problem is focused in amavisd-new, so the system works well (as you can se above) if I deactivate it. ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/