Re: discarding EHLO keywords: CHUNKING
Thank you Victor & Simon. I hope this will help others who see this log entry as a result of "yum update" on RHEL. Best, Greg www.RayStedman.org Blessings, Greg www.RayStedman.org On Sun, May 23, 2021 at 4:23 PM Simon Wilson wrote: > > https://bugzilla.redhat.com/show_bug.cgi?id=1688389 > > > > Sorry for mobile client top post. > > RH have just jumped version of postfix to 3.5.8. Whilst this is a > welcome step, they have chosen to set some postfix configuration items > to non-standard to work around "incompatibilities". There is a > Bugzilla with the info, I'll see if I can find it again. > > One of them is to set CHUNKING off by default, so unless you are > already explicitly setting smtpd_discard_ehlo_keywords in your config > the new default will be applied. > > Simon Wilson > M: 0400 121 116 > > > From: Viktor Dukhovni > Sent: Monday, 24 May 2021 7:51 am > To: postfix-users@postfix.org > Subject: Re: discarding EHLO keywords: CHUNKING > > > On Sun, May 23, 2021 at 02:16:24PM -0700, Greg Sims wrote: > > > >> # postconf | grep chunking > >> smtpd_discard_ehlo_keywords = chunking > >> > >> # journalctl -u postfix | grep CHUNKING > >> May 23 03:40:59 mail01.raystedman.org postfix/smtpd[401681]: > >> discarding EHLO keywords: CHUNKING > >> <> > > > > That means that you're spawning a new smtpd(8) process roughly once an > > hour, with connections otherwise handled by an existing process, which > > already logged the disabled ESMTP feature with the first connection it > > handled. > > > >> We are running the latest version of RHEL 8. I believe a number of us > >> will be seeing this entry in our logs. What are the negative side > >> effects beyond the log entries? > > > > There are no negative side-effects, but the logs record that you've > > chosen to disable a default ESMTP feature, presumably as a work-around > > for some issue. Once the issue is no longer pertinent, you can turn the > > workaround off. > > > >> Is "smtpd_discard_ehlo_keywords = chunking, silent-discard" the > >> recommended solution? > > > > Well, the recommended solution is to not disable CHUNKING, but if > > you must disable it for some reason, you get to choose whether to > > be reminded of this in your logs, or not. > > > > -- > > Viktor. > > > >
Re: discarding EHLO keywords: CHUNKING
https://bugzilla.redhat.com/show_bug.cgi?id=1688389 Sorry for mobile client top post. RH have just jumped version of postfix to 3.5.8. Whilst this is a welcome step, they have chosen to set some postfix configuration items to non-standard to work around "incompatibilities". There is a Bugzilla with the info, I'll see if I can find it again. One of them is to set CHUNKING off by default, so unless you are already explicitly setting smtpd_discard_ehlo_keywords in your config the new default will be applied. Simon Wilson M: 0400 121 116 From: Viktor Dukhovni Sent: Monday, 24 May 2021 7:51 am To: postfix-users@postfix.org Subject: Re: discarding EHLO keywords: CHUNKING > On Sun, May 23, 2021 at 02:16:24PM -0700, Greg Sims wrote: > >> # postconf | grep chunking >> smtpd_discard_ehlo_keywords = chunking >> >> # journalctl -u postfix | grep CHUNKING >> May 23 03:40:59 mail01.raystedman.org postfix/smtpd[401681]: >> discarding EHLO keywords: CHUNKING >> <> > > That means that you're spawning a new smtpd(8) process roughly once an > hour, with connections otherwise handled by an existing process, which > already logged the disabled ESMTP feature with the first connection it > handled. > >> We are running the latest version of RHEL 8. I believe a number of us >> will be seeing this entry