Postfix/Dovecot Postmulti

Debian macht sich hervorragend als Web- und Mailserver. Schau auch in den " Tipps und Tricks"-Bereich.
Antworten
chr1zzo
Beiträge: 1
Registriert: 20.05.2022 18:23:05

Postfix/Dovecot Postmulti

Beitrag von chr1zzo » 20.05.2022 18:51:10

Hallo Zusammen,

ich habe mir einen Postfix/Dovecot/MySQL/Postfixadmin Server aufgesetzt. Funktioniert auch alles soweit. Nun soll der Server um eine weitere Postfix-Instanz erweitert werden.

Die Instanz ist da und lauscht auch fröhlich auf der zweiten IP:

Code: Alles auswählen

LISTEN 0      100     x.x.x.x:25        0.0.0.0:*    users:(("master",pid=2008,fd=13))                                                                                                                                                                                                                                                                                     
LISTEN 0      100     x2.x2.x2.x2:25        0.0.0.0:*    users:(("master",pid=1543,fd=13))                                                                                                                                                                                                                                                                                     
LISTEN 0      100     x.x.x.x:587       0.0.0.0:*    users:(("master",pid=2008,fd=17))                                                                                                                                                                                                                                                                                     
LISTEN 0      100     x2.x2.x2.x2:587       0.0.0.0:*    users:(("master",pid=1543,fd=17))                                                                                                                                                                                                                                                                                     
LISTEN 0      100     x.x.x.x:465       0.0.0.0:*    users:(("master",pid=2008,fd=20))                                                                                                                                                                                                                                                                                     
LISTEN 0      100     x2.x2.x2.x2:465       0.0.0.0:*    users:(("master",pid=1543,fd=20))   
Über Port 25 komme ich rein und kann auch Mails versenden.

Port 587 macht mir allerdings noch Probleme und funktioniert nur bei der Main-Instanz. Über die zweite bekomme ich folgende Fehlermeldung:

Code: Alles auswählen

May 20 18:34:44 mail postfix/submission/smtpd[2464]: warning: dict_nis_init: NIS domain name not set - NIS lookups disabled
May 20 18:34:45 mail postfix/submission/smtpd[2464]: connect from unknown[x.x.x.x]
May 20 18:34:45 mail postfix/submission/smtpd[2464]: Anonymous TLS connection established from unknown[x.x.x.x]: TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256
May 20 18:34:45 mail postfix/submission/smtpd[2464]: warning: SASL: Connect to private/auth failed: No such file or directory
May 20 18:34:45 mail postfix/submission/smtpd[2464]: fatal: no SASL authentication mechanisms
May 20 18:34:46 mail postfix-mail01/master[1543]: warning: process /usr/lib/postfix/sbin/smtpd pid 2464 exit status 1
May 20 18:34:46 mail postfix-mail01/master[1543]: warning: /usr/lib/postfix/sbin/smtpd: bad command startup -- throttling

Zu den Configs:
/etc/postfix-mail01/master.cf

Code: Alles auswählen

smtp      inet  n       -       y       -       -       smtpd

submission     inet     n    -    y    -    -    smtpd
  -o syslog_name=postfix/submission
  -o smtpd_tls_security_level=encrypt
  -o smtpd_tls_wrappermode=no
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
  -o smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
  -o smtpd_sasl_type=dovecot
  -o smtpd_sasl_path=private/auth
  
smtps     inet  n       -       y       -       -       smtpd
  -o syslog_name=postfix/smtps
  -o smtpd_tls_wrappermode=yes
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
  -o smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
  -o smtpd_sasl_type=dovecot
  -o smtpd_sasl_path=private/auth
/etc/postfix-mail01/main.cf

Code: Alles auswählen

# TLS parameters
#Enable TLS Encryption when Postfix receives incoming emails
smtpd_tls_cert_file=/etc/letsencrypt/live/mail.blabla.de/fullchain.pem
smtpd_tls_key_file=/etc/letsencrypt/live/mail.blabla.de/privkey.pem
smtpd_tls_security_level=may
smtpd_tls_loglevel = 1
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache

#Enable TLS Encryption when Postfix sends outgoing emails
smtp_tls_CApath=/etc/ssl/certs
smtp_tls_security_level = may
smtp_tls_loglevel = 1
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

#Enforce TLSv1.3 or TLSv1.2
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1
smtpd_tls_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1
smtp_tls_mandatory_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1
smtp_tls_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1

smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination

#mailbox_transport = lmtp:unix:private/dovecot-lmtp
#smtputf8_enable = no


#virtual_mailbox_domains = proxy:mysql:/etc/postfix/sql/mysql_virtual_domains_maps.cf
#virtual_mailbox_maps =
#   proxy:mysql:/etc/postfix/sql/mysql_virtual_mailbox_maps.cf,
#   proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_mailbox_maps.cf
#virtual_alias_maps =
#   proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_maps.cf,
#   proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_maps.cf,
#   proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_catchall_maps.cf

#virtual_transport = lmtp:unix:private/dovecot-lmtp


#virtual_mailbox_base = /var/vmail
#virtual_minimum_uid = 2000
#virtual_uid_maps = static:2000
#virtual_gid_maps = static:2000


# Milter configuration
#milter_default_action = accept
#milter_protocol = 6
/etc/dovecot/conf.d/10-auth.conf

Code: Alles auswählen

disable_plaintext_auth = yes
auth_username_format = %u
auth_mechanisms = plain login
!include auth-sql.conf.ext
auth_debug = yes
auth_debug_passwords = yes
/etc/dovecot/conf.d/10-master.conf

Code: Alles auswählen

service imap-login {
  inet_listener imap {
    #port = 143
  }
  inet_listener imaps {
    #port = 993
    #ssl = yes
  }
}

service submission-login {
  inet_listener submission {
    #port = 587
  }
}

service lmtp {
  unix_listener /var/spool/postfix/private/dovecot-lmtp {
   mode = 0600
   user = postfix
   group = postfix
  }
}

service submission {
  # Max. number of SMTP Submission processes (connections)
  #process_limit = 1024
}

service auth {
unix_listener /var/spool/postfix/private/auth {
      mode = 0660
      user = postfix
      group = postfix
    }
}

service auth-worker {
  # Auth worker process is run as root by default, so that it can access
  # /etc/shadow. If this isn't necessary, the user should be changed to
  # $default_internal_user.
  #user = root
}

service dict {
  unix_listener dict {
    #mode = 0600
    #user =
    #group =
  }
}

service stats {
    unix_listener stats-reader {
    user = www-data
    group = www-data
    mode = 0660
}

unix_listener stats-writer {
    user = www-data
    group = www-data
    mode = 0660
  }
}


Ich stehe gerade auf dem Schlauch. Hat jemand eine Idee??

Antworten