Good morning everybody, I was wondering for quite some weeks now how to fix this issue with my postfix. I had a brief discussion with Ralf Hildebrandt and he suggested asking via the users lists, that's what I am doing now.
I have the situation that the PF currently doesn't seem to get proper information about the state of the SSL connection, as you can see below. ==> mail/mail.log <== Nov 3 08:50:29 blueberry postfix/tlsproxy[8057]: CONNECT from [2a01:111:f400:fe02::31f]:39552 Nov 3 08:50:29 blueberry postfix/tlsproxy[8057]: setting up TLS connection from [2a01:111:f400:fe02::31f]:39552 Nov 3 08:50:29 blueberry postfix/tlsproxy[8057]: [2a01:111:f400:fe02::31f]:39552: TLS cipher list "aNULL:-aNULL:HIGH:MEDIUM:LOW:EXPORT:+RC4:@STRENGTH:!aNULL" Nov 3 08:50:29 blueberry postfix/tlsproxy[8057]: SSL_accept:before/accept initialization Nov 3 08:50:30 blueberry postfix/tlsproxy[8057]: SSL_accept:unknown state Nov 3 08:50:30 blueberry postfix/tlsproxy[8057]: message repeated 5 times: [ SSL_accept:unknown state] Nov 3 08:50:30 blueberry postfix/tlsproxy[8057]: SSL_accept:failed in unknown state It doesn't matter if it is an IPv6 host, if the host is in mynetworks or not (all postfixes with CACert issues certs and working properly between each of the others finely). Any pointers what to check/where to lock/what to fix are highly appreciated. And I will probably drop another mail around another issue in conjunction with dovecot virtual user delivery pf->dovecot... but first this SSL thing... Thanks! Florian =========================================================================== Note: this message was send by me *only* if the eMail message contains a correct pgp signature corresponding to my address at flo...@floppy.org. Do you need my PGP public key? Check out http://www.floppy.org or send me an email with the subject "send pgp public key" to this address of mine.Thx!
2bounce_notice_recipient = postmaster-bounce address_verify_map = btree:/var/lib/postfix/verify address_verify_negative_cache = yes address_verify_negative_expire_time = 3d address_verify_negative_refresh_time = 300s address_verify_positive_expire_time = 31d address_verify_positive_refresh_time = 7d alias_database = btree:/etc/aliases alias_maps = btree:/etc/aliases allow_percent_hack = no always_bcc = biff = no body_checks = regexp:/etc/postfix/body_checks.regexp bounce_notice_recipient = postmaster-bounce bounce_queue_lifetime = 1d bounce_size_limit = 10240 broken_sasl_auth_clients = yes canonical_maps = btree:/etc/postfix/canonical command_directory = /usr/sbin compatibility_level = 2 content_filter = smtp-amavis:[127.0.0.1]:10024 daemon_directory = /usr/lib/postfix data_directory = /var/lib/postfix debug_peer_level = 2 debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin xxgdb $daemon_directory/$process_name $process_id & sleep 5 default_database_type = btree default_destination_concurrency_limit = 10 default_privs = nobody default_process_limit = 12 defer_transports = hold delay_notice_recipient = postmaster-delay delay_warning_time = 2d disable_dns_lookups = no disable_vrfy_command = yes error_notice_recipient = postmaster-error header_checks = regexp:/etc/postfix/block255, regexp:/etc/postfix/header_checks.regexp html_directory = /srv/www/yadda.dadd-do.de/html/postfix inet_interfaces = all inet_protocols = all lmtp_tls_ciphers = export lmtp_tls_mandatory_protocols = !SSLv2 !SSLv3 lmtp_tls_protocols = !SSLv2 !SSLv3 local_destination_concurrency_limit = 4 mail_owner = postfix mail_spool_directory = /var/mail mailbox_size_limit = 1000000000 mailq_path = /usr/bin/mailq manpage_directory = /usr/share/man masquerade_classes = envelope_sender, header_sender, header_recipient masquerade_domains = masquerade_exceptions = root maximal_queue_lifetime = 3d message_size_limit = 125000000 meta_directory = /etc/postfix mydestination = localhost.