ERROR **** Message is stored in ERROR spool ****

Gateway
1

Hello Ciphermail users.

I get errors with the handling of all emails.

System was running really fine but since I have imported and activated
the xml DLP patterns. All mails drops into errors.

System is Debian Wheezy running Djigzo 2.10.0-3

/var/log/djigzo.log:

30 Apr 2015 12:53:56 | INFO "subject trigger" is disabled for the
sender; MailID: 4295a4c0-a452-4e3f-bd48-7087f053b60a; Recipients:
[user(a)example.org] (mitm.application.djigzo.james.mailets.Default)
[Spool Thread #2]
30 Apr 2015 12:53:56 | INFO "force encrypt header trigger" is disabled
for the sender; MailID: 4295a4c0-a452-4e3f-bd48-7087f053b60a;
Recipients: [user(a)example.org]
(mitm.application.djigzo.james.mailets.Default) [Spool Thread #2]
30 Apr 2015 12:53:56 | INFO There are valid S/MIME encryption
certificates for the recipient(s); MailID:
4295a4c0-a452-4e3f-bd48-7087f053b60a; Recipients: [user(a)example.org]
(mitm.application.djigzo.james.mailets.Default) [Spool Thread #2]
30 Apr 2015 12:53:56 | INFO Trying to S/MIME sign the message; MailID:
4295a4c0-a452-4e3f-bd48-7087f053b60a; Recipients: [user(a)example.org]
(mitm.application.djigzo.james.mailets.Default) [Spool Thread #2]
30 Apr 2015 12:53:56 | INFO Message was S/MIME signed. Signing
algorithm: SHA256WithRSAEncryption; Sign mode: clear; MailID:
4295a4c0-a452-4e3f-bd48-7087f053b60a; Recipients: [user(a)example.org]
(mitm.application.djigzo.james.mailets.SMIMESign) [Spool Thread #2]
30 Apr 2015 12:53:56 | INFO Trying to S/MIME encrypt the message;
MailID: 4295a4c0-a452-4e3f-bd48-7087f053b60a; Recipients:
[user(a)example.org] (mitm.application.djigzo.james.mailets.Default)
[Spool Thread #2] 30 Apr 2015 12:53:56 | INFO Message was S/MIME
encrypted. Encryption
algorithm: AES256; Key size: 256; MailID:
4295a4c0-a452-4e3f-bd48-7087f053b60a; Recipients: [user(a)example.org]
(mitm.application.djigzo.james.mailets.SMIMEEncrypt) [Spool Thread #2]
30 Apr 2015 12:53:56 | INFO "encryption notification" is disabled for
the sender; MailID: 4295a4c0-a452-4e3f-bd48-7087f053b60a; Recipients:
[user(a)example.org] (mitm.application.djigzo.james.mailets.Default)
[Spool Thread #2]
30 Apr 2015 12:53:56 | INFO Message handling is finished. Sending to
final recipient(s); MailID: 4295a4c0-a452-4e3f-bd48-7087f053b60a;
Recipients: [user(a)example.org]; Originator: user(a)example.org; Sender:
user(a)example.org; Remote address: xx.xx.xx.129; Subject: ezf;
Message-ID: <55426C33.8000505(a)example.org>;
(mitm.application.djigzo.james.mailets.Log) [Spool Thread #2] 30 Apr
2015 12:53:56 | ERROR **** Message is stored in ERROR spool ****;
MailID: 4295a4c0-a452-4e3f-bd48-7087f053b60a; Recipients:
[user(a)example.org]; Error message: ;
(mitm.application.djigzo.james.mailets.Log) [Spool Thread #3]

Any ideas ?

Thank you.

2

I get errors with the handling of all emails.

System was running really fine but since I have imported and activated
the xml DLP patterns. All mails drops into errors.

System is Debian Wheezy running Djigzo 2.10.0-3

It might be that the internal SMTP engine is unable to send the mail
back to postfix after handling the email.

Can you check the log files in

/usr/share/djigzo/james-2.3.1/apps/james/logs

You can also send me the log files off-list (i.e., directly to me) so I
can see what might be wrong.

