Ispconfig on Raspberry Email Problem

Discussion in 'Installation/Configuration' started by whazza83, Sep 3, 2022.

  1. whazza83

    whazza83 New Member

    Hello, after a long time back and forth I managed to install Ispconfig manually because the AutoInstaller unfortunately didn't work with the Raspberry.

    With the instructions:
    The Perfect Server - Debian 10 (Buster) with Apache, BIND, Dovecot, PureFTPD and ISPConfig 3.2

    The only thing I changed there was the PHP version instead of 7.3 I took 7.4.

    Everything works except for sending and receiving emails.

    This is in the email queue:
    Code:
    -Queue ID-  --Size-- ----Arrival Time---- -Sender/Recipient-------
    0F8ED3A17F3     558 Fri Sep  2 16:31:26  [email protected]
    (host 127.0.0.1[127.0.0.1] said: 451 4.5.0 id=136105-01 - Temporary MTA failure on relaying, From MTA() during fwd-connect (All attempts (1) failed connecting to smtp:127.0.0.1:*): id=136105-01 (in reply to end of DATA command))
                                             [email protected]
    I got a domain from Strato that I entered in my FritzBox router via Dynamic DNS. (Works without problems)
    The server runs on my Raspberry Pi 4 with 8GB with Debian 11 (Raspi OS)
    In the FritzBox I have released all ports that are required.
    But still the email sending/receiving does not work.

