postfix quit nach starttls
Dr. Martin Mandelkow
postfix-users at martin-mandelkow.de
Do Sep 24 21:37:29 CEST 2020
Hallo!
Aus irgendeinem Grund kann ich per roundcube keine Mails per SMTP
rausschicken. Und es scheint kein roundcube Problem zu sein.
Was ist an meiner Konfiguration kaputt?
Maillog:
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: connect from
localhost[127.0.0.1]
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: smtp_stream_setup:
maxtime=300 enable_deadline=0
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: match_hostname:
smtpd_client_event_limit_exceptions: localhost ~? 82.165.117.238/32
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: match_hostaddr:
smtpd_client_event_limit_exceptions: 127.0.0.1 ~? 82.165.117.238/32
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: match_hostname:
smtpd_client_event_limit_exceptions: localhost ~? 127.0.0.0/8
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: match_hostaddr:
smtpd_client_event_limit_exceptions: 127.0.0.1 ~? 127.0.0.0/8
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: report connect to
all milters
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]:
milter_macro_lookup: "j"
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]:
milter_macro_lookup: result "martin-mandelkow.de"
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]:
milter_macro_lookup: "{daemon_name}"
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]:
milter_macro_lookup: result "ORIGINATING"
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]:
milter_macro_lookup: "{daemon_addr}"
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]:
milter_macro_lookup: result "127.0.0.1"
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]:
milter_macro_lookup: "v"
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]:
milter_macro_lookup: result "Postfix 3.3.1"
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: milter8_connect:
non-protocol events for protocol version 6:
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: milter8_connect:
transport=inet endpoint=localhost:8891
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: trying...
[127.0.0.1]
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: vstream_tweak_tcp:
TCP_MAXSEG 21845
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: fd=28: stream
buffer size old=0 new=43690
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: milter8_connect:
my_version=0x6
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: milter8_connect:
my_actions=0x1ff SMFIF_ADDHDRS SMFIF_CHGBODY SMFIF_ADDRCPT SMFIF_DELRCPT
SMFIF_CHGHDRS SMFIF_QUARANTINE SMFIF_CHGFROM SMFIF_ADDRCPT_PAR
SMFIF_SETSYMLIST
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: milter8_connect:
my_events=0x1fffff SMFIP_NOCONNECT SMFIP_NOHELO SMFIP_NOMAIL
SMFIP_NORCPT SMFIP_NOBODY SMFIP_NOHDRS SMFIP_NOEOH SMFIP_NR_HDR
SMFIP_NOUNKNOWN SMFIP_NODATA SMFIP_SKIP SMFIP_RCPT_REJ SMFIP_NR_CONN
SMFIP_NR_HELO SMFIP_NR_MAIL SMFIP_NR_RCPT SMFIP_NR_DATA SMFIP_NR_UNKN
SMFIP_NR_EOH SMFIP_NR_BODY SMFIP_HDR_LEADSPC
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]:
vstream_fflush_some: fd 28 flush 17
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]:
vstream_buf_get_ready: fd 28 got 17
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: milter8_connect:
milter inet:localhost:8891 version 6
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: milter8_connect:
events SMFIP_NOHELO SMFIP_NOUNKNOWN SMFIP_NODATA SMFIP_SKIP
SMFIP_HDR_LEADSPC
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: milter8_connect:
requests SMFIF_ADDHDRS SMFIF_CHGHDRS SMFIF_SETSYMLIST
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]:
milter8_conn_event: milter inet:localhost:8891: connect
localhost/127.0.0.1
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: event:
SMFIC_CONNECT; macros: j=martin-mandelkow.de {daemon_name}=ORIGINATING
{daemon_addr}=127.0.0.1 v=Postfix 3.3.1
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]:
vstream_fflush_some: fd 28 flush 122
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]:
vstream_buf_get_ready: fd 28 got 5
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: reply:
SMFIR_CONTINUE data 0 bytes
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: >
localhost[127.0.0.1]: 220 martin-mandelkow.de ESMTP Postfix
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: watchdog_pat:
0x5630ea107520
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]:
vstream_fflush_some: fd 27 flush 39
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]:
vstream_buf_get_ready: fd 27 got 26
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: <
localhost[127.0.0.1]: EHLO martin-mandelkow.de
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: report helo to all
milters
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]:
milter_macro_lookup: "{tls_version}"
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]:
milter_macro_lookup: "{cipher}"
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]:
milter_macro_lookup: "{cipher_bits}"
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]:
milter_macro_lookup: "{cert_subject}"
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]:
milter_macro_lookup: "{cert_issuer}"
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]:
milter8_helo_event: milter inet:localhost:8891: helo martin-mandelkow.de
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: event: SMFIC_HELO;
macros: (none)
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: skipping event
SMFIC_HELO for milter inet:localhost:8891
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: match_list_match:
localhost: no match
