On 5/3/20 8:13 PM, Samir Faci wrote:
Postfix Failed Logs.
May 4 03:07:36 lists postfix/smtpd[1968155]: disconnect from unknown[198.199.98.177] ehlo=1 mail=1 rcpt=0/1 rset=1 quit=1 commands=4/5 May 4 03:07:36 lists postfix/smtpd[1968155]: connect from unknown[198.199.98.177] May 4 03:07:36 lists postfix/smtpd[1968155]: 745B31473C6: client=unknown[198.199.98.177] May 4 03:07:36 lists postfix/cleanup[1968158]: 745B31473C6: message-id=<158856165549.136760.840427238489827082@lists> May 4 03:07:36 lists postfix/qmgr[1964759]: 745B31473C6: from=<booh-bounces@lists.domain.org
So mailman and Postfix are on different machines. That may complicate things, but
<mailto:booh-bounces@lists.domain.org>>, size=5474, nrcpt=1 (queue active) May 4 03:07:36 lists postfix/smtpd[1968155]: disconnect from unknown[198.199.98.177] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5 May 4 03:07:36 lists postfix/lmtp[1968159]: 745B31473C6: to=<booh-owner@lists.domain.org <mailto:booh-owner@lists.domain.org>>, relay=lists.domain.org <http://lists.domain.org>[198.199.98.177]:8024, delay=0.03, delays=0/0/0/0.02, dsn=2.0.0, status=sent (250 Ok)
This was a successful delivery.
May 4 03:07:36 lists postfix/qmgr[1964759]: 745B31473C6: removed May 4 03:07:38 lists postfix/smtpd[1968155]: connect from unknown[198.199.98.177] May 4 03:07:38 lists postfix/smtpd[1968155]: NOQUEUE: reject: RCPT from unknown[198.199.98.177]: 554 5.7.1 <csgeek@domain.com <mailto:csgeek@domain.com>>: Relay access denied; from=<booh-bounces+csgeek=domain.com@lists.domain.org <mailto:domain.com@lists.domain.org>> to=<csgeek@domain.com <mailto:csgeek@domain.com>> proto=ESMTP helo=<[127.0.1.1]>
You are sending from a remote machine 198.199.98.177 to a presumably remote domain domain.com so relay access is denied as it should be.
You need to add 198.199.98.177 to mynetworks in Postfix.
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
@Marc disregard the direct email I sent you.
Okay, so just to clarify both postfix and mailman are running on the same host. In theory, everything should be able to connect to localhost on port 25 to be able to send any emails it needs.
198.199.98.177 resolves is already added to my networks, but I added it explicitly.
mydestination = $myhostname, localhost.localdomain, localhost, $mydomain, lists.domain.org, 198.199.98.177
I tried setting the values to the dns name which resolves to the public IP and the 127.0.0.1 and right now I keep on seeing these errors:
connect to lists.geekbeacon.org[198.199.98.177]:8024: Connection refused
So, I ended up having to tweak my /etc/hosts file a bit as well as
smtp_host: lists.domain.org
smtp_port: 25
smtp_user:
smtp_pass:
# Where the LMTP server listens for connections. Use 127.0.0.1 instead of
# localhost for Postfix integration, because Postfix only consults DNS
# (e.g. not /etc/hosts).
lmtp_host: lists.domain.org
lmtp_port: 8024
So, now it's finally working but here's a question. Does 8024 need to be publically accessible from the outside?
On Sun, May 3, 2020 at 8:32 PM Mark Sapiro <mark@msapiro.net> wrote:
On 5/3/20 8:13 PM, Samir Faci wrote:
Postfix Failed Logs.