    /var/log/mail.warn
    Code:
    Sep  3 00:03:03 whazzza amavis[883]: (00883-05) (!)connect to 127.0.0.1:* failed, attempt #1: Can't connect to socket 127.0.0.1:* using module IO::Socket::IP: Connection refused
    Sep  3 00:03:03 whazzza amavis[883]: (00883-05) (!)uWd7DeVkEvef FWD from <[email protected]> -> <[email protected]>,  451 4.5.0 From MTA() during fwd-connect (All attempts (1) failed connecting to smtp:127.0.0.1:*): id=00883-05
    Sep  3 00:58:03 whazzza amavis[884]: (00884-05) (!)connect to 127.0.0.1:* failed, attempt #1: Can't connect to socket 127.0.0.1:* using module IO::Socket::IP: Connection refused
    Sep  3 00:58:03 whazzza amavis[884]: (00884-05) (!)SsJhyyfknJj8 FWD from <[email protected]> -> <[email protected]>,  451 4.5.0 From MTA() during fwd-connect (All attempts (1) failed connecting to smtp:127.0.0.1:*): id=00884-05
    Sep  3 01:13:03 whazzza amavis[883]: (00883-06) (!)connect to 127.0.0.1:* failed, attempt #1: Can't connect to socket 127.0.0.1:* using module IO::Socket::IP: Connection refused
    Sep  3 01:13:03 whazzza amavis[883]: (00883-06) (!)mZ3azz_ppeE2 FWD from <[email protected]> -> <[email protected]>,  451 4.5.0 From MTA() during fwd-connect (All attempts (1) failed connecting to smtp:127.0.0.1:*): id=00883-06
    Sep  3 02:08:03 whazzza amavis[884]: (00884-06) (!)connect to 127.0.0.1:* failed, attempt #1: Can't connect to socket 127.0.0.1:* using module IO::Socket::IP: Connection refused
    Sep  3 02:08:03 whazzza amavis[884]: (00884-06) (!)HmhOvNeCZIod FWD from <[email protected]> -> <[email protected]>,  451 4.5.0 From MTA() during fwd-connect (All attempts (1) failed connecting to smtp:127.0.0.1:*): id=00884-06
    Sep  3 02:23:03 whazzza amavis[883]: (00883-07) (!)connect to 127.0.0.1:* failed, attempt #1: Can't connect to socket 127.0.0.1:* using module IO::Socket::IP: Connection refused
    Sep  3 02:23:03 whazzza amavis[883]: (00883-07) (!)Xm650-Zyra43 FWD from <[email protected]> -> <[email protected]>,  451 4.5.0 From MTA() during fwd-connect (All attempts (1) failed connecting to smtp:127.0.0.1:*): id=00883-07
    Sep  3 02:49:14 whazzza amavis[884]: (00884-07) (!)connect to 127.0.0.1:* failed, attempt #1: Can't connect to socket 127.0.0.1:* using module IO::Socket::IP: Connection refused
    Sep  3 02:49:14 whazzza amavis[884]: (00884-07) (!)uzJq43XUHKdh FWD from <[email protected]> -> <[email protected]>,  451 4.5.0 From MTA() during fwd-connect (All attempts (1) failed connecting to smtp:127.0.0.1:*): id=00884-07
    Sep  3 02:49:14 whazzza amavis[883]: (00883-08) (!)connect to 127.0.0.1:* failed, attempt #1: Can't connect to socket 127.0.0.1:* using module IO::Socket::IP: Connection refused
    Sep  3 02:49:14 whazzza amavis[883]: (00883-08) (!)LPz8Y0EQi2th FWD from <[email protected]> -> <[email protected]>,  451 4.5.0 From MTA() during fwd-connect (All attempts (1) failed connecting to smtp:127.0.0.1:*): id=00883-08
    Sep  3 03:29:11 whazzza postfix/smtpd[148071]: warning: ec2-54-165-171-190.compute-1.amazonaws.com[54.165.171.190]: SASL NTLM authentication failed: Invalid authentication mechanism
    Sep  3 03:58:03 whazzza amavis[884]: (00884-08) (!)connect to 127.0.0.1:* failed, attempt #1: Can't connect to socket 127.0.0.1:* using module IO::Socket::IP: Connection refused
    Sep  3 03:58:03 whazzza amavis[884]: (00884-08) (!)HIyXMC-yUSAK FWD from <[email protected]> -> <[email protected]>,  451 4.5.0 From MTA() during fwd-connect (All attempts (1) failed connecting to smtp:127.0.0.1:*): id=00884-08
    Sep  3 03:58:04 whazzza amavis[883]: (00883-09) (!)connect to 127.0.0.1:* failed, attempt #1: Can't connect to socket 127.0.0.1:* using module IO::Socket::IP: Connection refused
