| View previous topic :: View next topic |
| Author |
Message |
FuriousGeorge
Apprentice
Joined: 03 Mar 2005
Posts: 160
|
 Posted: Mon Jan 07, 2008 10:35 pm Post subject: [SOLVED]Postfix Local transport not receiving mail |
 |
|
I followed the Official Virtual Mailhosting System with Postfix Guide, and it almost works as expected but not quite.
My virtual domain is fine. It can both send and receive mail.
My local domain can send mail, but as far as i can tell, is not receiving mail.
note that both are FQDNs
The postfix logs indicate the mail was delivered:
| Code: | | Jan 7 16:34:32 thedude postfix/local[15333]: 85E053B0D1: to=<root@localdomain.com>, orig_to=<admin@localdomain.com>, relay=local, delay=0.87, delays=0.62/0.03/0/0.22, dsn=2.0.0, status=sent (delivered to maildir) |
... but if I grep around for a word from the subject in /home/foo/.maildir/ i cannot locate the file which matches the supposedly delivered mail. I know the db setting for the maildir is being used, because if I try to move it other things break.
Conversely, if i grep around for a message in /home/vmail/virtdomain.com/foo/.maildir/ i see the messages in Squirrelmail's inbox in ./cur/
So, I cant find the messages, and obviously neither can squirrelmail as its ./cur/ directory is always empty despite postfix's assertion that the mail was delivered to maildir.
my postfix settings are as follows:
| Code: | # postfix -n
postfix: invalid option -- n
postfix: fatal: usage: postfix [-c config_dir] [-Dv] command
thedude home # postconf -n
alias_maps = hash:/usr/local/mailman/data/aliases, mysql:/etc/postfix/mysql-aliases.cf
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/lib/postfix
debug_peer_level = 2
default_destination_concurrency_limit = 10
home_mailbox = .maildir/
html_directory = /usr/share/doc/postfix-2.4.5/html
inet_interfaces = all
local_destination_concurrency_limit = 2
local_recipient_maps = mysql:/etc/postfix/mysql-aliases.cf mysql:/etc/postfix/mysql-virtual-maps.cf unix:passwd.byname
local_transport = local
mail_owner = postfix
mailq_path = /usr/bin/mailq
manpage_directory = /usr/share/man
mydestination = thedude, localhost.localdomain, localdomain.com
mydomain = localdomain.com
myhostname = thedude.localdomain.com
mynetworks = 67.18.17.0/24, 127.0.0.0/8
newaliases_path = /usr/bin/newaliases
owner_request_special = no
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.4.5/readme
recipient_delimiter = +
relocated_maps = mysql:/etc/postfix/mysql-relocated.cf
sample_directory = /etc/postfix
sendmail_path = /usr/sbin/sendmail
setgid_group = postdrop
smtp_tls_note_starttls_offer = yes
smtp_use_tls = yes
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
smtpd_tls_CAfile = /etc/postfix/cacert.pem
smtpd_tls_cert_file = /etc/postfix/newcert.pem
smtpd_tls_key_file = /etc/postfix/newkey.pem
smtpd_tls_loglevel = 3
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom
unknown_local_recipient_reject_code = 550
virtual_alias_maps = hash:/usr/local/mailman/data/virtual-mailman, mysql:/etc/postfix/mysql-virtual.cf
virtual_gid_maps = static:1000
virtual_mailbox_base = /
virtual_mailbox_domains = virtdomain.com
virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-maps.cf
virtual_minimum_uid = 1000
virtual_transport = virtual
virtual_uid_maps = static:1000
|
| Code: |
# cat /etc/postfix/master.cf
smtp inet n - n - - smtpd -v
pickup fifo n - n 60 1 pickup
cleanup unix n - n - 0 cleanup
qmgr fifo n - n 300 1 qmgr
tlsmgr unix - - n 1000? 1 tlsmgr
rewrite unix - - n - - trivial-rewrite
bounce unix - - n - 0 bounce
defer unix - - n - 0 bounce
trace unix - - n - 0 bounce
verify unix - - n - 1 verify
flush unix n - n 1000? 0 flush
proxymap unix - - n - - proxymap
smtp unix - - n - - smtp
showq unix n - n - - showq
error unix - - n - - error
retry unix - - n - - error
discard unix - - n - - discard
local unix - n n - - local -v
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
anvil unix - - n - 1 anvil
scache unix - - n - 1 scache
|
| Code: | # mysql -u root -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 2560
Server version: 5.0.44-log Gentoo Linux mysql-5.0.44
Type 'help;' or '\h' for help. Type '\c' to clear the buffer.
