| View previous topic :: View next topic |
| Author |
Message |
miroR
l33t
Joined: 05 Mar 2008
Posts: 826
|
 Posted: Mon Jul 06, 2015 10:12 pm Post subject: Postfix not working |
 |
|
Postfix not working
( title probably to change, when more I learn on the issue)
I read somewhere that Gentoo devs had the issue and solved it, of Postfix not working with the (then) new 4 kernel.
It seems to me that is is not working in my case, still. I'm not sure, if I were, I'd file a bug... Like this tiny one which I was pretty sure of:
page missing in docs
https://bugs.gentoo.org/show_bug.cgi?id=554100
( of course I meant: page missing in [Postfix] docs; alas, no way to correct that now )
But I'll try and get this issue of Postfix not working presented here, and maybe we figure out more what it is.
Last edited by miroR on Mon Jul 06, 2015 11:51 pm; edited 1 time in total |
|
| Back to top |
|
 |
miroR
l33t
Joined: 05 Mar 2008
Posts: 826
|
| Posted: Mon Jul 06, 2015 11:36 pm Post subject: |
|
|
Following on the:
Postfix Debugging Howto
http://www.postfix.org/DEBUG_README.html
I added a few ' -v' at the end of lines in /etc/postfix/master.cf
such as it says in the DEBUG_README.html (pasting):
| Code: | /etc/postfix/master.cf:
smtp inet n - n - - smtpd -v
|
and also for cleanup, qmgr, tlsmgr, trivial-rewrite, bounce and defer.
And (again, as per that page) I issued (pasting over again):
| Postfix Debug Howto wrote: | What-if: report what would happen, but do not actually deliver mail. This mode
of operation is requested with:
| Code: | % /usr/sbin/sendmail -bv address...
Mail Delivery Status Report will be mailed to <your login name>.
|
|
And the result was in my /root/Maildir after all the timeouts (pasting from my
mailbox --you won't find it in the howto  ):
| Code: | From @ Tue Jul 7 01:09:14 2015
Return-Path: <>
X-Original-To: root@localdomain
Delivered-To: root@localdomain
Received: by g0n.localdomain (Postfix)
id 0115F380060; Tue, 7 Jul 2015 01:09:14 +0200 (CEST)
Date: Tue, 7 Jul 2015 01:09:14 +0200 (CEST)
From: MAILER-DAEMON@localdomain (Mail Delivery System)
Subject: Mail Delivery Status Report
To: root@localdomain
Auto-Submitted: auto-replied
MIME-Version: 1.0
Content-Type: multipart/report; report-type=delivery-status;
boundary="73D6038005D.1436224154/g0n.localdomain"
Content-Transfer-Encoding: 8bit
Message-Id: <20150706230915.0115F380060@g0n.localdomain>
Status: RO
Content-Length: 1506
This is a MIME-encapsulated message.
--73D6038005D.1436224154/g0n.localdomain
Content-Description: Notification
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
This is the mail system at host g0n.localdomain.
Enclosed is the mail delivery report that you requested.
The mail system
<miro.rovis@croatiafidelis.hr>: connect to
croatiafidelis.hr[178.218.164.164]:25: Connection timed out
--73D6038005D.1436224154/g0n.localdomain
Content-Description: Delivery report
Content-Type: message/delivery-status
Content-Transfer-Encoding: 8bit
Reporting-MTA: dns; g0n.localdomain
X-Postfix-Queue-ID: 73D6038005D
X-Postfix-Sender: rfc822; root@localdomain
Arrival-Date: Tue, 7 Jul 2015 01:05:38 +0200 (CEST)
Final-Recipient: rfc822; miro.rovis@croatiafidelis.hr
Original-Recipient: rfc822;miro.rovis@croatiafidelis.hr
Action: undeliverable
Status: 4.4.1
Diagnostic-Code: X-Postfix; connect to croatiafidelis.hr[178.218.164.164]:25:
Connection timed out
--73D6038005D.1436224154/g0n.localdomain
Content-Description: Message Headers
Content-Type: text/rfc822-headers
Content-Transfer-Encoding: 8bit
Return-Path: <root@localdomain>
Received: by g0n.localdomain (Postfix, from userid 0)
id 73D6038005D; Tue, 7 Jul 2015 01:05:38 +0200 (CEST)
From: root@localdomain
Subject: probe
To: miro.rovis@croatiafidelis.hr
Message-Id: <20150706230538.73D6038005D@g0n.localdomain>
Date: Tue, 7 Jul 2015 01:05:38 +0200 (CEST)
--73D6038005D.1436224154/g0n.localdomain--
|
Let me post this first now, before I go on, as this issue does seem to not be
related with my misconfiguration or some such... I have been using the same
working configuration, basically, for months now, and this is the first time I
have issues with Postfix in maybe even a year or not much shorter time... |
|
| Back to top |
|
|
miroR
l33t
Joined: 05 Mar 2008
Posts: 826
|
| Posted: Mon Jul 06, 2015 11:50 pm Post subject: |
|
|
And then, to make sure, as I do have a (refraining from bad language...) very miserable and idiotic provider (couldn't refrain but only so much), I thought I should make sure they didn't decide to censor my access to the server at the provider's of my NGO's domain, the www.CroatiaFidelis.hr, as they did in the past.