    Sep  3 03:58:04 whazzza amavis[883]: (00883-09) (!)yaQgbz_r3C3E FWD from <[email protected]> -> <[email protected]>,  451 4.5.0 From MTA() during fwd-connect (All attempts (1) failed connecting to smtp:127.0.0.1:*): id=00883-09
    Sep  3 04:35:56 whazzza postfix/smtpd[152286]: warning: hostname zg-0829f-112.stretchoid.com does not resolve to address 192.241.216.113: No address associated with hostname
    Sep  3 05:08:03 whazzza amavis[884]: (00884-09) (!)connect to 127.0.0.1:* failed, attempt #1: Can't connect to socket 127.0.0.1:* using module IO::Socket::IP: Connection refused
    Sep  3 05:08:03 whazzza amavis[884]: (00884-09) (!)Dj-riY8htC8Y FWD from <[email protected]> -> <[email protected]>,  451 4.5.0 From MTA() during fwd-connect (All attempts (1) failed connecting to smtp:127.0.0.1:*): id=00884-09
    Sep  3 05:08:03 whazzza amavis[883]: (00883-10) (!)connect to 127.0.0.1:* failed, attempt #1: Can't connect to socket 127.0.0.1:* using module IO::Socket::IP: Connection refused
    Sep  3 05:08:03 whazzza amavis[883]: (00883-10) (!)8iYQD7IFp852 FWD from <[email protected]> -> <[email protected]>,  451 4.5.0 From MTA() during fwd-connect (All attempts (1) failed connecting to smtp:127.0.0.1:*): id=00883-10
    Sep  3 06:18:03 whazzza amavis[883]: (00883-11) (!)connect to 127.0.0.1:* failed, attempt #1: Can't connect to socket 127.0.0.1:* using module IO::Socket::IP: Connection refused
    Sep  3 06:18:03 whazzza amavis[883]: (00883-11) (!)cuL3D42PAASU FWD from <[email protected]> -> <[email protected]>,  451 4.5.0 From MTA() during fwd-connect (All attempts (1) failed connecting to smtp:127.0.0.1:*): id=00883-11
    Sep  3 06:18:03 whazzza amavis[884]: (00884-10) (!)connect to 127.0.0.1:* failed, attempt #1: Can't connect to socket 127.0.0.1:* using module IO::Socket::IP: Connection refused
    Sep  3 06:18:03 whazzza amavis[884]: (00884-10) (!)i_NGAJ8TwJ_C FWD from <[email protected]> -> <[email protected]>,  451 4.5.0 From MTA() during fwd-connect (All attempts (1) failed connecting to smtp:127.0.0.1:*): id=00884-10
    Sep  3 07:03:37 whazzza postfix/smtps/smtpd[160990]: warning: hostname zg-0829f-197.stretchoid.com does not resolve to address 192.241.219.83: No address associated with hostname
    Sep  3 07:03:37 whazzza postfix/smtps/smtpd[160990]: warning: TLS library problem: error:1408F10B:SSL routines:ssl3_get_record:wrong version number:../ssl/record/ssl3_record.c:331:
    Sep  3 07:20:59 whazzza postfix/smtps/smtpd[161847]: warning: hostname zg-0829a-155.stretchoid.com does not resolve to address 192.241.196.109: No address associated with hostname
    Sep  3 07:20:59 whazzza postfix/smtps/smtpd[161847]: warning: TLS library problem: error:1408F10B:SSL routines:ssl3_get_record:wrong version number:../ssl/record/ssl3_record.c:331:
    Sep  3 07:28:04 whazzza amavis[884]: (00884-11) (!)connect to 127.0.0.1:* failed, attempt #1: Can't connect to socket 127.0.0.1:* using module IO::Socket::IP: Connection refused
    Sep  3 07:28:04 whazzza amavis[884]: (00884-11) (!)NKk7nv9ZoMRG FWD from <[email protected]> -> <[email protected]>,  451 4.5.0 From MTA() during fwd-connect (All attempts (1) failed connecting to smtp:127.0.0.1:*): id=00884-11
    Sep  3 07:28:04 whazzza amavis[883]: (00883-12) (!)connect to 127.0.0.1:* failed, attempt #1: Can't connect to socket 127.0.0.1:* using module IO::Socket::IP: Connection refused
    Sep  3 07:28:04 whazzza amavis[883]: (00883-12) (!)dXgqEGz_IpYx FWD from <[email protected]> -> <[email protected]>,  451 4.5.0 From MTA() during fwd-connect (All attempts (1) failed connecting to smtp:127.0.0.1:*): id=00883-12
