Re: discarding EHLO keywords: CHUNKING
Thank you Victor & Simon. I hope this will help others who see this log entry as a result of "yum update" on RHEL. Best, Greg www.RayStedman.org Blessings, Greg www.RayStedman.org On Sun, May 23, 2021 at 4:23 PM Simon Wilson wrote: > > https://bugzilla.redhat.com/show_bug.cgi?id=1688389 > > > > Sorry for mobile client top post. > > RH have just jumped version of postfix to 3.5.8. Whilst this is a > welcome step, they have chosen to set some postfix configuration items > to non-standard to work around "incompatibilities". There is a > Bugzilla with the info, I'll see if I can find it again. > > One of them is to set CHUNKING off by default, so unless you are > already explicitly setting smtpd_discard_ehlo_keywords in your config > the new default will be applied. > > Simon Wilson > M: 0400 121 116 > > > From: Viktor Dukhovni > Sent: Monday, 24 May 2021 7:51 am > To: postfix-users@postfix.org > Subject: Re: discarding EHLO keywords: CHUNKING > > > On Sun, May 23, 2021 at 02:16:24PM -0700, Greg Sims wrote: > > > >> # postconf | grep chunking > >> smtpd_discard_ehlo_keywords = chunking > >> > >> # journalctl -u postfix | grep CHUNKING > >> May 23 03:40:59 mail01.raystedman.org postfix/smtpd[401681]: > >> discarding EHLO keywords: CHUNKING > >> <> > > > > That means that you're spawning a new smtpd(8) process roughly once an > > hour, with connections otherwise handled by an existing process, which > > already logged the disabled ESMTP feature with the first connection it > > handled. > > > >> We are running the latest version of RHEL 8. I believe a number of us > >> will be seeing this entry in our logs. What are the negative side > >> effects beyond the log entries? > > > > There are no negative side-effects, but the logs record that you've > > chosen to disable a default ESMTP feature, presumably as a work-around > > for some issue. Once the issue is no longer pertinent, you can turn the > > workaround off. > > > >> Is "smtpd_discard_ehlo_keywords = chunking, silent-discard" the > >> recommended solution? > > > > Well, the recommended solution is to not disable CHUNKING, but if > > you must disable it for some reason, you get to choose whether to > > be reminded of this in your logs, or not. > > > > -- > > Viktor. > > > >
Re: discarding EHLO keywords: CHUNKING
https://bugzilla.redhat.com/show_bug.cgi?id=1688389 Sorry for mobile client top post. RH have just jumped version of postfix to 3.5.8. Whilst this is a welcome step, they have chosen to set some postfix configuration items to non-standard to work around "incompatibilities". There is a Bugzilla with the info, I'll see if I can find it again. One of them is to set CHUNKING off by default, so unless you are already explicitly setting smtpd_discard_ehlo_keywords in your config the new default will be applied. Simon Wilson M: 0400 121 116 From: Viktor Dukhovni Sent: Monday, 24 May 2021 7:51 am To: postfix-users@postfix.org Subject: Re: discarding EHLO keywords: CHUNKING > On Sun, May 23, 2021 at 02:16:24PM -0700, Greg Sims wrote: > >> # postconf | grep chunking >> smtpd_discard_ehlo_keywords = chunking >> >> # journalctl -u postfix | grep CHUNKING >> May 23 03:40:59 mail01.raystedman.org postfix/smtpd[401681]: >> discarding EHLO keywords: CHUNKING >> <> > > That means that you're spawning a new smtpd(8) process roughly once an > hour, with connections otherwise handled by an existing process, which > already logged the disabled ESMTP feature with the first connection it > handled. > >> We are running the latest version of RHEL 8. I believe a number of us >> will be seeing this entry