Re: submission port woes

2015-10-13 Thread niya levi 


On 13/10/15 04:41, Viktor Dukhovni wrote:
> On Tue, Oct 13, 2015 at 02:11:59AM +0100, niya levi wrote:
>
>> I can connect to smtpd and SASL with TLS on port 25,
>> but port 587 only responds with connected, then hangs
>> for a while, then quits without any certificate activity.
>> Is my submission section in master.cf incorrect?
> Perhaps, but you're not using it.
>
>> (port 587)
>>
>> Oct 13 00:51:07 testy postfix/smtps/smtpd[23482]: connect from
>> testy.tissisat.co.uk[10.2.1.10]
>> Oct 13 00:51:24 testy postfix/smtps/smtpd[23482]: SSL_accept error from
>> testy.tissisat.co.uk[10.2.1.10]: lost connection
>> Oct 13 00:51:24 testy postfix/smtps/smtpd[23482]: lost connection after
>> CONNECT from testy.tissisat.co.uk[10.2.1.10]
>> Oct 13 00:51:24 testy postfix/smtps/smtpd[23482]: disconnect from
>> testy.tissisat.co.uk[10.2.1.10] commands=0/0
> This service is using "wrapper mode" (fails SSL_accept right after
> connect), and its syslog_name is "postfix/smtps".
>
>> nano /etc/postfix/master.cf
>> # ==
>> # service type  private unpriv  chroot  wakeup  maxproc command + args
>> #   (yes)   (yes)   (yes)   (never) (100)
>> # ==
>> smtp  inet  n   -   n   -   -   smtpd
>> smtp  inet  n   -   n   -   -   smtpd
> You probably don't need two of these.
>
>> submission inet n   -   n   -   -   smtpd
>>   -o syslog_name=postfix/submission
>>   -o smtpd_tls_security_level=encrypt
>>   -o smtpd_sasl_auth_enable=yes
>>   -o smtpd_reject_unlisted_recipient=no
>>   -o smtpd_sasl_security_options=noanonymous
>>   -o smtpd_sasl_local_domain=testy.tissisat.co.uk
>>   -o smtpd_client_restrictions=permit_sasl_authenticated,reject
>>   -o smtpd_sender_login_maps=proxy:pgsql:/etc/postfix/pgsql-boxes.cf
>>   -o 
>> smtpd_recipient_restrictions=reject_non_fqdn_recipient,reject_unknown_recipient_domain,permit_sasl_authenticated,permit_mynetwo$
>>   -o smtpd_sasl_tls_security_options=noanonymous
>>   -o smtpd_sasl_type=dovecot
>>   -o smtpd_sasl_path=private/auth
>>   -o milter_macro_daemon_name=ORIGINATING
> This master.cf definition does not enable wrapper mode, and its
> syslog_name is postfix/submission.
>
> So the logs you posted are for some other service (perhaps port
> 465, not shown in your master.cf extract).
>

Hi Victor
thanks for your reply
the two smtp lines is a cut and paste error , there is only one line,
after you mentioned wrapper mode and the syslog name i figured out the
problem
i had the following in master.cf

# smtps inet  n   -   n   -   -   smtpd -v
  -o syslog_name=postfix/smtps
  -o smtpd_tls_wrappermode=yes
  -o smtpd_tls_security_level=encrypt
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_tls_auth_only=no
  -o smtpd_sasl_security_options=noanonymous
  -o smtpd_sasl_local_domain=testy.tissisat.co.uk
  -o smtpd_sender_login_maps=proxy:pgsql:/etc/postfix/pgsql-boxes.cf
  -o smtpd_sender_restrictions=reject_sender_login_mismatch
  -o
smtpd_client_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
  -o
smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,reject_non_fqdn_recipient,reject_unknown_recipient_dom$
  -o smtpd_sasl_security_options=noanonymous
  -o smtpd_sasl_tls_security_options=noanonymous
  -o smtpd_sasl_type=dovecot
  -o smtpd_sasl_path=private/auth
  -o milter_macro_daemon_name=ORIGINATING

after removing the whole section, submission now works,
i was under the impression that commenting  the first line commented out
the options also.
thanks again
shadrock

submission port woes

2015-10-12 Thread niya levi 
hi everyone
i can connect to smtpd and sasl with tls on port 25
but port 587 only responds with connected then hangs
for a while then quits without any certificate activity.
is my submission section in master.cf incorrect ?