mysql> use mailsql;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Database changed
mysql> show tables;
+-------------------+
| Tables_in_mailsql |
+-------------------+
| alias |
| relocated |
| transport |
| users |
| virtual |
+-------------------+
5 rows in set (0.00 sec)
mysql> select * from alias;
+----+------------+------------------------+
| id | alias | destination |
+----+------------+------------------------+
| 1 | admin | root@localdomain.com |
| 2 | postmaster | postmaster@localdomain.com |
+----+------------+------------------------+
2 rows in set (0.02 sec)
mysql> select * from relocated;
Empty set (0.00 sec)
mysql> select * from transport;
+----+-------------+-------------+
| id | domain | destination |
+----+-------------+-------------+
| 1 | localdomain.com | local: |
| 2 | virtdomain.com | virtual: |
+----+-------------+-------------+
2 rows in set (0.15 sec)
mysql> select * from users;
+----+--------------------+----------+-------------------+------+------+-------------+------------------------------------------+-------+---------+
| id | email | clear | name | uid | gid | homedir | maildir | quota | postfix |
+----+--------------------+----------+-------------------+------+------+-------------+------------------------------------------+-------+---------+
| 1 | admin@localdomain.com | secret | Foo Q. Public | 1001 | 1001 | /home/foo | /home/foo/.maildir/ | | y |
| 2 | damian@virtdomain | secret | Damian Smith | 1000 | 1000 | /home/vmail | /home/vmail/virtdomain.com/damian/.maildir/ | | y |
+----+--------------------+----------+-------------------+------+------+-------------+------------------------------------------+-------+---------+
2 rows in set (0.01 sec)
mysql> select * from virtual;
Empty set (0.00 sec)
mysql> quit
Bye
|
Here are 100 or so lines of log that correspond to the local domain which cannot receive but can send attempting to send itself a message:
| Code: |
# cat /tmp/postfix_troubles.txt
Jan 7 18:02:51 thedude postfix/local[15580]: private/rewrite socket: wanted attribute: flags
Jan 7 18:02:51 thedude postfix/local[15580]: input attribute name: flags
Jan 7 18:02:51 thedude postfix/local[15580]: input attribute value: 0
Jan 7 18:02:51 thedude postfix/local[15580]: private/rewrite socket: wanted attribute: address
Jan 7 18:02:51 thedude postfix/local[15580]: input attribute name: address
Jan 7 18:02:51 thedude postfix/local[15580]: input attribute value: root@localdomain.com
Jan 7 18:02:51 thedude postfix/local[15580]: private/rewrite socket: wanted attribute: (list terminator)
Jan 7 18:02:51 thedude postfix/local[15580]: input attribute name: (end)
Jan 7 18:02:51 thedude postfix/local[15580]: rewrite_clnt: local: root@localdomain.com -> root@localdomain.com
Jan 7 18:02:51 thedude postfix/local[15580]: tok822_rewrite: result: root@localdomain.com
Jan 7 18:02:51 thedude postfix/local[15580]: send attr request = resolve
Jan 7 18:02:51 thedude postfix/local[15580]: send attr sender =
Jan 7 18:02:51 thedude postfix/local[15580]: send attr address = root@localdomain.com
Jan 7 18:02:51 thedude postfix/local[15580]: private/rewrite socket: wanted attribute: flags
Jan 7 18:02:51 thedude postfix/local[15580]: input attribute name: flags
Jan 7 18:02:51 thedude postfix/local[15580]: input attribute value: 0
