Hello Viktor 30. Jan 2015 16:05 by postfix-us...@dukhovni.org:
> > http://www.postfix.org/postconf.5.html#check_ccert_access > I did it with this option for Postfix server #2 config. I need to have the opportunity to set many relay clients some day so I use the access map. I also set the unique port to listen for the relay AUTH using TLS cert check so there is no conflict with the other ports and the options they are set with. The unique port to listen to for TLS cert AUTH on # server is 9443. I can check this now with simple telnet telnet XX.XX.XX.XX 9443 Trying XX.XX.XX.XX.... Connected to XX.XX.XX.XX. Escape character is '^]'. So now in the Postfix #1 relay client configuration I set - relay_transport = relay2:[XX.XX.XX.XX]:25 + relay_transport = relay2:[XX.XX.XX.XX]:9443 so to use the unique port for the SASL. Remember that when the relay is to relay2:[XX.XX.XX.XX]:25 with no AUTH then the mail is delivering okay. And now I send a usual test message again. I send it from a third party ISP that I know is good mail provider with not SMTP mistakes like I may be making. Just to remove that as uncertainty step. But now the message stops and does not deliver Jan 30 18:23:21 srchsvr PF-in/postscreen[19816]: CONNECT from [66.111.4.25]:45304 to [YY.YY.YY.YY]:25 Jan 30 18:23:21 srchsvr PF-in/postscreen[19816]: PASS OLD [66.111.4.25]:45304 Jan 30 18:23:21 srchsvr PF-in/smtpd[19817]: connect from http://out1-smtp.messagingengine.com[66.111.4.25] Jan 30 18:23:21 srchsvr PF-in/smtpd[19817]: C2C7C3E158: client=http://out1-smtp.messagingengine.com[66.111.4.25] Jan 30 18:23:22 srchsvr PF-in/cleanup[19823]: C2C7C3E158: message-id=<9698787676.1979693.266987298.2c96c...@webmail.messagingengine.com> Jan 30 18:23:22 srchsvr PF-in/qmgr[19668]: C2C7C3E158: from=<xx...@fastmail.com>, size=1912, nrcpt=1 (queue active) Jan 30 18:23:22 srchsvr PF-in/smtpd[19817]: disconnect from http://out1-smtp.messagingengine.com[66.111.4.25] Jan 30 18:23:22 srchsvr PF-out/smtpd[19825]: connect from srchsvr.ZZZZ.ZZZ[127.0.0.1] Jan 30 18:23:22 srchsvr PF-out/smtpd[19825]: 160973C11E: client=srchsvr.ZZZZ.ZZZ[127.0.0.1] Jan 30 18:23:22 srchsvr PF-out/cleanup[19828]: 160973C11E: message-id=<9698787676.1979693.266987298.2c96c...@webmail.messagingengine.com> Jan 30 18:23:22 srchsvr PF-out/smtpd[19825]: disconnect from srchsvr.ZZZZ.ZZZ[127.0.0.1] Jan 30 18:23:22 srchsvr PF-in/smtp[19824]: C2C7C3E158: to=<srcht...@clientdomain.com>, relay=127.0.0.1[127.0.0.1]:10026, delay=0.44, delays=0.41/0.01/0.01/0.01, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 160973C11E) Jan 30 18:23:22 srchsvr PF-out/qmgr[19738]: 160973C11E: from=<xx...@fastmail.com>, size=2110, nrcpt=1 (queue active) Jan 30 18:23:22 srchsvr PF-in/qmgr[19668]: C2C7C3E158: removed Then there is a total quiet wait for a minute. Exactly one. Then only one more log info Jan 30 18:24:22 srchsvr PF-out/relay2/smtp[19829]: 160973C11E: to=<srcht...@clientdomain.com>, relay=XX.XX.XX.XX[XX.XX.XX.XX]:9443, delay=60, delays=0.01/0.01/60/0, dsn=4.4.2, status=deferred (lost connection with XX.XX.XX.XX[XX.XX.XX.XX] while receiving the initial server greeting) This is the only log info. For the #1 relay client side. There is nothing in the #2 server side. It is like there is no contact. I have changed the http://master.cf for PF-out to 'qmgr -v' and 'relay2 ... smtp -v' to may be see why the delay is so long or why is stops now. But in so far time I have no ideas. I will walk again through the details to do the debugging. But I can only do that if I have some right details. What is the place to look for the diagnosis? *S*