Kind regards,

Martijn Brinkers

···

On 05/01/2015 06:51 AM, Frédéric d'Huart wrote:

/var/log/djigzo.log:

30 Apr 2015 12:53:56 | INFO "subject trigger" is disabled for the
sender; MailID: 4295a4c0-a452-4e3f-bd48-7087f053b60a; Recipients:
[user(a)example.org] (mitm.application.djigzo.james.mailets.Default)
[Spool Thread #2]
30 Apr 2015 12:53:56 | INFO "force encrypt header trigger" is disabled
for the sender; MailID: 4295a4c0-a452-4e3f-bd48-7087f053b60a;
Recipients: [user(a)example.org]
(mitm.application.djigzo.james.mailets.Default) [Spool Thread #2]
30 Apr 2015 12:53:56 | INFO There are valid S/MIME encryption
certificates for the recipient(s); MailID:
4295a4c0-a452-4e3f-bd48-7087f053b60a; Recipients: [user(a)example.org]
(mitm.application.djigzo.james.mailets.Default) [Spool Thread #2]
30 Apr 2015 12:53:56 | INFO Trying to S/MIME sign the message; MailID:
4295a4c0-a452-4e3f-bd48-7087f053b60a; Recipients: [user(a)example.org]
(mitm.application.djigzo.james.mailets.Default) [Spool Thread #2]
30 Apr 2015 12:53:56 | INFO Message was S/MIME signed. Signing
algorithm: SHA256WithRSAEncryption; Sign mode: clear; MailID:
4295a4c0-a452-4e3f-bd48-7087f053b60a; Recipients: [user(a)example.org]
(mitm.application.djigzo.james.mailets.SMIMESign) [Spool Thread #2]
30 Apr 2015 12:53:56 | INFO Trying to S/MIME encrypt the message;
MailID: 4295a4c0-a452-4e3f-bd48-7087f053b60a; Recipients:
[user(a)example.org] (mitm.application.djigzo.james.mailets.Default)
[Spool Thread #2] 30 Apr 2015 12:53:56 | INFO Message was S/MIME
encrypted. Encryption
algorithm: AES256; Key size: 256; MailID:
4295a4c0-a452-4e3f-bd48-7087f053b60a; Recipients: [user(a)example.org]
(mitm.application.djigzo.james.mailets.SMIMEEncrypt) [Spool Thread #2]
30 Apr 2015 12:53:56 | INFO "encryption notification" is disabled for
the sender; MailID: 4295a4c0-a452-4e3f-bd48-7087f053b60a; Recipients:
[user(a)example.org] (mitm.application.djigzo.james.mailets.Default)
[Spool Thread #2]
30 Apr 2015 12:53:56 | INFO Message handling is finished. Sending to
final recipient(s); MailID: 4295a4c0-a452-4e3f-bd48-7087f053b60a;
Recipients: [user(a)example.org]; Originator: user(a)example.org; Sender:
user(a)example.org; Remote address: xx.xx.xx.129; Subject: ezf;
Message-ID: <55426C33.8000505(a)example.org>;
(mitm.application.djigzo.james.mailets.Log) [Spool Thread #2] 30 Apr
2015 12:53:56 | ERROR **** Message is stored in ERROR spool ****;
MailID: 4295a4c0-a452-4e3f-bd48-7087f053b60a; Recipients:
[user(a)example.org]; Error message: ;
(mitm.application.djigzo.james.mailets.Log) [Spool Thread #3]

Any ideas ?

Thank you.
_______________________________________________
Users mailing list
Users(a)lists.djigzo.com
https://lists.djigzo.com/lists/listinfo/users

--
CipherMail email encryption

Open source email encryption gateway with support for S/MIME, OpenPGP
and PDF messaging.

Twitter: http://twitter.com/CipherMail

3

Dears,

Changing

"smtpd_tls_security_level = encrypt" to "smtpd_tls_security_level = may"
in /etc/postfix/main.cf fixed the issue.

Ciphermail Java mail client configuration doesn't seems to support TLS
by default when connecting to localhost.
Is there a way to activate it ?

Thank you.

···

On 05/01/15 06:51, Frédéric d'Huart wrote:

Hello Ciphermail users.

I get errors with the handling of all emails.

System was running really fine but since I have imported and activated
the xml DLP patterns. All mails drops into errors.

System is Debian Wheezy running Djigzo 2.10.0-3

/var/log/djigzo.log:

