3.2 update receiving broken

Discussion in 'Installation/Configuration' started by inka, Oct 20, 2020.

Tags:
  1. inka

    inka Member

    The update went through as usual yesterday night. I had two new emails from this morning in my inbox. When i wasnt getting an Email i was waiting for i checked the logs.

    mail2 postfix/smtpd[684]: NOQUEUE: reject: RCPT from a6-21.smtp-out.eu-west-1.amazonses.com[54.240.6.21]: 451 4.3.5 <[email protected]>: Recipient address rejected: Server configuration problem;

    Could not find a howto revert back from the backups made during installation, could someone please point me to the correct steps?
    Thanks.
     
  2. elmacus

    elmacus Active Member

  3. Th0m

    Th0m ISPConfig Developer Staff Member ISPConfig Developer

    I moved your thread to the ISPConfig 3 forum board.

    Did you reconfigure services when upgrading? If not, run the update again and choose to reconfigure services:
    Code:
    cd /tmp
    wget https://www.ispconfig.org/downloads/ISPConfig-3.2.tar.gz
    tar xvfz ISPConfig-3.2.tar.gz
    cd ispconfig3_install/install
    php -q update.php
    Check your mail.log aswell to see if there are any hints that point you to a potential issue. If you share your master.cf and main.cf of postfix we can check that aswell.

    It is possible to go back to the previous situation (before upgrading), a backup of the /etc and /usr/local/ispconfig directory is made on upgrade in /var/backup. But it's better to fix the issue instead of just reverting and using a outdated setup.
     
  4. Th0m

    Th0m ISPConfig Developer Staff Member ISPConfig Developer

  5. inka

    inka Member

    Yes!


    Shall the script create a ISPConfig backup in /var/backup/ now? (yes,no) [yes]: no

    Checking ISPConfig database .. OK
    Starting incremental database update.
    Loading SQL patch file: /tmp/ispconfig3_install/install/sql/incremental/upd_dev_collection.sql
    Reconfigure Permissions in master database? (yes,no) [no]:

    Service 'firewall_server' has been detected (currently disabled) do you want to enable and configure it? (yes,no) [no]:

    Reconfigure Services? (yes,no,selected) [yes]: yes

    Configuring Postfix
    Configuring Dovecot
    Configuring Spamassassin
    Configuring Amavisd
    Configuring Getmail
    Configuring Pureftpd
    Configuring Apache
    Configuring vlogger
    Configuring Apps vhost
    Configuring Jailkit
    Configuring Database
    Updating ISPConfig
    ISPConfig Port [5151]:

    Create new ISPConfig SSL certificate (yes,no) [no]:

    chattr: Permission denied while setting flags on /var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter
    Reconfigure Crontab? (yes,no) [yes]:

    Updating Crontab
    Restarting services ...
    Update finished.
     
  6. inka

    inka Member

    do not see anything relevant
    master.cf
    Code:
    #
    # Postfix master process configuration file.  For details on the format
    # of the file, see the master(5) manual page (command: "man 5 master" or
    # on-line: http://www.postfix.org/master.5.html).
    #
    # Do not forget to execute "postfix reload" after editing this file.
    #
    # ==========================================================================
    # service type  private unpriv  chroot  wakeup  maxproc command + args
    #               (yes)   (yes)   (no)    (never) (100)
    # ==========================================================================
    smtp      inet  n       -       y       -       -       smtpd
    #smtp      inet  n       -       y       -       1       postscreen
    #smtpd     pass  -       -       y       -       -       smtpd
    #dnsblog   unix  -       -       y       -       0       dnsblog
    #tlsproxy  unix  -       -       y       -       0       tlsproxy
    submission inet n       -       y       -       -       smtpd
      -o syslog_name=postfix/submission
      -o smtpd_tls_security_level=encrypt
      -o smtpd_sasl_auth_enable=yes
      -o smtpd_client_restrictions=permit_sasl_authenticated,reject
    #  -o smtpd_tls_auth_only=yes
    #  -o smtpd_reject_unlisted_recipient=no
    #  -o smtpd_client_restrictions=$mua_client_restrictions
    #  -o smtpd_helo_restrictions=$mua_helo_restrictions
    #  -o smtpd_sender_restrictions=$mua_sender_restrictions
    #  -o smtpd_recipient_restrictions=
    #  -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
    #  -o milter_macro_daemon_name=ORIGINATING
    smtps     inet  n       -       y       -       -       smtpd
      -o syslog_name=postfix/smtps
      -o smtpd_tls_wrappermode=yes
     -o smtpd_sasl_auth_enable=yes
      -o smtpd_client_restrictions=permit_sasl_authenticated,reject
    #  -o smtpd_reject_unlisted_recipient=no
    #  -o smtpd_client_restrictions=$mua_client_restrictions
    #  -o smtpd_helo_restrictions=$mua_helo_restrictions
    #  -o smtpd_sender_restrictions=$mua_sender_restrictions
    #  -o smtpd_recipient_restrictions=
    #  -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
    #  -o milter_macro_daemon_name=ORIGINATING
    #628       inet  n       -       y       -       -       qmqpd
    pickup    unix  n       -       y       60      1       pickup
    cleanup   unix  n       -       y       -       0       cleanup
    qmgr      unix  n       -       n       300     1       qmgr
    #qmgr     unix  n       -       n       300     1       oqmgr
    tlsmgr    unix  -       -       y       1000?   1       tlsmgr
    rewrite   unix  -       -       y       -       -       trivial-rewrite
    bounce    unix  -       -       y       -       0       bounce
    defer     unix  -       -       y       -       0       bounce
    trace     unix  -       -       y       -       0       bounce
    verify    unix  -       -       y       -       1       verify
    flush     unix  n       -       y       1000?   0       flush
    proxymap  unix  -       -       n       -       -       proxymap
    proxywrite unix -       -       n       -       1       proxymap
    smtp      unix  -       -       y       -       -       smtp
    relay     unix  -       -       y       -       -       smtp
            -o syslog_name=postfix/$service_name
    #       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
    showq     unix  n       -       y       -       -       showq
    error     unix  -       -       y       -       -       error
    retry     unix  -       -       y       -       -       error
    discard   unix  -       -       y       -       -       discard
    local     unix  -       n       n       -       -       local
    virtual   unix  -       n       n       -       -       virtual
    lmtp      unix  -       -       y       -       -       lmtp
    anvil     unix  -       -       y       -       1       anvil
    scache    unix  -       -       y       -       1       scache
    #
    # ====================================================================
    # Interfaces to non-Postfix software. Be sure to examine the manual
    # pages of the non-Postfix software to find out what options it wants.
    #
    # Many of the following services use the Postfix pipe(8) delivery
    # agent.  See the pipe(8) man page for information about ${recipient}
    # and other message envelope options.
    # ====================================================================
    #
    # maildrop. See the Postfix MAILDROP_README file for details.
    # Also specify in main.cf: maildrop_destination_recipient_limit=1
    #
    maildrop  unix  -       n       n       -       -       pipe
      flags=DRhu user=vmail argv=/usr/bin/maildrop -d vmail ${extension} ${recipient} ${user} ${nexthop} ${sender}
    #
    # ====================================================================
    #
    # Recent Cyrus versions can use the existing "lmtp" master.cf entry.
    #
    # Specify in cyrus.conf:
    #   lmtp    cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4
    #
    # Specify in main.cf one or more of the following:
    #  mailbox_transport = lmtp:inet:localhost
    #  virtual_transport = lmtp:inet:localhost
    #
    # ====================================================================
    #
    # Cyrus 2.1.5 (Amos Gouaux)
    # Also specify in main.cf: cyrus_destination_recipient_limit=1
    #
    #cyrus     unix  -       n       n       -       -       pipe  
    #  user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
    #
    # ====================================================================
    # Old example of delivery via Cyrus.
    #
    #old-cyrus unix  -       n       n       -       -       pipe
    #  flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
    #
    # ====================================================================
    #
    # See the Postfix UUCP_README file for configuration details.
    #
    uucp      unix  -       n       n       -       -       pipe
      flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
    #
    # Other external delivery methods.
    #
    ifmail    unix  -       n       n       -       -       pipe
      flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
    bsmtp     unix  -       n       n       -       -       pipe
      flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
    scalemail-backend unix  -       n       n       -       2       pipe
      flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
    mailman   unix  -       n       n       -       -       pipe
      flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
      ${nexthop} ${user}
    
