1 (edited by mikey 2020-11-01 23:41:34)

Topic: Warning: problem talking to server 127.0.0.1:7777: Success

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 1.3 MARIADB edition
- Deployed with iRedMail Easy or the downloadable installer? downloadable
- Linux/BSD distribution name and version:  CentOS 7
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? Yes
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

Hello

I opened a topic before with the same error, I though this was fixed with a restart of iredapd, but it seems like the problem is now back.

When I run "sudo service iredapd restart" the problem is fixed for a little while.

I cannot receive mail from some companies, one being Steam. But most all mail works and comes through fine.

I am getting this error. Warning: problem talking to server 127.0.0.1:7777: Success

File: /var/log/maillog

Nov  1 15:04:47 ip-172.31.xxx.xxx postfix/smtpd[7278]: connect from smtp-04-tuk1.steampowered.com[208.64.202.43]
Nov  1 15:04:48 ip-172.31.xxx.xxx postfix/smtpd[7278]: Anonymous TLS connection established from smtp-04-tuk1.steampowered.com[208.64.202.43]: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)
Nov  1 15:04:48 ip-172.31.xxx.xxx postfix/smtpd[7278]: 4CPK8c4cYqzhrfX: client=smtp-04-tuk1.steampowered.com[208.64.202.43]
Nov  1 15:04:48 ip-172.31.xxx.xxx postfix/cleanup[7285]: 4CPK8c4cYqzhrfX: message-id=<E1kZEuV-0006ew-8E@smtp-04-tuk1.steampowered.com>
Nov  1 15:04:49 ip-172.31.xxx.xxx postfix/smtpd[7278]: warning: problem talking to server 127.0.0.1:7777: Success
Nov  1 15:04:49 ip-172.31.xxx.xxx postfix/smtpd[7278]: 4CPK8c4cYqzhrfX: reject: END-OF-MESSAGE from smtp-04-tuk1.steampowered.com[208.64.202.43]: 451 4.3.5 Server configuration problem; from=<noreply@steampowered.com> to=<xxxx@xxxx.co.uk> proto=ESMTP helo=<smtp-04-tuk1.steampowered.com>
Nov  1 15:04:49 ip-172.31.xxx.xxx postfix/smtpd[7278]: disconnect from smtp-04-tuk1.steampowered.com[208.64.202.43]
Nov  1 15:04:50 ip-172.31.xxx.xxx postfix/postscreen[7275]: CONNECT from [208.64.202.43]:54172 to [172.31.xxx.xxx]:25
Nov  1 15:04:50 ip-172.31.xxx.xxx postfix/postscreen[7275]: PASS OLD [208.64.202.43]:54172

Nov  1 15:04:50 ip-172.31.xxx.xxx postfix/smtpd[7278]: connect from smtp-04-tuk1.steampowered.com[208.64.202.43]
Nov  1 15:04:51 ip-172.31.xxx.xxx postfix/smtpd[7278]: Anonymous TLS connection established from smtp-04-tuk1.steampowered.com[208.64.202.43]: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)
Nov  1 15:04:51 ip-172.31.xxx.xxx postfix/smtpd[7278]: 4CPK8g3hhgzhrfX: client=smtp-04-tuk1.steampowered.com[208.64.202.43]
Nov  1 15:04:51 ip-172.31.xxx.xxx postfix/cleanup[7285]: 4CPK8g3hhgzhrfX: message-id=<E1kZEuV-0006ew-8E@smtp-04-tuk1.steampowered.com>
Nov  1 15:04:52 ip-172.31.xxx.xxx postfix/smtpd[7278]: warning: problem talking to server 127.0.0.1:7777: Success
Nov  1 15:04:52 ip-172.31.xxx.xxx postfix/smtpd[7278]: 4CPK8g3hhgzhrfX: reject: END-OF-MESSAGE from smtp-04-tuk1.steampowered.com[208.64.202.43]: 451 4.3.5 Server configuration problem; from=<noreply@steampowered.com> to=<xxxx@xxxx.co.uk> proto=ESMTP helo=<smtp-04-tuk1.steampowered.com>
Nov  1 15:04:52 ip-172.31.xxx.xxx postfix/smtpd[7278]: disconnect from smtp-04-tuk1.steampowered.com[208.64.202.43]

[centos@ip-172.31.xxx.xxx ~]$ sudo service iredapd status
Redirecting to /bin/systemctl status iredapd.service
● iredapd.service - iRedAPD (A simple posfix policy server)
   Loaded: loaded (/usr/lib/systemd/system/iredapd.service; enabled; vendor preset: disabled)
   Active: active (running) since Thu 2020-10-22 21:31:29 UTC; 1 weeks 2 days ago
 Main PID: 9609 (python3)
   CGroup: /system.slice/iredapd.service
           └─9609 /usr/bin/python3 /opt/iredapd/iredapd.py

