Dear ones, I got some error messages in my /var/log/ispconfig/ispconfig log about my mta postfix not being running in my master server. That's okay because my MTA server is not the master, but a secondary server doing postfix + dovecot and mysql mailboxes over it. [[root@web01:/var/log/ispconfig# /usr/local/ispconfig/server/server.sh 24.02.2016-15:35 - DEBUG - Set Lock: /usr/local/ispconfig/server/temp/.ispconfig_lock postqueue: warning: Mail system is down -- accessing queue directly It hangs there. My question is - whenever that error appears in ispconfig log, my JOBs hanged. Nothing gets updated anymore in my ISPCONFIG 3 install till I kill the proc and rm the lockfile manually. Should I keep running postfix into master server even without a MTA over it? Should I mark postfix for local delivery (non-internet site) ? Thank you all for reading! ----- repport bellow ---- cat htf_report.txt ##### SERVER ##### IP-address (as per hostname): ***.***.***.*** IP-address(es) (as per ifconfig): ***.***.***.***, ***.***.***.*** [INFO] ISPConfig is installed. ##### ISPCONFIG ##### ISPConfig version is 3.0.5.4p8 ##### VERSION CHECK ##### [INFO] php (cli) version is 5.4.45-0+deb7u2 [INFO] php-cgi (used for cgi php in default vhost!) is version 5.4.45-0+deb7u2 ##### PORT CHECK ##### [WARN] Port 143 (IMAP server) seems NOT to be listening [WARN] Port 993 (IMAP server SSL) seems NOT to be listening [WARN] Port 110 (POP3 server) seems NOT to be listening [WARN] Port 995 (POP3 server SSL) seems NOT to be listening [WARN] Port 25 (SMTP server) seems NOT to be listening [WARN] Port 465 (SMTP server SSL) seems NOT to be listening [WARN] Port 22 (SSH server) seems NOT to be listening [WARN] Port 25 (SMTP server) seems NOT to be listening ##### MAIL SERVER CHECK ##### [WARN] I found no "submission" entry in your postfix master.cf [INFO] this is not critical, but if you want to offer port 587 for smtp connections you have to enable this. [WARN] I found no "smtps" entry in your postfix master.cf [INFO] this is not critical, but if you want to offer SSL for smtp (not TLS) connections you have to enable this. ##### RUNNING SERVER PROCESSES ##### [INFO] I found the following web server(s): Apache 2 (PID 13701) [WARN] I could not determine which mail server is running. [WARN] I could not determine which pop3 server is running. [WARN] I could not determine which imap server is running. [INFO] I found the following ftp server(s): PureFTP (PID 16940) ##### LISTENING PORTS ##### (only () Local (Address) [localhost]:10024 (4256/amavisd-new) [anywhere]:3306 (13541/mysqld) [localhost]:11211 (3757/memcached) [anywhere]:111 (27098/rpcbind) [anywhere]:2255 (22964/sshd) [localhost]:783 (4139/spamd.pid) [anywhere]:21 (16940/pure-ftpd) ***.***.***.***:53 (14329/named) ***.***.***.***:53 (14329/named) [localhost]:53 (14329/named) [localhost]:953 (14329/named) [anywhere]:39777 (2763/rpc.statd) [anywhere]:10050 (29866/zabbix_agentd) *:*:*:*::*:40072 (2763/rpc.statd) [localhost]11 (27098/rpcbind) *:*:*:*::*:2255 (22964/sshd) *:*:*:*::*:8080 (13701/apache2) *:*:*:*::*:80 (13701/apache2) *:*:*:*::*:8081 (13701/apache2) *:*:*:*::*:21 (16940/pure-ftpd) *:*:*:*::*:53 (14329/named) *:*:*:*::*:953 (14329/named) *:*:*:*::*:443 (13701/apache2) [localhost]0050 (29866/zabbix_agentd) ##### IPTABLES ##### Chain INPUT (policy ACCEPT) target prot opt source destination fail2ban-ssh tcp -- [anywhere]/0 [anywhere]/0 multiport dports 22 Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain fail2ban-dovecot-pop3imap (0 references) target prot opt source destination Chain fail2ban-sasl (0 references) target prot opt source destination Chain fail2ban-ssh (1 references) target prot opt source destination RETURN all -- [anywhere]/0 [anywhere]/0
You should run an MTA on your web server so mail gets delivered somewhere (from web forms, system jobs, etc.); I don't know if postfix is required by ispconfig (ie. it makes postfix calls in the cronjob?), but it's a good choice if you have no preference otherwise. You could probably configure it with your mail server as a smarthost (you may or may not want to have it authenticate to your mail server; to do so, see https://www.howtoforge.com/postfix_relaying_through_another_mailserver ). Make sure you forward root to an email address that is checked (in /etc/aliases).
Totally makes sense - postfix is in place of "exim-sendmail-internal-stuff". I was taking too much hits with spammers attacking my server and I have stopped manually this MTA for it was not the External one.. but I had a bad feeling about this ... I should have followed em. LoL. I´ll try it and post the results. Thank you, Jesse! ;-)