in our logs. What are the negative side >> effects beyond the log entries? > > There are no negative side-effects, but the logs record that you've > chosen to disable a default ESMTP feature, presumably as a work-around > for some issue. Once the issue is no longer pertinent, you can turn the > workaround off. > >> Is "smtpd_discard_ehlo_keywords = chunking, silent-discard" the >> recommended solution? > > Well, the recommended solution is to not disable CHUNKING, but if > you must disable it for some reason, you get to choose whether to > be reminded of this in your logs, or not. > > -- > Viktor. >
Re: discarding EHLO keywords: CHUNKING
Sorry for mobile client top post. RH have just jumped version of postfix to 3.5.8. Whilst this is a welcome step, they have chosen to set some postfix configuration items to non-standard to work around "incompatibilities". There is a Bugzilla with the info, I'll see if I can find it again. One of them is to set CHUNKING off by default, so unless you are already explicitly setting smtpd_discard_ehlo_keywords in your config the new default will be applied. Simon Wilson M: 0400 121 116 From: Viktor Dukhovni Sent: Monday, 24 May 2021 7:51 am To: postfix-users@postfix.org Subject: Re: discarding EHLO keywords: CHUNKING On Sun, May 23, 2021 at 02:16:24PM -0700, Greg Sims wrote: # postconf | grep chunking smtpd_discard_ehlo_keywords = chunking # journalctl -u postfix | grep CHUNKING May 23 03:40:59 mail01.raystedman.org postfix/smtpd[401681]: discarding EHLO keywords: CHUNKING <> That means that you're spawning a new smtpd(8) process roughly once an hour, with connections otherwise handled by an existing process, which already logged the disabled ESMTP feature with the first connection it handled. We are running the latest version of RHEL 8. I believe a number of us will be seeing this entry in our logs. What are the negative side effects beyond the log entries? There are no negative side-effects, but the logs record that you've chosen to disable a default ESMTP feature, presumably as a work-around for some issue. Once the issue is no longer pertinent, you can turn the workaround off. Is "smtpd_discard_ehlo_keywords = chunking, silent-discard" the recommended solution? Well, the recommended solution is to not disable CHUNKING, but if you must disable it for some reason, you get to choose whether to be reminded of this in your logs, or not. -- Viktor.
Re: discarding EHLO keywords: CHUNKING
On Sun, May 23, 2021 at 02:16:24PM -0700, Greg Sims wrote: > # postconf | grep chunking > smtpd_discard_ehlo_keywords = chunking > > # journalctl -u postfix | grep CHUNKING > May 23 03:40:59 mail01.raystedman.org postfix/smtpd[401681]: discarding EHLO > keywords: CHUNKING > <> That means that you're spawning a new smtpd(8) process roughly once an hour, with connections otherwise handled by an existing process, which already logged the disabled ESMTP feature with the first connection it handled. > We are running the latest version of RHEL 8. I believe a number of us > will be seeing this entry in our logs. What are the negative side > effects beyond the log entries? There are no negative side-effects, but the logs record that you've chosen to disable a default ESMTP feature, presumably as a work-around for some issue. Once the issue is no longer pertinent, you can turn the workaround off. > Is "smtpd_discard_ehlo_keywords = chunking, silent-discard" the > recommended solution? Well, the recommended solution is to not disable CHUNKING, but if you must disable it for some reason, you get to choose whether to be reminded of this in your logs, or not. -- Viktor.
