Добрый день, я уже не могу представить где искать решение этой проблемы, куб пишет ошибка 250 подключение к smtp
tail /var/log/maillog
Feb 4 09:56:16 mail postfix/submission/smtpd[10128]: connect from localhost[127.0.0.1]
Feb 4 09:56:16 mail postfix/submission/smtpd[10128]: disconnect from localhost[127.0.0.1]
[root@mail ~]# postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
anvil_rate_time_unit = 60s
bounce_queue_lifetime = 1d
broken_sasl_auth_clients = no
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 4
debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5
disable_vrfy_command = yes
dovecot_destination_recipient_limit = 1
html_directory = no
inet_interfaces = all
inet_protocols = ipv4
mail_owner = postfix
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
maximal_queue_lifetime = 1d
message_size_limit = 20000000
milter_default_action = accept
milter_protocol = 2
mydestination = $myhostname, localhost.$mydomain, localhost
mydomain = exam.org
myhostname = mail.exam.org
mynetworks = 192.168.0.0/16, 127.0.0.0/8
myorigin = $myhostname
newaliases_path = /usr/bin/newaliases.postfix
non_smtpd_milters = $smtpd_milters
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.10.1/README_FILES
recipient_bcc_maps = hash:/etc/postfix/recipient_bcc_maps
relay_domains = mysql:/etc/postfix/mysql/relay_domains.cf
sample_directory = /usr/share/doc/postfix-2.10.1/samples
sender_bcc_maps = hash:/etc/postfix/sender_bcc_maps
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtp_always_send_ehlo = yes
smtp_tls_security_level = may
smtp_tls_session_cache_database = btree:$data_directory/smtp_tls_session_cache
smtpd_banner = $myhostname ESMTP $mail_name
smtpd_client_connection_count_limit = 20
smtpd_client_connection_limit_exceptions = 127.0.0.0/8
smtpd_client_connection_rate_limit = 30
smtpd_client_event_limit_exceptions = 127.0.0.0/8
smtpd_client_message_rate_limit = 30
smtpd_data_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_pipelining, reject_multi_recipient_bounce
smtpd_delay_reject = yes
smtpd_discard_ehlo_keywords = etrn, silent-discard
smtpd_error_sleep_time = 20
smtpd_forbidden_commands = CONNECT GET POST
smtpd_hard_error_limit = 15
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_helo_hostname, reject_invalid_helo_hostname
smtpd_milters = inet:127.0.0.1:8891
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_unknown_recipient_domain, reject_unauth_destination, reject_multi_recipient_bounce
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = private/dovecot-auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_sender_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_sender, reject_unknown_sender_domain
smtpd_soft_error_limit = 10
smtpd_tls_cert_file = /etc/postfix/certs/cert.pem
smtpd_tls_key_file = /etc/postfix/certs/key.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_security_level = may
smtpd_tls_session_cache_timeout = 3600s
soft_bounce = no
tls_random_source = dev:/dev/urandom
unknown_local_recipient_reject_code = 550
virtual_alias_maps = mysql:/etc/postfix/mysql/virtual_alias_maps.cf, mysql:/etc/postfix/mysql/virtual_alias_domain_maps.cf
virtual_gid_maps = static:1000
virtual_mailbox_base = /sdb/mail
virtual_mailbox_domains = mysql:/etc/postfix/mysql/virtual_mailbox_domains.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql/virtual_mailbox_maps.cf
