升级到 18.04 后,Ubuntu 服务器出现 Postfiix 启动问题

升级到 18.04 后,Ubuntu 服务器出现 Postfiix 启动问题

一开始怀疑是互联网问题,现在看来是 postfix 的问题,希望有人能帮我解决?

我的 amazon AWS 似乎出现了一些随机连接问题,我升级了 2 台服务器。一台家庭服务器通过 SSH,我的 amazon 服务器通过 SSH 相继升级。

我的家庭服务器连接互联网没有问题,但我的亚马逊似乎最近才出现问题。

我在 MOTD 中注意到了这个代码并开始调查。

我可以通过 SSH 顺利连接,似乎检查了“一些”更新,列表似乎很短,但使用 apt 没有任何失败

Failed to connect to https://changelogs.ubuntu.com/meta-release-lts. Check     your Internet connection or proxy settings


Last login: Sun Sep 23 12:19:05 2018 from 212.159.70.59
ubuntu@ip-***-**-**-**:~$ ping https://changelogs.ubuntu.com/meta-release-    lts
ping: https://changelogs.ubuntu.com/meta-release-lts: Name or service not     known
ubuntu@ip-***-**-**-**:~$ ping ubuntu.com
PING ubuntu.com (91.189.94.40) 56(84) bytes of data.

--- ubuntu.com ping statistics ---
68 packets transmitted, 0 received, 100% packet loss, time 68613ms

ubuntu@ip-***-**-**-**:~$ ping google.com
PING google.com (216.58.195.78) 56(84) bytes of data.
^C
--- google.com ping statistics ---
14 packets transmitted, 0 received, 100% packet loss, time 13292ms

ubuntu@ip-***-**-**-**:~$ sudo apt update
Hit:1 http://us-west-2.ec2.archive.ubuntu.com/ubuntu bionic InRelease
Hit:2 http://us-west-2.ec2.archive.ubuntu.com/ubuntu bionic-updates     InRelease
Hit:3 http://us-west-2.ec2.archive.ubuntu.com/ubuntu bionic-backports     InRelease
Hit:4 http://security.ubuntu.com/ubuntu bionic-security InRelease              
Reading package lists... Done                      
Building dependency tree      
Reading state information... Done
All packages are up to date.
ubuntu@ip-***-**-**-**:~$

有人可以帮忙吗?

我已经在 ssl-tools 上检查了我的邮件服务器,连接正常。我一直在接收电子邮件,但刚刚发现我无法发送电子邮件。

编辑1

我以为可能是防火墙的问题,因为只有传入连接受到影响,然后出现了这个

ubuntu@ip-***-**-**-**:~$ sudo ufw status
WARN: Duplicate profile 'Dovecot IMAP', using last found
WARN: Duplicate profile 'Dovecot Secure IMAP', using last found
WARN: Duplicate profile 'Dovecot POP3', using last found
WARN: Duplicate profile 'Dovecot Secure POP3', using last found
Status: inactive
ubuntu@ip-***-**-**-**:~$

编辑2

我现在实际上认为这是一个 Postfix 问题。我无法启动 Postfix?

systemctl 状态后缀-l

● postfix.service - Postfix Mail Transport Agent
   Loaded: loaded (/lib/systemd/system/postfix.service; enabled; vendor     preset: 
   Active: active (exited) since Mon 2018-10-01 18:38:57 BST; 2h 34min ago
 Main PID: 1379 (code=exited, status=0/SUCCESS)
    Tasks: 0 (limit: 1108)
   CGroup: /system.slice/postfix.service

Oct 01 18:38:57 mail.**********.com systemd[1]: Starting Postfix     Mail Tra
Oct 01 18:38:57 mail.**********.com systemd[1]: Started Postfix Mail Tran

如你所见(Active:活动(已退出))