May 4 03:07:36 lists postfix/smtpd[1968155]: disconnect from unknown[198.199.98.177] ehlo=1 mail=1 rcpt=0/1 rset=1 quit=1 commands=4/5 May 4 03:07:36 lists postfix/smtpd[1968155]: connect from unknown[198.199.98.177] May 4 03:07:36 lists postfix/smtpd[1968155]: 745B31473C6: client=unknown[198.199.98.177] May 4 03:07:36 lists postfix/cleanup[1968158]: 745B31473C6: message-id=<158856165549.136760.840427238489827082@lists> May 4 03:07:36 lists postfix/qmgr[1964759]: 745B31473C6: from=<booh-bounces@lists.domain.org
So mailman and Postfix are on different machines. That may complicate things, but
<mailto:booh-bounces@lists.domain.org>>, size=5474, nrcpt=1 (queue active) May 4 03:07:36 lists postfix/smtpd[1968155]: disconnect from unknown[198.199.98.177] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5 May 4 03:07:36 lists postfix/lmtp[1968159]: 745B31473C6: to=<booh-owner@lists.domain.org <mailto:booh-owner@lists.domain.org>>, relay=lists.domain.org <http://lists.domain.org>[198.199.98.177]:8024, delay=0.03, delays=0/0/0/0.02, dsn=2.0.0, status=sent (250 Ok)
This was a successful delivery.
May 4 03:07:36 lists postfix/qmgr[1964759]: 745B31473C6: removed May 4 03:07:38 lists postfix/smtpd[1968155]: connect from unknown[198.199.98.177] May 4 03:07:38 lists postfix/smtpd[1968155]: NOQUEUE: reject: RCPT from unknown[198.199.98.177]: 554 5.7.1 <csgeek@domain.com <mailto:csgeek@domain.com>>: Relay access denied; from=<booh-bounces+csgeek=domain.com@lists.domain.org <mailto:domain.com@lists.domain.org>> to=<csgeek@domain.com <mailto:csgeek@domain.com>> proto=ESMTP helo=<[127.0.1.1]>
You are sending from a remote machine 198.199.98.177 to a presumably remote domain domain.com so relay access is denied as it should be.
You need to add 198.199.98.177 to mynetworks in Postfix.
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
Mailman-users mailing list -- mailman-users@mailman3.org To unsubscribe send an email to mailman-users-leave@mailman3.org https://lists.mailman3.org/mailman3/lists/mailman-users.mailman3.org/
-- Thank you Samir Faci https://keybase.io/csgeek
On 5/3/20 10:04 PM, Samir Faci wrote:
# Where the LMTP server listens for connections. Use 127.0.0.1 instead of # localhost for Postfix integration, because Postfix only consults DNS # (e.g. not /etc/hosts). lmtp_host: lists.domain.org lmtp_port: 8024
Why, in spite of the comment, do you have
lmtp_host: lists.domain.org
and not
lmtp_host: 127.0.0.1
Note that
lmtp_host: 127.0.0.1 lmtp_port: 8024
are the defaults.
So, now it's finally working but here's a question. Does 8024 need to be publically accessible from the outside?
No. Port 8024 is only for LMTP delivery from Postfix to Mailman.
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
The only way I've gotten it to work so far is by using the FQN. I can switch back to 127.0.0.1 but that wasn't working.
Here's the configuration I have.
incoming: mailman.mta.postfix.LMTP outgoing: mailman.mta.deliver.deliver smtp_host: 127.0.0.1 smtp_port: 25 smtp_user: smtp_pass:
lmtp_host: 127.0.0.1 lmtp_port: 8024
and the end result:
https://gist.github.com/safaci2000/b1c91f936df1c0d5668250cf1d503494
I tried setting the smtp_host to 127.0.0.1 and list.domain.org both result in the same issue. ie:
Here's the combinations I've tried:
smtp_host: 127.0.0.1 lmtp_host: 127.0.0.1
#fail
smtp_host: lists.domain.org lmtp_host: 127.0.0.1
#fail
Finally I even tried the exact copy from the documentation:
incoming: mailman.mta.postfix.LMTPoutgoing: mailman.mta.deliver.deliverlmtp_host: 127.0.0.1lmtp_port: 8024smtp_host: localhostsmtp_port: 25configuration: python:mailman.config.postfix
## Fail.
smtp_host: lists.domain.org lmtp_host: lists.domain.org
# success.
The error I get if I don't open port 8024 is below and in the gist i linked earlier.
