Hello,
I'm not sure if you'll receive this message, so I send to the list as well.
(and excuse me for top-posting, but this e-mail has no direct relevance to this
thread..)
Your server is refusing connections on port 25, so this, inter alia, prevents my
server from sending you the DMARC reports you are requesting.
postfix/smtp[125178]: 1F21A24000E: to=<dmarc-...@linkcheck.co.uk>, relay=none,
delay=38234, delays=38203/0.03/30/0, dsn=4.4.1, status=deferred (connect to
mail.ssph.co.uk[46.33.129.43]:25: Connection refused)
It would make sense to either fix the server and/or to stop requesting DMARC
reports:
_dmarc.linkcheck.co.uk. 3600 IN TXT "v=DMARC1; p=reject; pct=100;
rua=mailto:dmarc-...@linkcheck.co.uk";
Cheers (and good luck).
On Sun, 10 Oct 2021, Linkcheck wrote:
Wietse, thank you for your assistance. I tried removing (separately)
unix_listener and unix_listener auth-userdb but neither cured the problem so
they are now both reinstated.
Apart from two connection messages in the log, the three lines I quoted are
the only ones following a restart and are triggered by a failed attempt to
send mail on port 587. Nothing else at all.
I was fairly certain I must have upset postfix config in some way so I
returned to comparing the old and new server configs. I eventually came to...
smtpd_sasl_security_options = noanonymous noplaintext forward_secrecy
mutual_auth nodictionary
Trial and error led me to recompose the line to...
smtpd_sasl_security_options = noanonymous nodictionary
The impression I got from SASL_README was that these five options would play
together nicely but obviously not for every implementation (mine included).
On re-reading the paragraph where smtpd_sasl_security_options was defined I
also noticed the title, which had escaped me before: "SASL mechanism
properties". Not very bright of me. Sorry.
Apart from a warning about spamass-milter 'Could not retrieve sendmail macro
"i"', which I erroneously thought would be fixed by adding a reference to it
in main.cf under milter_connect_macros (recommended by some online forums),
and a missing dkim in email headers, which I think I can cope with, all now
seems to work. Again, thank you for your quick response to my problem.
