451 4.3.5 Server configuration error

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
7 messages Options
Reply | Threaded
Open this post in threaded view
|

451 4.3.5 Server configuration error

Daniel Armando Rodriguez
Hi, I'm getting such message logged after the warning: unknown smtpd
restriction: "milter_default_action"

All incoming mail is rejected.

What I'm trying to achieve is to get dkim validation working,
following this guide
https://wiki.debian.org/opendkim




regards in advance
Reply | Threaded
Open this post in threaded view
|

Re: 451 4.3.5 Server configuration error

Christian Kivalo


On 2017-08-30 14:51, Daniel Armando Rodriguez wrote:
> Hi, I'm getting such message logged after the warning: unknown smtpd
> restriction: "milter_default_action"
Note that options in master.cf are without spaces around the "=".

> All incoming mail is rejected.
>
> What I'm trying to achieve is to get dkim validation working,
> following this guide
> https://wiki.debian.org/opendkim
It helps to show your configuration.

See http://www.postfix.org/DEBUG_README.html#mail

Send the output of
postconf -n
postconf -Mf

>
>
>
> regards in advance

--
  Christian Kivalo
Reply | Threaded
Open this post in threaded view
|

Re: 451 4.3.5 Server configuration error

Daniel Armando Rodriguez
> On 2017-08-30 14:51, Daniel Armando Rodriguez wrote:
>>
>> Hi, I'm getting such message logged after the warning: unknown smtpd
>> restriction: "milter_default_action"
>
> Note that options in master.cf are without spaces around the "=".

yep

>> All incoming mail is rejected.
>>
>> What I'm trying to achieve is to get dkim validation working,
>> following this guide
>> https://wiki.debian.org/opendkim
>
> It helps to show your configuration.
>
> See http://www.postfix.org/DEBUG_README.html#mail
>
> Send the output of
> postconf -n

#  postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
config_directory = /etc/postfix
home_mailbox = Maildir/
html_directory = /usr/share/doc/postfix/html
inet_interfaces = all
mailbox_command =
mailbox_size_limit = 0
mydestination = localhost
mydomain = unau.edu.ar
myhostname = correo.$mydomain
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128, 170.210.45.128/29
myorigin = $myhostname
policyd-spf_time_limit = 3600
readme_directory = /usr/share/doc/postfix
recipient_delimiter = +
relayhost =
smtp_tls_security_level = may
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name
smtpd_recipient_restrictions = permit_mynetworks,
permit_sasl_authenticated, reject_unauth_destination,
check_policy_service unix:private/policyd-spf milter_default_action =
accept milter_protocol = 6 smtpd_milters =
local:/opendkim/opendkim.sock non_smtpd_milters = $smtpd_milters
smtpd_relay_restrictions = permit_mynetworks,
permit_sasl_authenticated, reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_path = private/auth
smtpd_sasl_type = dovecot
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/letsencrypt/live/unau.edu.ar/fullchain.pem
smtpd_tls_key_file = /etc/letsencrypt/live/unau.edu.ar/privkey.pem
smtpd_tls_protocols = !SSLv2, !SSLv3
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
virtual_alias_maps = hash:/etc/postfix/virtual_aliases
virtual_mailbox_domains = $mydomain
virtual_transport = lmtp:unix:private/dovecot-lmtp

