My Homestead Vagrant box cannot resolve DNS from within the guest OS, though network traffic otherwise passes through fine.
vagrant#homestead:~$ ping google.com
ping: google.com: Temporary failure in name resolution
vagrant#homestead:~$ ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=121 time=23.0 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=121 time=21.9 ms
^C
--- 8.8.8.8 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 21.956/22.516/23.077/0.580 ms
Related questions have pointed to modifying Virtualbox's natdnshostresolver1 flag (though I'm told Homestead already enables this); I've updated my Vagrantfile as below, but to no avail:
# -*- mode: ruby -*-
# vi: set ft=ruby :
require 'json'
require 'yaml'
VAGRANTFILE_API_VERSION ||= "2"
confDir = $confDir ||= File.expand_path(File.dirname(__FILE__))
homesteadYamlPath = confDir + "/Homestead.yaml"
homesteadJsonPath = confDir + "/Homestead.json"
afterScriptPath = confDir + "/after.sh"
customizationScriptPath = confDir + "/user-customizations.sh"
aliasesPath = confDir + "/aliases"
require File.expand_path(File.dirname(__FILE__) + '/scripts/homestead.rb')
Vagrant.require_version '>= 2.1.0'
Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
config.vm.provider :virtualbox do |v|
v.customize ["modifyvm", :id, "--natdnshostresolver1", "on"]
end
if File.exist? aliasesPath then
config.vm.provision "file", source: aliasesPath, destination: "/tmp/bash_aliases"
config.vm.provision "shell" do |s|
s.inline = "awk '{ sub(\"\r$\", \"\"); print }' /tmp/bash_aliases > /home/vagrant/.bash_aliases && chown vagrant:vagrant /home/vagrant/.bash_aliases"
end
end
if File.exist? homesteadYamlPath then
settings = YAML::load(File.read(homesteadYamlPath))
elsif File.exist? homesteadJsonPath then
settings = JSON::parse(File.read(homesteadJsonPath))
else
abort "Homestead settings file not found in #{confDir}"
end
Homestead.configure(config, settings)
if File.exist? afterScriptPath then
config.vm.provision "shell", path: afterScriptPath, privileged: false, keep_color: true
end
if File.exist? customizationScriptPath then
config.vm.provision "shell", path: customizationScriptPath, privileged: false, keep_color: true
end
if Vagrant.has_plugin?('vagrant-hostsupdater')
config.hostsupdater.aliases = settings['sites'].map { |site| site['map'] }
elsif Vagrant.has_plugin?('vagrant-hostmanager')
config.hostmanager.enabled = true
config.hostmanager.manage_host = true
config.hostmanager.aliases = settings['sites'].map { |site| site['map'] }
end
end
What else could be preventing the VM from resolving DNS? Or, can I just set nameservers within the box that will persist?
EDIT:
For the time being, I can get it to work by manually editing /etc/resolv.conf and adding nameservers each time I spin it up. However, composer still requires DNS during the startup process, so this is not a fix.
Here's my Homestead.yaml for the curious:
---
ip: "127.0.0.1"
memory: 2048
cpus: 1
provider: virtualbox
authorize: ~/.ssh/id_rsa.pub
keys:
- ~/.ssh/id_rsa
folders:
- map: ~/code
to: /home/vagrant/code
sites:
- map: erich.test
to: /home/vagrant/code/snowman/public
databases:
- homestead
I solved this with that line
sudo ufw allow out 53,113,123/udp
I gave up on figuring out this problem with Homestead/Vagrant long ago.
Instead, I recommend trying out the new Laravel Sail package (Laravel 8.x+) which uses Docker.
Related
So I'm trying to make modifications to an ISO in a Packer instance, but I keep getting the following error message:
==> amazon-ebs.centos-efi: + sudo mount -t iso9660 -o loop 'temporary.iso' /tmp/tmp.M5xCLte5mi
==> amazon-ebs.centos-efi: mount: temporary.iso: failed to setup loop device: No such file or directory
And I cannot seem to understand why this is happening. Things I have tried:
I have tried mounting in a different directory.
Running modprobe loop
Running losetup
Creating a loop device: sudo mknod -m640 /dev/loop8 b 7 8
Neither of them worked. So I've come here for some guidance.