in our logs. What are the negative side >> effects beyond the log entries? > > There are no negative side-effects, but the logs record that you've > chosen to disable a default ESMTP feature, presumably as a work-around > for some issue. Once the issue is no longer pertinent, you can turn the > workaround off. > >> Is "smtpd_discard_ehlo_keywords = chunking, silent-discard" the >> recommended solution? > > Well, the recommended solution is to not disable CHUNKING, but if > you must disable it for some reason, you get to choose whether to > be reminded of this in your logs, or not. > > -- > Viktor. >
Re: discarding EHLO keywords: CHUNKING
Sorry for mobile client top post. RH have just jumped version of postfix to 3.5.8. Whilst this is a welcome step, they have chosen to set some postfix configuration items to non-standard to work around "incompatibilities". There is a Bugzilla with the info, I'll see if I can find it again. One of them is to set CHUNKING off by default, so unless you are already explicitly setting smtpd_discard_ehlo_keywords in your config the new default will be applied. Simon Wilson M: 0400 121 116 From: Viktor Dukhovni Sent: Monday, 24 May 2021 7:51 am To: postfix-users@postfix.org Subject: Re: discarding EHLO keywords: CHUNKING On Sun, May 23, 2021 at 02:16:24PM -0700, Greg Sims wrote: # postconf | grep chunking smtpd_discard_ehlo_keywords = chunking # journalctl -u postfix | grep CHUNKING May 23 03:40:59 mail01.raystedman.org postfix/smtpd[401681]: discarding EHLO keywords: CHUNKING <> That means that you're spawning a new smtpd(8) process roughly once an hour, with connections otherwise handled by an existing process, which already logged the disabled ESMTP feature with the first connection it handled. We are running the latest version of RHEL 8. I believe a number of us will be seeing this entry in our logs. What are the negative side effects beyond the log entries? There are no negative side-effects, but the logs record that you've chosen to disable a default ESMTP feature, presumably as a work-around for some issue. Once the issue is no longer pertinent, you can turn the workaround off. Is "smtpd_discard_ehlo_keywords = chunking, silent-discard" the recommended solution? Well, the recommended solution is to not disable CHUNKING, but if you must disable it for some reason, you get to choose whether to be reminded of this in your logs, or not. -- Viktor.
Re: discarding EHLO keywords: CHUNKING
On Sun, May 23, 2021 at 02:16:24PM -0700, Greg Sims wrote: > # postconf | grep chunking > smtpd_discard_ehlo_keywords = chunking > > # journalctl -u postfix | grep CHUNKING > May 23 03:40:59 mail01.raystedman.org postfix/smtpd[401681]: discarding EHLO > keywords: CHUNKING > <> That means that you're spawning a new smtpd(8) process roughly once an hour, with connections otherwise handled by an existing process, which already logged the disabled ESMTP feature with the first connection it handled. > We are running the latest version of RHEL 8. I believe a number of us > will be seeing this entry in our logs. What are the negative side > effects beyond the log entries? There are no negative side-effects, but the logs record that you've chosen to disable a default ESMTP feature, presumably as a work-around for some issue. Once the issue is no longer pertinent, you can turn the workaround off. > Is "smtpd_discard_ehlo_keywords = chunking, silent-discard" the > recommended solution? Well, the recommended solution is to not disable CHUNKING, but if you must disable it for some reason, you get to choose whether to be reminded of this in your logs, or not. -- Viktor.
