unbound write to /var/log/messages, check if you have something when you trigger nethserver-unbound-update
check if opendkim is up, probably it block you to send email
systemctl status opendkim
Thank you so much for your replies, I was loosing hope.
Aug 10 21:30:36 fred esmith::event[26819]: Action: /etc/e-smith/events/nethserver-unbound-update/S00initialize-default-databases SUCCESS [0.344155]
Aug 10 21:30:37 fred esmith::event[26819]: expanding /etc/unbound/unbound.conf
Aug 10 21:30:37 fred esmith::event[26819]: Action: /etc/e-smith/events/actions/generic_template_expand SUCCESS [0.165305]
Aug 10 21:30:37 fred systemd: Reloading.
Aug 10 21:30:37 fred systemd: Starting Unbound recursive Domain Name Server…
Aug 10 21:30:37 fred unbound-checkconf: unbound-checkconf: no errors in /etc/unbound/unbound.conf
Aug 10 21:30:37 fred systemd: Started Unbound recursive Domain Name Server.
Aug 10 21:30:37 fred esmith::event[26819]: [INFO] unbound has been started
Aug 10 21:30:37 fred esmith::event[26819]: Action: /etc/e-smith/events/actions/adjust-services SUCCESS [0.430707]
Aug 10 21:30:37 fred esmith::event[26819]: Event: nethserver-unbound-update SUCCESS
Aug 10 21:30:37 fred unbound: Aug 10 21:30:37 unbound[26856:0] error: can’t bind socket: Cannot assign requested address for ::1
Aug 10 21:30:37 fred unbound: Aug 10 21:30:37 unbound[26856:0] error: cannot open control interface ::1 8953
Aug 10 21:30:37 fred unbound: Aug 10 21:30:37 unbound[26856:0] fatal error: could not open ports
Aug 10 21:30:37 fred systemd: unbound.service: main process exited, code=exited, status=1/FAILURE
Aug 10 21:30:37 fred systemd: Unit unbound.service entered failed state.
Aug 10 21:30:37 fred systemd: unbound.service failed.
Aug 10 21:30:51 fred systemd: Started Session c66 of user root.
… fatal error: could not open ports …
For DKIM, all looks OK.
[root@fred ~]# systemctl status opendkim
● opendkim.service - DomainKeys Identified Mail (DKIM) Milter
Loaded: loaded (/usr/lib/systemd/system/opendkim.service; enabled; vendor preset: disabled)
Drop-In: /etc/systemd/system/opendkim.service.d
└─nethserver.conf
Active: active (running) since Mon 2020-08-10 18:26:58 CEST; 3h 5min ago
Docs: man:opendkim(8)
man:opendkim.conf(5)
man:opendkim-genkey(8)
man:opendkim-genzone(8)
man:opendkim-testadsp(8)
man:opendkim-testkey
OpenDKIM
Main PID: 3596 (opendkim)
CGroup: /system.slice/opendkim.service
└─3596 /usr/sbin/opendkim -x /etc/opendkim.conf -P /var/run/opendkim/opendkim.pidAug 10 18:26:58 fred.fio01.com systemd[1]: Starting DomainKeys Identified Mail (DKIM) Milter…
Aug 10 18:26:58 fred.fio01.com systemd[1]: Started DomainKeys Identified Mail (DKIM) Milter.
Aug 10 18:26:58 fred.fio01.com opendkim[3596]: OpenDKIM Filter v2.11.0 starting (args: -x /etc/opendkim.conf -P /var/run/opendkim/opendkim.pid)
[root@fred ~]#
Michel-André
[root@fred ~]# ip a | grep inet6
[root@fred ~]#
[root@fred ~]# sysctl -a | grep disable_ipv6
sysctl: reading key “net.ipv6.conf.all.stable_secret”
net.ipv6.conf.all.disable_ipv6 = 1
sysctl: net.ipv6.conf.default.disable_ipv6 = 1
reading key “net.ipv6.conf.default.stable_secret”
sysctl: reading key "net.ipv6.conf.enp31s0.stable_secret"net.ipv6.conf.enp31s0.disable_ipv6 = 1
sysctl: net.ipv6.conf.ens2.disable_ipv6 = 1
reading key “net.ipv6.conf.ens2.stable_secret”
sysctl: net.ipv6.conf.lo.disable_ipv6 = 1
reading key “net.ipv6.conf.lo.stable_secret”
[root@fred ~]#
It looks OK but I do not unserstand the Solution by dnutan…
I will look more closely at messages.