    dovecot   unix  -       n       n       -       -       pipe
      flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop}
    
    
    amavis unix - - - - 2 smtp
            -o smtp_data_done_timeout=1200
            -o smtp_send_xforward_command=yes
                    -o smtp_bind_address=
    127.0.0.1:10025 inet n - n - - smtpd
            -o content_filter=
            -o local_recipient_maps=
            -o relay_recipient_maps=
            -o smtpd_restriction_classes=
            -o smtpd_client_restrictions=
            -o smtpd_helo_restrictions=
            -o smtpd_sender_restrictions=
            -o smtpd_recipient_restrictions=permit_mynetworks,reject
            -o smtpd_end_of_data_restrictions=
            -o mynetworks=127.0.0.0/8
            -o strict_rfc821_envelopes=yes
            -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
            -o smtp_send_xforward_command=yes
            -o disable_dns_lookups=yes
    
    
    127.0.0.1:10027 inet n - n - - smtpd
           -o content_filter=
            -o local_recipient_maps=
            -o relay_recipient_maps=
            -o smtpd_restriction_classes=
            -o smtpd_client_restrictions=
            -o smtpd_helo_restrictions=
            -o smtpd_sender_restrictions=
            -o smtpd_recipient_restrictions=permit_mynetworks,reject
            -o smtpd_end_of_data_restrictions=
            -o mynetworks=127.0.0.0/8
            -o strict_rfc821_envelopes=yes
            -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
            -o smtp_send_xforward_command=yes
                -o milter_default_action=accept
            -o milter_macro_daemon_name=ORIGINATING
            -o disable_dns_lookups=yes
    
     
  7. inka

    inka Member

    main.cf
    Code:
     
    # See /usr/share/postfix/main.cf.dist for a commented, more complete version
    
    
    # Debian specific:  Specifying a file name will cause the first
    # line of that file to be used as the name.  The Debian default
    # is /etc/mailname.
    #myorigin = /etc/mailname
    
    smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
    biff = no
    
    # appending .domain is the MUA's job.
    append_dot_mydomain = no
    
    # Uncomment the next line to generate "delayed mail" warnings
    #delay_warning_time = 4h
    
    readme_directory = /usr/share/doc/postfix
    
    # See http://www.postfix.org/COMPATIBILITY_README.html -- default to 2 on
    # fresh installs.
    compatibility_level = 2
    
    # TLS parameters
    smtpd_tls_cert_file = /etc/postfix/smtpd.cert
    smtpd_tls_key_file = /etc/postfix/smtpd.key
    smtpd_use_tls = yes
    smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
    smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
    
    # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
    # information on enabling SSL in the smtp client.
    smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
    myhostname = mail2.REMOVED.com
    alias_maps = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
    alias_database = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
    myorigin = /etc/mailname
    mydestination = mail2.REMOVED.com, localhost, localhost.localdomain
    relayhost =
    mynetworks = 127.0.0.0/8 [::1]/128
    mailbox_size_limit = 0
    recipient_delimiter = +
    inet_interfaces = all
    inet_protocols = all
    html_directory = /usr/share/doc/postfix/html
    virtual_alias_domains = proxy:mysql:/etc/postfix/mysql-virtual_alias_domains.cf
    virtual_alias_maps = hash:/var/lib/mailman/data/virtual-mailman, proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, proxy:mysql:/etc/postfix/mysql-virtual_alias_maps.cf, proxy:mysql:/etc/postfix/mysql-virtual_email2email.cf
    virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
    virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
    virtual_mailbox_base = /var/vmail
    virtual_uid_maps = proxy:mysql:/etc/postfix/mysql-virtual_uids.cf
    virtual_gid_maps = proxy:mysql:/etc/postfix/mysql-virtual_gids.cf
    sender_bcc_maps = proxy:mysql:/etc/postfix/mysql-virtual_outgoing_bcc.cf
    smtpd_sasl_auth_enable = yes
    broken_sasl_auth_clients = yes
    smtpd_sasl_authenticated_header = yes
    smtpd_restriction_classes = greylisting
    greylisting = check_policy_service inet:127.0.0.1:10023
    smtpd_recipient_restrictions = permit_mynetworks, reject_unknown_recipient_domain, reject_unlisted_recipient, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_unauth_destination, check_recipient_access proxy:mysql:/etc/postfi$
    smtpd_tls_security_level = may
    transport_maps = hash:/var/lib/mailman/data/transport-mailman, proxy:mysql:/etc/postfix/mysql-virtual_transports.cf
    relay_domains = proxy:mysql:/etc/postfix/mysql-virtual_relaydomains.cf
    relay_recipient_maps = proxy:mysql:/etc/postfix/mysql-virtual_relayrecipientmaps.cf
    smtpd_sender_login_maps = proxy:mysql:/etc/postfix/mysql-virtual_sender_login_maps.cf
    proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $sender_bcc_maps $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps$
    smtpd_helo_required = yes
    smtpd_helo_restrictions = reject_invalid_helo_hostname, permit_mynetworks, check_helo_access regexp:/etc/postfix/helo_access, permit_sasl_authenticated, reject_non_fqdn_helo_hostname, check_helo_access regexp:/etc/postfix/blacklist_helo,$
    smtpd_sender_restrictions = check_sender_access regexp:/etc/postfix/tag_as_originating.re, permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_sender, check_sender_access regexp:/etc/postfix/tag_as_foreign.re, check_sender_acce$
    smtpd_client_restrictions = check_client_access proxy:mysql:/etc/postfix/mysql-virtual_client.cf, permit_inet_interfaces, permit_mynetworks, reject_rbl_client zen.spamhaus.org, permit_sasl_authenticated, reject_unauth_pipelining , permit
    smtpd_client_message_rate_limit = 100
    maildrop_destination_concurrency_limit = 1
    maildrop_destination_recipient_limit = 1
    virtual_transport = lmtp:unix:private/dovecot-lmtp
    header_checks = regexp:/etc/postfix/header_checks
    mime_header_checks = regexp:/etc/postfix/mime_header_checks
    nested_header_checks = regexp:/etc/postfix/nested_header_checks
    body_checks = regexp:/etc/postfix/body_checks
    owner_request_special = no
    smtp_tls_security_level = dane
    smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
    smtpd_tls_protocols = !SSLv2,!SSLv3
    smtp_tls_protocols = !SSLv2,!SSLv3
    smtpd_tls_exclude_ciphers = RC4, aNULL
    smtp_tls_exclude_ciphers = RC4, aNULL
    dovecot_destination_recipient_limit = 1
    smtpd_sasl_type = dovecot
    smtpd_sasl_path = private/auth
    content_filter = lmtp:[127.0.0.1]:10024
    receive_override_options = no_address_mappings
    message_size_limit = 0
    smtpd_etrn_restrictions = permit_mynetworks, reject
    smtpd_data_restrictions = permit_mynetworks, reject_unauth_pipelining, reject_multi_recipient_bounce, permit
    smtpd_tls_mandatory_ciphers = medium
    tls_medium_cipherlist = ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES25$
    tls_preempt_cipherlist = no
    address_verify_negative_refresh_time = 60s
    enable_original_recipient = no
    smtpd_forbidden_commands = CONNECT,GET,POST,USER,PASS
    address_verify_sender_ttl = 15686s
    smtp_dns_support_level = dnssec 
     
  8. Th0m

    Th0m ISPConfig Developer Staff Member ISPConfig Developer

    I see you did not make a backup, so going back is not possible. Did you run the update as root / sudo?

    You could try the cipher fix from the thread mentioned earlier.
     
  9. inka

    inka Member

    I have the backup from yesterday night.
    Yes i am root.
     
  10. inka

    inka Member

    I found that i had a template for in conf-custom and removed it, did a reinstall and now i am seeing allot of warnings in mail.log