    Sep  3 08:17:11 whazzza postfix/smtpd[165079]: warning: hostname security.criminalip.com does not resolve to address 94.102.61.22
    Sep  3 08:38:03 whazzza amavis[883]: (00883-13) (!)connect to 127.0.0.1:* failed, attempt #1: Can't connect to socket 127.0.0.1:* using module IO::Socket::IP: Connection refused
    Sep  3 08:38:03 whazzza amavis[883]: (00883-13) (!)IyPU7fXUz4Y3 FWD from <[email protected]> -> <[email protected]>,  451 4.5.0 From MTA() during fwd-connect (All attempts (1) failed connecting to smtp:127.0.0.1:*): id=00883-13
    Sep  3 08:38:03 whazzza amavis[884]: (00884-12) (!)connect to 127.0.0.1:* failed, attempt #1: Can't connect to socket 127.0.0.1:* using module IO::Socket::IP: Connection refused
    Sep  3 08:38:03 whazzza amavis[884]: (00884-12) (!)seesff05o_Zk FWD from <[email protected]> -> <[email protected]>,  451 4.5.0 From MTA() during fwd-connect (All attempts (1) failed connecting to smtp:127.0.0.1:*): id=00884-12
    Sep  3 08:51:32 whazzza postfix/submission/smtpd[166649]: warning: hostname zg-0829c-145.stretchoid.com does not resolve to address 192.241.208.171: No address associated with hostname
    Sep  3 09:19:03 whazzza postfix/smtps/smtpd[168525]: warning: TLS library problem: error:1408F09C:SSL routines:ssl3_get_record:http request:../ssl/record/ssl3_record.c:321:
    Sep  3 09:24:22 whazzza postfix/smtps/smtpd[168709]: warning: TLS library problem: error:1408F10B:SSL routines:ssl3_get_record:wrong version number:../ssl/record/ssl3_record.c:331:
    Sep  3 09:26:33 whazzza postfix/smtps/smtpd[168709]: warning: TLS library problem: error:142090C1:SSL routines:tls_early_post_process_client_hello:no shared cipher:../ssl/statem/statem_srvr.c:1779:
    Sep  3 09:26:35 whazzza postfix/smtps/smtpd[168709]: warning: TLS library problem: error:141CF06C:SSL routines:tls_parse_ctos_key_share:bad key share:../ssl/statem/extensions_srvr.c:697:
    Sep  3 09:37:25 whazzza postfix/submission/smtpd[169334]: warning: hostname zg-0829g-75.stretchoid.com does not resolve to address 192.241.220.139: No address associated with hostname
    Sep  3 09:48:03 whazzza amavis[883]: (00883-14) (!)connect to 127.0.0.1:* failed, attempt #1: Can't connect to socket 127.0.0.1:* using module IO::Socket::IP: Connection refused
    Sep  3 09:48:03 whazzza amavis[883]: (00883-14) (!)15zXF9jAsG-q FWD from <[email protected]> -> <[email protected]>,  451 4.5.0 From MTA() during fwd-connect (All attempts (1) failed connecting to smtp:127.0.0.1:*): id=00883-14
    Sep  3 09:48:03 whazzza amavis[884]: (00884-13) (!)connect to 127.0.0.1:* failed, attempt #1: Can't connect to socket 127.0.0.1:* using module IO::Socket::IP: Connection refused
    Sep  3 09:48:03 whazzza amavis[884]: (00884-13) (!)vgVM8rZUmz6J FWD from <[email protected]> -> <[email protected]>,  451 4.5.0 From MTA() during fwd-connect (All attempts (1) failed connecting to smtp:127.0.0.1:*): id=00884-13
    Sep  3 10:58:03 whazzza amavis[884]: (00884-14) (!)connect to 127.0.0.1:* failed, attempt #1: Can't connect to socket 127.0.0.1:* using module IO::Socket::IP: Connection refused
    Sep  3 10:58:03 whazzza amavis[884]: (00884-14) (!)1bF76ju9GvLr FWD from <[email protected]> -> <[email protected]>,  451 4.5.0 From MTA() during fwd-connect (All attempts (1) failed connecting to smtp:127.0.0.1:*): id=00884-14
    Sep  3 10:58:03 whazzza amavis[883]: (00883-15) (!)connect to 127.0.0.1:* failed, attempt #1: Can't connect to socket 127.0.0.1:* using module IO::Socket::IP: Connection refused
    Sep  3 10:58:03 whazzza amavis[883]: (00883-15) (!)nCa9-gTt-r7Q FWD from <[email protected]> -> <[email protected]>,  451 4.5.0 From MTA() during fwd-connect (All attempts (1) failed connecting to smtp:127.0.0.1:*): id=00883-15
