-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi all,
Unfortunately, I'm finding this singularly unhelpful: - -------- Original Message -------- Subject: Postfix SMTP server: errors from unknown[209.85.212.69] Date: Thu, 22 Aug 2013 23:39:49 -0700 (PDT) From: mailer-dae...@mail.parts-unknown.org (Mail Delivery System) To: postmas...@mail.parts-unknown.org (Postmaster) Transcript of session follows. Out: 220 mail.parts-unknown.org ESMTP Postfix In: EHLO mail-vb0-f69.google.com Out: 250-mail.parts-unknown.org Out: 250-PIPELINING Out: 250-SIZE 20971520 Out: 250-VRFY Out: 250-ETRN Out: 250-STARTTLS Out: 250-ENHANCEDSTATUSCODES Out: 250-8BITMIME Out: 250 DSN In: STARTTLS Out: 454 4.7.0 TLS not available due to local problem In: QUIT Out: 221 2.0.0 Bye For other details, see the local mail logfile - --------------------------------------------- The logfile doesn't help me either. I don't know if I've included enough here: Aug 22 23:39:49 munich.parts-unknown.org postfix/smtpd[3217]: > unknown[209.85.212.69]: 220 mail.parts-unknown.org ESMTP Postfix Aug 22 23:39:49 munich.parts-unknown.org postfix/smtpd[3217]: < unknown[209.85.212.69]: EHLO mail-vb0-f69.google.com Aug 22 23:39:49 munich.parts-unknown.org postfix/smtpd[3217]: match_list_match: unknown: no match Aug 22 23:39:49 munich.parts-unknown.org postfix/smtpd[3217]: match_list_match: 209.85.212.69: no match Aug 22 23:39:49 munich.parts-unknown.org postfix/smtpd[3217]: > unknown[209.85.212.69]: 250-mail.parts-unknown.org Aug 22 23:39:49 munich.parts-unknown.org postfix/smtpd[3217]: > unknown[209.85.212.69]: 250-PIPELINING Aug 22 23:39:49 munich.parts-unknown.org postfix/smtpd[3217]: > unknown[209.85.212.69]: 250-SIZE 20971520 Aug 22 23:39:49 munich.parts-unknown.org postfix/smtpd[3217]: > unknown[209.85.212.69]: 250-VRFY Aug 22 23:39:49 munich.parts-unknown.org postfix/smtpd[3217]: > unknown[209.85.212.69]: 250-ETRN Aug 22 23:39:49 munich.parts-unknown.org postfix/smtpd[3217]: > unknown[209.85.212.69]: 250-STARTTLS Aug 22 23:39:49 munich.parts-unknown.org postfix/smtpd[3217]: > unknown[209.85.212.69]: 250-ENHANCEDSTATUSCODES Aug 22 23:39:49 munich.parts-unknown.org postfix/smtpd[3217]: > unknown[209.85.212.69]: 250-8BITMIME Aug 22 23:39:49 munich.parts-unknown.org postfix/smtpd[3217]: > unknown[209.85.212.69]: 250 DSN Aug 22 23:39:49 munich.parts-unknown.org postfix/smtpd[3217]: < unknown[209.85.212.69]: STARTTLS Aug 22 23:39:49 munich.parts-unknown.org postfix/smtpd[3217]: > unknown[209.85.212.69]: 454 4.7.0 TLS not available due to local problem Aug 22 23:39:49 munich.parts-unknown.org postfix/smtpd[3217]: < unknown[209.85.212.69]: QUIT Aug 22 23:39:49 munich.parts-unknown.org postfix/smtpd[3217]: > unknown[209.85.212.69]: 221 2.0.0 Bye Aug 22 23:39:49 munich.parts-unknown.org postfix/smtpd[3217]: match_hostname: unknown ~? 10.8.0.0/16 Aug 22 23:39:49 munich.parts-unknown.org postfix/smtpd[3217]: match_hostaddr: 209.85.212.69 ~? 10.8.0.0/16 Aug 22 23:39:49 munich.parts-unknown.org postfix/smtpd[3217]: match_hostname: unknown ~? 127.0.0.0/8 Aug 22 23:39:49 munich.parts-unknown.org postfix/smtpd[3217]: match_hostaddr: 209.85.212.69 ~? 