I'll provide relevant bits of my Packer template below:
source "amazon-ebs" "centos-efi" {
ami_name = "centos-efi-{{timestamp}}"
ssh_username = "centos"
instance_type = "t2.medium"
region = "${var.aws_region}"
source_ami = "ami-04f798ca92cc13f74"
skip_create_ami = true
tag {
key = "Name"
value = "CentOS EFI Build"
}
launch_block_device_mappings {
device_name = "/dev/sda1"
volume_size = 32
volume_type = "gp2"
delete_on_termination = true
}
}
Provisioner Code:
ISO_ORIG=$(mktemp -d)
ISO_CHANGE=$(mktemp -d)
ls -al /tmp
sleep 15
sudo mount -t iso9660 -o loop temporary.iso $ISO_ORIG
cd $ISO_ORIG
Any recommendations?
I'm trying to find a line in a yml configuration file and replace the next line with a specific value. I tried sed, but it seems it is not replacing or not able to find the pattern. Below is the snippit of that yml file
applicationConnectors:
- type: http
port: 14080
bindHost: 15.213.48.154
headerCacheSize: 512 bytes
outputBufferSize: 32KiB
maxRequestHeaderSize: 8KiB
maxResponseHeaderSize: 8KiB
inputBufferSize: 8KiB
idleTimeout: 30 seconds
minBufferPoolSize: 64 bytes
bufferPoolIncrement: 1KiB
maxBufferPoolSize: 64KiB
acceptorThreads: 1
selectorThreads: 2
acceptQueueSize: 1024
reuseAddress: true
useServerHeader: false
useDateHeader: true
useForwardedHeaders: true
adminConnectors:
- type: http
port: 14180
I want to change port value to 14081 for applicationConnectors as there is another port exists for adminConnectors
After the script execution it should look like:
applicationConnectors:
- type: http
port: 14081
bindHost: 15.213.48.154
headerCacheSize: 512 bytes
outputBufferSize: 32KiB
maxRequestHeaderSize: 8KiB
maxResponseHeaderSize: 8KiB
inputBufferSize: 8KiB
idleTimeout: 30 seconds
minBufferPoolSize: 64 bytes
bufferPoolIncrement: 1KiB
maxBufferPoolSize: 64KiB
acceptorThreads: 1
selectorThreads: 2
acceptQueueSize: 1024
reuseAddress: true
useServerHeader: false
useDateHeader: true
useForwardedHeaders: true
adminConnectors:
- type: http
port: 14180
I have tried below code:
var1="14081"
var2="port"
sed '/applicationConnectors:/{n;s/\($var2\).*\$/\1${var1}/}' configuration.yml > newfile
mv newfile configuration.yml
but it seems this code is not replacing anything.
sed is best for s/old/new, that is all. For anything else just use awk for clarity, portability, robustness, etc. Look:
$ awk -v rec='applicationConnectors' -v tag='port' -v val='14081' '
/^ [^ ]/{name=$1} name==(rec":") && $1==(tag":"){sub(/[^ ]+$/,""); $0=$0 val}
1' file
applicationConnectors:
- type: http
port: 14081
bindHost: 15.213.48.154
headerCacheSize: 512 bytes
outputBufferSize: 32KiB
maxRequestHeaderSize: 8KiB
maxResponseHeaderSize: 8KiB
inputBufferSize: 8KiB
idleTimeout: 30 seconds
minBufferPoolSize: 64 bytes
bufferPoolIncrement: 1KiB
maxBufferPoolSize: 64KiB
acceptorThreads: 1
selectorThreads: 2
acceptQueueSize: 1024
reuseAddress: true
useServerHeader: false
useDateHeader: true
useForwardedHeaders: true
adminConnectors:
- type: http
port: 14180
Want to change acceptQueueSize: to 17 instead? It's the same script with just different variable values:
$ awk -v rec='applicationConnectors' -v tag='acceptQueueSize' -v val='17' '
/^ [^ ]/{name=$1} name==(rec":") && $1==(tag":"){sub(/[^ ]+$/,""); $0=$0 val}
1' file
applicationConnectors:
- type: http
port: 14080
bindHost: 15.213.48.154
headerCacheSize: 512 bytes
outputBufferSize: 32KiB
maxRequestHeaderSize: 8KiB
maxResponseHeaderSize: 8KiB
inputBufferSize: 8KiB
idleTimeout: 30 seconds
minBufferPoolSize: 64 bytes
bufferPoolIncrement: 1KiB
maxBufferPoolSize: 64KiB
acceptorThreads: 1
selectorThreads: 2
acceptQueueSize: 17
reuseAddress: true
useServerHeader: false
useDateHeader: true
useForwardedHeaders: true
adminConnectors:
- type: http
port: 14180
Only try that with your currently accepted sed solution if you enjoy counting ns :-). Note also that this will work no matter what order the lines appear within each record since it keys off the name port rather than assuming that will appear some specific number of lines after applicationConnectors:. Finally, this will work even if the strings you're searching for or replacing with contain RE metachars (e.g. .), backreference chars (e.g. \1 or &), or sed delimiters (e.g. /).
