After upgrading from Buster to BullsEye, problems (amavis)...

Discussion in 'Installation/Configuration' started by Zippy1970, Mar 1, 2022.

  1. Zippy1970

    Zippy1970 New Member

    About two years ago, I installed a Buster webserver using The Perfect Server HowTo. I also installed ISPConfig 3 even though I actually never used it.
    Yesterday I upgraded my webserver from Buster. It was a smooth upgrade and everything seemed to work fine. Then I noticed some websites were no longer working so I checked some more and found out there were actually quite a few things now broken.

    One specific problem is that users (either real or virtual) on the server can no longer send emails to each other. The error message in my mail.info file is:

    Mar 1 13:52:31 enterprise postfix/smtp[598765]: connect to 127.0.0.1[127.0.0.1]:10026: Connection refused

    Amavis is supposed to listen on both ports 10024 and 10026 according its config file:

    $inet_socket_port = [10024,10026];
    But when I check, it's only listening on port 10024:

    lsof -i | grep amavis
    /usr/sbin 1146 amavis 5u IPv4 45099 0t0 TCP localhost:10024 (LISTEN)
    /usr/sbin 1146 amavis 6u IPv6 45100 0t0 TCP localhost:10024 (LISTEN)
    /usr/sbin 2305 amavis 5u IPv4 45099 0t0 TCP localhost:10024 (LISTEN)
    /usr/sbin 2305 amavis 6u IPv6 45100 0t0 TCP localhost:10024 (LISTEN)
    /usr/sbin 2306 amavis 5u IPv4 45099 0t0 TCP localhost:10024 (LISTEN)
    /usr/sbin 2306 amavis 6u IPv6 45100 0t0 TCP localhost:10024 (LISTEN)

    The postifx main.cf file contains this line:

    content_filter = amavis:[127.0.0.1]:10024

    I read somewhere that this problem could be caused by ISPConfig and that it needs to be updated or something after updating to Bullseye (read that here). But... how? Or do I need to do something else to get this working again?
     
  2. Zippy1970

    Zippy1970 New Member

    To make things worse...
    I found this page: Update the ISPConfig Perfect Server From Debian 10 To Debian 11 (can't post links yet)
    Which actually tells me how to upgrade from Buster to Bullseye (which I did not follow). So I just did the steps on that page:

    apt -y install php7.4 php7.4-common php7.4-gd php7.4-mysql php7.4-imap php7.4-cli php7.4-cgi php7.4-curl php7.4-intl php7.4-pspell php7.4-sqlite3 php7.4-tidy php7.4-xmlrpc php7.4-xsl php7.4-zip php7.4-mbstring php7.4-soap php7.4-fpm php7.4-opcache php7.4-json php7.4-readline php7.4-xml curl

    Everything except curl was already installed, so it installed curl.

    Then I did:

    ispconfig_update.sh --force

    No errors there either. I didn't do the PHP 7.4 stuff on that page, since 7.4 is the only version installed on my server. Next I did

    curl https ://git.ispconfig.org/ispconfig/tools/-/raw/master/auto_update_phpmyadmin.sh -sL | sh

    To update phpmyadmin. Again, no errors. I then restarted the server, and now I'm unable to send email:

    Sending of the message failed.
    An error occurred while sending mail: Outgoing server (SMTP) error. The server responded: Cannot connect to SMTP server xxx.xxx.xxx.xxx (xxx.xxx.xxx.xxx:587), connect error 10060.

    When I try to retrieve my mail, I get:

    Sending of password for user (myusername) did not succeed. Mail server (my.mail.server) responded: Authentication failed.

    So yeah... I actually made it worse...
     
  3. Th0m

    Th0m ISPConfig Developer Staff Member ISPConfig Developer

    Did you let the ISPConfig update script reconfigure your servers?
     
