-1

I have a MTA with Postfix SSL/TLS configured and sending messages perfectly fine. In the same internal network, I have other servers that I want to send mail through this MTA.

In main.cf variable 'mynetworks', I already configured CIDR to accept internal IPs from my network.

Although all this configuration, when I try to send email from another server using this SSL MTA, I have the following error:

Jul 29 16:17:04 mail postfix/smtpd[25676]: connect from unknown[192.168.1.128]
Jul 29 16:17:04 mail postfix/smtpd[25676]: lost connection after UNKNOWN from unknown[192.168.1.128]
Jul 29 16:17:04 mail postfix/smtpd[25676]: disconnect from unknown[192.168.1.128]

This 'another server' reach my MTA, but I don't know about this error.

I don't know what else to research. All the theoretical knowledge I have was used at all.

Thanks, guys!

========================

EDIT (30/07/2013)

After enabling debug_peer_list = 192.168.1.128, this was the log output:

Jul 30 09:18:13 mail postfix/smtpd[9126]: connect from unknown[192.168.1.128]
Jul 30 09:18:13 mail postfix/smtpd[9126]: match_hostname: unknown ~? 192.168.1.0/24
Jul 30 09:18:13 mail postfix/smtpd[9126]: match_hostaddr: 192.168.1.128 ~? 192.168.1.0/24
Jul 30 09:18:13 mail postfix/smtpd[9126]: report connect to all milters
Jul 30 09:18:13 mail postfix/smtpd[9126]: milter_macro_lookup: "j"
Jul 30 09:18:13 mail postfix/smtpd[9126]: milter_macro_lookup: result "mail.mydomain.com.br"
Jul 30 09:18:13 mail postfix/smtpd[9126]: milter_macro_lookup: "{daemon_name}"
Jul 30 09:18:13 mail postfix/smtpd[9126]: milter_macro_lookup: result "mail.mydomain.com.br"
Jul 30 09:18:13 mail postfix/smtpd[9126]: milter_macro_lookup: "v"
Jul 30 09:18:13 mail postfix/smtpd[9126]: milter_macro_lookup: result "Postfix 2.6.6"
Jul 30 09:18:13 mail postfix/smtpd[9126]: milter8_connect: non-protocol events for protocol version 6: 
Jul 30 09:18:13 mail postfix/smtpd[9126]: milter8_connect: transport=inet endpoint=192.168.1.108:8891
Jul 30 09:18:13 mail postfix/smtpd[9126]: trying... [192.168.1.108]
Jul 30 09:18:13 mail postfix/smtpd[9126]: vstream_tweak_tcp: TCP_MAXSEG 16384
Jul 30 09:18:13 mail postfix/smtpd[9126]: milter8_connect: my_version=0x6
Jul 30 09:18:13 mail postfix/smtpd[9126]: milter8_connect: my_actions=0x1ff SMFIF_ADDHDRS SMFIF_CHGBODY SMFIF_ADDRCPT SMFIF_DELRCPT SMFIF_CHGHDRS SMFIF_QUARANTINE SMFIF_CHGFROM SMFIF_ADDRCPT_PAR SMFIF_SETSYMLIST
Jul 30 09:18:13 mail postfix/smtpd[9126]: milter8_connect: my_events=0x1fffff SMFIP_NOCONNECT SMFIP_NOHELO SMFIP_NOMAIL SMFIP_NORCPT SMFIP_NOBODY SMFIP_NOHDRS SMFIP_NOEOH SMFIP_NR_HDR SMFIP_NOUNKNOWN SMFIP_NODATA SMFIP_SKIP SMFIP_RCPT_REJ SMFIP_NR_CONN SMFIP_NR_HELO SMFIP_NR_MAIL SMFIP_NR_RCPT SMFIP_NR_DATA SMFIP_NR_UNKN SMFIP_NR_EOH SMFIP_NR_BODY SMFIP_HDR_LEADSPC
Jul 30 09:18:13 mail postfix/smtpd[9126]: milter8_connect: milter inet:192.168.1.108:8891 version 6
Jul 30 09:18:13 mail postfix/smtpd[9126]: milter8_connect: events SMFIP_NOHELO SMFIP_NOUNKNOWN SMFIP_NODATA SMFIP_SKIP SMFIP_HDR_LEADSPC
Jul 30 09:18:13 mail postfix/smtpd[9126]: milter8_connect: requests SMFIF_ADDHDRS SMFIF_CHGHDRS SMFIF_SETSYMLIST
Jul 30 09:18:13 mail postfix/smtpd[9126]: milter8_conn_event: milter inet:192.168.1.108:8891: connect unknown/192.168.1.128
Jul 30 09:18:13 mail postfix/smtpd[9126]: event: SMFIC_CONNECT; macros: j=mail.mydomain.com.br {daemon_name}=mail.mydomain.com.br v=Postfix 2.6.6
Jul 30 09:18:13 mail postfix/smtpd[9126]: reply: SMFIR_CONTINUE data 0 bytes
Jul 30 09:18:13 mail postfix/smtpd[9126]: > unknown[192.168.1.128]: 220 mail.mydomain.com.br ESMTP Postfix
Jul 30 09:18:13 mail postfix/smtpd[9126]: xsasl_cyrus_server_create: SASL service=smtp, realm=mail.mydomain.com.br
Jul 30 09:18:13 mail postfix/smtpd[9126]: name_mask: noanonymous
Jul 30 09:18:13 mail postfix/smtpd[9126]: watchdog_pat: 0x7f27142f9cb0
Jul 30 09:18:13 mail postfix/smtpd[9126]: < unknown[192.168.1.128]: ?g???
Jul 30 09:18:13 mail postfix/smtpd[9126]: match_string: ?g??? ~? CONNECT
Jul 30 09:18:13 mail postfix/smtpd[9126]: match_string: ?g??? ~? GET
Jul 30 09:18:13 mail postfix/smtpd[9126]: match_string: ?g??? ~? POST
Jul 30 09:18:13 mail postfix/smtpd[9126]: match_list_match: ?g???: no match
Jul 30 09:18:13 mail postfix/smtpd[9126]: report unknown command to all milters
Jul 30 09:18:13 mail postfix/smtpd[9126]: milter8_unknown_event: milter inet:192.168.1.108:8891: unknown command: ?g???
Jul 30 09:18:13 mail postfix/smtpd[9126]: event: SMFIC_UNKNOWN; macros: (none)
Jul 30 09:18:13 mail postfix/smtpd[9126]: skipping event SMFIC_UNKNOWN for milter inet:192.168.1.108:8891
Jul 30 09:18:13 mail postfix/smtpd[9126]: > unknown[192.168.1.128]: 502 5.5.2 Error: command not recognized
Jul 30 09:18:13 mail postfix/smtpd[9126]: watchdog_pat: 0x7f27142f9cb0
Jul 30 09:18:13 mail postfix/smtpd[9126]: smtp_get: EOF
Jul 30 09:18:13 mail postfix/smtpd[9126]: match_hostname: unknown ~? 192.168.1.0/24
Jul 30 09:18:13 mail postfix/smtpd[9126]: match_hostaddr: 192.168.1.128 ~? 192.168.1.0/24
Jul 30 09:18:13 mail postfix/smtpd[9126]: lost connection after UNKNOWN from unknown[192.168.1.128]
Jul 30 09:18:13 mail postfix/smtpd[9126]: disconnect event to all milters
Jul 30 09:18:13 mail postfix/smtpd[9126]: milter8_disc_event: quit milter inet:192.168.1.108:8891
Jul 30 09:18:13 mail postfix/smtpd[9126]: disconnect from unknown[192.168.1.128]