Jan 7 18:02:51 thedude postfix/local[15580]: private/rewrite socket: wanted attribute: transport
Jan 7 18:02:51 thedude postfix/local[15580]: input attribute name: transport
Jan 7 18:02:51 thedude postfix/local[15580]: input attribute value: local
Jan 7 18:02:51 thedude postfix/local[15580]: private/rewrite socket: wanted attribute: nexthop
Jan 7 18:02:51 thedude postfix/local[15580]: input attribute name: nexthop
Jan 7 18:02:51 thedude postfix/local[15580]: input attribute value: localdomain.com
Jan 7 18:02:51 thedude postfix/local[15580]: private/rewrite socket: wanted attribute: recipient
Jan 7 18:02:51 thedude postfix/local[15580]: input attribute name: recipient
Jan 7 18:02:51 thedude postfix/local[15580]: input attribute value: root@localdomain.com
Jan 7 18:02:51 thedude postfix/local[15580]: private/rewrite socket: wanted attribute: flags
Jan 7 18:02:51 thedude postfix/local[15580]: input attribute name: flags
Jan 7 18:02:51 thedude postfix/local[15580]: input attribute value: 256
Jan 7 18:02:51 thedude postfix/local[15580]: private/rewrite socket: wanted attribute: (list terminator)
Jan 7 18:02:51 thedude postfix/local[15580]: input attribute name: (end)
Jan 7 18:02:51 thedude postfix/local[15580]: resolve_clnt: `' -> `root@localdomain.com' -> transp=`local' host=`localdomain.com' rcpt=`root@localdomain.com' flags= class=local
Jan 7 18:02:51 thedude postfix/local[15580]: tok822_resolve: from= addr=root@localdomain.com -> chan=local, host=localdomain.com, rcpt=root@localdomain.com
Jan 7 18:02:51 thedude postfix/local[15580]: deliver_recipient[5]: local admin recip root@localdomain.com exten deliver admin@localdomain.com exp_from admin
Jan 7 18:02:51 thedude postfix/local[15580]: been_here: recipient 5 root@localdomain.com: 0
Jan 7 18:02:51 thedude postfix/local[15580]: level: 0
Jan 7 18:02:51 thedude postfix/local[15580]: path: active/DC71E3B0D1
Jan 7 18:02:51 thedude postfix/local[15580]: fp: 0x808db10
Jan 7 18:02:51 thedude postfix/local[15580]: queue_name: active
Jan 7 18:02:51 thedude postfix/local[15580]: queue_id: DC71E3B0D1
Jan 7 18:02:51 thedude postfix/local[15580]: offset: 561
Jan 7 18:02:51 thedude postfix/local[15580]: sender: admin@localdomain.com
Jan 7 18:02:51 thedude postfix/local[15580]: recipient: root@localdomain.com
Jan 7 18:02:51 thedude postfix/local[15580]: domain: localdomain.com
Jan 7 18:02:51 thedude postfix/local[15580]: local: root
Jan 7 18:02:51 thedude postfix/local[15580]: user: root
Jan 7 18:02:51 thedude postfix/local[15580]: extension: null
Jan 7 18:02:51 thedude postfix/local[15580]: unmatched: null
Jan 7 18:02:51 thedude postfix/local[15580]: owner: null
Jan 7 18:02:51 thedude postfix/local[15580]: delivered: admin@localdomain.com
Jan 7 18:02:51 thedude postfix/local[15580]: relay: local
Jan 7 18:02:51 thedude postfix/local[15580]: exp_type: 1
Jan 7 18:02:51 thedude postfix/local[15580]: exp_from: admin
Jan 7 18:02:51 thedude postfix/local[15580]: why: buffer
Jan 7 18:02:51 thedude postfix/local[15580]: deliver_switch[6]: local root recip root@localdomain.com exten deliver admin@localdomain.com exp_from admin
Jan 7 18:02:51 thedude postfix/local[15580]: deliver_alias[7]: local root recip root@localdomain.com exten deliver admin@localdomain.com exp_from admin
