SMTPUTF8 is required...
Hi there This error came up: "SMTPUTF8 is required, but was not offered by host..." I've already tweaked this options: smtputf8_enable = no compatibility_level = 2 Error appeared again, so. What else can I do? Running Postfix 3.4.14 with Dovecot 2.3.4.1 on Debian 10 Thanks in advance Daniel A. Rodriguez _Informática, Conectividad y Sistemas_ Universidad Nacional del Alto Uruguay San Vicente - Misiones - Argentina informatica.unau.edu.ar
Re: Unable to receive mail from certain hosts
El mar, 27 de jul. de 2021 a la(s) 10:10, Wietse Venema ( wie...@porcupine.org) escribió: > Daniel Armando Rodriguez: > > Jul 27 07:27:52 postoffice postfix/smtpd[13730]: < lists.isc.org > [149.20.1.60]: > > MAIL FROM: > > SIZE=1997 > > Jul 27 07:27:52 postoffice postfix/smtpd[13730]: > lists.isc.org > [149.20.1.60]: > > 530 5.7.0 Must issue a STARTTLS command first > > This proves that you still have mandatory TLS enabled. > > Instead of pasting main.cf snippets, do this: > > postconf -n | grep tls > > postconf -P | grep tls > > And report the output. > Doing this I've noticed that my master.cf had such option enabled, my bad. Now everything is working as expected. Thank you all for your time, and knowledge :-D ___ Daniel A. Rodriguez Departamento de Tecnología para la Gestión Escuela Provincial de Educación Técnica N° 1 Posadas - Misiones - Argentina (0376) 443-8578 www.epet1.edu.ar
Re: Unable to receive mail from certain hosts
El mar, 27 de jul. de 2021 a la(s) 02:14, Viktor Dukhovni ( postfix-us...@dukhovni.org) escribió: > > On 26 Jul 2021, at 10:08 pm, post...@ptld.com wrote: > > > > You change to: > > > >smtpd_enforce_tls = no > >smtpd_use_tls = no > >smtpd_tls_security_level = may > > With "smtpd_tls_security_level = may" the obsolete legacy syntax should > simply > not be used. Just remove the other two settings entirely from the > configuration. > Just disabled the legacy syntax and this is the log Jul 27 07:27:52 postoffice postfix/smtpd[13730]: > lists.isc.org[149.20.1.60]: 250-correo.dominio.edu.ar Jul 27 07:27:52 postoffice postfix/smtpd[13730]: > lists.isc.org[149.20.1.60]: 250-PIPELINING Jul 27 07:27:52 postoffice postfix/smtpd[13730]: > lists.isc.org[149.20.1.60]: 250-SIZE 2048 Jul 27 07:27:52 postoffice postfix/smtpd[13730]: > lists.isc.org[149.20.1.60]: 250-ETRN Jul 27 07:27:52 postoffice postfix/smtpd[13730]: > lists.isc.org[149.20.1.60]: 250-STARTTLS Jul 27 07:27:52 postoffice postfix/smtpd[13730]: > lists.isc.org[149.20.1.60]: 250-ENHANCEDSTATUSCODES Jul 27 07:27:52 postoffice postfix/smtpd[13730]: > lists.isc.org[149.20.1.60]: 250-8BITMIME Jul 27 07:27:52 postoffice postfix/smtpd[13730]: > lists.isc.org[149.20.1.60]: 250-DSN Jul 27 07:27:52 postoffice postfix/smtpd[13730]: > lists.isc.org[149.20.1.60]: 250-SMTPUTF8 Jul 27 07:27:52 postoffice postfix/smtpd[13730]: > lists.isc.org[149.20.1.60]: 250 CHUNKING Jul 27 07:27:52 postoffice postfix/smtpd[13730]: < lists.isc.org[149.20.1.60]: MAIL FROM: SIZE=1997 Jul 27 07:27:52 postoffice postfix/smtpd[13730]: > lists.isc.org[149.20.1.60]: 530 5.7.0 Must issue a STARTTLS command first Jul 27 07:27:52 postoffice postfix/smtpd[13730]: < lists.isc.org[149.20.1.60]: RCPT TO: ORCPT=rfc822;usua...