Join Log in
Score:0
KML avatar Ubuntu

i have a mail server with postfix and roundcube, But now can't send and receipt email

se flag
KML

I have error SMTP Error (451): Failed to add recipient "xxx@xxx" (4.3.5 Server configuration error). with log sv2 postfix/submission/smtpd[21621]: NOQUEUE: reject: RCPT from unknown[185.107.56.150]: 451 4.3.5 Server configuration error; I checked on /etc/postfix/main.cf and my TLS config is the following:

readme_directory = /usr/share/doc/postfix-2.10.1/README_FILES
transport_maps = ldap:/etc/postfix/ldap/transport_maps.cf, hash:/etc/postfix/transport
#content_filter = smtp-amavis:[127.0.0.1]:10024

recipient_delimiter = +
smtpd_tls_key_file = /etc/pki/tls/private/localhost.pem
smtpd_sender_login_maps = $local_recipient_maps
local_recipient_maps = ldap:/etc/postfix/ldap/local_recipient_maps.cf
virtual_alias_maps = $alias_maps, ldap:/etc/postfix/ldap/virtual_alias_maps.cf, ldap:/etc/postfix/ldap/virtual_alias_maps_mailforwarding.cf, ldap:/etc/postfix/ldap/virtual_alias_maps_sharedfolders.cf, ldap:/etc/postfix/ldap/mailenabled_distgroups.cf, ldap:/etc/postfix/ldap/mailenabled_dynamic_distgroups.cf

submission_sender_restrictions = reject_non_fqdn_sender, check_policy_service unix:private/submission_policy,permit_sasl_authenticated, reject
submission_recipient_restrictions = check_policy_service unix:private/submission_policy, permit_sasl_authenticated, reject
disable_vrfy_command = yes
smtpd_helo_required = yes
# config ngay 17-04-2019-------------------
smtpd_helo_restrictions = permit_mynetworks,
    permit_sasl_authenticated,
    #reject_unknown_helo_hostname
    #reject_non_fqdn_hostname,
    #reject_invalid_hostname,
    permit
smtpd_recipient_restrictions = permit_sasl_authenticated #reject_invalid_hostname # reject_non_fqdn_hostname # reject_non_fqdn_sender reject_non_fqdn_recipient # reject_unknown_sender_domain reject_unknown_recipient_domain permit_mynetworks # reject_rbl_client list.dsbl.org reject_rbl_client sbl.spamhaus.org reject_rbl_client bl.spamcop.net reject_rbl_client cbl.abuseat.org # reject_rbl_client dul.dnsbl.sorbs.net check_policy_service unix:private/recipient_policy_incoming permit #reject_invalid_hostname # reject_non_fqdn_hostname # reject_non_fqdn_sender # reject_unknown_sender_domain # reject_rbl_client list.dsbl.org # reject_rbl_client dul.dnsbl.sorbs.net #reject_invalid_hostname # reject_non_fqdn_hostname # reject_non_fqdn_sender # reject_unknown_sender_domain # reject_rbl_client list.dsbl.org # reject_rbl_client dul.dnsbl.sorbs.net #reject_invalid_hostname # reject_non_fqdn_hostname # reject_non_fqdn_sender # reject_unknown_sender_domain # reject_rbl_client list.dsbl.org # reject_rbl_client dul.dnsbl.sorbs.net #reject_invalid_hostname # reject_non_fqdn_hostname # reject_non_fqdn_sender # reject_unknown_sender_domain # reject_rbl_client list.dsbl.org # reject_rbl_client dul.dnsbl.sorbs.net #reject_invalid_hostname # reject_non_fqdn_hostname # reject_non_fqdn_sender # reject_unknown_sender_domain # reject_rbl_client list.dsbl.org # reject_rbl_client dul.dnsbl.sorbs.net #reject_invalid_hostname # reject_non_fqdn_hostname # reject_non_fqdn_sender # reject_unknown_sender_domain # reject_rbl_client list.dsbl.org # reject_rbl_client dul.dnsbl.sorbs.net #reject_invalid_hostname # reject_non_fqdn_hostname # reject_non_fqdn_sender # reject_unknown_sender_domain # reject_rbl_client list.dsbl.org # reject_rbl_client dul.dnsbl.sorbs.net
  #reject_invalid_hostname,
  # reject_non_fqdn_hostname,
  # reject_non_fqdn_sender,
  # reject_unknown_sender_domain,
  # reject_rbl_client list.dsbl.org,
  # reject_rbl_client dul.dnsbl.sorbs.net,
smtpd_error_sleep_time = 300s
smtpd_soft_error_limit = 10
smtpd_hard_error_limit = 20
submission_data_restrictions = check_policy_service unix:private/submission_policy
smtpd_tls_cert_file = /etc/pki/tls/private/localhost.pem
smtpd_tls_security_level = may
smtpd_relay_restrictions = yes
#message_size_limit = 204800000#mailbox_size_limit = 204800000
message_size_limit = 0
mailbox_size_limit = 0
virtual_mailbox_limit = 204800000
smtpd_client_message_rate_limit =5
smtpd_client_connection_count_limit = 40
smtpd_client_connection_rate_limit = 180
smtpd_client_new_tls_session_rate_limit = 180
smtp_destination_concurrency_limit = 2
smtp_destination_rate_delay = 1s
smtp_extra_recipient_limit = 10
relayhost = [auth.netnam.vn]:25
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
smtp_sasl_tls_security_options = noanonymous
smtp_sasl_mechanism_filter = plain
smtpd_relay_restrictions = yes
header_checks = regexp:/etc/postfix/header_checks

and master.cf

submission          inet        n       -       n       -       -       smtpd
    -o cleanup_service_name=cleanup_submission
    -o syslog_name=postfix/submission
    -o smtpd_tls_security_level=encrypt
    -o smtpd_sasl_auth_enable=yes
    -o smtpd_sasl_authenticated_header=yes
    -o smtpd_client_restrictions=permit_sasl_authenticated,reject
    -o smtpd_data_restrictions=$submission_data_restrictions
    -o smtpd_recipient_restrictions=$submission_recipient_restrictions
    -o smtpd_sender_restrictions=$submission_sender_restrictions
    -o header_checks=regexp:/etc/postfix/header_checks
smtps               inet        n       -       n       -       -       smtpd
    -o syslog_name=postfix/smtps
#    -o smtpd_tls_wrappermode=yes
    -o smtpd_sasl_auth_enable=yes
    -o smtpd_client_restrictions=permit_sasl_authenticated,reject
    -o milter_macro_daemon_name=ORIGINATING
60
0 + 4
raj avatar
cn flag
raj
When you start postfix, does it say anything more in the logs about the configuration error? Was your server working previously? If yes, do you have a copy of the previously working configuration? Revert to it and change things one by one until you find what causes error. Your configuration is quite complicated, depending on a lot of external things and without deeper analysis it's hard to say where the error is. Is the policy server at `unix:private/submission_policy` running? Is the path correct? If not, this may cause the error.
1
Reply
KML avatar
se flag
KML
i dont have any copy of the previously working configuration, i dont remember what i change. Haizzz
0
Reply
Marco avatar
br flag
Marco
Have you checked the output of `postfix check` ?
0
Reply
raj avatar
cn flag
raj
I would suggest you ask on the postfix-users mailing list (you can subscribe here: http://www.postfix.org/lists.html ). The community provides excellent support and Postfix developers are also present there. Probably someone there will be able to help you.
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.