Since the port line is the second after applicationConnectors: you need to use double n; and you should use double quotation marks around the sed command to allow variable interpolation inside:
sed "/applicationConnectors:/{n;n;s/\($var2\).*/\1: ${var1}/}" configuration.yml > newfile
See this online sed demo.
staging:
datasource:
jdbcUrl: xxx
driverclassname: yyy
username: zzzz
password: dddd
platform: wwww
sed command to replace value of jdbc url:
sed -i "/staging:/{n;n;s/\(jdbcUrl\).*/\1: AAAAA/}" application.yml
I'm trying to parse a dhcpd.conf file that looks like this:
authoritative;
subnet x.x.x.x netmask x.x.x.x {
range x.x.x.x x.x.x.x;
deny unknown-clients;
default-lease-time 86400;
max-lease-time 86400;
option domain-name "bla";
option domain-name-servers x.x.x.x;
option broadcast-address x.x.x.x;
option subnet-mask x.x.x.x;
option routers x.x.x.x;
host host1 {
hardware ethernet 00:e1:4c:68:00:53;
fixed-address 1.1.1.1;
}
host host2 {
hardware ethernet 01:e2:4d:69:01:54;
fixed-address 2.2.2.2;
}
host host3 {
hardware ethernet 02:e3:4e:70:02:55;
fixed-address 3.3.3.3;
}
host host4 {
hardware ethernet 03:e4:4f:71:03:56;
fixed-address 4.4.4.4;
}
host host5 {
hardware ethernet 04:e5:5f:72:04:57;
fixed-address 5.5.5.5;
}
}
In the end I need to loop though the host blocks (no matter their name) and assign the MAC address and IP address to variables in order to process the combination. So far I managed to do this with only one variable:
for MAC in `cat /etc/dhcp/dhcpd.conf | grep "hardware ethernet" | awk '{ print $3 }' | tr ";" " "`
do
echo "Found MAC address: " $MAC "Found IP: <I need the IP Variable here...>"
done
Maybe it's better to somehow "grep" the host blocks in order to loop through these, but I don't know how to do this.
Could anybody give me a hint on how to do this?
Thanks
Given that the input file is in the exact format (MAC followed by IP), following sed one liner will give a list of "MAC,IP" csv pairs. You can parse it and do what ever you want.
sed -n '/\s*hardware ethernet/{s/\s*hardware ethernet \(.*\);/\1/;N;s/\([a-z0-9:]*\)\s*fixed-address \(.*\);/\1,\2/p}' /etc/dhcp/dhcpd.conf
Output:
00:e1:4c:68:00:53,1.1.1.1
01:e2:4d:69:01:54,2.2.2.2
02:e3:4e:70:02:55,3.3.3.3
03:e4:4f:71:03:56,4.4.4.4
04:e5:5f:72:04:57,5.5.5.5
To produce the exact output as in your example,
sed -n '/\s*hardware ethernet/{s/\s*hardware ethernet \(.*\);/\1/;N;s/\([a-z0-9:]*\)\s*fixed-address \(.*\);/Found MAC address: \1, Found IP: \2/p}' /etc/dhcp/dhcpd.conf
Output:
Found MAC address: 00:e1:4c:68:00:53, Found IP: 1.1.1.1
Found MAC address: 01:e2:4d:69:01:54, Found IP: 2.2.2.2
Found MAC address: 02:e3:4e:70:02:55, Found IP: 3.3.3.3
Found MAC address: 03:e4:4f:71:03:56, Found IP: 4.4.4.4
Found MAC address: 04:e5:5f:72:04:57, Found IP: 5.5.5.5
EDIT
You can extract MAC and IP from each pair and do something with them as follows.
