[nycbug-talk] postfix question
Max Gribov
max at neuropunks.org
Thu Mar 16 21:41:27 EST 2006
a shot in the dark..
heres my config, i know my ssl works for sure..
---
alias_maps = hash:/etc/aliases, hash:/usr/local/mailman/data/aliases
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
content_filter = smtp-amavis:[127.0.0.1]:10024
daemon_directory = /usr/libexec/postfix
debug_peer_level = 2
disable_vrfy_command = yes
empty_address_recipient = MAILER-DAEMON
home_mailbox = Maildir/
html_directory = no
inet_interfaces = 38.117.144.218, 127.0.0.1, 69.31.43.10
local_recipient_maps = $alias_maps, unix:passwd.byname,
$virtual_mailbox_maps, $virtual_mailbox_domains, $virtual_alias_maps
local_transport = local
mail_owner = postfix
mailbox_command = /usr/local/bin/procmail
mailq_path = /usr/bin/mailq
manpage_directory = /usr/local/man
maximal_queue_lifetime = 2w
mydestination = $myhostname, $mydomain, mailman.$mydomain
mydomain = neuropunks.org
myhostname = finn.neuropunks.org
mynetworks = 38.117.144.218/32, 69.31.43.10/32, 127.0.0.1/32
myorigin = $mydomain
newaliases_path = /usr/bin/newaliases
owner_request_special = no
queue_directory = /var/spool/postfix
readme_directory = /etc/postfix/readme
recipient_delimiter = +
relay_domains = /etc/postfix/relay-domains
sample_directory = /etc/postfix/samples
sendmail_path = /usr/sbin/sendmail
setgid_group = postdrop
smtpd_banner = $myhostname ESMTP
smtpd_client_restrictions = hash:/etc/postfix/access, permit_mynetworks,
permit_sasl_authenticated, reject_rbl_client relays.ordb.org,
reject_rbl_client
opm.blitzed.org,reject_invalid_hostname,reject_unknown_sender_domain,
reject_non_fqdn_sender
smtpd_helo_required = yes
smtpd_helo_restrictions = hash:/etc/postfix/access, permit_mynetworks,
permit_sasl_authenticated, reject_rbl_client relays.ordb.org,
reject_rbl_client opm.blitzed.org
smtpd_recipient_restrictions = hash:/etc/postfix/access,
permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination,
reject_invalid_hostname, reject_non_fqdn_sender,
reject_unknown_sender_domain, reject_unlisted_recipient,
reject_unverified_recipient, reject_rbl_client relays.ordb.org,
reject_rbl_client opm.blitzed.org
smtpd_reject_unlisted_sender = yes
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sender_restrictions = hash:/etc/postfix/access, permit_mynetworks,
permit_sasl_authenticated, reject_unlisted_sender,
reject_invalid_hostname, reject_non_fqdn_sender,
reject_unknown_sender_domain, reject_rbl_client relays.ordb.org,
reject_rbl_client opm.blitzed.org
smtpd_tls_CAfile = $smtpd_tls_cert_file
smtpd_tls_ask_ccert = yes
smtpd_tls_cert_file = /etc/postfix/certs/postfix.pem
smtpd_tls_key_file = $smtpd_tls_cert_file
smtpd_tls_loglevel = 1
smtpd_use_tls = yes
transport_maps = hash:/etc/postfix/transport
unknown_local_recipient_reject_code = 550
Steve Rieger wrote:
>am trying to setup postfix to relay all mail through gmail (yes it not
>right) below are the error logs, and postconf -n.
