0

I've been trying to setup a send only SMTP server with postfix and dovecot, on Ubuntu 16.04. The problem I'm having is that when trying to send an email I get the message back.

4.7.0 TLS not available due to local problem

So I'm guessing that the problem lies within my postfix TLS setup. And if I'm checking the status of the postfix service

Sep 19 15:03:15 mail.example.org postfix[3571]: /usr/sbin/postconf: warning: /etc/postfix/main.cf: unused parameter: smtpd_tls_session_cache_header=yes Sep 19 15:03:15 mail.example.org postfix[3571]: /usr/sbin/postconf: warning: /etc/postfix/main.cf: unused parameter: smtpd_tls_note_starttls_offer=yes Sep 19 15:03:15 mail.example.org postfix[3571]: /usr/sbin/postconf: warning: /etc/postfix/main.cf: unused parameter: smtpd_tls_recieved_header=yes

So I'm guessing it has something to do with these settings. But I don't get exactly whats wrong with them, I've tried removing the lines, and the error still occurs.

Postfix Config:

mydomain = branelmail.dk
myhostname = mail.branelmail.dk

myorigin = $mydomain
mydestination = $myhostname, localhost.$mydomain, localhost

unknown_local_recipient_reject_code = 550

mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128

alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases

home_mailbox = /dev/null

smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

readme_directory = no

debug_peer_level = 2

# TLS parameters
smtpd_use_tls = yes
smtpd_tls_cert_file=/etc/ssl/certs/mail.branelmail.dk.pem
smtpd_tls_key_file=/etc/ssl/private/mail.branelmail.dk.key
smtpd_tls_CAfile = /etc/ssl/certs/cacert.pem
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

# You can use log level 3 or 4 for more advanced troubleshooting
smtpd_tls_loglevel = 4

smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
relayhost =
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all

smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_sasl_auth_enable = yes
smtpd_tls_security_level = may
smtpd_tls_auth_only = no
#smtpd_tls_note_starttls_offer = yes
#smtpd_tls_recieved_header = yes
#smtpd_tls_session_cache_header = yes
tls_random_source = dev:/dev/urandom
reaper
  • 3
  • 2
  • 1
    Please add your postfix config to the question. – Gerald Schneider Sep 19 '17 at 13:32
  • 1
    The message sounds like it occurs when your mailserver tries to connect to other mailservers. You could try setting `smtp_tls_security_level = may`, the default value for that directive is `none`. Do you get any additional messages in the log file regarding TLS, maybe on server startup? – Gerald Schneider Sep 19 '17 at 14:09
  • I don't get anything special in the log file. All I get is Sep 19 16:11:14 mail postfix[4467]: Postfix is running with backwards-compatible default settings Sep 19 16:11:14 mail postfix[4467]: See http://www.postfix.org/COMPATIBILITY_README.html for details Sep 19 16:11:14 mail postfix[4467]: To disable backwards compatibility use "postconf compatibility_level=2" and "postfix reload" Sep 19 16:11:14 mail postfix/master[4504]: daemon started -- version 3.1.0, configuration /etc/postfix – reaper Sep 19 '17 at 14:12

1 Answers1

0

Okay so i found a solution, it seems that there was something wrong with the certificate we generated, after buying a certificate online, it works wit no problem. So if anyone has the same problem, just make sure that the certificates your using, are properly setup.

reaper
  • 3
  • 2