Michel-André
[root@prometheus ~]# sysctl -a | grep disable_ipv6
sysctl: reading key "net.ipv6.conf.all.stable_secret"
net.ipv6.conf.all.disable_ipv6 = 0
sysctl: reading key "net.ipv6.conf.br0.stable_secret"
net.ipv6.conf.br0.disable_ipv6 = 0
sysctl: reading key "net.ipv6.conf.default.stable_secret"
net.ipv6.conf.default.disable_ipv6 = 0
sysctl: reading key "net.ipv6.conf.ens19.stable_secret"
net.ipv6.conf.ens19.disable_ipv6 = 0
sysctl: reading key "net.ipv6.conf.eth0.stable_secret"
net.ipv6.conf.eth0.disable_ipv6 = 0
sysctl: reading key "net.ipv6.conf.lo.stable_secret"
net.ipv6.conf.lo.disable_ipv6 = 0
sysctl: reading key "net.ipv6.conf.tap0.stable_secret"
net.ipv6.conf.tap0.disable_ipv6 = 0
sysctl: reading key "net.ipv6.conf.vb-nsdc.stable_secret"
net.ipv6.conf.vb-nsdc.disable_ipv6 = 0
you have ipV6 disabled on your server…that not good
from dnutan
I think you are close to a solution.
I never played with IPv6, How can I enable it ?
Michel-André
what is the content of /etc/sysctl.conf
and /etc/sysctl.d/
[root@fred ~]# cat /etc/sysctl.conf
# sysctl settings are defined through files in
# /usr/lib/sysctl.d/, /run/sysctl.d/, and /etc/sysctl.d/.
#
# Vendors settings live in /usr/lib/sysctl.d/.
# To override a whole file, create a new file with the same in
# /etc/sysctl.d/ and put new settings there. To override
# only specific settings, add a file with a lexically later
# name in /etc/sysctl.d/ and put new settings there.
#
# For more information, see sysctl.conf(5) and sysctl.d(5).
[root@fred ~]#
[root@fred ~]# ls -als /etc/sysctl.d/
total 16
0 drwxr-xr-x. 2 root root 52 Aug 6 19:30 .
12 drwxr-xr-x. 130 root root 8192 Aug 10 20:48 ..
0 lrwxrwxrwx 1 root root 14 May 19 08:35 99-sysctl.conf -> ../sysctl.conf
4 -rw-r--r-- 1 root root 74 Aug 2 14:44 disableipv6.conf
[root@fred ~]#
[root@fred ~]# cat /etc/sysctl.d/disableipv6.conf
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
[root@fred ~]#
Michel-André
rpm -qf /etc/sysctl.d/disableipv6.conf
I think this fragment is the culprit
[root@fred ~]# rpm -qf /etc/sysctl.d/disableipv6.conf
file /etc/sysctl.d/disableipv6.conf is not owned by any package
[root@fred ~]#
Michel-André
Ok remove it, probably restart the server, it should fix the unbound problem
[root@fred ~]# systemctl status unbound
● unbound.service - Unbound recursive Domain Name Server
Loaded: loaded (/usr/lib/systemd/system/unbound.service; enabled; vendor preset: disabled)
Active: active (running) since Mon 2020-08-10 21:59:11 CEST; 57s ago
Process: 1429 ExecStartPre=/usr/sbin/unbound-anchor -a /var/lib/unbound/root.key -c /etc/unbound/icannbundle.pem (code=exited, status=0/SUCCESS)
Process: 1415 ExecStartPre=/usr/sbin/unbound-checkconf (code=exited, status=0/SUCCESS)
Main PID: 2004 (unbound)
CGroup: /system.slice/unbound.service
└─2004 /usr/sbin/unbound -d
Aug 10 21:59:09 fred.fio01.com systemd[1]: Starting Unbound recursive Domain Name Ser.....
Aug 10 21:59:09 fred.fio01.com unbound-checkconf[1415]: unbound-checkconf: no errors i...f
Aug 10 21:59:11 fred.fio01.com systemd[1]: Started Unbound recursive Domain Name Server.
