1 Topic by jon.hoffart

  • jon.hoffart
  • Member
  • Offline
  • Registered: 2014-02-18
  • Posts: 51

Topic: Postfix troubles

==== Required information ====
- iRedMail version (check /etc/iredmail-release):
- Linux/BSD distribution name and version:
- Store mail accounts in which backend (LDAP/MySQL/PGSQL):
- Web server (Apache or Nginx):
- Manage mail accounts with iRedAdmin-Pro?
- Related log if you're reporting an issue:
======== Required information ====
- iRedMail version (check /etc/iredmail-release):
0.9.2
- Linux/BSD distribution name and version:
Ubuntu
- Store mail accounts in which backend (LDAP/MySQL/PGSQL):
LDAP
- Web server (Apache or Nginx):
Apache
- Manage mail accounts with iRedAdmin-Pro?
NO
- Related log if you're reporting an issue:

Aug  3 15:32:05 mail2 postfix/smtpd[2625]: SSL_accept:before/accept initialization
Aug  3 15:32:05 mail2 postfix/smtpd[2625]: SSL_accept:SSLv3 read client hello A
Aug  3 15:32:05 mail2 postfix/smtpd[2625]: SSL_accept:SSLv3 write server hello A
Aug  3 15:32:05 mail2 postfix/smtpd[2625]: SSL_accept:SSLv3 write certificate A
Aug  3 15:32:05 mail2 postfix/smtpd[2625]: SSL_accept:SSLv3 write key exchange A
Aug  3 15:32:05 mail2 postfix/smtpd[2625]: SSL_accept:SSLv3 write server done A
Aug  3 15:32:05 mail2 postfix/smtpd[2625]: SSL_accept:SSLv3 flush data
Aug  3 15:32:05 mail2 postfix/smtpd[2625]: SSL_accept:failed in SSLv3 read client certificate A
Aug  3 15:32:05 mail2 postfix/smtpd[2625]: SSL_accept error from user.my.domain[1.2.3.4]: lost connection
Aug  3 15:32:05 mail2 postfix/smtpd[2625]: lost connection after STARTTLS from user.my.domain[1.2.3.4]
Aug  3 15:32:05 mail2 postfix/smtpd[2625]: disconnect from user.my.domain[1.2.3.4]
====

Keep receiving SSL_accept errors when mail client trys to connect to smtp. Did some looking in the master.cf and main.cf files but did not see anything that would be causing the SSL errors listed above. What would cause the SSL accept errors?

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,770

Re: Postfix troubles

SSLv3 is disabled in Postfix/Dovecot/Apache due to the Poodle vulnerability:
https://www.us-cert.gov/ncas/alerts/TA14-290A

3 Reply by jon.hoffart

  • jon.hoffart
  • Member
  • Offline
  • Registered: 2014-02-18
  • Posts: 51

Re: Postfix troubles

I have updated my openssl to version 1.0.1j but I am still receiving the same SSL accept errors in my postfix log. Is there anything that needs to be configured in postfix or dovecot to reflect that openssl has been updated to a newer version?

4 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,770

Re: Postfix troubles

No additional change is required.

Let me ask in another way: do you experience any issue with these logs? for example, your clients cannot send email? or you cannot receive email from other mail server (like Gmail/Yahoo/Hotmail/...)?

5 Reply by jon.hoffart

  • jon.hoffart
  • Member
  • Offline
  • Registered: 2014-02-18
  • Posts: 51

Re: Postfix troubles

Users are unable to send email and the above post with the "ssl_accept errors" is what the mail.log file is reporting.