> postconf -Mf

postconf -Mf
smtp       inet  n       -       -       -       -       smtpd
    -o content_filter=spamassassin
submission inet  n       -       -       -       -       smtpd
    -o syslog_name=postfix/submission
    -o smtpd_tls_security_level=encrypt
    -o syslog_name=postfix/submission
    -o smtpd_tls_security_level=encrypt
    -o smtpd_sasl_auth_enable=yes
    -o smtpd_sasl_auth_enable=yes
    -o smtpd_client_restrictions=permit_sasl_authenticated,reject
    -o milter_macro_daemon_name=ORIGINATING
    -o content_filter=spamassassin
smtps      inet  n       -       -       -       -       smtpd
    -o syslog_name=postfix/smtps
    -o smtpd_tls_wrappermode=yes
    -o smtpd_sasl_auth_enable=yes
    -o smtpd_client_restrictions=permit_sasl_authenticated,reject
    -o milter_macro_daemon_name=ORIGINATING
    -o content_filter=spamassassin
pickup     unix  n       -       -       60      1       pickup
cleanup    unix  n       -       -       -       0       cleanup
qmgr       unix  n       -       n       300     1       qmgr
tlsmgr     unix  -       -       -       1000?   1       tlsmgr
rewrite    unix  -       -       -       -       -       trivial-rewrite
bounce     unix  -       -       -       -       0       bounce
defer      unix  -       -       -       -       0       bounce
trace      unix  -       -       -       -       0       bounce
verify     unix  -       -       -       -       1       verify
flush      unix  n       -       -       1000?   0       flush
proxymap   unix  -       -       n       -       -       proxymap
proxywrite unix  -       -       n       -       1       proxymap
smtp       unix  -       -       -       -       -       smtp
relay      unix  -       -       -       -       -       smtp
showq      unix  n       -       -       -       -       showq
error      unix  -       -       -       -       -       error
retry      unix  -       -       -       -       -       error
discard    unix  -       -       -       -       -       discard
local      unix  -       n       n       -       -       local
virtual    unix  -       n       n       -       -       virtual
lmtp       unix  -       -       -       -       -       lmtp
anvil      unix  -       -       -       -       1       anvil
scache     unix  -       -       -       -       1       scache
maildrop   unix  -       n       n       -       -       pipe flags=DRhu
    user=vmail argv=/usr/bin/maildrop -d ${recipient}
uucp       unix  -       n       n       -       -       pipe flags=Fqhu
    user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail     unix  -       n       n       -       -       pipe flags=F user=ftn
    argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp      unix  -       n       n       -       -       pipe flags=Fq.
    user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix - n       n       -       2       pipe flags=R
    user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop}
    ${user} ${extension}
mailman    unix  -       n       n       -       -       pipe flags=FR
    user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py ${nexthop}
    ${user}
policyd-spf unix -       n       n       -       0       spawn user=policyd-spf
    argv=/usr/bin/policyd-spf
spamassassin unix -      n       n       -       -       pipe user=debian-spamd
    argv=/usr/bin/spamc -f -e /usr/sbin/sendmail -oi -f ${sender} ${recipient}




_______________________________________________
Daniel A. Rodriguez
Departamento de Tecnología para la Gestión
Escuela Provincial de Educación Técnica N° 1
Posadas - Misiones - Argentina
(0376) 443-8578
www.epet1.edu.ar
Reply | Threaded
Open this post in threaded view
|

Re: 451 4.3.5 Server configuration error

Christian Kivalo


On 2017-08-30 15:07, Daniel Armando Rodriguez wrote:

>> On 2017-08-30 14:51, Daniel Armando Rodriguez wrote:
>>>
>>> Hi, I'm getting such message logged after the warning: unknown smtpd
>>> restriction: "milter_default_action"
>>
>> Note that options in master.cf are without spaces around the "=".
>
> yep
>
>>> All incoming mail is rejected.
>>>
>>> What I'm trying to achieve is to get dkim validation working,
>>> following this guide
>>> https://wiki.debian.org/opendkim
>>
>> It helps to show your configuration.
>>
>> See http://www.postfix.org/DEBUG_README.html#mail
>>
>> Send the output of
>> postconf -n
>
> #  postconf -n
> alias_database = hash:/etc/aliases
> alias_maps = hash:/etc/aliases
> append_dot_mydomain = no
> biff = no
> config_directory = /etc/postfix
> home_mailbox = Maildir/
> html_directory = /usr/share/doc/postfix/html
> inet_interfaces = all
> mailbox_command =
> mailbox_size_limit = 0
> mydestination = localhost
> mydomain = unau.edu.ar
> myhostname = correo.$mydomain
> mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128,
> 170.210.45.128/29
> myorigin = $myhostname
> policyd-spf_time_limit = 3600
> readme_directory = /usr/share/doc/postfix
> recipient_delimiter = +
> relayhost =
> smtp_tls_security_level = may
> smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
> smtpd_banner = $myhostname ESMTP $mail_name
> smtpd_recipient_restrictions = permit_mynetworks,
> permit_sasl_authenticated, reject_unauth_destination,
> check_policy_service unix:private/policyd-spf milter_default_action =
                                                ^^
Maybe just your mailclient, but you seem to be missing newlines here.

> accept milter_protocol = 6 smtpd_milters =
> local:/opendkim/opendkim.sock non_smtpd_milters = $smtpd_milters
All these milter_* options should be on their own line.

> smtpd_relay_restrictions = permit_mynetworks,
> permit_sasl_authenticated, reject_unauth_destination
> smtpd_sasl_auth_enable = yes
> smtpd_sasl_authenticated_header = yes
> smtpd_sasl_path = private/auth
> smtpd_sasl_type = dovecot
> smtpd_tls_auth_only = yes
> smtpd_tls_cert_file = /etc/letsencrypt/live/unau.edu.ar/fullchain.pem
> smtpd_tls_key_file = /etc/letsencrypt/live/unau.edu.ar/privkey.pem
> smtpd_tls_protocols = !SSLv2, !SSLv3
> smtpd_tls_security_level = may
> smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
> smtpd_use_tls = yes
> virtual_alias_maps = hash:/etc/postfix/virtual_aliases
> virtual_mailbox_domains = $mydomain
> virtual_transport = lmtp:unix:private/dovecot-lmtp
>
>> postconf -Mf
>
> postconf -Mf
> smtp       inet  n       -       -       -       -       smtpd
>     -o content_filter=spamassassin
> submission inet  n       -       -       -       -       smtpd
>     -o syslog_name=postfix/submission
>     -o smtpd_tls_security_level=encrypt
>     -o syslog_name=postfix/submission
>     -o smtpd_tls_security_level=encrypt
>     -o smtpd_sasl_auth_enable=yes
>     -o smtpd_sasl_auth_enable=yes
>     -o smtpd_client_restrictions=permit_sasl_authenticated,reject
>     -o milter_macro_daemon_name=ORIGINATING
>     -o content_filter=spamassassin
> smtps      inet  n       -       -       -       -       smtpd
>     -o syslog_name=postfix/smtps
>     -o smtpd_tls_wrappermode=yes
>     -o smtpd_sasl_auth_enable=yes
>     -o smtpd_client_restrictions=permit_sasl_authenticated,reject
>     -o milter_macro_daemon_name=ORIGINATING
>     -o content_filter=spamassassin
> pickup     unix  n       -       -       60      1       pickup
> cleanup    unix  n       -       -       -       0       cleanup
> qmgr       unix  n       -       n       300     1       qmgr
> tlsmgr     unix  -       -       -       1000?   1       tlsmgr
> rewrite    unix  -       -       -       -       -      
> trivial-rewrite
> bounce     unix  -       -       -       -       0       bounce
> defer      unix  -       -       -       -       0       bounce
> trace      unix  -       -       -       -       0       bounce
> verify     unix  -       -       -       -       1       verify
> flush      unix  n       -       -       1000?   0       flush
> proxymap   unix  -       -       n       -       -       proxymap
> proxywrite unix  -       -       n       -       1       proxymap
> smtp       unix  -       -       -       -       -       smtp
> relay      unix  -       -       -       -       -       smtp
> showq      unix  n       -       -       -       -       showq
> error      unix  -       -       -       -       -       error
> retry      unix  -       -       -       -       -       error
> discard    unix  -       -       -       -       -       discard
> local      unix  -       n       n       -       -       local
> virtual    unix  -       n       n       -       -       virtual
> lmtp       unix  -       -       -       -       -       lmtp
> anvil      unix  -       -       -       -       1       anvil
> scache     unix  -       -       -       -       1       scache
> maildrop   unix  -       n       n       -       -       pipe
> flags=DRhu
>     user=vmail argv=/usr/bin/maildrop -d ${recipient}
> uucp       unix  -       n       n       -       -       pipe
> flags=Fqhu
>     user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
> ifmail     unix  -       n       n       -       -       pipe flags=F
> user=ftn
>     argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
> bsmtp      unix  -       n       n       -       -       pipe flags=Fq.
>     user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender
> $recipient
> scalemail-backend unix - n       n       -       2       pipe flags=R
>     user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store
> ${nexthop}
>     ${user} ${extension}
> mailman    unix  -       n       n       -       -       pipe flags=FR
>     user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
> ${nexthop}
>     ${user}
> policyd-spf unix -       n       n       -       0       spawn
> user=policyd-spf
>     argv=/usr/bin/policyd-spf
> spamassassin unix -      n       n       -       -       pipe
> user=debian-spamd
>     argv=/usr/bin/spamc -f -e /usr/sbin/sendmail -oi -f ${sender}
> ${recipient}
>
>
>
>
> _______________________________________________
> Daniel A. Rodriguez
> Departamento de Tecnología para la Gestión
> Escuela Provincial de Educación Técnica N° 1
> Posadas - Misiones - Argentina
> (0376) 443-8578
> www.epet1.edu.ar

--
  Christian Kivalo
Reply | Threaded
Open this post in threaded view
|

Re: 451 4.3.5 Server configuration error

Daniel Armando Rodriguez
2017-08-30 10:16 GMT-03:00 Christian Kivalo <[hidden email]>:

