Hello, I'm trying to migrate to a new setup, Debian 12 with Postfix 3.7 and Dovecot 2.3 using virtual mailbox domains. There are no local everyone is virtual. The first problem I'm seeing is the Postfix process is exiting:
#systemctl status postfix ? postfix.service - Postfix Mail Transport Agent Loaded: loaded (/lib/systemd/system/postfix.service; enabled; preset: e> Active: active (exited) since Wed 2023-07-19 15:02:03 EDT; 4s ago I suspect this is occurring because of this: 2023-07-19T15:19:58.474716-04:00 hostname postfix/master[41002]: warning: process /usr/lib/postfix/sbin/smtpd pid 41013 exit status 1 A few lines earlier: 2023-07-19T15:19:57.473608-04:00 hostname postfix/proxymap[41014]: warning: request for unapproved table: "unix:passwd.byname" 2023-07-19T15:19:57.473797-04:00 hostname postfix/proxymap[41014]: warning: to approve this table for read-only access, list proxy:unix:passwd.byname in main.cf:proxy_read_maps 2023-07-19T15:19:57.474399-04:00 hostname postfix/smtpd[41013]: fatal: proxymap service is not configured for table "unix:passwd.byname" I don't have that table listed in my proxy configuration. I'm also getting errors when atempting to access my sql aliases.cf configuration. That looks like this and it's looking like others: 2023-07-19T15:20:02.693395-04:00 hostname postfix/proxymap[41014]: error: open /etc/postfix/sql/aliases.cf: Permission denied 2023-07-19T15:20:02.700548-04:00 hostname postfix/proxymap[41014]: error: open /etc/postfix/sql/domains.cf: Permission denied 2023-07-19T15:20:02.701021-04:00 hostname postfix/proxymap[41014]: warning: mysql:/etc/postfix/sql/aliases.cf is unavailable. open /etc/postfix/sql/aliases.cf: Permission denied 2023-07-19T15:20:02.701791-04:00 hostname postfix/cleanup[41032]: warning: proxy:mysql:/etc/postfix/sql/aliases.cf lookup error for "r...@mail.example.com" I'm seeing issues with postfix local trying to get in to this whenever it does it tries to send to r...@mail.example.com. Given the above I would think anything wouldn't be working since domains.cf can't be found then receiving any email shouldn't work, sent a test message through and it does, if I send to a non-aliases address i.e. r...@domain.com does not work, yet u...@domain.com goes through just fine. Here's my master.cf file and a postconf -n output. Here's also a permissions of /etc/postfix/sql/*.cf. Any help appreciated. Thanks. Dave. #cat master.cf # # Postfix master process configuration file. For details on the format # of the file, see the master(5) manual page (command: "man 5 master" or # on-line: http://www.postfix.org/master.5.html). # # Do not forget to execute "postfix reload" after editing this file. # # ========================================================================== # service type private unpriv chroot wakeup maxproc command + args # (yes) (yes) (no) (never) (100) # ========================================================================== #smtp inet n - y - - smtpd smtp inet n - y - 1 postscreen smtpd pass - - y - - smtpd dnsblog unix - - y - 0 dnsblog tlsproxy unix - - y - 0 tlsproxy # Choose one: enable submission for loopback clients only, or for any client. #127.0.0.1:submission inet n - y - - smtpd submission inet n - y - - smtpd -o syslog_name=postfix/submission -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes -o smtpd_tls_auth_only=yes -o smtpd_reject_unlisted_recipient=no # Instead of specifying complex smtpd_<xxx>_restrictions here, # specify "smtpd_<xxx>_restrictions=$mua_<xxx>_restrictions" # here, and specify mua_<xxx>_restrictions in main.cf (where # "<xxx>" is "client", "helo", "sender", "relay", or "recipient"). -o smtpd_client_restrictions=$mua_client_restrictions -o smtpd_helo_restrictions= -o smtpd_sender_restrictions=$mua_sender_restrictions -o smtpd_relay_restrictions=$mua_relay_restrictions -o smtpd_recipient_restrictions=permit_sasl_authenticated,reject -o cleanup_service_name=submission-header-cleanup -o milter_macro_daemon_name=ORIGINATING # Choose one: enable submissions for loopback clients only, or for any client. #127.0.0.1:submissions inet n - y - - smtpd #submissions inet n - y - - smtpd # -o syslog_name=postfix/submissions # -o smtpd_tls_wrappermode=yes # -o smtpd_sasl_auth_enable=yes # -o smtpd_reject_unlisted_recipient=no # Instead of specifying complex smtpd_<xxx>_restrictions here, # specify "smtpd_<xxx>_restrictions=$mua_<xxx>_restrictions" # here, and specify mua_<xxx>_restrictions in main.cf (where # "<xxx>" is "client", "helo", "sender", "relay", or "recipient"). # -o smtpd_client_restrictions= # -o smtpd_helo_restrictions= # -o smtpd_sender_restrictions= # -o smtpd_relay_restrictions= # -o smtpd_recipient_restrictions=permit_sasl_authenticated,reject # -o milter_macro_daemon_name=ORIGINATING #628 inet n - y - - qmqpd pickup unix n - y 60 1 pickup cleanup unix n - y - 0 cleanup qmgr unix n - n 300 1 qmgr #qmgr unix n - n 300 1 oqmgr tlsmgr unix - - y 1000? 1 tlsmgr rewrite unix - - y - - trivial-rewrite bounce unix - - y - 0 bounce defer unix - - y - 0 bounce trace unix - - y - 0 bounce verify unix - - y - 1 verify flush unix n - y 1000? 0 flush proxymap unix - - n - - proxymap proxywrite unix - - n - 1 proxymap smtp unix - - y - - smtp relay unix - - y - - smtp -o syslog_name=postfix/$service_name # -o smtp_helo_timeout=5 -o smtp_connect_timeout=5 showq unix n - y - - showq error unix - - y - - error retry unix - - y - - error discard unix - - y - - discard local unix - n n - - local virtual unix - n n - - virtual lmtp unix - - y - - lmtp anvil unix - - y - 1 anvil scache unix - - y - 1 scache postlog unix-dgram n - n - 1 postlogd submission-header-cleanup unix n - n - 0 cleanup -o header_checks=regexp:/etc/postfix/submission_header_cleanup #postconf -n append_dot_mydomain = no biff = no compatibility_level = 3.7 disable_vrfy_command = yes inet_interfaces = 127.0.0.1, xxx.xxx.xxx.xxx mailbox_size_limit = 0 message_size_limit = 52428800 mydomain = example.com myhostname = mail.example.com mynetworks = 127.0.0.0/8 myorigin = $mydomain proxy_read_maps = proxy:mysql:/etc/postfix/sql/aliases.cf proxy:mysql:/etc/postfix/sql/accounts.cf proxy:mysql:/etc/postfix/sql/domains.cf proxy:mysql:/etc/postfix/sql/recipient-access.cf proxy:mysql:/etc/postfix/sql/sender-login-maps.cf proxy:mysql:/etc/postfix/sql/tls-policy.cf recipient_delimiter = + smtp_dns_support_level = dnssec smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt smtp_tls_ciphers = high smtp_tls_policy_maps = proxy:mysql:/etc/postfix/sql/tls-policy.cf smtp_tls_security_level = dane smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtpd_client_restrictions = permit_mynetworks reject_unknown_client_hostname smtpd_data_restrictions = reject_unauth_pipelining smtpd_helo_required = yes smtpd_helo_restrictions = permit_mynetworks reject_invalid_helo_hostname reject_non_fqdn_helo_hostname reject_unknown_helo_hostname smtpd_recipient_restrictions = check_recipient_access proxy:mysql:/etc/postfix/sql/recipient-access.cf smtpd_relay_restrictions = reject_non_fqdn_recipient reject_unknown_recipient_domain permit_mynetworks reject_unauth_destination smtpd_tls_auth_only = yes smtpd_tls_cert_file = /etc/ssl/example.com/example.com.fullchain.crt smtpd_tls_ciphers = high smtpd_tls_dh1024_param_file = /etc/postfix/dhparams.pem smtpd_tls_key_file = /etc/ssl/example.com/example.com.key smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1 smtpd_tls_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1 smtpd_tls_security_level = may smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache tls_high_cipherlist = ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384: ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384 tls_preempt_cipherlist = yes virtual_alias_maps = proxy:mysql:/etc/postfix/sql/aliases.cf virtual_mailbox_domains = proxy:mysql:/etc/postfix/sql/domains.cf virtual_mailbox_maps = proxy:mysql:/etc/postfix/sql/accounts.cf virtual_transport = lmtp:unix:private/dovecot-lmtp #ls -la /etc/postfix/sql total 32 drwxr-xr-x 2 root root 4096 Jul 19 15:18 ./ drwxr-xr-x 5 root root 4096 Jul 19 16:52 ../ -rw-r--r-- 1 root root 194 Jul 19 13:12 accounts.cf -rw-r--r-- 1 root root 562 Jul 19 15:18 aliases.cf -rw-r--r-- 1 root root 152 Jul 17 11:18 domains.cf -rw-r--r-- 1 root root 237 Jul 19 13:14 recipient-access.cf -rw-r--r-- 1 root root 390 Jul 19 13:18 sender-login-maps.cf -rw-r--r-- 1 root root 166 Jul 17 11:20 tls-policy.cf _______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org