==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 1.0
- Deployed with iRedMail Easy or the downloadable installer? Installer
- Linux/BSD distribution name and version: Linux Ubuntu 18.04 LTS
- Store mail accounts in which backend (LDAP/MySQL/PGSQL):  MySQL
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? no
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

Hello.

My server was working fine until I log in and fail several time for a user account trough /mail url.

After that my server crashed. I can't get to any of the url, /ireadmin or /mail. All serves status are ok... restarted server, stop and restart service and nothing.

The mail log dont show any error trace.

BTW I have a similar mirror server, just different host name. That one is working fine.

Feb  8 00:18:19 mail postfix/submission/smtpd[4163]: warning: hostname zg-0131a-256.stretchoid.com does not resolve to address 162.243.129.77: Name or service not known
Feb  8 00:18:19 mail postfix/submission/smtpd[4163]: connect from unknown[162.243.129.77]
Feb  8 00:18:19 mail postfix/submission/smtpd[4163]: disconnect from unknown[162.243.129.77] ehlo=1 quit=1 commands=2
Feb  8 00:21:40 mail postfix/anvil[4165]: statistics: max connection rate 1/60s for (submission:162.243.129.77) at Feb  8 00:18:19
Feb  8 00:21:40 mail postfix/anvil[4165]: statistics: max connection count 1 for (submission:162.243.129.77) at Feb  8 00:18:19
Feb  8 00:21:40 mail postfix/anvil[4165]: statistics: max cache size 1 at Feb  8 00:18:19
Feb  8 01:16:18 mail postfix/postscreen[6354]: CONNECT from [51.161.13.222]:33454 to [172.26.0.21]:25
Feb  8 01:16:18 mail postfix/postscreen[6354]: PREGREET 192 after 0 from [51.161.13.222]:33454: \026\003\001\000\273\001\000\000\267\003\003;\372\342i\272Q\022\360\230!\332K1+\003j\253$\343\366\27
Feb  8 01:16:18 mail postfix/postscreen[6354]: DISCONNECT [51.161.13.222]:33454
Feb  8 01:16:18 mail postfix/postscreen[6354]: cache btree:/var/lib/postfix/postscreen_cache full cleanup: retained=8 dropped=1 entries
Feb  8 01:16:18 mail postfix/dnsblog[6356]: addr 51.161.13.222 listed by domain zen.spamhaus.org as 127.0.0.4
Feb  8 02:30:02 mail postfix/postfix-script[9148]: refreshing the Postfix mail system
Feb  8 02:30:02 mail postfix/master[3074]: reload -- version 3.3.0, configuration /etc/postfix
Feb  8 03:30:01 mail postfix/pickup[9167]: 48DyN950YMz9dBZ: uid=0 from=<root>
Feb  8 03:30:01 mail postfix/cleanup[11616]: 48DyN950YMz9dBZ: message-id=<48DyN950YMz9dBZ@mail.bajawebsolutions.com>
Feb  8 03:30:01 mail postfix/qmgr[9168]: 48DyN950YMz9dBZ: from=<root@mail.bajawebsolutions.com>, size=1278, nrcpt=1 (queue active)
Feb  8 03:30:01 mail amavis[29204]: (29204-02) NOTICE: reconnecting in response to: err=2006, HY000, DBD::mysql::st execute failed: MySQL server has gone away at (eval 108) line 173.
Feb  8 03:30:02 mail postfix/10025/smtpd[11630]: connect from mail.bajawebsolutions.com[127.0.0.1]
Feb  8 03:30:02 mail postfix/10025/smtpd[11630]: 48DyNB3l8Mz9d69: client=mail.bajawebsolutions.com[127.0.0.1]
Feb  8 03:30:02 mail postfix/cleanup[11616]: 48DyNB3l8Mz9d69: message-id=<48DyN950YMz9dBZ@mail.bajawebsolutions.com>
Feb  8 03:30:02 mail postfix/10025/smtpd[11630]: disconnect from mail.bajawebsolutions.com[127.0.0.1] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5
Feb  8 03:30:02 mail postfix/qmgr[9168]: 48DyNB3l8Mz9d69: from=<root@mail.bajawebsolutions.com>, size=1835, nrcpt=1 (queue active)
Feb  8 03:30:02 mail amavis[29204]: (29204-02) Passed CLEAN {RelayedInbound}, [127.0.0.1] /ESMTP <root@mail.bajawebsolutions.com> -> <root@mail.bajawebsolutions.com>, (), Message-ID: <48DyN950YMz9dBZ@mail.bajawebsolutions.com>, mail_id: BcmcJtknbxgP, b: j8hgcmYXv, Hits: 0.379, size: 1278, queued_as: 48DyNB3l8Mz9d69, Subject: "Cron <root@mail> /bin/bash /var/vmail/backup/backup_mysql.sh", From: <root@mail.bajawebsolutions.com>, helo=, Tests: [NO_DNS_FOR_FROM=0.379,NO_RELAYS=-0.001,TVD_SPACE_RATIO=0.001], autolearn=no autolearn_force=no, autolearnscore=0.38, 796 ms
Feb  8 03:30:02 mail postfix/amavis/smtp[11624]: 48DyN950YMz9dBZ: to=<root@mail.bajawebsolutions.com>, orig_to=<root>, relay=127.0.0.1[127.0.0.1]:10024, delay=0.85, delays=0.03/0.01/0.01/0.8, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 48DyNB3l8Mz9d69)
Feb  8 03:30:02 mail postfix/qmgr[9168]: 48DyN950YMz9dBZ: removed
Feb  8 03:30:02 mail postfix/cleanup[11616]: 48DyNB3wsXz9dBZ: message-id=<48DyN950YMz9dBZ@mail.bajawebsolutions.com>
Feb  8 03:30:02 mail postfix/qmgr[9168]: 48DyNB3wsXz9dBZ: from=<root@mail.bajawebsolutions.com>, size=1991, nrcpt=1 (queue active)
Feb  8 03:30:02 mail postfix/local[11633]: 48DyNB3l8Mz9d69: to=<root@mail.bajawebsolutions.com>, relay=local, delay=0.03, delays=0.01/0.02/0/0.01, dsn=2.0.0, status=sent (forwarded as 48DyNB3wsXz9dBZ)
Feb  8 03:30:02 mail postfix/qmgr[9168]: 48DyNB3l8Mz9d69: removed
Feb  8 03:30:02 mail postfix/pipe[11634]: 48DyNB3wsXz9dBZ: to=<postmaster@bajawebsolutions.com>, orig_to=<root@mail.bajawebsolutions.com>, relay=dovecot, delay=0.07, delays=0/0.01/0/0.06, dsn=2.0.0, status=sent (delivered via dovecot service)
Feb  8 03:30:02 mail postfix/qmgr[9168]: 48DyNB3wsXz9dBZ: removed
Feb  8 04:01:01 mail postfix/pickup[9167]: 48Dz3x3fRLz9dBZ: uid=0 from=<root>
Feb  8 04:01:01 mail postfix/cleanup[12839]: 48Dz3x3fRLz9dBZ: message-id=<48Dz3x3fRLz9dBZ@mail.bajawebsolutions.com>
Feb  8 04:01:01 mail postfix/qmgr[9168]: 48Dz3x3fRLz9dBZ: from=<root@mail.bajawebsolutions.com>, size=842, nrcpt=1 (queue active)
Feb  8 04:01:01 mail amavis[29205]: (29205-02) NOTICE: reconnecting in response to: err=2006, HY000, DBD::mysql::st execute failed: MySQL server has gone away at (eval 108) line 173.
Feb  8 04:01:02 mail postfix/10025/smtpd[12853]: connect from mail.bajawebsolutions.com[127.0.0.1]
Feb  8 04:01:02 mail postfix/10025/smtpd[12853]: 48Dz3y0nWWz9d69: client=mail.bajawebsolutions.com[127.0.0.1]
Feb  8 04:01:02 mail postfix/cleanup[12839]: 48Dz3y0nWWz9d69: message-id=<48Dz3x3fRLz9dBZ@mail.bajawebsolutions.com>
Feb  8 04:01:02 mail postfix/10025/smtpd[12853]: disconnect from mail.bajawebsolutions.com[127.0.0.1] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5
Feb  8 04:01:02 mail postfix/qmgr[9168]: 48Dz3y0nWWz9d69: from=<root@mail.bajawebsolutions.com>, size=1399, nrcpt=1 (queue active)
Feb  8 04:01:02 mail amavis[29205]: (29205-02) Passed CLEAN {RelayedInbound}, [127.0.0.1] /ESMTP <root@mail.bajawebsolutions.com> -> <root@mail.bajawebsolutions.com>, (), Message-ID: <48Dz3x3fRLz9dBZ@mail.bajawebsolutions.com>, mail_id: FhaC6yIEYKrf, b: JW35vcuX1, Hits: 0.378, size: 842, queued_as: 48Dz3y0nWWz9d69, Subject: "Cron <root@mail> /bin/bash /var/vmail/backup/backup_sogo.sh", From: <root@mail.bajawebsolutions.com>, helo=, Tests: [NO_DNS_FOR_FROM=0.379,NO_RELAYS=-0.001], autolearn=no autolearn_force=no, autolearnscore=0.379, 580 ms
Feb  8 04:01:02 mail postfix/cleanup[12839]: 48Dz3y0w2dz9dBg: message-id=<48Dz3x3fRLz9dBZ@mail.bajawebsolutions.com>
Feb  8 04:01:02 mail postfix/amavis/smtp[12848]: 48Dz3x3fRLz9dBZ: to=<root@mail.bajawebsolutions.com>, orig_to=<root>, relay=127.0.0.1[127.0.0.1]:10024, delay=0.63, delays=0.03/0.01/0/0.59, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 48Dz3y0nWWz9d69)
Feb  8 04:01:02 mail postfix/qmgr[9168]: 48Dz3x3fRLz9dBZ: removed
Feb  8 04:01:02 mail postfix/qmgr[9168]: 48Dz3y0w2dz9dBg: from=<root@mail.bajawebsolutions.com>, size=1555, nrcpt=1 (queue active)
Feb  8 04:01:02 mail postfix/local[12856]: 48Dz3y0nWWz9d69: to=<root@mail.bajawebsolutions.com>, relay=local, delay=0.03, delays=0.01/0.01/0/0.01, dsn=2.0.0, status=sent (forwarded as 48Dz3y0w2dz9dBg)
Feb  8 04:01:02 mail postfix/qmgr[9168]: 48Dz3y0nWWz9d69: removed
Feb  8 04:01:02 mail postfix/pipe[12857]: 48Dz3y0w2dz9dBg: to=<postmaster@bajawebsolutions.com>, orig_to=<root@mail.bajawebsolutions.com>, relay=dovecot, delay=0.08, delays=0.01/0.01/0/0.06, dsn=2.0.0, status=sent (delivered via dovecot service)
Feb  8 04:01:02 mail postfix/qmgr[9168]: 48Dz3y0w2dz9dBg: removed
Feb  8 05:12:34 mail postfix/submission/smtpd[15613]: connect from ns572014.ip-51-161-13.net[51.161.13.222]
Feb  8 05:12:35 mail postfix/submission/smtpd[15613]: lost connection after UNKNOWN from ns572014.ip-51-161-13.net[51.161.13.222]
Feb  8 05:12:35 mail postfix/submission/smtpd[15613]: disconnect from ns572014.ip-51-161-13.net[51.161.13.222] unknown=0/1 commands=0/1
Feb  8 05:15:55 mail postfix/anvil[15615]: statistics: max connection rate 1/60s for (submission:51.161.13.222) at Feb  8 05:12:34
Feb  8 05:15:55 mail postfix/anvil[15615]: statistics: max connection count 1 for (submission:51.161.13.222) at Feb  8 05:12:34
Feb  8 05:15:55 mail postfix/anvil[15615]: statistics: max cache size 1 at Feb  8 05:12:34
Feb  8 06:25:39 mail postfix/pickup[16933]: 48F2Gq0LtMz9dBZ: uid=0 from=<root>
Feb  8 06:25:39 mail postfix/cleanup[18595]: 48F2Gq0LtMz9dBZ: message-id=<48F2Gq0LtMz9dBZ@mail.bajawebsolutions.com>
Feb  8 06:25:39 mail postfix/qmgr[9168]: 48F2Gq0LtMz9dBZ: from=<root@mail.bajawebsolutions.com>, size=51635, nrcpt=1 (queue active)
Feb  8 06:25:40 mail postfix/10025/smtpd[18731]: connect from mail.bajawebsolutions.com[127.0.0.1]
Feb  8 06:25:40 mail postfix/10025/smtpd[18731]: 48F2Gr4Fmcz9d69: client=mail.bajawebsolutions.com[127.0.0.1]
Feb  8 06:25:40 mail postfix/cleanup[18595]: 48F2Gr4Fmcz9d69: message-id=<48F2Gq0LtMz9dBZ@mail.bajawebsolutions.com>
Feb  8 06:25:40 mail postfix/qmgr[9168]: 48F2Gr4Fmcz9d69: from=<root@mail.bajawebsolutions.com>, size=52555, nrcpt=1 (queue active)
Feb  8 06:25:40 mail postfix/10025/smtpd[18731]: disconnect from mail.bajawebsolutions.com[127.0.0.1] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5
Feb  8 06:25:40 mail amavis[29204]: (29204-03) Passed SPAM {RelayedTaggedInbound}, [127.0.0.1] /ESMTP <root@mail.bajawebsolutions.com> -> <root@mail.bajawebsolutions.com>, (), Message-ID: <48F2Gq0LtMz9dBZ@mail.bajawebsolutions.com>, mail_id: QoK6OGL4ZlIR, b: rIteT51wy, Hits: 8.403, size: 51594, queued_as: 48F2Gr4Fmcz9d69, Subject: "Logwatch for mail.bajawebsolutions.com (Linux)", From: <root@mail.bajawebsolutions.com>, helo=, Tests: [NO_DNS_FOR_FROM=0.379,NO_RELAYS=-0.001,NUMERIC_HTTP_ADDR=0.001,PDS_OTHER_BAD_TLD=1.676,URIBL_ABUSE_SURBL=1.948,URIBL_BLACK=1.7,URIBL_CSS=0.1,URIBL_CSS_A=0.1,URIBL_DBL_SPAM=2.5], autolearn=no autolearn_force=no, autolearnscore=8.404, 1572 ms