Jan 7 18:02:51 thedude postfix/local[15580]: deliver_alias: hash:/usr/local/mailman/data/aliases(0,lock|no_regsub|no_proxy|no_unauth|fold_fix): root not found
Jan 7 18:02:51 thedude postfix/local[15580]: dict_mysql_get_active: found active connection to host unix:/var/run/mysqld/mysqld.sock
Jan 7 18:02:51 thedude postfix/local[15580]: dict_mysql: successful query from host unix:/var/run/mysqld/mysqld.sock
Jan 7 18:02:51 thedude postfix/local[15580]: dict_mysql_lookup: retrieved 0 rows
Jan 7 18:02:51 thedude postfix/local[15580]: deliver_alias: mysql:/etc/postfix/mysql-aliases.cf(0,lock|no_regsub|no_proxy|no_unauth|fold_fix): root not found
Jan 7 18:02:51 thedude postfix/local[15580]: deliver_dotforward[7]: local root recip root@localdomain.com exten deliver admin@localdomain.com exp_from admin
Jan 7 18:02:51 thedude postfix/local[15580]: deliver_dotforward[7]: set user_attr: root
Jan 7 18:02:51 thedude postfix/local[15580]: set_eugid: euid 0 egid 0
Jan 7 18:02:51 thedude postfix/local[15580]: set_eugid: euid 207 egid 207
Jan 7 18:02:51 thedude postfix/local[15580]: deliver_dotforward: path /root/.forward expand_status 0 look_status -1
Jan 7 18:02:51 thedude postfix/local[15580]: deliver_mailbox[7]: local root recip root@localdomain.com exten deliver admin@localdomain.com exp_from admin
Jan 7 18:02:51 thedude postfix/local[15580]: been_here: mailbox root: 0
Jan 7 18:02:51 thedude postfix/local[15580]: deliver_mailbox[7]: set user_attr: root
Jan 7 18:02:51 thedude postfix/local[15580]: deliver_maildir[8]: local root recip root@localdomain.com exten deliver admin@localdomain.com exp_from admin
Jan 7 18:02:51 thedude postfix/local[15580]: set_eugid: euid 0 egid 0
Jan 7 18:02:52 thedude postfix/local[15580]: set_eugid: euid 207 egid 207
Jan 7 18:02:52 thedude postfix/local[15580]: DC71E3B0D1: to=<root@localdomain.com>, orig_to=<admin@localdomain.com>, relay=local, delay=0.17, delays=0.06/0.01/0/0.09, dsn=2.0.0, status=sent (delivered to maildir)
Jan 7 18:02:52 thedude postfix/local[15580]: deliver_request_final: send: "" 0
Jan 7 18:02:52 thedude postfix/local[15580]: send attr status =
Jan 7 18:02:52 thedude postfix/local[15580]: send attr diag_type =
Jan 7 18:02:52 thedude postfix/local[15580]: send attr diag_text =
Jan 7 18:02:52 thedude postfix/local[15580]: send attr mta_type =
Jan 7 18:02:52 thedude postfix/local[15580]: send attr mta_mname =
Jan 7 18:02:52 thedude postfix/local[15580]: send attr action =
Jan 7 18:02:52 thedude postfix/local[15580]: send attr reason =
Jan 7 18:02:52 thedude postfix/local[15580]: send attr status = 0
Jan 7 18:02:52 thedude postfix/qmgr[15568]: DC71E3B0D1: removed
Jan 7 18:02:52 thedude postfix/local[15580]: master_notify: status 1
Jan 7 18:02:52 thedude postfix/local[15580]: connection closed
Jan 7 18:02:52 thedude imapd: LOGOUT, user=admin@localdomain.com, ip=[::ffff:67.18.17.245], headers=0, body=0, time=1
Jan 7 18:02:52 thedude imapd: Connection, ip=[::ffff:67.18.17.245]
Jan 7 18:02:52 thedude imapd: LOGIN, user=admin@localdomain.com, ip=[::ffff:67.18.17.245], protocol=IMAP
Jan 7 18:02:52 thedude imapd: LOGOUT, user=admin@localdomain.com, ip=[::ffff:67.18.17.245], headers=0, body=0, time=0
Jan 7 18:02:56 thedude postfix/local[15580]: rewrite stream disconnect
Jan 7 18:02:56 thedude imapd: Connection, ip=[::ffff:67.18.17.245]