@dominio.edu.ar Jul 27 07:27:52 postoffice postfix/smtpd[13730]: > lists.isc.org[149.20.1.60]: 530 5.7.0 Must issue a STARTTLS command first Jul 27 07:27:52 postoffice postfix/smtpd[13730]: < lists.isc.org[149.20.1.60]: DATA Jul 27 07:27:52 postoffice postfix/smtpd[13730]: > lists.isc.org[149.20.1.60]: 530 5.7.0 Must issue a STARTTLS command first Jul 27 07:27:53 postoffice postfix/smtpd[13730]: < lists.isc.org[149.20.1.60]: RSET Jul 27 07:27:53 postoffice postfix/smtpd[13730]: > lists.isc.org[149.20.1.60]: 530 5.7.0 Must issue a STARTTLS command first Jul 27 07:27:53 postoffice postfix/smtpd[13730]: < lists.isc.org[149.20.1.60]: QUIT Jul 27 07:27:53 postoffice postfix/smtpd[13730]: > lists.isc.org[149.20.1.60]: 221 2.0.0 Bye ___ Daniel A. Rodriguez Departamento de Tecnología para la Gestión Escuela Provincial de Educación Técnica N° 1 Posadas - Misiones - Argentina (0376) 443-8578 www.epet1.edu.ar
Re: Unable to receive mail from certain hosts
Thanks for the quick reply, After disabling such options error stands. El lun, 26 de jul. de 2021 a la(s) 21:28, escribió: > > smtpd_enforce_tls = yes > > Oops, i missed this one too: > http://www.postfix.org/postconf.5.html#smtpd_enforce_tls > > smtpd_enforce_tls = yes > Mandatory TLS: announce STARTTLS support to remote SMTP clients, and > require that clients use TLS encryption. > -- ___ Daniel A. Rodriguez Departamento de Tecnología para la Gestión Escuela Provincial de Educación Técnica N° 1 Posadas - Misiones - Argentina (0376) 443-8578 www.epet1.edu.ar
Unable to receive mail from certain hosts
Currently I'm dealing with some issues when receiving mail from some hosts,
session is disconnected almost inmediately
Jul 26 20:06:41 postoffice postfix/smtpd[9404]: connect from lists.isc.org
[149.20.1.60]
Jul 26 20:17:58 postoffice postfix/smtpd[9616]: disconnect from
lists.isc.org[149.20.1.60] ehlo=1 mail=0/1 rcpt=0/1 data=0/1 rset=0/1
quit=1 commands=2/6
I'm running Postfix Postfix 3.4.14 and this is my postconf -n configuration
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
compatibility_level = 2
default_process_limit = 150
disable_dns_lookups = no
disable_vrfy_command = yes
inet_interfaces = all
inet_protocols = all
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
message_size_limit = 20971520
milter_default_action = accept
milter_protocol = 6
mydestination = localhost
mydomain = dominio.edu.ar
myhostname = correo.$mydomain
mynetworks = 127.0.0.0/8 [:::127.0.0.0]/104 [::1]/128 170.200.4.128/29
myorigin = $myhostname
non_smtpd_milters = $smtpd_milters
policyd-spf_time_limit = 3600
polite_destination_concurrency_limit = 15
polite_destination_rate_delay = 0
polite_destination_recipient_limit = 6
qmgr_message_active_limit = 3
qmgr_message_recipient_limit = 3
readme_directory = no
recipient_delimiter = +
relayhost =
smtp_destination_concurrency_limit = 20
smtp_extra_recipient_limit = 2
smtp_host_lookup = dns
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
smtp_tls_exclude_ciphers = $smtpd_tls_exclude_ciphers
smtp_tls_loglevel = $smtpd_tls_loglevel
smtp_tls_mandatory_ciphers = $smtpd_tls_mandatory_ciphers
smtp_tls_mandatory_exclude_ciphers = $smtpd_tls_mandatory_exclude_ciphers
smtp_tls_mandatory_protocols = $smtpd_tls_mandatory_protocols
smtp_tls_note_starttls_offer = yes
smtp_tls_protocols = $smtpd_tls_protocols
smtp_tls_security_level = may
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP
smtpd_client_restrictions = permit_mynetworks, permit_sasl_authenticated
smtpd_enforce_tls = yes
