The culprit really was smtpd_tls_security_level = encrypt. When I set it to "may" it worked right away though I had to leave "strict_rfc821_envelopes " to "no".
Thanks p@arick On Mon, 2011-09-05 at 23:49 +0200, Patrick Ben Koetter wrote: > * Burkart Orlowski | Onlinehelp24 <[email protected]>: > > > > I narrowed it down to: > > C: connect to <0x0x9085de0[NGInternetSocketAddress]: host=127.0.0.1 > > not-filled> > > 2011-09-05 23:28:12.414 sogod[13599] SMTP: reply has invalid format ((nil)) > > 2011-09-05 23:28:12.415 sogod[13599] Could not connect to the SMTP server > > 127.0.0.1 on port 25 > > > > There was 127.0.0.1/8 missing in "mynetworks". Now the error message is: > > Cannot send message: error when connecting to the SMTP server. > > > > postconf -n > > > > alias_database = hash:/etc/aliases > > alias_maps = hash:/etc/aliases > > append_dot_mydomain = no > > biff = no > > broken_sasl_auth_clients = yes > > config_directory = /etc/postfix > > inet_interfaces = all > > inet_protocols = ipv4 > > mailbox_size_limit = 0 > > mailbox_transport = cyrus > > mydestination = localhost.localdomain, localhost > > That's all? Your server should only accept mail for localhost.localdomain and > localhost? > > > myhostname = server > > mynetworks = 127.0.0.1/8 192.168.178.0/24 > > readme_directory = no > > recipient_delimiter = + > > relayhost = smtprelaypool.ispgateway.de > > sender_canonical_maps = hash:/etc/postfix/sender_canonical > > smtp_sasl_auth_enable = yes > > smtp_sasl_password_maps = hash:/etc/postfix/sasl_password > > smtp_sasl_security_options = noanonymous > > smtp_sender_dependent_authentication = yes > > smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache > > smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) ($mail_version) > > smtpd_recipient_restrictions = permit_mynetworks, > > permit_sasl_authenticated, reject > > If you accept messages from the outside and if your host is exposed to the > Internet directly you will be flooded with Spam unless you add more options to > $smtpd_recipient_restrictions. Join [email protected] and we will > help you to develop a policy that works for your requirements. > > > smtpd_sasl_auth_enable = yes > > smtpd_sasl_local_domain = > > smtpd_sasl_path = smtpd > > smtpd is the default for $smtpd_sasl_path. No need to set it. > > > > smtpd_sasl_security_options = noanonymous > > smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem > > smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key > > smtpd_tls_security_level = encrypt > > Here you go. You require ANY client to speak TLS or you drop the connection. > This doesn't work for SOGo. Choose "may" and it will work. > > > smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache > > strict_rfc821_envelopes = no > > You want "strict_rfc821_envelopes = yes" to get rid of spam. > > p@rick > > -- > state of mind () > > http://www.state-of-mind.de > > Franziskanerstraße 15 Telefon +49 89 3090 4664 > 81669 München Telefax +49 89 3090 4666 > > Amtsgericht München Partnerschaftsregister PR 563 > -- [email protected] https://inverse.ca/sogo/lists