Jan 7 18:02:56 thedude imapd: LOGIN, user=admin@localdomain.com, ip=[::ffff:67.18.17.245], protocol=IMAP
Jan 7 18:02:56 thedude imapd: LOGOUT, user=admin@localdomain.com, ip=[::ffff:67.18.17.245], headers=0, body=0, time=0
Jan 7 18:02:56 thedude imapd: Connection, ip=[::ffff:67.18.17.245]
Jan 7 18:02:56 thedude imapd: LOGIN, user=admin@localdomain.com, ip=[::ffff:67.18.17.245], protocol=IMAP
Jan 7 18:02:56 thedude imapd: LOGOUT, user=admin@localdomain.com, ip=[::ffff:67.18.17.245], headers=0, body=0, time=0
Jan 7 18:02:56 thedude imapd: Connection, ip=[::ffff:67.18.17.245]
Jan 7 18:02:56 thedude imapd: LOGIN, user=admin@localdomain.com, ip=[::ffff:67.18.17.245], protocol=IMAP
Jan 7 18:02:56 thedude imapd: LOGOUT, user=admin@localdomain.com, ip=[::ffff:67.18.17.245], headers=0, body=0, time=0
Jan 7 18:02:56 thedude postfix/smtpd[15569]: auto_clnt_close: disconnect private/tlsmgr stream
Jan 7 18:02:56 thedude postfix/smtpd[15569]: rewrite stream disconnect
|
As a side not, a line code listing 10.9 reads as follows:
| Code: | | local_recipient_maps = $alias_maps $virtual_mailbox_maps unix:passwd.byname |
I think this would be more clear if it read:
| Code: | | local_recipient_maps = mysql:/$alias_maps mysql:/$virtual_mailbox_maps unix:passwd.byname |
... you can imagine what mistake i made.
Also, the troubleshooting section makes references to /var/log/mail.
At least as of 2007.0 they are no longer there.
Last edited by FuriousGeorge on Tue Jan 08, 2008 8:10 pm; edited 1 time in total |
|
| Back to top |
|
 |
kashani
Advocate
Joined: 02 Sep 2002
Posts: 2032
Location: San Francisco
|
| Posted: Mon Jan 07, 2008 11:54 pm Post subject: |
|
|
Why are you setting a domain to local: transport and then trying to force all the lookups through the db? While certainly possible after a fashion it tends to make things complicated and is ugly to troubleshoot.
In the past I have set the local domain to local: and then postfix will use the regular system accounts for lookups without having to do anything else. That seems to be the behavior you want unless I'm missing something.
kashani
_________________
Will personally fix your server in exchange for motorcycle related shop tools in good shape. |
|
| Back to top |
|
|
FuriousGeorge
Apprentice
Joined: 03 Mar 2005
Posts: 160
|
| Posted: Tue Jan 08, 2008 12:01 am Post subject: |
|
|
| kashani wrote: | | Why are you setting a domain to local: transport and then trying to force all the lookups through the db? While certainly possible after a fashion it tends to make things complicated and is ugly to troubleshoot. |
Interesting you should mention this because my buddies in #postfix pointed out the same thing (at least it sounded the same to my inexperienced ear). My response was that I'm following the official gentoo howto, and I dont know how else to do it.
I guess you are also saying that you disagree with the HowTo, because I didnt deviate from that as far as i can tell.
| Quote: |
In the past I have set the local domain to local: and then postfix will use the regular system accounts for lookups without having to do anything else. That seems to be the behavior you want unless I'm missing something.
kashani |
Set them to local where? somewhere in main.cf? i do, in fact want that, especially if it makes it easier.
