Postfix inaccessible de l'exterieur

**austriker** · 02/07/2009, 03h00

Bonjour,

Je suis bloque sur l'installation de postfix utilisant postgresql courier-pop, courier-imap courier-authdaemon
j'utilise postfix admin.
j'ai suivis 3 HOW to different mais toujours le meme probleme.
http://codepoets.co.uk/postfixadmin-...howto-tutorial
http://codepoets.co.uk/postfixadmin-...howto-tutorial
http://www.phpconcept.net/articles/a...e=05&section=9

En telnet localhost 25 jarrive a envoyer des messages.
En telnet localhost 110 je reçoit bien les messages.
dans les logs il n'y a pas d'erreur. (j'ai désactiver le tls car il y avait des probleme de configuration. je préfère faire étape par étape.)

les tls error:

Code :

Sélectionner tout - Visualiser dans une fenêtre à part

1
2
3
4
5
6
7
 
Jul  2 01:31:04 stock postfix/tlsmgr[27187]: warning: request to update table btree:/var/spool/postfix/smtpd_scache in non-postfix directory /var/spool/postfix
Jul  2 01:31:04 stock postfix/tlsmgr[27187]: warning: redirecting the request to postfix-owned data_directory /var/lib/postfix
Jul  2 01:31:04 stock postfix/smtpd[27185]: cannot load Certificate Authority data
Jul  2 01:31:04 stock postfix/smtpd[27185]: warning: TLS library problem: 27185:error:02001002:system library:fopen:No such file or directory:bss_file.c:122:fopen('/etc/postfix/tls/smtpd.pem','r'):
Jul  2 01:31:04 stock postfix/smtpd[27185]: warning: TLS library problem: 27185:error:2006D080:BIO routines:BIO_new_file:no such file:bss_file.c:125:
Jul  2 01:31:04 stock postfix/smtpd[27185]: warning: TLS library problem: 27185:error:0B084002:x509 certificate routines:X509_load_cert_crl_file:system lib:by_file.c:274:

j'arrive a récupérer mes mail sur thunderbird par pop3.kantasims.com
mais l'envoie par smtp est impossible.
connexion au telnet a distance impossible. "connexion echoué"
Lorsque j'envoie des email avec une autre adresse exterieur, le serveur ne le reçoit pas.

Je ne sais pas pourquoi aussi mais le dossier /etc/postfix/sasl/ était vide.

j'ai pas cherché a reinstaller spamassassin et autres vue que les e-mail n'arrivent pas.

j'ai fait pointer les nom de domaine smtp et pop3 sur le serveur.

les compte fonctionne les authifications aussi.

Merci d'avance

cordialement
austriker

voici mes configurations:

Code :

Sélectionner tout - Visualiser dans une fenêtre à part

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
 
##                  main.cf                   ##
 
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no
append_dot_mydomain = no
readme_directory = no
myhostname = ks32918.kimsufi.com
myorigin = /etc/mailname
mydestination = kantasims.com, ks32918.kimsufi.com, localhost.kimsufi.com, localhost
relayhost =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
inet_interfaces = all
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
smtpd_recipient_restrictions = 
	permit_mynetworks,
	permit_sasl_authenticated,
	reject_unauth_destination,
	reject_non_fqdn_hostname,
	reject_non_fqdn_sender,
	reject_non_fqdn_recipient,
	reject_unauth_pipelining,
	reject_invalid_hostname,
	reject_unknown_recipient_domain,
	reject_rbl_client	list.dsbl.org,
	reject_rbl_client	bl.spamcop.net,
	reject_rbl_client	sbl-xbl.spamhaus.org,
	reject_rbl_client	maxrabbit.net,
	reject_rbl_client	bofung.com.my,
	reject_rbl_client	godar.ir,
	reject_rbl_client	chetandalal.com,
	reject_rbl_client	vieclamvina.com,
	reject_rbl_client	saexplorers.org,
	reject_rbl_client	redwine.co.uk,
	reject_rbl_client	dinltda.com,
	reject_rbl_client	ctg.org.br
 