Aug 10 21:59:13 fred.fio01.com unbound[2004]: [2004:0] notice: init module 0: subnet
Aug 10 21:59:13 fred.fio01.com unbound[2004]: [2004:0] notice: init module 1: validator
Aug 10 21:59:13 fred.fio01.com unbound[2004]: [2004:0] notice: init module 2: iterator
Aug 10 21:59:13 fred.fio01.com unbound[2004]: [2004:0] info: start of service (unboun...).
Hint: Some lines were ellipsized, use -l to show in full.
[root@fred ~]#
[root@fred ~]# systemctl status rspamd
● rspamd.service - rapid spam filtering system
Loaded: loaded (/usr/lib/systemd/system/rspamd.service; enabled; vendor preset: enabled)
Drop-In: /usr/lib/systemd/system/rspamd.service.d
└─nethserver.conf
Active: active (running) since Mon 2020-08-10 21:59:11 CEST; 2min 24s ago
Docs: https://rspamd.com/doc/
Main PID: 2008 (rspamd)
CGroup: /system.slice/rspamd.service
├─2008 rspamd: main process; 0.1 msg/sec, 0.0 msg/sec spam, 0.1 msg/sec ham
├─2925 rspamd: fuzzy process (localhost:11335)
├─2926 rspamd: rspamd_proxy process (/var/run/rspamd/worker-proxy mode=0770 ...
├─2927 rspamd: controller process (127.0.0.1:11334)
└─2928 rspamd: hs_helper process
Aug 10 22:00:15 fred.fio01.com rspamd[2926]: <e1f470>; proxy; spf_plugin_callback: st...he
Aug 10 22:00:15 fred.fio01.com rspamd[2926]: <e1f470>; proxy; rspamd_redis_connected:...ed
Aug 10 22:00:15 fred.fio01.com rspamd[2926]: <e1f470>; proxy; rspamd_redis_connected:...ed
Aug 10 22:00:15 fred.fio01.com rspamd[2926]: <e1f470>; proxy; rspamd_stat_classifiers...ng
Aug 10 22:00:15 fred.fio01.com rspamd[2926]: <e1f470>; lua; neural.lua:473: cannot le...d)
Aug 10 22:00:15 fred.fio01.com rspamd[2926]: <e1f470>; lua; neural.lua:305: created n..._0
Aug 10 22:00:15 fred.fio01.com rspamd[2926]: <e1f470>; proxy; rspamd_task_write_log: ...ve
Aug 10 22:00:15 fred.fio01.com rspamd[2926]: <e1f470>; proxy; rspamd_protocol_http_re...al
Aug 10 22:00:15 fred.fio01.com rspamd[2926]: <663c10>; proxy; proxy_milter_finish_han...on
Aug 10 22:01:06 fred.fio01.com rspamd[2927]: <ozyqxj>; lua; bayes_expiry.lua:437: fin...td
Hint: Some lines were ellipsized, use -l to show in full.
[root@fred ~]#
Now, all looks good, I will check the email and let you know.
Michel-André
Thanks Andy, you’re right, I got carried away.
this message was not for you
excuse me
From webmail at Frederic, sending to my address:
Final-Recipient: rfc822; [michelandre@my-server-FQDN](mailto:my-emailaddress)
Action: undeliverable
Status: 4.4.1
Diagnostic-Code: X-Postfix; connect to mail.my-server-FQDN[my-IP]:25:
Connection timed out.
Sending from my sever to Frederic:
[<root@fio01.com>](mailto:root@fio01.com): host smtp.fio01.com[82.65.81.211]
said: 550 5.1.1 [<root@fio01.com>](mailto:root@fio01.com): Recipient address rejected: User unknown in virtual
mailbox table (in reply to RCPT TO command)
Still a little problem but it is different from the previous one.
Michel-André
root is a specific user I think, not sure it is reachable like this, use postmaster@fio01.com or admin@fio01.com if it exists
it is another problem that it needs to be found and different of unbound
Back to maillog when you want to send the email
It is getting a little bit better.
I can send an email from my server to fred and he receives it.
From fred, if I reply to the received email, it goes to the queue.
I wil check the logs.
Michel-André
Good evening and thank you, for your help of course.
stephdl, sorry I regret my outburst
Frederic