From: Christos Chatzaras <ch...@cretaforce.gr> Subject: Re: Postfix 3.5.5 and TLS handshake failure Date: Sun, 26 Jul 2020 16:33:33 +0300
> Also the logs are full of these messages: > > postfix/master[83315]: warning: process /usr/local/libexec/postfix/smtpd pid > 53056 killed by signal 11 > > And here is a bug report in FreeBSD which I think is the same issue: > > https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=248271 I'm reporter of it. Following is output of postfinger on this server. ---------------------------------------------------------------------- postfinger - postfix configuration on Mon Jul 27 01:00:22 JST 2020 version: 1.30 Warning: postfinger output may show private configuration information, such as ip addresses and/or domain names which you do not want to show to the public. If this is the case it is your responsibility to modify the output to hide this private information. [Remove this warning with the --nowarn option.] --System Parameters-- mail_version = 3.5.5 hostname = eastasia.home.utahime.org uname = FreeBSD eastasia.home.utahime.org 12.1-RELEASE-p7 FreeBSD 12.1-RELEASE-p7 GENERIC amd64 --Packaging information-- --main.cf non-default parameters-- alias_database = hash:/etc/mail/aliases alias_maps = hash:/etc/mail/aliases compatibility_level = 2 debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5 inet_protocols = ipv4 mailbox_command_maps = hash:/usr/local/etc/postfix/mailbox_commands mydestination = /etc/mail/local-host-names mynetworks = 192.168.0.0/24, 127.0.0.0/8 myorigin = $mydomain non_smtpd_milters = unix:/var/run/clamav/clmilter.sock relayhost = mail-relay.home.utahime.org smtp_tls_CAfile = /etc/ssl/cert.pem smtp_tls_ciphers = high smtp_tls_loglevel = 1 smtp_tls_mandatory_ciphers = high smtp_tls_mandatory_protocols = !SSLv2 !SSLv3 !TLSv1 !TLSv1.1 smtp_tls_protocols = !SSLv2 !SSLv3 !TLSv1 !TLSv1.1 smtp_tls_security_level = may smtpd_milters = unix:/var/run/clamav/clmilter.sock inet:localhost:11332 smtpd_sasl_path = private/auth smtpd_sasl_security_options = noplaintext,noanonymous smtpd_sasl_tls_security_options = noanonymous smtpd_tls_CAfile = /etc/ssl/cert.pem smtpd_tls_cert_file = /usr/local/etc/letsencrypt/live/home.utahime.org/fullchain.pem smtpd_tls_ciphers = high smtpd_tls_key_file = /usr/local/etc/letsencrypt/live/home.utahime.org/privkey.pem smtpd_tls_loglevel = 1 smtpd_tls_mandatory_ciphers = high smtpd_tls_mandatory_protocols = !SSLv2 !SSLv3 !TLSv1 !TLSv1.1 smtpd_tls_protocols = !SSLv2 !SSLv3 !TLSv1 !TLSv1.1 smtpd_tls_received_header = yes smtpd_tls_security_level = may smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_ssl_cache --master.cf-- smtp inet n - n - - smtpd submission inet n - n - - smtpd -o smtpd_etrn_restrictions=reject -o smtpd_relay_restrictions=permit_sasl_authenticated,reject -o smtpd_sasl_auth_enable=yes -o smtpd_tls_security_level=encrypt -o syslog_name=postfix/submission pickup unix n - n 60 1 pickup cleanup unix n - n - 0 cleanup qmgr unix n - n 300 1 qmgr tlsmgr unix - - n 1000? 1 tlsmgr rewrite unix - - n - - trivial-rewrite bounce unix - - n - 0 bounce defer unix - - n - 0 bounce trace unix - - n - 0 bounce verify unix - - n - 1 verify flush unix n - n 1000? 0 flush proxymap unix - - n - - proxymap proxywrite unix - - n - 1 proxymap smtp unix - - n - - smtp relay unix - - n - - smtp -o syslog_name=postfix/$service_name showq unix n - n - - showq error unix - - n - - error retry unix - - n - - error discard unix - - n - - discard local unix - n n - - local virtual unix - n n - - virtual lmtp unix - - n - - lmtp anvil unix - - n - 1 anvil scache unix - - n - 1 scache postlog unix-dgram n - n - 1 postlogd -- end of postfinger output -- --- Yasuhiro KIMURA