Re: discarding EHLO keywords: CHUNKING
It appears that LoneStarKen said: >Possibly. Since I am unsure why the package maintainer disabled >CHUNKING I am concerned enabling it, we might have a broken >implementation of BDAT or even worse something else breaks. >Since this is a production server, I'm going to err on the >side of caution until I get some clarification from the >package maintainer regarding the decision to disable it. > >In addition, I have been unable to find enough information on >BDAT to feel comfortable I know how it should work and how >to test it in the event we decided to enable it. It's defined in RFC 3030. Read all about it: https://www.rfc-editor.org/info/rfc3030 It happens that I just added CHUNKING and BDAT to an MTA I use (mailfront if you know what that is.) Inbound the code is quite simple and I would be surprised if there were any problems with it. Outbound it's a little trickier since BDAT requires you to know the exact size of the chunk of message you're sending, which means it has to deal with turning \n into \r\n, but again, it's not a big deal. I'm guessing that someone had some problem talking to Gmail or Hotmail/Outlook, the two largest systems that can use BDAT, turned it off to see if that was the problem, and never bothered to turn it back on when it wasn't. To test it, turn it on, send yourself a fairly large message from a Gmail account, and see if you get it. R's, John
Re: discarding EHLO keywords: CHUNKING
On 2021-03-20 15:22, LoneStarKen wrote: In addition, I have been unable to find enough information on BDAT to feel comfortable I know how it should work and how to test it in the event we decided to enable it. thank you for using postfix, its stable code in the first place unless you can show examples of not stable, one could drop postfix if exim or sendmail is more stable, but i have used postfix last 30 years or so, its stable for me at least i am just shooked to see you trust centos more then maintainers of postfix c code
Re: discarding EHLO keywords: CHUNKING
Possibly. Since I am unsure why the package maintainer disabled CHUNKING I am concerned enabling it, we might have a broken implementation of BDAT or even worse something else breaks. Since this is a production server, I'm going to err on the side of caution until I get some clarification from the package maintainer regarding the decision to disable it. In addition, I have been unable to find enough information on BDAT to feel comfortable I know how it should work and how to test it in the event we decided to enable it. > On Mar 20, 2021, at 9:01 AM, Matus UHLAR - fantomas wrote: > > On 20.03.21 08:38, LoneStarKen wrote: >> Thank you for all the help Viktor. Based on your advice, I decided >> the package maintainer probably had some reason to disable >> CHUNKING so I just added the following to main.cf to quiet the >> logging: >> >> smtpd_discard_ehlo_keywords = chunking, silent-discard >> >> I also entered a bug in bugs.centos.org requesting clarification on >> the decision to disable CHUNKING. > > wouldn't is be better to enable chunking by setting it to empty? > > smtpd_discard_ehlo_keywords = > especially when you want to have BDAT working... > -- > Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ > Warning: I wish NOT to receive e-mail advertising to this address. > Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. > Microsoft dick is soft to do no harm
Re: discarding EHLO keywords: CHUNKING
On 20.03.21 08:38, LoneStarKen wrote: Thank you for all the help Viktor. Based on your advice, I decided the package maintainer probably had some reason to disable CHUNKING so I just added the following to main.cf to quiet the logging: smtpd_discard_ehlo_keywords = chunking, silent-discard I also entered a bug in bugs.centos.org requesting clarification on the decision to disable CHUNKING. wouldn't is be better to enable chunking by setting it to empty? smtpd_discard_ehlo_keywords = especially when you want to have BDAT working... -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Microsoft dick is soft to do no harm
Re: discarding EHLO keywords: CHUNKING
Thank you for all the help Viktor. Based on your advice, I decided the package maintainer probably had some reason to disable CHUNKING so I just added the following to main.cf to quiet the logging: smtpd_discard_ehlo_keywords = chunking, silent-discard I also entered a bug in bugs.centos.org requesting clarification on the decision to disable CHUNKING.
Re: discarding EHLO keywords: CHUNKING
On Fri, Mar 19, 2021 at 04:14:30PM -0500, LoneStarKen wrote: > # postconf -d | grep smtpd_discard > smtpd_discard_ehlo_keywords = chunking That's the only value needed. Whoever built your package decided to disable the ESMTP CHUNKING extension (aka BDAT). If you want/need BDAT, you'll need to set that parameter explicitly empty. > # dnf info postfix > Version : 3.5.8 > Source : postfix-3.5.8-1.el8.src.rpm > From repo: baseos Blame the RedHat/Fedora/CentOS Postfix maintainers. > What are the ramifications of "smtpd_discard_ehlo_keywords = chunking" > vs "smtpd_discard_ehlo_keywords = "? The server does not advertise support for CHUNKING and therefore clients cannot use the BDAT command (which is defined as part of the CHUNKING ESMTP extension in RFC3030). > I'm not sure if a module is needed that isn't installed to > implement BDAT or there is some other reason the package manager might > have disabled it. There may have been some early bugs in the Exim client-side implementation of BDAT that motivated someone to do this. I am not aware of any ongoing issues. -- Viktor.