Feb  8 06:25:40 mail postfix/cleanup[18595]: 48F2Gr4gmPz9dBg: message-id=<48F2Gq0LtMz9dBZ@mail.bajawebsolutions.com>
Feb  8 06:25:40 mail postfix/qmgr[9168]: 48F2Gr4gmPz9dBg: from=<root@mail.bajawebsolutions.com>, size=52711, nrcpt=1 (queue active)
Feb  8 06:25:40 mail postfix/local[18733]: 48F2Gr4Fmcz9d69: to=<root@mail.bajawebsolutions.com>, relay=local, delay=0.08, delays=0.05/0.01/0/0.02, dsn=2.0.0, status=sent (forwarded as 48F2Gr4gmPz9dBg)
Feb  8 06:25:40 mail postfix/qmgr[9168]: 48F2Gr4Fmcz9d69: removed
Feb  8 06:25:40 mail postfix/amavis/smtp[18618]: 48F2Gq0LtMz9dBZ: to=<root@mail.bajawebsolutions.com>, orig_to=<root>, relay=127.0.0.1[127.0.0.1]:10024, delay=38, delays=36/0.01/0/1.6, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 48F2Gr4Fmcz9d69)
Feb  8 06:25:40 mail postfix/qmgr[9168]: 48F2Gq0LtMz9dBZ: removed
Feb  8 06:25:40 mail postfix/pipe[18734]: 48F2Gr4gmPz9dBg: to=<postmaster@bajawebsolutions.com>, orig_to=<root@mail.bajawebsolutions.com>, relay=dovecot, delay=0.12, delays=0.01/0.01/0/0.1, dsn=2.0.0, status=sent (delivered via dovecot service)
Feb  8 06:25:40 mail postfix/qmgr[9168]: 48F2Gr4gmPz9dBg: removed
Feb  8 06:38:28 mail amavis[19514]: starting. /usr/sbin/amavisd-new at mail.bajawebsolutions.com amavisd-new-2.11.0 (20160426), Unicode aware, LC_ALL="C", LANG="C.UTF-8"
Feb  8 06:38:29 mail amavis[19525]: Net::Server: Group Not Defined.  Defaulting to EGID '123 123'
Feb  8 06:38:29 mail amavis[19525]: Net::Server: User Not Defined.  Defaulting to EUID '117'
Feb  8 06:38:29 mail amavis[19525]: No ext program for   .F, tried: unfreeze, freeze -d, melt, fcat
Feb  8 06:38:29 mail amavis[19525]: No ext program for   .zoo, tried: zoo, unzoo
Feb  8 06:38:29 mail amavis[19525]: No decoder for       .F
Feb  8 06:38:29 mail amavis[19525]: No decoder for       .zoo
Feb  8 06:38:29 mail amavis[19525]: Using primary internal av scanner code for clamav-socket
Feb  8 06:38:29 mail amavis[19525]: Found secondary av scanner clamav-clamscan at /usr/bin/clamscan
Feb  8 07:04:43 mail postfix/postscreen[20525]: CONNECT from [192.241.235.89]:34600 to [172.26.0.21]:25
Feb  8 07:04:43 mail postfix/postscreen[20525]: PREGREET 18 after 0.18 from [192.241.235.89]:34600: EHLO zg-0131a-63\r\n
Feb  8 07:04:43 mail postfix/postscreen[20525]: DISCONNECT [192.241.235.89]:34600
Feb  8 10:34:06 mail postfix/submission/smtpd[28550]: connect from worker-02.sfj.corp.censys.io[198.108.66.32]
Feb  8 10:34:06 mail postfix/submission/smtpd[28550]: Anonymous TLS connection established from worker-02.sfj.corp.censys.io[198.108.66.32]: TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)
Feb  8 10:34:06 mail postfix/submission/smtpd[28550]: disconnect from worker-02.sfj.corp.censys.io[198.108.66.32] ehlo=1 starttls=1 quit=1 commands=3
Feb  8 10:37:27 mail postfix/anvil[28552]: statistics: max connection rate 1/60s for (submission:198.108.66.32) at Feb  8 10:34:06
Feb  8 10:37:27 mail postfix/anvil[28552]: statistics: max connection count 1 for (submission:198.108.66.32) at Feb  8 10:34:06
Feb  8 10:37:27 mail postfix/anvil[28552]: statistics: max cache size 1 at Feb  8 10:34:06
Feb  8 18:13:08 mail roundcube: <bvmhdua7> PHP Error: Request security check failed (GET /mail/?_task=logout&_token=QNjxugkRgSWvIKOqUeECAPeqpHj4Oohg)
Feb  8 18:13:53 mail roundcube: <j4ja34ht> IMAP Error: Login failed for contacto@charlasdecafe.com against 127.0.0.1 from 189.202.69.137. AUTHENTICATE LOGIN: A0001 NO [AUTHENTICATIONFAILED] Authentication failed. in /opt/www/roundcubemail-1.4.1/program/lib/Roundcube/rcube_imap.php on line 200 (POST /mail/?_task=login&_action=login)
Feb  8 18:14:54 mail roundcube: <q7r0qten> IMAP Error: Login failed for contacto@hotelsantalucia.com against 127.0.0.1 from 189.202.69.137. AUTHENTICATE LOGIN: A0001 NO [AUTHENTICATIONFAILED] Authentication failed. in /opt/www/roundcubemail-1.4.1/program/lib/Roundcube/rcube_imap.php on line 200 (POST /mail/?_task=login&_action=login)
Feb  8 18:15:04 mail roundcube: <q7r0qten> IMAP Error: Login failed for contacto@hotelsantalucia.com against 127.0.0.1 from 189.202.69.137. AUTHENTICATE LOGIN: A0001 NO [AUTHENTICATIONFAILED] Authentication failed. in /opt/www/roundcubemail-1.4.1/program/lib/Roundcube/rcube_imap.php on line 200 (POST /mail/?_task=login&_action=login)
Feb  8 18:15:23 mail roundcube: <q7r0qten> IMAP Error: Login failed for contacto@hotelsantalucia.com against 127.0.0.1 from 189.202.69.137. AUTHENTICATE LOGIN: A0001 NO [AUTHENTICATIONFAILED] Authentication failed. in /opt/www/roundcubemail-1.4.1/program/lib/Roundcube/rcube_imap.php on line 200 (POST /mail/?_task=login&_action=login)
Feb  8 18:48:29 ip-172-26-0-234 postfix/postfix-script[2831]: starting the Postfix mail system
Feb  8 18:48:29 ip-172-26-0-234 postfix/master[2836]: daemon started -- version 3.3.0, configuration /etc/postfix
Feb  8 18:48:29 ip-172-26-0-234 amavis[1425]: starting. /usr/sbin/amavisd-new at mail.bajawebsolutions.com amavisd-new-2.11.0 (20160426), Unicode aware, LC_ALL="C", LANG="C.UTF-8"
Feb  8 18:48:34 ip-172-26-0-234 amavis[2919]: Net::Server: Group Not Defined.  Defaulting to EGID '123 123'
Feb  8 18:48:34 ip-172-26-0-234 amavis[2919]: Net::Server: User Not Defined.  Defaulting to EUID '117'
Feb  8 18:48:34 ip-172-26-0-234 amavis[2919]: No ext program for   .F, tried: unfreeze, freeze -d, melt, fcat
Feb  8 18:48:34 ip-172-26-0-234 amavis[2919]: No ext program for   .zoo, tried: zoo, unzoo
Feb  8 18:48:34 ip-172-26-0-234 amavis[2919]: No decoder for       .F
Feb  8 18:48:34 ip-172-26-0-234 amavis[2919]: No decoder for       .zoo
Feb  8 18:48:34 ip-172-26-0-234 amavis[2919]: Using primary internal av scanner code for clamav-socket
Feb  8 18:48:34 ip-172-26-0-234 amavis[2919]: Found secondary av scanner clamav-clamscan at /usr/bin/clamscan
Feb  8 18:49:01 ip-172-26-0-234 amavis[3179]: (!)policy protocol: INVALID AM.PDP ATTRIBUTE LINE: POST / HTTP/1.1\r\n
Feb  8 18:49:01 ip-172-26-0-234 amavis[3179]: (!!)policy_server FAILED: Missing 'request' field at (eval 105) line 197, <GEN34> line 7.
Feb  8 18:49:02 ip-172-26-0-234 amavis[3179]: (!)policy protocol: INVALID AM.PDP ATTRIBUTE LINE: [{"version": "1.1", "params": [], "id": 0, "method": "getmempoolinfo"}, {"version": "1.1", "params": [], "id": 1, "method": "getnetworkinfo"}, {"version": "1.1", "params": [], "id": 2, "method": "getblockchaininfo"}, {"version": "1.1", "params": [], "id": 3, "method": "getmemoryinfo"}, {"version": "1.1", "params": [], "id": 4, "method": "gettxoutsetinfo"}]
Feb  8 18:54:40 ip-172-26-0-234 postfix/postfix-script[4336]: stopping the Postfix mail system
Feb  8 18:54:40 ip-172-26-0-234 postfix/master[2836]: terminating on signal 15
Feb  8 18:54:47 ip-172-26-0-234 postfix/postqueue[4342]: fatal: Queue report unavailable - mail system is down
Feb  8 18:54:57 ip-172-26-0-234 postfix/postqueue[4462]: fatal: Queue report unavailable - mail system is down
Feb  8 18:55:07 ip-172-26-0-234 postfix/postqueue[4518]: fatal: Queue report unavailable - mail system is down
Feb  8 18:55:17 ip-172-26-0-234 postfix/postqueue[4562]: fatal: Queue report unavailable - mail system is down
Feb  8 18:55:27 ip-172-26-0-234 postfix/postqueue[4605]: fatal: Queue report unavailable - mail system is down
Feb  8 18:56:02 ip-172-26-0-234 postfix/postqueue[5147]: fatal: Queue report unavailable - mail system is down
Feb  8 18:56:32 ip-172-26-0-234 postfix/postqueue[5161]: fatal: Queue report unavailable - mail system is down
Feb  8 18:56:55 ip-172-26-0-234 postfix/postfix-script[6290]: starting the Postfix mail system
Feb  8 18:56:55 ip-172-26-0-234 postfix/master[6292]: daemon started -- version 3.3.0, configuration /etc/postfix
Feb  8 18:56:57 ip-172-26-0-234 amavis[6488]: starting. /usr/sbin/amavisd-new at mail.bajawebsolutions.com amavisd-new-2.11.0 (20160426), Unicode aware, LC_ALL="C", LANG="C.UTF-8"
Feb  8 18:56:57 ip-172-26-0-234 amavis[6497]: Net::Server: Group Not Defined.  Defaulting to EGID '123 123'
Feb  8 18:56:57 ip-172-26-0-234 amavis[6497]: Net::Server: User Not Defined.  Defaulting to EUID '117'
Feb  8 18:56:57 ip-172-26-0-234 amavis[6497]: No ext program for   .F, tried: unfreeze, freeze -d, melt, fcat
Feb  8 18:56:57 ip-172-26-0-234 amavis[6497]: No ext program for   .zoo, tried: zoo, unzoo
Feb  8 18:56:57 ip-172-26-0-234 amavis[6497]: No decoder for       .F
Feb  8 18:56:57 ip-172-26-0-234 amavis[6497]: No decoder for       .zoo
Feb  8 18:56:57 ip-172-26-0-234 amavis[6497]: Using primary internal av scanner code for clamav-socket
Feb  8 18:56:57 ip-172-26-0-234 amavis[6497]: Found secondary av scanner clamav-clamscan at /usr/bin/clamscan
Feb  8 19:00:32 ip-172-26-0-234 postfix/postfix-script[6911]: refreshing the Postfix mail system
Feb  8 19:00:32 ip-172-26-0-234 postfix/master[6292]: reload -- version 3.3.0, configuration /etc/postfix
Feb  8 19:02:56 ip-172-26-0-234 postfix/postfix-script[7096]: stopping the Postfix mail system
Feb  8 19:02:56 ip-172-26-0-234 postfix/master[6292]: terminating on signal 15
Feb  8 19:02:57 ip-172-26-0-234 postfix/postqueue[7100]: fatal: Queue report unavailable - mail system is down
Feb  8 19:03:07 ip-172-26-0-234 postfix/postqueue[7110]: fatal: Queue report unavailable - mail system is down
Feb  8 19:03:12 ip-172-26-0-234 postfix/postfix-script[7948]: starting the Postfix mail system
Feb  8 19:03:12 ip-172-26-0-234 postfix/master[7950]: daemon started -- version 3.3.0, configuration /etc/postfix
Feb  8 19:04:40 ip-172-26-0-234 postfix/postfix-script[8112]: refreshing the Postfix mail system
Feb  8 19:04:40 ip-172-26-0-234 postfix/master[7950]: reload -- version 3.3.0, configuration /etc/postfix
Feb  8 19:05:44 ip-172-26-0-234 postfix/postfix-script[8178]: stopping the Postfix mail system
Feb  8 19:05:44 ip-172-26-0-234 postfix/master[7950]: terminating on signal 15
Feb  8 19:05:45 ip-172-26-0-234 postfix/postfix-script[9016]: starting the Postfix mail system
Feb  8 19:05:45 ip-172-26-0-234 postfix/master[9018]: daemon started -- version 3.3.0, configuration /etc/postfix
Feb  8 19:11:21 ip-172-26-0-234 postfix/postsuper[9379]: fatal: use of this command is reserved for the superuser

