1

Topic: NOQUEUE - new migration

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 1.1 MARIADB edition.
- Deployed with iRedMail Easy or the downloadable installer?  download
- Linux/BSD distribution name and version:  CentOS7
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro?  Yes
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

I recently had an issue where a server migration didn't work.  I was able to run the SQL code one more time and get that working. 

I am now getting NOQUEUE errors for email accounts - see error below.

I checked permissions within /var/vmail/vmail1 and everything is owned by vmail with 700 permissions.  I rsync'd from my other server to this one.  What else should I check?


Mar  7 23:44:28 server postfix/submission/smtpd[14686]: NOQUEUE: reject: RCPT from unknown[IPv6]: 554 5.7.1 <unknown[IPv6]>: Client host rejected: Access denied; from=<email@email.com> to=<email@email.com> proto=ESMTP helo=<[IPv6:IPv6]>

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: NOQUEUE - new migration

It looks like amavisd is not working...

Is there a reason it would not be working on a brand new build?  I tried to do a restart as well with no luck.

systemd[1]: Unit amavisd.service entered failed state.

3

Re: NOQUEUE - new migration

usafitz wrote:

Client host rejected: Access denied

Do you have any restriction rules in Postfix parameter "smtpd_client_restrictions" (/etc/postfix/main.cf)?

usafitz wrote:

It looks like amavisd is not working...

Please check detailed log in /var/log/messages, not "systemctl status amavisd" (it's brief and usually doesn't contain enough log lines).

4

Re: NOQUEUE - new migration

FROM /var/log/maillog - after restart of amavisd failed

Mar  8 04:57:41 server systemd: amavisd.service: control process exited, code=exited status=13
Mar  8 04:57:41 server systemd: Failed to start Amavisd-new is an interface between MTA and content checkers..
Mar  8 04:57:41 server systemd: Unit amavisd.service entered failed state.
Mar  8 04:57:41 server systemd: amavisd.service failed.
Mar  8 04:57:41 server systemd: amavisd.service holdoff time over, scheduling restart.
Mar  8 04:57:41 server systemd: Stopped Amavisd-new is an interface between MTA and content checkers..
Mar  8 04:57:41 server systemd: Starting Amavisd-new is an interface between MTA and content checkers....
Mar  8 04:57:41 server amavisd: Error in config file "/etc/amavisd/amavisd.conf": Can't open PEM file /var/lib/dkim/url.com.pem: Permission denied at /usr/sbin/amavisd line 638.
Mar  8 04:57:41 server systemd: amavisd.service: control process exited, code=exited status=13
Mar  8 04:57:41 server systemd: Failed to start Amavisd-new is an interface between MTA and content checkers..
Mar  8 04:57:41 server systemd: Unit amavisd.service entered failed state.
Mar  8 04:57:41 server systemd: amavisd.service failed.
Mar  8 04:57:42 server systemd: amavisd.service holdoff time over, scheduling restart.
Mar  8 04:57:42 server systemd: Stopped Amavisd-new is an interface between MTA and content checkers..
Mar  8 04:57:42 server systemd: start request repeated too quickly for amavisd.service
Mar  8 04:57:42 server systemd: Failed to start Amavisd-new is an interface between MTA and content checkers..
Mar  8 04:57:42 server systemd: Unit amavisd.service entered failed state.
Mar  8 04:57:42 server systemd: amavisd.service failed.

5

Re: NOQUEUE - new migration

This appears to be a broken link...

PunBB bbcode test


I did this from your letsencrypt documentation, but afterwards, this shows as broken.

mv /etc/pki/tls/certs/iRedMail.crt{,.bak}       # Backup. Rename iRedMail.crt to iRedMail.crt.bak
mv /etc/pki/tls/private/iRedMail.key{,.bak}     # Backup. Rename iRedMail.key to iRedMail.key.bak
ln -s /etc/letsencrypt/live/mail.mydomain.com/fullchain.pem /etc/pki/tls/certs/iRedMail.crt
ln -s /etc/letsencrypt/live/mail.mydomain.com/privkey.pem /etc/pki/tls/private/iRedMail.key

6

Re: NOQUEUE - new migration

Lastly, here's the permissions of the broken link location:

[user@server tls]$ sudo ls -al /etc/letsencrypt/live/server.com
total 12
drwxr-xr-x 2 root root 4096 Mar  7 21:45 .
drw-r--r-- 3 root root 4096 Mar  7 21:45 ..
lrwxrwxrwx 1 root root   43 Mar  7 21:45 cert.pem -> ../../archive/server.com/cert1.pem
lrwxrwxrwx 1 root root   44 Mar  7 21:45 chain.pem -> ../../archive/server.com/chain1.pem
lrwxrwxrwx 1 root root   48 Mar  7 21:45 fullchain.pem -> ../../archive/server.com/fullchain1.pem
lrwxrwxrwx 1 root root   46 Mar  7 21:45 privkey.pem -> ../../archive/server.com/privkey1.pem
-rw-r--r-- 1 root root  692 Mar  7 21:45 README
[user@server tls]$ sudo ls -al /etc/letsencrypt/archive/server.com
total 24
drwxr-xr-x 2 root root 4096 Mar  7 21:45 .
drw-r--r-- 3 root root 4096 Mar  7 21:45 ..
-rw-r--r-- 1 root root 1919 Mar  7 21:45 cert1.pem
-rw-r--r-- 1 root root 1647 Mar  7 21:45 chain1.pem
-rw-r--r-- 1 root root 3566 Mar  7 21:45 fullchain1.pem
-rw------- 1 root root 1704 Mar  7 21:45 privkey1.pem

7

Re: NOQUEUE - new migration

usafitz wrote:

Can't open PEM file /var/lib/dkim/url.com.pem: Permission denied

check this

8

Re: NOQUEUE - new migration

Changed permissions from root, to amavis for that file...  the error no longer shows up in /var/log/messages.  It will still not start, however.  Here are the log files now (very vague):

Mar  8 17:32:04 server systemd: amavisd.service holdoff time over, scheduling restart.
Mar  8 17:32:04 server systemd: Stopped Amavisd-new is an interface between MTA and content checkers..
Mar  8 17:32:04 server systemd: Starting Amavisd-new is an interface between MTA and content checkers....
Mar  8 17:32:05 server systemd: Started Amavisd-new is an interface between MTA and content checkers..
Mar  8 17:32:05 server systemd: amavisd.service: main process exited, code=exited, status=255/n/a
Mar  8 17:32:05 server systemd: Unit amavisd.service entered failed state.
Mar  8 17:32:05 server systemd: amavisd.service failed.
Mar  8 17:32:05 server systemd: amavisd.service holdoff time over, scheduling restart.
Mar  8 17:32:05 server systemd: Stopped Amavisd-new is an interface between MTA and content checkers..
Mar  8 17:32:05 server systemd: start request repeated too quickly for amavisd.service
Mar  8 17:32:05 server systemd: Failed to start Amavisd-new is an interface between MTA and content checkers..
Mar  8 17:32:05 server systemd: Unit amavisd.service entered failed state.
Mar  8 17:32:05 server systemd: amavisd.service failed.

9

Re: NOQUEUE - new migration

Try to start it manually so that we can get detailed error message on console:

amavisd-new -c /etc/amavisd/amavisd.conf -debug