Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Postfix - antispam and relay package

    Scheduled Pinned Locked Moved pfSense Packages
    855 Posts 136 Posters 1.4m Views 2 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • marcellocM Offline
      marcelloc
      last edited by

      @Bismarck:

      Hello marcelloc, will

      /usr/sbin/pkg_add -r p5-perl-ldap

      still work with 2.2/10.1?

      On freebsd 10, use pkg add instead of pkg_add

      Treinamentos de Elite: http://sys-squad.com

      Help a community developer! ;D

      1 Reply Last reply Reply Quote 0
      • BismarckB Offline
        Bismarck
        last edited by

        Thanks marcelloc, always appreciated.

        https://doc.pfsense.org/index.php/Installing_FreeBSD_Packages#pfSense_2.2

        1 Reply Last reply Reply Quote 0
        • H Offline
          hrtraveler
          last edited by

          Having problems with Postfix Forwarder after upgrading to pfSense 2.2 (worked fine on 2.15 immediately before upgrading).

          Mail no longer goes out, and client give a time out message.  Testing though WebGui > Diagnostics > Test Port I can make a connection on port 25 and I don't see anything in the firewall log that would make me believe that this is a firewall issue, therefore I'm left with Postfix.

          Upon restarting Postfix I get the following in the log.

          Jan 24 16:54:33	postfix/postfix-script[55658]: stopping the Postfix mail system
          Jan 24 16:54:33	postfix/master[81995]: terminating on signal 15
          Jan 24 16:54:35	postfix/postfix-script[87134]: warning: not owned by root: /var/spool/postfix
          Jan 24 16:54:35	postfix/postfix-script[91266]: starting the Postfix mail system
          Jan 24 16:54:35	postfix/master[96254]: daemon started -- version 2.11.3, configuration /usr/local/etc/postfix
          Jan 24 16:54:35	postfix/master[96254]: warning: process /usr/local/libexec/postfix/pickup pid 96570 exit status 1
          Jan 24 16:54:35	postfix/master[96254]: warning: /usr/local/libexec/postfix/pickup: bad command startup -- throttling
          Jan 24 16:54:35	postfix/master[96254]: warning: process /usr/local/libexec/postfix/qmgr pid 96714 exit status 1
          Jan 24 16:54:35	postfix/master[96254]: warning: /usr/local/libexec/postfix/qmgr: bad command startup -- throttling
          

          and then the following appears in the log on an ongoing basis (every minute or so)

          Jan 24 16:57:35	postfix/master[96254]: warning: process /usr/local/libexec/postfix/pickup pid 50520 exit status 1
          Jan 24 16:57:35	postfix/master[96254]: warning: /usr/local/libexec/postfix/pickup: bad command startup -- throttling
          Jan 24 16:57:35	postfix/master[96254]: warning: process /usr/local/libexec/postfix/qmgr pid 50792 exit status 1
          Jan 24 16:57:35	postfix/master[96254]: warning: /usr/local/libexec/postfix/qmgr: bad command startup -- throttling
          

          Finally when I connect on port 25 is see the following

          Jan 24 17:00:22	postfix/master[96254]: warning: process /usr/local/libexec/postfix/smtpd pid 94067 exit status 1
          Jan 24 17:00:22	postfix/master[96254]: warning: /usr/local/libexec/postfix/smtpd: bad command startup -- throttling
          

          I've tried reinstalling the package, though that didn't resolve the issue.  Postfix is the only package I have installed.

          Thanks for your help.

          1 Reply Last reply Reply Quote 0
          • marcellocM Offline
            marcelloc
            last edited by

            May be related to pfsense 2.2 security sysctrl option to do not allow non root users to listen on low ports.

            Try to listen postfix on a high port(>1024) and nat 25 to it.(similar procedure while using carp).

            It was fixed some weeks ago on squid package but it looks like something has changed or I've missed something on my tests.