Re: discarding EHLO keywords: CHUNKING
Hi Viktor, # postconf -d | grep smtpd_discard postscreen_discard_ehlo_keyword_address_maps = $smtpd_discard_ehlo_keyword_address_maps postscreen_discard_ehlo_keywords = $smtpd_discard_ehlo_keywords proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $smtpd_sender_login_maps $sender_bcc_maps $recipient_bcc_maps $smtp_generic_maps $lmtp_generic_maps $alias_maps $smtpd_client_restrictions $smtpd_helo_restrictions $smtpd_sender_restrictions $smtpd_relay_restrictions $smtpd_recipient_restrictions $address_verify_sender_dependent_default_transport_maps $address_verify_sender_dependent_relayhost_maps $address_verify_transport_maps $fallback_transport_maps $lmtp_discard_lhlo_keyword_address_maps $lmtp_pix_workaround_maps $lmtp_sasl_password_maps $lmtp_tls_policy_maps $mailbox_command_maps $mailbox_transport_maps $postscreen_discard_ehlo_keyword_address_maps $rbl_reply_maps $sender_dependent_default_transport_maps $sender_dependent_relayhost_maps $smtp_discard_ehlo_keyword_address_maps $smtp_pix_workaround_maps $smtp_sasl_password_maps $smtp_tls_policy_maps $smtpd_discard_ehlo_keyword_address_maps $smtpd_milter_maps $virtual_gid_maps $virtual_uid_maps smtpd_discard_ehlo_keyword_address_maps = smtpd_discard_ehlo_keywords = chunking # dnf info postfix Last metadata expiration check: 1:43:17 ago on Fri 19 Mar 2021 02:06:32 PM CDT. Installed Packages Name : postfix Epoch: 2 Version : 3.5.8 Release : 1.el8 Architecture : x86_64 Size : 4.4 M Source : postfix-3.5.8-1.el8.src.rpm Repository : @System From repo: baseos Summary : Postfix Mail Transport Agent URL : http://www.postfix.org License : (IBM and GPLv2+) or (EPL-2.0 and GPLv2+) Description : Postfix is a Mail Transport Agent (MTA). So I guess it was compiled in the Postfix package. What are the ramifications of "smtpd_discard_ehlo_keywords = chunking" vs "smtpd_discard_ehlo_keywords = "? Is the package manager disabling BDAT by discarding chunking? Sorry, I'm not finding much info on BDAT. I'm not sure if a module is needed that isn't installed to implement BDAT or there is some other reason the package manager might have disabled it. Not sure if we need it or will need it in the future for some reason. Thanks for all your expert help! Ken > On Mar 19, 2021, at 3:34 PM, Viktor Dukhovni > wrote: > > No postscreen(8) has nothing to do with it, it just defaults to whatever > smtpd(8) defaults to. The real issue is that you have (whether as a > compiled in default, or in fact in main.cf) a non-empty setting for: > > smtpd_discard_ehlo_keywords = chunking > > if that's also reported by "postconf -d", then whoever compiled your Postfix > package decided to change the upstream default. If you don't like that choice > you can set an explicit empty value in main.cf and complain to your package > maintainers: > > smtpd_discard_ehlo_keywords = > > -- > Viktor. >
Re: discarding EHLO keywords: CHUNKING
Hi Wietse, I think I just have one postfix master: # ps aux | grep postfix root1693 0.0 0.1 123108 6356 ?Ss 13:31 0:00 /usr/libexec/postfix/master -w postfix 1703 0.0 0.2 150548 11020 ?S13:31 0:00 qmgr -l -t unix -u postfix 4340 0.0 0.3 154824 12300 ?S13:31 0:00 tlsmgr -l -t unix -u postfix 4395 0.0 0.2 150412 10064 ?S13:31 0:00 anvil -l -t unix -u postfix 7795 0.0 0.2 150412 10168 ?S15:11 0:00 pickup -l -t unix -u postfix 7916 0.0 0.2 150424 10428 ?S15:18 0:00 trivial-rewrite -n rewrite -t unix -u postfix 7968 0.0 0.2 123048 9056 ?S15:20 0:00 spawn -z -n policyd-spf -t unix user=policyd-spf argv=/usr/libexec/postfix/policyd-spf postfix 8361 0.0 0.4 160468 15856 ?S15:39 