>
>Mar 16 12:30:11 tiger postfix/postfix-script: refreshing the Postfix
>mail system
>Mar 16 12:30:11 tiger postfix/master[55]: reload configuration
>Mar 16 12:30:32 tiger postfix/pickup[26986]: 4AD6016D0F8: uid=0 from=<root>
>Mar 16 12:30:32 tiger postfix/cleanup[26994]: 4AD6016D0F8:
>message-id=<20060316203032.4AD6016D0F8 at tiger.up-south.com>
>Mar 16 12:30:32 tiger postfix/qmgr[26987]: 4AD6016D0F8:
>from=<root at tiger.up-south.com>, size=28425, nrcpt=1 (queue active)
>Mar 16 12:30:32 tiger postfix/smtp[26996]: warning: Only sdbm: type
>allowed for btree:/var/run/smtp_tls_session_cache
>Mar 16 12:30:32 tiger postfix/smtp[26996]: warning: Could not open
>session cache btree:/var/run/smtp_tls_session_cache
>Mar 16 12:30:32 tiger postfix/smtp[26996]: verify error:num=20:unable to
>get local issuer certificate
>Mar 16 12:30:32 tiger postfix/smtp[26996]: verify
>error:num=27:certificate not trusted
>Mar 16 12:30:32 tiger postfix/smtp[26996]: verify error:num=21:unable to
>verify the first certificate
>Mar 16 12:30:33 tiger postfix/qmgr[26987]: warning: premature
>end-of-input on private/smtp socket while reading input attribute name
>Mar 16 12:30:33 tiger postfix/master[55]: warning: process
>/usr/libexec/postfix/smtp pid 26996 killed by signal 10
>Mar 16 12:30:33 tiger postfix/qmgr[26987]: warning: private/smtp socket:
>malformed response
>Mar 16 12:30:33 tiger postfix/master[55]: warning:
>/usr/libexec/postfix/smtp: bad command startup -- throttling
>Mar 16 12:30:33 tiger postfix/qmgr[26987]: warning: transport smtp
>failure -- see a previous warning/fatal/panic logfile record for the
>problem description
>Mar 16 12:31:12 tiger postfix/pickup[26986]: 4130616D105: uid=0 from=<root>
>Mar 16 12:31:12 tiger postfix/cleanup[26994]: 4130616D105:
>message-id=<20060316203112.4130616D105 at tiger.up-south.com>
>Mar 16 12:31:12 tiger postfix/qmgr[26987]: 4130616D105:
>from=<root at tiger.up-south.com>, size=28417, nrcpt=1 (queue active)
>Mar 16 12:31:33 tiger postfix/smtp[27019]: warning: Only sdbm: type
>allowed for btree:/var/run/smtp_tls_session_cache
>Mar 16 12:31:33 tiger postfix/smtp[27019]: warning: Could not open
>session cache btree:/var/run/smtp_tls_session_cache
>Mar 16 12:31:33 tiger postfix/smtp[27019]: verify error:num=20:unable to
>get local issuer certificate
>Mar 16 12:31:33 tiger postfix/smtp[27019]: verify
>error:num=27:certificate not trusted
>Mar 16 12:31:34 tiger postfix/smtp[27019]: verify error:num=21:unable to
>verify the first certificate
>Mar 16 12:31:35 tiger postfix/qmgr[26987]: warning: premature
>end-of-input on private/smtp socket while reading input attribute name
>Mar 16 12:31:35 tiger postfix/master[55]: warning: process
>/usr/libexec/postfix/smtp pid 27019 killed by signal 10
>Mar 16 12:31:35 tiger postfix/qmgr[26987]: warning: private/smtp socket:
>malformed response
>Mar 16 12:31:35 tiger postfix/master[55]: warning:
>/usr/libexec/postfix/smtp: bad command startup -- throttling
>Mar 16 12:31:35 tiger postfix/qmgr[26987]: warning: transport smtp
>failure -- see a previous warning/fatal/panic logfile record for the
>problem description
>
>
>tiger:/etc/postfix root# postconf -n
>command_directory = /usr/sbin
>config_directory = /etc/postfix
>daemon_directory = /usr/libexec/postfix
>debug_peer_level = 2
>disable_dns_lookups = yes
>enable_server_options = yes
>html_directory = no
>inet_interfaces = all
>mail_owner = postfix
>mailbox_size_limit = 0
>mailbox_transport = cyrus
>mailq_path = /usr/bin/mailq
>manpage_directory = /usr/share/man
>mydomain_fallback = localhost
>myhostname = tiger.up-south.com
>mynetworks_style = host
>newaliases_path = /usr/bin/newaliases
>queue_directory = /private/var/spool/postfix
>readme_directory = /usr/share/doc/postfix
>relayhost = [smtp.gmail.com]
>sample_directory = /usr/share/doc/postfix/examples
>sendmail_path = /usr/sbin/sendmail
>setgid_group = postdrop
>smtp_sasl_auth_enable = yes
>smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
>smtp_sasl_security_options = noanonymous
>smtp_sasl_tls_security_options = noanonymous
>smtp_tls_CAfile = /etc/postfix/cacert.pem
>smtp_tls_cert_file = /etc/postfix/FOO-cert.pem
>smtp_tls_key_file = /etc/postfix/FOO-key.pem
>smtp_tls_loglevel = 1
>smtp_tls_per_site = hash:/etc/postfix/tls_per_site
>smtp_tls_session_cache_database = btree:/var/run/smtp_tls_session_cache
>smtp_use_tls = yes
>smtpd_sasl_application_name = smtpd
>smtpd_sasl_auth_enable = no
>smtpd_sasl_local_domain = $myhostname
>smtpd_tls_CAfile = /etc/postfix/cacert.pem
>smtpd_tls_cert_file = /etc/postfix/FOO-cert.pem
>smtpd_tls_key_file = /etc/postfix/FOO-key.pem
>smtpd_tls_received_header = yes
>smtpd_tls_session_cache_database = btree:/var/run/smtpd_tls_session_cache
>smtpd_use_tls = yes
>tls_random_source = dev:/dev/urandom
>transport_maps = hash:/etc/postfix/transport
>unknown_local_recipient_reject_code = 550
>
>
>
More information about the talk
mailing list