Topic: Problem with Iredmail & LXC containers
==== Required information ====
- iRedMail version (check /etc/iredmail-release): 0.9.5-1
- Linux/BSD distribution name and version: Ubuntu16.04
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): LDAP using AD
- Web server (Apache or Nginx): Apache
- Manage mail accounts with iRedAdmin-Pro? No
- Related log if you're reporting an issue: syslog
====
I'm going to start by saying that I'm using Iredmail installed in an LXC container using ProxmoxVE 4.0.
Ok since I installed Iredmail I've been detecting some huge problems in the postfix's queues behavior. The emails that for some reason (any reason) that are bounced or deferred are keep in the active queue. Here's an example of the logs for one of those emails:
Dec 6 22:05:42 iredmail postfix/smtpd[45309]: 0A5A1341553: client=iredmail.ish.local[127.0.0.1]
Dec 6 22:05:42 iredmail postfix/cleanup[45435]: 0A5A1341553: message-id=<ce4756b7cba0788dc20dbb3b07696f2e@ish.co.cu>
Dec 6 22:05:42 iredmail postfix/qmgr[45123]: 0A5A1341553: from=<yaxelin@ish.co.cu>, size=2920, nrcpt=1 (queue active)
Dec 6 22:05:42 iredmail amavis[45616]: (45616-03) Passed CLEAN {RelayedInternal}, ORIGINATING/MYNETS LOCAL [127.0.0.1]:44372 <yaxelin@ish.co.cu> -> <fctkd@inder.cu>, Queue-ID: 1EDBF3414B7, Message-ID: <ce4756b7cba0788dc20dbb3b07696f2e@ish.co.cu>, mail_id: bxZlHNvVJSqO, Hits: -1, size: 1864, queued_as: 0A5A1341553, dkim_new=dkim:ish.co.cu, 848 ms, Tests: [ALL_TRUSTED=-1]
Dec 6 22:05:42 iredmail postfix/smtp[45422]: 1EDBF3414B7: to=<fctkd@inder.cu>, relay=127.0.0.1[127.0.0.1]:10026, delay=1.8, delays=0.86/0/0/0.91, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 0A5A1341553)
Dec 6 22:05:42 iredmail postfix/smtp[45133]: warning: 0A5A1341553: defer service failure
Dec 6 22:05:42 iredmail postfix/smtp[45133]: 0A5A1341553: to=<fctkd@inder.cu>, relay=mailgate.inder.cu[200.55.139.237]:25, delay=0.33, delays=0.03/0/0.21/0.1, dsn=4.3.0, status=deferred (bounce or trace service failure)
Dec 6 22:05:42 iredmail postfix/bounce[46150]: 0A5A1341553: sender non-delivery notification: 6EB9D341584
Dec 6 22:05:42 iredmail postfix/qmgr[45123]: 0A5A1341553: status=deferred (bounce failed)
Dec 6 23:39:10 iredmail postfix/qmgr[45123]: 0A5A1341553: from=<yaxelin@ish.co.cu>, size=2920, nrcpt=1 (queue active)
Dec 6 23:39:28 iredmail postfix/smtp[6126]: warning: 0A5A1341553: defer service failure
Dec 6 23:39:28 iredmail postfix/smtp[6126]: 0A5A1341553: to=<fctkd@inder.cu>, relay=mailgate.inder.cu[200.55.139.237]:25, delay=5627, delays=5608/3.6/14/0.2, dsn=4.3.0, status=deferred (bounce or trace service failure)
It's clearly saying "defer service failure", and once I check the syslog I get this:
Dec 7 15:40:16 iredmail kernel: [2050318.672612] audit: type=1400 audit(1481125216.125:29313130): apparmor="DENIED" operation="file_perm" profile="lxc-container-default" name="private/bounce" pid=5659 comm="pipe" requested_mask="r" denied_mask="r" fsuid=106 ouid=0
Dec 7 15:40:16 iredmail postfix/pipe[48220]: warning: write/read private/bounce socket: Permission denied
Dec 7 15:40:16 iredmail postfix/pipe[48222]: warning: write/read private/bounce socket: Permission denied
Dec 7 15:40:16 iredmail postfix/pipe[48222]: warning: write/read private/defer socket: Permission denied
Dec 7 15:40:16 iredmail postfix/pipe[48220]: warning: write/read private/defer socket: Permission denied
Any ideas of what it could be? It seems to be related to postfix and lxc but I've used this combo before and this hasen't be a problem.
Doing some reading in the Internet I've found this discussion that may be of help.
----
Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.