virtual_minimum_uid = 1000
virtual_transport = dovecot
virtual_uid_maps = static:1000
[root@mail ~]# cat /etc/postfix/master.cf
#
# Postfix master process configuration file. For details on the format
# of the file, see the master(5) manual page (command: "man 5 master").
#
# Do not forget to execute "postfix reload" after editing this file.
#
# ==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
# ==========================================================================
smtp inet n - n - - smtpd
#smtp inet n - n - 1 postscreen
#smtpd pass - - n - - smtpd
#dnsblog unix - - n - 0 dnsblog
#tlsproxy unix - - n - 0 tlsproxy
submission inet n - n - - smtpd
-o syslog_name=postfix/submission
-o smtpd_tls_wrappermode=no
-o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
# -o smtpd_reject_unlisted_recipient=no
# -o smtpd_client_restrictions=$mua_client_restrictions
# -o smtpd_helo_restrictions=$mua_helo_restrictions
# -o smtpd_sender_restrictions=$mua_sender_restrictions
-o smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
-o smtpd_relay_restrictions=permit_mynetworks,permit_sasl_authenticated,defer_unauth_destination
-o milter_macro_daemon_name=ORIGINATING
smtps inet n - n - - smtpd
-o syslog_name=postfix/smtps
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
# -o smtpd_reject_unlisted_recipient=no
# -o smtpd_client_restrictions=$mua_client_restrictions
# -o smtpd_helo_restrictions=$mua_helo_restrictions
# -o smtpd_sender_restrictions=$mua_sender_restrictions
-o smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
-o smtpd_relay_restrictions=permit_mynetworks,permit_sasl_authenticated,defer_unauth_destination
-o milter_macro_daemon_name=ORIGINATING
#628 inet n - n - - qmqpd
pickup unix n - n 60 1 pickup
cleanup unix n - n - 0 cleanup
qmgr unix n - n 300 1 qmgr
#qmgr unix n - n 300 1 oqmgr
tlsmgr unix - - n 1000? 1 tlsmgr
rewrite unix - - n - - trivial-rewrite
bounce unix - - n - 0 bounce
defer unix - - n - 0 bounce
trace unix - - n - 0 bounce
verify unix - - n - 1 verify
flush unix n - n 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - n - - smtp
relay unix - - n - - smtp
# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq unix n - n - - showq
error unix - - n - - error
retry unix - - n - - error
discard unix - - n - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
anvil unix - - n - 1 anvil
scache unix - - n - 1 scache
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# Many of the following services use the Postfix pipe(8) delivery
# agent. See the pipe(8) man page for information about ${recipient}
# and other message envelope options.
# ====================================================================
#
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
#maildrop unix - n n - - pipe
# flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
#
# ====================================================================
#
# Recent Cyrus versions can use the existing "lmtp" master.cf entry.
#
# Specify in cyrus.conf:
# lmtp cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4
#
# Specify in main.cf one or more of the following:
# mailbox_transport = lmtp:inet:localhost
# virtual_transport = lmtp:inet:localhost
#
# ====================================================================
#
# Cyrus 2.1.5 (Amos Gouaux)
# Also specify in main.cf: cyrus_destination_recipient_limit=1
#
#cyrus unix - n n - - pipe
# user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -r ${sender} -m ${extension} ${user}
#
# ====================================================================
#
# Old example of delivery via Cyrus.
#
#old-cyrus unix - n n - - pipe
# flags=R user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -m ${extension} ${user}
#
# ====================================================================
#
# See the Postfix UUCP_README file for configuration details.
#
#uucp unix - n n - - pipe
# flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
#
# ====================================================================
#
# Other external delivery methods.
#
#ifmail unix - n n - - pipe
# flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
#
#bsmtp unix - n n - - pipe
# flags=Fq. user=bsmtp argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient
#
#scalemail-backend unix - n n - 2 pipe
# flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store
# ${nexthop} ${user} ${extension}
#
#mailman unix - n n - - pipe
# flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
# ${nexthop} ${user}
dovecot unix - n n - - pipe
flags=DRhu user=vmail:vmail argv=/usr/libexec/dovecot/deliver -f ${sender} -d ${recipient}
[root@mail ~]# cat /var/www/html/webmail/config/config.inc.php
<?php
/* Local configuration for Roundcube Webmail */
// ----------------------------------
// SQL DATABASE
// ----------------------------------
// Database connection string (DSN) for read+write operations
// Format (compatible with PEAR MDB2): db_provider://user:password@host/database
// Currently supported db_providers: mysql, pgsql, sqlite, mssql, sqlsrv, oracle
// For examples see http://pear.php.net/manual/en/package.database.mdb2.intro-dsn.php
// Note: for SQLite use absolute path (Linux): 'sqlite:////full/path/to/sqlite.db?mode=0646'
// or (Windows): 'sqlite:///C:/full/path/to/sqlite.db'
// Note: Various drivers support various additional arguments for connection,
// for Mysql: key, cipher, cert, capath, ca, verify_server_cert,
// for Postgres: application_name, sslmode, sslcert, sslkey, sslrootcert, sslcrl, sslcompression, service.
// e.g. 'mysql://roundcube:@localhost/roundcubemail?verify_server_cert=false'
$config['db_dsnw'] = 'mysql://roundcube:roundcube654321@localhost/roundcubemail';
// ----------------------------------
// IMAP
// ----------------------------------
// The IMAP host chosen to perform the log-in.
// Leave blank to show a textbox at login, give a list of hosts
// to display a pulldown menu or set one host as string.
