Всем Привет!
Имеется система Ubuntu Server 16.04 c почтовым сервером (Postfix+Dovecot+MySQL)
Проблема в том, что на клиентах (ThunderBird) периодически не хочет сохранять отправленные письма.
dovecot.log
Oct 09 11:29:15 imap(service3@site.ru): Warning: autocreate plugin is deprecated, use mailbox { auto } setting instead
Oct 09 11:29:17 imap-login: Error: SSL: Stacked error: error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca: SSL alert number 48
Oct 09 11:29:17 imap-login: Info: Disconnected (no auth attempts in 0 secs): user=<>, rip=105.650.321.444, lip=45.450.126.360, TLS: SSL_read() failed: Unknown error, session=<PKKB/Bhb0iJbvlPS>
Oct 09 11:29:17 auth: Debug: auth client connected (pid=5850)
Oct 09 11:29:17 imap-login: Error: SSL: Stacked error: error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca: SSL alert number 48
Oct 09 11:29:17 imap-login: Info: Disconnected (no auth attempts in 0 secs): user=<>, rip=105.650.321.444, lip=45.450.126.360, TLS: SSL_read() failed: Unknown error, session=<rEiD/Bhb0yJbvlPS>
syslog
Oct 9 11:35:05 Ubuntu-1604-xenial-64-minimal postfix/pipe[6103]: .... doveconf: Warning: NOTE: You can get a new clean config file with: doveconf -n > dovecot-new.conf do))
dovecot -a
# 2.2.22 (fe789d2): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.13 (7b14904)
doveconf: Warning: NOTE: You can get a new clean config file with: doveconf -n > dovecot-new.conf
doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:13: 'imaps' protocol is no longer necessary, remove it
doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:13: 'pop3s' protocol is no longer necessary, remove it
Конфиг dovecot
spoiler!include_try /usr/share/dovecot/protocols.d/*.protocol
listen = *
base_dir = /var/run/dovecot/
login_greeting = Dovecot ready.
dict {
#quota = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext
#expire = sqlite:/etc/dovecot/dovecot-dict-sql.conf.ext
}
mail_location = mbox:~/mail:INBOX=/var/mail/%u
mail_privileged_group = mail
mail_location = maildir:/var/vmail/%d/%n
mail_uid = vmail
mail_gid = mail
disable_plaintext_auth = no
auth_mechanisms = plain login cram-md5
#!include auth-system.conf.ext
!include auth-sql.conf.ext
#IMAP
!include conf.d/*.conf
!include_try local.conf
protocols = pop3 pop3s imap imaps
protocol imap {
# Space separated list of plugins to load (default is global mail_plugins).
mail_plugins = $mail_plugins autocreate
# Maximum number of IMAP connections allowed for a user from each IP address.
# NOTE: The username is compared case-sensitively.
mail_max_userip_connections = 1000
}
# At the end of file paste following code
plugin {
autocreate = Trash
autocreate2 = Junk
autocreate3 = Drafts
autocreate4 = Sent
autosubscribe = Trash
autosubscribe2 = Junk
autosubscribe3 = Drafts
autosubscribe4 = Sent
}
#default_process_limit = 100
#default_client_limit = 1000
#default_vsz_limit = 256M
#default_login_user = dovenull
#default_internal_user = dovecot
service imap-login {
inet_listener imap {
#port = 143
}
inet_listener imaps {
#port = 993
#ssl = yes
}
#service_count = 1
# Number of processes to always keep waiting for more connections.
#process_min_avail = 0
# If you set service_count=0, you probably need to grow this.
#vsz_limit = $default_vsz_limit
}
service pop3-login {
inet_listener pop3 {
#port = 110
}
inet_listener pop3s {
#port = 995
#ssl = yes
}
}
service lmtp {
unix_listener lmtp {
#mode = 0666
}
#inet_listener lmtp {
# Avoid making LMTP visible for the entire internet
#address =
#port =
#}
}
service imap {
# Most of the memory goes to mmap()ing files. You may need to increase this
# limit if you have huge mailboxes.
#vsz_limit = $default_vsz_limit
# Max. number of IMAP processes (connections)
process_limit = 1024
}
service pop3 {
# Max. number of POP3 processes (connections)
#process_limit = 1024
}
service auth {
unix_listener auth-userdb {
#mode = 0666
#user =
#group =
mode = 0666
user = vmail
group = mail
}
# Postfix smtp-auth
unix_listener /var/spool/postfix/private/auth {
mode = 0666
user = postfix
group = postfix
}
# Auth process is run as this user.
#user = $default_internal_user
}
service auth-worker {
# Auth worker process is run as root by default, so that it can access
# /etc/shadow. If this isn't necessary, the user should be changed to
# $default_internal_user.
#user = root
}
service dict {
# If dict proxy is used, mail processes should have access to its socket.
# For example: mode=0660, group=vmail and global mail_access_groups=vmail
unix_listener dict {
#mode = 0600
#user =
#group =
}
}
ssl = yes
ssl_cert = </etc/postfix/certs/cert.pem
ssl_key = </etc/postfix/certs/key.pem
#
ssl_protocols = !SSLv2 !SSLv3
ssl_cipher_list = ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS
postmaster_address = postmaster@site.ru
protocol lda {
# Space separated list of plugins to load (default is global mail_plugins).
#mail_plugins = $mail_plugins
}
#Логи
log_path = /var/log/dovecot.log
auth_verbose = yes
auth_debug = yes
mail_debug = yes