Hello all, I updated ispconfig 3 from 3.0.5.2 to 3.0.5.3 on the 8th aug and all seemed fine and well until this eve when i realised i wasnt receving or sending emails. My mail log shows that amavis seems to be blocking my ip and i have no idea how to stop it. Below is the mail.info log showing where it first starts, all was working perfect before. (included snippet from before update time too) Code: Aug 8 20:20:09 ns1 amavis[3141]: (03141-04) Passed CLEAN, <[email protected]> -> <[email protected]>, Message-ID: <[email protected]>, mail_id: NMlGS0ZY2lPI, Hits: -0.001, size: 699, queued_as: 91C131CA0063, 2816 ms Aug 8 20:20:09 ns1 postfix/smtp[5386]: 3463A1CA0062: to=<[email protected]>, orig_to=<root>, relay=127.0.0.1[127.0.0.1]:10024, delay=6.9, delays=3.7/0.13/0.69/2.4, dsn=2.0.0, status=sent (250 2.0.0 Ok, id=03141-04, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 91C131CA0063) Aug 8 20:20:09 ns1 postfix/qmgr[5281]: 3463A1CA0062: removed Aug 8 20:20:10 ns1 postfix/smtp[5390]: 91C131CA0063: to=<[email protected]>, relay=none, delay=0.34, delays=0.27/0.01/0.06/0, dsn=5.4.6, status=bounced (mail for ns1.mdhosting.co.uk loops back to myself) Aug 8 20:20:10 ns1 postfix/cleanup[5370]: 0D7881CA0062: message-id=<[email protected]> Aug 8 20:20:10 ns1 postfix/qmgr[5281]: 0D7881CA0062: from=<>, size=3132, nrcpt=1 (queue active) Aug 8 20:20:10 ns1 postfix/bounce[5391]: 91C131CA0063: sender non-delivery notification: 0D7881CA0062 Aug 8 20:20:10 ns1 postfix/qmgr[5281]: 91C131CA0063: removed Aug 8 20:20:10 ns1 postfix/smtp[5390]: 0D7881CA0062: to=<[email protected]>, relay=none, delay=0.08, delays=0.04/0/0.03/0, dsn=5.4.6, status=bounced (mail for ns1.mdhosting.co.uk loops back to myself) Aug 8 20:20:10 ns1 postfix/qmgr[5281]: 0D7881CA0062: removed Aug 8 20:25:01 ns1 dovecot: imap-login: Disconnected (no auth attempts): rip=::1, lip=::1, secured Aug 8 20:25:01 ns1 dovecot: pop3-login: Disconnected (no auth attempts): rip=::1, lip=::1, secured Aug 8 20:25:02 ns1 postfix/smtpd[5463]: warning: ::1: address not listed for hostname localhost Aug 8 20:25:02 ns1 postfix/smtpd[5463]: connect from unknown[::1] Aug 8 20:25:02 ns1 postfix/smtpd[5463]: lost connection after CONNECT from unknown[::1] Aug 8 20:25:02 ns1 postfix/smtpd[5463]: disconnect from unknown[::1] Aug 8 20:30:03 ns1 dovecot: pop3-login: Disconnected (no auth attempts): rip=::1, lip=::1, secured Aug 8 20:30:03 ns1 dovecot: imap-login: Disconnected (no auth attempts): rip=::1, lip=::1, secured Aug 8 20:30:03 ns1 postfix/smtpd[5565]: warning: ::1: address not listed for hostname localhost Aug 8 20:30:03 ns1 postfix/smtpd[5565]: connect from unknown[::1] Aug 8 20:30:03 ns1 postfix/smtpd[5565]: lost connection after CONNECT from unknown[::1] Aug 8 20:30:03 ns1 postfix/smtpd[5565]: disconnect from unknown[::1] Aug 8 20:35:01 ns1 dovecot: pop3-login: Disconnected (no auth attempts): rip=::1, lip=::1, secured Aug 8 20:35:01 ns1 dovecot: imap-login: Disconnected (no auth attempts): rip=::1, lip=::1, secured Aug 8 20:35:02 ns1 postfix/smtpd[5655]: warning: ::1: address not listed for hostname localhost Aug 8 20:35:02 ns1 postfix/smtpd[5655]: connect from unknown[::1] Aug 8 20:35:02 ns1 postfix/smtpd[5655]: lost connection after CONNECT from unknown[::1] Aug 8 20:35:02 ns1 postfix/smtpd[5655]: disconnect from unknown[::1] Aug 8 20:36:52 ns1 postfix/master[5274]: terminating on signal 15 Aug 8 20:36:53 ns1 postfix/master[5795]: daemon started -- version 2.7.1, configuration /etc/postfix Aug 8 20:40:02 ns1 dovecot: pop3-login: Disconnected (no auth attempts): rip=::1, lip=::1, secured Aug 8 20:40:02 ns1 dovecot: imap-login: Disconnected (no auth attempts): rip=::1, lip=::1, secured Aug 8 20:40:03 ns1 postfix/smtpd[5894]: warning: ::1: address not listed for hostname localhost Aug 8 20:40:03 ns1 postfix/smtpd[5894]: connect from unknown[::1] Aug 8 20:40:03 ns1 postfix/smtpd[5894]: lost connection after CONNECT from unknown[::1] Aug 8 20:40:03 ns1 postfix/smtpd[5894]: disconnect from unknown[::1] Aug 8 20:40:03 ns1 postfix/pickup[5801]: 218841CA0062: uid=102 from=<smmsp> Aug 8 20:40:03 ns1 postfix/cleanup[5919]: 218841CA0062: message-id=<[email protected]> Aug 8 20:40:04 ns1 postfix/qmgr[5802]: 218841CA0062: from=<[email protected]>, size=699, nrcpt=1 (queue active) Aug 8 20:40:04 ns1 amavis[3142]: (03142-03) (!)DENIED ACCESS from IP 78.129.133.84, policy bank '' Aug 8 20:40:04 ns1 postfix/smtp[5924]: 218841CA0062: to=<[email protected]>, orig_to=<root>, relay=127.0.0.1[127.0.0.1]:10024, delay=2.4, delays=1.5/0.08/0.78/0, dsn=4.4.2, status=deferred (lost connection with 127.0.0.1[127.0.0.1] while receiving the initial server greeting) Aug 8 20:40:26 ns1 postfix/master[5795]: terminating on signal 15 Aug 8 20:40:30 ns1 postfix/master[6034]: daemon started -- version 2.7.1, configuration /etc/postfix Aug 8 20:45:01 ns1 dovecot: imap-login: Login: user=<[email protected]>, method=PLAIN, rip=92.239.63.189, lip=78.129.133.84, TLS Aug 8 20:45:01 ns1 dovecot: imap-login: Login: user=<[email protected]>, method=PLAIN, rip=92.239.63.189, lip=78.129.133.84, TLS Aug 8 20:45:01 ns1 dovecot: imap-login: Login: user=<[email protected]>, method=PLAIN, rip=92.239.63.189, lip=78.129.133.84, TLS Aug 8 20:45:02 ns1 dovecot: pop3-login: Disconnected (no auth attempts): rip=::1, lip=::1, secured Aug 8 20:45:02 ns1 dovecot: imap-login: Disconnected (no auth attempts): rip=::1, lip=::1, secured Aug 8 20:45:02 ns1 postfix/smtpd[6119]: connect from localhost.localdomain[127.0.0.1] Aug 8 20:45:02 ns1 postfix/smtpd[6119]: lost connection after CONNECT from localhost.localdomain[127.0.0.1] Aug 8 20:45:02 ns1 postfix/smtpd[6119]: disconnect from localhost.localdomain[127.0.0.1] Aug 8 20:45:30 ns1 postfix/qmgr[6041]: 218841CA0062: from=<[email protected]>, size=699, nrcpt=1 (queue active) Aug 8 20:45:31 ns1 amavis[3141]: (03141-04) (!)DENIED ACCESS from IP 78.129.133.84, policy bank '' Aug 8 20:45:31 ns1 postfix/smtp[6147]: 218841CA0062: to=<[email protected]>, orig_to=<root>, relay=127.0.0.1[127.0.0.1]:10024, delay=329, delays=328/0.17/0/0, dsn=4.4.2, status=deferred (lost connection