127.0.0.0/8 Aug 22 23:39:49 munich.parts-unknown.org postfix/smtpd[3217]: match_list_match: unknown: no match Aug 22 23:39:49 munich.parts-unknown.org postfix/smtpd[3217]: match_list_match: 209.85.212.69: no match Aug 22 23:39:49 munich.parts-unknown.org postfix/smtpd[3217]: send attr request = disconnect Aug 22 23:39:49 munich.parts-unknown.org postfix/smtpd[3217]: send attr ident = smtpd:209.85.212.69 Aug 22 23:39:49 munich.parts-unknown.org postfix/smtpd[3217]: private/anvil: wanted attribute: status Aug 22 23:39:49 munich.parts-unknown.org postfix/smtpd[3217]: input attribute name: status Aug 22 23:39:49 munich.parts-unknown.org postfix/smtpd[3217]: input attribute value: 0 Aug 22 23:39:49 munich.parts-unknown.org postfix/smtpd[3217]: private/anvil: wanted attribute: (list terminator) Aug 22 23:39:49 munich.parts-unknown.org postfix/smtpd[3217]: input attribute name: (end) Aug 22 23:39:49 munich.parts-unknown.org postfix/smtpd[3217]: smtpd_chat_notify: notify postmaster Aug 22 23:39:49 munich.parts-unknown.org postfix/smtpd[3217]: connect to subsystem public/cleanup Aug 22 23:39:50 munich.parts-unknown.org postfix/smtpd[3217]: public/cleanup socket: wanted attribute: queue_id Aug 22 23:39:50 munich.parts-unknown.org postfix/smtpd[3217]: input attribute name: queue_id Aug 22 23:39:50 munich.parts-unknown.org postfix/smtpd[3217]: input attribute value: 0F01D4631E1 Aug 22 23:39:50 munich.parts-unknown.org postfix/smtpd[3217]: public/cleanup socket: wanted attribute: (list terminator) Aug 22 23:39:50 munich.parts-unknown.org postfix/smtpd[3217]: input attribute name: (end) Aug 22 23:39:50 munich.parts-unknown.org postfix/smtpd[3217]: send attr flags = 32 Here's my postconf -n: address_verify_map = btree:$data_directory/verify_cache alias_database = $alias_maps alias_maps = hash:/etc/postfix/aliases, hash:/var/lib/mailman/data/aliases broken_sasl_auth_clients = yes command_directory = /usr/bin config_directory = /etc/postfix content_filter = scan:127.0.0.1:10026 daemon_directory = /usr/lib/postfix data_directory = /var/lib/postfix debug_peer_level = 2 debugger_command = PATH=/bin:/usr/bin:/usr/local/bin; export PATH; (echo cont; echo where) | gdb $daemon_directory/$process_name $process_id 2>&1 >$config_directory/$process_name.$process_id.log & sleep 5 fast_flush_domains = $relay_domains header_checks = pcre:/etc/postfix/header_checks home_mailbox = Maildir/ html_directory = no in_flow_delay = 1s inet_interfaces = 127.0.0.1, 10.8.0.1, 91.205.174.238 inet_protocols = ipv4 local_destination_concurrency_limit = 2 mail_owner = postfix mailbox_command_maps = hash:/etc/postfix/mailbox_commands mailq_path = /usr/bin/mailq manpage_directory = /usr/share/man message_size_limit = 20971520 mydestination = localhost, localhost.$mydomain, cybernude.org, mail.cybernude.org, munich.cybernude.org, www.cybernude.org, disunitedstates.com, mail.disunitedstates.com, munich.disunitedstates.com, www.disunitedstates.com, disunitedstates.org, mail.disunitedstates.org, munich.disunitedstates.org, www.disunitedstates.org, greybeard95a.com, mail.greybeard95a.com, munich.greybeard95a.com, www.greybeard95a.com, n4rky.me, mail.n4rky.me, munich.n4rky.me, www.n4rky.me, parts-unknown.org, mail.parts-unknown.org, munich.parts-unknown.org, www.parts-unknown.org mydomain = parts-unknown.org myhostname = mail.parts-unknown.org mynetworks = 10.8.0.0/16, 127.0.0.0/8 mynetworks_style = subnet myorigin = $myhostname newaliases_path = /usr/bin/newaliases postscreen_access_list = permit_mynetworks, cidr:/etc/postfix/postscreen_access.cidr postscreen_bare_newline_action = enforce postscreen_bare_newline_enable = yes postscreen_blacklist_action = drop postscreen_dnsbl_action = enforce postscreen_dnsbl_reply_map = pcre:$config_directory/postscreen_dnsbl_reply_map.pcre postscreen_dnsbl_sites = zen.spamhaus.org*3, b.barracudacentral.org*2, bl.spameatingmonkey.net*2, dnsbl.ahbl.org*2, bl.spamcop.net, dnsbl.sorbs.net, psbl.surriel.com, bl.mailspike.net, swl.spamhaus.org*-4, list.dnswl.org=127.