Forum

This forum uses cookies
This forum makes use of cookies to store your login information if you are registered, and your last visit if you are not. Cookies are small text documents stored on your computer; the cookies set by this forum can only be used on this website and pose no security risk. Cookies on this forum also track the specific topics you have read and when you last read them. Please confirm whether you accept or reject these cookies being set.

A cookie will be stored in your browser regardless of choice to prevent you being asked this question again. You will be able to change your cookie settings at any time using the link in the footer.
Sentora Support Forums Sentora Forum Archives Sentora Public Support Forums v1.0.x General Support Forum v1.0.x v Posftix error

Posftix error
bajwha Offline
Sentora Member
*
OS: Ubuntu 14.04.3 LTS
Version: 1.0.3
Server: VPS
Posts: 2
Threads: 1
Joined: Nov 2015
Reputation: 0
Sex: Male
Thanks: 0
Given 0 thank(s) in 0 post(s)
#1
Posftix error
 11-16-2015, 11:39 AM
Hello there well I am new to Sentora every thing working fine but I am keep getting this error
Code:
Transcript of session follows.

Out: 220 xxx.xxx.com ESMTP
In:  EHLO mail-wm0-f52.google.com
Out: 250-sentora.optichost.com
Out: 250-PIPELINING
Out: 250-SIZE 20480000
Out: 250-ETRN
Out: 250-STARTTLS
Out: 250-AUTH PLAIN LOGIN
Out: 250-AUTH=PLAIN LOGIN
Out: 250-ENHANCEDSTATUSCODES
Out: 250-8BITMIME
Out: 250 DSN
In:  STARTTLS
Out: 454 4.7.0 TLS not available due to local problem

Session aborted, reason: lost connection

For other details, see the local mail logfile
and this error in /var/mail

Code:
Nov 16 01:23:06 sentora postfix/smtpd[2706]: cannot load Certificate Authority data: disabling TLS support
Nov 16 01:23:06 sentora postfix/smtpd[2706]: warning: TLS library problem: error:02001002:system library:fopen:No such file or directory:bss_file.c:169:fopen('/etc/sentora/configs/sentora-paranoid/openssl/certs/root-ca.crt = /etc/pki/tls/root.crt','r'):
Nov 16 01:23:06 sentora postfix/smtpd[2706]: warning: TLS library problem: error:2006D080:BIO routines:BIO_new_file:no such file:bss_file.c:172:
Nov 16 01:23:06 sentora postfix/smtpd[2706]: warning: TLS library problem: error:0B084002:x509 certificate routines:X509_load_cert_crl_file:system lib:by_file.c:274:
and here is my /etc/postfix/main.cf
Code:
# postfix config file

# uncomment for debugging if needed
soft_bounce=yes

# postfix main
mail_owner = postfix
setgid_group = postdrop
delay_warning_time = 4

# postfix paths
html_directory = no
command_directory = /usr/sbin
daemon_directory = /usr/lib/postfix
queue_directory = /var/spool/postfix
sendmail_path = /usr/sbin/sendmail.postfix
newaliases_path = /usr/bin/newaliases.postfix
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
sample_directory = /usr/share/doc/postfix-2.2.2/samples
readme_directory = /usr/share/doc/postfix-2.2.2/README_FILES

# network settings
inet_interfaces = all
mydomain = xxx.xxx.com
myhostname = xxx.xxx.com
mynetworks = 127.0.0.1, x.x.x.x
mydestination = xxx.xxx.com, localhost.$mydomain, localhost, mail.xxx.com, $mydomain
relay_domains = proxy:mysql:/etc/sentora/configs/postfix/mysql-relay_domains_maps.cf

# mail delivery
recipient_delimiter = +

# mappings
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
#transport_maps
= hash:/etc/postfix/transport
#local_recipient_maps
=

# virtual setup
virtual_alias_maps = proxy:mysql:/etc/sentora/configs/postfix/mysql-virtual_alias_maps.cf,
                    regexp:/etc/sentora/configs/postfix/virtual_regexp
virtual_mailbox_base = /var/sentora/vmail
virtual_mailbox_domains = proxy:mysql:/etc/sentora/configs/postfix/mysql-virtual_domains_maps.cf
virtual_mailbox_maps = proxy:mysql:/etc/sentora/configs/postfix/mysql-virtual_mailbox_maps.cf
virtual_minimum_uid = 999
virtual_uid_maps = static:999
virtual_gid_maps = static:8
virtual_transport = dovecot
dovecot_destination_recipient_limit = 1

# debugging
debug_peer_level = 2
debugger_command =
        PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
        xxgdb $daemon_directory/$process_name $process_id & sleep 5

# authentication
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = $myhostname
broken_sasl_auth_clients = yes
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth

# tls config
smtp_use_tls = yes
smtpd_use_tls = yes
#smtp_tls_note_starttls_offer
= yes
smtp_tls_security_level = may
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
#smtp_tls_session_cache_database
= btree:$data_directory/smtp_tls_session_cache
# Change mail.example.com.* to your host name
smtpd_tls_key_file = /etc/sentora/configs/sentora-paranoid/openssl/keys/xxx.xxx.com-nophrase.key
# = /etc/pki/tls/private/mail.example.com.key
smtpd_tls_cert_file = /etc/sentora/configs/sentora-paranoid/openssl/certs/xxx.xxx.com.crt
# = /etc/pki/tls/certs/mail.example.com.crt
smtpd_tls_CAfile = /etc/sentora/configs/sentora-paranoid/openssl/certs/root-ca.crt = /etc/pki/tls/root.crt