Nov 01 15:04:48 ip-172.31.xxx.xxx.eu-west-2.compute.internal python3[9609]: iredapd [208.64.202.43] RCPT, noreply@steampowered.com -> xxxx@xxxx.co.uk, OK [sasl_username=, sender=noreply@steampowered.com, client_name=smtp-04-tuk1.steampowered.com, reverse_client_name=smtp-04-tuk1.steampowered.com, helo=smtp-04...
Nov 01 15:04:51 ip-172.31.xxx.xxx.eu-west-2.compute.internal python3[9609]: iredapd [208.64.202.43] Client network is whitelisted: cidr=208.64.202.32/27
Nov 01 15:04:51 ip-172.31.xxx.xxx.eu-west-2.compute.internal python3[9609]: iredapd Whitelisted: wblist=(1, 2, 'W')
Nov 01 15:04:51 ip-172.31.xxx.xxx.eu-west-2.compute.internal python3[9609]: iredapd [208.64.202.43] RCPT, noreply@steampowered.com -> xxxx@xxxx.co.uk, OK [sasl_username=, sender=noreply@steampowered.com, client_name=smtp-04-tuk1.steampowered.com, reverse_client_name=smtp-04-tuk1.steampowered.com, helo=smtp-04...
Nov 01 15:05:25 ip-172.31.xxx.xxx.eu-west-2.compute.internal python3[9609]: iredapd [208.64.202.46] Client network is whitelisted: cidr=208.64.202.32/27
Nov 01 15:05:25 ip-172.31.xxx.xxx.eu-west-2.compute.internal python3[9609]: iredapd Whitelisted: wblist=(1, 2, 'W')
Nov 01 15:05:25 ip-172.31.xxx.xxx.eu-west-2.compute.internal python3[9609]: iredapd [208.64.202.46] RCPT, noreply@steampowered.com -> xxxx@xxxx.co.uk, OK [sasl_username=, sender=noreply@steampowered.com, client_name=smtp-46.steampowered.com, reverse_client_name=smtp-46.steampowered.com, helo=smtp-46.steampowe...
Nov 01 15:05:50 ip-172.31.xxx.xxx.eu-west-2.compute.internal python3[9609]: iredapd [208.64.202.46] Client network is whitelisted: cidr=208.64.202.32/27
Nov 01 15:05:50 ip-172.31.xxx.xxx.eu-west-2.compute.internal python3[9609]: iredapd Whitelisted: wblist=(1, 2, 'W')
Nov 01 15:05:50 ip-172.31.xxx.xxx.eu-west-2.compute.internal python3[9609]: iredapd [208.64.202.46] RCPT, noreply@steampowered.com -> xxxx@xxxx.co.uk, OK [sasl_username=, sender=noreply@steampowered.com, client_name=smtp-46.steampowered.com, reverse_client_name=smtp-46.steampowered.com, helo=smtp-46.steampowe...
Hint: Some lines were ellipsized, use -l to show in full.
[centos@ip-172.31.xxx.xxx ~]$

[centos@ip-172.31.xxx.xxx ~]$ sudo service iredapd restart
Redirecting to /bin/systemctl restart iredapd.service
[centos@ip-172.31.xxx.xxx ~]$ sudo service iredapd status
Redirecting to /bin/systemctl status iredapd.service
● iredapd.service - iRedAPD (A simple posfix policy server)
   Loaded: loaded (/usr/lib/systemd/system/iredapd.service; enabled; vendor preset: disabled)
   Active: active (running) since Sun 2020-11-01 15:07:17 UTC; 2s ago
  Process: 7428 ExecStart=/usr/bin/python3 /opt/iredapd/iredapd.py (code=exited, status=0/SUCCESS)
 Main PID: 7433 (python3)
   CGroup: /system.slice/iredapd.service
           └─7433 /usr/bin/python3 /opt/iredapd/iredapd.py

Nov 01 15:07:17 ip-172.31.xxx.xxx.eu-west-2.compute.internal python3[7428]: iredapd Loading plugin (priority: 100): reject_null_sender
Nov 01 15:07:17 ip-172.31.xxx.xxx.eu-west-2.compute.internal python3[7428]: iredapd Loading plugin (priority: 99): wblist_rdns
Nov 01 15:07:17 ip-172.31.xxx.xxx.eu-west-2.compute.internal python3[7428]: iredapd Loading plugin (priority: 90): reject_sender_login_mismatch
Nov 01 15:07:17 ip-172.31.xxx.xxx.eu-west-2.compute.internal python3[7428]: iredapd Loading plugin (priority: 80): greylisting
Nov 01 15:07:17 ip-172.31.xxx.xxx.eu-west-2.compute.internal python3[7428]: iredapd Loading plugin (priority: 60): throttle
Nov 01 15:07:17 ip-172.31.xxx.xxx.eu-west-2.compute.internal python3[7428]: iredapd Loading plugin (priority: 50): sql_alias_access_policy
Nov 01 15:07:17 ip-172.31.xxx.xxx.eu-west-2.compute.internal python3[7428]: iredapd Loading plugin (priority: 40): amavisd_wblist
Nov 01 15:07:17 ip-172.31.xxx.xxx.eu-west-2.compute.internal python3[7428]: iredapd No SRS domain and/or secret strings in settings.py, not loaded.
Nov 01 15:07:17 ip-172.31.xxx.xxx.eu-west-2.compute.internal systemd[1]: Can't open PID file /run/iredapd.pid (yet?) after start: No such file or directory
Nov 01 15:07:17 ip-172.31.xxx.xxx.eu-west-2.compute.internal systemd[1]: Started iRedAPD (A simple posfix policy server).
[centos@ip-172.31.xxx.xxx ~]$