0:00 smtpd -n smtp -t inet -u -o stress= -o smtpd_sasl_auth_enable=no policyd+8388 0.0 0.4 77440 15648 ?Ss 15:40 0:00 /usr/bin/python3.6 -s /usr/libexec/postfix/policyd-spf root8436 0.0 0.0 12136 1124 pts/0S+ 15:43 0:00 grep --color=auto postfix Thanks, Ken > On Mar 19, 2021, at 3:40 PM, Wietse Venema wrote: > > LoneStarKen: >> smtpd_discard_ehlo_keywords = chunking > > Well there is your problem. If you did not configure this, i.e. > "postonf -d smtpd_discard_ehlo_keywords" shows "chunking", then > complain to your vendor. > > Otherwise, how many (Postfix) master daemons are there on your system? > > Wietse
Re: discarding EHLO keywords: CHUNKING
LoneStarKen: > smtpd_discard_ehlo_keywords = chunking Well there is your problem. If you did not configure this, i.e. "postonf -d smtpd_discard_ehlo_keywords" shows "chunking", then complain to your vendor. Otherwise, how many (Postfix) master daemons are there on your system? Wietse
Re: discarding EHLO keywords: CHUNKING
> On Mar 19, 2021, at 3:56 PM, LoneStarKen wrote: > > Maybe so. Here is output from postconf containing "discard_ehlo_keywords": > > # postconf | grep discard_ehlo_keywords > postscreen_discard_ehlo_keywords = $smtpd_discard_ehlo_keywords > smtp_discard_ehlo_keywords = > smtpd_discard_ehlo_keywords = chunking > > Looks like postscreen may somehow be the culprit. Odd that the lines in > main.cf > and master.cf for postscreen are commented out. Maybe it's getting invoked > some > other way? (Full uncommented lines of master.cf in previous response.) No postscreen(8) has nothing to do with it, it just defaults to whatever smtpd(8) defaults to. The real issue is that you have (whether as a compiled in default, or in fact in main.cf) a non-empty setting for: smtpd_discard_ehlo_keywords = chunking if that's also reported by "postconf -d", then whoever compiled your Postfix package decided to change the upstream default. If you don't like that choice you can set an explicit empty value in main.cf and complain to your package maintainers: smtpd_discard_ehlo_keywords = -- Viktor.
Re: discarding EHLO keywords: CHUNKING
Hi Viktor, Maybe so. Here is output from postconf containing "discard_ehlo_keywords": # postconf | grep discard_ehlo_keywords postscreen_discard_ehlo_keywords = $smtpd_discard_ehlo_keywords smtp_discard_ehlo_keywords = smtpd_discard_ehlo_keywords = chunking Looks like postscreen may somehow be the culprit. Odd that the lines in main.cf and master.cf for postscreen are commented out. Maybe it's getting invoked some other way? (Full uncommented lines of master.cf in previous response.) [master.cf snip] smtp inet n - n - - smtpd -o smtpd_sasl_auth_enable=no #smtp inet n - n - 1 postscreen [/snip] [main.cf snip] #postscreen_greet_action = enforce [/snip] Recursive case insensitive grep from /etc/postfix for "keywords" returns nothing. Not sure where I would change the setting (or if I should try to change the setting). We are running postfix.x86_64 2:3.5.8-1.el8 on CentOS Stream release 8. Output from postconf containing postscreen: # postconf | grep postscreen postscreen_access_list = permit_mynetworks postscreen_bare_newline_action = ignore postscreen_bare_newline_enable = no postscreen_bare_newline_ttl = 30d postscreen_blacklist_action = ignore postscreen_cache_cleanup_interval = 12h postscreen_cache_map = btree:$data_directory/postscreen_cache postscreen_cache_retention_time = 7d postscreen_client_connection_count_limit = $smtpd_client_connection_count_limit postscreen_command_count_limit = 20 postscreen_command_filter = postscreen_command_time_limit = ${stress?