We must be talking about this line in main.cf:
| Code: | | local_recipient_maps = mysql:/etc/postfix/mysql-aliases.cf mysql:/etc/postfix/mysql-virtual-maps.cf unix:passwd.byname |
Currently, I think the settings we are talking about are set in the 'transport' table of my db. Should that instead go in some directive in min.cf?
I'm gonna keep looking into it and see if I can't update with some progress or a solution. |
|
| Back to top |
|
|
kashani
Advocate
Joined: 02 Sep 2002
Posts: 2032
Location: San Francisco
|
| Posted: Tue Jan 08, 2008 12:36 am Post subject: |
|
|
Wow, it looks like the Gentoo How-to has become even more retarded that it was before. I didn't realize that and I'll try to un-fsck your config into something that'll work. However I highly recommend scrapping they whole thing in favor of PostfixAdmin which is a far better system and easier to admin with it's PHP web interface.
I"m not fully up to speed on the Gentoo How-to these days, but the following should work. You need to have these lines in you main.cf.
| Code: |
mydestination = thedude, localhost.localdomain, localdomain.com
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-aliases.cf
virtual_gid_maps = static:1000
virtual_mailbox_base = /var/vmail/
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual.cf
virtual_mailbox_limit = 112400000
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual-maps.cf
virtual_minimum_uid = 1000
virtual_transport = virtual
virtual_uid_maps = static:1000
|
Remove the alias_maps line, the Postfix internal default is fine. Same with local_transport and local_recipient_maps. No one used relocated_maps either so you can drop that as well.
Couple of notes on this. The proxy:mysql: statement allows Postfix to use the same Mysql connection so if someone mail bombs your mail server Postfix will not open 400 connections to your db and slow everything to a halt. Otherwise it is functionally the same as just using mysql: as the Gentoo How-to shows. I dropped all the mailman stuff since I know all of one user who uses it across virtual domains. If you want to use it with one domain I recommend making that domain local and doing it through normal aliases. Lastly since we are deleting the alias_maps you'll need to make sure that any aliases for your local domain is specified in /etc/mail/aliases and then run newaliases.
If you're interested in PostfixAdmin my main.cf changes are online at http://badapple.net/main-cf.txt and I'd be more than happy to answer any questions about my setup.
kashani
_________________
Will personally fix your server in exchange for motorcycle related shop tools in good shape. |
|
| Back to top |
|
|
FuriousGeorge
Apprentice
Joined: 03 Mar 2005
Posts: 160
|
| Posted: Tue Jan 08, 2008 1:10 am Post subject: |
|
|
| kashani wrote: | | Wow, it looks like the Gentoo How-to has become even more retarded that it was before. I didn't realize that and I'll try to un-fsck your config into something that'll work. However I highly recommend scrapping they whole thing in favor of PostfixAdmin which is a far better system and easier to admin with it's PHP web interface. |
I believe the howtwo sets things up for Postfix Admin because it had me install it. I assume once the mail is working, basic administrative tasks will be handled by Postfix Admin.
| Quote: |
I"m not fully up to speed on the Gentoo How-to these days, but the following should work. You need to have these lines in you main.cf.
| Code: |
mydestination = thedude, localhost.localdomain, localdomain.com
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-aliases.cf
virtual_gid_maps = static:1000
virtual_mailbox_base = /var/vmail/
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual.cf
virtual_mailbox_limit = 112400000
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual-maps.cf
virtual_minimum_uid = 1000
virtual_transport = virtual
virtual_uid_maps = static:1000
|
Remove the alias_maps line, the Postfix internal default is fine. Same with local_transport and local_recipient_maps. No one used relocated_maps either so you can drop that as well.
Couple of notes on this. The proxy:mysql: statement allows Postfix to use the same Mysql connection so if someone mail bombs your mail server Postfix will not open 400 connections to your db and slow everything to a halt. Otherwise it is functionally the same as just using mysql: as the Gentoo How-to shows. I dropped all the mailman stuff since I know all of one user who uses it across virtual domains. If you want to use it with one domain I recommend making that domain local and doing it through normal aliases. Lastly since we are deleting the alias_maps you'll need to make sure that any aliases for your local domain is specified in /etc/mail/aliases and then run newaliases.
