postfwd - warning: problem talking to server 127.0.0.1:10045: Connection timed out

kez

Member
Mar 26, 2023
85
12
13
Hi all.

I've installed postfwd to add some needed functionality (such as limiting senders to X emails per hour and queueing the rest, etc.) however, postfix cannot connect to the postfwd service.

I know its not technically a PMG issue, but, does anyone have any ideas on this one?

I've install postfwd like so: https://github.com/postfwd/postfwd

Here are the needed files:

The systemd service:
/etc/systemd/system/postfwd3.service

Code:
[Unit]
Description=Postfix firewall daemon

[Service]
Type=forking
ExecStart=/usr/local/bin/postfwd3 --summary=3600 --cache=600 \
    --cache-rbl-timeout=3600 --cleanup-requests=1200 --cleanup-rbls=1800 \
    --cleanup-rates=1200 --daemon --file=/etc/postfwd/postfwd.cf \
    --interface=127.0.0.1 --port=10045 --umask=112 \
    --pidfile=/var/run/postfwd.pid --logname=postfwd --user=postfwd \
    --group=postfwd

ExecStop=/usr/local/bin/postfwd3 --file=/etc/postfwd/postfwd.cf \
    --pidfile=/var/run/postfwd.pid --kill

ExecReload=/usr/local/bin/postfwd3 --file=/etc/postfwd/postfwd.cf \
    --pidfile=/var/run/postfwd.pid --reload

[Install]
WantedBy=multi-user.target

The service is running:
systemctl status postfwd3

Code:
# systemctl status postfwd3
● postfwd3.service - Postfix firewall daemon
     Loaded: loaded (/etc/systemd/system/postfwd3.service; enabled; vendor preset: enabled)
     Active: active (running) since Mon 2024-05-27 16:23:50 BST; 44min ago
    Process: 14828 ExecReload=/usr/local/bin/postfwd3 --file=/etc/postfwd/postfwd.cf --pidfile=/var/run/postfwd.pid --reload (code=exited, status=0/SUCCESS)
   Main PID: 11649 (/usr/local/bin/)
      Tasks: 2 (limit: 38432)
     Memory: 27.3M
        CPU: 937ms
     CGroup: /system.slice/postfwd3.service
             ├─11649 /usr/local/bin/postfwd3 --summary=3600 --cache=600 --cache-rbl-timeout=3600 --cleanup-requests=1200 --cleanup-rbls=1800 --cleanup-rates=1200 --daemon --file=/etc/postfwd/postfwd.cf --interface=127.0.0.1 --port=10>
             └─11650  postfwd::policy

The service is bound to the port:
netstat -tpln|grep 10045

Code:
root@mailgate1:~# netstat -tpln|grep 10045
tcp        0      0 127.0.0.1:10045         0.0.0.0:*               LISTEN      11650/ postfwd::pol

The rules:
/etc/postfwd/postfwd.cf

Code:
#
# Sample ruleset for postfwd
#


# default: log the request and finish
id=LIMIT_PER_HOUR
    action=rate(client_address, 500, 3600, HOLD)
    action=rate(sender, 500, 3600, HOLD)

The postfix integration:
/etc/pmg/templates/main.cf.in

Code:
smtpd_recipient_restrictions =
        permit_mynetworks
        reject_unauth_destination
       check_policy_service inet:127.0.0.1:10045
        reject_non_fqdn_recipient
        check_recipient_access  regexp:/etc/postfix/rcptaccess
[%- IF postfix.usepolicy %] check_sender_access  regexp:/etc/postfix/senderaccess[% END %]
[%- IF postfix.usepolicy %] check_client_access  cidr:/etc/postfix/clientaccess[% END %]
[%- IF postfix.usepolicy %] check_policy_service inet:127.0.0.1:10022[% END %]
[%- IF pmg.mail.verifyreceivers %] reject_unknown_recipient_domain[% END %]
[%- IF pmg.mail.verifyreceivers %] reject_unverified_recipient[% END %]

But, I keep seeing this timeout in the syslog:

Code:
postfix/smtpd[17494]: warning: problem talking to server 127.0.0.1:10045: Connection timed out
 
Hi Kez im facing same issue the moment i add check_policy_service inet:127.0.0.1:10040, im not able to send mails, and if removed, i can able to send mails , i thought it might be a syntax problem but i tried everything and still it didn't work..
```
Sending email 1...
=== Trying 127.0.0.1:587...
=== Connected to 127.0.0.1.
*** Remote host closed connection unexpectedly.
Sending email 2...
=== Trying 127.0.0.1:587...
=== Connected to 127.0.0.1.
^Z
```
error
Jul 24 20:13:20 147258 postfix/smtpd[71799]: auto_clnt_close: disconnect private/tlsmgr stream
Jul 24 20:13:20 147258 postfix/smtpd[71799]: idle timeout -- exiting
Jul 24 20:15:57 147258 postfix/submission/smtpd[72064]: fatal: unexpected command-line argument: inet:127.0.0.1:10040
Jul 24 20:15:58 147258 postfix/master[71778]: warning: process /usr/lib/postfix/sbin/smtpd pid 72064 exit status 1
Jul 24 20:15:58 147258 postfix/master[71778]: warning: /usr/lib/postfix/sbin/smtpd: bad command startup -- throttling

can you help me out..
 
Bash:
 cat /etc/postfix/master.cf
# Postfix master process configuration file. See master(5) for details.

smtp      inet  n       -       y       -       -       smtpd -v
smtp      unix  -       -       y       -       -       smtp
pickup    fifo  n       -       y       60      1       pickup
cleanup   unix  n       -       y       -       0       cleanup
qmgr      fifo  n       -       n       300     1       qmgr
tlsmgr    unix  -       -       y       1000?   1       tlsmgr
rewrite   unix  -       -       y       -       -       trivial-rewrite
bounce    unix  -       -       y       -       0       bounce
defer     unix  -       -       y       -       0       bounce
trace     unix  -       -       y       -       0       bounce
verify    unix  -       -       y       -       1       verify
flush     unix  n       -       y       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
submission inet n       -       y       -       -       smtpd
  -o syslog_name=postfix/submission
  -o smtpd_tls_security_level=encrypt
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_sasl_type=dovecot
  -o smtpd_sasl_path=private/auth
  -o smtpd_recipient_restrictions=permit_sasl_authenticated,reject_unauth_destination
  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
  -o smtpd_helo_required=yes
  -o smtpd_etrn_restrictions=reject
  -o milter_macro_daemon_name=ORIGINATING
127.0.0.1:10027 inet n - n - - smtpd
  -o syslog_name=postfix/local-no-tls
  -o smtpd_tls_security_level=none
  -o smtpd_sasl_auth_enable=no
  -o smtpd_client_restrictions=permit_mynetworks,reject
  -o smtpd_recipient_restrictions=permit_mynetworks,reject