On Sat, Nov 22, 2025 at 03:16:21PM +0000, Smith via Postfix-users wrote:
> So for the cloud provider, I just replaced `internal.server` since the
> user account got migrated over retaining the same password.
>
> I get this obscure message:
>
> smtpd[129133]: warning: connect to pgsql server
> postgres://....(REMOVED FOR BREVITY)...: local user with ID 109 does
> not exist?
If the syntax of the URI is correct as documented in:
<https://www.postgresql.org/docs/current/libpq-connect.html#LIBPQ-CONNSTRING-URIS>
specifying the right user name and password, then it is indeed
surprising that libpq still wants to map the smtpd process uid to a
login name, perhaps that's some sort of fallback behaviour when the
server rejects the login?
Make sure that psql works with essentially the same URI:
psql "postgresql://$user@$host:5433/$db?sslmode=require"
(I expect it would prompt for the password). Then once that works, try
again while running with real and effective uid "109" (perhaps that's
the "postfix" user on your system). And if that still works, perhaps
your smtpd(8) is chrooted, try changing master.cf(5) to disable chroot.
> So I thought ok, maybe I will try the full-fat version, changing
> "ssl=require" (which works on manual tests) to
> "ssl=verify-full&sslrootcert=cert.pem" (the "cert.pem" being colocated
> in the postfix config directory, but I tried full-path too).
The SSL settings are likely secondary, you need to get logins working
whether or not the login is vulnerable to password compromise via packet
captures.
--
Viktor. 🇺🇦 Слава Україні!
_______________________________________________
Postfix-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