File: /var/log/maillog

Nov  1 15:08:00 ip-172.31.xxx.xxx postfix/postscreen[7446]: CONNECT from [208.64.202.46]:35649 to [172.31.xxx.xxx]:25
Nov  1 15:08:00 ip-172.31.xxx.xxx postfix/postscreen[7446]: PASS OLD [208.64.202.46]:35649
Nov  1 15:08:00 ip-172.31.xxx.xxx postfix/smtpd[7447]: connect from smtp-46.steampowered.com[208.64.202.46]
Nov  1 15:08:00 ip-172.31.xxx.xxx postfix/smtpd[7447]: Anonymous TLS connection established from smtp-46.steampowered.com[208.64.202.46]: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)
Nov  1 15:08:01 ip-172.31.xxx.xxx postfix/smtpd[7447]: 4CPKDK0k6Rz149Tr: client=smtp-46.steampowered.com[208.64.202.46]
Nov  1 15:08:01 ip-172.31.xxx.xxx postfix/cleanup[7456]: 4CPKDK0k6Rz149Tr: message-id=<E1kZExb-000CAw-SN@smtp-04-tuk1.steampowered.com>
Nov  1 15:08:01 ip-172.31.xxx.xxx postfix/qmgr[3716]: 4CPKDK0k6Rz149Tr: from=<noreply@steampowered.com>, size=8310, nrcpt=1 (queue active)
Nov  1 15:08:01 ip-172.31.xxx.xxx postfix/smtpd[7447]: disconnect from smtp-46.steampowered.com[208.64.202.46]
Nov  1 15:08:01 ip-172.31.xxx.xxx postfix/10025/smtpd[7466]: connect from mx1.xxxx.co.uk[127.0.0.1]
Nov  1 15:08:01 ip-172.31.xxx.xxx postfix/10025/smtpd[7466]: 4CPKDK2h2dzhrfX: client=mx1.xxxx.co.uk[127.0.0.1]
Nov  1 15:08:01 ip-172.31.xxx.xxx postfix/cleanup[7456]: 4CPKDK2h2dzhrfX: message-id=<E1kZExb-000CAw-SN@smtp-04-tuk1.steampowered.com>
Nov  1 15:08:01 ip-172.31.xxx.xxx postfix/qmgr[3716]: 4CPKDK2h2dzhrfX: from=<noreply@steampowered.com>, size=9070, nrcpt=1 (queue active)
Nov  1 15:08:01 ip-172.31.xxx.xxx postfix/10025/smtpd[7466]: disconnect from mx1.xxxx.co.uk[127.0.0.1]
Nov  1 15:08:01 ip-172.31.xxx.xxx amavis[4564]: (04564-01) Passed CLEAN {RelayedInbound}, [208.64.202.46]:35649 [208.64.200.141] ESMTP/ESMTP <noreply@steampowered.com> -> <xxxx@xxxx.co.uk>, (ESMTPS://[208.64.202.46]:35649 < smtp://208.64.200.141), Queue-ID: 4CPKDK0k6Rz149Tr, Message-ID: <E1kZExb-000CAw-SN@smtp-0$
Nov  1 15:08:01 ip-172.31.xxx.xxx amavis[4564]: (04564-01) Passed CLEAN, <noreply@steampowered.com> -> <xxxx@xxxx.co.uk>, Hits: -, tag=-100, tag2=6.2, kill=6.9, queued_as: 4CPKDK2h2dzhrfX, L/Y/0/0
Nov  1 15:08:01 ip-172.31.xxx.xxx postfix/amavis/smtp[7461]: 4CPKDK0k6Rz149Tr: to=<xxxx@xxxx.co.uk>, relay=127.0.0.1[127.0.0.1]:10024, delay=0.39, delays=0.22/0.01/0/0.16, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 4CPKDK2h2dzhrfX)
Nov  1 15:08:01 ip-172.31.xxx.xxx postfix/qmgr[3716]: 4CPKDK0k6Rz149Tr: removed
Nov  1 15:08:01 ip-172.31.xxx.xxx postfix/pipe[7467]: 4CPKDK2h2dzhrfX: to=<xxxx@xxxx.co.uk>, relay=dovecot, delay=0.09, delays=0.01/0.02/0/0.07, dsn=2.0.0, status=sent (delivered via dovecot service)
Nov  1 15:08:01 ip-172.31.xxx.xxx postfix/qmgr[3716]: 4CPKDK2h2dzhrfX: removed