with 127.0.0.1[127.0.0.1] while receiving the initial server greeting) Using postqueue -p i get this Code: A89A51CA013B 699 Sun Aug 11 13:20:01 [email protected] (delivery temporarily suspended: connect to 127.0.0.1[127.0.0.1]:10024: Connection refused) [email protected] A6AA01CA0097 699 Fri Aug 9 12:00:03 [email protected] (delivery temporarily suspended: connect to 127.0.0.1[127.0.0.1]:10024: Connection refused) [email protected] A49FF1CA00E6 699 Sat Aug 10 12:20:01 [email protected] (delivery temporarily suspended: connect to 127.0.0.1[127.0.0.1]:10024: Connection refused) [email protected] A25471CA017B 699 Mon Aug 12 09:00:02 [email protected] (delivery temporarily suspended: connect to 127.0.0.1[127.0.0.1]:10024: Connection refused) [email protected] A0BC51CA0148 699 Sun Aug 11 17:40:02 [email protected] (delivery temporarily suspended: connect to 127.0.0.1[127.0.0.1]:10024: Connection refused) [email protected] AC2BA1CA00C0 699 Sat Aug 10 00:40:03 [email protected] (delivery temporarily suspended: connect to 127.0.0.1[127.0.0.1]:10024: Connection refused) [email protected] A68261CA009A 699 Fri Aug 9 13:00:02 [email protected] (delivery temporarily suspended: connect to 127.0.0.1[127.0.0.1]:10024: Connection refused) [email protected] A277C1CA0094 699 Fri Aug 9 11:00:01 [email protected] (delivery temporarily suspended: connect to 127.0.0.1[127.0.0.1]:10024: Connection refused) [email protected] A1C0B1CA0098 699 Fri Aug 9 12:20:03 [email protected] (delivery temporarily suspended: connect to 127.0.0.1[127.0.0.1]:10024: Connection refused) [email protected] -- 1017 Kbytes in 377 Requests. This has also jammed up the mail log and it will not process any emails or let me remove any, even with postsuper -d ALL Users can login to mail and make emails its just not sending anymore as using a telnet to test shows this. Code: root@ns1:/var/log# telnet localhost 25 Trying ::1... Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. 220 ns1.mdhosting.co.uk ESMTP Postfix (Debian/GNU) ehlo mail.mdhosting.co.uk 250-ns1.mdhosting.co.uk 250-PIPELINING 250-SIZE 250-VRFY 250-ETRN 250-STARTTLS 250-AUTH PLAIN LOGIN 250-AUTH=PLAIN LOGIN 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN mail from:<[email protected]> 250 2.1.0 Ok rcpt to:<[email protected]> 250 2.1.5 Ok data 354 End data with <CR><LF>.<CR><LF> Hello are you getting this? . 250 2.0.0 Ok: queued as 175021CA01FA quit 221 2.0.0 Bye Connection closed by foreign host. I really need help on this! Its running dovecot with postfix on a bebian 6 64bit in a clustered setup installed using the perfect server guide for debian 6. http://www.howtoforge.com/perfect-server-debian-squeeze-with-bind-and-dovecot-ispconfig-3-p6
update ive managed to clear the mail queue using a command found here: http://www.howtoforge.com/delete-mails-to-or-from-a-specific-email-address-from-postfix-mail-queue thanks Falko but still mails being blocked by amavis
Can you post your main.cf and master.cf ....just checking to verify that amavis is set and listening on the correct port.