Im lost here.

Thanks for the reply.

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 1.0
- Deployed with iRedMail Easy or the downloadable installer? downloaded
- Linux/BSD distribution name and version: Freebsd 12.2
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): mysql
- Web server (Apache or Nginx):ngins
- Manage mail accounts with iRedAdmin-Pro?no
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====
Hello All,

After a recent upgrade I have this error in maillog after restart.
Mail is being delivered without a problem and it doesn't happen when I restart amavis.

Feb  8 21:28:10 mail amavis[41453]: (!)policy protocol: INVALID AM.PDP ATTRIBUTE LINE: POST / HTTP/1.1\r\n
Feb  8 21:28:10 mail amavis[41453]: (!!)policy_server FAILED: Missing 'request' field at (eval 102) line 197, <GEN18> line 7.
Feb  8 21:28:11 mail amavis[41453]: (!)policy protocol: INVALID AM.PDP ATTRIBUTE LINE: [{"version": "1.1", "params": [], "id": 0, "method": "getmempoolinfo"}, {"version": "1.1", "params": [], "id": 1, "method": "getnetworkinfo"}, {"version": "1.1", "params": [], "id": 2, "method": "getblockchaininfo"}, {"version": "1.1", "params": [], "id": 3, "method": "getmemoryinfo"}, {"version": "1.1", "params": [], "id": 4, "method": "gettxoutsetinfo"}]

There is a similar issue described here but I don't plugin mention enabled or at least I can't find. N.B. I use netdata on freebsd so the config differs.

https://github.com/iredmail/iRedMail/issues/2

Is it the same issue?

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 1.0
- Deployed with iRedMail Easy or the downloadable installer? downloadable installer
- Linux/BSD distribution name and version: Ubuntu 18.04LTS
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Web server (Apache or Nginx): Apache
- Manage mail accounts with iRedAdmin-Pro? No
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

Hello!

I wonder how I can implement account-based mail redirecting with Postfix.

It works like this:

1 the system creates an inbox for every sender who just signed up (e.g., some registration page);
2 a sender authenticates himself with Postfix (e.g., through Dovecot SASL);
3 he then connects to Postfix to send an email (e.g., through PHP);
4 Postfix redirects this email to a local inbox dedicated to that particular sender, for inspection later.

This system would allow multiple sender accounts, with each account having a separate inbox.

Many posts on the internet tell you how to redirect all emails to a specified user with a virtual alias table, but my need is different in that the redirecting is based on the sender's account.

Thank you so much.

Hello,

Is there any way to have a log entry in some log file whenever the password of any user is changed via admin panel?

Thanks for your great product.

====
- iRedMail version: 0.9.8
- Deployed with: the downloadable installer
- Linux/BSD distribution: Debian 9.5
- Store mail accounts in MySQL.
- Web server: Nginx.
- Manage mail accounts with iRedAdmin-Pro: no
====

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 0.9.9 MARIADB edition.
- Deployed with iRedMail Easy or the downloadable installer?: downloadable installer
- Linux/BSD distribution name and version: CentOS Linux release 7.7.1908 (Core)
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Web server (Apache or Nginx):Nginx
- Manage mail accounts with iRedAdmin-Pro?: No
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====
Hi,
How to upgrade to newest version ?
Do I need to download iRedMail-1.0.tar.gz ?

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 1.1
- Deployed with iRedMail Easy or the downloadable installer? downloadable
- Linux/BSD distribution name and version:  ubuntu 18.04
- Store mail accounts in which backend (LDAP/MySQL/PGSQL):  MySQL
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? no
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

I did a fresh install (also fresh OS) and I get infinite logs like this in /var/log/dovecot/imap.log:

