Discussion:
Problem with Postfix on Ubuntu 14
(too old to reply)
p***@gmail.com
2016-03-18 14:18:57 UTC
Permalink
I have set up a simple postfix on Ubuntu 14. It works fine when sending mail using 'mail' from the command line. However when I send from python on the same server, I get

match_hostname: mail4.exploreXXXX.com ~? 127.0.0.0/8

match_hostaddr: 104.153.210.XXX ~? 127.0.0.0/8

match_hostname: mail4.exploreXXXX.com ~? [::ffff:127.0.0.0]/104

match_hostaddr: 104.153.210.XXX ~? [::ffff:127.0.0.0]/104

match_hostname: mail4.exploreXXXX.com ~? [::1]/128

match_hostaddr: 104.153.210.XXX ~? [::1]/128

match_hostname: mail4.exploreXXXX.com ~? 104.153.210.0/24

match_hostaddr: 104.153.210.XXX ~? 104.153.210.0/24

lost connection after EHLO from mail4.exploreXXXX.com[104.153.210.XXX]

I use the default main.cf with this at the end

smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination

myhostname = mail4.exploreXXXX.com

alias_maps = hash:/etc/aliases

alias_database = hash:/etc/aliasesmyorigin = /etc/mailname

mydestination = mail4.explorejazz.com, localhost.explorejazz.com, , localhost

relayhost =

mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 104.153.210.0/24

mailbox_command = procmail -a "$EXTENSION"

mailbox_size_limit = 0

recipient_delimiter = +

inet_interfaces = all

inet_protocols = all

I have done a lot of googling with no luck Is this something anyone can help with.

Thanks Peter
d***@gmail.com
2016-03-20 18:03:07 UTC
Permalink
Post by p***@gmail.com
I have set up a simple postfix on Ubuntu 14. It works fine when sending mail using 'mail' from the command line. However when I send from python on the same server, I get
match_hostname: mail4.exploreXXXX.com ~? 127.0.0.0/8
match_hostaddr: 104.153.210.XXX ~? 127.0.0.0/8
match_hostname: mail4.exploreXXXX.com ~? [::ffff:127.0.0.0]/104
match_hostaddr: 104.153.210.XXX ~? [::ffff:127.0.0.0]/104
match_hostname: mail4.exploreXXXX.com ~? [::1]/128
match_hostaddr: 104.153.210.XXX ~? [::1]/128
match_hostname: mail4.exploreXXXX.com ~? 104.153.210.0/24
match_hostaddr: 104.153.210.XXX ~? 104.153.210.0/24
lost connection after EHLO from mail4.exploreXXXX.com[104.153.210.XXX]
I use the default main.cf with this at the end
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
myhostname = mail4.exploreXXXX.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliasesmyorigin = /etc/mailname
mydestination = mail4.explorejazz.com, localhost.explorejazz.com, , localhost
relayhost =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 104.153.210.0/24
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all
I have done a lot of googling with no luck Is this something anyone can help with.
Thanks Peter
Hi

If postfix had to stop the dialog because of the mynetworks rules, the log wouln't have been "lost connection after EHLO".

It looks like a client side issue. Do you enforce the use of TLS or STARTTLS ?

Regards

Victor
p***@gmail.com
2016-03-29 11:19:04 UTC
Permalink
Thanks for getting involved Victor

here is what I have for TLS.

# TLS parameters
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
p***@gmail.com
2016-03-29 11:23:33 UTC
Permalink
following on, I see that
ssl-cert-snakeoil.pem

is not present, so maybe this is the cause of my problems.
I will look into this and report back.
Peter
d***@gmail.com
2016-03-29 20:38:52 UTC
Permalink
Post by p***@gmail.com
I have set up a simple postfix on Ubuntu 14. It works fine when sending mail using 'mail' from the command line. However when I send from python on the same server, I get
match_hostname: mail4.exploreXXXX.com ~? 127.0.0.0/8
match_hostaddr: 104.153.210.XXX ~? 127.0.0.0/8
match_hostname: mail4.exploreXXXX.com ~? [::ffff:127.0.0.0]/104
match_hostaddr: 104.153.210.XXX ~? [::ffff:127.0.0.0]/104
match_hostname: mail4.exploreXXXX.com ~? [::1]/128
match_hostaddr: 104.153.210.XXX ~? [::1]/128
match_hostname: mail4.exploreXXXX.com ~? 104.153.210.0/24
match_hostaddr: 104.153.210.XXX ~? 104.153.210.0/24
lost connection after EHLO from mail4.exploreXXXX.com[104.153.210.XXX]
I use the default main.cf with this at the end
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
myhostname = mail4.exploreXXXX.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliasesmyorigin = /etc/mailname
mydestination = mail4.explorejazz.com, localhost.explorejazz.com, , localhost
relayhost =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 104.153.210.0/24
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all
I have done a lot of googling with no luck Is this something anyone can help with.
Thanks Peter
Hi

Using TLS is not trivial.
You have to set up a small PKI with, at less, an autosigned or commercial CA to certify your postfix server. Default tls paraters are just exemples.

You can also replace smtpd_use_tls=yes by smtpd_use_tls=may or no if you want to disable encryption for smtpd service (SMTP over TLS on port 465 and STARTTLS with SMTP on port 25).

To use server-side TLS you need to generate first the private and public RSA key of the CA and generate the certificate of the CA (smtpd_tls_cert_file) with itself or a commercial one. A certificate always contains the public key and is signed with the private key. Then generate the private (smtpd_tls_key_file) and public RSA key of the server. Finaly sign the server certificate with the CA key.

Remember "smtpd" is to receive incoming smtp requests and "smtp" (without the d) is for outcoming requests.


Regards
Victor

Loading...