Forums

Resolved
0 votes
Hi All,

I get issues with the limits of current postfix version : version 2.10.1
So I look around guide to deploy fresher version.
It seams that 3.x are "possible" and many guid indicate to add a repo : http://mirrorlist.ghettoforge.org/


All of them start to remove postfix V2 using :
yum remove postfix ssmtp sendmail

Which leads to this :
================================================================================================================================================================================================================
Package Arch Version Repository Size
================================================================================================================================================================================================================
Removing:
postfix x86_64 2:2.10.1-9.el7 @clearos-centos 12 M
Removing for dependencies:
app-mail noarch 1:2.4.0-1.v7 @clearos-updates 25 k
app-mail-core noarch 1:2.4.0-1.v7 @clearos-updates 206 k
app-mail-notification-core noarch 1:2.5.0-1.v7 @clearos-updates 40 k
app-network-map-core noarch 1:2.5.9-1.v7 @clearos-updates 1.7 M
app-smtp noarch 1:2.5.8-1.v7 @clearos-updates 64 k
app-smtp-core noarch 1:2.5.8-1.v7 @clearos-updates 260 k
arpwatch x86_64 14:2.1a15-36.v7 @clearos-updates 513 k


So is there a way to upgrade postfix to V3 without "loosing" : SMTP & MAIL app ?

As all my notification email are rejected because I'm contacting SMTP server on standard port 25 :
May  8 18:30:59 home postfix/smtp[24571]: connect to gmail-smtp-in.l.google.com[173.194.76.26]:25: Connection timed out
May 8 18:30:59 home postfix/smtp[24572]: connect to gmail-smtp-in.l.google.com[173.194.76.26]:25: Connection timed out
May 8 18:31:29 home postfix/smtp[24571]: connect to alt1.gmail-smtp-in.l.google.com[142.250.153.26]:25: Connection timed out
May 8 18:31:29 home postfix/smtp[24572]: connect to alt1.gmail-smtp-in.l.google.com[142.250.153.26]:25: Connection timed out
May 8 18:31:59 home postfix/smtp[24571]: connect to alt2.gmail-smtp-in.l.google.com[142.251.9.27]:25: Connection timed out
May 8 18:31:59 home postfix/smtp[24572]: connect to alt2.gmail-smtp-in.l.google.com[142.251.9.27]:25: Connection timed out
May 8 18:32:29 home postfix/smtp[24571]: connect to alt3.gmail-smtp-in.l.google.com[142.250.150.27]:25: Connection timed out
May 8 18:32:29 home postfix/smtp[24572]: connect to alt3.gmail-smtp-in.l.google.com[142.250.150.27]:25: Connection timed out
May 8 18:32:59 home postfix/smtp[24571]: connect to alt4.gmail-smtp-in.l.google.com[74.125.200.27]:25: Connection timed out


Thanks in advance for any valuable information or advise on this subject.

Taryck.
In Mail
Sunday, May 08 2022, 04:35 PM
Share this post:
Responses (5)
  • Accepted Answer

    Sunday, May 08 2022, 05:21 PM - #Permalink
    Resolved
    0 votes
    Why do you need to remove them? Can you just do an upgrade of postfix, so:
    yum upgrade postfix
    Otherwise perhaps try:
    rpm -e postfix* --nodeps


    Why are you doing this? Is it just for ssl wrapper mode on port 465? If so, try STARTTLS on port 587 which your provider may allow instead. Otherwise you can get wrapper mode going with https://documentation.clearos.com/content:en_us:kb_howtos_smtp_authentication_to_isp#smtps_smtp_with_ssl_tls_on_port_465.

    The mail stack in ClearOS is a bit odd and does not use LMTP where you may expect it to, and instead uses some ClearOS mailfilter program. You probably have a high risk of breakage upgrading postfix, especially with its (idiosyncratic) integration with LDAP.
    The reply is currently minimized Show
  • Accepted Answer

    Sunday, May 08 2022, 07:19 PM - #Permalink
    Resolved
    0 votes
    Thinking about it, if you remove postfix, be prepared to copy back in your old master.cf and main.cf.
    The reply is currently minimized Show
  • Accepted Answer

    Monday, May 09 2022, 06:49 AM - #Permalink
    Resolved
    0 votes
    Hi Nick,

    Thanks. I've backup my .cf file.

    I don't know why The tutorials told to remove them but I guess it's because package named postfix3 instead of postfix.

    I was able to remove the postfix and install postfix3

    However I still have timeout on port 25 for google smtp.

    I do not realy use the mail app I just need to be able to send notification email to alert me on issues on the server. So I don't think i'm using ldap integration at all.

    I'll try your hack if I do not have any other option but at first I would like to keep track of the sender root or aprwatch or ...
    and I do not which (if I can avoid it) to hide them behind my IPS email
    The reply is currently minimized Show
  • Accepted Answer

    Monday, May 09 2022, 08:20 AM - #Permalink
    Resolved
    0 votes
    You should be able to relay via GMail with STARTTLS on port 587. You certainly used to be able to, but recently in the last month or so, they have been changing their security model so I am not sure what they permit now. Have a look at http://mmogilvi.users.sourceforge.net/software/oauthbearer.html if you cannot use "Less Secure Apps" in GMail. Or switch to relaying vis a free service such as DuoCircle for up to 1000 e-mails/month.
    The reply is currently minimized Show
  • Accepted Answer

    Monday, May 09 2022, 05:05 PM - #Permalink
    Resolved
    0 votes
    Hi Nick,

    I do not want to use ISP or GMAIL service for sending.
    I'm sending from my own domain a message to a gmail adress.

    The error comes from postfix who constanly try to contact port 25 in order to see if the target SMTP server support TLS.
    I don't know why but because Google no longer responding on port 25 the sending process stop here what ever I configure on postfix this damn software still try to connect on port 25 !

    After a new try I realize that this is a new FW rules that my IPS add to the internet box :
    Block all traffic on port 25 & 445
    What a brillant idea... :-/
    So big loss of time !
    The reply is currently minimized Show
Your Reply