File: /var/log/iredapd/iredapd.log

Nov  1 15:04:48 ip-172.31.xxx.xxx journal: iredapd [208.64.202.43] Client network is whitelisted: cidr=208.64.202.32/27
Nov  1 15:04:48 ip-172.31.xxx.xxx journal: iredapd Whitelisted: wblist=(1, 2, 'W')
Nov  1 15:04:48 ip-172.31.xxx.xxx journal: iredapd [208.64.202.43] RCPT, noreply@steampowered.com -> xxxx@xxxx.co.uk, OK [sasl_username=, sender=noreply@steampowered.com, client_name=smtp-04-tuk1.steampowered.com, reverse_client_name=smtp-04-tuk1.steampowered.com, helo=smtp-04-tuk1.steampowered.com, encryption_$
Nov  1 15:04:51 ip-172.31.xxx.xxx journal: iredapd [208.64.202.43] Client network is whitelisted: cidr=208.64.202.32/27
Nov  1 15:04:51 ip-172.31.xxx.xxx journal: iredapd Whitelisted: wblist=(1, 2, 'W')
Nov  1 15:04:51 ip-172.31.xxx.xxx journal: iredapd [208.64.202.43] RCPT, noreply@steampowered.com -> xxxx@xxxx.co.uk, OK [sasl_username=, sender=noreply@steampowered.com, client_name=smtp-04-tuk1.steampowered.com, reverse_client_name=smtp-04-tuk1.steampowered.com, helo=smtp-04-tuk1.steampowered.com, encryption_$
Nov  1 15:05:25 ip-172.31.xxx.xxx journal: iredapd [208.64.202.46] Client network is whitelisted: cidr=208.64.202.32/27
Nov  1 15:05:25 ip-172.31.xxx.xxx journal: iredapd Whitelisted: wblist=(1, 2, 'W')
Nov  1 15:05:25 ip-172.31.xxx.xxx journal: iredapd [208.64.202.46] RCPT, noreply@steampowered.com -> xxxx@xxxx.co.uk, OK [sasl_username=, sender=noreply@steampowered.com, client_name=smtp-46.steampowered.com, reverse_client_name=smtp-46.steampowered.com, helo=smtp-46.steampowered.com, encryption_protocol=TLSv1.$
Nov  1 15:05:50 ip-172.31.xxx.xxx journal: iredapd [208.64.202.46] Client network is whitelisted: cidr=208.64.202.32/27
Nov  1 15:05:50 ip-172.31.xxx.xxx journal: iredapd Whitelisted: wblist=(1, 2, 'W')
Nov  1 15:05:50 ip-172.31.xxx.xxx journal: iredapd [208.64.202.46] RCPT, noreply@steampowered.com -> xxxx@xxxx.co.uk, OK [sasl_username=, sender=noreply@steampowered.com, client_name=smtp-46.steampowered.com, reverse_client_name=smtp-46.steampowered.com, helo=smtp-46.steampowered.com, encryption_protocol=TLSv1.$
Nov  1 15:07:17 ip-172.31.xxx.xxx journal: iredapd Starting iRedAPD (version: 4.1, backend: mysql), listening on 127.0.0.1:7777.
Nov  1 15:07:17 ip-172.31.xxx.xxx journal: iredapd Loading plugin (priority: 100): reject_null_sender
Nov  1 15:07:17 ip-172.31.xxx.xxx journal: iredapd Loading plugin (priority: 99): wblist_rdns
Nov  1 15:07:17 ip-172.31.xxx.xxx journal: iredapd Loading plugin (priority: 90): reject_sender_login_mismatch
Nov  1 15:07:17 ip-172.31.xxx.xxx journal: iredapd Loading plugin (priority: 80): greylisting
Nov  1 15:07:17 ip-172.31.xxx.xxx journal: iredapd Loading plugin (priority: 60): throttle
Nov  1 15:07:17 ip-172.31.xxx.xxx journal: iredapd Loading plugin (priority: 50): sql_alias_access_policy
Nov  1 15:07:17 ip-172.31.xxx.xxx journal: iredapd Loading plugin (priority: 40): amavisd_wblist
Nov  1 15:07:17 ip-172.31.xxx.xxx journal: iredapd No SRS domain and/or secret strings in settings.py, not loaded.
Nov  1 15:08:01 ip-172.31.xxx.xxx journal: iredapd [208.64.202.46] Client network is whitelisted: cidr=208.64.202.32/27
Nov  1 15:08:01 ip-172.31.xxx.xxx journal: iredapd Whitelisted: wblist=(1, 2, 'W')
Nov  1 15:08:01 ip-172.31.xxx.xxx journal: iredapd [208.64.202.46] RCPT, noreply@steampowered.com -> xxxx@xxxx.co.uk, OK [sasl_username=, sender=noreply@steampowered.com, client_name=smtp-46.steampowered.com, reverse_client_name=smtp-46.steampowered.com, helo=smtp-46.steampowered.com, encryption_protocol=TLSv1.$
Nov  1 15:08:01 ip-172.31.xxx.xxx journal: iredapd [208.64.202.46] END-OF-MESSAGE, noreply@steampowered.com -> xxxx@xxxx.co.uk, DUNNO [recipient_count=1, size=8077, process_time=0.0037s]

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: Warning: problem talking to server 127.0.0.1:7777: Success

Is your server very busy? or mysql is under heavy load which causes other applications slow to get the SQL query result?

3 (edited by mikey 2020-11-03 17:01:50)

Re: Warning: problem talking to server 127.0.0.1:7777: Success

Hello

Our mail server is only used for iredmail and is not very busy.
See glances output at time of message from steam. image1
See statistics of latest 24 hours image2

Post's attachments

Screenshot 2020-11-03 084734.png 165.41 kb, file has never been downloaded. 

Screenshot 2020-11-03 084859.png
Screenshot 2020-11-03 084859.png 35.68 kb, 2 downloads since 2020-11-03 

You don't have the permssions to download the attachments of this post.

4

Re: Warning: problem talking to server 127.0.0.1:7777: Success

Show me some log lines in /var/log/iredapd/iredapd.log.

Note: please show the full log lines, iRedAPD logs how long it took to complete each request.

5

Re: Warning: problem talking to server 127.0.0.1:7777: Success

ZhangHuangbin wrote:

Show me some log lines in /var/log/iredapd/iredapd.log.

Note: please show the full log lines, iRedAPD logs how long it took to complete each request.

Line 193. Nov  1 15:04:48
Steam email that does not come through

Line 204. Nov  1 15:07:17
Restart iredapd

Line 214. Nov  1 15:08:01
Steam email come through fine

Post's attachments

iredapd.log 298.12 kb, 7 downloads since 2020-11-04 

You don't have the permssions to download the attachments of this post.

6

Re: Warning: problem talking to server 127.0.0.1:7777: Success

I am still getting this error. Did you have a chance to look at the log file ZhangHuangbin?

7

Re: Warning: problem talking to server 127.0.0.1:7777: Success

mikey wrote:

Line 193. Nov  1 15:04:48
Steam email that does not come through

No error in iRedAPD log file (line 193+=5). Any context log in Postfix log file?

8

Re: Warning: problem talking to server 127.0.0.1:7777: Success

ZhangHuangbin wrote:
mikey wrote:

Line 193. Nov  1 15:04:48
Steam email that does not come through

No error in iRedAPD log file (line 193+=5). Any context log in Postfix log file?

Well postfix logs to /var/log/mail.log and I have posted that at the start of this topic

Is there any way I can do a temporary solution? Disable postscreen_dnsbl_sites or change the threshold
of postscreen_dnsbl_threshold, as I am getting this error a lot more now.