            Treinamentos de Elite: http://sys-squad.com

            Help a community developer! ;D

            1 Reply Last reply Reply Quote 0
            • H Offline
              hrtraveler
              last edited by

              I moved to port 1050, but no change:

              Jan 24 18:41:43	postfix/master[4057]: warning: process /usr/local/libexec/postfix/pickup pid 84681 exit status 1
              Jan 24 18:41:43	postfix/master[4057]: warning: /usr/local/libexec/postfix/pickup: bad command startup -- throttling
              Jan 24 18:41:43	postfix/master[4057]: warning: process /usr/local/libexec/postfix/qmgr pid 84757 exit status 1
              Jan 24 18:41:43	postfix/master[4057]: warning: /usr/local/libexec/postfix/qmgr: bad command startup -- throttling
              Jan 24 18:41:50	postfix/master[4057]: warning: process /usr/local/libexec/postfix/smtpd pid 84802 exit status 1
              Jan 24 18:41:50	postfix/master[4057]: warning: /usr/local/libexec/postfix/smtpd: bad command startup -- throttling
              

              Same thing if I connect directly to port 1050 or via the NAT rule from port 25.

              1 Reply Last reply Reply Quote 0
              • B Offline
                biggsy
                last edited by

                Same problem reported here last month - but I've just realized that I posted it in the 2.2 snapshots area.

                1 Reply Last reply Reply Quote 0
                • V Offline
                  vc6SfV8
                  last edited by

                  I am also experiencing the same problem as hrtraveler after upgrading to 2.2.

                  1 Reply Last reply Reply Quote 0
                  • marcellocM Offline
                    marcelloc
                    last edited by

                    I've updated database log integration from sqlite2 to sqlite3 but if I send a pull request for it then postfix will not work on 2.1.

                    So until we find a way to fix it on current pfsense 2.2 pbi, I suggest to use postfix on 2.1(as a server for exemple on virtual machine)

                    Treinamentos de Elite: http://sys-squad.com

                    Help a community developer! ;D

                    1 Reply Last reply Reply Quote 0
                    • T Offline
                      TeeJay
                      last edited by

                      Having excactly the same problem on a brand new installation. I was looking for a substitute for the Endian Comunnity FW and pfsense certainly looks very promising, but wihout postfix it will not be very usefull to me. Is there any chance this problem will be fixed in the near future?

                      1 Reply Last reply Reply Quote 0
                      • G Offline
                        guyp
                        last edited by

                        Ran into this today… Really need a quick and dirty fix until it can be fixed fully.

                        I can't roll back to the old version, as the FW is 8000 Miles away from me :(

                        1 Reply Last reply Reply Quote 0
                        • H Offline
                          hrtraveler
                          last edited by

                          @guyp:

                          Ran into this today… Really need a quick and dirty fix until it can be fixed fully.

                          I can't roll back to the old version, as the FW is 8000 Miles away from me :(

                          I was able to get it running by installing the standard FreeBSD package > 'pkg install Postfix' or 'pkg install postfix-tls'.

                          Couple things to keep in mind; this places the configuration files in a different location and therefore the webGUI tools for editing the configuration no longer work, nor do the monitoring tools as far as I can tell, in addition the pfsense pkg has Cyrus SASL compiled in so if you fix the dependencies and add the missing libraries it will allow you to forward mail through google (for example), or any server which requires such and encrypted connection, neither of the standard packages for FreeBSD have this compiled in, so it won't work.

                          If you need Cyrus SASL you can download the latest postfix-tls source to a FreeBSD 10.1 development machine and compile it in.

                          1 Reply Last reply Reply Quote 0
                          • thedaveCAT Offline
                            thedaveCA
                            last edited by

                            Any news for 2.2 support or is this still broken?

                            1 Reply Last reply Reply Quote 0
                            • marcellocM Offline
                              marcelloc
                              last edited by

                              @The:

                              Any news for 2.2 support or is this still broken?

                              Not yet. Pbi is the worst place to find and fix issues. It needs both Pfsense team and package developed free time to check build options,dependencies, lib dirs,etc…

                              Treinamentos de Elite: http://sys-squad.com

                              Help a community developer! ;D

                              1 Reply Last reply Reply Quote 0
                              • T Offline
                                t.hollenbeck
                                last edited by

                                @The:

                                Any news for 2.2 support or is this still broken?

                                I have the same problem. Is there a plan, where is the bug fixed?