[root@testy worker]# openssl s_client -starttls smtp -connect
testy.tissisat.co.uk:25
CONNECTED(0003)
depth=1 C = UK, ST = UK, L = Nottingham, O = tissisat, OU = hq, CN =
tissisat CA, name = Tissisat, emailAddress = n...@tissisat.co.uk
verify error:num=19:self signed certificate in certificate chain
---
Certificate chain
 0
s:/C=UK/ST=UK/L=Nottingham/O=tissisat/OU=hq/CN=testy.tissisat.co.uk/name=Tissisat/emailAddress=n...@tissisat.co.uk
   i:/C=UK/ST=UK/L=Nottingham/O=tissisat/OU=hq/CN=tissisat
CA/name=Tissisat/emailAddress=n...@tissisat.co.uk
 1 s:/C=UK/ST=UK/L=Nottingham/O=tissisat/OU=hq/CN=tissisat
CA/name=Tissisat/emailAddress=n...@tissisat.co.uk
   i:/C=UK/ST=UK/L=Nottingham/O=tissisat/OU=hq/CN=tissisat
CA/name=Tissisat/emailAddress=n...@tissisat.co.uk
---
Server certificate
-BEGIN CERTIFICATE-
MIIFEzCCA/ugAwIBAgIBAjANBgkqhkiG9w0BAQsFADCBnDELMAkGA1UEBhMCVUsx
CzAJBgNVBAgTAlVLMRMwEQYDVQQHEwpOb3R0aW5naGFtMREwDwYDVQQKEwh0aXNz
aXNhdDELMAkGA1UECxMCaHExFDASBgNVBAMTC3Rpc3Npc2F0IENBMREwDwYDVQQp
EwhUaXNzaXNhdDEiMCAGCSqGSIb3DQEJARYTbml5YUB0aXNzaXNhdC5jby51azAe
Fw0xNTEwMTIxMDExMzZaFw0yNTEwMDkxMDExMzZaMIGlMQswCQYDVQQGEwJVSzEL
MAkGA1UECBMCVUsxEzARBgNVBAcTCk5vdHRpbmdoYW0xETAPBgNVBAoTCHRpc3Np
c2F0MQswCQYDVQQLEwJocTEdMBsGA1UEAxMUdGVzdHkudGlzc2lzYXQuY28udWsx
ETAPBgNVBCkTCFRpc3Npc2F0MSIwIAYJKoZIhvcNAQkBFhNuaXlhQHRpc3Npc2F0
LmNvLnVrMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArrO9EhaBlneb
+Cw9+uHcjJLdDlULw0xABdA0kMczL0tYu9icnIgPKbHheHTOWJIzik4y6MIokJJT
0BXgZUyW9pyqe7Sh6xsD+hG04SW6rHQ/PgEaqPZymYFzFo7anbMCDVrTuGByaBbY
bFlBKvjUigXOCDNl+YMRDyXF/Rl1RoHfxbxhtRF5uHQcsxa1yNBm9OImiQdTfPpy
zqUD/9eBQloECetX8zYhHstZIUMrSXX3eNQH7zJdnia/DTyC1gxFTeD8uJCPy3XC
taaoBCln5dn+DlmMa4KYH5V/IeQ0t2zpuQAS3nmGpObYs5k54x7YuTLZi2iyY7z/
6KkksWigswIDAQABo4IBUzCCAU8wCQYDVR0TBAIwADAtBglghkgBhvhCAQ0EIBYe
RWFzeS1SU0EgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBSZtwljwGpd
LlPc9JF3C1iAc4TdFjCB0QYDVR0jBIHJMIHGgBR7WJOIihMY+aI70RnunW4V8pJq
KaGBoqSBnzCBnDELMAkGA1UEBhMCVUsxCzAJBgNVBAgTAlVLMRMwEQYDVQQHEwpO
b3R0aW5naGFtMREwDwYDVQQKEwh0aXNzaXNhdDELMAkGA1UECxMCaHExFDASBgNV
BAMTC3Rpc3Npc2F0IENBMREwDwYDVQQpEwhUaXNzaXNhdDEiMCAGCSqGSIb3DQEJ