smtpd_helo_required = yes
smtpd_milters = local:opendkim/opendkim.sock
smtpd_recipient_limit = 5000
smtpd_recipient_restrictions = reject_unknown_sender_domain,
permit_mynetworks, permit_sasl_authenticated, reject_rbl_client
zen.spamhaus.org, reject_rhsbl_reverse_client dbl.spamhaus.org,
reject_rhsbl_helo dbl.spamhaus.org, reject_rhsbl_sender dbl.spamhaus.org,
check_policy_service unix:private/policyd-spf, check_policy_service inet:
127.0.0.1:10023
smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated,
reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous, noplaintext
smtpd_sasl_tls_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_sender_restrictions = reject_unknown_sender_domain
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/apache2/md/domains/
correo.dominio.edu.ar/pubcert.pem
smtpd_tls_ciphers = high
smtpd_tls_dh1024_param_file = /etc/ssl/diffie-hellman/dhparams.pem
smtpd_tls_exclude_ciphers = $smtpd_tls_mandatory_exclude_ciphers
smtpd_tls_key_file = /etc/apache2/md/domains/
correo.dominio.edu.ar/privkey.pem
smtpd_tls_loglevel = 1
smtpd_tls_mandatory_ciphers = high
smtpd_tls_mandatory_exclude_ciphers = MD5, DES, ADH, RC4, PSD, SRP, 3DES,
eNULL, aNULL
smtpd_tls_mandatory_protocols = TLSv1.2, !TLSv1.1, !TLSv1, !SSLv2, !SSLv3
smtpd_tls_protocols = TLSv1.2, !TLSv1.1, !TLSv1, !SSLv2, !SSLv3
smtpd_tls_received_header = yes
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
spamassassin_destination_recipient_limit = 1
tls_disable_workarounds = 0x
tls_preempt_cipherlist = yes
tls_ssl_options = NO_RENEGOTIATION
transport_maps = hash:/etc/postfix/transport
turtle_destination_concurrency_limit = 10
turtle_destination_rate_delay = 1s
turtle_destination_recipient_limit = 4
virtual_alias_maps = mysql:/etc/postfix/mysql/virtual_alias_maps.cf
virtual_gid_maps = static:5000
virtual_mailbox_domains = mysql:/etc/postfix/mysql/virtual_domains_maps.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql/virtual_mailbox_maps.cf
virtual_transport = lmtp:unix:private/dovecot-lmtp
virtual_uid_maps = static:5000
After enabled peer debug found this
Jul 26 21:05:21 estafeta postfix/smtpd[9928]: > lists.isc.org[149.20.1.60]:
530 5.7.0 Must issue a STARTTLS command first
___
Daniel A. Rodriguez
Departamento de Tecnología para la Gestión
Escuela Provincial de Educación Técnica N° 1
Posadas - Misiones - Argentina
(0376) 443-8578
www.epet1.edu.ar
Re: Stucked with "unable to look up host"
El lun., 8 de febrero de 2021 10:20, Matus UHLAR - fantomas < uh...@fantomas.sk> escribió: > On 31.01.21 09:56, Daniel Armando Rodriguez wrote: > >Indeed, it was running chrooted but resolv.conf has the same content > > >=== # postconf -nf > >smtp_tls_protocols = TLSv1.2, !TLSv1.1, !TLSv1, !SSLv2, !SSLv3 > > this is superflous and not a good idea. Many servers support TLS1.0 max. > !SSLv2, !SSLv3 should be enough for now. > > >After adjusting values the recommended way not getting > > > >connect to correo.dominio.com.ar[]:25: Connection timed out > > % host -t any correo.dominio.com.ar > Host correo.dominio.com.ar not found: 3(NXDOMAIN) > > correo.dominio.com.ar does not exist, so you can't send mail there. > It is also reason why it was not resolved. > That's not a real domain >and > > > >Jan 31 09:43:42 domiinio postfix/smtp[13099]: Untrusted TLS connection > >established to alt2.gmail-smtp-in.l.google.com[172.217.218.26]:25: > TLSv1.2 > >with cipher ECDHE-ECDSA-CHACHA20-POLY1305 (256/256 bits) > >Jan 31 09:43:42 dominio postfix/smtp[13099]: E6AA880124FF7: to=< > >u...