Question

How do I config postfix to accept sending email from gitlab installed on a subdomain?

Posted July 2, 2015 13.4k views
Email

Hi,
I have a postfix installed on example.com. I installed gitlab on git.example.com and I have configured gitlab to send email through my postfix. here is my gitlab.rb:

gitlab_rails['smtp_enable'] = true
gitlab_rails['smtp_address'] = "example.com"
gitlab_rails['smtp_port'] = 25
gitlab_rails['smtp_user_name'] = "root"
gitlab_rails['smtp_password'] = "password"
gitlab_rails['smtp_domain'] = "example.com"
gitlab_rails['smtp_authentication'] = :plain
gitlab_rails['smtp_enable_starttls_auto'] = true

But I get this error on postfix log file:

example postfix/smtpd[26413]: connect from git.example.com[]
example postfix/smtpd[26413]: lost connection after STARTTLS from git.example.com[]
example postfix/smtpd[26413]: disconnect from git.example.com[]

I think there is a problem with postfix configuration.

Add a comment
mmeidani
By:
mmeidani
Add a comment

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

3 answers
eldin July 3, 2015

Welcome to DigitalOcean

Can you upload your configuration file ?

Reply Report
mmeidani July 3, 2015

Thanks :)
Here is postfix configuration file :

smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no
append_dot_mydomain = no
readme_directory = no
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
myhostname = example.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = example.com, localhost.localdomain, localhost
relayhost =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 , <git.example.com IP Address>
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all
milter_protocol = 2
milter_default_action = accept
smtpd_milters = inet:localhost:12301
non_smtpd_milters = inet:localhost:12301
Reply Report
eldin July 4, 2015

Thank you for your answer.

You have a broken TSL/SSL configuration.

Change/Add settings to:

myhostname = git.example.com
myorigin = /etc/mailname
mydestination = git.example.com, example.com, localhost
relayhost =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all

And create your own TSL/SSL Certificate :

sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/mail.key -out /etc/ssl/certs/mailcert.pem

Finally change/add :

smtpd_tls_cert_file=/etc/ssl/certs/mailcert.pem
smtpd_tls_key_file=/etc/ssl/private/mail.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_tls_security_level=may
smtpd_tls_protocols = !SSLv2, !SSLv3

Don’t forget to restart postfix

PS: Check your DNS !!!

MX Record Priority 0 git.example.com

A Record IPofDroplet git.example.com

PPS: I recommend Postfix+Dovecot+MySQL (https://www.linode.com/docs/email/postfix/email-with-postfix-dovecot-and-mysql this guide is really good for newbies)

Reply Report
Submit an Answer

Related

Looking for something else?

Ask a new question Search for more help