Problem after upgrading to 9.1.0

alexkenon

Active Member
Dec 20, 2018
25
0
41
38
Hello.
I'll describe how it was before and what happened.

Earlier.
There is PMG 9.0.7 (and before that we worked with PMG and updated it regularly for 7 years).
There is a mail server (on linux).
PMG accepts emails from the Internet and delivers them to the mail server.
LDAP is configured in Configuration – User Management and is being synchronized.
A "NOT_LDAP_User" is made in Who Objects. The point of it is to receive emails only to real–life email addresses in LDAP, and to reject (block) all non-existent addresses.
The "Reject Unknown Recipient according to LDAP" rule has been created in the Mail Filter.
I'm attaching screenshots.

Now there's a problem.
Now the PMG has been updated to 9.1.0.
The problem that appeared immediately after the update: now this rule ("Reject Unknown Recipient according to LDAP") blocks absolutely all incoming emails (it doesn't matter if the sender is in LDAP or not – everything is blocked). Surprisingly, there has never been such a problem in 7 years. I think something has changed.
I must say right away that there is an LDAP connection. Synchronization is working.

Can you tell me, please, what are your thoughts on this?
 

Attachments

  • 1.png
    1.png
    50.7 KB · Views: 9
  • 2.png
    2.png
    129.5 KB · Views: 9
Could you please share:
* the journal since the upgrade ran
* /var/log/apt/history.log (from the time of the upgrade)
* /var/log/apt/term.log (from the time of the upgrade)
* `ls -laR /etc/pmg`
* `ls -laR /var/lib/pmg`


Thanks!
 
Could you please share:
* the journal since the upgrade ran
* /var/log/apt/history.log (from the time of the upgrade)
* /var/log/apt/term.log (from the time of the upgrade)
* `ls -laR /etc/pmg`
* `ls -laR /var/lib/pmg`


Thanks!
Hi! Files in the attachment.

Unfortunately, I cannot attach the "the journal" file, because there is a lot of sensitive information. But I studied it carefully and found something that appears with every incoming email (there was no such error before the upgrade):
Jun 29 18:03:41 mx pmg-smtp-filter[840]: WARNING: trying to query non-existent ldap profile 'LD-Pro-Sync'

This is the message with every incoming email. That's the mistake...

How can this problem be solved?

Thank you!
 

Attachments

Jun 29 18:03:41 mx pmg-smtp-filter[840]: WARNING: trying to query non-existent ldap profile 'LD-Pro-Sync'

This is the message with every incoming email. That's the mistake...
might indeed be the cause - check your configured LDAP profiles in the gui (and in /etc/pmg/ldap.conf) - is everything in place as it should be?

EDIT: I just also checked your term.log - this one does state that the upgrade ran into errors:
group of '/etc/pmg/dkim' retained as pmg
mode of '/etc/pmg/dkim' retained as 0755 (rwxr-xr-x)
mode of '/etc/pmg/dkim/proxmox.private' retained as 0640 (rw-r-----)
mode of '/etc/pmg/dkim/domains' retained as 0644 (rw-r--r--)
chgrp: changing group of '/etc/pmg/ldap.conf': Operation not permitted
failed to change group of '/etc/pmg/ldap.conf' from www-data to pmg
dpkg: error processing package pmg-api (--configure):
installed pmg-api package post-installation script subprocess returned error exit status 1
dpkg: dependency problems prevent configuration of proxmox-mailgateway:
proxmox-mailgateway depends on pmg-api (>= 9.0~); however:
Package pmg-api is not configured yet.

dpkg: error processing package proxmox-mailgateway (--configure):
dependency problems - leaving unconfigured
Errors were encountered while processing:
pmg-api
proxmox-mailgateway

so probably explains the error - please try setting the group-ownership of /etc/pmg/ldap.conf to `pmg` - `chgrp -v pmg /etc/pmg/ldap.conf` - if this does not work - please check on what kind of filesystem your /etc is or if there are other modifications around? (chattr -i comes to mind)

if it works please run `systemctl start pmg-hourly` (this should refresh the ldap-cache
 
Last edited: