Postfix cannot send email

[fred974]

Hello everyone,

I have installed Postfix on FreeBSD 10 with ZFS and when I tried to send and email, I got the following:

Jul 17 15:16:15 trinity postfix/smtp[77993]: CLIENT wrappermode (port smtps/465) is unimplemented
Jul 17 15:16:15 trinity postfix/smtp[77993]: instead, send to (port submission/587) with STARTTLS

Could anyone help please? For info, I use Zoho mail as my email provider.

 

[ShelLuser]

You're not giving enough information to allow us and even form a opinion on this problem; it could be pretty much anything.

My first response would be to stop trying to use port 465 and instead use the commonly used SMTP port (25); do so by telling Postfix to use your ISP's MTA as a relay host. You'd want to use the relayhost option for that (in /usr/local/etc/postfix/main.cf).

However (here is where the lack of information comes in); I'm now assuming that for some reason you can't use port 25 as outgoing (you might still want to test this yourself by using telnet) and thus tried to "avoid" the problem by using SMTPS (port 465).

I think this post in the Ubuntu forums can give you some very valuable information on this problem. Although the OS differs the implementation doesn't so much.

So provided that you are indeed trying to overcome a limitation of using the SMTP port then I'd look into that post. Also be sure to follow their testing procedures so that you can make sure that you really need to use this instead of the commonly used approach.

 

[fred974]

Hi @ShelLuser

Sorry for the lack of information,

Zoho mail only use port 465

IMAP Configuration details:
Incoming server: imap.zoho.com, Port: 993, SSL
Outgoing server: smtp.zoho.com, Port: 465, SSL

or

POP Configuration details:!
Incoming server: pop.zoho.com, Port: 995, SSL
Outgoing server: smtp.zoho.com, Port: 465, SSL

This is how I set up postfix:

make -C /usr/ports/mail/postfix BATCH=yes OPTIONS_FILE_SET="PCRE TLS SASL2" OPTIONS_FILE_UNSET="BDB CDB INST_BASE LDAP_SASL LMDB MYSQL NIS OPENLDAP PGSQL SPF SQLITE TEST VDA DOVECOT DOVECOT2 SASLKRB5 SASLKMIT" install clean

/usr/local/etc/postfix/main.cf

smtp_sasl_auth_enable = yes
relayhost = [smtp.zoho.com]:465
smtp_sasl_password_maps = hash:/usr/local/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
smtp_use_tls = yes

/usr/local/etc/postfix/sasl_passwd

[smtp.zoho.com]:465   serverstatus@mydomain.com:mysecretpassword

Then I ran:
chmod 400 /usr/local/etc/postfix/sasl_passwd
postmap /usr/local/etc/postfix/sasl_passwd
echo 'root: [email=serverstatus@etsitservices.com]serverstatus@etsitservices.com[/email]' >> /etc/mail/aliases
postalias /etc/aliases
newaliases

I tested postfix by running , sendmail -bv root and got the following in the /var/log/maillog

Jul 18 12:32:08 trinity sendmail[2687]: gethostbyaddr(192.168.0.185) failed: 1
Jul 18 12:32:08 trinity sendmail[2687]: gethostbyaddr(192.168.0.125) failed: 1
Jul 18 12:32:08 trinity sendmail[2687]: gethostbyaddr(192.168.0.130) failed: 1

192.168.0.185 => My FreeBSD HOST
192.168.0.125 => jail 1
192.168.0.130 => jail 2

If I do mail [email=fred@realdomain.co.uk]fred@realdomain.co.uk[/email], I get

Jul 18 12:41:48 trinity sendmail[2734]: s6ICfmPC002734: from=sysadmin, size=48, class=0, nrcpts=1, msgid=<201407181241.s6ICfmPC002734@trinity.realdomain.ltd>, relay=sysadmin@localhost
Jul 18 12:41:48 trinity postfix/smtpd[2736]: connect from localhost[127.0.0.1]
Jul 18 12:41:48 trinity postfix/smtpd[2736]: F39AB18167: client=localhost[127.0.0.1]
Jul 18 12:41:49 trinity postfix/cleanup[2739]: F39AB18167: message-id=<201407181241.s6ICfmPC002734@trinity.realdomain.ltd>
Jul 18 12:41:49 trinity sendmail[2734]: s6ICfmPC002734: to=fred@realdomain.co.uk, ctladdr=sysadmin (1001/1001), delay=00:00:01, xdelay=00:00:01, mailer=relay, pri=30048, relay=[127.0.0.1] [127.0.0.1], dsn=2.0
.0, stat=Sent (Ok: queued as F39AB18167)
Jul 18 12:41:49 trinity postfix/qmgr[2249]: F39AB18167: from=<sysadmin@trinity.realdomain.ltd>, size=590, nrcpt=1 (queue active)
Jul 18 12:41:49 trinity postfix/smtpd[2736]: disconnect from localhost[127.0.0.1]
Jul 18 12:41:49 trinity postfix/smtp[2740]: CLIENT wrappermode (port smtps/465) is unimplemented
Jul 18 12:41:49 trinity postfix/smtp[2740]: instead, send to (port submission/587) with STARTTLS

I hope I provided enough information to help you to help me.

Thank you in advance
Fred

 

[fred974]

Hi guys,

Could anyone point me in the right direction?

Thank you

 

[gkbsd]

Hello,

Where is your Postfix running? Inside which jail? It seems it cannot resolve names, and I also see it is using "127.0.0.1" as "relay" whereas that is not what is specified in your configuration file. I do not understand which jail does what, if you can give us a quick overview? Check that you can do correct DNS resolutions, with dig for instance (check your /etc/resolv.conf).

Regards,
Guillaume.

 

[ShelLuser]

From what I can tell the problem resides explicitly with Postfix not being able to utilize client wrapper mode, and as the logs suggest: use STARTTLS instead. Or a tunnel.

It looks to me as if you missed this part of the TLS_README.

Edit:

I forgot to mention... This is of course not something you can accomplish with only Postfix. You'll need security/stunnel for this as well. That program will set up the tunnel between your server and Zoho after which Postfix can utilize that tunnel to send its mail too.

 

[fred974]

Thank you for the replies, guys.

To reply to the question, the jails are not set[]up yet, only the network aliases are. Postfix is running on the host system.