30 Apr 2015 12:53:56 | INFO "subject trigger" is disabled for the
sender; MailID: 4295a4c0-a452-4e3f-bd48-7087f053b60a; Recipients:
[user(a)example.org] (mitm.application.djigzo.james.mailets.Default)
[Spool Thread #2]
30 Apr 2015 12:53:56 | INFO "force encrypt header trigger" is disabled
for the sender; MailID: 4295a4c0-a452-4e3f-bd48-7087f053b60a;
Recipients: [user(a)example.org]
(mitm.application.djigzo.james.mailets.Default) [Spool Thread #2]
30 Apr 2015 12:53:56 | INFO There are valid S/MIME encryption
certificates for the recipient(s); MailID:
4295a4c0-a452-4e3f-bd48-7087f053b60a; Recipients: [user(a)example.org]
(mitm.application.djigzo.james.mailets.Default) [Spool Thread #2]
30 Apr 2015 12:53:56 | INFO Trying to S/MIME sign the message; MailID:
4295a4c0-a452-4e3f-bd48-7087f053b60a; Recipients: [user(a)example.org]
(mitm.application.djigzo.james.mailets.Default) [Spool Thread #2]
30 Apr 2015 12:53:56 | INFO Message was S/MIME signed. Signing
algorithm: SHA256WithRSAEncryption; Sign mode: clear; MailID:
4295a4c0-a452-4e3f-bd48-7087f053b60a; Recipients: [user(a)example.org]
(mitm.application.djigzo.james.mailets.SMIMESign) [Spool Thread #2]
30 Apr 2015 12:53:56 | INFO Trying to S/MIME encrypt the message;
MailID: 4295a4c0-a452-4e3f-bd48-7087f053b60a; Recipients:
[user(a)example.org] (mitm.application.djigzo.james.mailets.Default)
[Spool Thread #2] 30 Apr 2015 12:53:56 | INFO Message was S/MIME
encrypted. Encryption
algorithm: AES256; Key size: 256; MailID:
4295a4c0-a452-4e3f-bd48-7087f053b60a; Recipients: [user(a)example.org]
(mitm.application.djigzo.james.mailets.SMIMEEncrypt) [Spool Thread #2]
30 Apr 2015 12:53:56 | INFO "encryption notification" is disabled for
the sender; MailID: 4295a4c0-a452-4e3f-bd48-7087f053b60a; Recipients:
[user(a)example.org] (mitm.application.djigzo.james.mailets.Default)
[Spool Thread #2]
30 Apr 2015 12:53:56 | INFO Message handling is finished. Sending to
final recipient(s); MailID: 4295a4c0-a452-4e3f-bd48-7087f053b60a;
Recipients: [user(a)example.org]; Originator: user(a)example.org; Sender:
user(a)example.org; Remote address: xx.xx.xx.129; Subject: ezf;
Message-ID: <55426C33.8000505(a)example.org>;
(mitm.application.djigzo.james.mailets.Log) [Spool Thread #2] 30 Apr
2015 12:53:56 | ERROR **** Message is stored in ERROR spool ****;
MailID: 4295a4c0-a452-4e3f-bd48-7087f053b60a; Recipients:
[user(a)example.org]; Error message: ;
(mitm.application.djigzo.james.mailets.Log) [Spool Thread #3]

Any ideas ?

Thank you.
_______________________________________________
Users mailing list
Users(a)lists.djigzo.com
https://lists.djigzo.com/lists/listinfo/users

4

Do you really need to support TLS for the internal SMTP connection? This
connection is only internal so enabling TLS is in my view wasting CPU
power. If you need to use smtpd_tls_security_level = encrypt for the
external accessible SMTP server, there are two options

1. Override the smtpd_tls_security_level setting for the internal port

Add a an empty smtpd_tls_security_level setting to the internal SMTP
daemon on 127.0.0.1:10026:

-o smtpd_tls_security_level=

So the definition for 127.0.0.1:10026 in /etc/postfix/master.cf should
look like:

127.0.0.1:10026 inet n - n - 10 smtpd
            -o content_filter=
            -o
receive_override_options=no_unknown_recipient_checks,no_header_body_checks,no_milters
            -o smtpd_helo_restrictions=
            -o smtpd_client_restrictions=
            -o smtpd_sender_restrictions=
            -o smtpd_recipient_restrictions=permit_mynetworks,reject
            -o smtpd_tls_security_level=
            -o mynetworks=127.0.0.0/8
            -o smtpd_authorized_xforward_hosts=127.0.0.0/8
            -o smtpd_authorized_xclient_hosts=127.0.0.0/8
            -o cleanup_service_name=cleanup_reinject

Now the internal SMTP daemon does not require SMTP. All other SMTP
daemons (the one connected to external) use the default setting for
smtpd_tls_security_level

2. Enable TLS on the internal client

It should be possible to configure this since javamail supports TLS.
However I have never tested this since I do not see the need to locally
use TLS. If you really require this I might see how to configure this.

Kind regards,

Martijn Brinkers

···

On 05/01/2015 08:22 AM, Frédéric d'Huart wrote:

"smtpd_tls_security_level = encrypt" to "smtpd_tls_security_level = may"
in /etc/postfix/main.cf fixed the issue.

Ciphermail Java mail client configuration doesn't seems to support TLS
by default when connecting to localhost.
Is there a way to activate it ?

--
CipherMail email encryption

Open source email encryption gateway with support for S/MIME, OpenPGP
and PDF messaging.

Twitter: http://twitter.com/CipherMail