# rules restrictions
smtpd_client_restrictions =
smtpd_helo_restrictions =
smtpd_sender_restrictions = reject_unknown_sender_domain
smtpd_recipient_restrictions = permit_sasl_authenticated,
       permit_mynetworks,
       reject_unauth_destination,
       reject_non_fqdn_sender,
       reject_non_fqdn_recipient,
           reject_non_fqdn_helo_hostname,
    reject_invalid_helo_hostname,
    reject_unknown_helo_hostname,
    reject_unknown_recipient_domain
# uncomment for realtime black list checks. (Warn: will also reject false positive)
    ,reject_rbl_client zen.spamhaus.org
    ,reject_rbl_client bl.spamcop.net
    ,reject_rbl_client cbl.abuseat.org
#       ,reject_rbl_client dnsbl.sorbs.net

smtpd_helo_required = yes
unknown_local_recipient_reject_code = 550
disable_vrfy_command = yes
smtpd_data_restrictions = reject_unauth_pipelining, check_policy_service inet:127.0.0.1:24
smtpd_banner = $myhostname ESMTP

message_size_limit = 20480000
show_user_unknown_table_name = no
maximal_queue_lifetime = 2d
bounce_queue_lifetime = 4h
smtpd_error_sleep_time = 20
smtpd_soft_error_limit = 3
smtpd_hard_error_limit = 6
smtpd_junk_command_limit = 4
smtp_host_lookup  = dns,native

# dkim with postfix
milter_protocol = 2
milter_default_action = accept
smtpd_milters=

content_filter = smtp-amavis:[127.0.0.1]:10024
I have checked and there is no any = /etc/pki/tls/root.crt
plz help me
Find
Reply
Thanks given by:
apinto Offline
Sentora Member
*
OS: Ubuntu 14.04 LTS
Version: 1.0.3
Server: Dedicated & VPS
Posts: 532
Threads: 23
Joined: Mar 2015
Reputation: 26
Sex: Male
Thanks: 139
Given 104 thank(s) in 87 post(s)
#2
RE: Posftix error
 11-16-2015, 11:03 PM (This post was last modified: 11-16-2015, 11:04 PM by apinto.)
bajwha You are using Sentora Paranoid, please contact the author
http://sentora-paranoid.open-source.tk/
Forum: http://forum.sentora-paranoid.open-source.tk/
My Sentora Resources
[Module] Mail Quota Count | Vagrant Box with Sentora

[Image: vanguardly-logo-micro.png]
Graphic and Web Design. Development.
www.vanguardly.com


Find
Reply
Thanks given by:
bajwha Offline
Sentora Member
*
OS: Ubuntu 14.04.3 LTS
Version: 1.0.3
Server: VPS
Posts: 2
Threads: 1
Joined: Nov 2015
Reputation: 0
Sex: Male
Thanks: 0
Given 0 thank(s) in 0 post(s)
#3
RE: Posftix error
 11-17-2015, 07:38 AM
(11-16-2015, 11:03 PM)apinto Wrote: @[bajwha] You are using Sentora Paranoid, please contact the author
http://sentora-paranoid.open-source.tk/
Forum: http://forum.sentora-paranoid.open-source.tk/

Thanks for ur reply plz correct me if I am wrong.

Sentora and sentora Paranoid is two different versions?

I thought that Paranoid is just a security script for Sentora project.
that what is say's on the author website.

Also this problem is about Postfix.
so please clear me if I am wrong.
Thanks again for ur reply

Bajwha
Find
Reply
Thanks given by:
apinto Offline
Sentora Member
*
OS: Ubuntu 14.04 LTS
Version: 1.0.3
Server: Dedicated & VPS
Posts: 532
Threads: 23
Joined: Mar 2015
Reputation: 26
Sex: Male
Thanks: 139
Given 104 thank(s) in 87 post(s)
#4
RE: Posftix error
 11-17-2015, 08:00 AM
Sentora Paranoid is based on sentora, however it does lots of changes, and because of that you are better asking the developer of Sentora Paranoid, specially because your error is related to TLS, Sentora does not use TLS by default (it is supported, and most sentora installs use it).

If it is related to postfix, please use http://www.postfix.org/lists.html for support.

Regarding your problem, directly:
Probably you have a misconfiguration on the TLS (double check Paranoid Sentora installation procedure).
I've searched a bit and found that probably you will be able to fix your issue folloing these:
- https://dan.langille.org/2014/11/16/post...l-problem/
- http://www.postfix.org/TLS_README.html

Hope this helps.
My Sentora Resources
[Module] Mail Quota Count | Vagrant Box with Sentora

[Image: vanguardly-logo-micro.png]
Graphic and Web Design. Development.
www.vanguardly.com


Find
Reply
Thanks given by:


Possibly Related Threads…
Thread Author Replies Views Last Post
Repo update error hostingms 3 5 ,516 02-14-2024, 09:20 AM
Last Post: TGates
apt-get install mod_ssl ERROR CMs222 9 25 ,913 11-11-2022, 09:14 PM
Last Post: zustudios
Sentora debug and error files johnnyp 0 1 ,187 10-27-2022, 06:16 PM
Last Post: johnnyp

Forum Jump:


Users browsing this thread: 1 Guest(s)