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: match_list_match:
127.0.0.1: no match
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: >
localhost[127.0.0.1]: 250-martin-mandelkow.de
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: >
localhost[127.0.0.1]: 250-PIPELINING
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: >
localhost[127.0.0.1]: 250-SIZE 10240000
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: >
localhost[127.0.0.1]: 250-VRFY
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: >
localhost[127.0.0.1]: 250-ETRN
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: >
localhost[127.0.0.1]: 250-STARTTLS
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: >
localhost[127.0.0.1]: 250-ENHANCEDSTATUSCODES
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: >
localhost[127.0.0.1]: 250-8BITMIME
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: >
localhost[127.0.0.1]: 250-DSN
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: >
localhost[127.0.0.1]: 250 SMTPUTF8
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: watchdog_pat:
0x5630ea107520
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]:
vstream_fflush_some: fd 27 flush 156
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]:
vstream_buf_get_ready: fd 27 got 10
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: <
localhost[127.0.0.1]: STARTTLS
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: query milter
states for other event
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]:
milter8_other_event: milter inet:localhost:8891
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: >
localhost[127.0.0.1]: 220 2.0.0 Ready to start TLS
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]:
vstream_fflush_some: fd 27 flush 30
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: abort all milters
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: milter8_abort:
abort milter inet:localhost:8891
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]:
event_request_timer: reset 0x7efee5ba3b10 0x5630ea00f4e0 5
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: send attr request
= seed
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: send attr size = 32
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]:
vstream_fflush_some: fd 15 flush 22
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]:
vstream_buf_get_ready: fd 15 got 60
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: private/tlsmgr:
wanted attribute: status
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: input attribute
name: status
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: input attribute
value: 0
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: private/tlsmgr:
wanted attribute: seed
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: input attribute
name: seed
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: input attribute
value: o0hIxCvmbtaNJPap4lGlY8IFEJCsNkB6FTbKJOumJyc=
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: private/tlsmgr:
wanted attribute: (list terminator)
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: input attribute
name: (end)
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]:
event_request_timer: reset 0x7efee5ba3b10 0x5630ea00f4e0 5
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: send attr request
= tktkey
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: send attr keyname
= [data 0 bytes]
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]:
vstream_fflush_some: fd 15 flush 25
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]:
vstream_buf_get_ready: fd 15 got 138
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: private/tlsmgr:
wanted attribute: status
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: input attribute
name: status
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: input attribute
value: 0
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: private/tlsmgr:
wanted attribute: keybuf
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: input attribute
name: keybuf
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: input attribute
value:
GEjFJkIDoZeqxL/4UX0+QfCyqrJ1oOJxRSqHSpN1A6HQBMhCKGtb0s4VTZbiuEzWJmTVoxxNVQPBzONthZQoo2j+0iVk8dGFXoveYnYoNx7Ga2pfAAAAAA==
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: private/tlsmgr:
wanted attribute: (list terminator)
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: input attribute
name: (end)
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]:
xsasl_dovecot_server_create: SASL service=smtp, realm=(null)
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: name_mask:
noanonymous
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]:
xsasl_dovecot_server_connect: Connecting
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]:
vstream_fflush_some: fd 29 flush 22
Sep 22 23:05:04 martin-mandelkow dovecot[2233]: auth: Debug: Loading
modules from directory: /usr/lib64/dovecot/auth
Sep 22 23:05:04 martin-mandelkow dovecot[2233]: auth: Debug: Module
loaded: /usr/lib64/dovecot/auth/lib20_auth_var_expand_crypt.so
Sep 22 23:05:04 martin-mandelkow dovecot[2233]: auth: Debug: Module
loaded: /usr/lib64/dovecot/auth/libdriver_sqlite.so
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]:
vstream_buf_get_ready: fd 29 got 148
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]:
xsasl_dovecot_server_connect: auth reply: VERSION?1?2
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]:
xsasl_dovecot_server_connect: auth reply: MECH?CRAM-MD5?dictionary?active
Sep 22 23:05:04 martin-mandelkow dovecot[2233]: auth: Debug: Read auth
token secret from /var/run/dovecot/auth-token-secret.dat
