CentOS 7 Postfix Update Bug - Impacts Zimbra and Others
-
If you did the latest round of CentOS 7 updates (and presumably RHEL 7 updates) yesterday, and you run a different MTA (email server) than the system expects, such as Zimbra, then you may run into an update bug. CentOS has an update to Postfix which causes it to become enabled, even when it was previously disabled, modifying a running system. It then binds to 127.0.0.1:25. On a "normal" box, this is not an issue. But if you have another MTA, such as when you are running a Zimbra server that needs to bind its own MTA to 0.0.0.0:25, then you have a port conflict.
Likely, many people running CentOS 7 who did not want Postfix to be running now have it running but since the port is not generally exposed they are not aware that anything has changed. Still bad, but pretty minor. But if you are running an email server, this will stop emails from being received. With Zimbra, it will stop receiving, but will continue sending because it can still use the new MTA for outbound emails.
Fixing this is simple, discovering it is not. To fix, simply...
systemctl disable postfixAnd then reboot to bring whatever system you have back to the way that it was.
-
Does the built in firewall open the port as well for Postfix?
-
@Dashrender said in CentOS 7 Postfix Update Bug - Impacts Zimbra and Others:
Does the built in firewall open the port as well for Postfix?
No, and Postfix wouldn't respond anyway, as it is not bound to anything public.
-
@scottalanmiller said in CentOS 7 Postfix Update Bug - Impacts Zimbra and Others:
@Dashrender said in CentOS 7 Postfix Update Bug - Impacts Zimbra and Others:
Does the built in firewall open the port as well for Postfix?
No, and Postfix wouldn't respond anyway, as it is not bound to anything public.
Cool - so not a real issue, but still not a good thing to have happen.
-
Good to know, I use Ubuntu/Debian so I will check for that.