@gmail.com>, relay=alt2.gmail-smtp-in.l.google.com > [172.217.218.26]:25, > >delay=40220, delays=40215/0/4.5/0, dsn=4.7.5, status=deferred (Server > >certificate not trusted) > > This is caused by your setting: > > >smtp_tls_security_level = verify > > smtp, by default, is plaintext, and encryption is not fully standard, so > you > disable sending mail to part of internet. > You're right, already noted that >
Re: Stucked with "unable to look up host"
Indeed, it was running chrooted but resolv.conf has the same content
=== # postconf -nf
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
compatibility_level = 2
disable_dns_lookups = no
disable_vrfy_command = yes
inet_interfaces = all
inet_protocols = all
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
message_size_limit = 20971520
milter_default_action = accept
milter_protocol = 6
mydestination = localhost
mydomain = dominio.com.ar
myhostname = correo.$mydomain
mynetworks = 127.0.0.0/8 [:::127.0.0.0]/104 [::1]/128
myorigin = $myhostname
non_smtpd_milters = $smtpd_milters
policyd-spf_time_limit = 3600
readme_directory = no
recipient_delimiter = +
relayhost =
smtp_host_lookup = dns
smtp_tls_exclude_ciphers = $smtpd_tls_exclude_ciphers
smtp_tls_loglevel = $smtpd_tls_loglevel
smtp_tls_mandatory_ciphers = $smtpd_tls_mandatory_ciphers
smtp_tls_mandatory_exclude_ciphers = $smtpd_tls_mandatory_exclude_ciphers
smtp_tls_mandatory_protocols = $smtpd_tls_mandatory_protocols
smtp_tls_protocols = TLSv1.2, !TLSv1.1, !TLSv1, !SSLv2, !SSLv3
smtp_tls_security_level = verify
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP
smtpd_client_restrictions = permit_mynetworks, permit_sasl_authenticated
smtpd_enforce_tls = yes
smtpd_helo_required = yes
smtpd_milters = inet:localhost:8891
smtpd_recipient_restrictions = reject_unknown_sender_domain,
permit_mynetworks,
permit_sasl_authenticated, reject_rbl_client zen.spamhaus.org,
reject_rhsbl_reverse_client dbl.spamhaus.org, reject_rhsbl_helo
dbl.spamhaus.org, reject_rhsbl_sender dbl.spamhaus.org,
check_policy_service
unix:private/policyd-spf, check_policy_service inet:127.0.0.1:10023
smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated,
reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous, noplaintext
smtpd_sasl_tls_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_sender_restrictions = reject_unknown_sender_domain
smtpd_tls_auth_only = yes
smtpd_tls_cert_file =
/etc/apache2/md/domains/correo.dominio.com.ar/pubcert.pem
smtpd_tls_ciphers = high
smtpd_tls_exclude_ciphers = $smtpd_tls_mandatory_exclude_ciphers
smtpd_tls_key_file =
/etc/apache2/md/domains/correo.dominio.com.ar/privkey.pem
smtpd_tls_loglevel = 1
smtpd_tls_mandatory_ciphers = high
smtpd_tls_mandatory_exclude_ciphers = MD5, DES, ADH, RC4, PSD, SRP, 3DES,
eNULL,
aNULL
smtpd_tls_mandatory_protocols = TLSv1.2, !TLSv1.1, !TLSv1, !SSLv2, !SSLv3
smtpd_tls_protocols = TLSv1.2, !TLSv1.1, !TLSv1, !SSLv2, !SSLv3
smtpd_tls_received_header = yes
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
spamassassin_destination_recipient_limit = 1
tls_disable_workarounds = 0x
tls_preempt_cipherlist = yes
tls_ssl_options = NO_RENEGOTIATION
virtual_alias_maps = mysql:/etc/postfix/mysql/virtual_alias_maps.cf