will do when i get back from work. our it dept are just the wost, they dont allow ftp because they dont know how to setup an ftp server or allow any connections other than on a proxy
Hi there! Is 78.129.133.84 one of the interfaces on your server? If so, have you checked that amavis is permitting connections from this interface? The log "amavis denied access from IP xyz" suggests it might not allow binds on that interface (if that is indeed your server itself). For example, see this link: http://www.iredmail.org/forum/topic2377-iredmail-support-using-specific-ip-for-outgoing-mail.html Cheers! SuaSwe
here you go. i had to comment out the content_filter line to be able to send and receive emails again. I have 1 IPV4 and 6 IPV6 addresses available on my server main.cf Code: # See /usr/share/postfix/main.cf.dist for a commented, more complete version # Debian specific: Specifying a file name will cause the first # line of that file to be used as the name. The Debian default # is /etc/mailname. #myorigin = /etc/mailname smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU) biff = no # appending .domain is the MUA's job. append_dot_mydomain = no # Uncomment the next line to generate "delayed mail" warnings #delay_warning_time = 4h readme_directory = /usr/share/doc/postfix # TLS parameters smtpd_tls_cert_file = /etc/postfix/smtpd.cert smtpd_tls_key_file = /etc/postfix/smtpd.key smtpd_use_tls = yes smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for # information on enabling SSL in the smtp client. myhostname = ns1.mdhosting.co.uk alias_maps = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases alias_database = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases myorigin = /etc/mailname mydestination = localhost #, localhost.localdomain relayhost = mynetworks = 127.0.0.0/8 78.129.133.84 [::1]/128 mailbox_command = procmail -a "$EXTENSION" mailbox_size_limit = 0 recipient_delimiter = + inet_interfaces = 78.129.133.84 html_directory = /usr/share/doc/postfix/html virtual_alias_domains = virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, proxy:mysql:/etc/postfix/mysql-virtual_email2email.cf, hash:/var/lib/mailman/data/virtual-mailman virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf virtual_mailbox_base = /var/vmail virtual_uid_maps = static:5000 virtual_gid_maps = static:5000 inet_protocols = ipv4 smtpd_sasl_auth_enable = yes broken_sasl_auth_clients = yes smtpd_sasl_authenticated_header = yes smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, check_recipient_access mysql:/etc/postfix/mysql-virtual_recipient.cf, reject_unauth_destination smtpd_tls_security_level = may transport_maps = hash:/var/lib/mailman/data/transport-mailman, proxy:mysql:/etc/postfix/mysql-virtual_transports.cf relay_domains = mysql:/etc/postfix/mysql-virtual_relaydomains.cf relay_recipient_maps = mysql:/etc/postfix/mysql-virtual_relayrecipientmaps.cf proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps smtpd_sender_restrictions = check_sender_access mysql:/etc/postfix/mysql-virtual_sender.cf smtpd_client_restrictions = check_client_access mysql:/etc/postfix/mysql-virtual_client.cf smtpd_client_message_rate_limit = 100 maildrop_destination_concurrency_limit = 1 maildrop_destination_recipient_limit = 1 virtual_transport = dovecot header_checks = regexp:/etc/postfix/header_checks mime_header_checks = regexp:/etc/postfix/mime_header_checks nested_header_checks = regexp:/etc/postfix/nested_header_checks body_checks = regexp:/etc/postfix/body_checks owner_request_special = no dovecot_destination_recipient_limit = 1 smtpd_sasl_type = dovecot smtpd_sasl_path = private/auth #content_filter = amavis:[78.129.133.84]:10024 receive_override_options = no_address_mappings message_size_limit = 0 smtp_bind_address = 78.129.133.84 smtp_bind_address6 = 2001:1b40:5000:4::aefa:d6f1 smtpd_tls_CAfile = /usr/local/ispconfig/interface/ssl/startssl.sub.class1.server.ca.crt master.cf Code: # # Postfix master process configuration file. For details on the format # of the file, see the master(5) manual page (command: "man 5 master"). # # Do not forget to execute "postfix reload" after editing this file. # # ========================================================================== # service type private unpriv chroot wakeup maxproc command + args # (yes) (yes) (yes) (never) (100) # ========================================================================== smtp inet n - - - - smtpd submission inet n - - - - smtpd -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject # -o milter_macro_daemon_name=ORIGINATING smtps inet n - - - - smtpd -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject # -o milter_macro_daemon_name=ORIGINATING #628 inet n - - - - qmqpd pickup fifo n - - 60 1 pickup cleanup unix n - - - 0 cleanup qmgr fifo n - n 300 1 qmgr #qmgr fifo n - - 300 1 oqmgr tlsmgr unix - - - 1000? 