Ebbe Hjorth wrote: > Hi, > > I just installed FreeBSD, postfix and dovecot. > > I tried to do the setup from purplehat.org <http://purplehat.org>, but > i keep getting the following error, please help. > > Aug 9 14:22:55 mail02 postfix/smtpd[1969]: SSL_accept error from > mail-ew0-f224.google.com > <http://mail-ew0-f224.google.com>[209.85.219.224]: -1 > Aug 9 14:22:55 mail02 postfix/smtpd[1855]: connect from > bzq-79-182-42-58.red.bezeqint.net > <http://bzq-79-182-42-58.red.bezeqint.net>[79.182.42.58] > Aug 9 14:22:55 mail02 postfix/smtpd[1969]: lost connection after > CONNECT from mail-ew0-f224.google.com > <http://mail-ew0-f224.google.com>[209.85.219.224]
See comments below. > > > mail02# postconf -n [snip] > smtpd_recipient_restrictions = permit_mynetworks, > permit_sasl_authenticated, reject_non_fqdn_hostname, > reject_non_fqdn_sender, reject_non_fqdn_recipient, > reject_unauth_destination, reject_unauth_pipelining, > reject_invalid_hostname, reject_rbl_client list.dsbl.org > <http://list.dsbl.org>, reject_rbl_client bl.spamcop.net > <http://bl.spamcop.net>, reject_rbl_client sbl-xbl.spamhaus.org > <http://sbl-xbl.spamhaus.org> > reject_unauth_pipelining has little value here. dsbl.org is dead. You should remove it. > smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks Worthless, suggest removing it to reduce confusion. > smtpd_tls_CAfile = /etc/ssl/postfix/smtpd.pem > smtpd_tls_cert_file = /etc/ssl/postfix/smtpd.pem > smtpd_tls_key_file = /etc/ssl/postfix/smtpd.pem This doesn't seem right. The CA, cert and key files should NOT be the same. Google is your friend. A great guide by a frequent poster here is http://postfix.state-of-mind.de/patrick.koetter/smtpauth/postfix_tls_support.html > smtpd_use_tls = yes This is depreciated as of Postfix 2.3 (though still works). Preferred is "smtpd_tls_security_level=may"
