Setting up a Postfix/Dovcot email server on Ubuntu 18.10, I can receive but not send mail from my client. I created the SSL for my server just fine with certbot using nginx.
This is the end result of a week of work following guides and examples, hopefully, this is the last hurdle.
Thanks for any help you can provide - the log / config files are below:
chuck@cow:/var/log$ sudo tail mail.log
Oct 30 16:23:46 cow postfix/smtpd[8011]: warning: TLS library problem: error:02001002:system library:fopen:No such file or directory:ā¦/crypto/bio/bss_file.c:290:fopen(ā/etc/letsencrypt/live/cow.MASK.com/fullchain.pem;ā,ārā):
Oct 30 16:23:46 cow postfix/smtpd[8011]: warning: TLS library problem: error:20074002:BIO routines:file_ctrl:system lib:ā¦/crypto/bio/bss_file.c:292:
Oct 30 16:23:46 cow postfix/smtpd[8011]: warning: TLS library problem: error:140DC002:SSL routines:use_certificate_chain_file:system lib:ā¦/ssl/ssl_rsa.c:615:
Oct 30 16:23:46 cow postfix/smtpd[8011]: warning: hostname bl28-67-120.dsl.telepac.pt does not resolve to address 37.189.67.120: Name or service not known
Oct 30 16:23:46 cow postfix/smtpd[8011]: connect from unknown[37.189.67.120]
Oct 30 16:23:47 cow postfix/smtpd[8011]: NOQUEUE: reject: RCPT from unknown[37.189.67.120]: 554 5.7.1 spameri@tiscali.it: Relay access denied; from=spameri@tiscali.it to=spameri@tiscali.it proto=ESMTP helo=
Oct 30 16:23:47 cow postfix/smtpd[8011]: disconnect from unknown[37.189.67.120] ehlo=1 mail=1 rcpt=0/1 rset=1 quit=1 commands=4/5
Oct 30 16:27:07 cow postfix/anvil[8013]: statistics: max connection rate 1/60s for (smtp:37.189.67.120) at Oct 30 16:23:46
Oct 30 16:27:07 cow postfix/anvil[8013]: statistics: max connection count 1 for (smtp:37.189.67.120) at Oct 30 16:23:46
Oct 30 16:27:07 cow postfix/anvil[8013]: statistics: max cache size 1 at Oct 30 16:23:46
main.cf
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no
append_dot_mydomain = no
readme_directory = no
compatibility_level = 2
smtpd_tls_cert_file=/etc/letsencrypt/live/cow.MASK.com/fullchain.pem;
smtpd_tls_key_file=/etc/letsencrypt/live/cow.MASK.com/privkey.pem;
smtpd_use_tls=yes
smtpd_tls_auth_only = yes
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes
unix:private/policyd-spf
reject_unauth_destiantion stays where it is.
policyd-spf_time_limit = 3600
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination, check_policy_service unix:private/policyd-spf
milter_default_action = accept
milter_protocol = 2
smtpd_milters = local:/opendkim/opendkim.sock
non_smtpd_milters = local:/opendkim/opendkim.sock
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
myhostname = cow.MASK.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = localhost
relayhost =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all
virtual_transport = lmtp:unix:private/dovecot-lmtp
virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf
virtual_alias_maps = mysql:/etc/postfix/mysql-virtual-alias-maps.cf
content_filter = scan:127.0.0.1:10026
receive_override_options = no_address_mappings
master.cf
smtp inet n - y - - smtpd
-o content_filter=spamassassin
submission inet n - y - - smtpd
-o syslog_name=postfix/submission
-o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
pickup unix n - y 60 1 pickup
cleanup unix n - y - 0 cleanup
qmgr unix n - n 300 1 qmgr
tlsmgr unix - - y 1000? 1 tlsmgr
rewrite unix - - y - - trivial-rewrite
bounce unix - - y - 0 bounce
defer unix - - y - 0 bounce
trace unix - - y - 0 bounce
verify unix - - y - 1 verify
flush unix n - y 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - y - - smtp
relay unix - - y - - smtp
-o syslog_name=postfix/$service_name
showq unix n - y - - showq
error unix - - y - - error
retry unix - - y - - error
discard unix - - y - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - y - - lmtp
anvil unix - - y - 1 anvil
scache unix - - y - 1 scache
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender recipient
scalemail-backend unix - n n - 2 pipe
flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store {nexthop} {user} {extension}
mailman unix - n n - - pipe
flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
{nexthop} {user}
spamassassin unix - n n - - pipe
user=spamd argv=/usr/bin/spamc -f -e
/usr/sbin/sendmail -oi -f {sender} {recipient}
scan unix - - n - 16 smtp
-o smtp_send_xforward_command=yes
127.0.0.1:10025 inet n - n - 16 smtpd
-o content_filter=
-o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
-o smtpd_helo_restrictions=
-o smtpd_client_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks_style=host
-o smtpd_authorized_xforward_hosts=127.0.0.0/8
policyd-spf unix - n n - 0 spawn
user=policyd-spf argv=/usr/bin/policyd-spf
** Mail Responce when setting up client **
Authenticate as SSL client failed.
You might be connecting to non SSL port -or- using incorrect SSL/TLS version.
Consider using TLS 1.2: client.SSLConfiguration.EnalbedSslProtocols=SslProtocols.Tls12;
Extra
Iām using port 587 in my client when trying to connect to the mail server for sending. It defaulted to port 465, but apparently, my postfix isnāt listening on that port, and I heard 465 is a legacy port anyway so I should use 587 instead.