Category: Postfix

  • postfix smtp Must issue a STARTTLS command first

    postfix smtp Must issue a STARTTLS command first

    When sending an email to a server, mail bounced with the following error message.

    Action: failed
Status: 5.7.0
Remote-MTA: dns; mail01.riedelbau.de
Diagnostic-Code: smtp; 530 5.7.0 Must issue a STARTTLS command first

    To fix the error, first enabled debug in postfix for the Remote-MTA, for this, edit file

    vi /etc/postfix/main.cf

    Add the following lines. You need to remove these lines after debug is completed or your log file will get larger with debug log.

    debug_peer_list=mail01.riedelbau.de
debug_peer_level=3

    Restart postfix mail server.

    systemctl restart postfix

    Now I send a mail, in /var/log/mail.log, I got the detailed error message.

    Sep 17 08:32:25 mail postfix/smtp[31356]: vstream_buf_get_ready: fd 14 got 64
Sep 17 08:32:25 mail postfix/smtp[31356]: < mail01.riedelbau.de[93.188.26.3]:25: 220 mail01.riedelbau.de ESMTP Fri, 17 Sep 2021 08:32:23 +0200 
Sep 17 08:32:25 mail postfix/smtp[31356]: > mail01.riedelbau.de[93.188.26.3]:25: EHLO smtp1.serverok.in
Sep 17 08:32:25 mail postfix/smtp[31356]: vstream_fflush_some: fd 14 flush 31
Sep 17 08:32:25 mail postfix/smtp[31356]: vstream_buf_get_ready: fd 14 got 221
Sep 17 08:32:25 mail postfix/smtp[31356]: < mail01.riedelbau.de[93.188.26.3]:25: 250-mail01.riedelbau.de Hello [173.249.63.91]
Sep 17 08:32:25 mail postfix/smtp[31356]: < mail01.riedelbau.de[93.188.26.3]:25: 250-TURN
Sep 17 08:32:25 mail postfix/smtp[31356]: < mail01.riedelbau.de[93.188.26.3]:25: 250-SIZE 36700160
Sep 17 08:32:25 mail postfix/smtp[31356]: < mail01.riedelbau.de[93.188.26.3]:25: 250-ETRN
Sep 17 08:32:25 mail postfix/smtp[31356]: < mail01.riedelbau.de[93.188.26.3]:25: 250-PIPELINING
Sep 17 08:32:25 mail postfix/smtp[31356]: < mail01.riedelbau.de[93.188.26.3]:25: 250-DSN
Sep 17 08:32:25 mail postfix/smtp[31356]: < mail01.riedelbau.de[93.188.26.3]:25: 250-ENHANCEDSTATUSCODES
Sep 17 08:32:25 mail postfix/smtp[31356]: < mail01.riedelbau.de[93.188.26.3]:25: 250-8bitmime
Sep 17 08:32:25 mail postfix/smtp[31356]: < mail01.riedelbau.de[93.188.26.3]:25: 250-BINARYMIME
Sep 17 08:32:25 mail postfix/smtp[31356]: < mail01.riedelbau.de[93.188.26.3]:25: 250-CHUNKING
Sep 17 08:32:25 mail postfix/smtp[31356]: < mail01.riedelbau.de[93.188.26.3]:25: 250-VRFY
Sep 17 08:32:25 mail postfix/smtp[31356]: < mail01.riedelbau.de[93.188.26.3]:25: 250-TLS
Sep 17 08:32:25 mail postfix/smtp[31356]: < mail01.riedelbau.de[93.188.26.3]:25: 250-STARTTLS
Sep 17 08:32:25 mail postfix/smtp[31356]: < mail01.riedelbau.de[93.188.26.3]:25: 250 OK
Sep 17 08:32:25 mail postfix/smtp[31356]: server features: 0x901f size 36700160
Sep 17 08:32:25 mail postfix/smtp[31356]: Using ESMTP PIPELINING, TCP send buffer size is 87040, PIPELINING buffer size is 4096
Sep 17 08:32:25 mail postfix/smtp[31356]: Host offered STARTTLS: [mail01.riedelbau.de]
Sep 17 08:32:25 mail postfix/smtp[31356]: smtp_stream_setup: maxtime=300 enable_deadline=0
Sep 17 08:32:25 mail postfix/smtp[31356]: > mail01.riedelbau.de[93.188.26.3]:25: MAIL FROM: SIZE=676
Sep 17 08:32:25 mail postfix/smtp[31356]: > mail01.riedelbau.de[93.188.26.3]:25: RCPT TO: ORCPT=rfc822;[email protected]
Sep 17 08:32:25 mail postfix/smtp[31356]: > mail01.riedelbau.de[93.188.26.3]:25: DATA
Sep 17 08:32:25 mail postfix/smtp[31356]: smtp_stream_setup: maxtime=300 enable_deadline=0
Sep 17 08:32:25 mail postfix/smtp[31356]: vstream_fflush_some: fd 14 flush 116
Sep 17 08:32:25 mail postfix/smtp[31356]: vstream_buf_get_ready: fd 14 got 141
Sep 17 08:32:25 mail postfix/smtp[31356]: < mail01.riedelbau.de[93.188.26.3]:25: 530 5.7.0 Must issue a STARTTLS command first