    Code:
    Oct 20 09:30:14 mail2 postfix/smtpd[1036]: warning: SASL: Connect to private/auth failed: Connection refused
    Oct 20 09:30:14 mail2 postfix/smtpd[1036]: fatal: no SASL authentication mechanisms
    Oct 20 09:30:14 mail2 postfix/smtpd[1037]: warning: inet_protocols: disabling IPv6 name/address support: Address family not supported by protocol
    Oct 20 09:30:14 mail2 postfix/smtpd[1035]: warning: SASL: Connect to private/auth failed: Connection refused
    Oct 20 09:30:14 mail2 postfix/smtpd[1035]: fatal: no SASL authentication mechanisms
    Oct 20 09:30:14 mail2 postfix/smtpd[1037]: warning: SASL: Connect to private/auth failed: Connection refused
    Oct 20 09:30:14 mail2 postfix/smtpd[1037]: fatal: no SASL authentication mechanisms
    Oct 20 09:30:14 mail2 postfix/smtpd[1038]: warning: inet_protocols: disabling IPv6 name/address support: Address family not supported by protocol
    Oct 20 09:30:14 mail2 postfix/smtpd[1039]: warning: inet_protocols: disabling IPv6 name/address support: Address family not supported by protocol
    Oct 20 09:30:14 mail2 postfix/smtpd[1039]: connect from localhost[127.0.0.1]
    Oct 20 09:30:14 mail2 postfix/smtpd[1039]: warning: SASL: Connect to private/auth failed: Connection refused
    Oct 20 09:30:14 mail2 postfix/smtpd[1039]: fatal: no SASL authentication mechanisms
    Oct 20 09:30:14 mail2 postfix/smtpd[1040]: warning: inet_protocols: disabling IPv6 name/address support: Address family not supported by protocol
    Oct 20 09:30:14 mail2 postfix/smtpd[1041]: warning: inet_protocols: disabling IPv6 name/address support: Address family not supported by protocol
    Oct 20 09:30:14 mail2 postfix/smtpd[1042]: warning: inet_protocols: disabling IPv6 name/address support: Address family not supported by protocol
    Oct 20 09:30:14 mail2 postfix/smtpd[1040]: warning: SASL: Connect to private/auth failed: Connection refused
    Oct 20 09:30:14 mail2 postfix/smtpd[1040]: fatal: no SASL authentication mechanisms
    Oct 20 09:30:14 mail2 postfix/smtpd[1043]: warning: inet_protocols: disabling IPv6 name/address support: Address family not supported by protocol
    Oct 20 09:30:14 mail2 postfix/smtpd[1041]: warning: SASL: Connect to private/auth failed: Connection refused
    Oct 20 09:30:14 mail2 postfix/smtpd[1041]: fatal: no SASL authentication mechanisms
    Oct 20 09:30:14 mail2 postfix/smtpd[1043]: warning: SASL: Connect to private/auth failed: Connection refused
    Oct 20 09:30:14 mail2 postfix/smtpd[1043]: fatal: no SASL authentication mechanisms
    
    Oct 20 09:30:14 mail2 postfix/smtpd[1044]: warning: inet_protocols: disabling IPv6 name/address support: Address family not supported by protocol
    Oct 20 09:30:14 mail2 postfix/smtpd[1042]: warning: SASL: Connect to private/auth failed: Connection refused
    Oct 20 09:30:14 mail2 postfix/smtpd[1042]: fatal: no SASL authentication mechanisms
    Oct 20 09:30:14 mail2 postfix/smtpd[1044]: warning: SASL: Connect to private/auth failed: Connection refused
    Oct 20 09:30:14 mail2 postfix/smtpd[1044]: fatal: no SASL authentication mechanisms
    Oct 20 09:30:15 mail2 postfix/smtpd[1038]: connect from mysrv1.lyonreflections.com[54.38.107.129]
    Oct 20 09:30:15 mail2 postfix/smtpd[1038]: warning: SASL: Connect to private/auth failed: Connection refused
    Oct 20 09:30:15 mail2 postfix/smtpd[1038]: fatal: no SASL authentication mechanisms
    Oct 20 09:30:15 mail2 postfix/master[504]: warning: process /usr/lib/postfix/sbin/smtpd pid 1013 exit status 1
    Oct 20 09:30:15 mail2 postfix/master[504]: warning: /usr/lib/postfix/sbin/smtpd: bad command startup -- throttling
    Oct 20 09:30:15 mail2 postfix/master[504]: warning: process /usr/lib/postfix/sbin/smtpd pid 1016 exit status 1
    Oct 20 09:30:15 mail2 postfix/master[504]: warning: process /usr/lib/postfix/sbin/smtpd pid 1015 exit status 1
    
     
  11. inka

    inka Member

    also
    Code:
    Oct 20 09:33:19 mail2 postfix/master[504]: warning: /usr/lib/postfix/sbin/smtpd: bad command startup -- throttling
    
     
  12. Th0m

    Th0m ISPConfig Developer Staff Member ISPConfig Developer

    Did you reconfigure all services? Most importantly Postfix and Dovecot.

    Can you share your updated config files?
     
  13. inka

    inka Member

    libsasl2-modules is already the newest version (2.1.27~101-g0780600+dfsg-3ubuntu2.1).
    libsasl2-modules set to manually installed.
    0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
     
  14. inka

    inka Member

    Yes, i did reconfigure ALL Services again, as always. I do not ever reconfigure Permissions in master Database, might that be a problem? Just a single server here.
    I just rebooted into the same errors and running another fresh update.
    Code:
    php -q update.php
    
    
    --------------------------------------------------------------------------------
     _____ ___________   _____              __ _         ____
    |_   _/  ___| ___ \ /  __ \            / _(_)       /__  \
      | | \ `--.| |_/ / | /  \/ ___  _ __ | |_ _  __ _    _/ /
      | |  `--. \  __/  | |    / _ \| '_ \|  _| |/ _` |  |_ |
     _| |_/\__/ / |     | \__/\ (_) | | | | | | | (_| | ___\ \
     \___/\____/\_|      \____/\___/|_| |_|_| |_|\__, | \____/
                                                  __/ |
                                                 |___/
    --------------------------------------------------------------------------------
    
    
    >> Update
    
    Operating System: Ubuntu 18.04.5 LTS (Bionic Beaver)
    
    This application will update ISPConfig 3 on your server.
    
    Shall the script create a ISPConfig backup in /var/backup/ now? (yes,no) [yes]: no
    
    Checking ISPConfig database .. OK
    Starting incremental database update.
    Loading SQL patch file: /tmp/ispconfig3_install/install/sql/incremental/upd_dev_collection.sql
    Reconfigure Permissions in master database? (yes,no) [no]:
    
    Service 'firewall_server' has been detected (currently disabled) do you want to enable and configure it?  (yes,no) [no]:
    
    Reconfigure Services? (yes,no,selected) [yes]: yes
    
    Configuring Postfix
    postalias: warning: inet_protocols: disabling IPv6 name/address support: Address family not supported by protocol
    postmap: warning: inet_protocols: disabling IPv6 name/address support: Address family not supported by protocol
    postmap: warning: inet_protocols: disabling IPv6 name/address support: Address family not supported by protocol
    Configuring Dovecot
    Configuring Spamassassin
    Configuring Amavisd
    Configuring Getmail
    Configuring Pureftpd
    Configuring Apache
    Configuring vlogger
    Configuring Apps vhost
    Configuring Jailkit
    Configuring Database
    Updating ISPConfig
    ISPConfig Port [5151]:
    
    Create new ISPConfig SSL certificate (yes,no) [no]:
    
    chattr: Permission denied while setting flags on /var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter
    Reconfigure Crontab? (yes,no) [yes]: yes
    
    Updating Crontab
    Restarting services ...
    Update finished.
    
