Postfix LMTP to remote LMTP server

classic Classic list List threaded Threaded
7 messages Options
Reply | Threaded
Open this post in threaded view
|

Postfix LMTP to remote LMTP server

alexevon
Hello-

Been trying to set Postfix to deliver mail via LMTP to a remote LMTP server
which also supports the IMAP mailstore.  This remote server is on the same
network.

Postfix works fine by sending and receiving mail.  The end goal is to take
the received mail and deliver it to the remote server via LMTP.


The error messages I keep getting is:


n 13 02:51:10 alpha postfix/local[17763]: fatal: connect #11 to subsystem
private/lmtp: Connection refused
Jun 13 02:55:12 alpha postfix/local[18860]: warning: connect #1 to subsystem
private/lmtp: Connection refused
Jun 13 02:55:22 alpha postfix/local[18860]: warning: connect #2 to subsystem
private/lmtp: Connection refused




Here is the postfix/main.cf:


alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = yes
inet_interfaces = all
inet_protocols = all
mailbox_size_limit = 0
mailbox_transport = lmtp:inet:10.10.10.65:2424
mydestination = localhost.localdomain, localhost
myhostname = xxxxxxxx.tld
mynetworks = 127.0.0.0/8 10.10.11.0/24 10.10.10.0/24 172.16.0.0/12
192.168.1.0/24 10.8.0.0/24 [::ffff:127.0.0.0]/104 [::1]/128 10.10.10.0/24
myorigin = /etc/mailname
readme_directory = no
recipient_delimiter = +
relayhost = xxxxxxxx:587
smtp_header_checks = pcre:/etc/postfix/smtp_header_checks
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtp_use_tls = yes
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
smtpd_recipient_restrictions =
permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated
defer_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain =
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_tls_CAfile = /etc/postfix/cacert.pem
smtpd_tls_auth_only = no
smtpd_tls_cert_file = /etc/postfix/xxxxxxxx.tld.crt
smtpd_tls_key_file = /etc/postfix/xxxxxxxx.tld.key
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom
virtual_alias_domains = hash:/etc/postfix/virtual_domains
virtual_alias_maps = hash:/etc/postfix/virtual_alias




and here is the master.cf:

