warning: TLS library problem und auth-worker: mysql(localhost)

Dieses Thema im Forum "Server Administration" wurde erstellt von wasdim, 10. Mai 2014.

  1. wasdim

    wasdim Member

    Hallo Community

    Nach der Anleitung von:
    Der Perfekte Server - Ubuntu 12.04 LTS (Apache2, BIND, Dovecot, ISPConfig 3)

    Bei mir erscheint sporadisch folgende log Meldungen:

    postfix/smtpd[18451]: warning: TLS library problem: 18451:error:1409442E:SSL routines:SSL3_READ_BYTES:tlsv1 alert protocol version:s3_pkt.c:1260:SSL alert number 70:
    May 10 20:36:45 server1 postfix/smtpd[19495]: warning: TLS library problem: 19495:error:1409442E:SSL routines:SSL3_READ_BYTES:tlsv1 alert protocol version:s3_pkt.c:1260:SSL alert number 70:

    und

    auth-worker: mysql(localhost): Connected to database dbispconfig
    May 10 20:37:47 server1 dovecot: auth-worker: mysql(localhost): Connected to database dbispconfig

    Danke für die Hilfe im Voraus
     
    Zuletzt bearbeitet: 10. Mai 2014
  2. Till

    Till Administrator

    poste mal die postfix master.cf datei.

    Das ist keine warnung sodern eine erfolgsmeldung ;)
     
  3. wasdim

    wasdim Member

    Hallo Till

    Blöde frage wie mache ich das bin ja Anfänger!

    Wie Kopiere ich diese master.conf

    Danke für deine Hilfe
     
  4. wasdim

    wasdim Member

    # Postfix master process configuration file. For details on the format
    # of the file, see the master(5) manual page (command: "man 5 master").
    #
    # Do not forget to execute "postfix reload" after editing this file.
    #
    # ==========================================================================
    # service type private unpriv chroot wakeup maxproc command + args
    # (yes) (yes) (yes) (never) (100)
    # ==========================================================================


    smtp inet n - - - - smtpd
    #smtp inet n - - - 1 postscreen
    #smtpd pass - - - - - smtpd
    #dnsblog unix - - - - 0 dnsblog
    #tlsproxy unix - - - - 0 tlsproxy
    submission inet n - - - - smtpd
    -o syslog_name=postfix/submission
    # -o smtpd_tls_security_level=encrypt
    -o smtpd_sasl_auth_enable=yes
    -o smtpd_client_restrictions=permit_sasl_authenticated,reject
    # -o milter_macro_daemon_name=ORIGINATING
    smtps inet n - - - - smtpd
    -o syslog_name=postfix/smtps
    -o smtpd_tls_wrappermode=yes
    -o smtpd_sasl_auth_enable=yes
    -o smtpd_client_restrictions=permit_sasl_authenticated,reject
    # -o milter_macro_daemon_name=ORIGINATING
    #628 inet n - - - - qmqpd
    pickup fifo n - n 60 1 pickup

    -o content_filter=
    -o receive_override_options=no_header_body_checks

    cleanup unix n - n - 0 cleanup
    qmgr fifo n - n 300 1 qmgr
    #qmgr fifo n - n 300 1 oqmgr
    tlsmgr unix - - - 1000? 1 tlsmgr
    rewrite unix - - - - - trivial-rewrite
    bounce unix - - - - 0 bounce
    defer unix - - - - 0 bounce
    trace unix - - - - 0 bounce
    verify unix - - - - 1 verify
    flush unix n - - 1000? 0 flush
    proxymap unix - - n - - proxymap
    proxywrite unix - - n - 1 proxymap
    smtp unix - - n - - smtp
    relay unix - - - - - smtp
    # -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
    showq unix n - - - - showq
    error unix - - - - - error
    retry unix - - - - - error
    discard unix - - - - - discard
    local unix - n n - - local
    virtual unix - n n - - virtual
    lmtp unix - - - - - lmtp
    anvil unix - - - - 1 anvil
    scache unix - - - - 1 scache
    #
    # ====================================================================
    # Interfaces to non-Postfix software. Be sure to examine the manual
    # pages of the non-Postfix software to find out what options it wants.
    #
    # Many of the following services use the Postfix pipe(8) delivery
    # agent. See the pipe(8) man page for information about ${recipient}
    # and other message envelope options.
    # ====================================================================
    #
    # maildrop. See the Postfix MAILDROP_README file for details.
    # Also specify in main.cf: maildrop_destination_recipient_limit=1
    #
    maildrop unix - n n - - pipe