May 4 17:50:09 lists postfix/lmtp[2600677]: D98A21473D5: to=< testing@lists.domain.org>, relay=none, delay=0.05, delays=0.03/0.01/0/0, dsn=4.4.1, status=deferred (connect to lists.domain.org[198.199.98.177]:8024: Connection refused)
The only way I've gotten it to work so far is by binding both the smtp_host and lmtp_host to be lists.domain.org and opening up port 8024.
I'd rather not have that port open but I'm open to suggestions on what else to try.
Locally on the server:
PING lists.domain.org (198.199.98.177) 56(84) bytes of data. 64 bytes from 198.199.98.177 (198.199.98.177): icmp_seq=1 ttl=64 time=0.071 ms 64 bytes from 198.199.98.177 (198.199.98.177): icmp_seq=2 ttl=64 time=0.048 ms 64 bytes from 198.199.98.177 (198.199.98.177): icmp_seq=3 ttl=64 time=0.069 ms
-- Samir Faci
On Mon, May 4, 2020 at 9:45 AM Mark Sapiro <mark@msapiro.net> wrote:
On 5/3/20 10:04 PM, Samir Faci wrote:
# Where the LMTP server listens for connections. Use 127.0.0.1 instead
of
# localhost for Postfix integration, because Postfix only consults DNS # (e.g. not /etc/hosts). lmtp_host: lists.domain.org lmtp_port: 8024
Why, in spite of the comment, do you have
lmtp_host: lists.domain.org
and not
lmtp_host: 127.0.0.1
Note that
lmtp_host: 127.0.0.1 lmtp_port: 8024
are the defaults.
So, now it's finally working but here's a question. Does 8024 need to be publically accessible from the outside?
No. Port 8024 is only for LMTP delivery from Postfix to Mailman.
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
Mailman-users mailing list -- mailman-users@mailman3.org To unsubscribe send an email to mailman-users-leave@mailman3.org https://lists.mailman3.org/mailman3/lists/mailman-users.mailman3.org/
-- Thank you Samir Faci https://keybase.io/csgeek
On 5/4/20 11:07 AM, Samir Faci wrote:
The only way I've gotten it to work so far is by using the FQN. I can switch back to 127.0.0.1 but that wasn't working.
Here's the configuration I have.
incoming: mailman.mta.postfix.LMTP outgoing: mailman.mta.deliver.deliver smtp_host: 127.0.0.1 smtp_port: 25 smtp_user: smtp_pass:
lmtp_host: 127.0.0.1 lmtp_port: 8024
and the end result:
https://gist.github.com/safaci2000/b1c91f936df1c0d5668250cf1d503494
which includes
May 4 17:50:09 lists postfix/lmtp[2600677]: connect to lists.domain.org[198.199.98.177]:8024: Connection refused
So the question is, why is Postfix trying to connect to lists.domain.org[198.199.98.177] and not to localhost[127.0.0.1]
smtp_host: 127.0.0.1 lmtp_host: 127.0.0.1
#fail
But it should work.
smtp_host: lists.domain.org lmtp_host: lists.domain.org
# success.
And this should not be necessary.
The error I get if I don't open port 8024 is below and in the gist i linked earlier.
May 4 17:50:09 lists postfix/lmtp[2600677]: D98A21473D5: to=< testing@lists.domain.org>, relay=none, delay=0.05, delays=0.03/0.01/0/0, dsn=4.4.1, status=deferred (connect to lists.domain.org[198.199.98.177]:8024: Connection refused)
This is what is expected if port 8024 is not open and you are connecting to lists.domain.org.
The only way I've gotten it to work so far is by binding both the smtp_host and lmtp_host to be lists.domain.org and opening up port 8024.
I'd rather not have that port open but I'm open to suggestions on what else to try.
You need to get Postfix to use localhost[127.0.0.1] and not lists.domain.org[198.199.98.177].