Re: discarding EHLO keywords: CHUNKING
It appears that LoneStarKen said: >Possibly. Since I am unsure why the package maintainer disabled >CHUNKING I am concerned enabling it, we might have a broken >implementation of BDAT or even worse something else breaks. >Since this is a production server, I'm going to err on the >side of caution until I get some clarification from the >package maintainer regarding the decision to disable it. > >In addition, I have been unable to find enough information on >BDAT to feel comfortable I know how it should work and how >to test it in the event we decided to enable it. It's defined in RFC 3030. Read all about it: https://www.rfc-editor.org/info/rfc3030 It happens that I just added CHUNKING and BDAT to an MTA I use (mailfront if you know what that is.) Inbound the code is quite simple and I would be surprised if there were any problems with it. Outbound it's a little trickier since BDAT requires you to know the exact size of the chunk of message you're sending, which means it has to deal with turning \n into \r\n, but again, it's not a big deal. I'm guessing that someone had some problem talking to Gmail or Hotmail/Outlook, the two largest systems that can use BDAT, turned it off to see if that was the problem, and never bothered to turn it back on when it wasn't. To test it, turn it on, send yourself a fairly large message from a Gmail account, and see if you get it. R's, John
Re: discarding EHLO keywords: CHUNKING
On 2021-03-20 15:22, LoneStarKen wrote: In addition, I have been unable to find enough information on BDAT to feel comfortable I know how it should work and how to test it in the event we decided to enable it. thank you for using postfix, its stable code in the first place unless you can show examples of not stable, one could drop postfix if exim or sendmail is more stable, but i have used postfix last 30 years or so, its stable for me at least i am just shooked to see you trust centos more then maintainers of postfix c code
Re: discarding EHLO keywords: CHUNKING
Possibly. Since I am unsure why the package maintainer disabled CHUNKING I am concerned enabling it, we might have a broken implementation of BDAT or even worse something else breaks. Since this is a production server, I'm going to err on the side of caution until I get some clarification from the package maintainer regarding the decision to disable it. In addition, I have been unable to find enough information on BDAT to feel comfortable I know how it should work and how to test it in the event we decided to enable it. > On Mar 20, 2021, at 9:01 AM, Matus UHLAR - fantomas wrote: > > On 20.03.21 08:38, LoneStarKen wrote: >> Thank you for all the help Viktor. Based on your advice, I decided >> the package maintainer probably had some reason to disable >> CHUNKING so I just added the following to main.cf to quiet the >> logging: >> >> smtpd_discard_ehlo_keywords = chunking, silent-discard >> >> I also entered a bug in bugs.centos.org requesting clarification on >> the decision to disable CHUNKING. > > wouldn't is be better to enable chunking by setting it to empty? > > smtpd_discard_ehlo_keywords = > especially when you want to have BDAT working... > -- > Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ > Warning: I wish NOT to receive e-mail advertising to this address. > Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. > Microsoft dick is soft to do no harm
Re: discarding EHLO keywords: CHUNKING
On 20.03.21 08:38, LoneStarKen wrote: Thank you for all the help Viktor. Based on your advice, I decided the package maintainer probably had some reason to disable CHUNKING so I just added the following to main.cf to quiet the logging: smtpd_discard_ehlo_keywords = chunking, silent-discard I also entered a bug in bugs.centos.org requesting clarification on the decision to disable CHUNKING. wouldn't is be better to enable chunking by setting it to empty? smtpd_discard_ehlo_keywords = especially when you want to have BDAT working... -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Microsoft dick is soft to do no harm
Re: discarding EHLO keywords: CHUNKING
Thank you for all the help Viktor. Based on your advice, I decided the package maintainer probably had some reason to disable CHUNKING so I just added the following to main.cf to quiet the logging: smtpd_discard_ehlo_keywords = chunking, silent-discard I also entered a bug in bugs.centos.org requesting clarification on the decision to disable CHUNKING.
Re: discarding EHLO keywords: CHUNKING
On Fri, Mar 19, 2021 at 04:14:30PM -0500, LoneStarKen wrote: > # postconf -d | grep smtpd_discard > smtpd_discard_ehlo_keywords = chunking That's the only value needed. Whoever built your package decided to disable the ESMTP CHUNKING extension (aka BDAT). If you want/need BDAT, you'll need to set that parameter explicitly empty. > # dnf info postfix > Version : 3.5.8 > Source : postfix-3.5.8-1.el8.src.rpm > From repo: baseos Blame the RedHat/Fedora/CentOS Postfix maintainers. > What are the ramifications of "smtpd_discard_ehlo_keywords = chunking" > vs "smtpd_discard_ehlo_keywords = "? The server does not advertise support for CHUNKING and therefore clients cannot use the BDAT command (which is defined as part of the CHUNKING ESMTP extension in RFC3030). > I'm not sure if a module is needed that isn't installed to > implement BDAT or there is some other reason the package manager might > have disabled it. There may have been some early bugs in the Exim client-side implementation of BDAT that motivated someone to do this. I am not aware of any ongoing issues. -- Viktor.