  4. Zippy1970

    Zippy1970 New Member

    Logged in to the server through SSH (which still works) and tried the following:

    # telnet localhost 110
    Trying ::1...
    Connected to localhost.
    Escape character is '^]'.
    +OK Dovecot (Debian) ready.
    USER <myusername>
    +OK
    PASS <mypass>
    -ERR [AUTH] Authentication failed.​

    No idea what is happening here...
     
  5. Zippy1970

    Zippy1970 New Member

    Yes.
     
  6. Th0m

    Th0m ISPConfig Developer Staff Member ISPConfig Developer

    Did you reboot the server?

    Did you update all software?
     
  7. Zippy1970

    Zippy1970 New Member

    Yes.

    AFAIK, yes.
     
  8. Zippy1970

    Zippy1970 New Member

    I noticed that the ISPConfig update had overwritten my dovecot.conf file. I restored it from my backup and now mail is working again. I'm going to check if the original problems are now solved too.

    EDIT: No, amavis is still only listening on port 10024.
     
    Last edited: Mar 1, 2022
  9. Th0m

    Th0m ISPConfig Developer Staff Member ISPConfig Developer

    Can you share your dovecot.conf file when it's customized?

    EDIT: This might be the solution:
    Change the ownership:
    Code:
    chgrp amavis /etc/amavis/conf.d/
    chmod 750 /etc/amavis/conf.d/
    chmod 644 /etc/amavis/conf.d/50-user
    Then restart amavis:
    Code:
    systemctl restart amavis
    By the way, you might want to switch from Amavis to Rspamd: https://www.howtoforge.com/replacing-amavisd-with-rspamd-in-ispconfig/
     
    Last edited: Mar 1, 2022
  10. Jesse Norell

    Jesse Norell Well-Known Member Staff Member Howtoforge Staff

    Meaning you created your website vhosts manually, setup postfix/dovecot and all your user accounts manually, etc?
     
  11. Th0m

    Th0m ISPConfig Developer Staff Member ISPConfig Developer

    Lol didn't even read that, good catch.
     
  12. Zippy1970

    Zippy1970 New Member

    Correct.
     
  13. Jesse Norell

    Jesse Norell Well-Known Member Staff Member Howtoforge Staff

    If it were me I'd probably either uninstall ISPConfig and just keep your local config so things don't break/conflict, or embrace ISPConfig's setup and ditch the custom stuff. What you have now is the most amount of work for the least benefit.
     
    ahrasis, Th0m and till like this.
  14. Zippy1970

    Zippy1970 New Member

    I installed ISPConfig because it was included in the Perfect Setup HowTO and because I thought it would maybe make my life easier. But I never touched it. I think I logged in once to see what it looked like but decided I didn't like not knowing what it was doing behind the curtains.

    Anyway, I got email is working again. Like I said, the upgrade had overwritten my dovecot.conf file and had changed
    Code:
    passdb {
      args = blocking=no
      driver = shadow
    }
    to this
    Code:
    passdb {
      args = /etc/dovecot/dovecot-sql.conf
      driver = sql
    }
    I changed it back and now it's working again.

    I still have the problem amavis is only listening on port 10024 (while the configuration file specifically tells it to listen to both 10024 and 10026) but that doesn't seem to cause problems.
     
  15. Th0m

    Th0m ISPConfig Developer Staff Member ISPConfig Developer

    See this reply for your amavis issue.
     
  16. Zippy1970

    Zippy1970 New Member

    Cool! That actually made amavis listen on both 10024 and 10026!

    But I now wonder... What's the difference going to be? It seemed to work with amavis only listening to post 10024. Or did it?
     
  17. Jesse Norell

    Jesse Norell Well-Known Member Staff Member Howtoforge Staff

    It's hard to say in your setup. You are relying on some configuration made by ispconfig but using user accounts you created manually, only you could look in to what you have going on there. I suppose in a literal answer, the difference is that the settings in the 50-user file will not be applied when amavis can't read the file; the implications of that are what you would have to determine on your system.
     

Share This Page