Postfix SMTP Port 25 timeout

Debian macht sich hervorragend als Web- und Mailserver. Schau auch in den " Tipps und Tricks"-Bereich.
Antworten
ande
Beiträge: 29
Registriert: 13.10.2003 10:36:29
Wohnort: Freiburg
Kontaktdaten:

Postfix SMTP Port 25 timeout

Beitrag von ande » 10.08.2016 11:30:06

Wie auch schon in einem anderen Post beschrieben habe ich Probleme mit Postfix.

Dieser Beitrag ist nun extra da ich mich auf ein Detail nach dem anderen konzentriere.

Ich kann zwar per telnet eine Verbindung zu Port 25 herstellen, aber fast egal was ich dann eingebe, die Verbindung wird dann abgebaut.

Also schon das hier scheitert:

Code: Alles auswählen

telnet eins.xxx.tld 25
Trying 178.63.xx.xx...
Connected to eins.xxx.tld.
Escape character is '^]'.
EHLO eins.xxx.tld
Connection closed by foreign host.
Was läuft da schief? Im Logfile stehen immer noch Verweise auf SSL-Probleme:

Code: Alles auswählen

unknown[112.220.127.26]: TLS cipher list "aNULL:-aNULL:ALL:!EXPORT:!LOW:+RC4:@STRENGTH"
Aug 10 11:29:14 eins postfix/smtps/smtpd[11461]: SSL_accept:before/accept initialization
Aug 10 11:29:14 eins postfix/smtps/smtpd[11461]: read from 7F598A758620 [7F598A766DE0] (11 bytes => -1 (0xFFFFFFFFFFFFFFFF))
Aug 10 11:29:19 eins postfix/smtps/smtpd[11540]: read from 7F58D30ECA70 [7F58D30F3DE0] (11 bytes => 0 (0x0))
Aug 10 11:29:19 eins postfix/smtps/smtpd[11540]: SSL_accept error from rdp02.snthostings.com[62.210.188.27]: lost connection
Aug 10 11:29:19 eins postfix/smtps/smtpd[11540]: lost connection after CONNECT from rdp02.snthostings.com[62.210.188.27]
Aug 10 11:29:19 eins postfix/smtps/smtpd[11540]: disconnect from rdp02.snthostings.com[62.210.188.27]
Aug 10 11:29:19 eins postfix/smtps/smtpd[11307]: connect from rdp02.snthostings.com[62.210.188.27]
Aug 10 11:29:19 eins postfix/smtps/smtpd[11307]: setting up TLS connection from rdp02.snthostings.com[62.210.188.27]
Aug 10 11:29:19 eins postfix/smtps/smtpd[11307]: rdp02.snthostings.com[62.210.188.27]: TLS cipher list "aNULL:-aNULL:ALL:!EXPORT:!LOW:+RC4:@STRENGTH"
Aug 10 11:29:19 eins postfix/smtps/smtpd[11307]: SSL_accept:before/accept initialization
dabei habe ich in main.cf und master.cf schon alles abgeschaltet was nach SSL aussieht.

Jede Hilfe ist willkommen...

Ich habe mal die "verbosity" von smtp eingecshaltet und bekomme das hier:

Code: Alles auswählen

Aug 10 11:38:36 eins postfix/smtp/smtpd[13093]: match_list_match: n138.sexwine.top: no match
Aug 10 11:38:36 eins postfix/smtp/smtpd[13093]: match_list_match: 172.247.123.138: no match
Aug 10 11:38:36 eins postfix/smtp/smtpd[13093]: match_list_match: n138.sexwine.top: no match
Aug 10 11:38:36 eins postfix/smtp/smtpd[13093]: match_list_match: 172.247.123.138: no match
Aug 10 11:38:36 eins postfix/smtp/smtpd[13093]: smtp_stream_setup: maxtime=300 enable_deadline=0
Aug 10 11:38:36 eins postfix/smtp/smtpd[13093]: setting up TLS connection from n138.sexwine.top[172.247.123.138]
Aug 10 11:38:36 eins postfix/smtp/smtpd[13093]: n138.sexwine.top[172.247.123.138]: TLS cipher list "aNULL:-aNULL:ALL:!EXPORT:!LOW:+RC4:@STRENGTH"
Aug 10 11:38:36 eins postfix/smtp/smtpd[13093]: send attr request = seed
Aug 10 11:38:36 eins postfix/smtp/smtpd[13093]: send attr size = 32
Aug 10 11:38:36 eins postfix/smtp/smtpd[13093]: private/tlsmgr: wanted attribute: status
Aug 10 11:38:36 eins postfix/smtp/smtpd[13093]: input attribute name: status
Aug 10 11:38:36 eins postfix/smtp/smtpd[13093]: input attribute value: 0
Aug 10 11:38:36 eins postfix/smtp/smtpd[13093]: private/tlsmgr: wanted attribute: seed
Aug 10 11:38:36 eins postfix/smtp/smtpd[13093]: input attribute name: seed
Aug 10 11:38:36 eins postfix/smtp/smtpd[13093]: input attribute value: UXCIhbhThDmhWwS40KGLPYehYwYwld5njXGvLAsrP3U=
Aug 10 11:38:36 eins postfix/smtp/smtpd[13093]: private/tlsmgr: wanted attribute: (list terminator)
Aug 10 11:38:36 eins postfix/smtp/smtpd[13093]: input attribute name: (end)
Aug 10 11:38:36 eins postfix/smtp/smtpd[13093]: SSL_accept:before/accept initialization
Aug 10 11:38:36 eins postfix/smtp/smtpd[13093]: read from 7FD75DD71540 [7FD75DD7DF00] (11 bytes => -1 (0xFFFFFFFFFFFFFFFF))
Zuletzt geändert von ande am 10.08.2016 15:41:17, insgesamt 1-mal geändert.

