ph08n1x
By:
ph08n1x

Postfix (Dovecot, Ubuntu 14.04) Send email error via SSL/TLS

May 19, 2015 916 views
Email DNS Ubuntu

Hi everyone!

I've been having some issue trying to send mail with Postfix via my mail client. Basically I am able to receive emails but when I try and send emails I get the following log in my mail.log file (I've replaced IPs and other sensitive info ofc):

 name_mask: all
 inet_addr_local: configured 2 IPv4 addresses
 inet_addr_local: configured 2 IPv6 addresses
 process generation: 57 (57)
 match_string: mynetworks ~? debug_peer_list
 match_string: mynetworks ~? fast_flush_domains
 match_string: mynetworks ~? mynetworks
 match_string: relay_domains ~? debug_peer_list
 match_string: relay_domains ~? fast_flush_domains
 match_string: relay_domains ~? mynetworks
 match_string: relay_domains ~? permit_mx_backup_networks
 match_string: relay_domains ~? qmqpd_authorized_clients
 match_string: relay_domains ~? relay_domains
 match_string: permit_mx_backup_networks ~? debug_peer_list
 match_string: permit_mx_backup_networks ~? fast_flush_domains
 match_string: permit_mx_backup_networks ~? mynetworks
 match_string: permit_mx_backup_networks ~? permit_mx_backup_networks
 connect to subsystem private/proxymap
 send attr request = open
 send attr table = unix:passwd.byname
 send attr flags = 0
 private/proxymap socket: wanted attribute: status
 input attribute name: status
 input attribute value: 0
 private/proxymap socket: wanted attribute: flags
 input attribute name: flags
 input attribute value: 16
 private/proxymap socket: wanted attribute: (list terminator)
 input attribute name: (end)
 dict_proxy_open: connect to map=unix:passwd.byname status=0 server_flags=fixed
 dict_open: proxy:unix:passwd.byname
 Compiled against Berkeley DB: 5.3.28?
 Run-time linked against Berkeley DB: 5.3.28?
 dict_open: hash:/etc/aliases
 cfg_get_str: /etc/postfix/mysql-virtual-alias-maps.cf: user = usermail
 cfg_get_str: /etc/postfix/mysql-virtual-alias-maps.cf: password = password
 cfg_get_str: /etc/postfix/mysql-virtual-alias-maps.cf: dbname = servermail
 cfg_get_str: /etc/postfix/mysql-virtual-alias-maps.cf: result_format = %s
 cfg_get_str: /etc/postfix/mysql-virtual-alias-maps.cf: option_file = <NULL>
 cfg_get_str: /etc/postfix/mysql-virtual-alias-maps.cf: option_group = <NULL>
 cfg_get_str: /etc/postfix/mysql-virtual-alias-maps.cf: tls_key_file = <NULL>
 cfg_get_str: /etc/postfix/mysql-virtual-alias-maps.cf: tls_cert_file = <NULL>
 cfg_get_str: /etc/postfix/mysql-virtual-alias-maps.cf: tls_CAfile = <NULL>
 cfg_get_str: /etc/postfix/mysql-virtual-alias-maps.cf: tls_CApath = <NULL>
 cfg_get_str: /etc/postfix/mysql-virtual-alias-maps.cf: tls_ciphers = <NULL>
 cfg_get_bool: /etc/postfix/mysql-virtual-alias-maps.cf: tls_verify_cert = on
 cfg_get_int: /etc/postfix/mysql-virtual-alias-maps.cf: expansion_limit = 0
 cfg_get_str: /etc/postfix/mysql-virtual-alias-maps.cf: query = SELECT destination FROM virtual_aliases WHERE source='%s'
 cfg_get_str: /etc/postfix/mysql-virtual-alias-maps.cf: domain = 
 cfg_get_str: /etc/postfix/mysql-virtual-alias-maps.cf: hosts = 127.0.0.1
 dict_open: mysql:/etc/postfix/mysql-virtual-alias-maps.cf
 cfg_get_str: /etc/postfix/mysql-virtual-mailbox-maps.cf: user = usermail
 cfg_get_str: /etc/postfix/mysql-virtual-mailbox-maps.cf: password = password