Feb 10 08:47:33 mail dovecot: imap-login: Login: user=<postmaster@example.ar>, method=LOGIN, rip=127.0.0.1, lip=127.0.0.1, mpid=12732, secured, session=<HtAJTjeesOB/AAAB>
Feb 10 08:47:33 mail dovecot: imap(postmaster@example.ar): Error: dict-client: Commit failed: net_connect_unix(/var/run/dovecot/dict) failed: Permission denied (euid=2000(<unknown>) egid=2000(<unknown>) missing +r perm: /var/run/dovecot/dict, we're not in group 1006(vmail), dir owned by 0:0 mode=0755) (reply took 0.000 secs)
Feb 10 08:47:33 mail dovecot: imap(postmaster@example.ar): Error: last_login_dict: Failed to write value for user postmaster@example.ar
Feb 10 08:47:33 mail dovecot: imap(postmaster@example.ar): Error: stats: open(/var/run/dovecot/stats-mail) failed: Permission denied
Feb 10 08:47:33 mail dovecot: imap(postmaster@example.ar): Error: dict-client: Iteration failed: net_connect_unix(/var/run/dovecot/dict) failed: Permission denied (euid=2000(<unknown>) egid=2000(<unknown>) missing +r perm: /var/run/dovecot/dict, we're not in group 1006(vmail), dir owned by 0:0 mode=0755) (reply took 0.000 secs (0.000 in dict wait, 0.000 in other ioloops, 0.000 in locks))
Feb 10 08:47:33 mail dovecot: imap(postmaster@example.ar): Error: dict-client: Iteration failed: net_connect_unix(/var/run/dovecot/dict) failed: Permission denied (euid=2000(<unknown>) egid=2000(<unknown>) missing +r perm: /var/run/dovecot/dict, we're not in group 1006(vmail), dir owned by 0:0 mode=0755) (reply took 0.000 secs (0.000 in dict wait, 0.000 in other ioloops, 0.000 in locks))
Feb 10 08:47:33 mail dovecot: imap(postmaster@example.ar): Logged out in=273 out=1469
Feb 10 08:47:44 mail dovecot: imap-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=190.11.142.130, lip=181.230.160.212, TLS handshaking: SSL_accept() syscall failed: Success, session=<XeK7Tjee0J2+C46C>
Feb 10 08:48:33 mail dovecot: imap-login: Login: user=<postmaster@example.ar>, method=LOGIN, rip=127.0.0.1, lip=127.0.0.1, mpid=12888, secured, session=<8TadUTeeSuF/AAAB>
Feb 10 08:48:33 mail dovecot: imap(postmaster@example.ar): Error: dict-client: Commit failed: net_connect_unix(/var/run/dovecot/dict) failed: Permission denied (euid=2000(<unknown>) egid=2000(<unknown>) missing +r perm: /var/run/dovecot/dict, we're not in group 1006(vmail), dir owned by 0:0 mode=0755) (reply took 0.000 secs)
Feb 10 08:48:33 mail dovecot: imap(postmaster@example.ar): Error: last_login_dict: Failed to write value for user postmaster@example.ar
Feb 10 08:48:33 mail dovecot: imap(postmaster@example.ar): Error: stats: open(/var/run/dovecot/stats-mail) failed: Permission denied
Feb 10 08:48:33 mail dovecot: imap(postmaster@example.ar): Error: dict-client: Iteration failed: net_connect_unix(/var/run/dovecot/dict) failed: Permission denied (euid=2000(<unknown>) egid=2000(<unknown>) missing +r perm: /var/run/dovecot/dict, we're not in group 1006(vmail), dir owned by 0:0 mode=0755) (reply took 0.000 secs (0.000 in dict wait, 0.000 in other ioloops, 0.000 in locks))
Feb 10 08:48:33 mail dovecot: imap(postmaster@example.ar): Error: dict-client: Iteration failed: net_connect_unix(/var/run/dovecot/dict) failed: Permission denied (euid=2000(<unknown>) egid=2000(<unknown>) missing +r perm: /var/run/dovecot/dict, we're not in group 1006(vmail), dir owned by 0:0 mode=0755) (reply took 0.000 secs (0.000 in dict wait, 0.000 in other ioloops, 0.000 in locks))
Feb 10 08:48:33 mail dovecot: imap(postmaster@example.ar): Logged out in=273 out=1469

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 1.0
- Deployed with iRedMail Easy or the downloadable installer? downloadable
- Linux/BSD distribution name and version:  centos 7.7
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): LDAP
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? Yes
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

Is there a setting to notify the end user when one of their outbound messages exceeds the throttle limit for message size (Max size of single email)? Currently I get notified, but the user has no idea their mail didn't go through.

Thanks.

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (0.9.9)
- Linux/BSD distribution name and version:  on (Centos 7.7)
- Store mail accounts in which backend (PGSQL)
- Web server  (Nginx):
- Manage mail accounts with iRedAdmin-Pro? No
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

Read above

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 1.1
- Deployed with iRedMail Easy or the downloadable installer? downloaded
- Linux/BSD distribution name and version:  ubuntu 18.04
- Store mail accounts in which backend (LDAP/MySQL/PGSQL):  MySQL
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? no
====

In dovecot log, I'm getting constantly this errors:

Feb 10 10:07:14 mail dovecot: lda: Fatal: Internal error occurred. Refer to server log for more information.
Feb 10 10:07:14 mail dovecot: master: Dovecot v2.2.33.2 (d6601f4ec) starting up for pop3, imap, sieve, lmtp (core dumps disabled)
Feb 10 10:07:14 mail dovecot: auth-worker(20321): Warning: mysql: Query failed, retrying: Lost connection to MySQL server during query (idled for 0 secs)
Feb 10 10:07:14 mail dovecot: auth-worker(20321): Error: mysql(127.0.0.1): Connect failed to database (vmail): Can't connect to MySQL server on '127.0.0.1' (111) - waiting for 1 seconds before retry
Feb 10 10:07:14 mail dovecot: dict(20333): Error: mysql(127.0.0.1): Connect failed to database (vmail): Can't connect to MySQL server on '127.0.0.1' (111) - waiting for 1 seconds before retry
Feb 10 10:07:14 mail dovecot: dict(20333): Error: mysql(127.0.0.1): Connect failed to database (vmail): Can't connect to MySQL server on '127.0.0.1' (111) - waiting for 1 seconds before retry
Feb 10 10:07:15 mail dovecot: auth-worker(20321): Error: mysql(127.0.0.1): Connect failed to database (vmail): Can't connect to MySQL server on '127.0.0.1' (111) - waiting for 5 seconds before retry
Feb 10 10:07:15 mail dovecot: dict(20333): Error: mysql(127.0.0.1): Connect failed to database (vmail): Can't connect to MySQL server on '127.0.0.1' (111) - waiting for 5 seconds before retry
Feb 10 10:07:15 mail dovecot: dict(20333): Error: mysql(127.0.0.1): Connect failed to database (vmail): Can't connect to MySQL server on '127.0.0.1' (111) - waiting for 5 seconds before retry
Feb 10 10:07:21 mail dovecot: dict(20333): Error: sql dict: commit failed: Deadlock found when trying to get lock; try restarting transaction

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 1.0
- Deployed with iRedMail Easy or the downloadable installer? no
- Linux/BSD distribution name and version:  Ubuntu 18.04 lts
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MariaDB
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? no
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====
I need disable the Spam folder from user on server, to all 'spam' stay on the inbox folder because  all users are using thunderbird/pop3

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 1.1
- Deployed with iRedMail Easy or the downloadable installer? Downloadable
- Linux/BSD distribution name and version:  Ubuntu 18.04
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): Ldap
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? NO
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

hello
It is on new install that i got the trouble.
after start install it is stop with error message no pub key available
and connection refuse with keyserver.

manually install sogo  repository public key and restart install !

Regards

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 1.0
- Deployed with iRedMail Easy or the downloadable installer? downloadable installer
- Linux/BSD distribution name and version: Ubuntu server 18.04.03
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): LDAP
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? No
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

I am trying to make it possible to login to SOGo domain part in email address. I have already configured dovecot to allow authentication with username (uid) only by:

"auth_default_realm = mydomain.com"

I know that it can be easily done for Roundcube to by setting

"$config['username_domain'] = 'mydomain.com';"

But how to do it for SOGo?

So far I have tried the follwoing  in "/etc/sogo/sogo.conf" without success:

SOGoForceExternalLoginWithEmail = NO;

SOGoUserSources = (
        {
            type = ldap;
            id = users;
            canAuthenticate = YES;
            isAddressBook = NO;
            displayName = "LDAP Authentication";

            hostname = "ldap://127.0.0.1:389";
            baseDN = "domainName=%d,o=domains,dc=mydomain,dc=com";
            bindDN = "cn=vmail,dc=mydomain,dc=com";
            bindPassword = "xxxx";
            filter = "objectClass=mailUser AND accountStatus=active AND enabledService=mail AND enabledService=sogo";
            scope = SUB;

            bindAsCurrentUser = YES;
           
            userPasswordAlgorithm = ssha512;

            CNFieldName = cn;
            IDFieldName = uid;
            UIDFieldName = uid;
            IMAPLoginFieldName = uid;
            MailFieldNames = (mail);
            bindFields = (uid, mail);
        }

Hi community! is it any way to setup IredMail free version to block a spamming account and automatically change its password? the thing is that its the 3rd time one of my accounts is compromised...obviously for weak password (thats anooother story..would thank also any posibility to force password strength mandatory ) and well..other stuff...Please dont want to be continuosly running mailq command for noticing spammer attack.

Tom

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 0.9.9
- Deployed with iRedMail Easy or the downloadable installer? Downloadable
- Linux/BSD distribution name and version:  ubuntu 18.04
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): mysql
- Web server (Apache or Nginx): nginx
- Manage mail accounts with iRedAdmin-Pro? non-pro
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
=====

Hi All,

I'm having issue sending .xlsx attachment with error below:

<useremail@mydomain.com>: host ASPMX.L.GOOGLE.com[64.233.167.26] said:
    550-5.7.1 [178.20.144.34      12] Our system has detected that this message
    is 550-5.7.1 likely unsolicited mail. To reduce the amount of spam sent to
    Gmail, 550-5.7.1 this message has been blocked. Please visit 550-5.7.1
    https://support.google.com/mail/?p=Unso … ssageError 550 5.7.1  for
    more information. l17si1893182wrp.391 - gsmtp (in reply to end of DATA
    command)

Note: the error is intermittent, sometimes i can send excel attachment without any error.

your help is really really appreciated.

Thanks.
JunG

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 1.0
- Deployed with iRedMail Easy or the downloadable installer? no
- Linux/BSD distribution name and version:  Ubuntu 18.04 lts
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MariaDB
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? no
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====
I need disable the Spam folder from user on server, to all 'spam' stay on the inbox folder because  all users are using thunderbird/pop3

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 0.9.9
- Deployed with the downloadable installer
- Linux/BSD distribution name and version: Ubuntu 18.04.4 LTS
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MARIADB
- Web server (Apache or Nginx): NGINX
====

Hello,

Couple of days ago, I successfully update:

iRedAPD with iRedAPD-3.4.tar.gz
Roundcube with roundcubemail-1.4.2-complete.tar.gz
iRedadmin with iRedAdmin-1.0.tar.bz2

NOW, I am confused with the steps on how to upgrade iRedMail...

New version is 1.1, so, if I correctly understand, I need to upgrade 0.9.9 to 1.0, THEN, 1.0 to 1.1.

So I checked https://docs.iredmail.org/upgrade.iredm … -099-to-10 in order to make the first update....

I can NOT find the step to update iRedMail (upgrade bash script like iRedadmin or iRedADP)...

Can you, please, let me know how to update my iRedMail 0.9.9 to iRedMail 1.1 ?

In advance, thanks A LOT for your help

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 1.1
- Deployed with iRedMail Easy or the downloadable installer? yes
- Linux/BSD distribution name and version: 18.04 Ubuntu
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? No
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

Hello,

i found nothing helpful at Google or older posts in this forum.

My problem is following:

All incoming emails are declined as Passed Spammy or Passed Clean, but there are from an external emailserver.
I checked the amavis configfile regarding the policies ... but i stuck here ... my rules are to bounce mails over 5 points ... but this can not work because amavis declare all emails als internal.

Here ist the logfile from /var/log/maillog for better understanding

In the attachment the amavis config file.

I hope somebody can help me.

Thank you in advance.