ande
Beiträge: 29
Registriert: 13.10.2003 10:36:29
Wohnort: Freiburg
Kontaktdaten:

Re: Postfix SMTP Port 25 timeout

Beitrag von ande » 10.08.2016 15:40:42

Konnte das Problem durch Hilfe eines Profi lösen:

Ich nutze ISPConfig 3:

main.cf:

Code: Alles auswählen

smtpd_client_message_rate_limit = 100
smtpd_client_restrictions = check_client_access mysql:/etc/postfix/mysql-virtual_client.cf
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, check_recipient_access mysql:/etc/postfix/mysql-virtual_recipient.cf
smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_invalid_hostname, reject_non_fqdn_hostname, reject_unknown_recipient_domain, reject_non_fqdn_recipient, reject_unauth_destination, reject_non_fqdn_sender, reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_rbl_client zen.spamhaus.org, reject_rbl_client cbl.abuseat.org, reject_rbl_client dul.dnsbl.sorbs.net, reject_rbl_client ix.dnsbl.manitu.net, check_recipient_access mysql:/etc/postfix/mysql-virtual_recipient.cf, reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sender_restrictions = check_sender_access mysql:/etc/postfix/mysql-virtual_sender.cf
smtpd_tls_cert_file = /etc/postfix/smtpd.cert
smtpd_tls_key_file = /etc/postfix/smtpd.key
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
smtpd_tls_protocols = !SSLv2,!SSLv3
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
smtp_tls_protocols = !SSLv2,!SSLv3
smtp_tls_security_level = may
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
# TLS parameters
tls_random_source = dev:/dev/urandom
master.cf ohne auskommentierte Zeilen:

Code: Alles auswählen

smtp      inet  n       -       -       -       -       smtpd
 -o syslog_name=postfix/smtp
submission inet n - - - - smtpd
 -o syslog_name=postfix/submission
 -o smtpd_tls_security_level=encrypt
 -o smtpd_sasl_auth_enable=yes
 -o smtpd_client_restrictions=permit_sasl_authenticated,reject
smtps inet n - - - - smtpd
 -o syslog_name=postfix/smtps
 -o smtpd_tls_wrappermode=yes
 -o smtpd_sasl_auth_enable=yes
 -o smtpd_client_restrictions=permit_sasl_authenticated,reject

pickup    fifo  n       -       -       60      1       pickup
cleanup   unix  n       -       -       -       0       cleanup
qmgr      fifo  n       -       n       300     1       qmgr
tlsmgr    unix  -       -       -       1000?   1       tlsmgr
rewrite   unix  -       -       -       -       -       trivial-rewrite
bounce    unix  -       -       -       -       0       bounce
defer     unix  -       -       -       -       0       bounce
trace     unix  -       -       -       -       0       bounce
verify    unix  -       -       -       -       1       verify
flush     unix  n       -       -       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
proxywrite unix -       -       n       -       1       proxymap
smtp      unix  -       -       -       -       -       smtp
relay     unix  -       -       -       -       -       smtp
	-o smtp_fallback_relay=
showq     unix  n       -       -       -       -       showq
error     unix  -       -       -       -       -       error
retry     unix  -       -       -       -       -       error
discard   unix  -       -       -       -       -       discard
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       -       -       -       lmtp
anvil     unix  -       -       -       -       1       anvil
scache    unix  -       -       -       -       1       scache
maildrop  unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail argv=/usr/bin/maildrop -d vmail ${extension} ${recipient} ${user} ${nexthop} ${sender}
uucp      unix  -       n       n       -       -       pipe
  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail    unix  -       n       n       -       -       pipe
  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp     unix  -       n       n       -       -       pipe
  flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix	-	n	n	-	2	pipe
  flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman   unix  -       n       n       -       -       pipe
  flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
  ${nexthop} ${user}


amavis unix - - - - 4 smtp
        -o smtp_data_done_timeout=1200
        -o smtp_send_xforward_command=yes

127.0.0.1:10025 inet n - - - - smtpd
        -o content_filter=
        -o local_recipient_maps=
        -o relay_recipient_maps=
        -o smtpd_restriction_classes=
        -o smtpd_client_restrictions=
        -o smtpd_helo_restrictions=
        -o smtpd_sender_restrictions=
        -o smtpd_recipient_restrictions=permit_mynetworks,reject
        -o mynetworks=127.0.0.0/8
        -o strict_rfc821_envelopes=yes
        -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks

Antworten