Do you have any idea why this is happening? As i have checked all the logs I can think of and cannot see why this is happening.

postfix/smtpd[28679]: warning: problem talking to server 127.0.0.1:7777: Success
postfix/smtpd[28679]: 4CTlBn1VHZz149Tr: reject: END-OF-MESSAGE from a7-36.smtp-out.eu-west-1.amazonses.com[54.240.7.36]: 451 4.3.5 Server configuration problem; from=<01020175a968752e-2925783d-c961-4625-b38e-bdeb690b9212-000000@eu-west-1.amazonses.com> to=<ed@xxx.co.uk> proto=ESMTP helo=<a7-36.smtp-out.eu-west-1.amazonses.com>
[centos@ip-172-31-x-x log]$ postconf -n
alias_database = hash:/etc/postfix/aliases
alias_maps = hash:/etc/postfix/aliases
allow_min_user = no
allow_percent_hack = no
biff = no
body_checks = pcre:/etc/postfix/body_checks.pcre
command_directory = /usr/sbin
config_directory = /etc/postfix
content_filter = smtp-amavis:[127.0.0.1]:10024
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5
disable_vrfy_command = yes
dovecot_destination_recipient_limit = 1
enable_long_queue_ids = yes
enable_original_recipient = no
header_checks = pcre:/etc/postfix/header_checks
inet_interfaces = all
inet_protocols = all
lmtp_tls_mandatory_protocols = !SSLv2 !SSLv3
lmtp_tls_protocols = !SSLv2 !SSLv3
mail_owner = postfix
mailq_path = /usr/bin/mailq.postfix
message_size_limit = 15728640
mlmmj_destination_recipient_limit = 1
mydestination = $myhostname, localhost, localhost.localdomain
mydomain = mx1.xxxx.co.uk
myhostname = mx1.xxxx.co.uk
mynetworks = 127.0.0.1 [::1]
myorigin = mx1.xxxx.co.uk
newaliases_path = /usr/bin/newaliases.postfix
postscreen_access_list = permit_mynetworks, cidr:/etc/postfix/postscreen_access.cidr
postscreen_blacklist_action = drop
postscreen_dnsbl_action = drop
postscreen_dnsbl_reply_map = texthash:/etc/postfix/postscreen_dnsbl_reply
postscreen_dnsbl_sites = zen.spamhaus.org=127.0.0.[2..11]*3 b.barracudacentral.org=127.0.0.2*2
postscreen_dnsbl_threshold = 2
postscreen_greet_action = drop
proxy_read_maps = $canonical_maps $lmtp_generic_maps $local_recipient_maps $mydestination $mynetworks $recipient_bcc_maps $recipient_canonical_maps $relay_domains $relay_recipient_maps $relocated_maps $sender_bcc_maps $sender_canonical_maps $smtp_generic_maps $smtpd_sender_login_maps $transport_maps $virtual_alias_domains $virtual_alias_maps $virtual_mailbox_domains $virtual_mailbox_maps $smtpd_sender_restrictions $sender_dependent_relayhost_maps
queue_directory = /var/spool/postfix
recipient_bcc_maps = proxy:mysql:/etc/postfix/mysql/recipient_bcc_maps_user.cf proxy:mysql:/etc/postfix/mysql/recipient_bcc_maps_domain.cf
recipient_delimiter = +
relay_domains = $mydestination proxy:mysql:/etc/postfix/mysql/relay_domains.cf
sender_bcc_maps = proxy:mysql:/etc/postfix/mysql/sender_bcc_maps_user.cf proxy:mysql:/etc/postfix/mysql/sender_bcc_maps_domain.cf
sender_dependent_relayhost_maps = proxy:mysql:/etc/postfix/mysql/sender_dependent_relayhost_maps.cf
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtp-amavis_destination_recipient_limit = 1
smtp_tls_CAfile = $smtpd_tls_CAfile
smtp_tls_CApath = /etc/pki/tls/certs
smtp_tls_loglevel = 1
smtp_tls_mandatory_protocols = !SSLv2 !SSLv3
smtp_tls_note_starttls_offer = yes
smtp_tls_protocols = !SSLv2 !SSLv3
smtp_tls_security_level = may
smtpd_command_filter = pcre:/etc/postfix/command_filter.pcre
smtpd_data_restrictions = reject_unauth_pipelining
smtpd_end_of_data_restrictions = check_policy_service inet:127.0.0.1:7777
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks permit_sasl_authenticated check_helo_access pcre:/etc/postfix/helo_access.pcre reject_non_fqdn_helo_hostname reject_unknown_helo_hostname
smtpd_recipient_restrictions = reject_non_fqdn_recipient reject_unlisted_recipient check_policy_service inet:127.0.0.1:7777 permit_mynetworks permit_sasl_authenticated reject_unauth_destination check_policy_service inet:127.0.0.1:12340
smtpd_reject_unlisted_recipient = yes
smtpd_reject_unlisted_sender = yes
smtpd_sasl_path = private/dovecot-auth
smtpd_sasl_type = dovecot
smtpd_sender_login_maps = proxy:mysql:/etc/postfix/mysql/sender_login_maps.cf
smtpd_sender_restrictions = reject_non_fqdn_sender reject_unlisted_sender permit_mynetworks permit_sasl_authenticated check_sender_access pcre:/etc/postfix/sender_access.pcre reject_unknown_sender_domain
smtpd_tls_CAfile = /etc/pki/tls/certs/iRedMail.crt
smtpd_tls_CApath = /etc/pki/tls/certs
smtpd_tls_cert_file = /etc/pki/tls/certs/iRedMail.crt
smtpd_tls_dh1024_param_file = /etc/pki/tls/dh2048_param.pem
smtpd_tls_dh512_param_file = /etc/pki/tls/dh512_param.pem
smtpd_tls_exclude_ciphers = aNULL, eNULL, EXPORT, DES, RC4, MD5, PSK, aECDH, EDH-DSS-DES-CBC3-SHA, EDH-RSA-DES-CDC3-SHA, KRB5-DE5, CBC3-SHA
smtpd_tls_key_file = /etc/pki/tls/private/iRedMail.key
smtpd_tls_loglevel = 1
smtpd_tls_mandatory_protocols = !SSLv2 !SSLv3
smtpd_tls_protocols = !SSLv2 !SSLv3
smtpd_tls_security_level = may
swap_bangpath = no
tls_random_source = dev:/dev/urandom
transport_maps = proxy:mysql:/etc/postfix/mysql/transport_maps_user.cf proxy:mysql:/etc/postfix/mysql/transport_maps_maillist.cf proxy:mysql:/etc/postfix/mysql/transport_maps_domain.cf
unknown_local_recipient_reject_code = 550
virtual_alias_domains =
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql/virtual_alias_maps.cf proxy:mysql:/etc/postfix/mysql/domain_alias_maps.cf proxy:mysql:/etc/postfix/mysql/catchall_maps.cf proxy:mysql:/etc/postfix/mysql/domain_alias_catchall_maps.cf
virtual_gid_maps = static:2000
virtual_mailbox_base = /datapoint
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql/virtual_mailbox_domains.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql/virtual_mailbox_maps.cf
virtual_minimum_uid = 2000
virtual_transport = dovecot
virtual_uid_maps = static:2000