virtual_mailbox_domains = mysql:/etc/postfix/mysql/virtual_domains_maps.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql/virtual_mailbox_maps.cf
virtual_transport = lmtp:unix:private/dovecot-lmtp
=== # postconf -Mf
smtp inet n - n - - smtpd
-o smtpd_enforce_tls=yes
-o smtpd_tls_security_level=encrypt
-o tls_preempt_cipherlist=yes
-o content_filter=spamassassin
submission inet n - n - - smtpd
-o syslog_name=postfix/submission
-o smtpd_tls_security_level=encrypt
-o tls_preempt_cipherlist=yes
smtps inet n - y - - smtpd
pickup unix n - y 60 1 pickup
cleanupunix n - y - 0 cleanup
qmgr unix n - n 300 1 qmgr
tlsmgr unix - - y 1000? 1 tlsmgr
rewriteunix - - y - - trivial-rewrite
bounce unix - - y - 0 bounce
defer unix - - y - 0 bounce
trace unix - - y - 0 bounce
verify unix - - y - 1 verify
flush unix n - y 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - n - - smtp
relay unix - - y - - smtp
-o syslog_name=postfix/$service_name
showq unix n - y - - showq
error unix - - y - - error
retry unix - - n - - error
discardunix - - y - - discard
local unix - n n - - local
virtual
Stucked with "unable to look up host"
Messages log this error , relay=none, delay=1.2, delays=0.15/0.01/1/0, dsn=5.3.0, status=bounced (unable to look up host host.domain.com: No address associated with hostname) However, DNS resolution works as expected and has a PTR record associated with it. Any pointers would be greatly appreciated! ___ Daniel A. Rodriguez Departamento de Tecnología para la Gestión Escuela Provincial de Educación Técnica N° 1 Posadas - Misiones - Argentina (0376) 443-8578 www.epet1.edu.ar
Re: spamassassin & bayes
Thanks to all. :-) Best regards El jue, 28 de ene. de 2021 a la(s) 05:34, maciejm (na...@mandzur.pl) escribió: > Hi > Maybe use redis for bayes rules > > On 27.01.2021 23:33, Richard wrote: > > > >> Date: Wednesday, January 27, 2021 19:17:48 -0300 > >> From: Daniel Armando Rodriguez > >> > >> Hi > >> > >> Suddenly I'm facing tons of this messages > >> > >> ... bayes: cannot open bayes databases > >> /home/spamd/.spamassassin/bayes_* R/W: lock failed: File exists > >> > >> A 'solution' found on the web says disable bayes, reload SA, delete > >> such files and enable bayes again. > >> > >> Increased values in > >> > >> default_process_limit > >> > >> smtpd_recipient_limit > >> > >> qmgr_message_active_limit > >> qmgr_message_recipient_limit > >> > >> Add > >> > >> disable_dns_lookups = yes > >> > >> However messages got delivered only if I disable bayes, after a > >> while > >> > > This issue has been a discussion thread on the spamassassin mailing > > list of late. You may want to look at that mailing list's archive: > > > > <https://mail-archives.apache.org/mod_mbox/spamassassin-users/> > > > > to see if that helps. You may also want to take your question there > > where it's more relevant (not that people on this list can't help > > too). > > > > > > -- ___ Daniel A. Rodriguez Departamento de Tecnología para la Gestión Escuela Provincial de Educación Técnica N° 1 Posadas - Misiones - Argentina (0376) 443-8578 www.epet1.edu.ar
spamassassin & bayes