编辑3

尾部 /var/log/mail.log

Oct  8 19:06:07 mail postfix/smtpd[8803]: Anonymous TLS connection  established from mail133-16.atl131.mandrillapp.com[198.2.133.16]: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)
Oct  8 19:06:07 mail postfix/smtpd[8803]: warning: SASL: Connect to private/dovecot-auth failed: Connection refused
Oct  8 19:06:07 mail postfix/smtpd[8803]: fatal: no SASL authentication mechanisms
Oct  8 19:06:08 mail postfix/master[8206]: warning: process /usr/lib/postfix/sbin/smtpd pid 8803 exit status 1
Oct  8 19:06:08 mail postfix/master[8206]: warning: /usr/lib/postfix/sbin/smtpd: bad command startup -- throttling
Oct  8 19:07:48 mail postfix/anvil[8805]: statistics: max connection rate 1/60s for (smtpd:198.2.133.16) at Oct  8 19:06:07
Oct  8 19:07:48 mail postfix/anvil[8805]: statistics: max connection count 1 for (smtpd:198.2.133.16) at Oct  8 19:06:07
Oct  8 19:07:48 mail postfix/anvil[8805]: statistics: max cache size 1 at Oct  8 19:06:07
Oct  8 19:07:50 mail dovecot: auth: passwd-file(*******@******.com,177.10.197.76,<2BSQf7t3su2xCsVM>): Password mismatch
Oct  8 19:07:55 mail dovecot: imap-login: Disconnected (auth failed, 1 attempts in 9 secs): user=<*******@******.com>, method=PLAIN, rip=177.10.197.76, lip=172.31.43.31, TLS, session=<2BSQf7t3su2xCsVM>

后配置-n

alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = yes
canonical_maps = hash:/etc/postfix/canonical
default_destination_concurrency_limit = 5
disable_vrfy_command = yes
dovecot_destination_recipient_limit = 1
home_mailbox = Maildir/
inet_interfaces = all
inet_protocols = all
mailbox_command = /usr/lib/dovecot/deliver -c /etc/dovecot/conf.d/99-mail-    stack-delivery.conf -m "${EXTENSION}"
mailbox_size_limit = 0
message_size_limit = 104857600
mydestination = **********.com, localhost, mail.**********.com, localhost.**********.com
myhostname = mail.**********.com
mynetworks = 127.0.0.0/8 192.168.0.0/24 [::ffff:127.0.0.0]/104 [::1]/128
myorigin = /etc/mailname
postscreen_access_list = permit_mynetworks
postscreen_dnsbl_action = enforce
postscreen_dnsbl_sites = zen.spamhaus.org, b.barracudacentral.org, bl.spamcop.net
postscreen_greet_action = enforce
readme_directory = no
recipient_delimiter = +
relay_destination_concurrency_limit = 1
relayhost =
smtp_tls_note_starttls_offer = yes
smtp_tls_security_level = may
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks,reject_non_fqdn_helo_hostname,     reject_invalid_helo_hostname,reject_unknown_helo_hostname, permit
smtpd_recipient_restrictions = reject_unknown_client_hostname,reject_unknown_sender_domain, reject_unknown_recipient_domain,reject_unauth_pipelining, permit_mynetworks,permit_sasl_authenticated, reject_unauth_destination,reject_invalid_hostname, reject_non_fqdn_sender
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_path = private/dovecot-auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_sender_login_maps = $virtual_mailbox_maps
smtpd_sender_restrictions = reject_unknown_sender_domain,reject_sender_login_mismatch
smtpd_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
smtpd_tls_ask_ccert = yes
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/letsencrypt/live/mail.**********.com/fullchain.pem
smtpd_tls_ciphers = high
smtpd_tls_key_file = /etc/letsencrypt/live/mail.**********.com/privkey.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
unknown_address_reject_code = 550
unknown_client_reject_code = 550
unknown_hostname_reject_code = 550
virtual_alias_maps = hash:/etc/postfix/virtual
virtual_mailbox_domains = hash:/etc/postfix/virtual-mailbox-domains
virtual_mailbox_maps = hash:/etc/postfix/virtual-mailbox-users
virtual_transport = dovecot