9

Re: Warning: problem talking to server 127.0.0.1:7777: Success

mikey wrote:

Is there any way I can do a temporary solution?

You can comment out "check_policy_service inet:127.0.0.1:7777" in main.cf and reload postfix service.

10 (edited by mikey 2020-11-15 02:04:25)

Re: Warning: problem talking to server 127.0.0.1:7777: Success

ZhangHuangbin wrote:
mikey wrote:

Is there any way I can do a temporary solution?

You can comment out "check_policy_service inet:127.0.0.1:7777" in main.cf and reload postfix service.

# HELO restriction
smtpd_helo_required = yes
smtpd_helo_restrictions =
    permit_mynetworks
    permit_sasl_authenticated
    check_helo_access pcre:/etc/postfix/helo_access.pcre
    reject_non_fqdn_helo_hostname
    reject_unknown_helo_hostname

# Sender restrictions
smtpd_sender_restrictions =
    reject_non_fqdn_sender
    reject_unlisted_sender
    permit_mynetworks
    permit_sasl_authenticated
    check_sender_access pcre:/etc/postfix/sender_access.pcre
    reject_unknown_sender_domain

# Recipient restrictions
smtpd_recipient_restrictions =
    reject_non_fqdn_recipient
    reject_unlisted_recipient
    #check_policy_service inet:127.0.0.1:7777
    permit_mynetworks
    permit_sasl_authenticated
    reject_unauth_destination
    check_policy_service inet:127.0.0.1:12340

