Amavis : Can't connect to socket 127.0.0.1:* using module IO::Socket::IP: Connection refused

Question

Trying to debug mail server, now I get this error which I feel should be the cause of the server not working :

Mar 17 15:06:24 ks4000003 amavis[2001]: (02001-01) (!)connect to 127.0.0.1:* failed, attempt #1: Can't connect to socket 127.0.0.1:* using module IO::Socket::IP: Connection refused

postconf -n :

alias_database = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
alias_maps = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
append_dot_mydomain = no
biff = no
body_checks = regexp:/etc/postfix/body_checks
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
content_filter = amavis:[127.0.0.1]:10024
dovecot_destination_recipient_limit = 1
header_checks = regexp:/etc/postfix/header_checks
html_directory = /usr/share/doc/postfix/html
inet_interfaces = all
inet_protocols = all
mailbox_size_limit = 0
maildrop_destination_concurrency_limit = 1
maildrop_destination_recipient_limit = 1
message_size_limit = 0
mime_header_checks = regexp:/etc/postfix/mime_header_checks
mydestination = ks4000003.ip-198-245-60.net, localhost.ip-198-245-60.net, localhost
myhostname = ks4000003.ip-198-245-60.net
mynetworks = 127.0.0.0/8 [::1]/128
myorigin = /etc/mailname
nested_header_checks = regexp:/etc/postfix/nested_header_checks
owner_request_special = no
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks
readme_directory = /usr/share/doc/postfix
receive_override_options = no_address_mappings
recipient_delimiter = +
relay_domains = mysql:/etc/postfix/mysql-virtual_relaydomains.cf
relay_recipient_maps = mysql:/etc/postfix/mysql-virtual_relayrecipientmaps.cf
relayhost =
smtp_tls_security_level = may
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
smtpd_client_message_rate_limit = 100
smtpd_client_restrictions = check_client_access mysql:/etc/postfix/mysql-virtual_client.cf, reject_unknown_reverse_client_hostname
smtpd_recipient_restrictions = check_recipient_access mysql:/etc/postfix/mysql-virtual_recipient.cf, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_rbl_client zen.spamhaus.org, reject_rbl_client dnsbl-1.uceprotect.net,reject_rbl_client dnsbl-2.uceprotect.net, reject_rbl_client dnsbl-3.uceprotect.net
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_path = private/auth
smtpd_sasl_type = dovecot
smtpd_sender_restrictions = check_sender_access mysql:/etc/postfix/mysql-virtual_sender.cf
smtpd_tls_CAfile = /etc/postfix/chain.crt
smtpd_tls_cert_file = /etc/postfix/site.crt
smtpd_tls_key_file = /etc/postfix/site.key
smtpd_tls_loglevel = 2
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
transport_maps = hash:/var/lib/mailman/data/transport-mailman, proxy:mysql:/etc/postfix/mysql-virtual_transports.cf
virtual_alias_domains =
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, proxy:mysql:/etc/postfix/mysql-virtual_email2email.cf, hash:/var/lib/mailman/data/virtual-mailman
virtual_gid_maps = static:5000
virtual_mailbox_base = /var/vmail
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
virtual_transport = dovecot
virtual_uid_maps = static:5000

master.cf :

smtp      inet  n       -       -       -       -       smtpd
submission inet n       -       -       -       -       smtpd
  -o syslog_name=postfix/submission
  -o smtpd_tls_security_level=encrypt
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
  -o milter_macro_daemon_name=ORIGINATING
smtps     inet  n       -       -       -       -       smtpd
  -o syslog_name=postfix/smtps
  -o smtpd_tls_wrappermode=yes
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
  -o milter_macro_daemon_name=ORIGINATING
#628       inet  n       -       -       -       -       qmqpd
pickup    fifo  n       -       -       60      1       pickup
cleanup   unix  n       -       -       -       0       cleanup
qmgr      fifo  n       -       n       300     1       qmgr
#qmgr     fifo  n       -       n       300     1       oqmgr
tlsmgr    unix  -       -       -       1000?   1       tlsmgr
rewrite   unix  -       -       -       -       -       trivial-rewrite
bounce    unix  -       -       -       -       0       bounce
defer     unix  -       -       -       -       0       bounce
trace     unix  -       -       -       -       0       bounce
verify    unix  -       -       -       -       1       verify
flush     unix  n       -       -       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
proxywrite unix -       -       n       -       1       proxymap
smtp      unix  -       -       -       -       -       smtp
relay     unix  -       -       -       -       -       smtp
#       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq     unix  n       -       -       -       -       showq
error     unix  -       -       -       -       -       error
retry     unix  -       -       -       -       -       error
discard   unix  -       -       -       -       -       discard
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       -       -       -       lmtp
anvil     unix  -       -       -       -       1       anvil
scache    unix  -       -       -       -       1       scache

maildrop  unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail argv=/usr/bin/maildrop -d vmail ${extension} ${recipient} ${user} ${nexthop} ${sender}

uucp      unix  -       n       n       -       -       pipe
  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)

ifmail    unix  -       n       n       -       -       pipe
  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp     unix  -       n       n       -       -       pipe
  flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix  -   n   n   -   2   pipe
  flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman   unix  -       n       n       -       -       pipe
  flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
  ${nexthop} ${user}

dovecot   unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop}
amavis unix - - - - 2 smtp
        -o smtp_data_done_timeout=1200
        -o smtp_send_xforward_command=yes