    Sep  3 12:08:03 whazzza amavis[884]: (00884-15) (!)connect to 127.0.0.1:* failed, attempt #1: Can't connect to socket 127.0.0.1:* using module IO::Socket::IP: Connection refused
    Sep  3 12:08:03 whazzza amavis[884]: (00884-15) (!)82KytUuLRe0F FWD from <[email protected]> -> <[email protected]>,  451 4.5.0 From MTA() during fwd-connect (All attempts (1) failed connecting to smtp:127.0.0.1:*): id=00884-15
    Sep  3 12:08:03 whazzza amavis[883]: (00883-16) (!)connect to 127.0.0.1:* failed, attempt #1: Can't connect to socket 127.0.0.1:* using module IO::Socket::IP: Connection refused
    Sep  3 12:08:03 whazzza amavis[883]: (00883-16) (!)3XYSp5mKQ86D FWD from <[email protected]> -> <[email protected]>,  451 4.5.0 From MTA() during fwd-connect (All attempts (1) failed connecting to smtp:127.0.0.1:*): id=00883-16
    Sep  3 12:53:13 whazzza amavis[884]: (00884-16) (!)connect to 127.0.0.1:* failed, attempt #1: Can't connect to socket 127.0.0.1:* using module IO::Socket::IP: Connection refused
    Sep  3 12:53:13 whazzza amavis[884]: (00884-16) (!)nL95cA4kglgr FWD from <[email protected]> -> <[email protected]>,  451 4.5.0 From MTA() during fwd-connect (All attempts (1) failed connecting to smtp:127.0.0.1:*): id=00884-16
    Sep  3 12:53:14 whazzza amavis[883]: (00883-17) (!)connect to 127.0.0.1:* failed, attempt #1: Can't connect to socket 127.0.0.1:* using module IO::Socket::IP: Connection refused
    Sep  3 12:53:14 whazzza amavis[883]: (00883-17) (!)J5JctunVNSeu FWD from <[email protected]> -> <[email protected]>,  451 4.5.0 From MTA() during fwd-connect (All attempts (1) failed connecting to smtp:127.0.0.1:*): id=00883-17
    Sep  3 13:32:06 whazzza postfix/postfix-script[1547]: warning: symlink leaves directory: /etc/postfix/./smtpd.key
    Sep  3 13:32:06 whazzza postfix/postfix-script[1550]: warning: symlink leaves directory: /etc/postfix/./smtpd.cert
    Sep  3 14:46:08 whazzza dovecot: master: Warning: Killed with signal 15 (by pid=4618 uid=0 code=kill)
    Sep  3 14:46:31 whazzza postfix/postfix-script[1387]: warning: symlink leaves directory: /etc/postfix/./smtpd.key
    Sep  3 14:46:31 whazzza postfix/postfix-script[1390]: warning: symlink leaves directory: /etc/postfix/./smtpd.cert
    Sep  3 14:48:49 whazzza postfix/trivial-rewrite[1682]: warning: do not list domain whazzza.de in BOTH mydestination and virtual_mailbox_domains
    Sep  3 14:48:49 whazzza postfix/trivial-rewrite[1682]: warning: do not list domain whazzza.de in BOTH mydestination and virtual_mailbox_domains
    Sep  3 14:48:50 whazzza amavis[976]: (00976-01) (!)connect to 127.0.0.1:* failed, attempt #1: Can't connect to socket 127.0.0.1:* using module IO::Socket::IP: Connection refused
    Sep  3 14:48:50 whazzza amavis[976]: (00976-01) (!)wfslQMH-lI2x FWD from <[email protected]> -> <[email protected]>,  451 4.5.0 From MTA() during fwd-connect (All attempts (1) failed connecting to smtp:127.0.0.1:*): id=00976-01
    Sep  3 15:04:20 whazzza postfix/postfix-script[3065]: warning: symlink leaves directory: /etc/postfix/./smtpd.key
    Sep  3 15:04:20 whazzza postfix/postfix-script[3068]: warning: symlink leaves directory: /etc/postfix/./smtpd.cert
    Sep  3 15:46:49 whazzza postfix/postfix-script[1411]: warning: symlink leaves directory: /etc/postfix/./smtpd.key
    Sep  3 15:46:49 whazzza postfix/postfix-script[1414]: warning: symlink leaves directory: /etc/postfix/./smtpd.cert
    Sep  3 15:47:57 whazzza postfix/postfix-script[1514]: warning: symlink leaves directory: /etc/postfix/./smtpd.key
    Sep  3 15:47:57 whazzza postfix/postfix-script[1517]: warning: symlink leaves directory: /etc/postfix/./smtpd.cert
    Sorry for the bad englisch! :(
     