Feb 14 08:19:31 mail postfix/postscreen[5123]: CONNECT from [45.56.127.226]:51334 to [167.86.67.250]:25
Feb 14 08:19:31 mail postfix/postscreen[5123]: PASS OLD [45.56.127.226]:51334
Feb 14 08:19:31 mail postfix/smtpd[5142]: connect from mail.iredmail.org[45.56.127.226]
Feb 14 08:19:32 mail postfix/smtpd[5142]: Anonymous TLS connection established from mail.iredmail.org[45.56.127.226]: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)
Feb 14 08:19:32 mail postfix/smtpd[5142]: 48JlBD3sbKz1qrbs: client=mail.iredmail.org[45.56.127.226]
Feb 14 08:19:32 mail postfix/cleanup[5155]: 48JlBD3sbKz1qrbs: message-id=<48Jkyj5Ls2z6Ts@mail.iredmail.org>
Feb 14 08:19:32 mail postfix/qmgr[3295]: 48JlBD3sbKz1qrbs: from=<no-reply@forum.iredmail.org>, size=2656, nrcpt=2 (queue active)
Feb 14 08:19:32 mail postfix/smtpd[5142]: disconnect from mail.iredmail.org[45.56.127.226] ehlo=2 starttls=1 mail=1 rcpt=1 data=1 quit=1 commands=7
Feb 14 08:19:33 mail postfix/10025/smtpd[5173]: connect from localhost[127.0.0.1]
Feb 14 08:19:33 mail postfix/10025/smtpd[5173]: 48JlBF5pW5z1qs95: client=localhost[127.0.0.1]
Feb 14 08:19:33 mail postfix/cleanup[5155]: 48JlBF5pW5z1qs95: message-id=<48Jkyj5Ls2z6Ts@mail.iredmail.org>
Feb 14 08:19:33 mail postfix/10025/smtpd[5173]: disconnect from localhost[127.0.0.1] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5
Feb 14 08:19:33 mail postfix/qmgr[3295]: 48JlBF5pW5z1qs95: from=<no-reply@forum.iredmail.org>, size=3271, nrcpt=1 (queue active)
Feb 14 08:19:33 mail amavis[3968]: (03968-01) Passed CLEAN {RelayedInbound}, [45.56.127.226]:51334 [139.162.146.87] ESMTP/ESMTP <no-reply@forum.iredmail.org> -> <backup@djnsc.de>, (ESMTPS://[45.56.127.226]:51334 < ESMTPSA://139.162.146.87), Queue-ID: 48JlBD3sbKz1qrbs, Message-ID: <48Jkyj5Ls2z6Ts@mail.iredmail.org>, mail_id: sWO6CnZcj5bI, b: wh1GpDfH5, Hits: -1.999, size: 2656, queued_as: 48JlBF5pW5z1qs95, Subject: "Welcome to iRedMail! (raw: =?UTF-8?B?V2VsY29tZSB0byBpUmVkTWFpbCE=?=)", From: <no-reply@forum.iredmail.org>, X-Mailer: PunBB_Mailer, helo=mail.iredmail.org, Tests: [BAYES_00=-1.9,DKIM_SIGNED=0.1,DKIM_VALID=-0.1,DKIM_VALID_EF=-0.1,FROM_EXCESS_BASE64=0.001,SPF_HELO_NONE=0.001,SPF_PASS=-0.001], autolearn=ham autolearn_force=no, autolearnscore=-0.098, dkim_i=@forum.iredmail.org, dkim_sd=dkim:iredmail.org, 1149 ms
Feb 14 08:19:33 mail postfix/10025/smtpd[5173]: connect from localhost[127.0.0.1]
Feb 14 08:19:33 mail postfix/amavis/smtp[5160]: 48JlBD3sbKz1qrbs: to=<backup@djnsc.de>, relay=127.0.0.1[127.0.0.1]:10024, delay=1.3, delays=0.17/0/0.02/1.1, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 48JlBF5pW5z1qs95)
Feb 14 08:19:33 mail postfix/10025/smtpd[5173]: 48JlBF5zqXz1qrcK: client=localhost[127.0.0.1]
Feb 14 08:19:33 mail postfix/cleanup[5155]: 48JlBF5zqXz1qrcK: message-id=<48Jkyj5Ls2z6Ts@mail.iredmail.org>
Feb 14 08:19:33 mail postfix/10025/smtpd[5173]: disconnect from localhost[127.0.0.1] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5
Feb 14 08:19:33 mail postfix/qmgr[3295]: 48JlBF5zqXz1qrcK: from=<no-reply@forum.iredmail.org>, size=3271, nrcpt=1 (queue active)
Feb 14 08:19:33 mail postfix/pipe[5177]: 48JlBF5pW5z1qs95: to=<backup@djnsc.de>, relay=dovecot, delay=0.03, delays=0/0/0/0.03, dsn=2.0.0, status=sent (delivered via dovecot service)
Feb 14 08:19:33 mail postfix/qmgr[3295]: 48JlBF5pW5z1qs95: removed
Feb 14 08:19:33 mail amavis[3971]: (03971-01) Passed CLEAN {RelayedInbound}, [45.56.127.226]:51334 [139.162.146.87] ESMTP/ESMTP <no-reply@forum.iredmail.org> -> <daniel@djnsc.de>, (ESMTPS://[45.56.127.226]:51334 < ESMTPSA://139.162.146.87), Queue-ID: 48JlBD3sbKz1qrbs, Message-ID: <48Jkyj5Ls2z6Ts@mail.iredmail.org>, mail_id: G0o8WoENrUlD, b: wh1GpDfH5, Hits: -1.999, size: 2656, queued_as: 48JlBF5zqXz1qrcK, Subject: "Welcome to iRedMail! (raw: =?UTF-8?B?V2VsY29tZSB0byBpUmVkTWFpbCE=?=)", From: <no-reply@forum.iredmail.org>, X-Mailer: PunBB_Mailer, helo=mail.iredmail.org, Tests: [BAYES_00=-1.9,DKIM_SIGNED=0.1,DKIM_VALID=-0.1,DKIM_VALID_EF=-0.1,FROM_EXCESS_BASE64=0.001,SPF_HELO_NONE=0.001,SPF_PASS=-0.001], autolearn=ham autolearn_force=no, autolearnscore=-0.098, dkim_i=@forum.iredmail.org, dkim_sd=dkim:iredmail.org, 1169 ms
Feb 14 08:19:33 mail postfix/amavis/smtp[5161]: 48JlBD3sbKz1qrbs: to=<daniel@djnsc.de>, relay=127.0.0.1[127.0.0.1]:10024, delay=1.4, delays=0.17/0/0.02/1.2, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 48JlBF5zqXz1qrcK)
Feb 14 08:19:33 mail postfix/qmgr[3295]: 48JlBD3sbKz1qrbs: removed
Feb 14 08:19:33 mail postfix/pipe[5174]: 48JlBF5zqXz1qrcK: to=<daniel@djnsc.de>, relay=dovecot, delay=0.03, delays=0/0/0/0.02, dsn=2.0.0, status=sent (delivered via dovecot service)
Feb 14 08:19:33 mail postfix/qmgr[3295]: 48JlBF5zqXz1qrcK: removed

Amavis Config:
use strict;

# controls running of anti-virus/spam code: 0 -> enabled, 1 -> disabled.
@bypass_virus_checks_maps = (0);
@bypass_spam_checks_maps  = (0);
# $bypass_decode_parts = 1;         # controls running of decoders&dearchivers

$daemon_user  = 'amavis';
$daemon_group = 'amavis';

# Set hostname.
$myhostname = 'mail.djnsc.de';
$mydomain = $myhostname;
$localhost_name = $myhostname;

#
# NOTE: $MYHOME/{tmp,var,db} must be created manually
#
$MYHOME = '/var/lib/amavis';
$TEMPBASE = '/var/lib/amavis/tmp';   # working directory, needs to exist, -T
$ENV{TMPDIR} = $TEMPBASE;   # environment variable TMPDIR, used by SA, etc.
$db_home = '/var/lib/amavis/db';      # dir for bdb nanny/cache/snmp databases, -D
$QUARANTINEDIR = '/var/lib/amavis/quarantine';     # -Q
$quarantine_subdir_levels = 2;  # add level of subdirs to disperse quarantine
# $release_format = 'resend';     # 'attach', 'plain', 'resend'
# $report_format  = 'arf';        # 'attach', 'plain', 'resend', 'arf'
# $daemon_chroot_dir = $MYHOME;   # chroot directory or undef, -R
# $helpers_home = "$MYHOME/var";  # working directory for SpamAssassin, -S

$lock_file = '/var/run/amavis/amavisd.lock';  # -L
$pid_file = '/var/run/amavis/amavisd.pid';   # -P

@local_domains_maps = 1;
@mynetworks = qw( 127.0.0.0/8 [::1] 127.0.0.1 );

# Socket file, used by amavisd-release or amavis-milter.
$unix_socketname = '/var/run/amavis/amavisd.socket';

#
# BDB
#
$enable_db = 0;              # enable use of BerkeleyDB/libdb (SNMP and nanny)
$nanny_details_level = 2;    # nanny verbosity: 1: traditional, 2: detailed

$inet_socket_port = [10024, 10026, 10027, 9998];

$policy_bank{'MYNETS'} = {   # mail originating from @mynetworks
    originating => 1,  # is true in MYNETS by default, but let's make it explicit
    os_fingerprint_method => undef,  # don't query p0f for internal clients
    allow_disclaimers => 1, # enables disclaimer insertion if available
    enable_dkim_signing => 1,
};

# Postfix will re-route mail from authenticated users to this port.
$interface_policy{'10026'} = 'ORIGINATING';
$policy_bank{'ORIGINATING'} = {
    originating => 1,         # declare that mail was submitted by our smtp client
    allow_disclaimers => 1,   # enables disclaimer insertion if available
    enable_dkim_signing => 1,

    # notify administrator of locally originating malware
    spam_admin_maps  => ["root\@$mydomain"],
    # notify administrator of locally originating malware
    virus_admin_maps => ["root\@$mydomain"],
    spam_admin_maps  => ["root\@$mydomain"],
    bad_header_admin_maps => ["root\@$mydomain"],
    banned_admin_maps => ["root\@$mydomain"],
    warnbadhsender   => 0,
    warnbannedsender => 0,

    # force MTA conversion to 7-bit (e.g. before DKIM signing)
    smtpd_discard_ehlo_keywords => ['8BITMIME'],
    terminate_dsn_on_notify_success => 0,  # don't remove NOTIFY=SUCCESS option

    # Bypass checks
    #bypass_spam_checks_maps => [1],    # don't check spam
    #bypass_virus_checks_maps => [1],   # don't check virus
    #bypass_banned_checks_maps => [1],  # don't check banned file names and types
    #bypass_header_checks_maps => [1],  # don't check bad header
};

