Sender address triggers FILTER lmtp

Discussion in 'General' started by lucxkers, Sep 29, 2021.

  1. lucxkers

    lucxkers New Member

    Hello there: First of all I apologize for the quality of the English text (Google Translate).
    I have an Ubuntu 20.04 installation following the instructions in (https://www.howtoforge.com/tutorial...sl-pureftpd-bind-postfix-doveot-and-ispconfig /), using ISPConfig 3.2.5.
    The server data is this:

    Code:
    ##### SERVER #####
    IP-address (as per hostname): ***.***.***.***
    [WARN] could not determine server's ip address by ifconfig
    [INFO] OS version is Ubuntu 20.04.3 LTS
    
    [INFO] uptime:  08:47:38 up 9 days, 38 min,  2 users,  load average: 0.04, 0.03, 0.00
    
    [INFO] memory:
                  total        used        free      shared  buff/cache   available
    Mem:          7.8Gi       1.9Gi       1.5Gi        17Mi       4.4Gi       5.6Gi
    Swap:          12Gi          0B        12Gi
    
    [INFO] systemd failed services status:
      UNIT                      LOAD   ACTIVE SUB    DESCRIPTION                             
    ● snap.lxd.activate.service loaded failed failed Service for snap application lxd.activate
    
    LOAD   = Reflects whether the unit definition was properly loaded.
    ACTIVE = The high-level unit activation state, i.e. generalization of SUB.
    SUB    = The low-level unit activation state, values depend on unit type.
    
    1 loaded units listed.
    
    [INFO] ISPConfig is installed.
    
    ##### ISPCONFIG #####
    ISPConfig version is 3.2.6
    
    
    ##### VERSION CHECK #####
    
    [INFO] php (cli) version is 7.4.3
    [INFO] php-cgi (used for cgi php in default vhost!) is version 7.4.3
    
    ##### PORT CHECK #####
    
    
    ##### MAIL SERVER CHECK #####
    
    
    ##### RUNNING SERVER PROCESSES #####
    
    [INFO] I found the following web server(s):
            Apache 2 (PID 1847408)
    root@maildpec:~# cat htf_report.txt | more
    
    ##### SERVER #####
    IP-address (as per hostname): ***.***.***.***
    [WARN] could not determine server's ip address by ifconfig
    [INFO] OS version is Ubuntu 20.04.3 LTS
    
    [INFO] uptime:  08:47:38 up 9 days, 38 min,  2 users,  load average: 0.04, 0.03, 0.00
    
    [INFO] memory:
                  total        used        free      shared  buff/cache   available
    Mem:          7.8Gi       1.9Gi       1.5Gi        17Mi       4.4Gi       5.6Gi
    Swap:          12Gi          0B        12Gi
    
    [INFO] systemd failed services status:
      UNIT                      LOAD   ACTIVE SUB    DESCRIPTION                             
    ● snap.lxd.activate.service loaded failed failed Service for snap application lxd.activate
    
    LOAD   = Reflects whether the unit definition was properly loaded.
    ACTIVE = The high-level unit activation state, i.e. generalization of SUB.
    SUB    = The low-level unit activation state, values depend on unit type.
    
    1 loaded units listed.
    
    [INFO] ISPConfig is installed.
    
    ##### ISPCONFIG #####
    ISPConfig version is 3.2.6
    
    
    ##### VERSION CHECK #####
    
    [INFO] php (cli) version is 7.4.3
    [INFO] php-cgi (used for cgi php in default vhost!) is version 7.4.3
    
    ##### PORT CHECK #####
    
    
    ##### MAIL SERVER CHECK #####
    
    
    ##### RUNNING SERVER PROCESSES #####
    
    [INFO] I found the following web server(s):
            Apache 2 (PID 1847408)
    root@maildpec:~# cat htf_report.txt
    
    ##### SERVER #####
    IP-address (as per hostname): ***.***.***.***
    [WARN] could not determine server's ip address by ifconfig
    [INFO] OS version is Ubuntu 20.04.3 LTS
    
    [INFO] uptime:  08:47:38 up 9 days, 38 min,  2 users,  load average: 0.04, 0.03, 0.00
    
    [INFO] memory:
                  total        used        free      shared  buff/cache   available
    Mem:          7.8Gi       1.9Gi       1.5Gi        17Mi       4.4Gi       5.6Gi
    Swap:          12Gi          0B        12Gi
    
    [INFO] systemd failed services status:
      UNIT                      LOAD   ACTIVE SUB    DESCRIPTION                             
    ● snap.lxd.activate.service loaded failed failed Service for snap application lxd.activate
    
    LOAD   = Reflects whether the unit definition was properly loaded.
    ACTIVE = The high-level unit activation state, i.e. generalization of SUB.
    SUB    = The low-level unit activation state, values depend on unit type.
    
