I’m really struggling to get the mail-receiver container to work reliably. I’m at the point where it works as intended for replies sent from my personal GMail account, but it rejects emails sent from my employer’s office 365 webapp. I can’t tell if this is a config issue on my end or something weird about how my employer routes email.
I’m new to looking at the output of ./launcher logs mail-receiver, but I think this excerpt demonstrates the typical sequence of events during a failed delivery:
Jan 27 17:19:13 myvps-mail-receiver postfix/spawn[363]: warning: command /usr/bin/policyd-spf exit status 120
Jan 27 17:20:21 myvps-mail-receiver postfix/smtpd[356]: warning: problem talking to server private/policyd-spf: Connection timed out
Jan 27 17:20:21 myvps-mail-receiver postfix/smtpd[356]: NOQUEUE: reject: RCPT from mail-server.employer.tld[XX.XXX.XX.XX]: 451 4.3.5 <4eb16fb194e4f56c53b738dd8b3f3411@reply.my_domain.tld>: Recipient address rejected: Server configuration problem; from=<me@employer.tld> to=<4eb16fb194e4f56c53b738dd8b3f3411@reply.my_domain.tld> proto=ESMTP helo=<mail-server.employer.tld>
Jan 27 17:20:21 myvps-mail-receiver postfix/smtpd[356]: using backwards-compatible default setting smtpd_relay_before_recipient_restrictions=no to reject recipient "4eb16fb194e4f56c53b738dd8b3f3411@reply.my_domain.tld" from client "mail-server.employer.tld[XX.XXX.XX.XX]"
Jan 27 17:20:21 myvps-mail-receiver postfix/smtpd[356]: disconnect from mail-server.employer.tld[XX.XXX.XX.XX] ehlo=1 mail=1 rcpt=0/1 data=0/1 rset=1 quit=1 commands=4/6
<22>Jan 27 17:20:56 policyd-spf[367]: : prepend Received-SPF: Pass (mailfrom) identity=mailfrom; client-ip=XX.XXX.XX.XX; helo=mail-server.employer.tld; envelope-from=me@employer.tld; receiver=reply.my_domain.tld <22>Jan 27 17:20:56 policyd-spf[367]: Traceback (most recent call last):
Jan 27 17:20:56 myvps-mail-receiver postfix/spawn[366]: warning: command /usr/bin/policyd-spf exit status 120
It seems like the spf policy daemon is not working based on the first, second, and final lines. I can’t find anything diagnostic as to why it isn’t working. I’m also not sure whether it is necessary. Emails from GMail seem to make it through just fine.
I’m self hosting on a VPS with Cloudflare DNS and transactional email from Brevo.
I’ve also noticed quite a few unpredictable bounces from Microsoft 365 sources over a long time, which is has been most irritating as so many companies use it. I’ve thusfar had no luck chasing the source end for issues.
Perhaps there is a problem with mail-receiver as you suggest; I’d be delighted if this was investigated!
I’m not sure if my config, my employer’s, or the mail-receiver app are to blame . I would definitely appreciate any suggestions about how to wring more info out of the container.