  2. Th0m

    Th0m ISPConfig Developer Staff Member ISPConfig Developer

    Can you share your Postfix config?
     
  3. whazza83

    whazza83 New Member

    Code:
    # See /usr/share/postfix/main.cf.dist for a commented, more complete version
    
    
    # Debian specific:  Specifying a file name will cause the first
    # line of that file to be used as the name.  The Debian default
    # is /etc/mailname.
    #myorigin = /etc/mailname
    
    smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
    biff = no
    
    # appending .domain is the MUA's job.
    append_dot_mydomain = no
    
    # Uncomment the next line to generate "delayed mail" warnings
    #delay_warning_time = 4h
    
    readme_directory = /usr/share/doc/postfix
    
    # See http://www.postfix.org/COMPATIBILITY_README.html -- default to 2 on
    # fresh installs.
    compatibility_level = 2
    
    
    
    # TLS parameters
    smtpd_tls_cert_file = /etc/postfix/smtpd.cert
    smtpd_tls_key_file = /etc/postfix/smtpd.key
    smtpd_tls_security_level = may
    
    smtp_tls_CApath=/etc/ssl/certs
    smtp_tls_security_level = dane
    smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
    
    
    smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
    myhostname = whazzza.de
    alias_maps = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
    alias_database = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
    myorigin = /etc/mailname
    mydestination = whazzza.de, localhost, localhost.localdomain
    relayhost =
    mynetworks = 127.0.0.0/8 [::1]/128
    mailbox_size_limit = 0
    recipient_delimiter = +
    inet_interfaces = all
    inet_protocols = all
    html_directory = /usr/share/doc/postfix/html
    virtual_alias_domains = proxy:mysql:/etc/postfix/mysql-virtual_alias_domains.cf
    virtual_alias_maps = hash:/var/lib/mailman/data/virtual-mailman, proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, proxy:mysql:/etc/postfix/mysql-virtual_alias_maps.cf, proxy:mysql:/etc/postfix/mysql-virtual_email2email.cf
    virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
    virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
    virtual_mailbox_base = /var/vmail
    virtual_uid_maps = proxy:mysql:/etc/postfix/mysql-virtual_uids.cf
    virtual_gid_maps = proxy:mysql:/etc/postfix/mysql-virtual_gids.cf
    sender_bcc_maps = proxy:mysql:/etc/postfix/mysql-virtual_outgoing_bcc.cf
    smtpd_sasl_auth_enable = yes
    broken_sasl_auth_clients = yes
    smtpd_sasl_authenticated_header = yes
    smtpd_restriction_classes = greylisting
    greylisting = check_policy_service inet:127.0.0.1:10023
    smtpd_recipient_restrictions = permit_mynetworks, reject_unknown_recipient_domain, reject_unlisted_recipient, check_recipient_access proxy:mysql:/etc/postfix/mysql-verify_recipients.cf, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_unauth_destination, check_recipient_access proxy:mysql:/etc/postfix/mysql-virtual_recipient.cf, check_recipient_access mysql:/etc/postfix/mysql-virtual_policy_greylist.cf, check_policy_service unix:private/quota-status
    smtpd_use_tls = yes
    transport_maps = hash:/var/lib/mailman/data/transport-mailman, proxy:mysql:/etc/postfix/mysql-virtual_transports.cf
    relay_domains = proxy:mysql:/etc/postfix/mysql-virtual_relaydomains.cf
    relay_recipient_maps = proxy:mysql:/etc/postfix/mysql-virtual_relayrecipientmaps.cf
    smtpd_sender_login_maps = proxy:mysql:/etc/postfix/mysql-virtual_sender_login_maps.cf
    proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $sender_bcc_maps $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $smtpd_sender_login_maps $virtual_uid_maps $virtual_gid_maps $smtpd_client_restrictions $smtpd_sender_restrictions $smtpd_recipient_restrictions $smtp_sasl_password_maps $sender_dependent_relayhost_maps
    smtpd_helo_required = yes
    smtpd_helo_restrictions = permit_mynetworks, check_helo_access regexp:/etc/postfix/helo_access, permit_sasl_authenticated, reject_invalid_helo_hostname, reject_non_fqdn_helo_hostname, check_helo_access regexp:/etc/postfix/blacklist_helo, ,reject_unknown_helo_hostname, permit
    smtpd_sender_restrictions = check_sender_access regexp:/etc/postfix/tag_as_originating.re, permit_mynetworks, check_sender_access proxy:mysql:/etc/postfix/mysql-virtual_sender.cf,  permit_sasl_authenticated, reject_non_fqdn_sender, reject_unlisted_sender, check_sender_access regexp:/etc/postfix/tag_as_foreign.re
    smtpd_reject_unlisted_sender = no
    smtpd_client_restrictions = check_client_access proxy:mysql:/etc/postfix/mysql-virtual_client.cf, permit_inet_interfaces, permit_mynetworks, permit_sasl_authenticated, reject_rbl_client zen.spamhaus.org, reject_unauth_pipelining , permit
    smtpd_etrn_restrictions = permit_mynetworks, reject
    smtpd_data_restrictions = permit_mynetworks, reject_unauth_pipelining, reject_multi_recipient_bounce, permit
    smtpd_client_message_rate_limit = 100
    maildrop_destination_concurrency_limit = 1
    maildrop_destination_recipient_limit = 1
    virtual_transport = lmtp:unix:private/dovecot-lmtp
    header_checks = regexp:/etc/postfix/header_checks
    mime_header_checks = regexp:/etc/postfix/mime_header_checks
    nested_header_checks = regexp:/etc/postfix/nested_header_checks
    body_checks = regexp:/etc/postfix/body_checks
    owner_request_special = no
    smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
    smtpd_tls_protocols = !SSLv2,!SSLv3
    smtp_tls_protocols = !SSLv2,!SSLv3
    smtpd_tls_exclude_ciphers = RC4, aNULL
    smtp_tls_exclude_ciphers = RC4, aNULL
    smtpd_tls_mandatory_ciphers = medium
    tls_medium_cipherlist = ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA
    tls_preempt_cipherlist = yes
    address_verify_negative_refresh_time = 60s
    enable_original_recipient = no
    sender_dependent_relayhost_maps = proxy:mysql:/etc/postfix/mysql-virtual_sender-relayhost.cf
    smtp_sasl_password_maps = proxy:mysql:/etc/postfix/mysql-virtual_sender-relayauth.cf, texthash:/etc/postfix/sasl_passwd
    smtp_sender_dependent_authentication = yes
    smtp_sasl_auth_enable = yes
    smtp_sasl_security_options = noanonymous, noplaintext
    smtp_sasl_tls_security_options = noanonymous
    authorized_flush_users =
    authorized_mailq_users = nagios, icinga
    smtpd_forbidden_commands = CONNECT,GET,POST,USER,PASS
    address_verify_sender_ttl = 15686s
    smtp_dns_support_level = dnssec
    dovecot_destination_recipient_limit = 1
    smtpd_sasl_type = dovecot
    smtpd_sasl_path = private/auth
    address_verify_virtual_transport = smtp:[127.0.0.1]:10025
    address_verify_transport_maps = static:smtp:[127.0.0.1]:10025
    receive_override_options = no_address_mappings
    content_filter = lmtp:[127.0.0.1]:10024
    message_size_limit = 0
    