$mydomain, localhost, localhost.localdomain, $myhostname myhostname = yadda.dadd-do.de mynetworks = 127.0.0.0/8 [::1]/128... newaliases_path = /usr/bin/newaliases notify_classes = bounce, resource, software, delay, policy postscreen_access_list = permit_mynetworks cidr:/etc/postfix/postscreen_access.cidr postscreen_bare_newline_action = drop postscreen_bare_newline_enable = yes postscreen_blacklist_action = drop postscreen_dnsbl_action = enforce postscreen_dnsbl_sites = postscreen_dnsbl_threshold = 2 postscreen_greet_action = enforce postscreen_non_smtp_command_enable = yes postscreen_pipelining_enable = yes queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/packages/postfix/README_FILES relay_domains = btree:/etc/postfix/relay_domains relay_recipient_maps = btree:/etc/postfix/recipient_maps.outpost relayhost = outpost.post-peine.de relocated_maps = btree:/etc/postfix/relocated resolve_dequoted_address = yes sample_directory = /usr/share/doc/packages/postfix/samples sendmail_path = /usr/sbin/sendmail setgid_group = postdrop shlib_directory = /usr/lib/postfix smtp_sasl_auth_enable = yes smtp_sasl_password_maps = btree:/etc/postfix/sasl_passwd smtp_sasl_security_options = noanonymous smtp_send_xforward_command = yes smtp_tls_CApath = /etc/ssl/certs smtp_tls_cert_file = /etc/ssl/certs/blueberry.pem smtp_tls_ciphers = export smtp_tls_key_file = /etc/ssl/private/blueberry.key smtp_tls_loglevel = 2 smtp_tls_mandatory_protocols = !SSLv2 !SSLv3 smtp_tls_note_starttls_offer = yes smtp_tls_policy_maps = btree:/etc/postfix/tls_nach_ziel smtp_tls_protocols = !SSLv2 !SSLv3 smtp_tls_security_level = may smtp_tls_session_cache_database = btree:/var/lib/postfix/smtp_session_cache smtp_tls_session_cache_timeout = 3600s smtp_use_tls = no smtpd_authorized_xforward_hosts = 127.0.0.0/8 [::1]/128 smtpd_banner = $myhostname ESMTP $mail_name smtpd_client_restrictions = permit_mynetworks smtpd_error_sleep_time = 1 smtpd_hard_error_limit = 3 smtpd_proxy_timeout = 3600s smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, check_policy_service inet:localhost:10023 smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_path = private/auth smtpd_sasl_type = dovecot smtpd_soft_error_limit = 7 smtpd_timeout = 3600s smtpd_tls_CApath = /etc/ssl/certs smtpd_tls_ask_ccert = yes smtpd_tls_cert_file = /etc/ssl/certs/blueberry.pem smtpd_tls_ciphers = export smtpd_tls_key_file = /etc/ssl/private/blueberry.key smtpd_tls_loglevel = 2 smtpd_tls_mandatory_protocols = !SSLv2 !SSLv3 smtpd_tls_protocols = !SSLv2 !SSLv3 smtpd_tls_received_header = yes smtpd_tls_security_level = may smtpd_tls_session_cache_database = btree:/var/lib/postfix/smtpd_session_cache smtpd_tls_session_cache_timeout = 7200s smtpd_use_tls = yes smtputf8_enable = no strict_rfc821_envelopes = yes swap_bangpath = no tls_random_source = dev:/dev/urandom transport_maps = btree:/etc/postfix/transport unknown_local_recipient_reject_code = 550 unverified_sender_reject_code = 554 virtual_alias_maps = $virtual_maps virtual_gid_maps = static:31 virtual_mailbox_base = /var/spool/mail/vmail virtual_mailbox_domains = $virtual_mailbox_maps virtual_maps = btree:/etc/postfix/virtual virtual_transport = dovecot virtual_uid_maps = static:110
smtp inet n - n - 1 postscreen
smtp unix - - n - - smtp
hold unix - - n - 25 smtp
pickup fifo n - - 60 1 pickup
cleanup unix n - n - 0 cleanup
qmgr fifo n - n 1 1 qmgr
rewrite unix - - n - - trivial-rewrite
bounce unix - - n - 0 bounce
defer unix - - n - 0 bounce
flush unix n - n 1000? 0 flush
proxymap unix - - n - - proxymap
smtp unix - - n - - smtp
relay unix - - n - - smtp
showq unix n - n - - showq
error unix - - n - - error
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
maildrop unix - n n - - pipe flags=DRhu
user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
cyrus unix - n n - - pipe user=cyrus
argv=/usr/lib/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
uucp unix - n n - - pipe flags=Fqhu
user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail unix - n n - - pipe flags=F user=ftn
argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe flags=Fq.