ARYTbml5YUB0aXNzaXNhdC5jby51a4IJAOYX/JigH7gdMBMGA1UdJQQMMAoGCCsG
AQUFBwMCMAsGA1UdDwQEAwIHgDANBgkqhkiG9w0BAQsFAAOCAQEAWDJ4/FAFY6+n
DgMkTfM/vrjyhrgOm4vWCS7HePeZPzPXqGK1HZ5ZcZL5w2SHgrN9r03Ai9mIJtP2
vjjpMBAMdeG/ePJOR3K+o0s6efJBgcCO4XwG8g9lYLbcfClmP5zvGC6nic3HbSIB
feV5QrErDe2zUKK33U1ErLRC9Jjr3q6oinbzgYFu2tDuC9/mIcnQ1oa8Hyi3UfX7
qEsBuBVzhog2wU3zkhZyi+IKHAUILEj1zDQBhaeZBr8NGbiJbbgIkO3p7OOvy6Sv
EwnmVw0yH5+5n1IeaxFTrZBSiJTKrnEu7lhSXeMrPDBHIEcfVmt82lYiyoAyp+1R
gVGqnrMleg==
-END CERTIFICATE-
subject=/C=UK/ST=UK/L=Nottingham/O=tissisat/OU=hq/CN=testy.tissisat.co.uk/name=Tissisat/emailAddress=n...@tissisat.co.uk
issuer=/C=UK/ST=UK/L=Nottingham/O=tissisat/OU=hq/CN=tissisat
CA/name=Tissisat/emailAddress=n...@tissisat.co.uk
---
No client certificate CA names sent
Peer signing digest: SHA512
Server Temp Key: ECDH, P-256, 256 bits
---
SSL handshake has read 3485 bytes and written 488 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: zlib compression
Expansion: zlib compression
No ALPN negotiated
SSL-Session:
Protocol  : TLSv1.2
Cipher: ECDHE-RSA-AES256-GCM-SHA384
Session-ID:
6E4020BD2EEC00C0B2BBE5949B4BCEF4CE85ED5DAAAB2090E070F1D81867C6BD
Session-ID-ctx:
Master-Key:
F9C12FC0E28408293436FBEC1407D6A629522C7E2ABFD094400AB44E62EAEC0BDE33A116811560F035FA8AE30E603821
Key-Arg   : None
PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket lifetime hint: 7200 (seconds)
TLS session ticket:
 - d6 4f 5f 0d 92 62 6c 18-85 b7 11 50 1e 28 54 f8  
.O_..blP.(T.
0010 - 1a 4f 50 a5 ce 72 65 fe-f7 51 4c f1 aa 6b bd 6a  
.OP..re..QL..k.j
0020 - 90 73 50 bb 2d 88 7b 6e-a0 48 ec 01 7d 7d e9 20  
.sP.-.{n.H..}}.
0030 - aa 29 d2 9b bc 86 a2 e3-e1 80 23 ac 52 0f 7f df  
.)#.R...
0040 - fe d9 d5 2c 52 dc 15 8b-2a 9f f8 a8 54 79 ba 25  
...,R...*...Ty.%
0050 - 8e 15 a1 05 02 6f af 1b-d1 83 48 dd 01 11 25 ef  
.oH...%.
0060 - ec 95 20 52 36 ed 82 ca-f9 28 5e 6b 15 1e 26 c4   ..
R6(^k..&.
0070 - b5 b4 ce 3a f5 43 8d 00-70 36 c9 33 e7 08 63 0b  
...:.C..p6.3..c.
0080 - 1a d3 e2 51 95 11 cd 9d-e5 91 dc 06 27 20 4f dd  
...Q' O.
0090 - 9f 94 42 cf 19 46 24 6d-63 a6 52 9a c2 ae 0d 78  
..B..F$mc.Rx
00a0 - 04 e1 a7 4b 54 29 f5 1b-b0 e7 48 f8 7e 1e 70 74  
...KT)H.~.pt