{10}:{300}}s postscreen_disable_vrfy_command = $disable_vrfy_command postscreen_discard_ehlo_keyword_address_maps = $smtpd_discard_ehlo_keyword_address_maps postscreen_discard_ehlo_keywords = $smtpd_discard_ehlo_keywords postscreen_dnsbl_action = ignore postscreen_dnsbl_max_ttl = ${postscreen_dnsbl_ttl?{$postscreen_dnsbl_ttl}:{1}}h postscreen_dnsbl_min_ttl = 60s postscreen_dnsbl_reply_map = postscreen_dnsbl_sites = postscreen_dnsbl_threshold = 1 postscreen_dnsbl_timeout = 10s postscreen_dnsbl_whitelist_threshold = 0 postscreen_enforce_tls = $smtpd_enforce_tls postscreen_expansion_filter = $smtpd_expansion_filter postscreen_forbidden_commands = $smtpd_forbidden_commands postscreen_greet_action = ignore postscreen_greet_banner = $smtpd_banner postscreen_greet_ttl = 1d postscreen_greet_wait = ${stress?{2}:{6}}s postscreen_helo_required = $smtpd_helo_required postscreen_non_smtp_command_action = drop postscreen_non_smtp_command_enable = no postscreen_non_smtp_command_ttl = 30d postscreen_pipelining_action = enforce postscreen_pipelining_enable = no postscreen_pipelining_ttl = 30d postscreen_post_queue_limit = $default_process_limit postscreen_pre_queue_limit = $default_process_limit postscreen_reject_footer = $smtpd_reject_footer postscreen_reject_footer_maps = $smtpd_reject_footer_maps postscreen_tls_security_level = $smtpd_tls_security_level postscreen_upstream_proxy_protocol = postscreen_upstream_proxy_timeout = 5s postscreen_use_tls = $smtpd_use_tls postscreen_watchdog_timeout = 10s postscreen_whitelist_interfaces = static:all proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $smtpd_sender_login_maps $sender_bcc_maps $recipient_bcc_maps $smtp_generic_maps $lmtp_generic_maps $alias_maps $smtpd_client_restrictions $smtpd_helo_restrictions $smtpd_sender_restrictions $smtpd_relay_restrictions $smtpd_recipient_restrictions $address_verify_sender_dependent_default_transport_maps $address_verify_sender_dependent_relayhost_maps $address_verify_transport_maps $fallback_transport_maps $lmtp_discard_lhlo_keyword_address_maps $lmtp_pix_workaround_maps $lmtp_sasl_password_maps $lmtp_tls_policy_maps $mailbox_command_maps $mailbox_transport_maps $postscreen_discard_ehlo_keyword_address_maps $rbl_reply_maps $sender_dependent_default_transport_maps $sender_dependent_relayhost_maps $smtp_discard_ehlo_keyword_address_maps $smtp_pix_workaround_maps $smtp_sasl_password_maps $smtp_tls_policy_maps $smtpd_discard_ehlo_keyword_address_maps $smtpd_milter_maps $virtual_gid_maps $virtual_uid_maps proxy_write_maps = $smtp_sasl_auth_cache_name $lmtp_sasl_auth_cache_name $address_verify_map $postscreen_cache_map Recommendations? I don't understand how postscreen is configured or invoked and I'm still fuzzy on the ramifications of what the log entry is telling me. Learning a bunch here! Thanks for your help! Ken > On Mar 19, 2021, at 2:23 PM, Viktor Dukhovni > wrote: > > On Fri, Mar 19, 2021 at 01:48:53PM -0500, LoneStarKen wrote: > >> Thank you for the response. Those entries don't seem to exist in my main.cf >> or master.cf. >> >> I grepped (case insensitive) main.cf for ehlo, keywords, and discard and >> none of t
Re: discarding EHLO keywords: CHUNKING
On Fri, Mar 19, 2021 at 01:48:53PM -0500, LoneStarKen wrote: > Thank you for the response. Those entries don't seem to exist in my main.cf > or master.cf. > > I grepped (case insensitive) main.cf for ehlo, keywords, and discard and none > of those words exist. Are you running a modified Postfix with a non-empty default value of $smtpd_discard_ehlo_keywords? Check the output of "postconf" rather than "postconf -n". -- Viktor.