Hi Suddenly I'm facing tons of this messages ... bayes: cannot open bayes databases /home/spamd/.spamassassin/bayes_* R/W: lock failed: File exists A 'solution' found on the web says disable bayes, reload SA, delete such files and enable bayes again. Increased values in default_process_limit smtpd_recipient_limit qmgr_message_active_limit qmgr_message_recipient_limit Add disable_dns_lookups = yes However messages got delivered only if I disable bayes, after a while ___ Daniel A. Rodriguez Departamento de Tecnología para la Gestión Escuela Provincial de Educación Técnica N° 1 Posadas - Misiones - Argentina (0376) 443-8578 www.epet1.edu.ar
Re: 451 4.3.5 Server configuration error
>> They are, look like this in main.cf >> >> # OpenDKIM >> milter_default_action = accept >> milter_protocol = 6 >> smtpd_milters = local:/opendkim/opendkim.sock >> non_smtpd_milters = $smtpd_milters > > Each parameter definition must start in the *first* > column of its text line. See > > http://www.postfix.org/postconf.5.html > > The general format of the main.cf file is as follows: > > • Each logical line is in the form "parameter = value". > Whitespace around the "=" is ignored, as is whitespace > at the end of a logical line. > > • Empty lines and whitespace-only lines are ignored, as are > lines whose first non-whitespace character is a `#'. > > • A logical line starts with non-whitespace text. A line > that starts with whitespace continues a logical line. That was it, should read first! Thank you guys ___ Daniel A. Rodriguez Departamento de Tecnología para la Gestión Escuela Provincial de Educación Técnica N° 1 Posadas - Misiones - Argentina (0376) 443-8578 www.epet1.edu.ar
Re: 451 4.3.5 Server configuration error
2017-08-30 10:16 GMT-03:00 Christian Kivalo :
>
>
> On 2017-08-30 15:07, Daniel Armando Rodriguez wrote:
>>>
>>> On 2017-08-30 14:51, Daniel Armando Rodriguez wrote:
>>>>
>>>>
>>>> Hi, I'm getting such message logged after the warning: unknown smtpd
>>>> restriction: "milter_default_action"
>>>
>>>
>>> Note that options in master.cf are without spaces around the "=".
>>
>>
>> yep
>>
>>>> All incoming mail is rejected.
>>>>
>>>> What I'm trying to achieve is to get dkim validation working,
>>>> following this guide
>>>> https://wiki.debian.org/opendkim
>>>
>>>
>>> It helps to show your configuration.
>>>
>>> See http://www.postfix.org/DEBUG_README.html#mail
>>>
>>> Send the output of
>>> postconf -n
>>
>>
>> # postconf -n
>> alias_database = hash:/etc/aliases
>> alias_maps = hash:/etc/aliases
>> append_dot_mydomain = no
>> biff = no
>> config_directory = /etc/postfix
>> home_mailbox = Maildir/
>> html_directory = /usr/share/doc/postfix/html
>> inet_interfaces = all
>> mailbox_command =
>> mailbox_size_limit = 0
>> mydestination = localhost
>> mydomain = unau.edu.ar
>> myhostname = correo.$mydomain
>> mynetworks = 127.0.0.0/8 [:::127.0.0.0]/104 [::1]/128,
>> 170.210.45.128/29
>> myorigin = $myhostname
>> policyd-spf_time_limit = 3600
>> readme_directory = /usr/share/doc/postfix
>> recipient_delimiter = +
>> relayhost =
>> smtp_tls_security_level = may
>> smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
>> smtpd_banner = $myhostname ESMTP $mail_name
>> smtpd_recipient_restrictions = permit_mynetworks,
>> permit_sasl_authenticated, reject_unauth_destination,
>> check_policy_service unix:private/policyd-spf milter_default_action =
>
>^^
> Maybe just your mailclient, but you seem to be missing newlines here.
>
>> accept milter_protocol = 6 smtpd_milters =
>> local:/opendkim/opendkim.sock non_smtpd_milters = $smtpd_milters
>
> All these milter_* options should be on their own line.
