Operating system: Debian
OS version: 8
Postfix Version: 2.11.3
My postfix stopped working now I can’t receive / send emails. The configuration check tells me nothing useful; it doesn’t indicate any errors (not obvious, no red text or error messages. Used a wide net - grep -iR postfix *.log > postfixGrepLogs.txt in /var/logs folder since I see no postfix log file).
I’ve been grepping the 2GB file of postfix log messages trying to find a clue but (looking for error, fail, start, exit, fatal. Only fatal returned a small number of hits which looks promising, will look into that further. Would be nice if the config check highlighted errors when there are any.
2GB of messages in log like these, which are probably normal as these are email relay rejections:
/usr/sbin/postconf: warning: /etc/postfix/master.cf: undefined parameter: mua_sender_restrictions
/usr/sbin/postconf: warning: /etc/postfix/master.cf: undefined parameter: mua_client_restrictions
/usr/sbin/postconf: warning: /etc/postfix/master.cf: undefined parameter: mua_helo_restrictions
/usr/sbin/postconf: warning: /etc/postfix/master.cf: undefined parameter: mua_sender_restrictions
/usr/sbin/postconf: warning: /etc/postfix/master.cf: undefined parameter: mua_helo_restrictions
/usr/sbin/postconf: warning: /etc/postfix/master.cf: undefined parameter: mua_sender_restrictions
/usr/sbin/postconf: warning: /etc/postfix/master.cf: undefined parameter: mua_client_restrictions
/usr/sbin/postconf: warning: /etc/postfix/master.cf: undefined parameter: mua_helo_restrictions
/usr/sbin/postconf: warning: /etc/postfix/main.cf: unused parameter: unknown_sender_reject_code=554
I found what I thought was the likely culprit when I found these in the logs:
fatal: bind 0.0.0.0 port 25: Address already in use
fatal: bind 0.0.0.0 port 465: Address already in use
According to netstat -tulpn, there are no listeners on those ports for any of the 3 IP addresses I use, so I contacted my hosting provider and they said they removed the SMTP block on my account. However the problem still occurs after rebooting as instructed by the hosting provider.
I added the lines you suggested by another user here on the forum but I believe the issue is lower level than that.
Looking at the file I created on Friday, I see:
fatal: bind x.x.x.121 port 465: Address already in use
fatal: bind x.x.x.215 port 25: Address already in use
The hosting provider says they unblocked “smtp”, but does that mean ports 465 AND 25? Checked just now and the error on port 465 is no longer found in the logs, so perhaps the cause is port 25. Since I only care about pop3 and smtp on port 465, how do I disable postfix’s use of port 25 in Virtualmin? I presume port 25 is only required on localhost, not externally, so binding to 0.0.0.0:25 rather than 127.0.0.1:25 should be the the proper config, but how is that set in virtualmin?
Oh crap! I reran the “Re-Check configuration” under Server Settings and it said:
Virtualmin is configured to setup DNS zones, but this system is not setup to use itself as a DNS server. Either add 127.0.0.1 to the list of DNS servers, or turn off the BIND feature on the Features and Plugins page.
… your system is not ready for use by Virtualmin.
So I added 127.0.0.1 to the list of DNS servers, and then I (somehow, not sure how) I came to a list of iinterfaces which showed all 3 of my dedicated IP addresses. The main IP eth0 and the 2 virtual IPs under it. The main one was not active, the other 2 were, so I checked the box for the main IP (x.x.x.215) and clicked apply and that severed all connections, both ssh & https to virtualmin.
Running an email server is complicated, and virtualmin doesn’t help doing so adequately. Perhaps is is better than other free servers, I don’t know. To be fair it has been pretty reliable over the last few years, but then this popped up and I’ve been without email service for days now.
Another issue I have when I say adequately is related to SSL certificates. IF LetsEncrypt certs are unreliable, and from what others say they are, then Virtualmin should recognize that and keep making attempts until certificates are obtained. I get notices all the time from Thunderbird that require an exception to connect to get email.
I’m restarting the server now to see if it will come back up and correct the networking issue.
Looks like the server restart restored the networking, so I can connect again.