[0..255].[0..255].0*-2, list.dnswl.org=127.[0..255].[0..255].1*-3, list.dnswl.org=127.[0..255].[0..255].[2..255]*-4, postscreen_dnsbl_threshold = 3 postscreen_greet_action = enforce postscreen_non_smtp_command_enable = yes postscreen_pipelining_enable = yes queue_directory = /var/spool/postfix readme_directory = no receive_override_options = no_address_mappings recipient_delimiter = + relay_domains = * sample_directory = /etc/postfix/sample sendmail_path = /usr/sbin/sendmail setgid_group = postdrop smtp_tls_key_file = /big/www/ssl/munich/munich.parts-unknown.org.key smtp_tls_note_starttls_offer = yes smtp_use_tls = yes smtpd_banner = $myhostname ESMTP $mail_name smtpd_client_restrictions = permit_mynetworks,permit_sasl_authenticated smtpd_peername_lookup = no smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination,reject_rbl_client zen.spamhaus.org,reject_rbl_client bl.spamcop.net smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = $mydomain smtpd_sasl_path = /var/spool/postfix/private/auth smtpd_sasl_security_options = noanonymous smtpd_sasl_tls_security_options = $smtpd_sasl_security_options smtpd_sasl_type = dovecot smtpd_sender_restrictions = check_recipient_access hash:/etc/postfix/restrict smtpd_tls_auth_only = yes smtpd_tls_cert_file = /big/www/ssl/munich/munich.parts-unknown.org.concatenated.crt smtpd_tls_loglevel = 3 smtpd_tls_security_level = may unknown_local_recipient_reject_code = 550 virtual_alias_maps = hash:/var/lib/mailman/data/virtual-mailman What has changed are the SSL keys. But if something is wrong here, I don't know how to tell what. This is a StartSSL.com certificate so there's an intermediate key as well as the certificate itself and the certificate authority key. The chain should be complete. I've just checked my work; I think I did this right. So how do I tell what's going wrong? Thanks! - -- David Benfell <benf...@parts-unknown.org> -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.20 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBAgAGBQJSFw0dAAoJEKrN0Ha7pkCOfPUP+QHGDxtU/n46i5uLlxeWKlzz 34792Tfb4MhVZcLi2WHDR8Ce9C8Ar+qyfSuLcetxvEhfuXriIqAZhrt3u0hlJ3WC Yx2ZRGK4dDJL4M1CqN+xqKr8pbCTb8fTSHYkHS+DqGhG1LrQUn6mwdYHmW5/BZnv H04TGIfjZYd5MWNtLb4T3vAiLXosIy8t08efO325yqzzBDIb9jdrq279TjJeQnqW a1GDpClukRct3OmXLsEOkFvjCVzrKVqOlm0JNC8ApBnbPMYIhyYltAIYFXFmQa6F g9GUHRSygin3i0q8ZJuhn9fPxKCd41xDaXX08sflQA1s3HzFYyeaNYthYCx3Kkk4 50RsadyiKOnVL6s/ow4kTGb/7JRhUiERTztYObTamTpMxLmbA4xCcPsZ/7zxH8Xu DgffJI6If8SXVHwZHFKSfYw/pHnsbOccrx9HY844t66cOy3Dhl6WIpo9ByVSFk4T LWENelloJdJo3+wwe3ujWV5FUhatcEChg6lMo6vbLNPXgku94IAdWSwOKEivtuB3 YFB+zYG6zFK4J4dwouwexCy03xGdy/Hb9t8TFSl9SVQMYau/3aIrEGDS4cvIlrcB CrUTwjflU8E+xZ46cv4xUSn9o0jZZo0Mb4rT3INqkjnGcRtkFjkLWDnjB8c2oVkT rTipnKVhIbvBhU3hrWEN =2bsJ -----END PGP SIGNATURE-----
Attached Message Part.sig
Description: PGP signature