// Enter hostname with prefix ssl:// to use Implicit TLS, or use
// prefix tls:// to use STARTTLS.
// Supported replacement variables:
// %n - hostname ($_SERVER['SERVER_NAME'])
// %t - hostname without the first part
// %d - domain (http hostname $_SERVER['HTTP_HOST'] without the first part)
// %s - domain name after the '@' from e-mail address provided at login screen
// For example %n = mail.domain.tld, %t = domain.tld
// WARNING: After hostname change update of mail_host column in users table is
// required to match old user data records with the new host.
$config['default_host'] = 'localhost';
// ----------------------------------
// SMTP
// ----------------------------------
// SMTP server host (for sending mails).
// Enter hostname with prefix ssl:// to use Implicit TLS, or use
// prefix tls:// to use STARTTLS.
// Supported replacement variables:
// %h - user's IMAP hostname
// %n - hostname ($_SERVER['SERVER_NAME'])
// %t - hostname without the first part
// %d - domain (http hostname $_SERVER['HTTP_HOST'] without the first part)
// %z - IMAP domain (IMAP hostname without the first part)
// For example %n = mail.domain.tld, %t = domain.tld
$config['smtp_server'] = '';
// provide an URL where a user can get support for this Roundcube installation
// PLEASE DO NOT LINK TO THE ROUNDCUBE.NET WEBSITE HERE!
$config['support_url'] = '';
// This key is used for encrypting purposes, like storing of imap password
// in the session. For historical reasons it's called DES_key, but it's used
// with any configured cipher_method (see below).
$config['des_key'] = 's9Pw76uUkLzE8JQCN4S2YmO4';
// ----------------------------------
// PLUGINS
// ----------------------------------
// List of active plugins (in plugins/ directory)
$config['plugins'] = array('acl', 'example_addressbook', 'managesieve', 'password', 'userinfo', 'zipdownload');
// the default locale setting (leave empty for auto-detection)
// RFC1766 formatted language name like en_US, de_DE, de_CH, fr_FR, pt_BR
$config['language'] = 'ru_RU';
cat /var/www/html/webmail/logs/errors.log
[04-Feb-2020 09:56:16 +0300]: <3cc076kv> SMTP Error: Authentication failure: SMTP server does not support authentication (Code: ) in /var/www/html/webmail/program/lib/Roundcube/rcube.php on line 1689 (POST /webmail/?_task=mail&_unlock=loading1580799371477&_framed=1&_lang=ru&_action=send)
[root@mail ~]# openssl s_client -starttls smtp -connect localhost:587
CONNECTED(00000003)
depth=0 C = RU, ST = exam, L = Exam, O = exam, OU = exam, CN = mail.exam.org, emailAddress = root@exam.org
verify error:num=18:self signed certificate
verify return:1
depth=0 C = RU, ST = exam, L = Exam, O = exam, OU = exam, CN = mail.exam.org, emailAddress = root@exam.org
verify return:1
---
Certificate chain
0 s:/C=RU/ST=LG/L=Exam/O=exam/OU=exam/CN=mail.exam.org/emailAddress=root@exam.org
i:/C=RU/ST=LG/L=Exam/O=exam/OU=exam/CN=mail.exam.org/emailAddress=root@exam.org
---
Server certificate
-----BEGIN CERTIFICATE-----
MIID1TCCAr2gAwIBAgIJAJV0B6sfTSr1MA0GCSqGSIb3DQEBCwUAMIGAMQswCQYD
