• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 506
  • Last Modified:

postfix 2.0.16 connect to[]: server dropped connection without sending the initial greeting


I m stuck with RH 3.0 ENTERPRISE + postfix 2.0.16 + isvw (trend micro interscan virus wall ) 5.0

Here is the how postfix + issm + mail server is setup

internet > | postfix 25 > ISVW 10025 > ISVW 10024 > postfix 25 (via
Transport Mapping smtp:[]:20025 ) > MAIL SERVER LISTENING ON
20025 |

Everything functions well till I change the postfix config with webmin.
I m getting this error ;

connect to[]: server dropped connection without
sending the initial greeting

If I disable imss content filter by removing the line
in the file etc/postix/main.cf
Things function normally except that mails are not scanned since > ISVW
10025 > ISVW 10024 > is by passed

The only way to get around this was to reinstall all from crash.

Now that the server is in production I can not reinstall anymore.

Any help will be "vitally" appreciated.

Thank you

  • 4
  • 3
2 Solutions
i wouldn't change your config via webmin if I were you.  of course that just my opinion.

please post your main.cf and master.cf with all blank and comment lines removed.  although I think I understand what you're trying to say as to how your mail server works, if I see the config I am able to understand much easier.  i just have to wonder if your trying to send it to a port that the server isn't listening on.  anyway, i'll have a better idea when I see the configs
Yes, avoid making changes in webmind. If you can, do it directly through the Command Line.

On the machine, can you telnet locally on port 25 with success?

tgunduzAuthor Commented:


# ==========================================================================
# service type  private unpriv  chroot  wakeup  maxproc command + args
#               (yes)   (yes)   (yes)   (never) (100)
# ==========================================================================
##smtp      inet  n       -       n       -       -       smtpd
###smtps        inet      n      -      n      -      -      smtpd
#  -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes
###submission      inet      n      -      n      -      -      smtpd
#  -o smtpd_enforce_tls=yes -o smtpd_sasl_auth_enable=yes
#628      inet  n       -       n       -       -       qmqpd
pickup    fifo  n       -       n       60      1       pickup
cleanup   unix  n       -       n       -       0       cleanup
#qmgr      fifo  n       -       n       300     1       qmgr
qmgr     fifo  n       -       n       300     1       nqmgr
#tlsmgr        fifo      -      -      n      300      1      tlsmgr
rewrite   unix  -       -       n       -       -       trivial-rewrite
bounce    unix  -       -       n       -       0       bounce
defer     unix  -       -       n       -       0       bounce
flush     unix  n       -       n       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
smtp      unix  -       -       n       -       -       smtp
relay     unix  -       -       n       -       -       smtp
#       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq     unix  n       -       n       -       -       showq
error     unix  -       -       n       -       -       error
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       n       -       -       lmtp
# Interfaces to non-Postfix software. Be sure to examine the manual # pages of the non-Postfix software to find out what options it wants.
# maildrop. See the Postfix MAILDROP_README file for details.
maildrop  unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient} # # The Cyrus deliver program has changed incompatibly, multiple times.
old-cyrus unix  -       n       n       -       -       pipe
  flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user} # Cyrus 2.1.5 (Amos Gouaux)
cyrus     unix  -       n       n       -       -       pipe
  user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
uucp      unix  -       n       n       -       -       pipe
  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail    unix  -       n       n       -       -       pipe
  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp     unix  -       n       n       -       -       pipe
  flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient
# InterScan_Viruswall_setup_addition_SiGnAtUrE begins # #
25      inet      n      -      n      -      -      smtpd
imss      unix      -      -      n      -      -      smtp
        -o disable_dns_lookup=yes
        -o smtp_connect_timeout=$imss_connect_timeout
        -o smtp_data_done_timeout=$imss_timeout
localhost:10026      inet      n      -      n      -      20      smtpd
        -o content_filter=
        -o smtpd_timeout=$imss_timeout
        -o local_recipient_maps=

command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
relay_recipient_maps = hash:/etc/postfix/recipientsement in verbose # logging
debugger_command =
       xxgdb $daemon_directory/$process_name $process_id & sleep 5
mailq_path = /usr/bin/mailq.postfix
setgid_group = postdrop
manpage_directory = /usr/share/man
sample_directory = /usr/share/doc/postfix-2.0.16/samples
readme_directory = /usr/share/doc/postfix-2.0.16/README_FILES
alias_database = hash:/etc/postfix/aliases

# InterScan_Viruswall_setup_addition_SiGnAtUrE begins # #
relay_domains = maydomain.com mydestination = localhost localhost.localdomain $myhostname
mynetworks =
transport_maps = $default_database_type:$config_directory/transportList
default_process_limit = 200
imss_timeout = 10m
imss_connect_timeout = 1s
imss_destination_recipient_limit = 200
imss_destination_concurrency_limit = 20
smtpd_client_restrictions = $default_database_type:$config_directory/denyAccessList
smtpd_recipient_restrictions = permit_mynetworks, permit_auth_destination, reject_unauth_destination, reject smtpd_recipient_limit = 100 message_size_limit = 10485760
content_filter = imss:[]:10025
# InterScan_Viruswall_setup_addition_SiGnAtUrE ends #
smtpd_banner = $myhostname ESMTP

SMB Security Just Got a Layer Stronger

WatchGuard acquires Percipient Networks to extend protection to the DNS layer, further increasing the value of Total Security Suite.  Learn more about what this means for you and how you can improve your security with WatchGuard today!

tgunduzAuthor Commented:

>On the machine, can you telnet locally on port 25 with success?

Yes I can
tgunduzAuthor Commented:
I finally discoverd the error.
Basically there seems to be a bug in webmin  Version 1.200
If I change postfix settings with webmin
in /etc/postfix/main.cf values
are commented like
# myhostname =
# mydomain =
Thats the reason why issm sevices refuses connections from localhost
since the hostname has changed
Thank you for all help
ya thats why you generally don't want to change configs with webmin,
don't get me wrong, its great for something, but you can get version mismatches easily that only cause problems
tgunduzAuthor Commented:
although i solved myself
i can sahare the points between you 2 guys

what do u think?
Its up to you.  Not too be greedy for points, but I'd split the points and give a grade of B.  We both said that webmin shouldn't be used due to issues you can have with it.  Although that wasn't the ultimate problem, you lead me to believe that gave you a push in the right direction, but didn't outright give you the solution; thus a B rating.  If I am wrong in my assumption, then I'd say post a Q in the community support to PAQ/Refund this question; just post the URL of this question when you post the Q.

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

  • 4
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now