One issue is when you change
lmtp_host: lists.domain.org
to
lmtp_host: 127.0.0.1
you need to run mailman aliases to change the settings in
var/data/postfix_lmtp. I think if you go back to
smtp_host: 127.0.0.1 lmtp_host: 127.0.0.1
and run mailman aliases, restart mailman and reload Postfix, it should
all work without opening port 8024 and probably without needing to put
198.199.98.177 explicitly in mynetworks in Postfix.
I suspect you will have issues with mail not being accepted or treated as spam by some recipient ISPs however. See <https://en.wikipedia.org/wiki/Forward-confirmed_reverse_DNS>
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
Oh wow.. so that was special.
Sorry for the massive logs and back and forth. It turns out all I was missing was that I needed to re-run
sudo mailman aliases before restarting the service. I have a different set of issues right now but I need to debug that a bit more to figure out what is going on.
Thanks for all the help Mark, much appreciated.
-- Samir Faci
On Mon, May 4, 2020 at 11:49 AM Mark Sapiro <mark@msapiro.net> wrote:
On 5/4/20 11:07 AM, Samir Faci wrote:
The only way I've gotten it to work so far is by using the FQN. I can switch back to 127.0.0.1 but that wasn't working.
Here's the configuration I have.
incoming: mailman.mta.postfix.LMTP outgoing: mailman.mta.deliver.deliver smtp_host: 127.0.0.1 smtp_port: 25 smtp_user: smtp_pass:
lmtp_host: 127.0.0.1 lmtp_port: 8024
and the end result:
https://gist.github.com/safaci2000/b1c91f936df1c0d5668250cf1d503494
which includes
May 4 17:50:09 lists postfix/lmtp[2600677]: connect to lists.domain.org[198.199.98.177]:8024: Connection refused
So the question is, why is Postfix trying to connect to lists.domain.org[198.199.98.177] and not to localhost[127.0.0.1]
smtp_host: 127.0.0.1 lmtp_host: 127.0.0.1
#fail
But it should work.
smtp_host: lists.domain.org lmtp_host: lists.domain.org
# success.
And this should not be necessary.
The error I get if I don't open port 8024 is below and in the gist i linked earlier.
May 4 17:50:09 lists postfix/lmtp[2600677]: D98A21473D5: to=< testing@lists.domain.org>, relay=none, delay=0.05, delays=0.03/0.01/0/0, dsn=4.4.1, status=deferred (connect to lists.domain.org [198.199.98.177]:8024: Connection refused)
This is what is expected if port 8024 is not open and you are connecting to lists.domain.org.
The only way I've gotten it to work so far is by binding both the smtp_host and lmtp_host to be lists.domain.org and opening up port 8024.
I'd rather not have that port open but I'm open to suggestions on what else to try.
You need to get Postfix to use localhost[127.0.0.1] and not lists.domain.org[198.199.98.177].
One issue is when you change
lmtp_host: lists.domain.org
to
lmtp_host: 127.0.0.1
you need to run
mailman aliasesto change the settings in var/data/postfix_lmtp. I think if you go back tosmtp_host: 127.0.0.1 lmtp_host: 127.0.0.1
and run
mailman aliases, restart mailman and reload Postfix, it should all work without opening port 8024 and probably without needing to put 198.199.98.177 explicitly in mynetworks in Postfix.I suspect you will have issues with mail not being accepted or treated as spam by some recipient ISPs however. See <https://en.wikipedia.org/wiki/Forward-confirmed_reverse_DNS>
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
Mailman-users mailing list -- mailman-users@mailman3.org To unsubscribe send an email to mailman-users-leave@mailman3.org https://lists.mailman3.org/mailman3/lists/mailman-users.mailman3.org/
-- Thank you Samir Faci https://keybase.io/csgeek
On 5/4/20 1:59 PM, Samir Faci wrote:
Oh wow.. so that was special.
Sorry for the massive logs and back and forth. It turns out all I was missing was that I needed to re-run
sudo mailman aliases before restarting the service.
Starting with Mailman core 3.3.1, mailman start (but not mailman restart) will by default, regenerate the aliases.
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
participants (2)
-
Mark Sapiro -
Samir Faci