Contenu | Rechercher | Menus

Annonce

Si vous avez des soucis pour rester connecté, déconnectez-vous puis reconnectez-vous depuis ce lien en cochant la case
Me connecter automatiquement lors de mes prochaines visites.

À propos de l'équipe du forum.

Pages : 1

#1 Le 18/01/2018, à 22:30

openmotion

postfix problème de connection starttls

bonjour

j'installe postfix sur un serveur, leproblème c'est que quand je me connecte en starttls j'ai l'erreur suivante dans les logs de postfix

 imap-login: Error: Failed to initialize SSL server context: Couldn't parse DH parameters: error:0906D06C:PEM routines:PEM_read_bio:no start line: Expecting: DH PARAMETERS:

mon fichier de conf main.cf

queue_directory = /var/spool/postfix
command_directory = /usr/bin
daemon_directory = /usr/lib/postfix/bin
data_directory = /var/lib/postfix
mail_owner = postfix
unknown_local_recipient_reject_code = 550
debug_peer_level = 10
#debug_peer_list = 127.0.0.1
debugger_command =
	 PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
	 ddd $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/sbin/sendmail
newaliases_path = /usr/bin/newaliases
mailq_path = /usr/bin/mailq
setgid_group = postdrop
html_directory = no
manpage_directory = /usr/share/man
sample_directory = /etc/postfix/sample
readme_directory = no

myhostname = mail
#myorigin = localhost
mydestination = localhost, localhost.localdomain
mynetworks_style = host
relay_domains = $mydestination
#relayhost = localhost
mynetworks =xxx.xxx.xxx.xxx/32, 127.0.0.0/8, xxx.xxx.xxx.xxx/32

alias_maps = hash:/etc/postfix/aliases
alias_database = $alias_maps

smtpd_banner = $myhostname ESMTP $mail_name
biff = no
append_dot_mydomain = no
readme_directory = no
#smtpd_tls_cert_file = /etc/postfix/smtpd.cert
#smtpd_tls_key_file = /etc/postfix/smtpd.key

#/data/certificate/postfix

smtpd_tls_cert_file = /etc/postfix/smtpd.cert
smtpd_tls_key_file = /etc/postfix/smtpd.key

smtpd_use_tls = yes
smtpd_tls_mandatory_protocols = SSLv3, TLSv1
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
mailbox_size_limit = 0
message_size_limit = 104857600
recipient_delimiter = +
inet_protocols = ipv4
inet_interfaces = xxx.xxx.xxx.xxx, 127.0.0.1
smtp_bind_address = xxx.xxx.xxx.xxx
transport_maps = hash:/etc/postfix/transport
virtual_alias_domains =
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql/mysql_virtual_alias_maps.cf, proxy:mysql:/etc/postfix/mysql/mysql_virtual_alias_domain_maps.cf, proxy:mysql:/etc/postfix/mysql/mysql_virtual_alias_domain_catchall_maps.cf
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql/mysql_virtual_domains_maps.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql/mysql_virtual_mailbox_maps.cf, proxy:mysql:/etc/postfix/mysql/mysql_virtual_alias_domain_mailbox_maps.cf
virtual_mailbox_limit_maps = mysql:/etc/postfix/mysql_virtual_mailbox_limit_maps.cf
#virtual_create_maildirsize = yes
#virtual_mailbox_extended = yes
#virtual_mailbox_limit_override = yes
#virtual_overquota_bounce = yes
#virtual_maildir_limit_message = "La boite e-mail de votre correspondant est pleine, veuillez ré-essayer plus tard."
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps
virtual_mailbox_base = /data/mail
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
#smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination,reject_unknown_sender_domain,reject_rbl_client zen.spamhaus.org,reject_rbl_client list.dsbl.org,check_policy_service inet:127.0.0.1:10030

#smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination,reject_unknown_sender_domain
virtual_transport = dovecot
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
#smtpd_tls_auth_only = yes
#smtpd_tls_auth_only = no
#content_filter = smtp-amavis:[127.0.0.1]:10024
receive_override_options = no_address_mappings

dovecot_destination_recipient_limit = 1
dovecot_destination_concurrency_limit = 200
dovecot_destination_rate_delay = 0

smtp_destination_recipient_limit = 50
smtp_destination_concurrency_limit = 200
smtp_destination_rate_delay = 0

local_destination_concurrency_limit = 200

default_destination_recipient_limit = 50
default_destination_concurrency_limit = 200
default_destination_rate_delay = 0

slow_destination_recipient_limit = 10
slow_destination_concurrency_limit = 3
slow_destination_rate_delay = 1
smtpd_error_sleep_time = 0
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated 	    defer_unauth_destination

smtpd_client_restrictions = 
	permit_mynetworks,
	permit_sasl_authenticated,
	#reject_rbl_client sbl-xbl.spamhaus.org,
	#reject_rbl_client bl.spamcop.net
	#reject_rbl_client dnsbl.justspam.org
	permit
smtpd_error_sleep_time = 1s
smtpd_soft_error_limit = 10
smtpd_hard_error_limit = 20
smtpd_client_connection_count_limit = 1000
smtpd_client_connection_rate_limit = 600
default_process_limit = 5000

Dernière modification par openmotion (Le 18/01/2018, à 22:33)

Hors ligne

#2 Le 19/01/2018, à 09:28

bruno

Re : postfix problème de connection starttls

Bonjour,

Au vu du message d'erreur c'est un problème avec la configuration de dovecot. Il faut que tu indiques ta version d'Ubuntu, ta version de dovecot et le contenu du fichier de configuration de dovecot 10-ssl.conf (au moins les directives concernant DH, Diffie-Hellman).

En ligne

Pages : 1