=======================

EDIT 31/07/2013

Telnet locally works perfectly fine.

[root@mail ~]# telnet mail.mydomain.com.br 465
Trying 127.0.0.1...
Connected to mail.mydomain.com.br.
Escape character is '^]'.
220 mail.mydomain.com.br ESMTP Postfix
ehlo mydomain.com.br
250-mail.mydomain.com.br
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH PLAIN DIGEST-MD5 CRAM-MD5 LOGIN
250-AUTH=PLAIN DIGEST-MD5 CRAM-MD5 LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
auth plain AHRlc3R1c2VyADEyMzQ1Ng==
235 2.7.0 Authentication successful
Sergio Mira
  • 21
  • 4
  • try to increase debug level smtpd_tls_loglevel = 1 or even smtpd_tls_loglevel = 2 – ALex_hha Jul 29 '13 at 20:23
  • One of the problems was solved increasing smtp loglevel, which was ownership of directory /var/lib/postfix. But it keeps with error described above. – Sergio Mira Jul 29 '13 at 20:51
  • Have you tried to emulate smtp session via telnet? In the log there is no error. Also you could enable debug in the postfix. Just add debug_peer_list = 192.168.1.128 – ALex_hha Jul 30 '13 at 10:42

1 Answers1

0

As you can see form the output

Jul 30 09:18:13 mail postfix/smtpd[9126]: > unknown[192.168.1.128]: 502 5.5.2 Error: command not recognized

the client had sent some not recognized command during smtp session. You should check settings on the 192.168.1.128. Also you could save smtp session and analyze them in wireshark/ethereal 

# tcpdump -w /tmp/smtp_192.168.1.128.log -s 0 -nnpi eth0 host 192.168.1.128 and tcp port 25
ALex_hha
  • 7,193
  • 1
  • 25
  • 40