I thought, maybe they're banning me again from using my email address miro.rovis@croatiafidelis.hr ...
And so I decided I had to use the freaking miroslav.rovis1@zg.ht.hr (see the 1 in my name? It's not me who put that in there, but the idiots, not because the miroslav.rovis@zg.ht.hr were occupied, no, I'm the only one Miroslav Rovis in Zagreb, as far as I know, but just to hurt...)...
And I did:
| Code: |
/usr/sbin/sendmail -bv miroslav.rovis1@zg.ht.hr
|
which send into my maibox:
| Code: |
From @ Tue Jul 7 01:13:29 2015
Return-Path: <>
X-Original-To: root@localdomain
Delivered-To: root@localdomain
Received: by g0n.localdomain (Postfix)
id CDCCE380060; Tue, 7 Jul 2015 01:13:29 +0200 (CEST)
Date: Tue, 7 Jul 2015 01:13:29 +0200 (CEST)
From: MAILER-DAEMON@localdomain (Mail Delivery System)
Subject: Mail Delivery Status Report
To: root@localdomain
Auto-Submitted: auto-replied
MIME-Version: 1.0
Content-Type: multipart/report; report-type=delivery-status;
boundary="8922038005D.1436224409/g0n.localdomain"
Content-Transfer-Encoding: 8bit
Message-Id: <20150706231329.CDCCE380060@g0n.localdomain>
Status: RO
Content-Length: 1480
This is a MIME-encapsulated message.
--8922038005D.1436224409/g0n.localdomain
Content-Description: Notification
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
This is the mail system at host g0n.localdomain.
Enclosed is the mail delivery report that you requested.
The mail system
<miroslav.rovis1@zg.ht.hr>: connect to mailin03.ht.hr[195.29.150.43]:25:
Connection timed out
--8922038005D.1436224409/g0n.localdomain
Content-Description: Delivery report
Content-Type: message/delivery-status
Content-Transfer-Encoding: 8bit
Reporting-MTA: dns; g0n.localdomain
X-Postfix-Queue-ID: 8922038005D
X-Postfix-Sender: rfc822; root@localdomain
Arrival-Date: Tue, 7 Jul 2015 01:11:59 +0200 (CEST)
Final-Recipient: rfc822; miroslav.rovis1@zg.ht.hr
Original-Recipient: rfc822;miroslav.rovis1@zg.ht.hr
Action: undeliverable
Status: 4.4.1
Diagnostic-Code: X-Postfix; connect to mailin03.ht.hr[195.29.150.43]:25:
Connection timed out
--8922038005D.1436224409/g0n.localdomain
Content-Description: Message Headers
Content-Type: text/rfc822-headers
Content-Transfer-Encoding: 8bit
Return-Path: <root@localdomain>
Received: by g0n.localdomain (Postfix, from userid 0)
id 8922038005D; Tue, 7 Jul 2015 01:11:59 +0200 (CEST)
From: root@localdomain
Subject: probe
To: miroslav.rovis1@zg.ht.hr
Message-Id: <20150706231159.8922038005D@g0n.localdomain>
Date: Tue, 7 Jul 2015 01:11:59 +0200 (CEST)
--8922038005D.1436224409/g0n.localdomain--
|
So, I guess it's something to do with the kernel 4, which (where did I read
about it, in the ebuilds of postfix or where?), which the devs already tried
to solve.
But of course, I'm not sure. Need more insight. |
|
| Back to top |
|
|
miroR
l33t
Joined: 05 Mar 2008
Posts: 826
|
| Posted: Tue Jul 07, 2015 12:01 am Post subject: |
|
|
Of course I have the screencasts and the traffic captures for those (which I did with my uncenz little (primitive, incomplete) program), but I don't think I need to go about posting those. Just in case, I'll identify them:
| Code: |
4c0171dd2c713d1bdae4710ac4550b86bc7cc76e0cd069d86ef98d4c75c58b7f dump_150707_0104_g0n_sendmail-bv_miro.rovis.pcap
a678fc2050975130e26a2a0e4dc4f2db4d2ed762b1bbf4556ff8cbc054a80eea Screen_150707_0104_g0n_sendmail-bv_miro.rovis.mkv
924fdae823fd4241f39bf1663ec0a32b30ecfc2b2ddee544eb105ad4184eb546 dump_150707_0111_g0n_sendmail-bv_miroslav.rovis1.pcap
7b288e0a629c1b097b5a9c23dcc584700b4c2f9684d7ef68be7854bdfb2a36f1 Screen_150707_0111_g0n_sendmail-bv_miroslav.rovis1.mkv
|
Also, having added the -v in all those places, I had those event very verbosely logged in my /var/log/messages, but I don't know it that will be needed... Will have those handy yet...
Anyone has this issue?
Anyone can tell us more about what to do and where to research about this?
Else I may go and reconfigure my Postfix from ground zero (the one in which the equery k postfix returns:
| Code: | | 667 out of 667 files passed |
(as in the 554100 didn't because I configured the two files) |
|
| Back to top |
|
|
miroR
l33t
Joined: 05 Mar 2008
Posts: 826
|
| Posted: Tue Jul 07, 2015 6:24 am Post subject: |
|
|
Just before I try something, this is the current kernel:
| Code: | $ uname -r
4.0.7-hardened-150705
$ |
with which this:
| Code: | | Action: undeliverable |
I have reported.
Before reworking my Postfix configuration, I'll leave it as it has been for months, and instead I'll try these tests with some of the version 3 kernels I still have in my /boot . |
|
| Back to top |
|
|
miroR
l33t
Joined: 05 Mar 2008
Posts: 826
|
| Posted: Tue Jul 07, 2015 9:34 am Post subject: |
|
|
No, it's not the kernel version change.
For the Hrvatski Telecom (or Croatian T-com) it is "fine" as with the (suspected) Chinese brought in surveillance knowhow and equipment can be. The two first messages of mine in the July thread:
http://lists.dillo.org/pipermail/dillo-dev/2015-July/thread.html
I've posted with the 3 kernel, but the latter two (four altogether by now, on same July thread), I posted with the updated Gentoo.
And for the miro.rovis@croatiafidelis.hr it's them have recently switched to real TLS, I think. They were using the tls-wrapper mode, as you can read extensively about in:
Postfix smtp/TLS, Bkp/Cloning Mthd, Censorship/Intrusion
https://forums.gentoo.org/viewtopic-t-999436.html
and Postfix, as good MTA, won't use the PLAIN, which I still have in my:
| Code: |
# cat /etc/sasl2/smtpd.conf
# $Header: /var/cvsroot/gentoo-x86/mail-mta/postfix/files/smtp.sasl,v 1.3 2011/05/09 12:36:20 eras Exp $
pwcheck_method:saslauthd
mech_list: PLAIN
g0n ~ #
|
That is what I currently believe is the case. Sure I need to go the way of the, aargh, extensive Postfix documentation, all over again, now.... Aaargh!!! |
|
| Back to top |
|
|
miroR
l33t
Joined: 05 Mar 2008
Posts: 826
|
| Posted: Wed Jul 22, 2015 11:40 am Post subject: |
|
|
This has been solved.
But time to explain the convoluted Postfix configuration, I don't have (and so I'm not sticking a [SOLVED] in there because there is no configuration advice to find here).
If you're also using grsec, for the RBAC policies:
Issues with and RBAC Policy for Postfix
http://forums.grsecurity.net/viewtopic.php?f=5&t=4230
and if you are advanced, maybe you can tell more to the readers there, and if you're struggling like me, there is some useful stuff there. |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
Networking & Security