Compression: 1 (zlib compression)
Start Time: 1444691377
Timeout   : 300 (sec)
Verify return code: 19 (self signed certificate in certificate chain)
---
250 SMTPUTF8
ehlo testy
250-testy.tissisat.co.uk

no SASL authentication mechanisms

2015-10-11 Thread niya levi 

hi everyone
i have postfix dovecot and postgresql installed on arch linux,
the server delivers mail correctly without sasl enabled
when i setup and enable sasl and telnet from localhost or from a remote
connection
i get 'Connection closed by foreign host' immediately
and i get in the logs
no SASL authentication mechanisms
these are my configuration files and logs.

nano /etc/dovecot/dovecot.conf

disable_plaintext_auth = no
mail_privileged_group = vmail
log_timestamp = "%Y-%m-%d %H:%M:%S "

log_path = /var/log/dovecot.log
#  enables logging all failed authentication attempts.
# auth_verbose=yes
# enables all authentication debug logging (also enables auth_verbose).
Passwords are logged as .
# auth_debug=yes
# does everything that auth_debug=yes does, but it also removes password
hiding.
auth_debug_passwords=yes
# enables all kinds of mail related debug logging, such as showing where
Dovecot is looking for mails.
mail_debug=yes
# enables logging SSL errors and warnings. Even without this setting if
connection is closed because of an SSL error, the error is logged as the
disconnection reason (v1.1+)
# verbose_ssl=yes

passdb {
  args = /etc/dovecot/dovecot-sql.conf
  driver = sql
}
userdb {
  driver = prefetch
}
userdb {
  args = /etc/dovecot/dovecot-sql.conf
  driver = sql
}

protocols = "pop3 imap lmtp"

protocol imap {
  mail_plugins = " autocreate"
}

plugin {
  autocreate = Trash
  autocreate2 = Sent
  autosubscribe = Trash
  autosubscribe2 = Sent
}

service auth {
  unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0666
user = postfix
  }
}

service lmtp {
unix_listener /var/spool/postfix/private/dovecot-lmtp {
group = postfix
mode = 0600
user = postfix
}
}
protocol lmtp {
postmaster_address=postmas...@testy.tissisat.co.uk
hostname=testy.tissisat.co.uk
info_log_path = /var/log/dovecot-lmtp.log
}

ssl_cert = 
localhost.localdomain[127.0.0.1]: 220 testy.tissisat.co.uk ESMTP Postfix
Oct 11 10:45:43 testy postfix/smtpd[16760]: xsasl_dovecot_server_create:
SASL service=smtp, realm=testy.tissisat.co.uk
Oct 11 10:45:43 testy postfix/smtpd[16760]: name_mask: noanonymous
Oct 11 10:45:43 testy postfix/smtpd[16760]: name_mask: noplaintext
Oct 11 10:45:43 testy postfix/smtpd[16760]:
xsasl_dovecot_server_connect: Connecting
Oct 11 10:45:43 testy postfix/smtpd[16760]:
xsasl_dovecot_server_connect: auth reply: VERSION?1?1
Oct 11 10:45:43 testy postfix/smtpd[16760]:
xsasl_dovecot_server_connect: auth reply: MECH?PLAIN?plaintext
Oct 11 10:45:43 testy postfix/smtpd[16760]: name_mask: plaintext
Oct 11 10:45:43 testy postfix/smtpd[16760]:
xsasl_dovecot_server_connect: auth reply: MECH?LOGIN?plaintext
Oct 11 10:45:43 testy postfix/smtpd[16760]: name_mask: plaintext
Oct 11 10:45:43 testy postfix/smtpd[16760]:
xsasl_dovecot_server_connect: auth reply: SPID?16763
Oct 11 10:45:43 testy postfix/smtpd[16760]:
xsasl_dovecot_server_connect: auth reply: CUID?1
Oct 11 10:45:43 testy postfix/smtpd[16760]:
xsasl_dovecot_server_connect: auth reply:
COOKIE?5144cccf9d947e85a107922ec961648c
Oct 11 10:45:43 testy postfix/smtpd[16760]:
xsasl_dovecot_server_connect: auth reply: DONE
Oct 11 10:45:43 testy postfix/smtpd[16760]:
xsasl_dovecot_server_mech_filter: skip mechanism: PLAIN
Oct 11 10:45:43 testy postfix/smtpd[16760]:
xsasl_dovecot_server_mech_filter: skip mechanism: LOGIN
Oct 11 10:45:43 testy postfix/smtpd[16760]: fatal: no SASL
authentication mechanisms
Oct 11 10:45:44 testy postfix/master[396]: warning: process
/usr/lib/postfix/bin/smtpd pid 16760 exit status 1
Oct 11 10:45:44 testy postfix/master[396]: warning:
/usr/lib/postfix/bin/smtpd: bad command startup -- throttling