If you're interested in PostfixAdmin my main.cf changes are online at http://badapple.net/main-cf.txt and I'd be more than happy to answer any questions about my setup.
kashani |
I made the changes as per your specifications.
| Code: |
stfix-script: refreshing the Postfix mail system
thedude ~ # postconf -n
alias_maps = hash:/usr/local/mailman/data/aliases, mysql:/etc/postfix/mysql-aliases.cf
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/lib/postfix
debug_peer_level = 2
default_destination_concurrency_limit = 10
home_mailbox = .maildir/
html_directory = /usr/share/doc/postfix-2.4.5/html
inet_interfaces = all
local_destination_concurrency_limit = 2
mail_owner = postfix
mailq_path = /usr/bin/mailq
manpage_directory = /usr/share/man
mydestination = thedude, localhost.localdomain, localdomain.com
mydomain = localhomain.com
myhostname = thedude.localdomain.com
mynetworks = 67.18.17.0/24, 127.0.0.0/8
newaliases_path = /usr/bin/newaliases
owner_request_special = no
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.4.5/readme
recipient_delimiter = +
relocated_maps = mysql:/etc/postfix/mysql-relocated.cf
sample_directory = /etc/postfix
sendmail_path = /usr/sbin/sendmail
setgid_group = postdrop
smtp_tls_note_starttls_offer = yes
smtp_use_tls = yes
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
smtpd_tls_CAfile = /etc/postfix/cacert.pem
smtpd_tls_cert_file = /etc/postfix/newcert.pem
smtpd_tls_key_file = /etc/postfix/newkey.pem
smtpd_tls_loglevel = 3
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom
unknown_local_recipient_reject_code = 550
virtual_alias_maps = hash:/usr/local/mailman/data/virtual-mailman, mysql:/etc/postfix/mysql-virtual.cf
virtual_gid_maps = static:1000
virtual_mailbox_base = /var/vmail
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual.cf
virtual_mailbox_limit = 112400000
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual-maps.cf
virtual_minimum_uid = 1000
virtual_transport = virtual
virtual_uid_maps = static:1000
|
...and thats what main.cf looks like now.
The results are as follows:
my virtual domain, which was previously working fine afaik, was now kicking back messages sent to its users with the dreaded 'relay access denied'.
i set virtual_mailbox_domains back to 'my_virtual_domain.com' and that got rid of the 'relay access denied' errors; and setting virtual_mailbox_base back to '/' from '/var/vmail/' stopped postfix from attempting to deliver mail to /var/vmail/home/vmail/my_virtual_domain. com/mailbox/.maildir.
I am once again receiving mail at the virtual domain.
I also see something is still invoking the alias maps directive despite the fact that i have commented out 'alias_maps = blah' in main.cf. I'll work on regaining control of that value now.
On the local transport, much like before, mail is reported as delivered, but no such mail is seen in squirrelmail or by grep-ing around in the maildir. Conversely, I can find mail just by grep-ing around in the virtual maildir.
The logs look identical to me as before:
| Code: |
Jan 7 20:02:21 thedude postfix/local[15949]: 98BE33B0D1: to=<root@localdomain.com>, orig_to=<admin@localdomain.com>, relay=local, delay=0.3, delays=0.19/0.05/0/0.06, dsn=2.0.0, status=sent (delivered to maildir)
/home/foo/.maildir/ # grep -R test ./
./.Sent/cur/1199676190.M253900P12756V000000000000CA00I0003D0D7_0.thedude.localdomain.com,S=539:2,S:Subject: another test message
(all messages here are the ones ive sent from squirrelmail)
/home/vmail/ # grep -R test ./
./virtdomain.com/damian/.maildir/cur/1199684402.Vca00I3d0f3M664602.thedude.localdomain.com:2,:Subject: test message from gmail to domains
(otoh, here you clearly see messages in the /cur/ directory which are in fact in my INBOX)
|
I appreciate all your help so far, but it still appears as if local mail is being sent to some unknown place.