     
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    Which command line options did you use for the auto-installer? There are known issues when you force the auto installer to use amavis, but amavis should not be used anymore anyway. And as long as you use Rspamd, which is the default, there are no issues.

    If you have used amavis option manually in auto-installer, then you can try this: Go to system > server config > mail in ISPConfig, there choose Rspamd as spam filter, press save, switch back to amavis and press save.
     
  5. whazza83

    whazza83 New Member

    Unfortunately, the auto installer did not work on the Raspberry. But that was also as information in the arm is not supported. That's why I used the old installation instructions.
    howtoforge.com/perfect-server-debian-10-buster-apache-bind-dovecot-ispconfig-3-1/
    I just changed the php version to 7.4.
    But it can also be that it doesn't work because I use Strato dynamic dns which runs on my FritzBox and unfortunately I can't make any DNS entries - everything is just set to inactive. No subdomains work in ISPConfig either.

    Screenshot_20220904-131808.png
     
  6. till

    till Super Moderator Staff Member ISPConfig Developer

    So we should first check if it's an issue on the server or a DNS or firewall problem. Please try to do what I suggested in regard to switching between amavis and rspamd setting as this forces the config to be rewritten. Then run the test script as root user and post the result:

    https://forum.howtoforge.com/threads/please-read-before-posting.58408/
     
  7. whazza83

    whazza83 New Member

    I had tested it with amavis and rspamd but unfortunately without success! I also think it's a DNS problem. But since everything is blocked at Strato because of the dynamic DNS, I can't do anything about it. Just can't edit DNS or A Record. Even in ISPConfig if I make DNS entries there, they will probably not be accepted.