Shadrock

Re: no SASL authentication mechanisms

2015-10-11 Thread niya levi 


On 11/10/15 11:49, Patrick Ben Koetter wrote:
> * niya levi <niyal...@gmail.com>:
>> nano /etc/dovecot/dovecot.conf
>>
>> service auth {
>>   unix_listener /var/spool/postfix/private/auth {
>> group = postfix
>> mode = 0666
>> user = postfix
>>   }
>> }
> No reason to let others read auth data. Make that:
>
> mode = 0660
>
>> postconf -n
>> broken_sasl_auth_clients = yes   
>>  
>>
>> myorigin = $myhostname
>> smtpd_sasl_auth_enable = yes
>> smtpd_sasl_exceptions_networks = $mynetworks
>> smtpd_sasl_local_domain = $myhostname
>> smtpd_sasl_path = private/auth
>> smtpd_sasl_security_options = noanonymous noplaintext
> That's the problem. Your dovecot server only annouces PLAIN as auth mechanism
> (by default). Modify the smtpd_sasl_security_options like this:
>
> smtpd_sasl_security_options = noanonymous
>
> Then try again.
>
> I suggest to configure your mail server to offer SMTP AUTH on submission (587)
> only. Enforce TLS on the submission port and PLAIN will be safe to use.
>
> p@rick
>
>> Oct 11 10:45:43 testy postfix/smtpd[16760]: 
>> xsasl_dovecot_server_mech_filter: skip mechanism: PLAIN
>> Oct 11 10:45:43 testy postfix/smtpd[16760]: 
>> xsasl_dovecot_server_mech_filter: skip mechanism: LOGIN
>> Oct 11 10:45:43 testy postfix/smtpd[16760]: fatal: no SASL authentication 
>> mechanisms
thanks p@rick
have corrected smtpd_sasl_security_options.
> I suggest to configure your mail server to offer SMTP AUTH on submission (587)
> only. Enforce TLS on the submission port and PLAIN will be safe to use.
should i change smtpd_sasl_auth_enable = yes to no in main.cf
move the rest of the sasl entries in main.cf yo master.cf
and change the smtpd_tls_auth_only in the submission section in
master.cf to yes ?