Re: discarding EHLO keywords: CHUNKING
Hi Viktor, # postconf -d | grep smtpd_discard postscreen_discard_ehlo_keyword_address_maps = $smtpd_discard_ehlo_keyword_address_maps postscreen_discard_ehlo_keywords = $smtpd_discard_ehlo_keywords proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $smtpd_sender_login_maps $sender_bcc_maps $recipient_bcc_maps $smtp_generic_maps $lmtp_generic_maps $alias_maps $smtpd_client_restrictions $smtpd_helo_restrictions $smtpd_sender_restrictions $smtpd_relay_restrictions $smtpd_recipient_restrictions $address_verify_sender_dependent_default_transport_maps $address_verify_sender_dependent_relayhost_maps $address_verify_transport_maps $fallback_transport_maps $lmtp_discard_lhlo_keyword_address_maps $lmtp_pix_workaround_maps $lmtp_sasl_password_maps $lmtp_tls_policy_maps $mailbox_command_maps $mailbox_transport_maps $postscreen_discard_ehlo_keyword_address_maps $rbl_reply_maps $sender_dependent_default_transport_maps $sender_dependent_relayhost_maps $smtp_discard_ehlo_keyword_address_maps $smtp_pix_workaround_maps $smtp_sasl_password_maps $smtp_tls_policy_maps $smtpd_discard_ehlo_keyword_address_maps $smtpd_milter_maps $virtual_gid_maps $virtual_uid_maps smtpd_discard_ehlo_keyword_address_maps = smtpd_discard_ehlo_keywords = chunking # dnf info postfix Last metadata expiration check: 1:43:17 ago on Fri 19 Mar 2021 02:06:32 PM CDT. Installed Packages Name : postfix Epoch: 2 Version : 3.5.8 Release : 1.el8 Architecture : x86_64 Size : 4.4 M Source : postfix-3.5.8-1.el8.src.rpm Repository : @System From repo: baseos Summary : Postfix Mail Transport Agent URL : http://www.postfix.org License : (IBM and GPLv2+) or (EPL-2.0 and GPLv2+) Description : Postfix is a Mail Transport Agent (MTA). So I guess it was compiled in the Postfix package. What are the ramifications of "smtpd_discard_ehlo_keywords = chunking" vs "smtpd_discard_ehlo_keywords = "? Is the package manager disabling BDAT by discarding chunking? Sorry, I'm not finding much info on BDAT. I'm not sure if a module is needed that isn't installed to implement BDAT or there is some other reason the package manager might have disabled it. Not sure if we need it or will need it in the future for some reason. Thanks for all your expert help! Ken > On Mar 19, 2021, at 3:34 PM, Viktor Dukhovni > wrote: > > No postscreen(8) has nothing to do with it, it just defaults to whatever > smtpd(8) defaults to. The real issue is that you have (whether as a > compiled in default, or in fact in main.cf) a non-empty setting for: > > smtpd_discard_ehlo_keywords = chunking > > if that's also reported by "postconf -d", then whoever compiled your Postfix > package decided to change the upstream default. If you don't like that choice > you can set an explicit empty value in main.cf and complain to your package > maintainers: > > smtpd_discard_ehlo_keywords = > > -- > Viktor. >
Re: discarding EHLO keywords: CHUNKING