They are, look like this in main.cf
# OpenDKIM
milter_default_action = accept
milter_protocol = 6
smtpd_milters = local:/opendkim/opendkim.sock
non_smtpd_milters = $smtpd_milters
___
Daniel A. Rodriguez
Departamento de Tecnología para la Gestión
Escuela Provincial de Educación Técnica N° 1
Posadas - Misiones - Argentina
(0376) 443-8578
www.epet1.edu.ar
Re: 451 4.3.5 Server configuration error
> On 2017-08-30 14:51, Daniel Armando Rodriguez wrote:
>>
>> Hi, I'm getting such message logged after the warning: unknown smtpd
>> restriction: "milter_default_action"
>
> Note that options in master.cf are without spaces around the "=".
yep
>> All incoming mail is rejected.
>>
>> What I'm trying to achieve is to get dkim validation working,
>> following this guide
>> https://wiki.debian.org/opendkim
>
> It helps to show your configuration.
>
> See http://www.postfix.org/DEBUG_README.html#mail
>
> Send the output of
> postconf -n
# postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
config_directory = /etc/postfix
home_mailbox = Maildir/
html_directory = /usr/share/doc/postfix/html
inet_interfaces = all
mailbox_command =
mailbox_size_limit = 0
mydestination = localhost
mydomain = unau.edu.ar
myhostname = correo.$mydomain
mynetworks = 127.0.0.0/8 [:::127.0.0.0]/104 [::1]/128, 170.210.45.128/29
myorigin = $myhostname
policyd-spf_time_limit = 3600
readme_directory = /usr/share/doc/postfix
recipient_delimiter = +
relayhost =
smtp_tls_security_level = may
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name
smtpd_recipient_restrictions = permit_mynetworks,
permit_sasl_authenticated, reject_unauth_destination,
check_policy_service unix:private/policyd-spf milter_default_action =
accept milter_protocol = 6 smtpd_milters =
local:/opendkim/opendkim.sock non_smtpd_milters = $smtpd_milters
smtpd_relay_restrictions = permit_mynetworks,
permit_sasl_authenticated, reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_path = private/auth
smtpd_sasl_type = dovecot
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/letsencrypt/live/unau.edu.ar/fullchain.pem
smtpd_tls_key_file = /etc/letsencrypt/live/unau.edu.ar/privkey.pem
smtpd_tls_protocols = !SSLv2, !SSLv3
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
virtual_alias_maps = hash:/etc/postfix/virtual_aliases
virtual_mailbox_domains = $mydomain
virtual_transport = lmtp:unix:private/dovecot-lmtp
> postconf -Mf
postconf -Mf
smtp inet n - - - - smtpd
-o content_filter=spamassassin
submission inet n - - - - smtpd
-o syslog_name=postfix/submission
-o smtpd_tls_security_level=encrypt
-o syslog_name=postfix/submission
-o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
-o milter_macro_daemon_name=ORIGINATING
-o content_filter=spamassassin
smtps inet n - - - - smtpd
-o syslog_name=postfix/smtps
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
-o milter_macro_daemon_name=ORIGINATING
-o content_filter=spamassassin
pickup unix n - - 60 1 pickup
cleanupunix n - - - 0 cleanup
qmgr unix n - n 300 1 qmgr
tlsmgr unix - - - 1000? 1 tlsmgr
rewriteunix - - - - - trivial-rewrite
bounce unix - - - - 0 bounce
defer unix - - - - 0 bounce
trace unix - - - - 0 bounce
verify unix - - - - 1 verify
flush unix n - - 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - - - - smtp
relay unix - - - - - smtp
showq unix n - - - - showq
error unix - - - - - error
retry unix - - - - - error
discardunix - - - - - discard
local unix - n n - - local
virtualunix - n n - - virtual
lmtp unix - - - - - lmtp
anvil unix - - - - 1 anvil
scache unix - - - - 1 scache
maildrop unix - n n - - pipe flags=DRhu
user=vmail argv=/usr/bin/maildrop -d ${recipient}
uucp unix - n n - - pipe flags=Fqhu
user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail unix - n n - -
451 4.3.5 Server configuration error
Hi, I'm getting such message logged after the warning: unknown smtpd restriction: "milter_default_action" All incoming mail is rejected. What I'm trying to achieve is to get dkim validation working, following this guide https://wiki.debian.org/opendkim regards in advance