    flags=DRhu user=vmail argv=/usr/bin/maildrop -d vmail ${extension} ${recipien$
    #
    # ====================================================================
    #
    # Recent Cyrus versions can use the existing "lmtp" master.cf entry.
    #
    # Specify in cyrus.conf:
    # lmtp cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4
    #
    # Specify in main.cf one or more of the following:
    # mailbox_transport = lmtp:inet:localhost
    # virtual_transport = lmtp:inet:localhost
    #
    # ====================================================================
    #
    # Cyrus 2.1.5 (Amos Gouaux)
    # Also specify in main.cf: cyrus_destination_recipient_limit=1
    #
    #cyrus unix - n n - - pipe
    # user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
    #
    # ====================================================================
    # Old example of delivery via Cyrus.

    #old-cyrus unix - n n - - pipe
    # flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
    #
    # ====================================================================
    #
    # See the Postfix UUCP_README file for configuration details.
    #
    uucp unix - n n - - pipe
    flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
    #
    # Other external delivery methods.
    #
    ifmail unix - n n - - pipe
    flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
    bsmtp unix - n n - - pipe
    flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
    scalemail-backend unix - n n - 2 pipe
    flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop}$
    mailman unix - n n - - pipe
    flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
    ${nexthop} ${user}

    dovecot unix - n n - - pipe
    flags=DROhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${$
    amavis unix - - - - 2 smtp
    -o smtp_data_done_timeout=1200

    -o smtp_send_xforward_command=yes

    127.0.0.1:10025 inet n - - - - smtpd
    -o content_filter=
    -o local_recipient_maps=
    -o relay_recipient_maps=
    -o smtpd_restriction_classes=
    -o smtpd_client_restrictions=
    -o smtpd_helo_restrictions=
    -o smtpd_sender_restrictions=
    -o smtpd_recipient_restrictions=permit_mynetworks,reject
    -o mynetworks=127.0.0.0/8
    -o strict_rfc821_envelopes=yes
    -o receive_override_options=no_unknown_recipient_checks,no_header_body_$
     
    Zuletzt bearbeitet: 12. Mai 2014
  5. wasdim

    wasdim Member

    Log ISP Config3

    May 12 10:40:02 server1 postfix/smtpd[14276]: connect from localhost.localdomain[127.0.0.1]
    May 12 10:40:02 server1 postfix/smtpd[14276]: lost connection after CONNECT from localhost.localdomain[127.0.0.1]
    May 12 10:40:02 server1 postfix/smtpd[14276]: disconnect from localhost.localdomain[127.0.0.1]
    May 12 10:40:02 server1 dovecot: imap-login: Disconnected (no auth attempts): rip=127.0.0.1, lip=127.0.0.1, secured
    May 12 10:40:48 server1 postfix/smtpd[14276]: connect from mailc-fd.linkedin.com[199.101.162.80]
    May 12 10:40:49 server1 postfix/smtpd[14276]: SSL_accept error from mailc-fd.linkedin.com[199.101.162.80]: 0
    May 12 10:40:49 server1 postfix/smtpd[14276]: warning: TLS library problem: 14276:error:1409442E:SSL routines:SSL3_READ_BYTES:tlsv1 alert protocol version:s3_pkt.c:1260:SSL alert number 70:
    May 12 10:40:49 server1 postfix/smtpd[14276]: lost connection after STARTTLS from mailc-fd.linkedin.com[199.101.162.80]
    May 12 10:40:49 server1 postfix/smtpd[14276]: disconnect from mailc-fd.linkedin.com[199.101.162.80]
     
  6. wasdim

    wasdim Member

    Hilfe

    Hallo Liebe Community

    Bin ich der Einzige der diese Problem hat.

    Im Voraus Danke für eure Hilfe.
     
  7. Till

    Till Administrator

    Erstell mal das ssl cert vom postfix neu. möglicherweise ist das defekt.
     
  8. wasdim

    wasdim Member

    Hallo Till

    Danke Till habe das Zertifikat neu erstehlt aber ohne erfolg!

