|
Dear experts in postfix:
I've been having different kinds of issues in postfix when moving
my email server into docker containers (which I know some don't
recommend, but please tolerate that as I have trade-offs to make).
In my test setup where I'm experimenting, I copied all the
configuration I already have in bare-metal into the container (and
changed some of it, like paths, and used lmtp instead of lda),
copied some test emails in there, and launched separate containers
for postfix, dovecot, opendkim and mariadb. In previous email to
this email list I was trying to do haproxy SSL/TLS termination,
but I gave that up (for now) because I also failed at debugging
what's going on for the same reason I'm writing this email:
**I really can't debug any smtp issues whatsoever.**
My postfix container is based on Debian 11, where I install
postfix with apt and then launch `postfix start-fg`.
Btw, networking to containers is bridges automatically created by
docker-compose. Most communication is done with inet, and some are
done with unix-socket files across containers (most of which I
plan to change to inet later, ... one step at a time), in case
someone is wondering.
When I launch my containers with docker-compose, I can see logs from dovecot and mariadb. I see logs of postfix ONLY if some configuration is incorrect. It can say things like "this configuration line isn't used", and so on. But nothing during operation whatsoever. The directory /var/log/ in the container has nothing in it related to postfix. There's literally zero logging all in all.
To test my setup, I tunnel with ssh to my server, and then use a fresh Thunderbird installation on the same test computer to add 127.0.0.1 as email server (which passes through the tunnel to my server). The initial authentication works fine for both IMAP and SMTP. Also downloading emails with dovecot works fine. But sending emails with postfix always fails with the error: "The mail server responded: <u...@example.com>: Temporary lookup failure. Please check the message recipient "u...@example.com" and try again.
I'm happy to pursue the error myself, but all my attempts to log any useful information has failed. I added in main.cf the lines (and I use wildcard for all IPv4 addresses because this is all a test setup before this becomes serious):
debug_peer_list=0.0.0.0/0
and in master.cf, I added `-v` flag on smtpd. Nothing comes out
of it. Zero logging to both stdout and /var/log/.
When attempting to send an email (which fails like I mentioned), I can see the process of smtpd launched with the command (using ps -ax):
postfix 1457 1.5 0.0 44652 10632 ? S 23:24
0:00 smtpd -n submission -t inet -u -o stress= -v -o
smtpd_tls_security_level=encrypt -o smtpd_enforce_tls=yes -o
smtpd_sasl_auth_enable=yes -o
smtpd_client_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
and I tried moving that `-v` around to the end of everything... no use. I can't get a single line of actions logged. Why? What am missing? How can I get postfix to tell me what's going on step by step in its failure?
Thank you and best regards, Sam |
- Verbose logging issues of postfix in docker container Sam