6 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,770

Re: Postfix troubles

*) How do your users configure their mail client applications (Outlook, Thunderbird, ...)? Did you follow our tutorials here:
http://www.iredmail.org/docs/index.html … plications

*) Please show us output of command `postconf -n | grep tls`

7 Reply by jon.hoffart

  • jon.hoffart
  • Member
  • Offline
  • Registered: 2014-02-18
  • Posts: 51

Re: Postfix troubles

users configure mail using apple mail, dovecot on port 110 with ssl and postfix on port 587 with ssl. Here is the output of 'postconf -n | grep tls'

lmtp_tls_mandatory_protocols = !SSLv2 !SSlv3
lmtp_tls_protocols = !SSLv2 !SSLv3
smtp_tls_CAfile = $smtpd_tls_CAfile
smtp_tls_loglevel = 2
smtp_tls_mandatory_protocols = !SSLv2 !SSLv3
smtp_tls_note_starttls_offer = yes
smtp_tls_protocols = !SSLv2 !SSLv3
smtp_tls_security_level = may
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_tls_CAfile = /etc/ssl/certs/*.my.domain.cert.pem
smtpd_tls_auth_only = no
smtpd_tls_cert_file = /etc/ssl/certs/*.my.domain.cert.pem
smtpd_tls_dh1024_param_file = /etc/ssl/dhparams.pem
smtpd_tls_key_file = /etc/ssl/private/*.my.domain.key
smtpd_tls_loglevel = 2
smtpd_tls_mandatory_exclude_ciphers = aNULL, eNULL, EXPORT, DES, RC4, MD5, PSK, aECDH, EDH-DSS-DES-CBC3-SHA, EDH-RSA-DES-CDC3-SHA, KRB5-DE5, CBC3-SHA
smtpd_tls_mandatory_protocols = !SSLv2 !SSLv3
smtpd_tls_protocols = !SSLv2 !SSLv3
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom

8 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,770

Re: Postfix troubles

Does the same client setting work in other mail client applications? e.g. Thunderbird?

9 Reply by jon.hoffart

  • jon.hoffart
  • Member
  • Offline
  • Registered: 2014-02-18
  • Posts: 51

Re: Postfix troubles

The same client settings in other mail client applications such as Thunderbird result in the following when trying to send mail:

"to=<user@testsite.com>, relay=none, delay=2.4, delays=2.4/0.01/0/0, dsn=4.4.1, status=deferred"

10 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,770

Re: Postfix troubles

Please show the full log of this email session. The pasted log is useless, no detailed error message at all.