Hi Wietse, I think I just have one postfix master: # ps aux | grep postfix root1693 0.0 0.1 123108 6356 ?Ss 13:31 0:00 /usr/libexec/postfix/master -w postfix 1703 0.0 0.2 150548 11020 ?S13:31 0:00 qmgr -l -t unix -u postfix 4340 0.0 0.3 154824 12300 ?S13:31 0:00 tlsmgr -l -t unix -u postfix 4395 0.0 0.2 150412 10064 ?S13:31 0:00 anvil -l -t unix -u postfix 7795 0.0 0.2 150412 10168 ?S15:11 0:00 pickup -l -t unix -u postfix 7916 0.0 0.2 150424 10428 ?S15:18 0:00 trivial-rewrite -n rewrite -t unix -u postfix 7968 0.0 0.2 123048 9056 ?S15:20 0:00 spawn -z -n policyd-spf -t unix user=policyd-spf argv=/usr/libexec/postfix/policyd-spf postfix 8361 0.0 0.4 160468 15856 ?S15:39 0:00 smtpd -n smtp -t inet -u -o stress= -o smtpd_sasl_auth_enable=no policyd+8388 0.0 0.4 77440 15648 ?Ss 15:40 0:00 /usr/bin/python3.6 -s /usr/libexec/postfix/policyd-spf root8436 0.0 0.0 12136 1124 pts/0S+ 15:43 0:00 grep --color=auto postfix Thanks, Ken > On Mar 19, 2021, at 3:40 PM, Wietse Venema wrote: > > LoneStarKen: >> smtpd_discard_ehlo_keywords = chunking > > Well there is your problem. If you did not configure this, i.e. > "postonf -d smtpd_discard_ehlo_keywords" shows "chunking", then > complain to your vendor. > > Otherwise, how many (Postfix) master daemons are there on your system? > > Wietse
Re: discarding EHLO keywords: CHUNKING
LoneStarKen: > smtpd_discard_ehlo_keywords = chunking Well there is your problem. If you did not configure this, i.e. "postonf -d smtpd_discard_ehlo_keywords" shows "chunking", then complain to your vendor. Otherwise, how many (Postfix) master daemons are there on your system? Wietse
Re: discarding EHLO keywords: CHUNKING
> On Mar 19, 2021, at 3:56 PM, LoneStarKen wrote: > > Maybe so. Here is output from postconf containing "discard_ehlo_keywords": > > # postconf | grep discard_ehlo_keywords > postscreen_discard_ehlo_keywords = $smtpd_discard_ehlo_keywords > smtp_discard_ehlo_keywords = > smtpd_discard_ehlo_keywords = chunking > > Looks like postscreen may somehow be the culprit. Odd that the lines in > main.cf > and master.cf for postscreen are commented out. Maybe it's getting invoked > some > other way? (Full uncommented lines of master.cf in previous response.) No postscreen(8) has nothing to do with it, it just defaults to whatever smtpd(8) defaults to. The real issue is that you have (whether as a compiled in default, or in fact in main.cf) a non-empty setting for: smtpd_discard_ehlo_keywords = chunking if that's also reported by "postconf -d", then whoever compiled your Postfix package decided to change the upstream default. If you don't like that choice you can set an explicit empty value in main.cf and complain to your package maintainers: smtpd_discard_ehlo_keywords = -- Viktor.
Re: discarding EHLO keywords: CHUNKING
Hi Viktor,
Maybe so. Here is output from postconf containing "discard_ehlo_keywords":
# postconf | grep discard_ehlo_keywords
postscreen_discard_ehlo_keywords = $smtpd_discard_ehlo_keywords
smtp_discard_ehlo_keywords =
smtpd_discard_ehlo_keywords = chunking
Looks like postscreen may somehow be the culprit. Odd that the lines in
main.cf and master.cf for postscreen are commented out. Maybe it's getting
invoked some other way? (Full uncommented lines of master.cf in previous
response.)
[master.cf snip]
smtp inet n - n - - smtpd
-o smtpd_sasl_auth_enable=no
#smtp inet n - n - 1 postscreen
[/snip]
[main.cf snip]
#postscreen_greet_action = enforce
[/snip]
Recursive case insensitive grep from /etc/postfix for "keywords" returns
nothing. Not sure where I would change the setting (or if I should try to
change the setting).
We are running postfix.x86_64 2:3.5.8-1.el8 on CentOS Stream release 8.