for v in $(sed -n '/\s*hardware ethernet/{s/\s*hardware ethernet \(.*\);/\1/;N;s/\([a-z0-9:]*\)\s*fixed-address \(.*\);/\1,\2/p}' /etc/dhcp/dhcpd.conf); do
mac="${v%,*}"
ip="${v#*,}"
echo "MAC: $mac"
echo "IP: $ip"
done
I'm having an issue with postfix on a raspberry (debian jessie).
I have looked on the web on how to force postfix to send emails on port 587 but nothing work for me.
When I send email via the mail command , the mail.log indicates that postfix is trying to connect to the hotmail mailserver on port 25.
I have the same configuration on a VPS and everything work perfectly. I already checked the firewall configuration of my ISP and my NAT setting are well configured to redirect 25, 587 ... on my raspberry.
Can you help me to force postfix using port 587 ?
Than you.
My config :
## Postfix master process configuration file. For details on the format
# of the file, see the master(5) manual page (command: "man 5 master" or
# on-line: http://www.postfix.org/master.5.html).
#
# Do not forget to execute "postfix reload" after editing this file.
#
# ==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
# ==========================================================================
smtp inet n - - - - smtpd
#smtp inet n - - - 1 postscreen
#smtpd pass - - - - - smtpd
#dnsblog unix - - - - 0 dnsblog
#tlsproxy unix - - - - 0 tlsproxy
submission inet n - - - - smtpd
# -o syslog_name=postfix/submission
# -o smtpd_tls_security_level=encrypt
# -o smtpd_sasl_auth_enable=yes
# -o smtpd_reject_unlisted_recipient=no
# -o smtpd_client_restrictions=$mua_client_restrictions
# -o smtpd_helo_restrictions=$mua_helo_restrictions
# -o smtpd_sender_restrictions=$mua_sender_restrictions
# -o smtpd_recipient_restrictions=
# -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
# -o milter_macro_daemon_name=ORIGINATING
#smtps inet n - - - - smtpd
# -o syslog_name=postfix/smtps
# -o smtpd_tls_wrappermode=yes
# -o smtpd_sasl_auth_enable=yes
# -o smtpd_reject_unlisted_recipient=no
# -o smtpd_client_restrictions=$mua_client_restrictions
# -o smtpd_helo_restrictions=$mua_helo_restrictions
# -o smtpd_sender_restrictions=$mua_sender_restrictions
# -o smtpd_recipient_restrictions=
# -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
# -o milter_macro_daemon_name=ORIGINATING
#628 inet n - - - - qmqpd
pickup unix n - - 60 1 pickup
cleanup unix n - - - 0 cleanup
qmgr unix n - n 300 1 qmgr
#qmgr unix n - n 300 1 oqmgr
tlsmgr unix - - - 1000? 1 tlsmgr
rewrite unix - - - - - trivial-rewrite
bounce unix - - - - 0 bounce
defer unix - - - - 0 bounce
trace unix - - - - 0 bounce
verify unix - - - - 1 verify
flush unix n - - 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - - - - smtp
relay unix - - - - - smtp
# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq unix n - - - - showq
error unix - - - - - error
retry unix - - - - - error
discard unix - - - - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - - - - lmtp
anvil unix - - - - 1 anvil
scache unix - - - - 1 scache
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# Many of the following services use the Postfix pipe(8) delivery