    The error is fixed by running

    postconf -e "smtp_tls_security_level=encrypt"
systemctl restart postfix

    You may also need to check the value of smtpd_tls_CAfile

    root@mail:~# postconf smtpd_tls_CAfile
smtpd_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
root@mail:~#

    If you don't have this set, run

    postconf -e "smtpd_tls_CAfile = /etc/ssl/certs/ca-certificates.crt"

    See postfix

  • How to stop SPAM with Postfix RBL

    To stop spam using RBL in postfix, edit main.cf

    vi /etc/postfix/main.cf

    Add

    smtpd_recipient_restrictions =
    permit_mynetworks,
    permit_sasl_authenticated,
    reject_unauth_destination,
    reject_invalid_hostname,
    reject_unauth_pipelining,
    reject_non_fqdn_sender,
    reject_unknown_sender_domain,
    reject_non_fqdn_recipient,
    reject_unknown_recipient_domain,
    reject_rbl_client cbl.abuseat.org,
    reject_rbl_client bl.spamcop.net,
    reject_rbl_client sbl.spamhaus.org,
    reject_rbl_client zen.spamhaus.org,
    permit

    Restart postfix

    systemctl restart postfix

    See postfix

  • install postfix from source code

    Requirements

    yum -y install db4 db4-devel

    Create user

    groupadd postfix -g 1000
useradd postfix -u 1000 -g 1000
groupadd postdrop

    Download and Install

    Go to

    http://www.postfix.org/download.html

    and download latest version of postfix.

    cd /usr/local/src
wget http://mirrors.rootservices.net/postfix/official/postfix-2.6.2.tar.gz
tar -zxvf postfix-2.6.2.tar.gz
cd postfix-2.6.2

    COMPILING

    make tidy
make -f Makefile.init makefiles
make
make install

    COMPILING WITH MYSQL SUPPORT

    make tidy
make -f Makefile.init makefiles 'CCARGS=-DHAS_MYSQL -I/usr/include/mysql' 'AUXLIBS=-L/usr/lib/mysql -lmysqlclient -lz -lm'
make
make install

    Now it ask many questions, just enter for every questions. See [[postfix make install questions]]

        Warning: you still need to edit myorigin/mydestination/mynetworks
    parameter settings in 
    
/etc/postfix/main.cf

    See also http://www.postfix.org/faq.html for information about dialup
    sites or about sites inside a firewalled network.

    BTW: Check your /etc/aliases file and be sure to set up aliases
    that send mail for root and postmaster to a real person, then run
    /usr/bin/newaliases.

    PRESS ENTER FOR ALL

    error while loading shared libraries: libmysqlclient.so.16

    [root@linux postfix-2.5.5]# find / -name 'mysql_version.h'
/usr/include/mysql/mysql_version.h
[root@linux postfix-2.5.5]#

    [root@linux postfix-2.5.5]#  find / -name 'libmysqlclient.so'
/usr/lib/mysql/libmysqlclient.so
[root@linux postfix-2.5.5]#

    Show mails in queue

    postqueue -p

    VERYFY MYSQL SUPPORT

    [root@linux postfix-2.5.5]# postconf -m
btree
cidr
environ
hash
mysql
nis
proxy
regexp
static
unix
[root@linux postfix-2.5.5]#

    START POSTFIX ON BOOT

    echo /usr/sbin/postfix start >> /etc/rc.local

    Commands listed on /etc/rc.local will run on boot.

    See postfix