11 Reply by jon.hoffart

  • jon.hoffart
  • Member
  • Offline
  • Registered: 2014-02-18
  • Posts: 51

Re: Postfix troubles

Aug 11 07:03:57 mail postfix/qmgr[1905]: BB91F218B5: from=<root@my.domain>, size=5391, nrcpt=1 (queue active)
Aug 11 07:03:57 mail postfix/smtp[26258]: initializing the client-side TLS engine
Aug 11 07:03:57 mail postfix/smtp[26258]: connect to 127.0.0.1[127.0.0.1]:10024: Connection refused
Aug 11 07:03:57 mail postfix/smtp[26258]: BB91F218B5: to=<root@my.domain>, relay=none, delay=2333, delays=2333/0.04/0/0, dsn=4.4.1, status=deferred (connect to 127.0.0.1[127.0.0.1]:10024: Connection refused)
Aug 11 07:08:57 mail postfix/qmgr[1905]: 273E521868: from=<root@my.domain>, size=1432, nrcpt=1 (queue active)
Aug 11 07:08:57 mail postfix/smtp[26266]: initializing the client-side TLS engine
Aug 11 07:08:57 mail postfix/smtp[26266]: connect to 127.0.0.1[127.0.0.1]:10024: Connection refused
Aug 11 07:08:57 mail postfix/smtp[26266]: 273E521868: to=<root@my.domain>, relay=none, delay=13135, delays=13135/0.01/0/0, dsn=4.4.1, status=deferred (connect to 127.0.0.1[127.0.0.1]:10024: Connection refused)
Aug 11 07:28:58 mail postfix/qmgr[1905]: B3D4320056: from=<>, size=3031, nrcpt=1 (queue active)
Aug 11 07:28:58 mail postfix/pipe[26327]: B3D4320056: to=<postmaster@my.domain>, relay=dovecot, delay=4800, delays=4800/0.02/0/0.08, dsn=4.3.0, status=deferred (temporary failure)
Aug 11 07:33:09 mail postfix/pickup[26257]: A0A0F228C8: uid=0 from=<root>
Aug 11 07:33:09 mail postfix/cleanup[26369]: A0A0F228C8: message-id=<20150811133309.A0A0F228C8@my.domain>
Aug 11 07:33:09 mail postfix/qmgr[1905]: A0A0F228C8: from=<root@my.domain>, size=829, nrcpt=1 (queue active)
Aug 11 07:33:09 mail postfix/smtp[26372]: initializing the client-side TLS engine
Aug 11 07:33:09 mail postfix/smtp[26372]: connect to 127.0.0.1[127.0.0.1]:10024: Connection refused
Aug 11 07:33:09 mail postfix/smtp[26372]: A0A0F228C8: to=<root@my.domain>, relay=none, delay=0.12, delays=0.11/0.01/0/0, dsn=4.4.1, status=deferred (connect to 127.0.0.1[127.0.0.1]:10024: Connection refused)
Aug 11 07:38:58 mail postfix/smtp[26377]: initializing the client-side TLS engine
Aug 11 07:38:58 mail postfix/smtp[26377]: connect to 127.0.0.1[127.0.0.1]:10024: Connection refused
Aug 11 07:38:58 mail postfix/smtp[26377]: A0A0F228C8: to=<root@my.domain>, relay=none, delay=348, delays=348/0.01/0/0, dsn=4.4.1, status=deferred (connect to 127.0.0.1[127.0.0.1]:10024: Connection refused)
Aug 11 07:38:58 mail postfix/qmgr[1905]: A0A0F228C8: from=<root@my.domain>, size=829, nrcpt=1 (queue active)
Aug 11 07:43:58 mail postfix/qmgr[1905]: BB91F218B5: from=<root@my.domain>, size=5391, nrcpt=1 (queue active)
Aug 11 07:43:58 mail postfix/smtp[26413]: initializing the client-side TLS engine
Aug 11 07:43:58 mail postfix/smtp[26413]: connect to 127.0.0.1[127.0.0.1]:10024: Connection refused
Aug 11 07:43:58 mail postfix/smtp[26413]: BB91F218B5: to=<root@my.domain>, relay=none, delay=4734, delays=4734/0.01/0/0, dsn=4.4.1, status=deferred (connect to 127.0.0.1[127.0.0.1]:10024: Connection refused)
Aug 11 07:44:58 mail postfix/tlsmgr[2290]: tlsmgr_cache_run_event: start TLS smtpd session cache cleanup
Aug 11 07:44:58 mail postfix/tlsmgr[2290]: tlsmgr_cache_run_event: start TLS smtp session cache cleanup
Aug 11 07:48:58 mail postfix/qmgr[1905]: A0A0F228C8: from=<root@my.domain>, size=829, nrcpt=1 (queue active)
Aug 11 07:48:58 mail postfix/smtp[26419]: initializing the client-side TLS engine
Aug 11 07:48:58 mail postfix/smtp[26419]: connect to 127.0.0.1[127.0.0.1]:10024: Connection refused
Aug 11 07:48:58 mail postfix/smtp[26419]: A0A0F228C8: to=<root@my.domain>, relay=none, delay=949, delays=949/0.01/0/0, dsn=4.4.1, status=deferred (connect to 127.0.0.1[127.0.0.1]:10024: Connection refused)
my.domain

12 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,770

Re: Postfix troubles

jon.hoffart wrote:

Aug 11 07:43:58 mail postfix/smtp[26413]: BB91F218B5: to=<root@my.domain>, relay=none, delay=4734, delays=4734/0.01/0/0, dsn=4.4.1, status=deferred (connect to 127.0.0.1[127.0.0.1]:10024: Connection refused)