Can anyone tell me how to access the raw system log coming out of the mail-receiver container? I feel like there is supposed to be a traceback after this line:
Here’s the response from pasting the entirety of those lines of the log into ask.Discourse.com…
Troubleshooting Postfix and Policyd-SPF IssuesAI
denvergeeks:
what this error indicates:
Jan 27 17:19:13 myvps-mail-receiver postfix/spawn[363]: warning: command /usr/bin/policyd-spf exit status 120
Jan 27 17:20:21 myvps-mail-receiver postfix/smtpd[356]: warning: problem talking to server private/policyd-spf: Connection timed out
Jan 27 17:20:21 myvps-mail-receiver postfix/smtpd[356]: NOQUEUE: reject: RCPT from mail-server.employer.tld[XX.XXX.XX.XX]: 451 4.3.5 <4eb16fb194e4f56c53b738dd8b3f3411@reply.my_domain.tld>: Recipient address rejected: Server configuration problem; from=me@employer.tld to=<4eb16fb194e4f56c53b738dd8b3f3411@reply.my_domain.tld> proto=ESMTP helo=<mail-server.employer.tld>
Jan 27 17:20:21 myvps-mail-receiver postfix/smtpd[356]: using backwards-compatible default setting smtpd_relay_before_recipient_restrictions=no to reject recipient “4eb16fb194e4f56c53b738dd8b3f3411@reply.my_domain.tld” from client “mail-server.employer.tld[XX.XXX.XX.XX]”
Jan 27 17:20:21 myvps-mail-receiver postfix/smtpd[356]: disconnect from mail-server.employer.tld[XX.XXX.XX.XX] ehlo=1 mail=1 rcpt=0/1 data=0/1 rset=1 quit=1 commands=4/6
<22>Jan 27 17:20:56 policyd-spf[367]: : prepend Received-SPF: Pass (mailfrom) identity=mailfrom; client-ip=XX.XXX.XX.XX; helo=mail-server.employer.tld; envelope-from=me@employer.tld; receiver=reply.my_domain.tld <22>Jan 27 17:20:56 policyd-spf[367]: Traceback (most recent call last):
Jan 27 17:20:56 myvps-mail-receiver postfix/spawn[366]: warning: command /usr/bin/policyd-spf exit status 120
DiscourseHelper:
Searching
Searching for: postfix policyd-spf exit status 120 server configuration problem connection timed out reason and solution
It seems your error logs indicate issues with postfix and policyd-spf. Specifically:
Exit Status 120 for policyd-spf:
This typically points to a problem in the policyd-spf configuration or permissions. Policyd-SPF is used to validate incoming emails based on the Sender Policy Framework (SPF). Exit status 120 often signifies an application error or inability to process the SPF validation requirements.
Connection to private/policyd-spf Time Out:
This happens when postfix cannot communicate with the policyd-spf service, likely due to:
Invalid path or configuration for the communication socket.
The spawn process for policyd-spf not being set up correctly or failing to initialize.
RCPT Rejection with Status 451:
The recipient email address is rejected because of a “server configuration problem.” This suggests that due to the failure in SPF validation, postfix is unable to accept the recipient.
Steps to Resolve:
Check the policyd-spf Configuration:
Ensure that the SPF-related configurations in /etc/postfix/main.cf (or equivalent) are pointing to the correct policy service:
policy-spf unix - n n - - spawn
user=nobody argv=/usr/bin/policyd-spf
If the argv command path (/usr/bin/policyd-spf) is incorrect, adjust it.
Service and Logs:
Restart the policyd-spf service:
systemctl restart policyd-spf
Review further logs for policyd-spf to pinpoint specific issues:
journalctl -u policyd-spf
Postfix Configuration:
Ensure that postfix is properly using policyd-spf. In /etc/postfix/master.cf, validate:
smtp inet n - n - - smtpd
-o smtpd_recipient_restrictions=permit_mynetworks,reject_unauth_destination,check_policy_service=unix:private/policyd-spf
Check file permissions for /etc/postfix and socket paths.
Test SPF:
Try manually validating an SPF record using external tools or via CLI (dig command):
dig +short txt yourdomain.com
Ensure your email SPF records are correct.
Socket Communication:
Verify if the private/policyd-spf socket exists and is accessible:
ls /var/spool/postfix/private/policyd-spf
# Adjust permissions if the file exists:
chown postfix:postfix /var/spool/postfix/private/policyd-spf
chmod 770 /var/spool/postfix/private/policyd-spf
Relink or recreate the Unix socket file if missing.
Configuration Errors:
Review default parameters in /etc/policyd-spf/policyd-spf.conf, and confirm correctness against your use case.
If you continue facing issues beyond configuration changes, reach out to your hosting provider or Discourse support to ensure server health and correct connectivity settings. You can also explore more from external SPF issue documentation or the postfix/policyd community forums.
And here’s a link to the response from Perplexity.ai…
I tried what I could based on these responses, but nothing seems to fix the issue. I think what would be most helpful is if someone could tell me how to get the contents of the Python tracebacks from policyd-spf into the log files. Any suggestions? Is this just a red herring?
. I would definitely appreciate any suggestions about how to wring more info out of the container.