Topic: Problem with iredapd
==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 1.0
- Deployed with iRedMail Easy or the downloadable installer?downlodable installer
- Linux/BSD distribution name and version: CentOs 7
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): LDAP
- Web server (Apache or Nginx):NGINX
- Manage mail accounts with iRedAdmin-Pro?No
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====
Hello,
I have problem with iredapd service.
When I enabled plugins that needs LDAP(my LDAP server is on second server with iRedMail 0.9.x on CentOs6), iredapd service freeze and i couldn't receive or send messages.
Related logs and configuration are:
iredapd.log
an 22 15:40:05 mail journal: iredapd [policy] client_address=81.92.117.44
Jan 22 15:40:05 mail journal: iredapd [policy] client_name=silicon-fofo.emv8.com
Jan 22 15:40:05 mail journal: iredapd [policy] reverse_client_name=silicon-fofo.emv8.com
Jan 22 15:40:05 mail journal: iredapd [policy] helo_name=silicon-fofo.emv8.com
Jan 22 15:40:05 mail journal: iredapd [policy] sender=iris@us.irislink.com
Jan 22 15:40:05 mail journal: iredapd [policy] recipient=xxx@mydomain
Jan 22 15:40:05 mail journal: iredapd [policy] recipient_count=0
Jan 22 15:40:05 mail journal: iredapd [policy] queue_id=
Jan 22 15:40:05 mail journal: iredapd [policy] instance=546b.5e285ec5.8d229.0
Jan 22 15:40:05 mail journal: iredapd [policy] size=0
Jan 22 15:40:05 mail journal: iredapd [policy] etrn_domain=
Jan 22 15:40:05 mail journal: iredapd [policy] stress=
Jan 22 15:40:05 mail journal: iredapd [policy] sasl_method=
Jan 22 15:40:05 mail journal: iredapd [policy] sasl_username=
Jan 22 15:40:05 mail journal: iredapd [policy] sasl_sender=
Jan 22 15:40:05 mail journal: iredapd [policy] ccert_subject=
Jan 22 15:40:05 mail journal: iredapd [policy] ccert_issuer=
Jan 22 15:40:05 mail journal: iredapd [policy] ccert_fingerprint=
Jan 22 15:40:05 mail journal: iredapd [policy] ccert_pubkey_fingerprint=
Jan 22 15:40:05 mail journal: iredapd [policy] encryption_protocol=
Jan 22 15:40:05 mail journal: iredapd [policy] encryption_cipher=
Jan 22 15:40:05 mail journal: iredapd [policy] encryption_keysize=0
Jan 22 15:40:05 mail journal: iredapd --> Apply plugin: reject_null_sender
Jan 22 15:40:05 mail journal: iredapd <-- Result: DUNNO
Jan 22 15:40:05 mail journal: iredapd --> Apply plugin: wblist_rdns
Jan 22 15:40:05 mail journal: iredapd All policy rDNS names: ['silicon-fofo.emv8.com', '.silicon-fofo.emv8.com', '.emv8.com', '.com']
Jan 22 15:40:05 mail journal: iredapd [SQL] Query whitelisted rDNS names: #012SELECT rdns#012 FROM wblist_rdns#012 WHERE rdns IN ('silicon-fofo.emv8.com', '.silicon-fofo.emv8.com', '.emv8.com', '.com') AND wb='W'#012 LIMIT 1
Jan 22 15:40:05 mail journal: iredapd [SQL] Query blacklisted rDNS names: #012SELECT rdns#012 FROM wblist_rdns#012 WHERE rdns IN ('silicon-fofo.emv8.com', '.silicon-fofo.emv8.com', '.emv8.com', '.com') AND wb='B'#012 LIMIT 1
Jan 22 15:40:05 mail journal: iredapd <-- Result: DUNNO
Jan 22 15:40:05 mail journal: iredapd --> Apply plugin: amavisd_wblist
Jan 22 15:40:05 mail journal: iredapd [LDAP] query target domain of given alias domain (us.irislink.com).
Jan 22 15:40:05 mail journal: iredapd [LDAP] query filter: ((&(objectClass=mailDomain)(accountStatus=active)(domainAliasName=us.irislink.com))) <---- at this point iredapd freeze
settings.py
ackend = 'ldap'
# Enabled plugins.
#plugins = ['reject_null_sender', 'wblist_rdns', 'reject_sender_login_mismatch', 'greylisting', 'throttle', 'amavisd_wblist', 'sql_alias_access_policy']
plugins = ['reject_null_sender', 'wblist_rdns', 'amavisd_wblist']MYNETWORKS = ['x.x.x.x', '127.0.0.1', 'x.x.x.x/24']
....
ldap_uri = 'ldap://second_server:389'
#ldap_uri = 'ldap://127.0.0.1:389'
ldap_basedn = 'o=domains,dc=mydomain,dc=com'
ldap_binddn = 'cn=vmail,dc=mydomain,dc=com'
ldap_bindpw = 'password'# For SQL (MySQL/MariaDB/PostgreSQL) backends, used to query mail accounts.
#vmail_db_server = '127.0.0.1'
#vmail_db_port = '3306'
#vmail_db_name = 'vmail'
#vmail_db_user = 'vmail'
#vmail_db_password = 'password'# For Amavisd policy lookup and white/blacklists.
amavisd_db_server = '127.0.0.1'
amavisd_db_port = '3306'
amavisd_db_name = 'amavisd'
amavisd_db_user = 'amavisd'
amavisd_db_password = 'password'# iRedAPD database, used for greylisting, throttle.
iredapd_db_server = '127.0.0.1'
iredapd_db_port = '3306'
iredapd_db_name = 'iredapd'
iredapd_db_user = 'iredapd'
iredapd_db_password = 'password'
postfix, main.cf
mtpd_helo_required = yes
smtpd_helo_restrictions =
permit_mynetworks
permit_sasl_authenticated
check_helo_access pcre:/etc/postfix/helo_access.pcre
reject_non_fqdn_helo_hostname
reject_unknown_helo_hostname# Sender restrictions
smtpd_sender_restrictions =
reject_non_fqdn_sender
reject_unlisted_sender
permit_mynetworks
permit_sasl_authenticated
reject_sender_login_mismatch
check_sender_access hash:/etc/postfix/sender_access
reject_unknown_sender_domain# Recipient restrictions
smtpd_recipient_restrictions =
reject_non_fqdn_recipient
reject_unlisted_recipient
check_policy_service inet:127.0.0.1:7777
check_recipient_access hash:/etc/postfix/recipient_access
check_sender_access hash:/etc/postfix/sender_access
permit_mynetworks
permit_sasl_authenticated
reject_unauth_destination
check_policy_service inet:127.0.0.1:12340# END-OF-MESSAGE restrictions
#smtpd_end_of_data_restrictions =
# check_policy_service inet:127.0.0.1:7777
...
I currently enable amavisd_wblist for testing. Without that plugin and reject_sender_login_mismatch and throttle all works fine.
Thanks in advance!
----
Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.