$interface_policy{'10027'} = 'MLMMJ';
$policy_bank{'MLMMJ'} = {
    originating => 1,           # declare that mail was submitted by our smtp client
    allow_disclaimers => 0,     # we use 'mlmmj-amime-receive' program to handle disclaimer/footer
    enable_dkim_signing => 1,   # enable DKIM signing for outbound
    virus_admin_maps => ["root\@$mydomain"],
    spam_admin_maps  => ["root\@$mydomain"],
    smtpd_discard_ehlo_keywords => ['8BITMIME'],
    terminate_dsn_on_notify_success => 0,  # don't remove NOTIFY=SUCCESS option
    # re-inject processed email to Postfix, with address mapping enabled.
    forward_method => 'smtp:[127.0.0.1]:10028',
    # Amavisd performs the checks for email sent to mailing list, so no need to
    # check again for outbound.
    bypass_spam_checks_maps => [1],     # don't check spam
    bypass_virus_checks_maps => [1],    # don't check virus
    bypass_banned_checks_maps => [1],   # don't check banned file names and types
    bypass_header_checks_maps => [1],   # don't check bad header
};

$interface_policy{'SOCK'} = 'AM.PDP-SOCK'; # only applies with $unix_socketname

# Use with amavis-release over a socket or with Petr Rehor's amavis-milter.c
# (with amavis-milter.c from this package or old amavis.c client use 'AM.CL'):
$policy_bank{'AM.PDP-SOCK'} = {
  protocol => 'AM.PDP',
  auth_required_release => 0,  # do not require secret_id for amavisd-release
};

$sa_tag_level_deflt  = -999 ;  # add spam info headers if at, or above that level
$sa_tag2_level_deflt = 4.0 ;  # add 'spam detected' headers at that level
$sa_kill_level_deflt = 5.0 ;  # triggers spam evasive actions (e.g. blocks mail)
$sa_dsn_cutoff_level = 7.0 ;   # spam level beyond which a DSN is not sent
$sa_crediblefrom_dsn_cutoff_level = 8.0; # likewise, but for a likely valid From
$sa_quarantine_cutoff_level = 10; # spam level beyond which quarantine is off

$sa_mail_body_size_limit = 400*1024; # don't waste time on SA if mail is larger
$sa_local_tests_only = 0;    # only tests which do not require internet access?

$virus_admin               = undef;                    # notifications recip.

$mailfrom_notify_admin     = undef;                    # notifications sender
$mailfrom_notify_recip     = undef;                    # notifications sender
$mailfrom_notify_spamadmin = undef;                    # notifications sender
$mailfrom_to_quarantine = ''; # null return path; uses original sender if undef

@addr_extension_virus_maps      = ('virus');
@addr_extension_banned_maps     = ('banned');
@addr_extension_spam_maps       = ('spam');
@addr_extension_bad_header_maps = ('badh');
# $recipient_delimiter = '+';  # undef disables address extensions altogether
# when enabling addr extensions do also Postfix/main.cf: recipient_delimiter=+

$path = '/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/usr/bin:/bin';
# $dspam = 'dspam';

$MAXLEVELS = 14;
$MAXFILES = 3000;
$MIN_EXPANSION_QUOTA = 100*1024;        # bytes  (default undef, not enforced)
$MAX_EXPANSION_QUOTA = 500*1024*1024;   # bytes  (default undef, not enforced)

# Prepend '[SPAM] ' to subject of spam message.
$sa_spam_modifies_subj = 1;
$sa_spam_subject_tag = '**SPAM** ';

$defang_virus  = 1;  # MIME-wrap passed infected mail
$defang_banned = 0;  # MIME-wrap passed mail containing banned name
# for defanging bad headers only turn on certain minor contents categories:
$defang_by_ccat{CC_BADH.",3"} = 1;  # NUL or CR character in header
$defang_by_ccat{CC_BADH.",5"} = 1;  # header line longer than 998 characters
$defang_by_ccat{CC_BADH.",6"} = 1;  # header field syntax error

@keep_decoded_original_maps = (new_RE(
    # let virus scanner (clamav) see full original message (can be slow)
    # this setting is required if we're going to use third-party clamav
    # signatures. for example, Sanesecurity signatures.
    # FYI: http://sanesecurity.com/support/signature-testing/
    #qr'^MAIL$',

    qr'^MAIL-UNDECIPHERABLE$', # same as ^MAIL$ if mail is undecipherable
    qr'^(ASCII(?! cpio)|text|uuencoded|xxencoded|binhex)'i,
    #qr'^Zip archive data',     # don't trust Archive::Zip
));

$banned_filename_re = new_RE(

### BLOCKED ANYWHERE
# qr'^UNDECIPHERABLE$',  # is or contains any undecipherable components
  qr'^\.(exe-ms|dll)$',                   # banned file(1) types, rudimentary
# qr'^\.(exe|lha|cab|dll)$',              # banned file(1) types

### BLOCK THE FOLLOWING, EXCEPT WITHIN UNIX ARCHIVES:
# [ qr'^\.(gz|bz2)$'             => 0 ],  # allow any in gzip or bzip2
  [ qr'^\.(rpm|cpio|tar)$'       => 0 ],  # allow any in Unix-type archives

  qr'.\.(pif|scr)$'i,                     # banned extensions - rudimentary
# qr'^\.zip$',                            # block zip type

### BLOCK THE FOLLOWING, EXCEPT WITHIN ARCHIVES:
# [ qr'^\.(zip|rar|arc|arj|zoo)$'=> 0 ],  # allow any within these archives

  qr'^application/x-msdownload$'i,        # block these MIME types
  qr'^application/x-msdos-program$'i,
  qr'^application/hta$'i,

# qr'^message/partial$'i,         # rfc2046 MIME type
# qr'^message/external-body$'i,   # rfc2046 MIME type

# qr'^(application/x-msmetafile|image/x-wmf)$'i,  # Windows Metafile MIME type
# qr'^\.wmf$',                            # Windows Metafile file(1) type

  # block certain double extensions in filenames
  qr'^(?!cid:).*\.[^./]*[A-Za-z][^./]*\.\s*(exe|vbs|pif|scr|bat|cmd|com|cpl|dll)[.\s]*$'i,

# qr'\{[0-9a-f]{8}(-[0-9a-f]{4}){3}-[0-9a-f]{12}\}?'i, # Class ID CLSID, strict
# qr'\{[0-9a-z]{4,}(-[0-9a-z]{4,}){0,7}\}?'i, # Class ID extension CLSID, loose

  qr'.\.(exe|vbs|pif|scr|cpl)$'i,             # banned extension - basic
# qr'.\.(exe|vbs|pif|scr|cpl|bat|cmd|com)$'i, # banned extension - basic+cmd
# qr'.\.(ade|adp|app|bas|bat|chm|cmd|com|cpl|crt|emf|exe|fxp|grp|hlp|hta|
#        inf|ini|ins|isp|js|jse|lib|lnk|mda|mdb|mde|mdt|mdw|mdz|msc|msi|
#        msp|mst|ocx|ops|pcd|pif|prg|reg|scr|sct|shb|shs|sys|vb|vbe|vbs|vxd|
#        wmf|wsc|wsf|wsh)$'ix,                # banned extensions - long
# qr'.\.(asd|asf|asx|url|vcs|wmd|wmz)$'i,     # consider also
# qr'.\.(ani|cur|ico)$'i,                 # banned cursors and icons filename
# qr'^\.ani$',                            # banned animated cursor file(1) type
# qr'.\.(mim|b64|bhx|hqx|xxe|uu|uue)$'i,  # banned extension - WinZip vulnerab.
);
# See http://support.microsoft.com/default.as … US;q262631
# and http://www.cknow.com/vtutor/vtextensions.htm

# ENVELOPE SENDER SOFT-WHITELISTING / SOFT-BLACKLISTING

@score_sender_maps = ({ # a by-recipient hash lookup table,
                        # results from all matching recipient tables are summed

# ## per-recipient personal tables  (NOTE: positive: black, negative: white)
# 'user1@example.com'  => [{'bla-mobile.press@example.com' => 10.0}],
# 'user3@example.com'  => [{'.ebay.com'                 => -3.0}],
# 'user4@example.com'  => [{'cleargreen@cleargreen.com' => -7.0,
#                           '.cleargreen.com'           => -5.0}],

  ## site-wide opinions about senders (the '.' matches any recipient)
  '.' => [  # the _first_ matching sender determines the score boost

   new_RE(  # regexp-type lookup table, just happens to be all soft-blacklist
    [qr'^(bulkmail|offers|cheapbenefits|earnmoney|foryou)@'i         => 5.0],
    [qr'^(greatcasino|investments|lose_weight_today|market\.alert)@'i=> 5.0],
    [qr'^(money2you|MyGreenCard|new\.tld\.registry|opt-out|opt-in)@'i=> 5.0],
    [qr'^(optin|saveonlsmoking2002k|specialoffer|specialoffers)@'i   => 5.0],
    [qr'^(stockalert|stopsnoring|wantsome|workathome|yesitsfree)@'i  => 5.0],
    [qr'^(your_friend|greatoffers)@'i                                => 5.0],
    [qr'^(inkjetplanet|marketopt|MakeMoney)\d*@'i                    => 5.0],
   ),

   #read_hash("/var/amavis/sender_scores_sitewide"),

   { # a hash-type lookup table (associative array)
     'nobody@cert.org'                        => -3.0,
     'cert-advisory@us-cert.gov'              => -3.0,
     'owner-alert@iss.net'                    => -3.0,
     'slashdot@slashdot.org'                  => -3.0,
     'securityfocus.com'                      => -3.0,
     'ntbugtraq@listserv.ntbugtraq.com'       => -3.0,
     'security-alerts@linuxsecurity.com'      => -3.0,
     'mailman-announce-admin@python.org'      => -3.0,
     'amavis-user-admin@lists.sourceforge.net'=> -3.0,
     'amavis-user-bounces@lists.sourceforge.net' => -3.0,
     'spamassassin.apache.org'                => -3.0,
     'notification-return@lists.sophos.com'   => -3.0,
     'owner-postfix-users@postfix.org'        => -3.0,
     'owner-postfix-announce@postfix.org'     => -3.0,
     'owner-sendmail-announce@lists.sendmail.org'   => -3.0,
     'sendmail-announce-request@lists.sendmail.org' => -3.0,
     'donotreply@sendmail.org'                => -3.0,
     'ca+envelope@sendmail.org'               => -3.0,
     'noreply@freshmeat.net'                  => -3.0,
     'owner-technews@postel.acm.org'          => -3.0,
     'ietf-123-owner@loki.ietf.org'           => -3.0,
     'cvs-commits-list-admin@gnome.org'       => -3.0,
     'rt-users-admin@lists.fsck.com'          => -3.0,
     'clp-request@comp.nus.edu.sg'            => -3.0,
     'surveys-errors@lists.nua.ie'            => -3.0,
     'emailnews@genomeweb.com'                => -5.0,
     'yahoo-dev-null@yahoo-inc.com'           => -3.0,
     'returns.groups.yahoo.com'               => -3.0,
     'clusternews@linuxnetworx.com'           => -3.0,
     lc('lvs-users-admin@LinuxVirtualServer.org')    => -3.0,
     lc('owner-textbreakingnews@CNNIMAIL12.CNN.COM') => -5.0,