shadrock

Re: no SASL authentication mechanisms

2015-10-11 Thread niya levi 


On 11/10/15 15:57, Patrick Ben Koetter wrote:
> * niya levi <niyal...@gmail.com>:
>>
>> On 11/10/15 11:49, Patrick Ben Koetter wrote:
>>> * niya levi <niyal...@gmail.com>:
>>>> nano /etc/dovecot/dovecot.conf
>>>>
>>>> service auth {
>>>>   unix_listener /var/spool/postfix/private/auth {
>>>> group = postfix
>>>> mode = 0666
>>>> user = postfix
>>>>   }
>>>> }
>>> No reason to let others read auth data. Make that:
>>>
>>> mode = 0660
>>>
>>>> postconf -n
>>>> broken_sasl_auth_clients = yes 
>>>>
>>>>
>>>> myorigin = $myhostname
>>>> smtpd_sasl_auth_enable = yes
>>>> smtpd_sasl_exceptions_networks = $mynetworks
>>>> smtpd_sasl_local_domain = $myhostname
>>>> smtpd_sasl_path = private/auth
>>>> smtpd_sasl_security_options = noanonymous noplaintext
>>> That's the problem. Your dovecot server only annouces PLAIN as auth 
>>> mechanism
>>> (by default). Modify the smtpd_sasl_security_options like this:
>>>
>>> smtpd_sasl_security_options = noanonymous
>>>
>>> Then try again.
>>>
>>> I suggest to configure your mail server to offer SMTP AUTH on submission 
>>> (587)
>>> only. Enforce TLS on the submission port and PLAIN will be safe to use.
>>>
>>> p@rick
>>>
>>>> Oct 11 10:45:43 testy postfix/smtpd[16760]: 
>>>> xsasl_dovecot_server_mech_filter: skip mechanism: PLAIN
>>>> Oct 11 10:45:43 testy postfix/smtpd[16760]: 
>>>> xsasl_dovecot_server_mech_filter: skip mechanism: LOGIN
>>>> Oct 11 10:45:43 testy postfix/smtpd[16760]: fatal: no SASL authentication 
>>>> mechanisms
>> thanks p@rick
>> have corrected smtpd_sasl_security_options.
>>> I suggest to configure your mail server to offer SMTP AUTH on submission 
>>> (587)
>>> only. Enforce TLS on the submission port and PLAIN will be safe to use.
>> should i change smtpd_sasl_auth_enable = yes to no in main.cf
>> move the rest of the sasl entries in main.cf yo master.cf
> Leave all settings in main.cf and disable smtpd_sasl_auth_enable in main.cf.
> Then turn it on in master.cf in context of the submission service.
>
>> and change the smtpd_tls_auth_only in the submission section in
>> master.cf to yes ?
> yep.
>
> p@rick
>
>
many thanks Patrick

re:postgresql table does not exist error

2015-10-08 Thread niya levi 
> Date: From: Subject: [none] hi everyone i have installed and
> configured postgresql postfix and dovecot on arch linux the database
> called mail has this table and is owned by mailreader CREATE TABLE
> "al" ( alias text NOT NULL, email text NOT NULL ); the postfix file
> (/etc/postfix/pgsql-aliases.cf) has this hosts = /run/postgresql/ user
> = mailreader dbname = mail query = SELECT alias FROM "al" WHERE
> email='%s' (postgresql log file) ERROR: relation "al" does not exist
> at character STATEMENT: SELECT alias FROM "al" WHERE
> email='ivy.tissisat.co.uk' (postfix log) Oct 05 18:19:33 testy
> postfix/smtpd[801]: connect from localhost.localdomain[127.0.0.1] Oct
> 05 18:20:21 testy postfix/proxymap[802]: warning: pgsql query failed:
> fatal error from host /run/postgresql: ERROR: relation "al" does not
> exist?LINE 1: SELECT alias FROM "al" WHERE email='ivy.tissi Oct 05
> 18:20:21 testy postfix/trivial-rewrite[805]: warning:
> virtual_alias_domains: proxy:pgsql:/etc/postfix/pgsql-aliases.cf:
> table lookup problem Oct 05 18:20:21 testy
> postfix/trivial-rewrite[805]: warning: virtual_alias_domains lookup
> failure Oct 05 18:21:07 testy postfix/trivial-rewrite[805]: warning:
> virtual_alias_domains: proxy:pgsql:/etc/postfix/pgsql-aliases.cf:
> table lookup problem Oct 05 18:21:07 testy
> postfix/trivial-rewrite[805]: warning: virtual_alias_domains lookup
> failure Oct 05 18:21:07 testy postfix/smtpd[801]: NOQUEUE: reject:
> RCPT from localhost.localdomain[127.0.0.1]: 451 4.3.0
> : Temporary lookup failure;
> from=3D to=3D
> proto=3DESMTP helo=3D Oct 05 18:26:07 testy postfix/smtpd[801]:
> timeout after RCPT from localhost.localdomain[127.0.0.1] Oct 05
> 18:26:07 testy postfix/smtpd[801]: disconnect from
> localhost.localdomain[127.0.0.1] ehlo=3D1 mail=3D1 rcpt=3D0/1
> commands=3D= 2/3 i have read about quoting and case folding in
> postgresql my original table name and references to it was in lower
> case and without quotes so i recreated a new table with name lowercase
> characters with quotes and referenced the table with quotes and i
> still have the same errors. i also changed the host line to localhost
> in /etc/postfix/pgsql-aliases.cf and the error still occurs any
> sugestions what the problem might be ? shadrock
> -- Date: From: Subject: [none] Hi,
>> the postfix file (/etc/postfix/pgsql-aliases.cf) has this
>>
>>hosts = /run/postgresql/
> You should specify the socket to use.
>
> From http://www.postfix.org/pgsql_table.5.html
>
> hosts
> The hosts that Postfix will try to connect to and query from. Specify unix: 
> for UNIX-domain sockets, inet: for TCP connections (default). Example:
> hosts = host1.some.domain host2.some.domain:port
> hosts = unix:/file/name
> The hosts are tried in random order, with all connections over UNIX domain 
> sockets being tried before those over TCP. The connections are automatically 
> closed after being idle for about 1 minute, and are re-opened as necessary.
> NOTE: the unix: and inet: prefixes are accepted for backwards compatibility 
> reasons, but are actually ignored.
> The PostgreSQL client library will always try to connect to an UNIX socket if 
> the name starts with a slash, and will try a TCP connection otherwise.
>
>>user = mailreader
>>dbname = mail
>>query = SELECT alias FROM "al" WHERE email='%s'
> Regards
> - christian