Reference:
http://www.iredmail.org/docs/errors.htm … on-refused

13 Reply by jon.hoffart

  • jon.hoffart
  • Member
  • Offline
  • Registered: 2014-02-18
  • Posts: 51

Re: Postfix troubles

amavisd is has been disabled following the instructions found here: http://www.iredmail.org/docs/completely … assin.html

mail.log is still returning SSL accept errors:

Aug 11 13:35:28 mail2 postfix/smtpd[2368]: connect from client.my.domain[123.45.67.8]
Aug 11 13:35:28 mail2 postfix/smtpd[2368]: setting up TLS connection from client.my.domain[123.45.67.8]
Aug 11 13:35:28 mail2 postfix/smtpd[2368]: client.my.domain[123.45.67.8]: TLS cipher list "aNULL:-aNULL:ALL:+RC4:@STRENGTH"
Aug 11 13:35:28 mail2 postfix/smtpd[2368]: SSL_accept:before/accept initialization
Aug 11 13:35:28 mail2 postfix/smtpd[2368]: SSL_accept:SSLv3 read client hello A
Aug 11 13:35:28 mail2 postfix/smtpd[2368]: SSL_accept:SSLv3 write server hello A
Aug 11 13:35:28 mail2 postfix/smtpd[2368]: SSL_accept:SSLv3 write certificate A
Aug 11 13:35:28 mail2 postfix/smtpd[2368]: SSL_accept:SSLv3 write key exchange A
Aug 11 13:35:28 mail2 postfix/smtpd[2368]: SSL_accept:SSLv3 write server done A
Aug 11 13:35:28 mail2 postfix/smtpd[2368]: SSL_accept:SSLv3 flush data
Aug 11 13:35:28 mail2 postfix/smtpd[2368]: SSL_accept:failed in SSLv3 read client certificate A
Aug 11 13:35:28 mail2 postfix/smtpd[2368]: SSL_accept error from client.my.domain[123.45.67.8]: lost connection
Aug 11 13:35:28 mail2 postfix/smtpd[2368]: lost connection after STARTTLS from client.my.domain[123.45.67.8]
Aug 11 13:35:28 mail2 postfix/smtpd[2368]: disconnect from client.my.domain[123.45.67.8]
Aug 11 13:35:28 mail2 postfix/smtpd[2373]: connect from client.my.domain[123.45.67.8]
Aug 11 13:35:28 mail2 postfix/smtpd[2373]: setting up TLS connection from client.my.domain[123.45.67.8]
Aug 11 13:35:28 mail2 postfix/smtpd[2373]: client.my.domain[123.45.67.8]: TLS cipher list "aNULL:-aNULL:ALL:+RC4:@STRENGTH"
Aug 11 13:35:28 mail2 postfix/smtpd[2373]: SSL_accept:before/accept initialization
Aug 11 13:35:28 mail2 postfix/smtpd[2373]: SSL_accept:SSLv3 read client hello A
Aug 11 13:35:28 mail2 postfix/smtpd[2373]: SSL_accept:SSLv3 write server hello A
Aug 11 13:35:28 mail2 postfix/smtpd[2373]: SSL_accept:SSLv3 write certificate A
Aug 11 13:35:28 mail2 postfix/smtpd[2373]: SSL_accept:SSLv3 write key exchange A
Aug 11 13:35:28 mail2 postfix/smtpd[2373]: SSL_accept:SSLv3 write server done A
Aug 11 13:35:28 mail2 postfix/smtpd[2373]: SSL_accept:SSLv3 flush data
Aug 11 13:35:28 mail2 postfix/smtpd[2373]: SSL_accept:failed in SSLv3 read client certificate A
Aug 11 13:35:28 mail2 postfix/smtpd[2373]: SSL_accept error from client.my.domain[123.45.67.8]: lost connection
Aug 11 13:35:28 mail2 postfix/smtpd[2373]: lost connection after STARTTLS from client.my.domain[123.45.67.8]
Aug 11 13:35:28 mail2 postfix/smtpd[2373]: disconnect from client.my.domain[123.45.67.8]