     # soft-blacklisting (positive score)
     'sender@example.net'                     =>  3.0,
     '.example.net'                           =>  1.0,

   },
  ],  # end of site-wide tables
});

@decoders = (
  ['mail', \&do_mime_decode],
# [[qw(asc uue hqx ync)], \&do_ascii],  # not safe
  ['F',    \&do_uncompress, ['unfreeze', 'freeze -d', 'melt', 'fcat'] ],
  ['Z',    \&do_uncompress, ['uncompress', 'gzip -d', 'zcat'] ],
  ['gz',   \&do_uncompress, 'gzip -d'],
  ['gz',   \&do_gunzip],
  ['bz2',  \&do_uncompress, 'bzip2 -d'],
  ['xz',   \&do_uncompress,
           ['xzdec', 'xz -dc', 'unxz -c', 'xzcat'] ],
  ['lzma', \&do_uncompress,
           ['lzmadec', 'xz -dc --format=lzma',
            'lzma -dc', 'unlzma -c', 'lzcat', 'lzmadec'] ],
  ['lrz',  \&do_uncompress,
           ['lrzip -q -k -d -o -', 'lrzcat -q -k'] ],
  ['lzo',  \&do_uncompress, 'lzop -d'],
  ['lz4',  \&do_uncompress, ['lz4c -d'] ],
  ['rpm',  \&do_uncompress, ['rpm2cpio.pl', 'rpm2cpio'] ],
  [['cpio','tar'], \&do_pax_cpio, ['pax', 'gcpio', 'cpio'] ],
           # ['/usr/local/heirloom/usr/5bin/pax', 'pax', 'gcpio', 'cpio']
  ['deb',  \&do_ar, 'ar'],
# ['a',    \&do_ar, 'ar'],  # unpacking .a seems an overkill
  ['rar',  \&do_unrar, ['unrar', 'rar'] ],
  ['arj',  \&do_unarj, ['unarj', 'arj'] ],
  ['arc',  \&do_arc,   ['nomarch', 'arc'] ],
  ['zoo',  \&do_zoo,   ['zoo', 'unzoo'] ],
# ['doc',  \&do_ole,   'ripole'],  # no ripole package so far
  ['cab',  \&do_cabextract, 'cabextract'],
# ['tnef', \&do_tnef_ext, 'tnef'],  # use internal do_tnef() instead
  ['tnef', \&do_tnef],
# ['lha',  \&do_lha,   'lha'],  # not safe, use 7z instead
# ['sit',  \&do_unstuff, 'unstuff'],  # not safe
  [['zip','kmz'], \&do_7zip,  ['7za', '7z'] ],
  [['zip','kmz'], \&do_unzip],
  ['7z',   \&do_7zip,  ['7zr', '7za', '7z'] ],
  [[qw(gz bz2 Z tar)],
           \&do_7zip,  ['7za', '7z'] ],
  [[qw(xz lzma jar cpio arj rar swf lha iso cab deb rpm)],
           \&do_7zip,  '7z' ],
  ['exe',  \&do_executable, ['unrar','rar'], 'lha', ['unarj','arj'] ],
);

$notify_method  = 'smtp:[127.0.0.1]:10025';
$forward_method = 'smtp:[127.0.0.1]:10025';

# Mark Spam/Virus with third-party clamav signatures: SaneSecurity.
#   *) The order matters, first match wins. Set to 'undef' to keep as infected
#   *) Anything declared as undefined will be marked as a virus
@virus_name_to_spam_score_maps =(new_RE(
    # SaneSecurity + Foxhole
    [ qr'^Sanesecurity\.(Malware|Badmacro|Foxhole|Rogue|Trojan)\.' => undef ],
    [ qr'^Sanesecurity\.MalwareHash\.'    => undef ],
    [ qr'^Sanesecurity.TestSig_'          => undef ],
    [ qr'^Sanesecurity\.'                 => 0.1 ],

    # winnow
    [ qr'^winnow\.(Exploit|Trojan|malware)\.'     => undef ],
    [ qr'^winnow\.(botnet|compromised|trojan)'    => undef ],
    [ qr'^winnow\.(exe|ms|JS)\.'                  => undef ],
    [ qr'^winnow\.phish\.'                        => 3.0 ],
    [ qr'^winnow\.'                               => 0.1 ],

    # bofhland
    [ qr'^Bofhland\.Malware\.'                    => undef ],
    [ qr'^BofhlandMWFile'                         => undef ],
    [ qr'^Bofhland\.Phishing\.'                   => 3.0 ],
    [ qr'^Bofhland\.'                             => 0.1 ],

    # porcupine.ndb
    [ qr'^Porcupine\.(Malware|Trojan)\.'          => undef ],
    [ qr'^Porcupine\.(Junk|Spammer)\.'            => 3.0 ],
    [ qr'^Porcupine\.Phishing\.'                  => 3.0 ],
    [ qr'^Porcupine\.'                            => 0.01 ],

    # phishtank.ndb
    [ qr'^PhishTank\.Phishing\.'                  => 3.0 ],

    # SecuriteInfo
    [ qr'^SecuriteInfo\.com\.Spammer\.'           => 3.0 ],

    # Others
    [ qr'^Structured\.(SSN|CreditCardNumber)\b'            => 0.1 ],
    [ qr'^(Heuristics\.)?Phishing\.'                       => 0.1 ],
    [ qr'^(Email|HTML)\.Phishing\.(?!.*Sanesecurity)'      => 0.1 ],
    [ qr'^Email\.Spam\.Bounce(\.[^., ]*)*\.Sanesecurity\.' => 0   ],
    [ qr'^Email\.Spammail\b'                               => 0.1 ],
    [ qr'^MSRBL-(Images|SPAM)\b'                           => 0.1 ],
    [ qr'^VX\.Honeypot-SecuriteInfo\.com\.Joke'            => 0.1 ],
    [ qr'^VX\.not-virus_(Hoax|Joke)\..*-SecuriteInfo\.com(\.|\z)' => 0.1 ],
    [ qr'^Email\.Spam.*-SecuriteInfo\.com(\.|\z)'          => 0.1 ],
    [ qr'^Safebrowsing\.'                                  => 0.1 ],
    [ qr'^INetMsg\.SpamDomain'                             => 0.1 ],
    [ qr'^Doppelstern\.(Spam|Scam|Phishing|Junk|Lott|Loan)'=> 0.1 ],
    [ qr'^ScamNailer\.'                                    => 0.1 ],
    [ qr'^HTML/Bankish'                                    => 0.1 ],
    [ qr'(-)?SecuriteInfo\.com(\.|\z)'                     => undef ],
    [ qr'^MBL_NA\.UNOFFICIAL'                              => 0.1 ],
    [ qr'^MBL_'                                            => undef ],
));

@av_scanners = (
    ['clamav-socket',
    \&ask_daemon, ["CONTSCAN {}\n", '/var/run/clamav/clamd.ctl'],
    qr/\bOK$/, qr/\bFOUND$/,
    qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
);

@av_scanners_backup = (
    ['clamav-clamscan', 'clamscan',
    "--stdout --disable-summary -r --tempdir=$TEMPBASE {}", [0], [1],
    qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
);

#
# Port used to release quarantined mails.
#
$interface_policy{'9998'} = 'AM.PDP-INET';
$policy_bank{'AM.PDP-INET'} = {
    protocol => 'AM.PDP',       # select Amavis policy delegation protocol
    auth_required_release => 1,    # 0 - don't require secret_id for amavisd-release
    #log_level => 4,
    #always_bcc_by_ccat => {CC_CLEAN, 'admin@example.com'},
};

#########################
# Default action applied to detected spam/virus/banned/bad-header, and how to
# quarantine them
#
# Available actions:
#
#   - D_PASS: Mail will pass to recipients, regardless of bad contents.
#             If a quarantine is configured, a copy of the mail will go there.
#             Note that including a recipient in a @*_lovers_maps is
#             functionally equivalent to setting '*_destiny = D_PASS;'
#             for that recipient.
#
#   - D_BOUNCE: Mail will not be delivered to its recipients. A non-delivery
#               notification (bounce) will be created and sent to the sender.
#
#   - D_REJECT: Mail will not be delivered to its recipients. Amavisd will
#               send the typical 55x reject response to the upstream MTA and
#               that MTA may create a reject notice (bounce) and return it to
#               the sender.
#               This notice is not as informative as the one created using
#               D_BOUNCE, so usually D_BOUNCE is preferred over D_REJECT.
#               If a quarantine is configured, a copy of the mail will go
#               there, if not mail message will be lost, but the sender should
#               be notified their message was rejected.
#
#   - D_DISCARD: Mail will not be delivered to its recipients and the sender
#                normally will NOT be notified.
#                If a quarantine is configured, a copy of the mail will go
#                there, if not mail message will be lost. Note that there are
#                additional settings available that can send notifications to
#                persons that normally may not be notified when an undesirable
#                message is found, so it is possible to notify the sender even
#                when using D_DISCARD.
#
# Where to store quarantined mail message:
#
#   - 'local:spam-%i-%m', quarantine mail on local file system.
#   - 'sql:', quarantine mail in SQL server specified in @storage_sql_dsn.
#   - undef, do not quarantine mail.

# SPAM.
$final_spam_destiny = D_BOUNCE;
$spam_quarantine_method = 'sql:';
$spam_quarantine_to = 'spam-quarantine';

# Virus
$final_virus_destiny = D_BOUNCE;
$virus_quarantine_method = 'sql:';
$virus_quarantine_to = 'virus-quarantine';

# Banned
$final_banned_destiny = D_BOUNCE;
$banned_files_quarantine_method = 'sql:';
$banned_quarantine_to = 'banned-quarantine';

# Bad header.
$final_bad_header_destiny = D_BOUNCE;
$bad_header_quarantine_method = 'sql:';
$bad_header_quarantine_to = 'bad-header-quarantine';

#########################
# Quarantine CLEAN mails.
# Don't forget to enable clean quarantine in policy bank 'MYUSERS'.
#
#$clean_quarantine_method = 'sql:';
#$clean_quarantine_to = 'clean-quarantine';

# a string to prepend to Subject (for local recipients only) if mail could
# not be decoded or checked entirely, e.g. due to password-protected archives
#$undecipherable_subject_tag = '***UNCHECKED*** ';  # undef disables it
$undecipherable_subject_tag = undef;

# Hope to fix 'nested MAIL command' issue on high load server.
$smtp_connection_cache_enable = 0;

# The default set of header fields to be signed can be controlled
# by setting %signed_header_fields elements to true (to sign) or
# to false (not to sign). Keys must be in lowercase, e.g.:
# 0 -> off
# 1 -> on
$signed_header_fields{'received'} = 0;
$signed_header_fields{'to'} = 1;

#
# DKIM
#
# Enable DKIM verification globally.
$enable_dkim_verification = 1;

# Disable DKIM signing globally, because it's controlled per policy bank.
#$enable_dkim_signing = 1;

# Add dkim_key here.
dkim_key('djnsc.de', 'dkim', '/var/lib/dkim/djnsc.de.pem');

@dkim_signature_options_bysender_maps = ({
    # 'd' defaults to a domain of an author/sender address,
    # 's' defaults to whatever selector is offered by a matching key