hi christian
thanks for the reply
i have fixed the error,
it was a database problem , i removed the tables then recreated them
and the error cleared,
as a side note
your suggestion about the hosts line entry is incorrect
the socket name is automatically appended when the socket directory is
specified
else it will throw an error asking if the database is running and
listening on localhost
so no need to add the socket name.
thanks again.
shadrock

postgresql table does not exist error

2015-10-05 Thread niya levi 
hi everyone
i have installed and configured
postgresql postfix and dovecot on arch linux
the database called mail has this table and is owned by mailreader

CREATE TABLE "al" (
alias text NOT NULL,
email text NOT NULL
);

the postfix file (/etc/postfix/pgsql-aliases.cf) has this

hosts = /run/postgresql/
user = mailreader
dbname = mail
query = SELECT alias FROM "al" WHERE email='%s'


(postgresql log file)
ERROR:  relation "al" does not exist at character
19  
   
 
STATEMENT:  SELECT alias FROM "al" WHERE email='ivy.tissisat.co.uk'

(postfix log)
Oct 05 18:19:33 testy postfix/smtpd[801]: connect from
localhost.localdomain[127.0.0.1]
Oct 05 18:20:21 testy postfix/proxymap[802]: warning: pgsql query
failed: fatal error from host /run/postgresql: ERROR:  relation "al"
does not exist?LINE 1: SELECT alias FROM "al" WHERE email='ivy.tissi
Oct 05 18:20:21 testy postfix/trivial-rewrite[805]: warning:
virtual_alias_domains: proxy:pgsql:/etc/postfix/pgsql-aliases.cf: table
lookup problem
Oct 05 18:20:21 testy postfix/trivial-rewrite[805]: warning:
virtual_alias_domains lookup failure
Oct 05 18:21:07 testy postfix/trivial-rewrite[805]: warning:
virtual_alias_domains: proxy:pgsql:/etc/postfix/pgsql-aliases.cf: table
lookup problem
Oct 05 18:21:07 testy postfix/trivial-rewrite[805]: warning:
virtual_alias_domains lookup failure
Oct 05 18:21:07 testy postfix/smtpd[801]: NOQUEUE: reject: RCPT from
localhost.localdomain[127.0.0.1]: 451 4.3.0 :
Temporary lookup failure; from=
to= proto=ESMTP helo=
Oct 05 18:26:07 testy postfix/smtpd[801]: timeout after RCPT from
localhost.localdomain[127.0.0.1]
Oct 05 18:26:07 testy postfix/smtpd[801]: disconnect from
localhost.localdomain[127.0.0.1] ehlo=1 mail=1 rcpt=0/1 commands=2/3


i have read about quoting and case folding in postgresql
my original table name and references to it was in lower case and
without quotes
so i recreated a new table with name lowercase characters with quotes
and referenced the table with quotes and i still have the same errors.
i also changed the host line to localhost in /etc/postfix/pgsql-aliases.cf
and the error still occurs
any sugestions what the problem might be ?
shadrock