Indeed, it was running chrooted but resolv.conf has the same content
=== # postconf -nf
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
compatibility_level = 2
disable_dns_lookups = no
disable_vrfy_command = yes
inet_interfaces = all
inet_protocols = all
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
message_size_limit = 20971520
milter_default_action = accept
milter_protocol = 6
mydestination = localhost
mydomain = dominio.com.ar
myhostname = correo.$mydomain
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
myorigin = $myhostname
non_smtpd_milters = $smtpd_milters
policyd-spf_time_limit = 3600
readme_directory = no
recipient_delimiter = +
relayhost =
smtp_host_lookup = dns
smtp_tls_exclude_ciphers = $smtpd_tls_exclude_ciphers
smtp_tls_loglevel = $smtpd_tls_loglevel
smtp_tls_mandatory_ciphers = $smtpd_tls_mandatory_ciphers
smtp_tls_mandatory_exclude_ciphers = $smtpd_tls_mandatory_exclude_ciphers
smtp_tls_mandatory_protocols = $smtpd_tls_mandatory_protocols
smtp_tls_protocols = TLSv1.2, !TLSv1.1, !TLSv1, !SSLv2, !SSLv3
smtp_tls_security_level = verify
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP
smtpd_client_restrictions = permit_mynetworks, permit_sasl_authenticated
smtpd_enforce_tls = yes
smtpd_helo_required = yes
smtpd_milters = inet:localhost:8891
smtpd_recipient_restrictions = reject_unknown_sender_domain,
permit_mynetworks,
permit_sasl_authenticated, reject_rbl_client zen.spamhaus.org,
reject_rhsbl_reverse_client dbl.spamhaus.org, reject_rhsbl_helo
dbl.spamhaus.org, reject_rhsbl_sender dbl.spamhaus.org,
check_policy_service
unix:private/policyd-spf, check_policy_service inet:127.0.0.1:10023
smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated,
reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous, noplaintext
smtpd_sasl_tls_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_sender_restrictions = reject_unknown_sender_domain
smtpd_tls_auth_only = yes
smtpd_tls_cert_file =
/etc/apache2/md/domains/correo.dominio.com.ar/pubcert.pem
smtpd_tls_ciphers = high
smtpd_tls_exclude_ciphers = $smtpd_tls_mandatory_exclude_ciphers
smtpd_tls_key_file =
/etc/apache2/md/domains/correo.dominio.com.ar/privkey.pem
smtpd_tls_loglevel = 1
smtpd_tls_mandatory_ciphers = high
smtpd_tls_mandatory_exclude_ciphers = MD5, DES, ADH, RC4, PSD, SRP, 3DES,
eNULL,
aNULL
smtpd_tls_mandatory_protocols = TLSv1.2, !TLSv1.1, !TLSv1, !SSLv2, !SSLv3
smtpd_tls_protocols = TLSv1.2, !TLSv1.1, !TLSv1, !SSLv2, !SSLv3
smtpd_tls_received_header = yes
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
spamassassin_destination_recipient_limit = 1
tls_disable_workarounds = 0xFFFFFFFFFFFFFFFF
tls_preempt_cipherlist = yes
tls_ssl_options = NO_RENEGOTIATION
virtual_alias_maps = mysql:/etc/postfix/mysql/virtual_alias_maps.cf
virtual_mailbox_domains = mysql:/etc/postfix/mysql/virtual_domains_maps.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql/virtual_mailbox_maps.cf
virtual_transport = lmtp:unix:private/dovecot-lmtp
=== # postconf -Mf
smtp inet n - n - - smtpd
-o smtpd_enforce_tls=yes
-o smtpd_tls_security_level=encrypt
-o tls_preempt_cipherlist=yes
-o content_filter=spamassassin
submission inet n - n - - smtpd
-o syslog_name=postfix/submission
-o smtpd_tls_security_level=encrypt
-o tls_preempt_cipherlist=yes
smtps inet n - y - - smtpd
pickup unix n - y 60 1 pickup
cleanup unix n - y - 0 cleanup
qmgr unix n - n 300 1 qmgr
tlsmgr unix - - y 1000? 1 tlsmgr
rewrite unix - - y - - trivial-rewrite
bounce unix - - y - 0 bounce
defer unix - - y - 0 bounce
trace unix - - y - 0 bounce
verify unix - - y - 1 verify
flush unix n - y 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - n - - smtp
relay unix - - y - - smtp
-o syslog_name=postfix/$service_name
showq unix n - y - - showq
error unix - - y - - error
retry unix - - n - - error
discard unix - - y - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - y - - lmtp
anvil unix - - y - 1 anvil
scache unix - - y - 1 scache
postlog unix-dgram n - n - 1 postlogd
maildrop unix - n n - - pipe flags=DRhu
user=vmail argv=/usr/bin/maildrop -d ${recipient}
uucp unix - n n - - pipe flags=Fqhu
user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail unix - n n - - pipe flags=F
user=ftn
argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe flags=Fq.
user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix - n n - 2 pipe flags=R
user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop}
${user} ${extension}
mailman unix - n n - - pipe flags=FR
user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py ${nexthop}
${user}
policyd-spf unix - n n - 0 spawn
user=policyd-spf
argv=/usr/bin/policyd-spf
spamassassin unix - n n - - pipe user=spamd
argv=/usr/bin/spamc -f -e /usr/sbin/sendmail -oi -f ${sender}
${recipient}
After adjusting values the recommended way not getting
connect to correo.dominio.com.ar[]:25: Connection timed out
and
Jan 31 09:43:42 domiinio postfix/smtp[13099]: Untrusted TLS connection
established to alt2.gmail-smtp-in.l.google.com[172.217.218.26]:25: TLSv1.2
with cipher ECDHE-ECDSA-CHACHA20-POLY1305 (256/256 bits)
Jan 31 09:43:42 dominio postfix/smtp[13099]: E6AA880124FF7: to=<
u...@gmail.com>, relay=alt2.gmail-smtp-in.l.google.com[172.217.218.26]:25,
delay=40220, delays=40215/0/4.5/0, dsn=4.7.5, status=deferred (Server
certificate not trusted)
_______________________________________________
Daniel A. Rodriguez
Departamento de Tecnología para la Gestión
Escuela Provincial de Educación Técnica N° 1
Posadas - Misiones - Argentina
(0376) 443-8578
www.epet1.edu.ar