    Code:
    Oct 20 09:47:59 mail2 postfix/qmgr[2400]: warning: inet_protocols: disabling IPv6 name/address support: Address family not supported by protocol
    Oct 20 09:47:59 mail2 postfix/proxymap[2402]: warning: inet_protocols: disabling IPv6 name/address support: Address family not supported by protocol
    Oct 20 09:48:00 mail2 amavis[2421]: starting. /usr/sbin/amavisd-new at localhost amavisd-new-2.11.0 (20160426), Unicode aware, LC_ALL="C", LANG="C.UTF-8"
    Oct 20 09:48:00 mail2 amavis[2427]: Net::Server: Group Not Defined.  Defaulting to EGID '120 120'
    Oct 20 09:48:00 mail2 amavis[2427]: Net::Server: User Not Defined.  Defaulting to EUID '115'
    Oct 20 09:48:00 mail2 amavis[2427]: No $altermime,         not using it
    Oct 20 09:48:00 mail2 amavis[2427]: No ext program for   .lrz, tried: lrzip -q -k -d -o -, lrzcat -q -k
    Oct 20 09:48:00 mail2 amavis[2427]: No ext program for   .lz4, tried: lz4c -d
    Oct 20 09:48:00 mail2 amavis[2427]: No ext program for   .rpm, tried: rpm2cpio.pl, rpm2cpio
    Oct 20 09:48:00 mail2 amavis[2427]: No ext program for   .zoo, tried: zoo
    Oct 20 09:48:00 mail2 amavis[2427]: No ext program for   .doc, tried: ripole
    Oct 20 09:48:00 mail2 amavis[2427]: No ext program for   .zip, tried: 7za, 7z
    Oct 20 09:48:00 mail2 amavis[2427]: No ext program for   .kmz, tried: 7za, 7z
    Oct 20 09:48:00 mail2 amavis[2427]: No ext program for   .jar, tried: 7z
    Oct 20 09:48:00 mail2 amavis[2427]: No ext program for   .swf, tried: 7z
    Oct 20 09:48:00 mail2 amavis[2427]: No ext program for   .lha, tried: 7z
    Oct 20 09:48:00 mail2 amavis[2427]: No ext program for   .iso, tried: 7z
    Oct 20 09:48:00 mail2 amavis[2427]: No ext program for   .rpm, tried: 7z
    Oct 20 09:48:00 mail2 amavis[2427]: No decoder for       .F
    Oct 20 09:48:00 mail2 amavis[2427]: No decoder for       .doc
    Oct 20 09:48:00 mail2 amavis[2427]: No decoder for       .iso
    Oct 20 09:48:00 mail2 amavis[2427]: No decoder for       .jar
    Oct 20 09:48:00 mail2 amavis[2427]: No decoder for       .lha
    Oct 20 09:48:00 mail2 amavis[2427]: No decoder for       .lrz
    Oct 20 09:48:00 mail2 amavis[2427]: No decoder for       .lz4
    Oct 20 09:48:00 mail2 amavis[2427]: No decoder for       .rpm
    Oct 20 09:48:00 mail2 amavis[2427]: No decoder for       .swf
    Oct 20 09:48:00 mail2 amavis[2427]: No decoder for       .zoo
    Oct 20 09:48:00 mail2 amavis[2427]: Using primary internal av scanner code for ClamAV-clamd
    Oct 20 09:48:00 mail2 amavis[2427]: Found secondary av scanner ClamAV-clamscan at /usr/bin/clamscan
    Oct 20 09:48:01 mail2 dovecot: master: Error: socket() failed: Address family not supported by protocol
    Oct 20 09:48:01 mail2 dovecot: master: Error: service(pop3-login): listen([::], 110) failed: Address family not supported by protocol
    Oct 20 09:48:01 mail2 dovecot: master: Error: socket() failed: Address family not supported by protocol
    Oct 20 09:48:01 mail2 dovecot: master: Error: service(pop3-login): listen([::], 995) failed: Address family not supported by protocol
    Oct 20 09:48:01 mail2 dovecot: master: Error: socket() failed: Address family not supported by protocol
    Oct 20 09:48:01 mail2 dovecot: master: Error: service(imap-login): listen([::], 143) failed: Address family not supported by protocol
    Oct 20 09:48:01 mail2 dovecot: master: Error: socket() failed: Address family not supported by protocol
    Oct 20 09:48:01 mail2 dovecot: master: Error: service(imap-login): listen([::], 993) failed: Address family not supported by protocol
    Oct 20 09:48:01 mail2 dovecot: master: Fatal: Failed to start listeners
    Oct 20 09:48:01 mail2 postfix/smtpd[2486]: warning: inet_protocols: disabling IPv6 name/address support: Address family not supported by protocol
    Oct 20 09:48:01 mail2 postfix/tlsmgr[2487]: warning: inet_protocols: disabling IPv6 name/address support: Address family not supported by protocol
    Oct 20 09:48:01 mail2 postfix/anvil[2489]: warning: inet_protocols: disabling IPv6 name/address support: Address family not supported by protocol
    Oct 20 09:48:01 mail2 postfix/smtpd[2486]: warning: SASL: Connect to private/auth failed: Connection refused
    Oct 20 09:48:01 mail2 postfix/smtpd[2486]: fatal: no SASL authentication mechanisms
    Oct 20 09:48:02 mail2 postfix/smtpd[2511]: warning: inet_protocols: disabling IPv6 name/address support: Address family not supported by protocol
    Oct 20 09:48:02 mail2 postfix/smtpd[2511]: warning: SASL: Connect to private/auth failed: Connection refused
    Oct 20 09:48:02 mail2 postfix/smtpd[2511]: fatal: no SASL authentication mechanisms
    Oct 20 09:48:02 mail2 postfix/master[2396]: warning: process /usr/lib/postfix/sbin/smtpd pid 2486 exit status 1
    Oct 20 09:48:02 mail2 postfix/master[2396]: warning: /usr/lib/postfix/sbin/smtpd: bad command startup -- throttling
    Oct 20 09:48:03 mail2 postfix/master[2396]: warning: process /usr/lib/postfix/sbin/smtpd pid 2511 exit status 1
    