VQQGEwJSVTELMAkGA1UECAwCTEcxEDAOBgNVBAcMB0x1Z2Fuc2sxDTALBgNVBAoM
BGx0c3UxDTALBgNVBAsMBGx0c3UxFjAUBgNVBAMMDW1haWwubHRzdS5vcmcxHDAa
BgkqhkiG9w0BCQEWDXJvb3RAbHRzdS5vcmcwHhcNMjAwMjAzMTExMTM2WhcNMzAw
MTMxMTExMTM2WjCBgDELMAkGA1UEBhMCUlUxCzAJBgNVBAgMAkxHMRAwDgYDVQQH
DAdMdWdhbnNrMQ0wCwYDVQQKDARsdHN1MQ0wCwYDVQQLDARsdHN1MRYwFAYDVQQD
DA1tYWlsLmx0c3Uub3JnMRwwGgYJKoZIhvcNAQkBFg1yb290QGx0c3Uub3JnMIIB
IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQxkV8PUkSc/imUhf+7QzK+V
986LrsfKpVgfhdvv+wpXMbhIU88ffEouTsiSy+fmvcDy5kdKuRymQHLCQEpTr6M1
TpunTw7F9RVxTYO7apyGJIIyLGvz6wVMsnZxBVQhJCPW0qRhzXY1j/oxmZ9DyjuS
PCBOG9QsEwyMSbyVbtWMXLJBGPjpH8Guu6KrSPMr9ZlpbdObROf6JPoJhFLlTxyL
3GlsM33fSOLm2U3ZveE0TxsgqLzI2zo7Z2mqpjOlM3oAK5adIv0hcEFRn8MFr0+L
CK/BsdcOjDDY88PvPQ0PUq+G7QVkiBRQJ89SHiv95ljaWhuXpVoThTAozc0sEQID
AQABo1AwTjAdBgNVHQ4EFgQULvtPMMzkiwbG06ZQD6+b3cRYFmgwHwYDVR0jBBgw
FoAULvtPMMzkiwbG06ZQD6+b3cRYFmgwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0B
AQsFAAOCAQEAPI+TD5Gjek4f+Ujte5euvqFCQR+sOify6QQU88X7NvD6GrcSzW+k
zcSX4vyp85BXuMSfiyL04Zptqtkgf3fF7MOjhv6VLaRs365N6Uwle8XnKD/G3kJT
ExmP/MLadB2N390nrER5Nm2uApdyvYplXRn8TqCRqlhFRtSXjkXgUbOJUidLSM+Q
MSpbvglPyagDlthHZNA/eND4OZgq97k1BELWFAoxn1U6Ba9o9Jhsyz+jumRh+lUs
HUKnejIYjwmQf0+0jRlwu893wo/910Zc9nzM8CJdHm07oQq2UUE5QB9Qj6vKsnPm
caziLlImcwEYGdP9aXQpVwwrTGtABZfL3w==
-----END CERTIFICATE-----
subject=/C=RU/ST=LG/L=Exam/O=exam/OU=exam/CN=mail.exam.org/emailAddress=root@exam.org
issuer=/C=RU/ST=LG/L=Exam/O=exam/OU=exam/CN=mail.exam.org/emailAddress=root@exam.org
---
No client certificate CA names sent
Peer signing digest: SHA512
Server Temp Key: ECDH, P-256, 256 bits
---
SSL handshake has read 1823 bytes and written 450 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES256-GCM-SHA384
Session-ID: CA6F1666A484F379B28F9D9CB4A0246661DADD1A7E3523EF5BF4D649CC3D19C1
Session-ID-ctx:
Master-Key: 3510D27BF58BB6E305D60454D29B5A44BB29524AEA0DBD47E9E08E9A12A2E7736002DDD3C302D9DAF00C0A5AD8B7C829
Key-Arg : None
Krb5 Principal: None
PSK identity: None
PSK identity hint: None
TLS session ticket lifetime hint: 3600 (seconds)
TLS session ticket:
0000 - 4b 16 2f db 2c 15 04 7a-5d 44 00 de 46 76 c1 6d K./.,..z]D..Fv.m
0010 - 64 fb 60 99 54 56 c7 f6-8d 53 a0 2e 9c 72 31 e1 d.`.TV...S...r1.
0020 - b1 18 5a dd b3 fd a6 4e-12 ad 97 a2 84 c6 65 38 ..Z....N......e8
0030 - bc 16 1c 58 0d 84 5e 12-58 d0 c0 fa 10 24 7a 05 ...X..^.X....$z.
0040 - f7 92 df d6 7d d7 29 8e-50 df 27 cd 23 a6 46 55 ....}.).P.'.#.FU
0050 - bc bc a6 31 03 bc 7d 6e-d3 36 6c 9a 64 75 fe 2b ...1..}n.6l.du.+
0060 - b3 65 fe 4b f6 7b 7f ed-17 65 b8 62 9c 20 cd dc .e.K.{...e.b. ..
0070 - 7f 7b 38 79 90 71 ae d4-9d 3b 8e ec 3c ef d5 08 .{8y.q...;..<...
0080 - 49 41 f1 0f ab 44 e2 05-16 e6 85 18 a5 73 8e d2 IA...D.......s..
0090 - e9 14 b5 2c c5 8e d8 00-54 dc a3 dd 83 8f e9 dc ...,....T.......
Start Time: 1580800026
Timeout : 300 (sec)
Verify return code: 18 (self signed certificate)
---
250 DSN
ehlo localhost
250-mail.exam.org
250-PIPELINING
250-SIZE 20000000
250-AUTH PLAIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
^C