Author Topic: Need help. all mail deferred  (Read 11170 times)

0 Members and 2 Guests are viewing this topic.

Offline
***
Need help. all mail deferred
« on: December 31, 2021, 12:38:05 PM »
Not sure whats going on with my postfix/dovecot.   All mail is being deferred and will not clear unless I manually process the queue.  Using stream 8

From Mail Log
Code: [Select]
Dec 31 07:42:44 server postfix/smtpd[576611]: warning: database /etc/postfix/sender_whitelist.db is older than source file /etc/postfix/sender_whitelist
Dec 31 07:42:44 server postfix/smtpd[576611]: connect from mail-wm1-f52.google.com[209.85.128.52]
Dec 31 07:42:45 server postfix/smtpd[576611]: Anonymous TLS connection established from mail-wm1-f52.google.com[209.85.128.52] to mail.lakeservers.com: TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256
Dec 31 07:42:45 server postfix/smtpd[576611]: CC5694006F: client=mail-wm1-f52.google.com[209.85.128.52]
Dec 31 07:42:45 server postfix/cleanup[576616]: CC5694006F: message-id=
Dec 31 07:42:45 server postfix/qmgr[559991]: CC5694006F: from=, size=2971, nrcpt=1 (queue active)
Dec 31 07:42:45 server postfix/smtp[576617]: connect to 127.0.0.1[127.0.0.1]:10024: Connection refused
Dec 31 07:42:45 server postfix/smtp[576617]: CC5694006F: to=, relay=none, delay=0.19, delays=0.18/0.01/0/0, dsn=4.4.1, status=deferred (connect to 127.0.0.1[127.0.0.1]:10024: Connection refused)
Dec 31 07:42:46 server postfix/smtpd[576611]: disconnect from mail-wm1-f52.google.com[209.85.128.52] ehlo=2 starttls=1 mail=1 rcpt=1 bdat=1 quit=1 commands=7
« Last Edit: December 31, 2021, 01:07:33 PM by Namaste »
Listen to everything Pixelpadre says.

Offline
***
Re: Need help. all mail deferred
« Reply #1 on: December 31, 2021, 01:32:42 PM »
I used the postfix config file from c7 and the problem went away.

So there appears to be a problem with stream8 postix config file.
Listen to everything Pixelpadre says.

Offline
***
Re: Need help. all mail deferred
« Reply #2 on: January 01, 2022, 01:07:22 PM »
dovecot error message:

Code: [Select]
Jan 01 07:56:02 imap(sales@madeiniran.com)<25299><yu/QqYTU8MwtIW62>: Error: open(/var/vmail/madeiniran.com/sales/dovecot.index.log) failed: Permission denied (euid=1000(scanmyid) egid=12(mail) missing +r perm: /var/vmail/madeiniran.com/sales/dovecot.index.log)
Jan 01 07:56:02 imap(sales@madeiniran.com)<25299><yu/QqYTU8MwtIW62>: Error: Mailbox INBOX: open(/var/vmail/madeiniran.com/sales/dovecot-uidlist) failed: Permission denied
Jan 01 07:56:02 imap(sales@madeiniran.com)<25299><yu/QqYTU8MwtIW62>: Error: Mailbox INBOX: open(/var/vmail/madeiniran.com/sales/dovecot-uidlist) failed: Permission denied
« Last Edit: January 01, 2022, 01:26:47 PM by Namaste »
Listen to everything Pixelpadre says.

Offline
***
Re: Need help. all mail deferred
« Reply #3 on: January 01, 2022, 01:43:39 PM »
I noticed that :

stream server has owner/group vmail mail

and

centos 7 server has owner/group user mail
Listen to everything Pixelpadre says.

Offline
***
Re: Need help. all mail deferred
« Reply #4 on: January 01, 2022, 02:30:07 PM »
From postfix main.cf I see something in rules restrictions

smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, check_client_access hash:/etc/postfix/sender_whitelist, check_client_access hash:/etc/postfix/sender_blacklist, reject_unauth_destination, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unknown_recipient_domain, reject_rbl_client zen.spamhaus.org, reject_rbl_client bl.spamcop.net
Listen to everything Pixelpadre says.

Offline
***
Re: Need help. all mail deferred
« Reply #5 on: January 01, 2022, 10:16:42 PM »
What is the result you have, issuing the following command?:
Code: [Select]
# ls -alF /var/vmail/madeiniran.com/sales/

Offline
***
Re: Need help. all mail deferred
« Reply #6 on: January 02, 2022, 02:03:06 AM »
What is the result you have, issuing the following command?:
Code: [Select]
# ls -alF /var/vmail/madeiniran.com/sales/