    Rspamd Send Test:
    Code:
    root@whazzza:~# mail -s “Local Outbound SMTP Test” [email protected] < /dev/null
    Null message body; hope that's ok
    
    root@whazzza:~# mailq
    -Queue ID-  --Size-- ----Arrival Time---- -Sender/Recipient-------
    273BC3A1B96     467 Mon Sep  5 16:42:23  [email protected]
    (host mx01.emig.gmx.net[212.227.17.5] refused to talk to me: 554-gmx.net (mxgmx114) Nemesis ESMTP Service not available 554-No SMTP service 554-IP address is block listed. 554 For explanation visit https://www.gmx.net/mail/senderguidelines?ip=176.199.0.123&c=bl)
                                             [email protected]
    
    -- 0 Kbytes in 1 Request.
    Amavis Send Test:
    Code:
    root@whazzza:~# mail -s “Local Outbound SMTP Test” [email protected] < /dev/null
    Null message body; hope that's ok
    
    root@whazzza:~# mailq
    -Queue ID-  --Size-- ----Arrival Time---- -Sender/Recipient-------
    689613A1B99     433 Mon Sep  5 16:45:17  [email protected]
    (host 127.0.0.1[127.0.0.1] said: 451 4.5.0 id=00980-07 - Temporary MTA failure on relaying, From MTA() during fwd-connect (All attempts (1) failed connecting to smtp:127.0.0.1:*): id=00980-07 (in reply to end of DATA command))
                                             [email protected]
                                             [email protected]
                                             [email protected]
                                             Test”@whazzza.de
    
    -- 0 Kbytes in 1 Request.

    Text in German don't know if Google translates it so perfectly:
    Ich hatte es getestet mit amavis und rspamd aber leider ohne erfolg! Ich denke auch das es ein DNS Problem ist. Aber da bei Strato alles gesperrt ist wegen der Dynamic DNS kann ich da wohl nichts machen. Kann einfach kein DNS oder A Record bearbeiten. Auch in ISPConfig wenn ich dort DNS Einträge vornehme werden die wohl nicht übernommen.
     
  8. brainsys

    brainsys Member

    Just to say I have ISPConfig running on a couple of RPi4's with email working just fine. One is a fresh 64 bit Bullseye install based on using the Debian 10 tutorial as you did. The other is a 64 bit Buster to Bullseye upgrade using the ISPConfig upgrade tutorial.

    Almost everything works. Goaccess doesn't. They are on static IPs which may indeed support your Dynamic DNS suspicions.
     
  9. whazza83

    whazza83 New Member

    I've changed that now

    /etc/postfix/main.cf
    Code:
    mydestination = whazzza.de, localhost, localhost.localdomain
    to
    Code:
    mydestination = localhost, localhost.localdomain
    Now it works that I can write an email to myself.
    But I can't send email anywhere else like Gmail, Gmx......

    Now the problem seems to be that the DKIM key is not taken.
    Although I inserted it as you can see in the picture.

    Screenshot_20220906-165050.png
     
  10. till

    till Super Moderator Staff Member ISPConfig Developer

    Domains sued for email addresses may not be listed in mydestination indeed, that#s why the server hostname always has to be a subdomain (see perfect server install guides).

    Remove the "" within the key string (the part after p=).
     
  11. whazza83

    whazza83 New Member

    I know, but unfortunately subdomains don't work, that's why I tried it without a subdomain.


    I removed both "" characters present in the key. So far, sending emails to GMX or Gmail still doesn't work. But maybe it takes a while until the entry is accepted.
     
  12. whazza83

    whazza83 New Member

    Adjusted a couple of things.
    /etc/postfix/main.cf
    Code:
    inet_protocols = all
    to
    Code:
    inet_protocols = ipv4
    And then I entered that into SPF
    Code:
    v=spf1 a mx ip4:192.168.xxx.xx ~all
    The emails are now arriving at Gmail.
    Only with GMX I still get the following errors.

    Code:
    (host mx01.emig.gmx.net[212.227.17.5] refused to talk to me: 554-gmx.net (mxgmx104) Nemesis ESMTP Service not available 554-No SMTP service 554-IP address is block listed.
     
  13. Th0m

    Th0m ISPConfig Developer Staff Member ISPConfig Developer

    So the IP is on their blocklist. See their FAQ: https://postmaster.gmx.com/en/faq
     

Share This Page