user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient
procmail unix - n n - - pipe flags=R
user=nobody argv=/usr/bin/procmail -t -m /etc/procmailrc ${sender}
${recipient}
trace unix - - n - 0 bounce
verify unix - - n - 1 verify
smtp-amavis unix - - n - 2 lmtp
-o smtp_data_done_timeout=1200
-o disable_dns_lookups=yes
127.0.0.1:10025 inet n - n - - smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_client_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks=127.0.0.0/8
-o strict_rfc821_envelopes=yes
anvil unix - - n - 1 anvil
scache unix - - n - 1 scache
discard unix - - n - - discard
tlsmgr unix - - n 1000? 1 tlsmgr
retry unix - - n - - error
proxywrite unix - - n - 1 proxymap
smtpd pass - - n - - smtpd
dnsblog unix - - n - 0 dnsblog
tlsproxy unix - - n - 0 tlsproxy
smtps inet n - - - - smtpd
-o smtpd_tls_wrappermode=yes
submission inet n - - - - smtpd
-o smtpd_enforce_tls=yes
-o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
-o smtpd_sasl_type=dovecot
-o smtpd_sasl_path=private/auth
-o smtpd_sasl_security_options=noanonymous
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
-o smtpd_sender_restrictions=
-o
smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination
dovecot unix - n n - - pipe flags=DRhu
user=vmail:vmail argv=/usr/lib/dovecot/dovecot-lda -f ${sender} -a
${original_recipient} -d ${user}@${nexthop}
root@blueberry:/home/software/saslfinger-1.0.3# saslfinger -s
saslfinger - postfix Cyrus sasl configuration Do 3. Nov 09:10:17 CET 2016
version: 1.0.2
mode: server-side SMTP AUTH
-- basics --
Postfix: 3.2-20161101
System: Ubuntu 16.04.1 LTS \n \l
-- smtpd is linked to --
libsasl2.so.2 => /usr/lib/x86_64-linux-gnu/libsasl2.so.2
(0x00007fb3db0ac000)
-- active SMTP AUTH and TLS parameters for smtpd --
broken_sasl_auth_clients = yes
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = private/auth
smtpd_sasl_type = dovecot
smtpd_tls_CApath = /etc/ssl/certs
smtpd_tls_ask_ccert = yes
smtpd_tls_cert_file = /etc/ssl/certs/blueberry.pem
smtpd_tls_ciphers = export
smtpd_tls_key_file = /etc/ssl/private/blueberry.key
smtpd_tls_loglevel = 2
smtpd_tls_mandatory_protocols = !SSLv2 !SSLv3
smtpd_tls_protocols = !SSLv2 !SSLv3
smtpd_tls_received_header = yes
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:/var/lib/postfix/smtpd_session_cache
smtpd_tls_session_cache_timeout = 7200s
smtpd_use_tls = yes
-- listing of /usr/lib/sasl2 --
total 8
drwxr-xr-x 2 root root 4096 Apr 5 2016 .
drwxr-xr-x 49 root root 4096 Okt 10 21:38 ..
