About two years ago, I installed a Buster webserver using The Perfect Server HowTo. I also installed ISPConfig 3 even though I actually never used it. Yesterday I upgraded my webserver from Buster. It was a smooth upgrade and everything seemed to work fine. Then I noticed some websites were no longer working so I checked some more and found out there were actually quite a few things now broken. One specific problem is that users (either real or virtual) on the server can no longer send emails to each other. The error message in my mail.info file is: Mar 1 13:52:31 enterprise postfix/smtp[598765]: connect to 127.0.0.1[127.0.0.1]:10026: Connection refused Amavis is supposed to listen on both ports 10024 and 10026 according its config file: $inet_socket_port = [10024,10026]; But when I check, it's only listening on port 10024: lsof -i | grep amavis /usr/sbin 1146 amavis 5u IPv4 45099 0t0 TCP localhost:10024 (LISTEN) /usr/sbin 1146 amavis 6u IPv6 45100 0t0 TCP localhost:10024 (LISTEN) /usr/sbin 2305 amavis 5u IPv4 45099 0t0 TCP localhost:10024 (LISTEN) /usr/sbin 2305 amavis 6u IPv6 45100 0t0 TCP localhost:10024 (LISTEN) /usr/sbin 2306 amavis 5u IPv4 45099 0t0 TCP localhost:10024 (LISTEN) /usr/sbin 2306 amavis 6u IPv6 45100 0t0 TCP localhost:10024 (LISTEN) The postifx main.cf file contains this line: content_filter = amavis:[127.0.0.1]:10024 I read somewhere that this problem could be caused by ISPConfig and that it needs to be updated or something after updating to Bullseye (read that here). But... how? Or do I need to do something else to get this working again?
To make things worse... I found this page: Update the ISPConfig Perfect Server From Debian 10 To Debian 11 (can't post links yet) Which actually tells me how to upgrade from Buster to Bullseye (which I did not follow). So I just did the steps on that page: apt -y install php7.4 php7.4-common php7.4-gd php7.4-mysql php7.4-imap php7.4-cli php7.4-cgi php7.4-curl php7.4-intl php7.4-pspell php7.4-sqlite3 php7.4-tidy php7.4-xmlrpc php7.4-xsl php7.4-zip php7.4-mbstring php7.4-soap php7.4-fpm php7.4-opcache php7.4-json php7.4-readline php7.4-xml curl Everything except curl was already installed, so it installed curl. Then I did: ispconfig_update.sh --force No errors there either. I didn't do the PHP 7.4 stuff on that page, since 7.4 is the only version installed on my server. Next I did curl https ://git.ispconfig.org/ispconfig/tools/-/raw/master/auto_update_phpmyadmin.sh -sL | sh To update phpmyadmin. Again, no errors. I then restarted the server, and now I'm unable to send email: Sending of the message failed. An error occurred while sending mail: Outgoing server (SMTP) error. The server responded: Cannot connect to SMTP server xxx.xxx.xxx.xxx (xxx.xxx.xxx.xxx:587), connect error 10060. When I try to retrieve my mail, I get: Sending of password for user (myusername) did not succeed. Mail server (my.mail.server) responded: Authentication failed. So yeah... I actually made it worse...
Logged in to the server through SSH (which still works) and tried the following: # telnet localhost 110 Trying ::1... Connected to localhost. Escape character is '^]'. +OK Dovecot (Debian) ready. USER <myusername> +OK PASS <mypass> -ERR [AUTH] Authentication failed. No idea what is happening here...
I noticed that the ISPConfig update had overwritten my dovecot.conf file. I restored it from my backup and now mail is working again. I'm going to check if the original problems are now solved too. EDIT: No, amavis is still only listening on port 10024.
Can you share your dovecot.conf file when it's customized? EDIT: This might be the solution: Change the ownership: Code: chgrp amavis /etc/amavis/conf.d/ chmod 750 /etc/amavis/conf.d/ chmod 644 /etc/amavis/conf.d/50-user Then restart amavis: Code: systemctl restart amavis By the way, you might want to switch from Amavis to Rspamd: https://www.howtoforge.com/replacing-amavisd-with-rspamd-in-ispconfig/
Meaning you created your website vhosts manually, setup postfix/dovecot and all your user accounts manually, etc?
If it were me I'd probably either uninstall ISPConfig and just keep your local config so things don't break/conflict, or embrace ISPConfig's setup and ditch the custom stuff. What you have now is the most amount of work for the least benefit.
I installed ISPConfig because it was included in the Perfect Setup HowTO and because I thought it would maybe make my life easier. But I never touched it. I think I logged in once to see what it looked like but decided I didn't like not knowing what it was doing behind the curtains. Anyway, I got email is working again. Like I said, the upgrade had overwritten my dovecot.conf file and had changed Code: passdb { args = blocking=no driver = shadow } to this Code: passdb { args = /etc/dovecot/dovecot-sql.conf driver = sql } I changed it back and now it's working again. I still have the problem amavis is only listening on port 10024 (while the configuration file specifically tells it to listen to both 10024 and 10026) but that doesn't seem to cause problems.
Cool! That actually made amavis listen on both 10024 and 10026! But I now wonder... What's the difference going to be? It seemed to work with amavis only listening to post 10024. Or did it?
It's hard to say in your setup. You are relying on some configuration made by ispconfig but using user accounts you created manually, only you could look in to what you have going on there. I suppose in a literal answer, the difference is that the settings in the 50-user file will not be applied when amavis can't read the file; the implications of that are what you would have to determine on your system.