>
>
> On 2017-08-30 15:07, Daniel Armando Rodriguez wrote:
>>>
>>> On 2017-08-30 14:51, Daniel Armando Rodriguez wrote:
>>>>
>>>>
>>>> Hi, I'm getting such message logged after the warning: unknown smtpd
>>>> restriction: "milter_default_action"
>>>
>>>
>>> Note that options in master.cf are without spaces around the "=".
>>
>>
>> yep
>>
>>>> All incoming mail is rejected.
>>>>
>>>> What I'm trying to achieve is to get dkim validation working,
>>>> following this guide
>>>> https://wiki.debian.org/opendkim
>>>
>>>
>>> It helps to show your configuration.
>>>
>>> See http://www.postfix.org/DEBUG_README.html#mail
>>>
>>> Send the output of
>>> postconf -n
>>
>>
>> #  postconf -n
>> alias_database = hash:/etc/aliases
>> alias_maps = hash:/etc/aliases
>> append_dot_mydomain = no
>> biff = no
>> config_directory = /etc/postfix
>> home_mailbox = Maildir/
>> html_directory = /usr/share/doc/postfix/html
>> inet_interfaces = all
>> mailbox_command =
>> mailbox_size_limit = 0
>> mydestination = localhost
>> mydomain = unau.edu.ar
>> myhostname = correo.$mydomain
>> mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128,
>> 170.210.45.128/29
>> myorigin = $myhostname
>> policyd-spf_time_limit = 3600
>> readme_directory = /usr/share/doc/postfix
>> recipient_delimiter = +
>> relayhost =
>> smtp_tls_security_level = may
>> smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
>> smtpd_banner = $myhostname ESMTP $mail_name
>> smtpd_recipient_restrictions = permit_mynetworks,
>> permit_sasl_authenticated, reject_unauth_destination,
>> check_policy_service unix:private/policyd-spf milter_default_action =
>
>                                                ^^
> Maybe just your mailclient, but you seem to be missing newlines here.
>
>> accept milter_protocol = 6 smtpd_milters =
>> local:/opendkim/opendkim.sock non_smtpd_milters = $smtpd_milters
>
> All these milter_* options should be on their own line.


They are, look like this in main.cf

# OpenDKIM
   milter_default_action = accept
   milter_protocol = 6
   smtpd_milters = local:/opendkim/opendkim.sock
   non_smtpd_milters = $smtpd_milters




_______________________________________________
Daniel A. Rodriguez
Departamento de Tecnología para la Gestión
Escuela Provincial de Educación Técnica N° 1
Posadas - Misiones - Argentina
(0376) 443-8578
www.epet1.edu.ar
Reply | Threaded
Open this post in threaded view
|

Re: 451 4.3.5 Server configuration error

Viktor Dukhovni

> On Aug 30, 2017, at 12:56 PM, Daniel Armando Rodriguez <[hidden email]> wrote:
>
> They are, look like this in main.cf
>
> # OpenDKIM
>   milter_default_action = accept
>   milter_protocol = 6
>   smtpd_milters = local:/opendkim/opendkim.sock
>   non_smtpd_milters = $smtpd_milters

Each parameter definition must start in the *first*
column of its text line. See

  http://www.postfix.org/postconf.5.html

    The general format of the main.cf file is as follows:

        • Each logical line is in the form "parameter = value".
          Whitespace around the "=" is ignored, as is whitespace
          at the end of a logical line.

        • Empty lines and whitespace-only lines are ignored, as are
          lines whose first non-whitespace character is a `#'.

        • A logical line starts with non-whitespace text. A line
          that starts with whitespace continues a logical line.

--
        Viktor.

Reply | Threaded
Open this post in threaded view
|

Re: 451 4.3.5 Server configuration error

Daniel Armando Rodriguez
>> They are, look like this in main.cf
>>
>> # OpenDKIM
>>   milter_default_action = accept
>>   milter_protocol = 6
>>   smtpd_milters = local:/opendkim/opendkim.sock
>>   non_smtpd_milters = $smtpd_milters
>
> Each parameter definition must start in the *first*
> column of its text line. See
>
>   http://www.postfix.org/postconf.5.html
>
>     The general format of the main.cf file is as follows:
>
>         • Each logical line is in the form "parameter = value".
>           Whitespace around the "=" is ignored, as is whitespace
>           at the end of a logical line.
>
>         • Empty lines and whitespace-only lines are ignored, as are
>           lines whose first non-whitespace character is a `#'.
>
>         • A logical line starts with non-whitespace text. A line
>           that starts with whitespace continues a logical line.


That was it, should read first!


Thank you guys






_______________________________________________
Daniel A. Rodriguez
Departamento de Tecnología para la Gestión
Escuela Provincial de Educación Técnica N° 1
Posadas - Misiones - Argentina
(0376) 443-8578
www.epet1.edu.ar