Output from postconf containing postscreen:
# postconf | grep postscreen
postscreen_access_list = permit_mynetworks
postscreen_bare_newline_action = ignore
postscreen_bare_newline_enable = no
postscreen_bare_newline_ttl = 30d
postscreen_blacklist_action = ignore
postscreen_cache_cleanup_interval = 12h
postscreen_cache_map = btree:$data_directory/postscreen_cache
postscreen_cache_retention_time = 7d
postscreen_client_connection_count_limit = $smtpd_client_connection_count_limit
postscreen_command_count_limit = 20
postscreen_command_filter =
postscreen_command_time_limit = ${stress?{10}:{300}}s
postscreen_disable_vrfy_command = $disable_vrfy_command
postscreen_discard_ehlo_keyword_address_maps =
$smtpd_discard_ehlo_keyword_address_maps
postscreen_discard_ehlo_keywords = $smtpd_discard_ehlo_keywords
postscreen_dnsbl_action = ignore
postscreen_dnsbl_max_ttl = ${postscreen_dnsbl_ttl?{$postscreen_dnsbl_ttl}:{1}}h
postscreen_dnsbl_min_ttl = 60s
postscreen_dnsbl_reply_map =
postscreen_dnsbl_sites =
postscreen_dnsbl_threshold = 1
postscreen_dnsbl_timeout = 10s
postscreen_dnsbl_whitelist_threshold = 0
postscreen_enforce_tls = $smtpd_enforce_tls
postscreen_expansion_filter = $smtpd_expansion_filter
postscreen_forbidden_commands = $smtpd_forbidden_commands
postscreen_greet_action = ignore
postscreen_greet_banner = $smtpd_banner
postscreen_greet_ttl = 1d
postscreen_greet_wait = ${stress?{2}:{6}}s
postscreen_helo_required = $smtpd_helo_required
postscreen_non_smtp_command_action = drop
postscreen_non_smtp_command_enable = no
postscreen_non_smtp_command_ttl = 30d
postscreen_pipelining_action = enforce
postscreen_pipelining_enable = no
postscreen_pipelining_ttl = 30d
postscreen_post_queue_limit = $default_process_limit
postscreen_pre_queue_limit = $default_process_limit
postscreen_reject_footer = $smtpd_reject_footer
postscreen_reject_footer_maps = $smtpd_reject_footer_maps
postscreen_tls_security_level = $smtpd_tls_security_level
postscreen_upstream_proxy_protocol =
postscreen_upstream_proxy_timeout = 5s
postscreen_use_tls = $smtpd_use_tls
postscreen_watchdog_timeout = 10s
postscreen_whitelist_interfaces = static:all
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps
$virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains
$relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps
$recipient_canonical_maps $relocated_maps $transport_maps $mynetworks
$smtpd_sender_login_maps $sender_bcc_maps $recipient_bcc_maps
$smtp_generic_maps $lmtp_generic_maps $alias_maps $smtpd_client_restrictions
$smtpd_helo_restrictions $smtpd_sender_restrictions $smtpd_relay_restrictions
$smtpd_recipient_restrictions
$address_verify_sender_dependent_default_transport_maps
$address_verify_sender_dependent_relayhost_maps $address_verify_transport_maps
$fallback_transport_maps $lmtp_discard_lhlo_keyword_address_maps
$lmtp_pix_workaround_maps $lmtp_sasl_password_maps $lmtp_tls_policy_maps
$mailbox_command_maps $mailbox_transport_maps
$postscreen_discard_ehlo_keyword_address_maps $rbl_reply_maps
$sender_dependent_default_transport_maps $sender_dependent_relayhost_maps
$smtp_discard_ehlo_keyword_address_maps $smtp_pix_workaround_maps
$smtp_sasl_password_maps $smtp_tls_policy_maps
$smtpd_discard_ehlo_keyword_address_maps $smtpd_milter_maps $virtual_gid_maps
$virtual_uid_maps
proxy_write_maps = $smtp_sasl_auth_cache_name $lmtp_sasl_auth_cache_name
$address_verify_map $postscreen_cache_map
Recommendations? I don't understand how postscreen is configured or invoked
and I'm still fuzzy on the ramifications of what the log entry is telling me.
Learning a bunch here!
Thanks for your help!
Ken
> On Mar 19, 2021, at 2:23 PM, Viktor Dukhovni
> wrote:
>
> On Fri, Mar 19, 2021 at 01:48:53PM -0500, LoneStarKen wrote:
>
>> Thank you for the response. Those entries don't seem to exist in my main.cf
>> or master.cf.