    # Per-domain dkim key
    #"domain.com"  => { d => "domain.com", a => 'rsa-sha256', ttl => 10*24*3600 },

    # catch-all (one dkim key for all domains)
    '.' => {d => 'djnsc.de',
            a => 'rsa-sha256',
            c => 'relaxed/simple',
            ttl => 30*24*3600 },
});

#
# Disclaimer settings
#
# Uncomment below line to enable singing disclaimer in outgoing mails.
#$defang_maps_by_ccat{+CC_CATCHALL} = [ 'disclaimer' ];

# Program used to signing disclaimer in outgoing mails.
$altermime = '/usr/bin/altermime';

# Disclaimer in plain text formart.
@altermime_args_disclaimer = qw(--disclaimer=/etc/postfix/disclaimer/_OPTION_.txt --disclaimer-html=/etc/postfix/disclaimer/_OPTION_.txt --force-for-bad-html);

@disclaimer_options_bysender_maps = ({
    # Per-domain, per-user disclaimer setting:
    # '<domain>' => /path/to/disclaimer.txt,
    # '<email>' => /path/to/disclaimer.txt,

    # Catch-all disclaimer setting: /etc/postfix/disclaimer/default.txt
    '.' => 'default',
},);

$sql_allow_8bit_address = 1;
$timestamp_fmt_mysql = 1;   # if using MySQL *and* msgs.time_iso is TIMESTAMP;

# Reporting and quarantining.
@storage_sql_dsn = (['DBI:mysql:database=amavisd;host=127.0.0.1;port=3306', 'amavisd', 'LBYJnWY4gleJXPV4SukYNT1fv1SsWi']);

# Lookup for per-recipient, per-domain and global policy.
@lookup_sql_dsn = @storage_sql_dsn;

# Don't send email with subject "UNCHECKED contents in mail FROM xxx".
delete $admin_maps_by_ccat{&CC_UNCHECKED};

# Do not notify administrator about SPAM/VIRUS from remote servers.
$virus_admin = undef;
$spam_admin = undef;
$banned_admin = undef;
$bad_header_admin = undef;

#
# Pre-define some policy banks.
#
# You can assign certain policy banks to clients/senders you want to whitelist
# with parameter `@client_ipaddr_policy` and @author_to_policy_bank_maps.
$policy_bank{'FULL_WHITELIST'} = {
    bypass_spam_checks_maps => [1],
    spam_lovers_maps => [1],
    bypass_decode_parts => 1,
    bypass_virus_checks_maps => [1],
    virus_lovers_maps => [1],
    bypass_banned_checks_maps => [1],
    banned_files_lovers_maps  => [1],
    bypass_header_checks_maps => [1],
    bad_header_lovers_maps => [1],
};

$policy_bank{'NO_SPAM_CHECK'} = {
    bypass_spam_checks_maps => [1],
    spam_lovers_maps => [1],
};

$policy_bank{'NO_VIRUS_CHECK'} = {
    bypass_decode_parts => 1,
    bypass_virus_checks_maps => [1],
    virus_lovers_maps => [1],
};

$policy_bank{'NO_BANNED_CHECK'} = {
    bypass_banned_checks_maps => [1],
    banned_files_lovers_maps  => [1],
};

$policy_bank{'NO_BAD_HEADER_CHECK'} = {
    bypass_header_checks_maps => [1],
    bad_header_lovers_maps => [1],
};

#$policy_bank{'MILD_WHITELIST'} = {
#    score_sender_maps => [ { '.' => [-1.8] } ],
#};

#
# Logging
#
$do_syslog = 5;             # log via syslogd (preferred)
$syslog_facility = 'mail';  # Syslog facility as a string
$log_level = 0;             # Amavisd log level.
                            # Verbosity: 0, 1, 2, 3, 4, 5, -d.
$sa_debug = 1;              # SpamAssassin debugging (require $log_level).
                            # Default if off (0).

# Amavisd on some Linux/BSD distribution use $banned_namepath_re instead of
# $banned_filename_re, so we define some blocked file types here.
#
# Sample input for $banned_namepath_re:
#
#   P=p003\tL=1\tM=multipart/mixed\nP=p002\tL=1/2\tM=application/octet-stream\tT=dat\tN=my_docum.zip
#   P=p003,L=1,M=multipart/mixed | P=p002,L=1/2,M=application/zip,T=zip,N=FedEx_00628727.zip | P=p005,L=1/2/2,T=asc,N=FedEx_00628727.doc.wsf
#
# What it means:
#   - T: type. e.g. zip archive.
#   - M: MIME type. e.g. application/octet-stream.
#   - N: suggested (MIME) name. e.g. my_docum.zip.

$banned_namepath_re = new_RE(
    #[qr'T=(rar|arc|arj|zoo|gz|bz2)(,|\t)'xmi => 'DISCARD'],     # Compressed file types
    [qr'T=x-(msdownload|msdos-program|msmetafile)(,|\t)'xmi => 'DISCARD'],
    [qr'T=(hta)(,|\t)'xmi => 'DISCARD'],

    # Dangerous mime types
    [qr'T=(9|386|LeChiffre|aaa|abc|aepl|ani|aru|atm|aut|b64|bat|bhx|bkd|blf|bll|bmw|boo|bps|bqf|breaking_bad|buk|bup|bxz|cc|ccc|ce0|ceo|cfxxe|chm|cih|cla|class|cmd|com|cpl|crinf|crjoker|crypt|cryptolocker|cryptowall|ctbl|cxq|cyw|dbd|delf|dev|dlb|dli|dll|dllx|dom|drv|dx|dxz|dyv|dyz|ecc|exe|exe-ms|exe1|exe_renamed|exx|ezt|ezz|fag|fjl|fnr|fuj|good|gzquar|hlp|hlw|hqx|hsq|hts|iva|iws|jar|js|kcd|keybtc@inbox_com|let|lik|lkh|lnk|locky|lok|lol!|lpaq5|magic|mfu|micro|mim|mjg|mjz|nls|oar|ocx|osa|ozd|pcx|pgm|php2|php3|pid|pif|plc|pr|pzdc|qit|qrn|r5a|rhk|rna|rsc_tmp|s7p|scr|shs|ska|smm|smtmp|sop|spam|ssy|swf|sys|tko|tps|tsa|tti|ttt|txs|upa|uu|uue|uzy|vb|vba|vbe|vbs|vbx|vexe|vxd|vzr|wlpginstall|ws|wsc|wsf|wsh|wss|xdu|xir|xlm|xlv|xnt|xnxx|xtbl|xxe|xxx|xyz|zix|zvz|zzz)(,|\t)'xmi => 'DISCARD'],

    # Dangerous file name extensions
    [qr'N=.*\.(9|386|LeChiffre|aaa|abc|aepl|ani|aru|atm|aut|b64|bat|bhx|bkd|blf|bll|bmw|boo|bps|bqf|breaking_bad|buk|bup|bxz|cc|ccc|ce0|ceo|cfxxe|chm|cih|cla|class|cmd|com|cpl|crinf|crjoker|crypt|cryptolocker|cryptowall|ctbl|cxq|cyw|dbd|delf|dev|dlb|dli|dll|dllx|dom|drv|dx|dxz|dyv|dyz|ecc|exe|exe-ms|exe1|exe_renamed|exx|ezt|ezz|fag|fjl|fnr|fuj|good|gzquar|hlp|hlw|hqx|hsq|hts|iva|iws|jar|js|kcd|keybtc@inbox_com|let|lik|lkh|lnk|locky|lok|lol!|lpaq5|magic|mfu|micro|mim|mjg|mjz|nls|oar|ocx|osa|ozd|pcx|pgm|php2|php3|pid|pif|plc|pr|pzdc|qit|qrn|r5a|rhk|rna|rsc_tmp|s7p|scr|shs|ska|smm|smtmp|sop|spam|ssy|swf|sys|tko|tps|tsa|tti|ttt|txs|upa|uu|uue|uzy|vb|vba|vbe|vbs|vbx|vexe|vxd|vzr|wlpginstall|ws|wsc|wsf|wsh|wss|xdu|xir|xlm|xlv|xnt|xnxx|xtbl|xxe|xxx|xyz|zix|zvz|zzz)$'xmi => 'DISCARD'],
);

# Log verbose.
$log_templ = $log_verbose_templ;

# $bounce_killer_score defaults to 100, it will cause quota exceed notification
# email sent by Dovecot quarantined by Amavisd.
$penpals_bonus_score = undef;
$bounce_killer_score = 0;

# Selectively disable some of the header checks
#
# Duplicate or multiple occurrence of a header field
$allowed_header_tests{'multiple'} = 0;

# Missing some headers. e.g. 'Date:'
$allowed_header_tests{'missing'} = 0;

# Listen on specified addresses.
$inet_socket_bind = ['127.0.0.1'];

# Set ACL
@inet_acl = qw(127.0.0.1 [::1] 127.0.0.1);

# Num of pre-forked children.
# WARNING: it must match (equal to or larger than) the number set in
# `maxproc` column in Postfix master.cf for the `smtp-amavis` transport.
$max_servers = 8;

1;  # insure a defined return

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 1.0
- Deployed with iRedMail Easy or the downloadable installer? downloadable installer
- Linux/BSD distribution name and version: Ubuntu 18.04.4LTS
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Web server (Apache or Nginx): Apache
- Manage mail accounts with iRedAdmin-Pro? Yes
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

Hi,

When disabling greylisting for a particular domain through iRedAdmin-Pro-SQL-4.1.2 there are not any rules created for alias domains.

Is this a feature that could be added or am I missing something that iRedmail does in the background for this? I realised this after a report of slow email delivery and found that the emails had infact been greylisted even though we thought it had been disabled in iRedAdmin.

I have since used the tools/greylisting_admin.py to disable greylisting for the alias domains.

Many thanks,
Nick

- iRedMail version (check /etc/iredmail-release):
->0.9.7
- Deployed with iRedMail Easy or the downloadable installer?
->Downloadable installer
- Linux/BSD distribution name and version:
->Debian

Hello,
After I switched my certificate from RSA to ECDSA cipher one of my mobile phone (Meizu with Android 7) show error "TLS handshake failure". I've tried native mail and AquaMail as well. 
All other client and Android system works fine. I've read on some resources that Android 7 has some problem with this type of cryptography.
Has anyone run into the same problem?

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release):
- Deployed with iRedMail Easy or the downloadable installer?
- Linux/BSD distribution name and version:
- Store mail accounts in which backend (LDAP/MySQL/PGSQL):
- Web server (Apache or Nginx):
- Manage mail accounts with iRedAdmin-Pro?
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

Few months ago I installed CentOS 7 and iRedMail for testing purpose.   

Now I have to install a production server from scratch, I would use CentOS as I tested it.

But now CentOS 8 is out there, so.. which version is better to use installing from zero.. older, tested, v.7  or new and "long life" v.8?
someone already used v.8 out there?
thanks!