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: name_mask:
dictionary
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: name_mask: active
Sep 22 23:05:04 martin-mandelkow dovecot[2233]: auth: Debug: passwd-file
/etc/dovecot/users: Read 4 users in 0 secs
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]:
xsasl_dovecot_server_connect: auth reply: MECH?PLAIN?plaintext
Sep 22 23:05:04 martin-mandelkow dovecot[2233]: auth: Debug: auth client
connected (pid=0)
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: name_mask: plaintext
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]:
xsasl_dovecot_server_connect: auth reply: MECH?LOGIN?plaintext
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: name_mask: plaintext
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]:
xsasl_dovecot_server_connect: auth reply: SPID?3017
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]:
xsasl_dovecot_server_connect: auth reply: CUID?1
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]:
xsasl_dovecot_server_connect: auth reply:
COOKIE?87f8c974599f9d294eb35dfb027c8248
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]:
xsasl_dovecot_server_connect: auth reply: DONE
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]:
xsasl_dovecot_server_mech_filter: keep mechanism: CRAM-MD5
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]:
xsasl_dovecot_server_mech_filter: keep mechanism: PLAIN
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]:
xsasl_dovecot_server_mech_filter: keep mechanism: LOGIN
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: watchdog_pat:
0x5630ea107520
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: smtp_get: EOF
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: match_hostname:
smtpd_client_event_limit_exceptions: localhost ~? 82.165.117.238/32
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: match_hostaddr:
smtpd_client_event_limit_exceptions: 127.0.0.1 ~? 82.165.117.238/32
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: match_hostname:
smtpd_client_event_limit_exceptions: localhost ~? 127.0.0.0/8
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: match_hostaddr:
smtpd_client_event_limit_exceptions: 127.0.0.1 ~? 127.0.0.0/8
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: lost connection
after STARTTLS from localhost[127.0.0.1]
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: disconnect event
to all milters
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]:
milter8_disc_event: quit milter inet:localhost:8891
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]:
vstream_fflush_some: fd 28 flush 16
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: disconnect from
localhost[127.0.0.1] ehlo=1 starttls=1 commands=2
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: free all milters
Sep 22 23:05:04 martin-mandelkow postfix/smtpd[3015]: free milter
inet:localhost:8891
Der Blick auf den Server via openssl:
[root at s17775789 ~]# openssl s_client -connect martin-mandelkow.de:587
CONNECTED(00000003)
140094835521352:error:140770FC:SSL
routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:769:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 247 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
---
Und hier ist meine postconf:
[root at martin-mandelkow ~]# postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
command_directory = /usr/sbin
compatibility_level = 2
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 4
debug_peer_list = 127.0.0.1
debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd
$daemon_directory/$process_name $process_id & sleep 5
header_checks = regexp:/etc/postfix/header_checks
home_mailbox = Maildir/
html_directory = no
inet_interfaces = all
inet_protocols = all
mail_owner = postfix
mailbox_transport = lmtp:unix:private/dovecot-lmtp
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
meta_directory = /etc/postfix
milter_default_action = accept
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain,
mail.$mydomain, www.$mydomain, ftp.$mydomain
myhostname = martin-mandelkow.de
mynetworks = 82.165.117.238/32, 127.0.0.0/8, 10.8.0.0/16,
[2001:8d8:1800:33d::1]/128, [::1]/128
newaliases_path = /usr/bin/newaliases.postfix
non_smtpd_milters = inet:localhost:8891
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix/README_FILES
sample_directory = /usr/share/doc/postfix/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
shlib_directory = /usr/lib64/postfix
smtp_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt
smtp_tls_CApath = /etc/pki/tls/certs
smtp_tls_security_level = may
smtpd_milters = inet:localhost:8891
smtpd_recipient_restrictions = check_recipient_access
hash:/etc/postfix/recipient_access, reject_unauth_pipelining,
check_sender_access hash:/etc/postfix/sender_access,
reject_unknown_sender_domain, reject_unknown_recipient_domain,
reject_non_fqdn_sender, reject_non_fqdn_recipient,
permit_sasl_authenticated, permit_tls_clientcerts, permit_mynetworks,
reject_rbl_client ix.dnsbl.manitu.net, reject_rbl_client
zen.spamhaus.org, permit_mx_backup, reject_unauth_destination, permit
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = no
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt
smtpd_tls_auth_only = yes
smtpd_tls_cert_file =
/etc/letsencrypt/live/martin-mandelkow.de/fullchain.pem
smtpd_tls_key_file = /etc/letsencrypt/live/martin-mandelkow.de/privkey.pem
smtpd_tls_security_level = may
unknown_local_recipient_reject_code = 550
virtual_alias_domains = hash:/etc/postfix/virtual_alias_domains
virtual_alias_maps = hash:/etc/postfix/virtual
virtual_transport = lmtp:unix:private/dovecot-lmtp
Mehr Informationen über die Mailingliste postfix-users