#
# Postfix master process configuration file.  For details on the format
# of the file, see the master(5) manual page (command: "man 5 master" or
# on-line: http://www.postfix.org/master.5.html).
#
# Do not forget to execute "postfix reload" after editing this file.
#
# ==========================================================================
# service type  private unpriv  chroot  wakeup  maxproc command + args
#               (yes)   (yes)   (yes)   (never) (100)
# ==========================================================================
#smtp      inet  n       -       -       -       1       postscreen
#smtpd     pass  -       -       -       -       -       smtpd
#dnsblog   unix  -       -       -       -       0       dnsblog
#tlsproxy  unix  -       -       -       -       0       tlsproxy
#  -o syslog_name=postfix/submission
#  -o smtpd_tls_security_level=encrypt
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_reject_unlisted_recipient=no
#  -o smtpd_client_restrictions=$mua_client_restrictions
#  -o smtpd_helo_restrictions=$mua_helo_restrictions
#  -o smtpd_sender_restrictions=$mua_sender_restrictions
#  -o smtpd_recipient_restrictions=
#  -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
#  -o milter_macro_daemon_name=ORIGINATING
#smtps     inet  n       -       -       -       -       smtpd
#  -o syslog_name=postfix/smtps
#  -o smtpd_tls_wrappermode=yes
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_reject_unlisted_recipient=no
#  -o smtpd_client_restrictions=$mua_client_restrictions
#  -o smtpd_helo_restrictions=$mua_helo_restrictions
#  -o smtpd_sender_restrictions=$mua_sender_restrictions
#  -o smtpd_recipient_restrictions=
#  -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
#  -o milter_macro_daemon_name=ORIGINATING
#628       inet  n       -       -       -       -       qmqpd
submission inet  n       -       y       -       -       smtpd
smtp       inet  n       -       y       -       -       smtpd
pickup     unix  n       -       y       60      1       pickup
cleanup    unix  n       -       y       -       0       cleanup
qmgr      unix  n       -       n       300     1       qmgr
#qmgr     unix  n       -       n       300     1       oqmgr
tlsmgr     unix  -       -       y       1000?   1       tlsmgr
rewrite    unix  -       -       y       -       -       trivial-rewrite
bounce     unix  -       -       y       -       0       bounce
defer      unix  -       -       y       -       0       bounce
trace      unix  -       -       y       -       0       bounce
verify     unix  -       -       y       -       1       verify
flush      unix  n       -       y       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
proxywrite unix -       -       n       -       1       proxymap
smtp       unix  -       -       y       -       -       smtp
#       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
relay      unix  -       -       y       -       -       smtp
showq      unix  n       -       y       -       -       showq
error      unix  -       -       y       -       -       error
retry      unix  -       -       y       -       -       error
discard    unix  -       -       y       -       -       discard
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
#lmtp       unix  -       -       y       -       -       lmtp
lmtp       inet  n       n       n       -       -       lmtp -v
anvil      unix  -       -       y       -       1       anvil
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# Many of the following services use the Postfix pipe(8) delivery
# agent.  See the pipe(8) man page for information about ${recipient}
# and other message envelope options.
# ====================================================================
#
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
scache     unix  -       -       y       -       1       scache
maildrop  unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
#
# ====================================================================
#
# Recent Cyrus versions can use the existing "lmtp" master.cf entry.
#
# Specify in cyrus.conf:
#   lmtp    cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4
#
# Specify in main.cf one or more of the following:
#  mailbox_transport = lmtp:inet:localhost
#  virtual_transport = lmtp:inet:localhost
#
# ====================================================================
#
# Cyrus 2.1.5 (Amos Gouaux)
# Also specify in main.cf: cyrus_destination_recipient_limit=1
#
#cyrus     unix  -       n       n       -       -       pipe
#  user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension}
${user}
#
# ====================================================================
# Old example of delivery via Cyrus.
#
#old-cyrus unix  -       n       n       -       -       pipe
#  flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
#
# ====================================================================
#
# See the Postfix UUCP_README file for configuration details.
#
uucp      unix  -       n       n       -       -       pipe
  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail
($recipient)
#
# Other external delivery methods.
#
ifmail    unix  -       n       n       -       -       pipe
  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp     unix  -       n       n       -       -       pipe
  flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender
$recipient
scalemail-backend unix        -        n        n        -        2      
pipe
  flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store
${nexthop} ${user} ${extension}
mailman   unix  -       n       n       -       -       pipe
  flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
  ${nexthop} ${user}





Thank you for any insight!

Alex




--
Sent from: http://postfix.1071664.n5.nabble.com/Postfix-Users-f2.html
Reply | Threaded
Open this post in threaded view
|

Re: Postfix LMTP to remote LMTP server

Wietse Venema
alexevon:
> Jun 13 02:51:10 alpha postfix/local[17763]: fatal: connect #11 to
> subsystem private/lmtp: Connection refused

You don't have an LMTP client

    lmtp unix .. .. .. .. .. lmtp

in your master.cf file, or your SeLinux/AppArmor/whatever 'security'
policy is not configured correctly.

        Wietse
Reply | Threaded
Open this post in threaded view
|

Re: Postfix LMTP to remote LMTP server

alexevon
Thank you for the feedback, however,in my master.cf I show:

#lmtp       unix  -       -       y       -       -       lmtp
lmtp       inet  n       n       n       -       -       lmtp -v

I only enabled the lmtp inet..



I am not running any SElinux or the like on this server...


Thank you.