Code: [Select]
total 60
drwx------ 9 scanmyid mail 4096 Jan  1 20:50 ./
drwxrwx--- 3 vmail    mail 4096 Jan  1 19:56 ../
drwx------ 2 scanmyid mail 4096 Jan  1 19:56 cur/
-rw------- 1 scanmyid mail  408 Jan  1 19:56 dovecot.index.log
-rw------- 1 scanmyid mail 3048 Jan  1 20:20 dovecot.list.index.log
-rw------- 1 scanmyid mail   96 Jan  1 20:20 dovecot.mailbox.log
-rw------- 1 scanmyid mail   51 Jan  1 19:56 dovecot-uidlist
-rw------- 1 scanmyid mail    8 Jan  1 20:20 dovecot-uidvalidity
-r--r--r-- 1 scanmyid mail    0 Jan  1 19:56 dovecot-uidvalidity.61d0f83e
drwx------ 5 scanmyid mail 4096 Jan  1 20:20 .Drafts/
-rw------- 1 scanmyid mail    0 Jan  1 19:56 maildirfolder
drwx------ 2 scanmyid mail 4096 Jan  1 19:56 new/
drwx------ 5 scanmyid mail 4096 Jan  1 20:20 .Sent/
drwx------ 5 scanmyid mail 4096 Jan  1 20:05 .Spam/
-rw------- 1 scanmyid mail   28 Jan  1 20:20 subscriptions
drwx------ 2 scanmyid mail 4096 Jan  1 19:56 tmp/
drwx------ 5 scanmyid mail 4096 Jan  1 20:05 .Trash/

All of this happened after I upgraded to PRO.
Listen to everything Pixelpadre says.

Offline
***
Re: Need help. all mail deferred
« Reply #7 on: January 02, 2022, 03:07:13 AM »
The correct ownership for that files is not "scanmyid:mail", but "vmail:mail" instead.

I don't know why you change that ownership to "scanmyid" user, but you need to change to "vmail" user.

You can do it with:
Code: [Select]
# chown -R vmail:mail /var/vmail/

Offline
*
Re: Need help. all mail deferred
« Reply #8 on: January 02, 2022, 02:48:35 PM »
you should run this api command to fix mail permissions

Set quota for all email accounts based on the uid from the postfix.mailbox table
Code: [Select]
/scripts/cwp_api account mail_fix_permissions
info copied from:
http://wiki.centos-webpanel.com/cwp-admin-api
VPS & Dedicated server provider with included FREE Managed support for CWP.
http://www.studio4host.com/

*** Don't allow that your server or website is down, choose hosting provider with included expert managed support for your CWP.

Offline
***
Re: Need help. all mail deferred
« Reply #9 on: January 02, 2022, 07:05:58 PM »
Thats good to know.  I searched wiki and it did not get indexed.

I removed some lines from main.cf that were not present in centos 7 panel.  I am curious if I put them back if the problem will return.  I may be talking about two different issues at this point.  I'll be back if the main.cf is not working with default settings.

Also.....why are we using a version of postfix which is 2 years old?  i.e. 3.4.5
Listen to everything Pixelpadre says.

Offline
***
Re: Need help. all mail deferred
« Reply #10 on: January 03, 2022, 01:18:08 PM »
So, My deferred queue is full of spam.....and thats good.

But, my legitimate mail is also in the queue and will not be processed until I remove the spam from the queue.

 :-\
Listen to everything Pixelpadre says.

Offline
***
Re: Need help. all mail deferred
« Reply #11 on: January 03, 2022, 01:25:42 PM »
From postfix main.cf I see something in rules restrictions

smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, check_client_access hash:/etc/postfix/sender_whitelist, check_client_access hash:/etc/postfix/sender_blacklist, reject_unauth_destination, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unknown_recipient_domain, reject_rbl_client zen.spamhaus.org, reject_rbl_client bl.spamcop.net

Shouldnt the reject_non_fqdn_sender rule be in the "smtpd_sender_restrictions" and not in the "smtpd_recipient_restrictions" rules.
Listen to everything Pixelpadre says.

Offline
***
SOLVED: Need help. all mail deferred
« Reply #12 on: January 03, 2022, 04:39:55 PM »
permit_mynetworks, must be FIRST in the
Code: [Select]
smtpd_recipient_restrictions = String.

Default cwp postfix main.cf config is second position, at least in the Stream servers.
« Last Edit: January 03, 2022, 05:05:20 PM by Namaste »
Listen to everything Pixelpadre says.

Offline
***
Re: Need help. all mail deferred
« Reply #13 on: January 03, 2022, 10:31:07 PM »
The correct ownership for that files is not "scanmyid:mail", but "vmail:mail" instead.

I don't know why you change that ownership to "scanmyid" user, but you need to change to "vmail" user.

You can do it with:
Code: [Select]
# chown -R vmail:mail /var/vmail/

This info seems to be incorrect. I have two other bugs relating to the domain folders inside the vmail folder having vmail:mail ownership instead of user:mail. So, they shouldnt be chowned vmail:mail

Offline
***
Re: Need help. all mail deferred
« Reply #14 on: January 03, 2022, 10:58:48 PM »
(...)
This info seems to be incorrect. I have two other bugs relating to the domain folders inside the vmail folder having vmail:mail ownership instead of user:mail. So, they shouldnt be chowned vmail:mail

What are the bugs..?!?!