# agent. See the pipe(8) man page for information about ${recipient}
# and other message envelope options.
# ====================================================================
#
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
#
# ====================================================================
#
# Recent Cyrus versions can use the existing "lmtp" master.cf entry.
#
# Specify in cyrus.conf:
# lmtp cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4
#
# Specify in main.cf one or more of the following:
# mailbox_transport = lmtp:inet:localhost
# virtual_transport = lmtp:inet:localhost
#
# ====================================================================
#
# Cyrus 2.1.5 (Amos Gouaux)
# Also specify in main.cf: cyrus_destination_recipient_limit=1
#
#cyrus unix - n n - - pipe
# user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
#
# ====================================================================
# Old example of delivery via Cyrus.
#
#old-cyrus unix - n n - - pipe
# flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
#
# ====================================================================
#
# See the Postfix UUCP_README file for configuration details.
#
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
#
#
# ====================================================================
#
# See the Postfix UUCP_README file for configuration details.
#
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
#
# Other external delivery methods.
#
ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix - n n - 2 pipe
flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman unix - n n - - pipe
flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
${nexthop} ${user}
dovecot unix - n n - - pipe
flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/dovecot-lda -f ${sender} -d ${recipient}
Main.conf
# See /usr/share/postfix/main.cf.dist for a commented, more complete version
# Debian specific: Specifying a file name will cause the first
# line of that file to be used as the name. The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no
# appending .domain is the MUA's job.
append_dot_mydomain = no
# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h
readme_directory = no
# TLS parameters
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
myhostname = mydomain.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = localhost.com, , localhost
relayhost =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf
virtual_alias_maps = mysql:/etc/postfix/mysql-virtual-alias-maps.cf
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes
smtpd_tls_security_level = may
smtpd_tls_auth_only = yes
smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination
virtual_transport = dovecot
dovecot_destination_recipient_limit = 1
A short extract of mail.log
Feb 21 14:25:22 raspberrypi postfix/qmgr[32705]: 61DE36021A: from=<hugo#raspberrypi>, size=315, nrcpt=1 (queue active)
Feb 21 14:25:41 raspberrypi postfix/smtp[32708]: connect to mx2.hotmail.com[65.55.92.184]:25: Connection timed out
Feb 21 14:25:41 raspberrypi postfix/smtp[32709]: connect to mx2.hotmail.com[65.54.188.72]:25: Connection timed out
Feb 21 14:25:52 raspberrypi postfix/smtp[32734]: connect to mx3.hotmail.com[65.55.33.119]:25: Connection timed out
From what I understand of this problem, to force Postfix to use submission to send e-mail you should define this in main.cf. I don't see anything related in your example, that's why Postfix still send on port 25 (mail.log).
master.cf defines daemons/listeners run by Postfix, so you have enabled submission to reach your mail server, but have not configured it to send via submission.
This is the output of PostFix when I connect via telnet:
[root#mail ~]# telnet localhost smtp
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
nothing here
no response
???
^]
telnet> close
Connection closed.
I can try pretending it is responding, etc, it's accepting the connection, but no communication afterwards. I've tried switched ports, reinstalling, etc. At first it works fine, but after it's first restart with Dovecot(I think), it never responds anymore. Same on remote computers.
main.cf:
[root#mail ~]# postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
debug_peer_level = 2
html_directory = no
inet_interfaces = all
mail_owner = postfix
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
message_size_limit = 30720000
mydestination = $myhostname, localhost, localhost.localdomain
mydomain = hackmailer.com
myhostname = mail.hackmailer.com
mynetworks = 127.0.0.0/8, 50.131.19.57
myorigin = $mydomain
newaliases_path = /usr/bin/newaliases.postfix
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES
sample_directory = /usr/share/doc/postfix-2.3.3/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_path = private/auth
smtpd_sasl_type = dovecot
smtpd_tls_cert_file = /etc/pki/dovecot/certs/dovecot.pem
smtpd_tls_key_file = /etc/pki/dovecot/private/dovecot.pem
smtpd_use_tls = yes
unknown_local_recipient_reject_code = 550
virtual_alias_domains =
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, mysql:/etc/postfix/mysql-virtual_email2email.cf