virtual_alias_maps = pgsql:/etc/postfix/pgsql/virtual-alias-maps.cf
virtual_mailbox_maps = pgsql:/etc/postfix/pgsql/virtual-mailbox-maps.cf
virtual_mailbox_domains = pgsql:/etc/postfix/pgsql/virtual-domains.cf
virtual_mailbox_base = /var/spool/vmail/
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
 
virtual_create_maildirsize = yes
virtual_mailbox_extended = yes
virtual_mailbox_limit_maps = pgsql:/etc/postfix/pgsql/virtual-mailbox-limit-maps.cf
virtual_mailbox_limit_override = yes
virtual_maildir_limit_message = "Desole, la boite email de l'utilisateur est pleine, essayez plus tard."
virtual_overquota_bounce = yes
 
relay_domain = pgsql:/etc/postfix/pgsql/relay-domains.cf
 
#TLS commenté car erreur dans les logs
#smtpd_use_tls = yes
#smtpd_tls_loglevel = 1
#smtpd_tls_session_cache_timeout = 3600
#smtpd_tls_cert_file = /etc/postfix/tls/smtpd.crt
#smtpd_tls_key_file = /etc/postfix/tls/smtpd.key
#smtpd_tls_CAfile = /etc/postfix/tls/smtpd.pem
#smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
#smtpd_tls_received_header = yes
#tls_random_source = dev:/dev/urandom
 
 
# Support Authentification SASL
smtpd_sasl_authenticated_header = yes
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
 
 
 
##          virtual-alias-maps.cf             ##
user             = postfix
password         = ********
dbname           = postfix
hosts            = localhost
query = SELECT goto FROM alias WHERE address='%s' AND active = true
 
 
##            virtual-domains.cf              ##
user        = postfix
password    = ********
dbname      = postfix
hosts       = localhost
query = SELECT domain FROM domain WHERE domain='%s' AND backupmx = false AND active = true
 
##          virtual-mailbox-maps.cf           ##
user      = postfix
password  = ********
dbname    = postfix
hosts     = localhost
query = SELECT maildir FROM mailbox WHERE username='%s' AND active = true
 
##       virtual-mailbox-limit-maps.cf        ##
user = postfix
password = ********
hosts = localhost
dbname = postfix
query = SELECT quota FROM mailbox WHERE username = '%s'
 
##              relay-domains.cf              ##
user            = postfix
password        = ********
dbname          = postfix
hosts           = localhost
query = SELECT domain FROM domain WHERE domain = '%s' AND backupmx = true
 
##              sasl/smtpd.conf               ##
sasl/smtpd.conf
pwcheck_method: saslauthd 
saslauthd_path: /var/run/saslauthd/mux
log_level: 3
mech_list: PLAIN LOGIN
 
##                 master.cf                  ##
 
pickup    fifo  n       -       -       60      1       pickup
cleanup   unix  n       -       -       -       0       cleanup
qmgr      fifo  n       -       n       300     1       qmgr
#qmgr     fifo  n       -       -       300     1       oqmgr
tlsmgr    unix  -       -       -       1000?   1       tlsmgr
rewrite   unix  -       -       -       -       -       trivial-rewrite
bounce    unix  -       -       -       -       0       bounce
defer     unix  -       -       -       -       0       bounce
trace     unix  -       -       -       -       0       bounce
verify    unix  -       -       -       -       1       verify
flush     unix  n       -       -       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
proxywrite unix -       -       n       -       1       proxymap
smtp      unix  -       -       -       -       -       smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
relay     unix  -       -       -       -       -       smtp
        -o smtp_fallback_relay=
#       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq     unix  n       -       -       -       -       showq
error     unix  -       -       -       -       -       error
retry     unix  -       -       -       -       -       error
discard   unix  -       -       -       -       -       discard
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       -       -       -       lmtp
anvil     unix  -       -       -       -       1       anvil
scache    unix  -       -       -       -       1       scache
25        inet  n       -       n       -       -       smtpd ## j'ai rajouté cette ligne. mais aucune difference
 