     
    Last edited: Oct 20, 2020
  15. inka

    inka Member

    master.cf
    Code:
    
    #
    # Postfix master process configuration file.  For details on the format
    # of the file, see the master(5) manual page (command: "man 5 master" or
    # on-line: http://www.postfix.org/master.5.html).
    #
    # Do not forget to execute "postfix reload" after editing this file.
    #
    # ==========================================================================
    # service type  private unpriv  chroot  wakeup  maxproc command + args
    #               (yes)   (yes)   (no)    (never) (100)
    # ==========================================================================
    smtp      inet  n       -       y       -       -       smtpd
    #smtp      inet  n       -       y       -       1       postscreen
    #smtpd     pass  -       -       y       -       -       smtpd
    #dnsblog   unix  -       -       y       -       0       dnsblog
    #tlsproxy  unix  -       -       y       -       0       tlsproxy
    submission inet n       -       y       -       -       smtpd
      -o syslog_name=postfix/submission
      -o smtpd_tls_security_level=encrypt
      -o smtpd_sasl_auth_enable=yes
      -o smtpd_client_restrictions=permit_sasl_authenticated,reject
    #  -o smtpd_tls_auth_only=yes
    #  -o smtpd_reject_unlisted_recipient=no
    #  -o smtpd_client_restrictions=$mua_client_restrictions
    #  -o smtpd_helo_restrictions=$mua_helo_restrictions
    #  -o smtpd_sender_restrictions=$mua_sender_restrictions
    #  -o smtpd_recipient_restrictions=
    #  -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
    #  -o milter_macro_daemon_name=ORIGINATING
    smtps     inet  n       -       y       -       -       smtpd
      -o syslog_name=postfix/smtps
      -o smtpd_tls_wrappermode=yes
      -o smtpd_sasl_auth_enable=yes
      -o smtpd_client_restrictions=permit_sasl_authenticated,reject
    #  -o smtpd_reject_unlisted_recipient=no
    #  -o smtpd_client_restrictions=$mua_client_restrictions
    #  -o smtpd_helo_restrictions=$mua_helo_restrictions
    #  -o smtpd_sender_restrictions=$mua_sender_restrictions
    #  -o smtpd_recipient_restrictions=
    #  -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
    #  -o milter_macro_daemon_name=ORIGINATING
    #628       inet  n       -       y       -       -       qmqpd
    pickup    unix  n       -       y       60      1       pickup
    cleanup   unix  n       -       y       -       0       cleanup
    qmgr      unix  n       -       n       300     1       qmgr
    #qmgr     unix  n       -       n       300     1       oqmgr
    tlsmgr    unix  -       -       y       1000?   1       tlsmgr
    rewrite   unix  -       -       y       -       -       trivial-rewrite
    bounce    unix  -       -       y       -       0       bounce
    efer     unix  -       -       y       -       0       bounce
    trace     unix  -       -       y       -       0       bounce
    verify    unix  -       -       y       -       1       verify
    flush     unix  n       -       y       1000?   0       flush
    proxymap  unix  -       -       n       -       -       proxymap
    proxywrite unix -       -       n       -       1       proxymap
    smtp      unix  -       -       y       -       -       smtp
    relay     unix  -       -       y       -       -       smtp
            -o syslog_name=postfix/$service_name
    #       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
    showq     unix  n       -       y       -       -       showq
    error     unix  -       -       y       -       -       error
    retry     unix  -       -       y       -       -       error   
    discard   unix  -       -       y       -       -       discard  
    local     unix  -       n       n       -       -       local
    virtual   unix  -       n       n       -       -       virtual
    lmtp      unix  -       -       y       -       -       lmtp
    anvil     unix  -       -       y       -       1       anvil
    scache    unix  -       -       y       -       1       scache
    #
    # ====================================================================
    # Interfaces to non-Postfix software. Be sure to examine the manual
    # pages of the non-Postfix software to find out what options it wants.
    #
    # Many of the following services use the Postfix pipe(8) delivery
    # agent.  See the pipe(8) man page for information about ${recipient}
    # and other message envelope options.
    # ====================================================================
    #
    # maildrop. See the Postfix MAILDROP_README file for details.
    # Also specify in main.cf: maildrop_destination_recipient_limit=1
    #
    maildrop  unix  -       n       n       -       -       pipe
      flags=DRhu user=vmail argv=/usr/bin/maildrop -d vmail ${extension} ${recipient} ${user} ${nexthop} ${sender}
    #
    # ====================================================================
    #
    # Recent Cyrus versions can use the existing "lmtp" master.cf entry.
    #
    # Specify in cyrus.conf:
    #   lmtp    cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4
    #
    # Specify in main.cf one or more of the following:
    #  mailbox_transport = lmtp:inet:localhost
    #  virtual_transport = lmtp:inet:localhost
    #
    # ====================================================================
    #
    # Cyrus 2.1.5 (Amos Gouaux)
    # Also specify in main.cf: cyrus_destination_recipient_limit=1
    #
    #cyrus     unix  -       n       n       -       -       pipe   
    #  user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
    #
    # ====================================================================
    # Old example of delivery via Cyrus.
    #
    #old-cyrus unix  -       n       n       -       -       pipe
    #  flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
    #
    # ====================================================================
    #
    # See the Postfix UUCP_README file for configuration details.  
    #
    uucp      unix  -       n       n       -       -       pipe
      flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
    #
    # Other external delivery methods.
    #
    ifmail    unix  -       n       n       -       -       pipe
      flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
    bsmtp     unix  -       n       n       -       -       pipe
      flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
    scalemail-backend unix  -       n       n       -       2       pipe
      flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
    mailman   unix  -       n       n       -       -       pipe
      flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
      ${nexthop} ${user}
    