Re: discarding EHLO keywords: CHUNKING
Hi Wietse, Thank you for the response. Those entries don't seem to exist in my main.cf or master.cf. I grepped (case insensitive) main.cf for ehlo, keywords, and discard and none of those words exist. The master.cf has a discard in the section "-o syslog_name=postfix/$service_name" though it isn't the phrase you mentioned. I also note that the file timestamp is today (the date I ran the update). The contents of master.cf is below: smtp inet n - n - - smtpd -o smtpd_sasl_auth_enable=no submission inet n - n - - smtpd -o syslog_name=postfix/submission -o smtpd_etrn_restrictions=reject -o smtpd_tls_security_level=encrypt -o smtpd_tls_auth_only=yes -o smtpd_client_restrictions=permit_mynetworks,permit_sasl_authenticated,reject -o smtpd_helo_restrictions=permit_mynetworks,permit -o milter_macro_daemon_name=ORIGINATING -o smtpd_sasl_type=dovecot -o smtpd_sasl_path=private/auth smtps inet n - n - - smtpd -o syslog_name=postfix/smtps -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_relay_restrictions=permit_mynetworks,permit_sasl_authenticated,reject -o milter_macro_daemon_name=ORIGINATING -o smtpd_sasl_type=dovecot -o smtpd_sasl_path=private/auth pickupunix n - n 60 1 pickup cleanup unix n - n - 0 cleanup qmgr unix n - n 300 1 qmgr tlsmgrunix - - n 1000? 1 tlsmgr rewrite unix - - n - - trivial-rewrite bounceunix - - n - 0 bounce defer unix - - n - 0 bounce trace unix - - n - 0 bounce verifyunix - - n - 1 verify flush unix n - n 1000? 0 flush proxymap unix - - n - - proxymap proxywrite unix - - n - 1 proxymap smtp unix - - n - - smtp relay unix - - n - - smtp -o syslog_name=postfix/$service_name showq unix n - n - - showq error unix - - n - - error retry unix - - n - - error discard unix - - n - - discard local unix - n n - - local virtual unix - n n - - virtual lmtp unix - - n - - lmtp anvil unix - - n - 1 anvil scacheunix - - n - 1 scache dovecot unix - n n - - pipe flags=DRhu user=vmail:vmail argv=/usr/libexec/dovecot/deliver -f ${sender} -d ${recipient} policyd-spf unix - n n - 0 spawn user=policyd-spf argv=/usr/libexec/postfix/policyd-spf postlog unix-dgram n - n - 1 postlogd Thanks again for your help! Ken > On Mar 19, 2021, at 1:01 PM, Wietse Venema wrote: > > LoneStarKen: >> After updating from postfix.x86_64 2:3.3.1-12.el to postfix.x86_64 >> 2:3.5.8-1.el8 I'm getting frequent log entries >> >> Mar 19 10:51:58 mail postfix/smtpd[XX]: discarding EHLO keywords: >> CHUNKING > > You have one or both of > >smtpd_discard_ehlo_keyword_address_maps >smtpd_discard_ehlo_keywords > > in main.cf or master.cf. > > Wietse
Re: discarding EHLO keywords: CHUNKING
On Fri, Mar 19, 2021 at 11:02:09AM -0500, LoneStarKen wrote: > Mar 19 10:51:58 mail postfix/smtpd[XX]: discarding EHLO keywords: CHUNKING Presumably you have a non-default setting of smtp_discard_ehlo_keywords possibly via master.cf overrides? -- Viktor.
Re: discarding EHLO keywords: CHUNKING
LoneStarKen: > After updating from postfix.x86_64 2:3.3.1-12.el to postfix.x86_64 > 2:3.5.8-1.el8 I'm getting frequent log entries > > Mar 19 10:51:58 mail postfix/smtpd[XX]: discarding EHLO keywords: CHUNKING You have one or both of smtpd_discard_ehlo_keyword_address_maps smtpd_discard_ehlo_keywords in main.cf or master.cf. Wietse