virtual_gid_maps = static:5000
virtual_mailbox_base = /home/vmail
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
virtual_transport = dovecot
virtual_uid_maps = static:5000
master.cf
#
# Postfix master process configuration file. For details on the format
# of the file, see the master(5) manual page (command: "man 5 master").
#
# ==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
# ==========================================================================
smtp inet n - n - - smtpd
#submission inet n - n - - smtpd
# -o smtpd_enforce_tls=yes
# -o smtpd_sasl_auth_enable=yes
# -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#smtps inet n - n - - smtpd
# -o smtpd_tls_wrappermode=yes
# -o smtpd_sasl_auth_enable=yes
# -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#628 inet n - n - - qmqpd
pickup fifo n - n 60 1 pickup
cleanup unix n - n - 0 cleanup
qmgr fifo n - n 300 1 qmgr
#qmgr fifo n - n 300 1 oqmgr
tlsmgr unix - - n 1000? 1 tlsmgr
rewrite unix - - n - - trivial-rewrite
bounce unix - - n - 0 bounce
defer unix - - n - 0 bounce
trace unix - - n - 0 bounce
verify unix - - n - 1 verify
flush unix n - n 1000? 0 flush
proxymap unix - - n - - proxymap
smtp unix - - n - - smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
relay unix - - n - - smtp
-o fallback_relay=
# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq unix n - n - - showq
error unix - - n - - error
discard unix - - n - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
anvil unix - - n - 1 anvil
scache unix - - n - 1 scache
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# Many of the following services use the Postfix pipe(8) delivery
# agent. See the pipe(8) man page for information about ${recipient}
# and other message envelope options.
# ====================================================================
#
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
#
# The Cyrus deliver program has changed incompatibly, multiple times.
#
old-cyrus unix - n n - - pipe
flags=R user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -m ${extension} ${user}
# Cyrus 2.1.5 (Amos Gouaux)
# Also specify in main.cf: cyrus_destination_recipient_limit=1
cyrus unix - n n - - pipe
user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -r ${sender} -m ${extension} ${user}
#
# See the Postfix UUCP_README file for configuration details.
#
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
#
# Other external delivery methods.
#
ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient
dovecot unix - n n - - pipe
flags=DRhu user=vmail:vmail argv=/usr/libexec/dovecot/deliver -f ${sender} -d ${recipient}
dovecot.conf
[root#mail ~]# dovecot -n
# 1.0.7: /etc/dovecot.conf
log_timestamp: %Y-%m-%d %H:%M:%S
login_dir: /var/run/dovecot/login
login_executable(default): /usr/libexec/dovecot/imap-login
login_executable(imap): /usr/libexec/dovecot/imap-login
login_executable(pop3): /usr/libexec/dovecot/pop3-login
mail_location: maildir:/home/vmail/%d/%n/Maildir
mail_executable(default): /usr/libexec/dovecot/imap
mail_executable(imap): /usr/libexec/dovecot/imap
mail_executable(pop3): /usr/libexec/dovecot/pop3
mail_plugin_dir(default): /usr/lib/dovecot/imap
mail_plugin_dir(imap): /usr/lib/dovecot/imap
mail_plugin_dir(pop3): /usr/lib/dovecot/pop3
namespace:
type: private
separator: .
prefix: INBOX.
inbox: yes
auth default:
passdb:
driver: sql
args: /etc/dovecot-sql.conf
userdb:
driver: static
args: uid=5000 gid=5000 home=/home/vmail/%d/%n allow_all_users=yes
socket:
type: listen
client:
path: /var/run/dovecot/auth-client
mode: 432
user: postfix
group: postfix
master:
path: /var/run/dovecot/auth-master
mode: 384
user: vmail
What makes PostFix not greet?
If I remember correctly, postfix (and other MTA's) have begun strictly implementing the SMTP protocol to help thwart email spam.
In this case, it is possible that you're encountering the initial delay during connection. Most spammer software connects and immediately begins push data to send as many emails in as short a time possible... And if the spammer (or you) begins sending data immediately, the MTA will drop the connection. It works quite well. You have to WAIT for the greeting, which could be a moment or so, especially if postfix is trying a DNS lookup of your IP address, that takes a moment too.
The PostFix documentation of this spammer-thwarting whatchamacallit:
PostFix Pregreet Delay
Basically, wait for the 220-xxx Greeting header before typing/sending anything... otherwise PostFix will consider you a Zombie and blacklist you for a while.
Yes, this option can be turned off. I don't recommend that. If you need non-Zombie-Checking for your connections, consider using the WHITELISTED option as described here:
PostFix Permanent White/Black listing (same document, different anchor)