ich habe mir einen Postfix/Dovecot/MySQL/Postfixadmin Server aufgesetzt. Funktioniert auch alles soweit. Nun soll der Server um eine weitere Postfix-Instanz erweitert werden.
Die Instanz ist da und lauscht auch fröhlich auf der zweiten IP:
Code: Alles auswählen
LISTEN 0 100 x.x.x.x:25 0.0.0.0:* users:(("master",pid=2008,fd=13))
LISTEN 0 100 x2.x2.x2.x2:25 0.0.0.0:* users:(("master",pid=1543,fd=13))
LISTEN 0 100 x.x.x.x:587 0.0.0.0:* users:(("master",pid=2008,fd=17))
LISTEN 0 100 x2.x2.x2.x2:587 0.0.0.0:* users:(("master",pid=1543,fd=17))
LISTEN 0 100 x.x.x.x:465 0.0.0.0:* users:(("master",pid=2008,fd=20))
LISTEN 0 100 x2.x2.x2.x2:465 0.0.0.0:* users:(("master",pid=1543,fd=20))
Port 587 macht mir allerdings noch Probleme und funktioniert nur bei der Main-Instanz. Über die zweite bekomme ich folgende Fehlermeldung:
Code: Alles auswählen
May 20 18:34:44 mail postfix/submission/smtpd[2464]: warning: dict_nis_init: NIS domain name not set - NIS lookups disabled
May 20 18:34:45 mail postfix/submission/smtpd[2464]: connect from unknown[x.x.x.x]
May 20 18:34:45 mail postfix/submission/smtpd[2464]: Anonymous TLS connection established from unknown[x.x.x.x]: TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256
May 20 18:34:45 mail postfix/submission/smtpd[2464]: warning: SASL: Connect to private/auth failed: No such file or directory
May 20 18:34:45 mail postfix/submission/smtpd[2464]: fatal: no SASL authentication mechanisms
May 20 18:34:46 mail postfix-mail01/master[1543]: warning: process /usr/lib/postfix/sbin/smtpd pid 2464 exit status 1
May 20 18:34:46 mail postfix-mail01/master[1543]: warning: /usr/lib/postfix/sbin/smtpd: bad command startup -- throttling
Zu den Configs:
/etc/postfix-mail01/master.cf
Code: Alles auswählen
smtp inet n - y - - smtpd
submission inet n - y - - smtpd
-o syslog_name=postfix/submission
-o smtpd_tls_security_level=encrypt
-o smtpd_tls_wrappermode=no
-o smtpd_sasl_auth_enable=yes
-o smtpd_relay_restrictions=permit_sasl_authenticated,reject
-o smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
-o smtpd_sasl_type=dovecot
-o smtpd_sasl_path=private/auth
smtps inet n - y - - smtpd
-o syslog_name=postfix/smtps
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
-o smtpd_relay_restrictions=permit_sasl_authenticated,reject
-o smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
-o smtpd_sasl_type=dovecot
-o smtpd_sasl_path=private/auth
Code: Alles auswählen
# TLS parameters
#Enable TLS Encryption when Postfix receives incoming emails
smtpd_tls_cert_file=/etc/letsencrypt/live/mail.blabla.de/fullchain.pem
smtpd_tls_key_file=/etc/letsencrypt/live/mail.blabla.de/privkey.pem
smtpd_tls_security_level=may
smtpd_tls_loglevel = 1
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
#Enable TLS Encryption when Postfix sends outgoing emails
smtp_tls_CApath=/etc/ssl/certs
smtp_tls_security_level = may
smtp_tls_loglevel = 1
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
#Enforce TLSv1.3 or TLSv1.2
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1
smtpd_tls_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1
smtp_tls_mandatory_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1
smtp_tls_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
#mailbox_transport = lmtp:unix:private/dovecot-lmtp
#smtputf8_enable = no
#virtual_mailbox_domains = proxy:mysql:/etc/postfix/sql/mysql_virtual_domains_maps.cf
#virtual_mailbox_maps =
# proxy:mysql:/etc/postfix/sql/mysql_virtual_mailbox_maps.cf,
# proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_mailbox_maps.cf
#virtual_alias_maps =
# proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_maps.cf,
# proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_maps.cf,
# proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_catchall_maps.cf
#virtual_transport = lmtp:unix:private/dovecot-lmtp
#virtual_mailbox_base = /var/vmail
#virtual_minimum_uid = 2000
#virtual_uid_maps = static:2000
#virtual_gid_maps = static:2000
# Milter configuration
#milter_default_action = accept
#milter_protocol = 6
Code: Alles auswählen
disable_plaintext_auth = yes
auth_username_format = %u
auth_mechanisms = plain login
!include auth-sql.conf.ext
auth_debug = yes
auth_debug_passwords = yes
Code: Alles auswählen
service imap-login {
inet_listener imap {
#port = 143
}
inet_listener imaps {
#port = 993
#ssl = yes
}
}
service submission-login {
inet_listener submission {
#port = 587
}
}
service lmtp {
unix_listener /var/spool/postfix/private/dovecot-lmtp {
mode = 0600
user = postfix
group = postfix
}
}
service submission {
# Max. number of SMTP Submission processes (connections)
#process_limit = 1024
}
service auth {
unix_listener /var/spool/postfix/private/auth {
mode = 0660
user = postfix
group = postfix
}
}
service auth-worker {
# Auth worker process is run as root by default, so that it can access
# /etc/shadow. If this isn't necessary, the user should be changed to
# $default_internal_user.
#user = root
}
service dict {
unix_listener dict {
#mode = 0600
#user =
#group =
}
}
service stats {
unix_listener stats-reader {
user = www-data
group = www-data
mode = 0660
}
unix_listener stats-writer {
user = www-data
group = www-data
mode = 0660
}
}
Ich stehe gerade auf dem Schlauch. Hat jemand eine Idee??