    Was mir auch noch aufgefallen ist. Die Nachrichten in der mail/root lassen sich nicht leeren. Keine Berechtigung.

    Komisch
     
  9. wasdim

    wasdim Member

    Neue Log Meldung

    May 15 07:43:44 server1 postfix/smtpd[14509]: connect from mail-proxy-be-01.sunrise.ch[194.158.229.48]
    May 15 07:43:44 server1 postfix/smtpd[14509]: SSL_accept error from mail-proxy-be-01.sunrise.ch[194.158.229.48]: 0
    May 15 07:43:44 server1 postfix/smtpd[14509]: warning: TLS library problem: 14509:error:1409442E:SSL routines:SSL3_READ_BYTES:tlsv1 alert protocol version:s3_pkt.c:1260:SSL alert number 70:
    May 15 07:43:44 server1 postfix/smtpd[14509]: lost connection after STARTTLS from mail-proxy-be-01.sunrise.ch[194.158.229.48]
    May 15 07:43:44 server1 postfix/smtpd[14509]: disconnect from mail-proxy-be-01.sunrise.ch[194.158.229.48]
    May 15 07:45:02 server1 postfix/smtpd[14509]: connect from localhost.localdomain[127.0.0.1]
    May 15 07:45:02 server1 postfix/smtpd[14509]: lost connection after CONNECT from localhost.localdomain[127.0.0.1]
    May 15 07:45:02 server1 postfix/smtpd[14509]: disconnect from localhost.localdomain[127.0.0.1]
    May 15 07:45:02 server1 dovecot: imap-login: Disconnected (no auth attempts): rip=127.0.0.1, lip=127.0.0.1, secured
    May 15 07:45:02 server1 dovecot: pop3-login: Disconnected (no auth attempts): rip=127.0.0.1, lip=127.0.0.1, secured
    May 15 07:45:21 server1 postfix/smtpd[14509]: connect from mailman203-q0.be.tmpw.net[208.71.199.5]
    May 15 07:45:22 server1 postfix/smtpd[14509]: 4A6F7DC1C87: client=mailman203-q0.be.tmpw.net[208.71.199.5]
     
  10. wasdim

    wasdim Member

    Mail-Error - Log

    Habe neue Meldungen vom System:

    May 11 16:44:32 server1 dovecot: auth: Error: read(anvil-auth-penalty) failed: EOF
    May 11 18:58:02 server1 dovecot: auth: Error: read(anvil-auth-penalty) failed: EOF
    May 15 14:51:55 server1 dovecot: config: Fatal: Error in configuration file /etc/dovecot/dovecot.conf line 8: ssl_cert: Can't open file /etc/postfix/smtpd.cert: No such file or directory
    May 15 14:51:55 server1 dovecot: master: Error: service(config): command startup failed, throttling
    May 15 14:51:55 server1 dovecot: pop3-login: Fatal: Error reading configuration: read(/var/run/dovecot/config) failed: Connection reset by peer
    May 15 14:51:55 server1 dovecot: master: Error: service(pop3-login): command startup failed, throttling
    May 15 14:53:32 server1 dovecot: auth: Error: read(anvil-auth-penalty) failed: EOF

    Danke für die Hilfe
     
  11. Till

    Till Administrator

    Hast Du das sslsl cert von postfix unter einem anderen namen neu erstellt? Es muss /etc/postfix/smtpd.cert heißen, damit es in postfix und dovecot funktioniert und der key muss /etc/postfix/smtpd.key heißen.
     
  12. wasdim

    wasdim Member

    Hallo Till

    Danke für deine Hilfe wie aber schon erwähnt bin ich, was Linux angeht, ein absoluter leihe.
    Wäre es möglich mir da eine kleine Anleitung zugeben.

    Entschuldige das Ich, das leider alleine nicht ... fertigbringe

    Folgendes habe ich nun gemacht

    cd /etc/postfix/ mv smtpd.cert smtpd.cert.old mv smtpd.key smtpd.key.old openssl genrsa -out smtpd.key 2048 openssl req -new -x509 -key smtpd.key -out smtpd.cert -days 3650 chmod 640 smtpd.key /etc/init.d/postfix restart /etc/init.d/dovecot restart
    ist das so korrekt da fehlt noch was oder
     
    Zuletzt bearbeitet: 19. Mai 2014

Diese Seite empfehlen