    dovecot   unix  -       n       n       -       -       pipe
      flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop}
    
    
    amavis unix - - - - 2 smtp
            -o smtp_data_done_timeout=1200
            -o smtp_send_xforward_command=yes
                    -o smtp_bind_address=
    
    
    127.0.0.1:10025 inet n - n - - smtpd
            -o content_filter=
            -o local_recipient_maps=
            -o relay_recipient_maps=
            -o smtpd_restriction_classes=
            -o smtpd_client_restrictions=
            -o smtpd_helo_restrictions=
            -o smtpd_sender_restrictions=
            -o smtpd_recipient_restrictions=permit_mynetworks,reject
            -o smtpd_end_of_data_restrictions=
            -o mynetworks=127.0.0.0/8
            -o strict_rfc821_envelopes=yes
            -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
            -o smtp_send_xforward_command=yes
            -o disable_dns_lookups=yes
    
    
    127.0.0.1:10027 inet n - n - - smtpd
            -o content_filter=
            -o local_recipient_maps=
            -o relay_recipient_maps=
            -o smtpd_restriction_classes=
            -o smtpd_client_restrictions=
            -o smtpd_helo_restrictions=
            -o smtpd_sender_restrictions=
            -o smtpd_recipient_restrictions=permit_mynetworks,reject
            -o smtpd_end_of_data_restrictions=
            -o mynetworks=127.0.0.0/8
            -o strict_rfc821_envelopes=yes
            -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
            -o smtp_send_xforward_command=yes
                -o milter_default_action=accept
            -o milter_macro_daemon_name=ORIGINATING
            -o disable_dns_lookups=yes
    
     
  16. inka

    inka Member

    main.cf
    Code:
    
    # See /usr/share/postfix/main.cf.dist for a commented, more complete version
    
    
    # Debian specific:  Specifying a file name will cause the first
    # line of that file to be used as the name.  The Debian default
    # is /etc/mailname.
    #myorigin = /etc/mailname
    
    smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
    biff = no
    
    # appending .domain is the MUA's job.
    append_dot_mydomain = no
    
    # Uncomment the next line to generate "delayed mail" warnings
    #delay_warning_time = 4h
    
    readme_directory = /usr/share/doc/postfix
    
    # See http://www.postfix.org/COMPATIBILITY_README.html -- default to 2 on
    # fresh installs.
    compatibility_level = 2
    
    # TLS parameters
    smtpd_tls_cert_file = /etc/postfix/smtpd.cert
    smtpd_tls_key_file = /etc/postfix/smtpd.key
    smtpd_use_tls = yes
    smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
    smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
    
    # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
    # information on enabling SSL in the smtp client.
    
    smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
    myhostname = mail2.REMOVED.com
    alias_maps = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
    alias_database = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
    myorigin = /etc/mailname
    mydestination = mail2.REMOVED.com, localhost, localhost.localdomain
    relayhost =
    mynetworks = 127.0.0.0/8 [::1]/128
    mailbox_size_limit = 0
    recipient_delimiter = +
    inet_interfaces = all
    inet_protocols = all
    html_directory = /usr/share/doc/postfix/html
    virtual_alias_domains = proxy:mysql:/etc/postfix/mysql-virtual_alias_domains.cf
    virtual_alias_maps = hash:/var/lib/mailman/data/virtual-mailman, proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, proxy:mysql:/etc/postfix/mysql-virtual_alias_maps.cf, proxy:mysql:/etc/postfix/mysql-virtual_email2email.cf
    virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
    virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
    virtual_mailbox_base = /var/vmail
    virtual_uid_maps = proxy:mysql:/etc/postfix/mysql-virtual_uids.cf
    virtual_gid_maps = proxy:mysql:/etc/postfix/mysql-virtual_gids.cf
    sender_bcc_maps = proxy:mysql:/etc/postfix/mysql-virtual_outgoing_bcc.cf
    smtpd_sasl_auth_enable = yes
    broken_sasl_auth_clients = yes
    smtpd_sasl_authenticated_header = yes
    smtpd_restriction_classes = greylisting
    greylisting = check_policy_service inet:127.0.0.1:10023
    smtpd_recipient_restrictions = permit_mynetworks, reject_unknown_recipient_domain, reject_unlisted_recipient, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_unauth_destination, check_recipient_access proxy:mysql:/etc/postfi$
    smtpd_tls_security_level = may
    transport_maps = hash:/var/lib/mailman/data/transport-mailman, proxy:mysql:/etc/postfix/mysql-virtual_transports.cf
    relay_domains = proxy:mysql:/etc/postfix/mysql-virtual_relaydomains.cf
    relay_recipient_maps = proxy:mysql:/etc/postfix/mysql-virtual_relayrecipientmaps.cf
    smtpd_sender_login_maps = proxy:mysql:/etc/postfix/mysql-virtual_sender_login_maps.cf
    proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $sender_bcc_maps $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps$
    smtpd_helo_required = yes
    smtpd_helo_restrictions = reject_invalid_helo_hostname, permit_mynetworks, check_helo_access regexp:/etc/postfix/helo_access, permit_sasl_authenticated, reject_non_fqdn_helo_hostname, check_helo_access regexp:/etc/postfix/blacklist_helo,$
    smtpd_sender_restrictions = check_sender_access regexp:/etc/postfix/tag_as_originating.re, permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_sender, check_sender_access regexp:/etc/postfix/tag_as_foreign.re, check_sender_acce$
    smtpd_client_restrictions = check_client_access proxy:mysql:/etc/postfix/mysql-virtual_client.cf, permit_inet_interfaces, permit_mynetworks, reject_rbl_client zen.spamhaus.org, permit_sasl_authenticated, reject_unauth_pipelining , permit
    smtpd_client_message_rate_limit = 100
    maildrop_destination_concurrency_limit = 1
    maildrop_destination_recipient_limit = 1
    virtual_transport = lmtp:unix:private/dovecot-lmtp
    header_checks = regexp:/etc/postfix/header_checks
    mime_header_checks = regexp:/etc/postfix/mime_header_checks
    nested_header_checks = regexp:/etc/postfix/nested_header_checks
    body_checks = regexp:/etc/postfix/body_checks
    owner_request_special = no
    smtp_tls_security_level = dane
    smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
    smtpd_tls_protocols = !SSLv2,!SSLv3
    smtp_tls_protocols = !SSLv2,!SSLv3
    smtpd_tls_exclude_ciphers = RC4, aNULL
    smtp_tls_exclude_ciphers = RC4, aNULL
    dovecot_destination_recipient_limit = 1
    smtpd_sasl_type = dovecot
    smtpd_sasl_path = private/auth
    content_filter = lmtp:[127.0.0.1]:10024
    receive_override_options = no_address_mappings
    message_size_limit = 0
    smtpd_etrn_restrictions = permit_mynetworks, reject
    smtpd_data_restrictions = permit_mynetworks, reject_unauth_pipelining, reject_multi_recipient_bounce, permit
    smtpd_tls_mandatory_ciphers = medium
    tls_medium_cipherlist = ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES25$
    tls_preempt_cipherlist = no
    address_verify_negative_refresh_time = 60s
    enable_original_recipient = no   
    smtpd_forbidden_commands = CONNECT,GET,POST,USER,PASS
    address_verify_sender_ttl = 15686s
    smtp_dns_support_level = dnssec
    