    1 loaded units listed.
    
    [INFO] ISPConfig is installed.
    
    ##### ISPCONFIG #####
    ISPConfig version is 3.2.6
    
    
    ##### VERSION CHECK #####
    
    [INFO] php (cli) version is 7.4.3
    [INFO] php-cgi (used for cgi php in default vhost!) is version 7.4.3
    
    ##### PORT CHECK #####
    
    
    ##### MAIL SERVER CHECK #####
    
    
    ##### RUNNING SERVER PROCESSES #####
    
    [INFO] I found the following web server(s):
            Apache 2 (PID 1847408)
    [INFO] I found the following mail server(s):
            Postfix (PID 1854903)
    [INFO] I found the following pop3 server(s):
            Dovecot (PID 5070)
    [INFO] I found the following imap server(s):
            Dovecot (PID 5070)
    [INFO] I found the following ftp server(s):
            PureFTP (PID 5114)
    
    ##### LISTENING PORTS #####
    (only           ()
    Local           (Address)
    [localhost]:10023               (1134/postgrey)
    [localhost]:10024               (1853578/amavisd-new)
    [localhost]:10025               (1854903/master)
    [localhost]:10026               (1853578/amavisd-new)
    [localhost]:10027               (1854903/master)
    [anywhere]:587          (1854903/master)
    [localhost]:11211               (1432650/memcached)
    [anywhere]:110          (5070/dovecot)
    [anywhere]:143          (5070/dovecot)
    [anywhere]:465          (1854903/master)
    ***.***.***.***:53              (1432454/systemd-res)
    [anywhere]:21           (5114/pure-ftpd)
    ***.***.***.***:53              (795/named)
    [localhost]:53          (795/named)
    [anywhere]:22           (404587/sshd:)
    [anywhere]:25           (1854903/master)
    [localhost]:953         (795/named)
    [localhost]:6010                (1651140/sshd:)
    [localhost]:6011                (1663866/sshd:)
    [anywhere]:993          (5070/dovecot)
    [anywhere]:995          (5070/dovecot)
    *:*:*:*::*:10024                (1853578/amavisd-new)
    *:*:*:*::*:10026                (1853578/amavisd-new)
    *:*:*:*::*:3306         (4348/mysqld)
    *:*:*:*::*:587          (1854903/master)
    [localhost]10           (5070/dovecot)
    [localhost]43           (5070/dovecot)
    *:*:*:*::*:8080         (1847408/apache2)
    *:*:*:*::*:80           (1847408/apache2)
    *:*:*:*::*:465          (1854903/master)
    *:*:*:*::*:8081         (1847408/apache2)
    *:*:*:*::*:21           (5114/pure-ftpd)
    *:*:*:*::**:*:*:*::*53          (795/named)
    *:*:*:*::*:53           (795/named)
    *:*:*:*::*:22           (404587/sshd:)
    *:*:*:*::*:25           (1854903/master)
    *:*:*:*::*:953          (795/named)
    *:*:*:*::*:6010         (1651140/sshd:)
    *:*:*:*::*:443          (1847408/apache2)
    *:*:*:*::*:6011         (1663866/sshd:)
    *:*:*:*::*:993          (5070/dovecot)
    *:*:*:*::*:995          (5070/dovecot)
    
    
    
    
    ##### IPTABLES #####
    Chain INPUT (policy ACCEPT)
    target     prot opt source               destination         
    f2b-postfix  tcp  --  [anywhere]/0            [anywhere]/0            multiport dports 25
    
    Chain FORWARD (policy ACCEPT)
    target     prot opt source               destination         
    
    Chain OUTPUT (policy ACCEPT)
    target     prot opt source               destination         
    
    Chain f2b-postfix (1 references)
    target     prot opt source               destination         
    RETURN     all  --  [anywhere]/0            [anywhere]/0           
    
    
    
    
    ##### LET'S ENCRYPT #####
    
    Code:
    $
    lsb_release -a
    No LSB modules are available.
    Distributor ID: Ubuntu
    Description:    Ubuntu 20.04.3 LTS
    Release:        20.04
    Codename:       focal
    
    $ php -v
    PHP 7.4.3 (cli) (built: Aug 13 2021 05:39:12) ( NTS )
    Copyright (c) The PHP Group
    Zend Engine v3.4.0, Copyright (c) Zend Technologies
        with Zend OPcache v7.4.3, Copyright (c), by Zend Technologies
    