-- content of /etc/postfix/sasl/smtpd.conf --
pwcheck_method: saslauthd
mech_list: PLAIN LOGIN
autotransition: true
saslauthd_path: /var/spool/postfix/var/run/saslauthd/mux
-- active services in /etc/postfix/master.cf --
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
smtp inet n - n - 1 postscreen
smtp unix - - n - - smtp
hold unix - - n - 25 smtp
pickup fifo n - - 60 1 pickup
cleanup unix n - n - 0 cleanup
qmgr fifo n - n 1 1 qmgr
rewrite unix - - n - - trivial-rewrite
bounce unix - - n - 0 bounce
defer unix - - n - 0 bounce
flush unix n - n 1000? 0 flush
proxymap unix - - n - - proxymap
smtp unix - - n - - smtp
relay unix - - n - - smtp
showq unix n - n - - showq
error unix - - n - - error
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
cyrus unix - n n - - pipe
user=cyrus argv=/usr/lib/cyrus/bin/deliver -e -r ${sender} -m ${extension}
${user}
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient
procmail unix - n n - - pipe
flags=R user=nobody argv=/usr/bin/procmail -t -m /etc/procmailrc ${sender}
${recipient}
trace unix - - n - 0 bounce
verify unix - - n - 1 verify
smtp-amavis unix - - n - 2 lmtp
-o smtp_data_done_timeout=1200
-o disable_dns_lookups=yes
127.0.0.1:10025 inet n - n - - smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_client_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks=127.0.0.0/8
-o strict_rfc821_envelopes=yes
anvil unix - - n - 1 anvil
scache unix - - n - 1 scache
discard unix - - n - - discard
tlsmgr unix - - n 1000? 1 tlsmgr
retry unix - - n - - error
proxywrite unix - - n - 1 proxymap
smtpd pass - - n - - smtpd
dnsblog unix - - n - 0 dnsblog
tlsproxy unix - - n - 0 tlsproxy
smtps inet n - - - - smtpd -o smtpd_tls_wrappermode=yes
submission inet n - - - - smtpd
-o smtpd_enforce_tls=yes
-o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
-o smtpd_sasl_type=dovecot
-o smtpd_sasl_path=private/auth
-o smtpd_sasl_security_options=noanonymous
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
-o smtpd_sender_restrictions=
-o
smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination
dovecot unix - n n - - pipe flags=DRhu user=vmail:vmail
argv=/usr/lib/dovecot/dovecot-lda -f ${sender} -a ${original_recipient} -d
${user}@${nexthop}
-- mechanisms on localhost --
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
-- end of saslfinger output --
root@blueberry:/home/software# postfinger --all
postfinger - postfix configuration on Do 3. Nov 09:17:35 CET 2016
version: 1.30
Warning: postfinger output may show private configuration information,
such as ip addresses and/or domain names which you do not want to show
to the public. If this is the case it is your responsibility to modify
the output to hide this private information. [Remove this warning with
the --nowarn option.]
--System Parameters--
mail_version = 3.2-20161101
hostname = blueberry.post-peine.de
uname = Linux yadda.dadda-do.de 4.4.0-042stab113.17 #1 SMP Wed Feb 10 18:31:00
MSK 2016 x86_64 x86_64 x86_64 GNU/Linux
--Packaging information--
--Mailbox locking methods--
flock fcntl dotlock
--Supported Lookup tables--
btree cdb cidr environ fail hash inline internal ldap memcache nis pcre pipemap
proxy randmap regexp socketmap static tcp texthash unionmap unix
--main.cf non-default parameters--
2bounce_notice_recipient = postmaster-bounce
address_verify_map = btree:/var/lib/postfix/verify
address_verify_negative_refresh_time = 300s
alias_database = btree:/etc/aliases
alias_maps = btree:/etc/aliases
allow_percent_hack = no
biff = no
body_checks = regexp:/etc/postfix/body_checks.regexp
bounce_notice_recipient = postmaster-bounce
bounce_queue_lifetime = 1d
bounce_size_limit = 10240
broken_sasl_auth_clients = yes
canonical_maps = btree:/etc/postfix/canonical
compatibility_level = 2
content_filter = smtp-amavis:[127.0.0.1]:10024
daemon_directory = /usr/lib/postfix
debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin xxgdb
$daemon_directory/$process_name $process_id & sleep 5
default_database_type = btree
default_destination_concurrency_limit = 10
default_process_limit = 12
defer_transports = hold
delay_notice_recipient = postmaster-delay
delay_warning_time = 2d
disable_vrfy_command = yes
error_notice_recipient = postmaster-error
header_checks = regexp:/etc/postfix/block255,
regexp:/etc/postfix/header_checks.regexp
html_directory = /srv/www/yadda.dadd-do.de/html/postfix
lmtp_tls_ciphers = export
lmtp_tls_mandatory_protocols = !SSLv2 !SSLv3
lmtp_tls_protocols = !SSLv2 !SSLv3
local_destination_concurrency_limit = 4
mailbox_size_limit = 1000000000
manpage_directory = /usr/share/man
masquerade_exceptions = root
maximal_queue_lifetime = 3d
message_size_limit = 125000000
mydestination = localhost.$mydomain, localhost, localhost.localdomain,
$myhostname
mynetworks = 127.0.0.0/8 [::1]/128 ...