# END-OF-MESSAGE restrictions
smtpd_end_of_data_restrictions =
    check_policy_service inet:127.0.0.1:7777
#smtp      inet  n       -       -       -       -       smtpd
smtp      inet  n       -       n       -       1       postscreen -v
smtpd     pass  -       -       n       -       -       smtpd -v
dnsblog   unix  -       -       n       -       0       dnsblog
tlsproxy  unix  -       -       n       -       0       tlsproxy
#submission inet n       -       n       -       -       smtpd
Nov 14 16:26:28 172.31.xxx.xxx postfix/smtpd[3105]: connect from smtp-03-tuk1.steampowered.com[208.64.202.39]
Nov 14 16:26:28 172.31.xxx.xxx postfix/smtpd[3105]: match_list_match: smtp-03-tuk1.steampowered.com: no match
Nov 14 16:26:28 172.31.xxx.xxx postfix/smtpd[3105]: match_list_match: 208.64.202.39: no match
Nov 14 16:26:28 172.31.xxx.xxx postfix/smtpd[3105]: match_list_match: smtp-03-tuk1.steampowered.com: no match
Nov 14 16:26:28 172.31.xxx.xxx postfix/smtpd[3105]: match_list_match: 208.64.202.39: no match
Nov 14 16:26:28 172.31.xxx.xxx postfix/smtpd[3105]: smtp_stream_setup: maxtime=300 enable_deadline=0
Nov 14 16:26:28 172.31.xxx.xxx postfix/smtpd[3105]: match_hostname: smtp-03-tuk1.steampowered.com ~? 127.0.0.1
Nov 14 16:26:28 172.31.xxx.xxx postfix/smtpd[3105]: match_hostaddr: 208.64.202.39 ~? 127.0.0.1
Nov 14 16:26:28 172.31.xxx.xxx postfix/smtpd[3105]: match_hostname: smtp-03-tuk1.steampowered.com ~? [::1]
Nov 14 16:26:28 172.31.xxx.xxx postfix/smtpd[3105]: match_hostaddr: 208.64.202.39 ~? [::1]
Nov 14 16:26:28 172.31.xxx.xxx postfix/smtpd[3105]: match_list_match: smtp-03-tuk1.steampowered.com: no match
Nov 14 16:26:28 172.31.xxx.xxx postfix/smtpd[3105]: match_list_match: 208.64.202.39: no match
Nov 14 16:26:28 172.31.xxx.xxx postfix/smtpd[3105]: auto_clnt_open: connected to private/anvil
Nov 14 16:26:28 172.31.xxx.xxx postfix/smtpd[3105]: send attr request = connect
Nov 14 16:26:28 172.31.xxx.xxx postfix/smtpd[3105]: send attr ident = smtpd:208.64.202.39
Nov 14 16:26:28 172.31.xxx.xxx postfix/smtpd[3105]: private/anvil: wanted attribute: status
Nov 14 16:26:28 172.31.xxx.xxx postfix/smtpd[3105]: input attribute name: status
Nov 14 16:26:28 172.31.xxx.xxx postfix/smtpd[3105]: input attribute value: 0
Nov 14 16:26:28 172.31.xxx.xxx postfix/smtpd[3105]: private/anvil: wanted attribute: count
Nov 14 16:26:28 172.31.xxx.xxx postfix/smtpd[3105]: input attribute name: count
Nov 14 16:26:28 172.31.xxx.xxx postfix/smtpd[3105]: input attribute value: 1
Nov 14 16:26:28 172.31.xxx.xxx postfix/smtpd[3105]: private/anvil: wanted attribute: rate
Nov 14 16:26:28 172.31.xxx.xxx postfix/smtpd[3105]: input attribute name: rate
Nov 14 16:26:28 172.31.xxx.xxx postfix/smtpd[3105]: input attribute value: 1
Nov 14 16:26:28 172.31.xxx.xxx postfix/smtpd[3105]: private/anvil: wanted attribute: (list terminator)
Nov 14 16:26:28 172.31.xxx.xxx postfix/smtpd[3105]: input attribute name: (end)
Nov 14 16:26:28 172.31.xxx.xxx postfix/smtpd[3105]: > smtp-03-tuk1.steampowered.com[208.64.202.39]: 220 mx1.xxxx.co.uk ESMTP Postfix
Nov 14 16:26:28 172.31.xxx.xxx postfix/smtpd[3105]: < smtp-03-tuk1.steampowered.com[208.64.202.39]: EHLO smtp-03-tuk1.steampowered.com
Nov 14 16:26:28 172.31.xxx.xxx postfix/smtpd[3105]: dict_pcre_lookup: /etc/postfix/command_filter.pcre: EHLO smtp-03-tuk1.steampowered.com
Nov 14 16:26:28 172.31.xxx.xxx postfix/smtpd[3105]: match_list_match: smtp-03-tuk1.steampowered.com: no match
Nov 14 16:26:28 172.31.xxx.xxx postfix/smtpd[3105]: match_list_match: 208.64.202.39: no match
Nov 14 16:26:28 172.31.xxx.xxx postfix/smtpd[3105]: > smtp-03-tuk1.steampowered.com[208.64.202.39]: 250-mx1.xxxx.co.uk
Nov 14 16:26:28 172.31.xxx.xxx postfix/smtpd[3105]: > smtp-03-tuk1.steampowered.com[208.64.202.39]: 250-PIPELINING
Nov 14 16:26:28 172.31.xxx.xxx postfix/smtpd[3105]: > smtp-03-tuk1.steampowered.com[208.64.202.39]: 250-SIZE 15728640
Nov 14 16:26:28 172.31.xxx.xxx postfix/smtpd[3105]: > smtp-03-tuk1.steampowered.com[208.64.202.39]: 250-ETRN
Nov 14 16:26:28 172.31.xxx.xxx postfix/smtpd[3105]: > smtp-03-tuk1.steampowered.com[208.64.202.39]: 250-STARTTLS
Nov 14 16:26:28 172.31.xxx.xxx postfix/smtpd[3105]: > smtp-03-tuk1.steampowered.com[208.64.202.39]: 250-ENHANCEDSTATUSCODES
Nov 14 16:26:28 172.31.xxx.xxx postfix/smtpd[3105]: > smtp-03-tuk1.steampowered.com[208.64.202.39]: 250-8BITMIME
Nov 14 16:26:28 172.31.xxx.xxx postfix/smtpd[3105]: > smtp-03-tuk1.steampowered.com[208.64.202.39]: 250 DSN
Nov 14 16:26:28 172.31.xxx.xxx postfix/smtpd[3105]: < smtp-03-tuk1.steampowered.com[208.64.202.39]: STARTTLS
Nov 14 16:26:28 172.31.xxx.xxx postfix/smtpd[3105]: dict_pcre_lookup: /etc/postfix/command_filter.pcre: STARTTLS
Nov 14 16:26:28 172.31.xxx.xxx postfix/smtpd[3105]: > smtp-03-tuk1.steampowered.com[208.64.202.39]: 220 2.0.0 Ready to start TLS
Nov 14 16:26:28 172.31.xxx.xxx postfix/smtpd[3105]: send attr request = seed
Nov 14 16:26:28 172.31.xxx.xxx postfix/smtpd[3105]: send attr size = 32
Nov 14 16:26:28 172.31.xxx.xxx postfix/smtpd[3105]: private/tlsmgr: wanted attribute: status
Nov 14 16:26:28 172.31.xxx.xxx postfix/smtpd[3105]: input attribute name: status
Nov 14 16:26:28 172.31.xxx.xxx postfix/smtpd[3105]: input attribute value: 0
Nov 14 16:26:28 172.31.xxx.xxx postfix/smtpd[3105]: private/tlsmgr: wanted attribute: seed
Nov 14 16:26:28 172.31.xxx.xxx postfix/smtpd[3105]: input attribute name: seed
Nov 14 16:26:28 172.31.xxx.xxx postfix/smtpd[3105]: input attribute value: K9CGAGbeSMp3hFfai5VjLfCK7xmEvEmZfwBVtx4DMdw=
Nov 14 16:26:28 172.31.xxx.xxx postfix/smtpd[3105]: private/tlsmgr: wanted attribute: (list terminator)
Nov 14 16:26:28 172.31.xxx.xxx postfix/smtpd[3105]: input attribute name: (end)
Nov 14 16:26:28 172.31.xxx.xxx postfix/smtpd[3105]: Anonymous TLS connection established from smtp-03-tuk1.steampowered.com[208.64.202.39]: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)
Nov 14 16:26:28 172.31.xxx.xxx postfix/smtpd[3105]: < smtp-03-tuk1.steampowered.com[208.64.202.39]: EHLO smtp-03-tuk1.steampowered.com
Nov 14 16:26:28 172.31.xxx.xxx postfix/smtpd[3105]: dict_pcre_lookup: /etc/postfix/command_filter.pcre: EHLO smtp-03-tuk1.steampowered.com
Nov 14 16:26:29 172.31.xxx.xxx postfix/smtpd[3105]: warning: problem talking to server 127.0.0.1:7777: Success
Nov 14 16:26:30 172.31.xxx.xxx postfix/smtpd[3105]: warning: problem talking to server 127.0.0.1:7777: Success

1. Commenting out #check_policy_service inet:127.0.0.1:7777 and running "sudo postfix stop && sudo sudo postfix start" makes all the clients have a send and receive error. I removed the commenting out of check_policy_service and clients are back online.