postconf -n :

alias_database = hash:/etc/postfix/aliases
alias_maps = hash:/etc/postfix/aliases
allow_min_user = no
allow_percent_hack = no
append_dot_mydomain = no
biff = no
bounce_queue_lifetime = 4h
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
content_filter = smtp-amavis:[127.0.0.1]:10024
delay_warning_time = 0h
disable_vrfy_command = yes
dovecot_destination_recipient_limit = 1
enable_original_recipient = no
home_mailbox = Maildir/
inet_interfaces = all
inet_protocols = ipv4
lmtp_tls_mandatory_protocols = !SSLv2 !SSlv3
lmtp_tls_protocols = !SSLv2 !SSLv3
mailbox_command = /usr/lib/dovecot/deliver
mailbox_size_limit = 0
maximal_backoff_time = 4000s
maximal_queue_lifetime = 4h
message_size_limit = 15728640
minimal_backoff_time = 300s
mydestination = $myhostname, localhost, localhost.$mydomain
mydomain = mail.my.domain
myhostname = mail.my.domain
mynetworks = 127.0.0.0/8
mynetworks_style = host
myorigin = mail.my.domain
postscreen_upstream_proxy_protocol = haproxy
proxy_read_maps = $canonical_maps $lmtp_generic_maps $local_recipient_maps $mydestination $mynetworks $recipient_bcc_maps $recipient_canonical_maps $relay_domains $relay_recipient_maps $relocated_maps $sender_bcc_maps $sender_canonical_maps $smtp_generic_maps $smtpd_sender_login_maps $transport_maps $virtual_alias_domains $virtual_alias_maps $virtual_mailbox_domains $virtual_mailbox_maps $smtpd_sender_restrictions
queue_run_delay = 300s
readme_directory = no
recipient_bcc_maps = proxy:ldap:/etc/postfix/ldap/recipient_bcc_maps_user.cf, proxy:ldap:/etc/postfix/ldap/recipient_bcc_maps_domain.cf
recipient_delimiter = +
relay_domains = $mydestination, proxy:ldap:/etc/postfix/ldap/relay_domains.cf
relayhost =
sender_bcc_maps = proxy:ldap:/etc/postfix/ldap/sender_bcc_maps_user.cf, proxy:ldap:/etc/postfix/ldap/sender_bcc_maps_domain.cf
smtp-amavis_destination_recipient_limit = 1
smtp_data_init_timeout = 240s
smtp_data_xfer_timeout = 600s
smtp_tls_CAfile = $smtpd_tls_CAfile
smtp_tls_loglevel = 2
smtp_tls_mandatory_protocols = !SSLv2 !SSLv3
smtp_tls_note_starttls_offer = yes
smtp_tls_protocols = !SSLv2 !SSLv3
smtp_tls_security_level = may
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
smtpd_data_restrictions = reject_unauth_pipelining
smtpd_end_of_data_restrictions = check_policy_service inet:127.0.0.1:7777, check_policy_service inet:127.0.0.1:10031,
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_helo_hostname, reject_invalid_helo_hostname, check_helo_access pcre:/etc/postfix/helo_access.pcre
smtpd_recipient_restrictions = reject_unknown_recipient_domain, reject_non_fqdn_recipient, reject_unlisted_recipient, check_policy_service inet:127.0.0.1:7777, check_policy_service inet:127.0.0.1:10031, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
smtpd_reject_unlisted_recipient = yes
smtpd_reject_unlisted_sender = yes
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
smtpd_sasl_local_domain =
smtpd_sasl_path = private/dovecot-auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_sender_login_maps = proxy:ldap:/etc/postfix/ldap/sender_login_maps.cf
smtpd_sender_restrictions = reject_unknown_sender_domain, reject_non_fqdn_sender, reject_unlisted_sender, permit_mynetworks, reject_sender_login_mismatch, permit_sasl_authenticated
smtpd_tls_CAfile = /etc/ssl/certs/*.my.domain.cert.pem
smtpd_tls_auth_only = no
smtpd_tls_cert_file = /etc/ssl/certs/*.my.domain.cert.pem
smtpd_tls_dh1024_param_file = /etc/ssl/dhparams.pem
smtpd_tls_key_file = /etc/ssl/private/*.my.domain.key
smtpd_tls_loglevel = 2
smtpd_tls_mandatory_exclude_ciphers = aNULL, eNULL, EXPORT, DES, RC4, MD5, PSK, aECDH, EDH-DSS-DES-CBC3-SHA, EDH-RSA-DES-CDC3-SHA, KRB5-DE5, CBC3-SHA
smtpd_tls_mandatory_protocols = !SSLv2 !SSLv3
smtpd_tls_protocols = !SSLv2 !SSLv3
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
swap_bangpath = no
tls_random_source = dev:/dev/urandom
transport_maps = proxy:ldap:/etc/postfix/ldap/transport_maps_user.cf, proxy:ldap:/etc/postfix/ldap/transport_maps_domain.cf
virtual_alias_domains =
virtual_alias_maps = proxy:ldap:/etc/postfix/ldap/virtual_alias_maps.cf, proxy:ldap:/etc/postfix/ldap/virtual_group_maps.cf, proxy:ldap:/etc/postfix/ldap/virtual_group_members_maps.cf, proxy:ldap:/etc/postfix/ldap/catchall_maps.cf
virtual_gid_maps = static:2000
virtual_mailbox_base = /mail_data
virtual_mailbox_domains = proxy:ldap:/etc/postfix/ldap/virtual_mailbox_domains.cf
virtual_mailbox_maps = proxy:ldap:/etc/postfix/ldap/virtual_mailbox_maps.cf
virtual_minimum_uid = 2000
virtual_transport = dovecot
virtual_uid_maps = static:2000