 cfg_get_str: /etc/postfix/mysql-virtual-mailbox-maps.cf: dbname = servermail
 cfg_get_str: /etc/postfix/mysql-virtual-mailbox-maps.cf: result_format = %s
 cfg_get_str: /etc/postfix/mysql-virtual-mailbox-maps.cf: option_file = <NULL>
 cfg_get_str: /etc/postfix/mysql-virtual-mailbox-maps.cf: option_group = <NULL>
 cfg_get_str: /etc/postfix/mysql-virtual-mailbox-maps.cf: tls_key_file = <NULL>
 cfg_get_str: /etc/postfix/mysql-virtual-mailbox-maps.cf: tls_cert_file = <NULL>
 cfg_get_str: /etc/postfix/mysql-virtual-mailbox-maps.cf: tls_CAfile = <NULL>
 cfg_get_str: /etc/postfix/mysql-virtual-mailbox-maps.cf: tls_CApath = <NULL>
 cfg_get_str: /etc/postfix/mysql-virtual-mailbox-maps.cf: tls_ciphers = <NULL>
 cfg_get_bool: /etc/postfix/mysql-virtual-mailbox-maps.cf: tls_verify_cert = on
 cfg_get_int: /etc/postfix/mysql-virtual-mailbox-maps.cf: expansion_limit = 0
 cfg_get_str: /etc/postfix/mysql-virtual-mailbox-maps.cf: query = SELECT 1 FROM virtual_users WHERE email='%s'
 cfg_get_str: /etc/postfix/mysql-virtual-mailbox-maps.cf: domain = 
 cfg_get_str: /etc/postfix/mysql-virtual-mailbox-maps.cf: hosts = 127.0.0.1
 dict_open: mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf
 match_string: smtpd_access_maps ~? debug_peer_list
 match_string: smtpd_access_maps ~? fast_flush_domains
 match_string: smtpd_access_maps ~? mynetworks
 match_string: smtpd_access_maps ~? permit_mx_backup_networks
 match_string: smtpd_access_maps ~? qmqpd_authorized_clients
 match_string: smtpd_access_maps ~? relay_domains
 match_string: smtpd_access_maps ~? smtpd_access_maps
 unknown_helo_hostname_tempfail_action = defer_if_permit
 unknown_address_tempfail_action = defer_if_permit
 unverified_recipient_tempfail_action = defer_if_permit
 unverified_sender_tempfail_action = defer_if_permit
 name_mask: 3
 initializing the server-side TLS engine
 auto_clnt_create: transport=local endpoint=private/tlsmgr
 auto_clnt_open: connected to private/tlsmgr
 send attr request = seed
 send attr size = 32
 private/tlsmgr: wanted attribute: status
 input attribute name: status
 input attribute value: 0
 private/tlsmgr: wanted attribute: seed
 input attribute name: seed
 input attribute value: a5ee6TClunF3Jd/mvqCctsZmLZ5oNHNCcdjMg/kiO9g=
 private/tlsmgr: wanted attribute: (list terminator)
 input attribute name: (end)
 send attr request = policy
 send attr cache_type = smtpd
 private/tlsmgr: wanted attribute: status
 input attribute name: status
 input attribute value: 0
 private/tlsmgr: wanted attribute: cachable
 input attribute name: cachable
 input attribute value: 0
 private/tlsmgr: wanted attribute: timeout
 input attribute name: timeout
 input attribute value: 3600
 private/tlsmgr: wanted attribute: (list terminator)
 input attribute name: (end)
 match_string: fast_flush_domains ~? debug_peer_list
 match_string: fast_flush_domains ~? fast_flush_domains
 auto_clnt_create: transport=local endpoint=private/anvil
 connection established
 master_notify: status 0
 name_mask: resource
 name_mask: software
 connect from myip.org[11.111.111.111]
 match_list_match: myip.org: no match
 match_list_match: 11.111.111.111: no match
 match_list_match: myip.org: no match
 match_list_match: 11.111.111.111: no match
 smtp_stream_setup: maxtime=300 enable_deadline=0
 match_hostname: myip.org ~? 127.0.0.0/8
