Monday, April 13, 2009

postfix can't connect to MySQL

I got this error in syslog when postfix was trying to connect to MySQL:

Apr 13 17:34:53 webmail postfix/smtpd[6726]: warning: connect to mysql server localhost: Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (2)
Apr 13 17:34:53 webmail postfix/smtpd[6726]: NOQUEUE: reject: RCPT from rv-out-0506.google.com[209.85.198.233]: 451 4.3.0 : Temporary lookup failure; from= to= proto=ESMTP helo=

I got a reference to MySQL database in my main.cf which triggered the error:

local_recipient_maps = mysql:/etc/postfix/sql-recipients.cf

From the error it was obvious postfix couldn't connect to MySQL. Email from outside wouldn't be received properly by dbmail. I checked MySQL service and it was running and I could log into MySQL manually. I found a solution after googling a bit. The cause was in file /etc/postfix/master.cf. I got smtp service of postfix to run chroot'ed (see y below).

#service type private unpriv chroot wakeup maxproc command + args
smtp inet n - y - - smtpd

So I changed the line to:

#service type private unpriv chroot wakeup maxproc command + args
smtp inet n - n - - smtpd


Voila!. It worked. See log below:

Apr 13 18:03:02 webmail postfix/smtpd[7039]: connect from rv-out-0506.google.com[209.85.198.239]
Apr 13 18:03:03 webmail sqlgrey: grey: domain awl match: updating 209.85.198(209.85.198.239), gmail.com
Apr 13 18:03:03 webmail postfix/smtpd[7039]: B3246A3075: client=rv-out-0506.google.com[209.85.198.239]
Apr 13 18:03:04 webmail postfix/cleanup[7042]: B3246A3075: message-id=<23c8d5620904130314j7f4c619di57c7d8c0d217ed62@mail.gmail.com>
Apr 13 18:03:04 webmail postfix/qmgr[7033]: B3246A3075: from=, size=2277, nrcpt=1 (queue active)
Apr 13 18:03:05 webmail postfix/smtpd[7046]: connect from webmail.myfakedomain.net[127.0.0.1]
Apr 13 18:03:05 webmail postfix/smtpd[7046]: 26BBFA3076: client=rv-out-0506.google.com[209.85.198.239]
Apr 13 18:03:05 webmail postfix/cleanup[7042]: 26BBFA3076: message-id=<23c8d5620904130314j7f4c619di57c7d8c0d217ed62@mail.gmail.com>
Apr 13 18:03:05 webmail postfix/qmgr[7033]: 26BBFA3076: from=, size=2751, nrcpt=1 (queue active)
Apr 13 18:03:05 webmail postfix/smtpd[7046]: disconnect from webmail.myfakedomain.net[127.0.0.1]
Apr 13 18:03:05 webmail dbmail/lmtpd[20480]: Message:[serverchild] serverchild.c,PerformChildTask(+349): incoming connection from [127.0.0.1] by pid [20480]
Apr 13 18:03:05 webmail postfix/lmtp[7043]: B3246A3075: to=, relay=127.0.0.1[127.0.0.1]:10025, delay=2, delays=0.96/0.01/0/1, dsn=2.0.0, status=sent (250 2.0.0 Ok, id=01032-05, from MTA([127.0.0.1]:10026): 250 2.0.0 Ok: queued as 26BBFA3076)
Apr 13 18:03:05 webmail postfix/qmgr[7033]: B3246A3075: removed

2 comments:

Anonymous said...

In a Serverfault/Stackoverflow question I was reading, if you use the magical keyword "localhost" with mysql, it will try to use the socket file on the filesystem.

So, when I ran into this problem, I realized that postfix is in a chroot, and that probably makes it so it can't get to the socket.

So, I tried specifying "127.0.0.1" in the postfix config instead of 'localhost' and it worked.

I was hesitant to follow your post, because I did not know what security implications it had (does it take postfix out of the chroot? Water down the chroot? I don't know).

Zamri said...

Thanks for the tip. This is like a easy workaround if you happen to bump into. Of course, running postfix chrooted is better in terms of security.

However, thanks anyway. I might look into it again and try your suggestion. Have fun.

Renew letsencrypt ssl certificate for zimbra 8.8.15

 Letsencrypt certs usually consists of these files: 1. cert.pem 2. chain.pem 3. fullchain.pem 4. privkey.pem I am not going to discuss about...