    After updating to 3.2.6 (ispconfig_update.sh), checking the logs I found entries similar to the following:

    Code:
    Sep 29 08:03:32 mailserver postfix/submission/smtpd[1854968]: NOQUEUE: filter: RCPT from unknown[172.18.30.4]: <[email protected]>: Sender address triggers FILTER lmtp:[127.0.0.1]:10026; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<develop>
    Sep 29 08:03:32 mailserver postfix/submission/smtpd[1854968]: B9D76A304B4: client=unknown[172.18.30.4], sasl_method=LOGIN, [email protected]
    Sep 29 08:03:32 mailserver postfix/cleanup[1854974]: B9D76A304B4: message-id=<20210929080332.150a3461@develop>
    Sep 29 08:03:32 mailserver postfix/qmgr[1854905]: B9D76A304B4: from=<[email protected]>, size=1276, nrcpt=1 (queue active)
    Sep 29 08:03:32 mailserver postfix/submission/smtpd[1854968]: disconnect from unknown[172.18.30.4] ehlo=2 starttls=1 auth=1 mail=1 rcpt=1 data=1 quit=1 commands=8
    Sep 29 08:03:33 mailserver postfix/smtpd[1854978]: connect from localhost[127.0.0.1]
    Sep 29 08:03:33 mailserver postfix/smtpd[1854978]: 1C9FCA304B6: client=localhost[127.0.0.1]
    Sep 29 08:03:33 mailserver postfix/cleanup[1854974]: 1C9FCA304B6: message-id=<20210929080332.150a3461@develop>
    Sep 29 08:03:33 mailserver postfix/qmgr[1854905]: 1C9FCA304B6: from=<[email protected]>, size=2539, nrcpt=2 (queue active)
    Sep 29 08:03:33 mailserver amavis[1854286]: (1854286-01) Passed CLEAN {RelayedInternal}, ORIGINATING LOCAL [127.0.0.1] <[email protected]> -> <[email protected]>, Message-ID: <20210929080332.150a3461@develop>, mail_id: wNokoq51yPoF, Hits: -1, size: 1276, queued_as: 1C9FCA304B6, dkim_new=default:server.com, 313 ms
    Sep 29 08:03:33 mailserver postfix/lmtp[1854975]: B9D76A304B4: to=<[email protected]>, relay=127.0.0.1[127.0.0.1]:10026, delay=0.38, delays=0.06/0.01/0.01/0.31, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10027): 250 2.0.0 Ok: queued as 1C9FCA304B6)
    Sep 29 08:03:33 mailserver postfix/qmgr[1854905]: B9D76A304B4: removed
    Sep 29 08:03:33 mailserver dovecot: lda([email protected])<1854981><psAICQVIVGEFThwAalblQQ>: sieve: msgid=<20210929080332.150a3461@develop>: stored mail into mailbox 'INBOX'
    Sep 29 08:03:33 mailserver postfix/pipe[1854980]: 1C9FCA304B6: to=<[email protected]>, relay=dovecot, delay=0.04, delays=0.01/0.02/0/0.02, dsn=2.0.0, status=sent (delivered via dovecot service)
    Sep 29 08:03:33 mailserver postfix/qmgr[1854905]: 1C9FCA304B6: removed
    
    The messages are delivered, but the "NOQUEUE" catches my attention.

    Reviewing the postfix configuration, I found the following detail: (double ',' example ", ,"):
    Code:
    smtpd_helo_restrictions = permit_mynetworks, check_helo_access regexp:/etc/postfix/helo_access, permit_sasl_authenticated, reject_invalid_helo_hostname, reject_non_fqdn_helo_hostname, check_helo_access regexp:/etc/postfix/blacklist_helo, ,reject_unknown_helo_hostname, permit
    

    Searching in the forum, I found the following entry in a thread : "Add sender address to postfix whitelist in ISPConfig Panel, EMail | Global Filters | Postfix Whitelist as type Sender.", in this case it would be to add "server.com".
    I followed the recommendation and the error disappeared. But being "server.com" one of the domains defined in "Mails / Domain" (as local) is it necessary to add in the white_lists?

    Thanking you in advance for your response. Sincerely.
     
  2. Jesse Norell

    Jesse Norell Well-Known Member Staff Member Howtoforge Staff

    This does not cause any problem.
    No, you normally don't need to add whitelist entries for your senders, just make sure they use authentication and send on port 587 or 465. Whitelist entries are only needed for unusual cases (eg. maybe a local machine/device on the network which you can't configure to send as your other clients normally do).
     
    Gwyneth Llewelyn likes this.

Share This Page