1 tlsmgr rewrite unix - - - - - trivial-rewrite bounce unix - - - - 0 bounce defer unix - - - - 0 bounce trace unix - - - - 0 bounce verify unix - - - - 1 verify flush unix n - - 1000? 0 flush proxymap unix - - n - - proxymap proxywrite unix - - n - 1 proxymap smtp unix - - - - - smtp # When relaying mail as backup MX, disable fallback_relay to avoid MX loops relay unix - - - - - smtp -o smtp_fallback_relay= # -o smtp_helo_timeout=5 -o smtp_connect_timeout=5 showq unix n - - - - showq error unix - - - - - error retry unix - - - - - error discard unix - - - - - discard local unix - n n - - local virtual unix - n n - - virtual lmtp unix - - - - - lmtp anvil unix - - - - 1 anvil scache unix - - - - 1 scache # # ==================================================================== # Interfaces to non-Postfix software. Be sure to examine the manual # pages of the non-Postfix software to find out what options it wants. # # Many of the following services use the Postfix pipe(8) delivery # agent. See the pipe(8) man page for information about ${recipient} # and other message envelope options. # ==================================================================== # # maildrop. See the Postfix MAILDROP_README file for details. # Also specify in main.cf: maildrop_destination_recipient_limit=1 # maildrop unix - n n - - pipe flags=DRhu user=vmail argv=/usr/bin/maildrop -d vmail ${extension} ${recipient} ${user} ${nexthop} ${sender} # # ==================================================================== # # Recent Cyrus versions can use the existing "lmtp" master.cf entry. # # Specify in cyrus.conf: # lmtp cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4 # # Specify in main.cf one or more of the following: # mailbox_transport = lmtp:inet:localhost # virtual_transport = lmtp:inet:localhost # # ==================================================================== # # Cyrus 2.1.5 (Amos Gouaux) # Also specify in main.cf: cyrus_destination_recipient_limit=1 # #cyrus unix - n n - - pipe # user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user} # # ==================================================================== # Old example of delivery via Cyrus. # #old-cyrus unix - n n - - pipe # flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user} # # ==================================================================== # # See the Postfix UUCP_README file for configuration details. # uucp unix - n n - - pipe flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient) # # Other external delivery methods. # ifmail unix - n n - - pipe flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient) bsmtp unix - n n - - pipe flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient scalemail-backend unix - n n - 2 pipe flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension} mailman unix - n n - - pipe flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py ${nexthop} ${user} dovecot unix - n n - - pipe flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop} amavis unix - - - - 2 smtp -o smtp_data_done_timeout=1200 -o smtp_send_xforward_command=yes 127.0.0.1:10025 inet n - - - - smtpd -o content_filter= -o local_recipient_maps= -o relay_recipient_maps= -o smtpd_restriction_classes= -o smtpd_client_restrictions= -o smtpd_helo_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject -o mynetworks=127.0.0.0/8 -o strict_rfc821_envelopes=yes -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
The problem is this line in postfix main.cf: inet_interfaces = 78.129.133.84 change it back to: inet_interfaces = all and restart postfix. With your current setup, postfix can not communicate over localhost with amavisd.
If that doesn't fully fix (but it should), then check that the smtp_bind_address may need to be 127.0.0.1 as well since you're fixing the inet_interfaces. But if you only upgraded to the new ISPC, I don't see how this info would change from before...
Thanks and hurray! I know thats the odd thing. Thanks to you both! I did have it set as 'all' then i tried to fix it and since putting it back to 'all' its fixed so what ever i did also seems to have fixed it lol