doveconf-n

# 2.2.33.2 (d6601f4ec): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.21 (92477967)
# OS: Linux 4.15.0-36-generic x86_64 Ubuntu 18.04.1 LTS ext4
auth_mechanisms = plain login
auth_verbose = yes
mail_home = /var/mail/vmail/%d/%n
mail_location = maildir:/var/mail/vmail/%d/%n/mail:LAYOUT=fs
mail_privileged_group = mail
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character     vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext
namespace inbox {
  inbox = yes
  location = 
  mailbox Drafts {
    auto = subscribe
    special_use = \Drafts    
  }
  mailbox Junk {
    auto = subscribe
    special_use = \Junk
  }
  mailbox Sent {
    auto = subscribe
    special_use = \Sent
  }
  mailbox "Sent Messages" {
    auto = subscribe
    special_use = \Sent
  }
  mailbox Trash {
    auto = subscribe
    special_use = \Trash
  }
  prefix = 
}
passdb {
  args = username_format=%u scheme=ssha512 /etc/dovecot/passwd.db
  driver = passwd-file
}
plugin {
  sieve = ~/.dovecot.sieve
  sieve_after = /var/mail/vmail/sieve-after
  sieve_before = /var/mail/vmail/sieve-before
  sieve_dir = ~/sieve
}
protocols = imap
service auth {
  unix_listener /var/spool/postfix/private/auth {
    group = postfix
    mode = 0660
    user = postfix
  }
}
ssl = required
ssl_cert = </etc/letsencrypt/live/mail.**********.com/fullchain.pem
ssl_cipher_list = ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AES:RSA+3DES:!ADH:!AECDH:!MD5:!DSS
ssl_client_ca_dir = /etc/ssl/certs
ssl_key =  # hidden, use -P to show it
userdb {
  args = uid=5000 gid=5000 home=/var/mail/vmail/%d/%n
  driver = static
}
protocol lda {
  deliver_log_format = msgid=%m: %$
  mail_plugins = sieve
  postmaster_address = postmaster@**********.com
  quota_full_tempfail = yes
  rejection_reason = Your message to <%t> was automatically rejected:%n%r
}
protocol imap {
  imap_client_workarounds = delay-newmail tb-extra-mailbox-sep
  mail_max_userip_connections = 10
}

编辑 4 作为评论

sudo ss -nlt'运动=25'

State                      Recv-Q                      Send-Q                                            Local Address:Port                                           Peer Address:Port                     
LISTEN                     0                           100                                                     0.0.0.0:25                                                  0.0.0.0:*                        
LISTEN                     0                           100                                                        [::]:25                                                     [::]:*                                      

编辑5

sudo tail -n10 -f /var/log/mail.err

浏览日志文件时注意到了这一点。不确定我是否在尝试“修复”时破坏了某些东西

Oct  8 21:06:53 mail postfix/smtpd[9357]: fatal: no SASL authentication mechanisms
Oct  8 21:07:54 mail postfix/smtpd[9360]: fatal: no SASL authentication mechanisms
Oct  8 21:21:55 mail postfix/smtpd[9442]: fatal: no SASL authentication mechanisms
Oct  8 21:25:13 mail postfix/smtpd[9456]: fatal: no SASL authentication mechanisms
Oct  8 21:31:39 mail postfix/smtpd[9473]: fatal: no SASL authentication mechanisms
Oct  8 21:34:36 mail dovecot: doveadm: Error: This is Dovecot's error log (1539030876)
Oct  8 21:34:36 mail dovecot: doveadm: Fatal: This is Dovecot's fatal log (1539030876)
Oct  8 21:34:47 mail dovecot: doveadm: Error: This is Dovecot's error log (1539030887)
Oct  8 21:34:47 mail dovecot: doveadm: Fatal: This is Dovecot's fatal log (1539030887)
Oct  8 21:36:58 mail postfix/smtpd[9576]: fatal: no SASL authentication mechanisms
Oct  8 21:40:17 mail postfix/smtpd[9701]: fatal: no SASL authentication mechanisms

有人能帮帮我吗?我快抓狂了 :(

谢谢

答案1

因此您实际上没有遇到 Postfix“启动”问题。

根据命令的输出ss,有一些东西在监听端口 25 - 很可能是 Postfix。

你的问题问题是你没有正确配置 SMTP 等身份验证。这需要你检查你的 Dovecot 配置您的 Postfix 配置并正确配置它们。您可能需要查看Digital Ocean 指南:使用 Dovecot 的 POstfix 电子邮件服务器正确设置 Postfix 和 Dovecot 的配置,以便正确将 SASL 身份验证后端移交给 Dovecot。但是,我不知道您是否遵循了其他指南,如果您确实使用过其他指南,那么您应该查看您正在遵循的任何指南,以尝试诊断其中的核心问题,因为您可能错过了某个步骤或配置错误。

相关内容