Postfix/rspamd

[iRobot]

Hello,

I have configured Postfix on OPNsense 24.7.8-amd64 as a smarthost for my internal network devices. All devices send their mails to Postfix and via smarthost outside.

My config:
Postfix - General:
- Listen ip: all
- ListenPort:  25
- Trusted Networks: 192......../24
- TLS Server compatibility: intermediate
- TLS client compatibility: intermediate
- TLS wrapper mode: yes
- Smart Host: smtp.providername.de:465
- Server certificate: mycertificate
- RootCA: myrootCA
- Smtp client security: encrypt
- Smarthost: smtp.servername.de:465
- EnableSMTP Authentication: yes
- Authentication Username: user@domain.de
- Authentication Password: UserPW

Postfix - AntiSpam:
Enable Rspamd integration: yes
Milter default action: accept

One day I noticed that my E-mails were no longer passing through the smarthost. The postfix log shows:

Warning   postfix/smtpd   warning: milter unix:/var/run/rspamd/milter.sock: read error in initial handshake
Warning   postfix/smtpd   warning: milter unix:/var/run/rspamd/milter.sock: can't read SMFIC_OPTNEG reply packet header: Operation timed out
Warning   postfix/cleanup   warning: milter unix:/var/run/rspamd/milter.sock: can't read SMFIC_BODYEOB reply packet header: Operation timed out

I tried to connect rspamd: http://OPNSenseIP:11334  but it failed with a timeout-error.

I then unchecked ,,Enable Rspamd Integration" and the smarthost worked fine again.

It looks weird to me. Any help would be appreciated.

[CK_beats]

Hallo, identisches Problem bei uns seit Update RspamD auf < 3.9.1.
Aktuell ist RspamD 3.11 verfügbar. Bei Aufhebung der Sperre wir das Update problemlos ausgeführt.

Anschließend ist die GUI RspamD nicht mehr erreichbar:

502 Bad Gateway
The server returned an invalid or incomplete response.

Postfix Error:

warning: milter unix:/var/run/rspamd/milter.sock: read error in initial handshake

warning: milter unix:/var/run/rspamd/milter.sock: can't read SMFIC_OPTNEG reply packet header: Connection reset by peer

Installiert als VM:
Typ   opnsense   
Version   24.7.12_2   
Architektur   amd64

os-rspamd   1.13_2

rspamd   3.11.0

Installtion ergibt die o. g. Fehler.

Ursache ist wahrscheinlich die Schnittstelle auf die Redis-Datenbank.
Hier wurde  aber auch schon alles mögliche probiert, ohne Erfolg.
Die Logs geben ebenfalls keine zielführende Auskunft.

OPNsense ist komplett aktualisiert. Hat seit Jahren auch ohne Probleme funktioniert.
Nur das Update auf RspamD < Version 3.9.1 ist nicht möglich.

Leider habe ich über Suchen keinerlei Hinweise oder ähnliche Probleme gefunden.
Bis auf diesen Thread.

Gibt es hierzu Lösungsvorschläge?
Stundenlanges Suchen und Probieren bisher ohne jeglichen Erfolg.

Viele Grüße
Constantin

[CK_beats]

Hello,

I have configured Postfix on OPNsense 24.7.8-amd64 as a smarthost for my internal network devices. All devices send their mails to Postfix and

Which version of RspamD do you use?
Is your version of RspamD higher than 3.9?
If this is true try to downgrade 3.9 and tell me if it works.

If it does we both having the same problem.

[iRobot]

Hello,
Thank you for your reply. Rspamd is 3.11.0, according to System->Firmware->Packages
How does the downgrade process work?

[CK_beats]

Hello,
i think your problem is the same as mine.
I think it is not possible to downgrade a newer package.

My search on the Internet has not been successful so far.
But I found an old post that covers a similar topic.

Here is my solution!
It works!

The reason is that the Redis database only listens to IPv4.
rSpamD is trying to reach Redis over IPv6.
You just have to switch to IPv4 in the rSpamD Config.
Please note that this will be deleted with every update and must be restored manually.

[CK_beats]

I can't understand how we are the only two users with this error.
Actually, it should affect many more administrators.
Maybe others don't have IPv6 configured?
But so many?