 match_hostaddr: 11.111.111.111 ~? 127.0.0.0/8
 match_hostname: myip.org ~? [::ffff:127.0.0.0]/104
 match_hostaddr: 11.111.111.111 ~? [::ffff:127.0.0.0]/104
 match_hostname: myip.org ~? [::1]/128
 match_hostaddr: 11.111.111.111 ~? [::1]/128
 match_list_match: myip.org: no match
 match_list_match: 11.111.111.111: no match
 auto_clnt_open: connected to private/anvil
 send attr request = connect
 send attr ident = smtps:11.111.111.111
 private/anvil: wanted attribute: status
 input attribute name: status
 input attribute value: 0
 private/anvil: wanted attribute: count
 input attribute name: count
 input attribute value: 1
 private/anvil: wanted attribute: rate
 input attribute name: rate
 input attribute value: 1
 private/anvil: wanted attribute: (list terminator)
 input attribute name: (end)
 > myip.org[11.111.111.111]: 220 geraldcampbell.me ESMTP Postfix (Ubuntu)
 < myip.org[11.111.111.111]: ???
 match_string: ??? ~? CONNECT
 match_string: ??? ~? GET
 match_string: ??? ~? POST
 match_list_match: ???: no match
 > myip.org[11.111.111.111]: 502 5.5.2 Error: command not recognized
 < myip.org[11.111.111.111]: ??
 match_string: ?? ~? CONNECT
 match_string: ?? ~? GET
 match_string: ?? ~? POST
 match_list_match: ??: no match
 > myip.org[11.111.111.111]: 502 5.5.2 Error: command not recognized
 < myip.org[11.111.111.111]: ??
 match_string: ? ~? CONNECT
 match_string: ? ~? GET
 match_string: ? ~? POST
 match_list_match: ?: no match
 > myip.org[11.111.111.111]: 502 5.5.2 Error: command not recognized
 < myip.org[11.111.111.111]: 
 > myip.org[11.111.111.111]: 500 5.5.2 Error: bad syntax
 smtp_get: EOF
 match_hostname: myip.org ~? 127.0.0.0/8
 match_hostaddr: 11.111.111.111 ~? 127.0.0.0/8
 match_hostname: myip.org ~? [::ffff:127.0.0.0]/104
 match_hostaddr: 11.111.111.111 ~? [::ffff:127.0.0.0]/104
 match_hostname: myip.org ~? [::1]/128
 match_hostaddr: 11.111.111.111 ~? [::1]/128
 match_list_match: myip.org: no match
 match_list_match: 11.111.111.111: no match
 send attr request = disconnect
 send attr ident = smtps:11.111.111.111
 private/anvil: wanted attribute: status
 input attribute name: status
 input attribute value: 0
 private/anvil: wanted attribute: (list terminator)
 input attribute name: (end)
 lost connection after UNKNOWN from myip.org[11.111.111.111]
 disconnect from myip.org[11.111.111.111]
 master_notify: status 1
 connection closed
 proxymap stream disconnect
 auto_clnt_close: disconnect private/tlsmgr stream
 idle timeout -- exiting
 statistics: max connection count 1 for (smtps:11.111.111.111) at May 19 05:02:35
 statistics: max cache size 1 at May 19 05:02:35

Also I'm using a self signed SSL pem file in my main.cf config:

smtpd_tls_loglevel = 3
smtpd_tls_cert_file=/etc/ssl/certs/dovecot.pem
smtpd_tls_key_file=/etc/ssl/private/dovecot.pem
smtpd_use_tls=yes
smtpd_tls_auth_only = yes
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes
smtpd_recipient_restrictions = permit_sasl_authenticated,
    permit_mynetworks,
    reject_unauth_destination

I am able to telnet onto my domain at port 465 but it seems something is going wrong with the SSL bit of my mail server.

Any help would be so immensely appreciated as I've been pulling my hair out for hours trying to figure this out....

Be the first one to answer this question.