                                1 Reply Last reply Reply Quote 0
                                • S Offline
                                  snm777
                                  last edited by

                                  I just had a co-worker upgrade to 2.2 on a production machine and encountered this issue.  I've suggested rolling back to a snapshot, assuming he has one.  if this isn't fixed yet, does anyone have a workaround? I assume that the spool NEEDS to be owned by postfix and not root, and that changing permissions on the spool file will just make things worse?

                                  1 Reply Last reply Reply Quote 0
                                  • C Offline
                                    capitangiaco
                                    last edited by

                                    I was able to get it running by installing the standard FreeBSD package > 'pkg install Postfix' or 'pkg install postfix-tls'.

                                    Couple things to keep in mind; this places the configuration files in a different location and therefore the webGUI tools for editing the configuration no longer work, nor do the monitoring tools as far as I can tell, in addition the pfsense pkg has Cyrus SASL compiled in so if you fix the dependencies and add the missing libraries it will allow you to forward mail through google (for example), or any server which requires such and encrypted connection, neither of the standard packages for FreeBSD have this compiled in, so it won't work.

                                    If you need Cyrus SASL you can download the latest postfix-tls source to a FreeBSD 10.1 development machine and compile it in.

                                    pkg install Postfix
                                    cd /usr/local/etc/postfix
                                    ln -fs /usr/pbi/postfix/etc/postfix/ <conf files="">It seems to work!

                                    I cannot test mailscanner cause I've trouble with php after the upgrade:
                                    [18-Feb-2015 13:17:51 Europe/Rome] PHP Fatal error:  Cannot redeclare platform_booting() (previously declared in /etc/inc/globals.inc:168) in /etc/inc/globals.inc on line 176

                                    _function platform_booting($on_console = false) {
                                            global $g;

                                    if ($g['booting'] || file_exists("{$g['varrun_path']}/booting"))
                                                    if ($on_console == false || php_sapi_name() != 'fpm-fcgi')
                                                            return true;

                                    return false;
                                    }_

                                    the mailscanner pkg istallation stops itself with this error.

                                    Giaco</conf>

                                    1 Reply Last reply Reply Quote 0
                                    • C Offline
                                      capitangiaco
                                      last edited by

                                      found this:
                                      https://github.com/pfsense/pfsense-packages/commit/e8f9ffe9459a922375e43472d13246d3d356e60e
                                      I am now able to remove and reinstall mailscanner.

                                      Giaco

                                      1 Reply Last reply Reply Quote 0
                                      • D Offline
                                        dreadnought
                                        last edited by

                                        Argh… upgraded to 2.2, postfix forwarder down in flames along with our email. Not a trivial matter.

                                        Tried (trying?) to restore a full 2.1.5 backup and the GUI is a mess and things (including postfix forwarder) still seem broken.

                                        Selecting OpenVPN results in:

                                        Fatal error: Call-time pass-by-reference has been removed in /usr/local/www/vpn_openvpn_server.php on line 333

                                        Selecting postfix forwarder results in:

                                        Fatal error: Call-time pass-by-reference has been removed in /usr/local/www/pkg_edit.php on line 143

                                        Main page shows 2.1.5-RELEASE (amd64) as well as the "Packages are currently being reinstalled in the background." which doesn't seem to actually mean anything.

                                        Has anyone been successful restoring a full backup (2.1.5?) after encountering the borked postfix forwarder on 2.2?

                                        1 Reply Last reply Reply Quote 0
                                        • D Offline
                                          dreadnought
                                          last edited by

                                          When I try to reboot our Netgate chimes as if it's going to reboot, but then this appears:

                                          Fatal error: Call-time pass-by-reference has been removed in /etc/inc/shaper.inc on line 395

                                          So it seems as if we can't reboot either.

                                          1 Reply Last reply Reply Quote 0
                                          • D Offline
                                            dreadnought
                                            last edited by

                                            For the benefit of others running into this issue… rebooting and halting the system did not work, even though they triggered the reboot and halt chimes on our Netgate running pfsense. After a hard reboot (and some praying) our services, including postfix forwarder and OpenVPN, began working again under the restored 2.1.5.

                                            1 Reply Last reply Reply Quote 0
                                            • First post
                                              Last post
                                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.