notify_classes = bounce, resource, software, delay, policy
postscreen_access_list = permit_mynetworks
cidr:/etc/postfix/postscreen_access.cidr
postscreen_bare_newline_action = drop
postscreen_bare_newline_enable = yes
postscreen_blacklist_action = drop
postscreen_dnsbl_action = enforce
postscreen_dnsbl_threshold = 2
postscreen_greet_action = enforce
postscreen_non_smtp_command_enable = yes
postscreen_pipelining_enable = yes
readme_directory = /usr/share/doc/packages/postfix/README_FILES
relay_domains = btree:/etc/postfix/relay_domains
relayhost = outpost.post-peine.de
relay_recipient_maps = btree:/etc/postfix/recipient_maps.outpost
relocated_maps = btree:/etc/postfix/relocated
sample_directory = /usr/share/doc/packages/postfix/samples
smtpd_authorized_xforward_hosts = 127.0.0.0/8 [::1]/128
smtpd_client_restrictions = permit_mynetworks
smtpd_error_sleep_time = 1
smtpd_hard_error_limit = 3
smtpd_proxy_timeout = 3600s
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated,
reject_unauth_destination, check_policy_service inet:localhost:10023
smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated,
reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = private/auth
smtpd_sasl_type = dovecot
smtpd_soft_error_limit = 7
smtpd_timeout = 3600s
smtpd_tls_ask_ccert = yes
smtpd_tls_CApath = /etc/ssl/certs
smtpd_tls_cert_file = /etc/ssl/certs/blueberry.pem
smtpd_tls_ciphers = export
smtpd_tls_key_file = /etc/ssl/private/blueberry.key
smtpd_tls_loglevel = 2
smtpd_tls_mandatory_protocols = !SSLv2 !SSLv3
smtpd_tls_protocols = !SSLv2 !SSLv3
smtpd_tls_received_header = yes
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:/var/lib/postfix/smtpd_session_cache
smtpd_tls_session_cache_timeout = 7200s
smtpd_use_tls = yes
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = btree:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
smtp_send_xforward_command = yes
smtp_tls_CApath = /etc/ssl/certs
smtp_tls_cert_file = /etc/ssl/certs/blueberry.pem
smtp_tls_ciphers = export
smtp_tls_key_file = /etc/ssl/private/blueberry.key
smtp_tls_loglevel = 2
smtp_tls_mandatory_protocols = !SSLv2 !SSLv3
smtp_tls_note_starttls_offer = yes
smtp_tls_policy_maps = btree:/etc/postfix/tls_nach_ziel
smtp_tls_protocols = !SSLv2 !SSLv3
smtp_tls_security_level = may
smtp_tls_session_cache_database = btree:/var/lib/postfix/smtp_session_cache
smtputf8_enable = no
strict_rfc821_envelopes = yes
swap_bangpath = no
transport_maps = btree:/etc/postfix/transport
unverified_sender_reject_code = 554
virtual_gid_maps = static:31
virtual_mailbox_base = /var/spool/mail/vmail
virtual_maps = btree:/etc/postfix/virtual
virtual_transport = dovecot
virtual_uid_maps = static:110
--master.cf--
smtp inet n - n - 1 postscreen
smtp unix - - n - - smtp
hold unix - - n - 25 smtp