2. I have put smtp and smtpd in debug mode.

3. 451 4.3.5 Server configuration problem;
warning: problem talking to server 127.0.0.1:7777: Success

Nov 14 17:40:32 ip-172-31-xxx-xxx postfix/smtpd[3844]: warning: problem talking to server 127.0.0.1:7777: Success
Nov 14 17:40:32 ip-172-31-xxx-xxx postfix/smtpd[3844]: 4CYN0H3mgzzhrrP: reject: END-OF-MESSAGE from smtp-60.steampowered.com[208.64.202.60]: 451 4.3.5 Server configuration problem; from=<noreply@steampowered.com> to=<xxx@yyyy.co.uk> proto=ESMTP helo=<smtp-60.steampowered.com>

4. Would I get "problem talking to server 127.0.0.1:7777: Success" if I am getting to much mail and being blocked by spamhaus?

5. Do you have any idea why this is happening? As I have checked all the logs I can think of and cannot see why this is happening. What can I try next?

11

Re: Warning: problem talking to server 127.0.0.1:7777: Success

There're 2 "check_policy_service inet:127.0.0.1:7777" in main.cf, you just commented out the first one.

12

Re: Warning: problem talking to server 127.0.0.1:7777: Success

ZhangHuangbin wrote:

There're 2 "check_policy_service inet:127.0.0.1:7777" in main.cf, you just commented out the first one.

I will test that. But this is only a temporary fix.

What do you think about point 3, 4 and 5?

13

Re: Warning: problem talking to server 127.0.0.1:7777: Success

I re-checked your iredapd.log, some requests were finished a little longer then expected. e.g. 0.0X seconds, usually it should be 0.00X. Few questions:

- Is the (first) DNS server used by this server fast enough?
- Do you use a remote MySQL server?

14

Re: Warning: problem talking to server 127.0.0.1:7777: Success

From what I can see all DNS resolves are fast.
The MySQL is local and only used for this mail server

[centos@mx1 ~]$ dig google.co.uk +noall +stats

; <<>> DiG 9.11.4-P2-RedHat-9.11.4-26.P2.el7 <<>> google.co.uk +noall +stats
;; global options: +cmd
;; Query time: 9 msec
;; SERVER: 172.31.0.2#53(172.31.0.2)
;; WHEN: Tue Nov 17 14:38:02 UTC 2020
;; MSG SIZE  rcvd: 46

[centos@mx1 ~]$ dig @1.1.1.1 google.co.uk +noall +stats

; <<>> DiG 9.11.4-P2-RedHat-9.11.4-26.P2.el7 <<>> @1.1.1.1 google.co.uk +noall +stats
; (1 server found)
;; global options: +cmd
;; Query time: 1 msec
;; SERVER: 1.1.1.1#53(1.1.1.1)
;; WHEN: Tue Nov 17 14:37:48 UTC 2020
;; MSG SIZE  rcvd: 57

[centos@mx1 ~]$ dig @9.9.9.9 google.co.uk +noall +stats

; <<>> DiG 9.11.4-P2-RedHat-9.11.4-26.P2.el7 <<>> @9.9.9.9 google.co.uk +noall +stats
; (1 server found)
;; global options: +cmd
;; Query time: 2 msec
;; SERVER: 9.9.9.9#53(9.9.9.9)
;; WHEN: Tue Nov 17 14:38:22 UTC 2020
;; MSG SIZE  rcvd: 57
Post's attachments

glances.png
glances.png 106.38 kb, 6 downloads since 2020-11-17 

You don't have the permssions to download the attachments of this post.

15

Re: Warning: problem talking to server 127.0.0.1:7777: Success

hmm, no idea right now.

16

Re: Warning: problem talking to server 127.0.0.1:7777: Success

Would I be hitting some kind our limit for spamhaus? I don't do 100000 checks a day, so I should not be.

17

Re: Warning: problem talking to server 127.0.0.1:7777: Success

You may get warning/error like "warning: problem talking to server 127.0.0.1:7777: Success" when server is under high pressure or similar situations, and i experienced one last week too.

Here's my situation last week:

Server has 16GB RAM and 6 CPUs, BUT it's a "Shared Plan" on Linode, that means it runs many VPS servers on same physical server hardware. We tried hard to figure out the root cause, but everything was just fine and nothing changes before the issue occurred. We had a filesystem (on extra volume, which is a iSCSI device offered by Linode) issue first caused dovecot failed to store message and Postfix failed to process emails, system booted to secure mode automatically. Took 12 hours to fix it and recovered one email message with few fsck tries, worked fine for 2 days then suddenly postfix frequently reported "warning ... 127.0.0.1:7777 ..." issue, We contacted Linode support and hours later, Linode support replied this:

"... I took a look at the overall health for the host machine for this Linode and did find a "noisy neighbor" that may have been causing resource contention on the host. Also, the load on the host is a bit higher than we'd typically like to see. Both of these factors can lead to degraded perfomance on a Linode or with the Block Storage volume. ..."

See, our VPS was all good but impacted by other VPS running on same physical server.

Your situation may be different, but we see Postfix + iRedAPD is kind of sensitive in such situation. You can see iRedAPD logs normally and processing requests from Postfix, but Postfix logs "warning ..." a lot because iRedAPD can not finish the requests fast enough and new Postfix requests are pending and eventually timed out.