On Thu, Jun 13, 2019 at 4:00 PM Wietse Venema <[hidden email]> wrote:
alexevon:
> Jun 13 02:51:10 alpha postfix/local[17763]: fatal: connect #11 to
> subsystem private/lmtp: Connection refused

You don't have an LMTP client

    lmtp unix .. .. .. .. .. lmtp

in your master.cf file, or your SeLinux/AppArmor/whatever 'security'
policy is not configured correctly.

        Wietse
Reply | Threaded
Open this post in threaded view
|

Re: Postfix LMTP to remote LMTP server

alexevon
disregard, I see what you mean.. to un-comment it..  I did that and it works now!

Thank you again!

Alex

On Thu, Jun 13, 2019 at 4:10 PM Alex Evonosky <[hidden email]> wrote:
Thank you for the feedback, however,in my master.cf I show:

#lmtp       unix  -       -       y       -       -       lmtp
lmtp       inet  n       n       n       -       -       lmtp -v

I only enabled the lmtp inet..



I am not running any SElinux or the like on this server...


Thank you.



On Thu, Jun 13, 2019 at 4:00 PM Wietse Venema <[hidden email]> wrote:
alexevon:
> Jun 13 02:51:10 alpha postfix/local[17763]: fatal: connect #11 to
> subsystem private/lmtp: Connection refused

You don't have an LMTP client

    lmtp unix .. .. .. .. .. lmtp

in your master.cf file, or your SeLinux/AppArmor/whatever 'security'
policy is not configured correctly.

        Wietse
Reply | Threaded
Open this post in threaded view
|

Re: Postfix LMTP to remote LMTP server

Wietse Venema
In reply to this post by alexevon
alexevon:
> Jun 13 02:51:10 alpha postfix/local[17763]: fatal: connect #11 to
> subsystem private/lmtp: Connection refused

Wietse:
> You don't have an LMTP client
>
>     lmtp unix .. .. .. .. .. lmtp
>
> in your master.cf file, or your SeLinux/AppArmor/whatever 'security'
> policy is not configured correctly.

Alex Evonosky:
> Thank you for the feedback, however,in my master.cf I show:
>
> #lmtp       unix  -       -       y       -       -       lmtp
> lmtp       inet  n       n       n       -       -       lmtp -v
>
> I only enabled the lmtp inet..

I repeat, you don't have an LMTP client

    lmtp unix .. .. .. .. .. lmtp

That is the service in the error message

        Wietse
Reply | Threaded
Open this post in threaded view
|

Re: Postfix LMTP to remote LMTP server

Viktor Dukhovni
In reply to this post by alexevon
> On Jun 13, 2019, at 4:10 PM, Alex Evonosky <[hidden email]> wrote:
>
> Thank you for the feedback, however,in my master.cf I show:
>
> #lmtp       unix  -       -       y       -       -       lmtp
> lmtp       inet  n       n       n       -       -       lmtp -v
>
> I only enabled the lmtp inet..

You MUST remove the "lmtp inet" entry.  The Postfix lmtp(8)
delivery agent is NOT an LMTP server, and MUST NOT be exposed
over TCP to external clients.

--
        Viktor.

Reply | Threaded
Open this post in threaded view
|

Re: Postfix LMTP to remote LMTP server

alexevon
Thank you for the reply.  Will remove.



Sent from my Pixel 3XL
   

On Thu, Jun 13, 2019, 5:18 PM Viktor Dukhovni <[hidden email]> wrote:
> On Jun 13, 2019, at 4:10 PM, Alex Evonosky <[hidden email]> wrote:
>
> Thank you for the feedback, however,in my master.cf I show:
>
> #lmtp       unix  -       -       y       -       -       lmtp
> lmtp       inet  n       n       n       -       -       lmtp -v
>
> I only enabled the lmtp inet..

You MUST remove the "lmtp inet" entry.  The Postfix lmtp(8)
delivery agent is NOT an LMTP server, and MUST NOT be exposed
over TCP to external clients.

--
        Viktor.