pickup fifo n - - 60 1 pickup
cleanup unix n - n - 0 cleanup
qmgr fifo n - n 1 1 qmgr
rewrite unix - - n - - trivial-rewrite
bounce unix - - n - 0 bounce
defer unix - - n - 0 bounce
flush unix n - n 1000? 0 flush
proxymap unix - - n - - proxymap
smtp unix - - n - - smtp
relay unix - - n - - smtp
showq unix n - n - - showq
error unix - - n - - error
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
cyrus unix - n n - - pipe
user=cyrus argv=/usr/lib/cyrus/bin/deliver -e -r ${sender} -m ${extension}
${user}
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient
procmail unix - n n - - pipe
flags=R user=nobody argv=/usr/bin/procmail -t -m /etc/procmailrc ${sender}
${recipient}
trace unix - - n - 0 bounce
verify unix - - n - 1 verify
smtp-amavis unix - - n - 2 lmtp
-o smtp_data_done_timeout=1200
-o disable_dns_lookups=yes
127.0.0.1:10025 inet n - n - - smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_client_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks=127.0.0.0/8
-o strict_rfc821_envelopes=yes
anvil unix - - n - 1 anvil
scache unix - - n - 1 scache
discard unix - - n - - discard
tlsmgr unix - - n 1000? 1 tlsmgr
retry unix - - n - - error
proxywrite unix - - n - 1 proxymap
smtpd pass - - n - - smtpd
dnsblog unix - - n - 0 dnsblog
tlsproxy unix - - n - 0 tlsproxy
smtps inet n - - - - smtpd -o smtpd_tls_wrappermode=yes
submission inet n - - - - smtpd
-o smtpd_enforce_tls=yes
-o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
-o smtpd_sasl_type=dovecot
-o smtpd_sasl_path=private/auth
-o smtpd_sasl_security_options=noanonymous
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
-o smtpd_sender_restrictions=
-o
smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination
dovecot unix - n n - - pipe flags=DRhu user=vmail:vmail
argv=/usr/lib/dovecot/dovecot-lda -f ${sender} -a ${original_recipient} -d
${user}@${nexthop}
--Specific file and directory permissions--
drwx-wx--- 2 postfix postdrop 4096 Nov 3 09:16 /var/spool/postfix/maildrop
drwx--s--- 2 postfix postdrop 4096 Nov 3 09:16 /var/spool/postfix/public
total 0
srw-rw-rw- 1 postfix postdrop 0 Nov 3 09:16 cleanup
srw-rw-rw- 1 postfix postdrop 0 Nov 3 09:16 flush
prw--w--w- 1 postfix postdrop 0 Nov 3 09:16 pickup
prw--w--w- 1 postfix postdrop 0 Nov 3 09:16 qmgr
srw-rw-rw- 1 postfix postdrop 0 Nov 3 09:16 showq
drwx------ 2 postfix root 4096 Nov 3 09:16 /var/spool/postfix/private
total 0
srw-rw-rw- 1 postfix postfix 0 Nov 3 09:16 anvil
srw-rw---- 1 postfix postfix 0 Okt 13 15:29 auth
srw-rw-rw- 1 postfix postfix 0 Nov 3 09:16 bounce
srw-rw-rw- 1 postfix postfix 0 Nov 3 09:16 bsmtp
srw-rw-rw- 1 postfix postfix 0 Nov 3 09:16 cyrus
srw-rw-rw- 1 postfix postfix 0 Nov 3 09:16 defer
srw-rw-rw- 1 postfix postfix 0 Nov 3 09:16 discard