14 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,770

Re: Postfix troubles

Which MUA do you use?

15 Reply by jon.hoffart

  • jon.hoffart
  • Member
  • Offline
  • Registered: 2014-02-18
  • Posts: 51

Re: Postfix troubles

MUAs in use is primarily apple mail

16 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,770

Re: Postfix troubles

I use Mac Mail.app everyday, it works fine for me.

*) Use port 587 for SMTP service, make sure the 'SSL' checkbox is checked.
*) Use port 993 for IMAP service, make sure the 'SSL' checkbox is checked.

17 Reply by jon.hoffart

  • jon.hoffart
  • Member
  • Offline
  • Registered: 2014-02-18
  • Posts: 51

Re: Postfix troubles

Ok for some reason my mac mail is only working provided I uncheck the ssl box for the smtp connection. However I would prefer SSL to be enabled and even with it shutoff I am still unable to send mail.

mail.log with ssl turned off for smtp:

Aug 13 14:01:44 mail2 postfix/postscreen[2368]: CONNECT from [123.456.78.9]:56261 to [987.654.32.1]:587
Aug 13 14:01:44 mail2 postfix/postscreen[2368]: PASS OLD [123.456.78.9]:56261
Aug 13 14:01:44 mail2 postfix/smtpd[2369]: connect from client.my.domain[123.456.78.9]
Aug 13 14:01:44 mail2 postfix/smtpd[2369]: NOQUEUE: reject: RCPT from client.my.domain[123.456.78.9]: 454 4.7.1 <recipiant@something.com>: Relay access denied; from=<client@my.domain> to=<recipiant@something.com> proto=ESMTP helo=<recipiant.something.com>
Aug 13 14:01:44 mail2 postfix/smtpd[2369]: disconnect from client.my.domain[123.456.78.9]

18 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,770

Re: Postfix troubles

Did you change any Postfix/Dovecot settings?

Default iRedMail settings force secure connections like submission, IMAPS/POP3S (or IMAP/POP3 over TLS through port 143/110).