maildrop  unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
uucp      unix  -       n       n       -       -       pipe
  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail    unix  -       n       n       -       -       pipe
  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp     unix  -       n       n       -       -       pipe
  flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix  -       n       n       -       2       pipe
  flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman   unix  -       n       n       -       -       pipe
  flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
  ${nexthop} ${user}
 
# authpgsqlrc
PGSQL_HOST        localhost
PGSQL_PORT        5432
PGSQL_USERNAME    postfix
PGSQL_PASSWORD    something
PGSQL_DATABASE    postfix
PGSQL_USER_TABLE  mailbox
PGSQL_CRYPT_PWFIELD password
PGSQL_UID_FIELD   '5000'
PGSQL_GID_FIELD   '5000'
PGSQL_LOGIN_FIELD username
PGSQL_HOME_FIELD  '/var/mail/vmail'
PGSQL_NAME_FIELD  name
PGSQL_MAILDIR_FIELD maildir
PGSQL_QUOTA_FIELD quota
 
et authmodulelist="authpgsql" 
 
 
#/etc/default/saslauthd
MECHANISMS="rimap"
THREADS=5
OPTIONS="-r -c -O localhost -m /var/spool/postfix/var/run/saslauthd"
 
#/etc/postfix/sasl/smtpd.conf
pwcheck_method: saslauthd 
saslauthd_path: /var/run/saslauthd/mux
log_level: 3
mech_list: PLAIN LOGIN

**deny** · 02/07/2009, 07h02

salut
la ligne relayhost est vide chez toi
exemple pour mon serveur :

Code :

Sélectionner tout - Visualiser dans une fenêtre à part

relayhost = smtp.numericable.fr

**austriker** · 02/07/2009, 12h58

Bon j'ai rajouté le 587. la connexion fonctionne. j'ai repare le probleme de connexion tls. il manquait des certificat. j'ai pas encore essayé sasl.

Code :

Sélectionner tout - Visualiser dans une fenêtre à part

1
2
3
4
5
6
7
8
9
10
11
12
smtp_tls_CAfile = /etc/postfix/tls/demoCA/cacert.pem
smtp_tls_cert_file = /etc/postfix/tls/FOO-cert.pem
smtp_tls_key_file = /etc/postfix/tls/FOO-key.pem
smtp_tls_session_cache_database = btree:/var/lib/postfix/smtp_tls_session_cache
smtp_use_tls = yes
smtpd_tls_CAfile = /etc/postfix/tls/demoCA/cacert.pem
smtpd_tls_cert_file = /etc/postfix/tls/FOO-cert.pem
smtpd_tls_key_file = /etc/postfix/tls/FOO-key.pem
smtpd_tls_received_header = yes
smtpd_tls_session_cache_database = btree:/var/lib/postfix/smtpd_tls_session_cache
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom

la connexion pop3 fonctionne.
Mais il reste un probleme sur le smtp.
le mail est envoyé lorsque c'est une adresse local @mondomaine.com
il reste lent a l'envoie et j'obtiens des warnings.
et après je les reçois en pop3.

Code :

Sélectionner tout - Visualiser dans une fenêtre à part

1
2
Jul  2 12:31:48 stock postfix/smtpd[24501]: warning: 131.90.205.86.list.dsbl.org: RBL lookup error: Host or domain name not found. Name service error for name=131.90.205.86.list.dsbl.org type=A: Host not found, try again
Jul  2 12:31:50 stock postfix/smtpd[24501]: warning: 131.90.205.86.dinltda.com: RBL lookup error: Host or domain name not found. Name service error for name=131.90.205.86.dinltda.com type=A: Host not found, try again