127.0.0.1:10025 inet n - - - - smtpd
        -o content_filter=
        -o local_recipient_maps=
        -o relay_recipient_maps=
        -o smtpd_restriction_classes=
        -o smtpd_client_restrictions=
        -o smtpd_helo_restrictions=
        -o smtpd_sender_restrictions=
        -o smtpd_recipient_restrictions=permit_mynetworks,reject
        -o mynetworks=127.0.0.0/8,127.0.0.1/8
        -o strict_rfc821_envelopes=yes
        -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
        -o smtp_bind_address=127.0.0.1

policy  unix  -       n       n       -       -       spawn

netstat -tulpn :

tcp        0      0 0.0.0.0:21              0.0.0.0:*               LISTEN      2000/pure-ftpd (SER
tcp        0      0 198.245.60.7:53         0.0.0.0:*               LISTEN      768/named       
tcp        0      0 127.0.0.1:53            0.0.0.0:*               LISTEN      768/named       
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      828/sshd        
tcp        0      0 0.0.0.0:23              0.0.0.0:*               LISTEN      772/inetd       
tcp        0      0 0.0.0.0:25              0.0.0.0:*               LISTEN      2040/smtpd      
tcp        0      0 127.0.0.1:953           0.0.0.0:*               LISTEN      768/named       
tcp        0      0 0.0.0.0:993             0.0.0.0:*               LISTEN      1/init          
tcp        0      0 0.0.0.0:995             0.0.0.0:*               LISTEN      2158/dovecot    
tcp        0      0 127.0.0.1:10024         0.0.0.0:*               LISTEN      1982/amavisd-new (m
tcp        0      0 127.0.0.1:10025         0.0.0.0:*               LISTEN      32568/master    
tcp        0      0 127.0.0.1:10026         0.0.0.0:*               LISTEN      1982/amavisd-new (m
tcp        0      0 127.0.0.1:3306          0.0.0.0:*               LISTEN      1501/mysqld     
tcp        0      0 0.0.0.0:587             0.0.0.0:*               LISTEN      32568/master    
tcp        0      0 0.0.0.0:110             0.0.0.0:*               LISTEN      2158/dovecot    
tcp        0      0 0.0.0.0:143             0.0.0.0:*               LISTEN      1/init          
tcp        0      0 0.0.0.0:465             0.0.0.0:*               LISTEN      32568/master    
tcp6       0      0 :::21                   :::*                    LISTEN      2000/pure-ftpd (SER
tcp6       0      0 :::53                   :::*                    LISTEN      768/named       
tcp6       0      0 :::4949                 :::*                    LISTEN      799/perl        
tcp6       0      0 :::22                   :::*                    LISTEN      828/sshd        
tcp6       0      0 :::25                   :::*                    LISTEN      2040/smtpd      
tcp6       0      0 ::1:953                 :::*                    LISTEN      768/named       
tcp6       0      0 :::443                  :::*                    LISTEN      2565/apache2    
tcp6       0      0 :::993                  :::*                    LISTEN      1/init          
tcp6       0      0 :::995                  :::*                    LISTEN      2158/dovecot    
tcp6       0      0 ::1:10024               :::*                    LISTEN      1982/amavisd-new (m
tcp6       0      0 ::1:10026               :::*                    LISTEN      1982/amavisd-new (m
tcp6       0      0 :::587                  :::*                    LISTEN      32568/master    
tcp6       0      0 :::110                  :::*                    LISTEN      2158/dovecot    
tcp6       0      0 :::143                  :::*                    LISTEN      1/init          
tcp6       0      0 :::8080                 :::*                    LISTEN      2565/apache2    
tcp6       0      0 :::80                   :::*                    LISTEN      2565/apache2    
tcp6       0      0 :::465                  :::*                    LISTEN      32568/master    
tcp6       0      0 :::8081                 :::*                    LISTEN      2565/apache2    
udp        0      0 198.245.60.7:53         0.0.0.0:*                           768/named       
udp        0      0 127.0.0.1:53            0.0.0.0:*                           768/named       
udp6       0      0 :::53                   :::*                                768/named

Do you see anything obvious? Thanks in advance!

score 1 · Accepted Answer · answered Mar 25 '19 at 20:10

In your main.cf of Postfix you have the following line:

content_filter = amavis:[127.0.0.1]:10024

Not a fault, just a side note of what I use to practice to avoid mix-ups: Use an unique identifier like:

content_filter = amavisfeed:[127.0.0.1]:10024

The main problem lies in your master.cf of Postfix. You are basically telling Postfix to use amavisd in the main.conf, but Postfix needs to know HOW to use amavisd in master.cf.
For example you can place the following right before the "127.0.0.1:10025 inet n - - - - smtpd" section:

amavisfeed unix - - n - 2 lmtp
    -o lmtp_data_done_timeout=1200
    -o lmtp_send_xforward_command=yes

Despite these factors, you should check commom hiccups in the form that amavisd and the components it uses (e.g. ClamAV, SpamAssassin) have correct configurations, especially in aspect of user and socket, and that amavisd enables the use of sockets for the components it uses via an entry in tmpfiles.d.

Thank you so much for your help. I still have problem to get the mail through, but at least I am a step further thanks to you. If you are selling this kind of service I would be interested for further help! — guylabbe.ca, Mar 28 '19 at 02:49

Amavis : Can't connect to socket 127.0.0.1:* using module IO::Socket::IP: Connection refused

1 Answers1