srw-rw-rw- 1 postfix postfix 0 Nov 3 09:16 dnsblog
srw-rw-rw- 1 postfix postfix 0 Nov 3 09:16 dovecot
srw-rw-rw- 1 postfix postfix 0 Nov 3 09:16 error
srw-rw-rw- 1 postfix postfix 0 Nov 3 09:16 hold
srw-rw-rw- 1 postfix postfix 0 Nov 3 09:16 ifmail
srw-rw-rw- 1 postfix postfix 0 Nov 3 09:16 lmtp
srw-rw-rw- 1 postfix postfix 0 Nov 3 09:16 local
srw-rw-rw- 1 postfix postfix 0 Nov 3 09:16 maildrop
srw-rw-rw- 1 postfix postfix 0 Okt 8 18:38 mailman
srw-rw-rw- 1 postfix postfix 0 Nov 3 09:16 procmail
srw-rw-rw- 1 postfix postfix 0 Nov 3 09:16 proxymap
srw-rw-rw- 1 postfix postfix 0 Nov 3 09:16 proxywrite
srw-rw-rw- 1 postfix postfix 0 Nov 3 09:16 relay
srw-rw-rw- 1 postfix postfix 0 Nov 3 09:16 retry
srw-rw-rw- 1 postfix postfix 0 Nov 3 09:16 rewrite
srw-rw-rw- 1 postfix postfix 0 Nov 3 09:16 scache
srw-rw-rw- 1 postfix postfix 0 Okt 8 18:38 scalemail-backend
srw-rw-rw- 1 postfix postfix 0 Nov 3 09:16 smtp
srw-rw-rw- 1 postfix postfix 0 Nov 3 09:16 smtp-amavis
srw-rw-rw- 1 postfix postfix 0 Nov 3 09:16 smtpd
srw-rw-rw- 1 postfix postfix 0 Nov 3 09:16 tlsmgr
srw-rw-rw- 1 postfix postfix 0 Nov 3 09:16 tlsproxy
srw-rw-rw- 1 postfix postfix 0 Nov 3 09:16 trace
srw-rw-rw- 1 postfix postfix 0 Nov 3 09:16 uucp
srw-rw-rw- 1 postfix postfix 0 Nov 3 09:16 verify
srw-rw-rw- 1 postfix postfix 0 Nov 3 09:16 virtual
-rwxr-sr-x 1 root postdrop 34504 Nov 1 22:04 /usr/sbin/postdrop
-rwxr-sr-x 1 root postdrop 54304 Nov 1 22:04 /usr/sbin/postqueue
--Library dependencies--
/usr/lib/postfix/smtpd:
linux-vdso.so.1 => (0x00007ffd2c4fe000)
libpostfix-master.so => /usr/lib/postfix/libpostfix-master.so
(0x00007eff7a5ea000)
libpostfix-tls.so => /usr/lib/postfix/libpostfix-tls.so
(0x00007eff7a3d2000)
libpostfix-dns.so => /usr/lib/postfix/libpostfix-dns.so
(0x00007eff7a1ca000)
libpostfix-global.so => /usr/lib/postfix/libpostfix-global.so
(0x00007eff79f87000)
libpostfix-util.so => /usr/lib/postfix/libpostfix-util.so
(0x00007eff79d48000)
libsasl2.so.2 => /usr/lib/x86_64-linux-gnu/libsasl2.so.2
(0x00007eff79b24000)
libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007eff7975b000)
libssl.so.1.0.0 => /lib/x86_64-linux-gnu/libssl.so.1.0.0
(0x00007eff794f2000)
libcrypto.so.1.0.0 => /lib/x86_64-linux-gnu/libcrypto.so.1.0.0
(0x00007eff790ad000)
libresolv.so.2 => /lib/x86_64-linux-gnu/libresolv.so.2
(0x00007eff78e92000)
libnsl.so.1 => /lib/x86_64-linux-gnu/libnsl.so.1 (0x00007eff78c79000)
libdb-5.3.so => /usr/lib/x86_64-linux-gnu/libdb-5.3.so
(0x00007eff788cb000)
libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007eff786c7000)
/lib64/ld-linux-x86-64.so.2 (0x00007eff7aa30000)
libpthread.so.0 => /lib/x86_64-linux-gnu/libpthread.so.0
(0x00007eff784a9000)
-- end of postfinger output --
signature.asc
Description: OpenPGP digital signature