    Since i have these new errors will the tls_medium_cipherlist thread do me any good?
     
  17. Th0m

    Th0m ISPConfig Developer Staff Member ISPConfig Developer

    Seems like you have a network issue now. What is the output of
    Code:
    ifconfig
    and
    Code:
    ip a
    ?

    For me, network errors can be solved 9 out of 10 times with a reboot (or even 2).
     
  18. inka

    inka Member

    Code:
    root@mail2:~$ systemctl status dovecot
    ● dovecot.service - Dovecot IMAP/POP3 email server
       Loaded: loaded (/lib/systemd/system/dovecot.service; enabled; vendor preset: enabled)
       Active: failed (Result: exit-code) since Tue 2020-10-20 10:15:44 UTC; 24s ago
         Docs: man:dovecot(1)
               http://wiki2.dovecot.org/
      Process: 149 ExecStart=/usr/sbin/dovecot -F (code=exited, status=89)
     Main PID: 149 (code=exited, status=89)
    
    Oct 20 10:15:44 mail2.REMOVED.com dovecot[149]: master: Error: socket() failed: Address family not supported by protocol
    Oct 20 10:15:44 mail2.REMOVED.com dovecot[149]: master: Error: service(pop3-login): listen([::], 995) failed: Address family not supported by protocol
    Oct 20 10:15:44 mail2.REMOVED.com dovecot[149]: master: Error: socket() failed: Address family not supported by protocol
    Oct 20 10:15:44 mail2.REMOVED.com dovecot[149]: master: Error: service(imap-login): listen([::], 143) failed: Address family not supported by protocol
    Oct 20 10:15:44 mail2.REMOVED.com dovecot[149]: master: Error: socket() failed: Address family not supported by protocol
    Oct 20 10:15:44 mail2.REMOVED.com dovecot[149]: master: Error: service(imap-login): listen([::], 993) failed: Address family not supported by protocol
    Oct 20 10:15:44 mail2.REMOVED.com dovecot[149]: Fatal: Failed to start listeners
    Oct 20 10:15:44 mail2.REMOVED.com dovecot[149]: master: Fatal: Failed to start listeners
    Oct 20 10:15:44 mail2.REMOVED.com systemd[1]: dovecot.service: Main process exited, code=exited, status=89/n/a
    Oct 20 10:15:44 mail2.REMOVED.com systemd[1]: dovecot.service: Failed with result 'exit-code'.
    root@mail2:~$ ip a
    1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
        link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
        inet 127.0.0.1/8 scope host lo
           valid_lft forever preferred_lft forever
    13: eth0@if3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
        link/ether 00:50:56:00:48:01 brd ff:ff:ff:ff:ff:ff link-netnsid 0
        inet 177.119.122.124/27 brd 177.119.122.127 scope global dynamic eth0
           valid_lft 43168sec preferred_lft 43168sec
    
    ip a looks fine (changed the IP above from original, i feel vulnerable right now)
    reboot didnt help
     
  19. inka

    inka Member

    dovecot running again, /etc/dovecot/dovecot.conf
    Code:
     listen = *
    since i have ipv6 disabled, forgot about this one.
    It is just weird that this error and the others didnt show up earlier, especially that
    Code:
     systemctl --state=failed
    didn't show dovecot had problems.

    Receiving emails again, thanks for the support!
     
  20. Th0m

    Th0m ISPConfig Developer Staff Member ISPConfig Developer

    I was about to comment that it seems like you don't have IPv6 enabled, but it was trying to bind to it :)

    Glad to hear it's working again.
     
    inka likes this.

Share This Page