>>
>> I grepped (case insensitive) main.cf for ehlo, keywords, and discard and
>> none of t
Re: discarding EHLO keywords: CHUNKING
On Fri, Mar 19, 2021 at 01:48:53PM -0500, LoneStarKen wrote: > Thank you for the response. Those entries don't seem to exist in my main.cf > or master.cf. > > I grepped (case insensitive) main.cf for ehlo, keywords, and discard and none > of those words exist. Are you running a modified Postfix with a non-empty default value of $smtpd_discard_ehlo_keywords? Check the output of "postconf" rather than "postconf -n". -- Viktor.
Re: discarding EHLO keywords: CHUNKING
Hi Wietse,
Thank you for the response. Those entries don't seem to exist in my main.cf or
master.cf.
I grepped (case insensitive) main.cf for ehlo, keywords, and discard and none
of those words exist.
The master.cf has a discard in the section "-o
syslog_name=postfix/$service_name" though it isn't the phrase you mentioned. I
also note that the file timestamp is today (the date I ran the update). The
contents of master.cf is below:
smtp inet n - n - - smtpd
-o smtpd_sasl_auth_enable=no
submission inet n - n - - smtpd
-o syslog_name=postfix/submission
-o smtpd_etrn_restrictions=reject
-o smtpd_tls_security_level=encrypt
-o smtpd_tls_auth_only=yes
-o smtpd_client_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
-o smtpd_helo_restrictions=permit_mynetworks,permit
-o milter_macro_daemon_name=ORIGINATING
-o smtpd_sasl_type=dovecot
-o smtpd_sasl_path=private/auth
smtps inet n - n - - smtpd
-o syslog_name=postfix/smtps
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
-o smtpd_relay_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
-o milter_macro_daemon_name=ORIGINATING
-o smtpd_sasl_type=dovecot
-o smtpd_sasl_path=private/auth
pickupunix n - n 60 1 pickup
cleanup unix n - n - 0 cleanup
qmgr unix n - n 300 1 qmgr
tlsmgrunix - - n 1000? 1 tlsmgr
rewrite unix - - n - - trivial-rewrite
bounceunix - - n - 0 bounce
defer unix - - n - 0 bounce
trace unix - - n - 0 bounce
verifyunix - - n - 1 verify
flush unix n - n 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - n - - smtp
relay unix - - n - - smtp
-o syslog_name=postfix/$service_name
showq unix n - n - - showq
error unix - - n - - error
retry unix - - n - - error
discard unix - - n - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
anvil unix - - n - 1 anvil
scacheunix - - n - 1 scache
dovecot unix - n n - - pipe
flags=DRhu user=vmail:vmail argv=/usr/libexec/dovecot/deliver -f ${sender}
-d ${recipient}
policyd-spf unix - n n - 0 spawn
user=policyd-spf argv=/usr/libexec/postfix/policyd-spf
postlog unix-dgram n - n - 1 postlogd
Thanks again for your help!
Ken
> On Mar 19, 2021, at 1:01 PM, Wietse Venema wrote:
>
> LoneStarKen:
>> After updating from postfix.x86_64 2:3.3.1-12.el to postfix.x86_64
>> 2:3.5.8-1.el8 I'm getting frequent log entries
>>
>> Mar 19 10:51:58 mail postfix/smtpd[XX]: discarding EHLO keywords:
>> CHUNKING
>
> You have one or both of
>
>smtpd_discard_ehlo_keyword_address_maps
>smtpd_discard_ehlo_keywords
>
> in main.cf or master.cf.
>
> Wietse
Re: discarding EHLO keywords: CHUNKING
On Fri, Mar 19, 2021 at 11:02:09AM -0500, LoneStarKen wrote: > Mar 19 10:51:58 mail postfix/smtpd[XX]: discarding EHLO keywords: CHUNKING Presumably you have a non-default setting of smtp_discard_ehlo_keywords possibly via master.cf overrides? -- Viktor.
Re: discarding EHLO keywords: CHUNKING
LoneStarKen: > After updating from postfix.x86_64 2:3.3.1-12.el to postfix.x86_64 > 2:3.5.8-1.el8 I'm getting frequent log entries > > Mar 19 10:51:58 mail postfix/smtpd[XX]: discarding EHLO keywords: CHUNKING You have one or both of smtpd_discard_ehlo_keyword_address_maps smtpd_discard_ehlo_keywords in main.cf or master.cf. Wietse