UPDATE
I also wanted to make sure I didnt overcomplicate the issue by complicating matters:
I have 2 fqdn.
One is set up as virtual, and one is set up as local.
Both can send mail.
The virtual domain receives mail as well.
the local domain does not get mail in the ./cur/ directory of its .maildir, like the other domain. That's the only problem, afaik.
It seems to me like postfix is 'losing' the mail. I say that because the logs indicate the mail is delivered to the maildir, but nor I nor squirrelmail nor anyone I've spoken with can find it. I have no reason to believe the maildir setting is being ignored by the db. for instance, if i change that value in the db i will see in the log 'permission denied' for other folders that vmail user doesnt have perms for.
I have a thought. Since postfix is supposed to do a lookup by unix user for delivering mail on the local transport, could it be that it is having trouble delivering to the root account in the /home/foo/ directory? could that be confusing it or something? |
|
| Back to top |
|
|
kashani
Advocate
Joined: 02 Sep 2002
Posts: 2032
Location: San Francisco
|
| Posted: Tue Jan 08, 2008 2:31 am Post subject: |
|
|
Nah the Gentoo How-to and PostfixAdmin use different db schemas so you can not use them in conjunction with each other. It did have you install phpmyadmin which does help with the administration, but it's nowhere near as nice as PostfixAdmin.
So four things to do here.
1. DELETE alias_maps from your main.cf. It is completely wrong and you do not need it. Remember to put any local aliases into /etc/mail/aliases and run newaliases
2. virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-transport.cf
I made a mistake and put the wrong query file on this one. Make sure it looks like the above. This is an improvement over the Gentoo How-to in that Postfix can start delivery to new domains as soon as you add them into the db. In the Gentoo How-to you need to add each domain manually and then restart Postfix for it to take affect.
3. virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual.cf
Again my fault though it would be nice if the file had a more descriptive name.
4. unknown_local_recipient_reject_code = 450
450 is a temporary error and won't bounce email. It's a good idea to set this to 450 from 550 while you're building a mail servers. However you do need to change it back one you're done as well as remove the -v from smtpd in your master.cf.
Unless I did something wrong (again) the above should work.
kashani
_________________
Will personally fix your server in exchange for motorcycle related shop tools in good shape. |
|
| Back to top |
|
|
kashani
Advocate
Joined: 02 Sep 2002
Posts: 2032
Location: San Francisco
|
| Posted: Tue Jan 08, 2008 2:38 am Post subject: |
|
|
Ah yeah the /var/vmail/ thing is probably a PostfixAdmin thing ... I really need to build a Gentoo How-to mail server some where so I can reference it at times like this. Setting that back to / is probably the rioght thing since it works. 
In regards to .maildir/cur Squirrelmail is taking the mail from .maildir/new/ and putting it in .maildir/cur/ via the IMAP daemon. Postfix will always always delivery to new. If you log in as the local user via Squirelmail then you shoudl see the mail or grep in the ./new/ folder.
kashani
_________________
Will personally fix your server in exchange for motorcycle related shop tools in good shape. |
|
| Back to top |
|
|
FuriousGeorge
Apprentice
Joined: 03 Mar 2005
Posts: 160
|
| Posted: Tue Jan 08, 2008 3:02 am Post subject: |
|
|
| kashani wrote: |
In regards to .maildir/cur Squirrelmail is taking the mail from .maildir/new/ and putting it in .maildir/cur/ via the IMAP daemon. Postfix will always always delivery to new. |
You are right about that when it comes to my virtual domain. Its plain to see where the mail is going when i send to and from my_virtual_domain.com.
| Code: |
/ # ls -la /home/vmail/my_virtual_domain.com/damian/.maildir/new/
total 5
drwx------ 2 vmail vmail 1024 Jan 7 20:58 .
drwx------ 9 vmail vmail 1024 Jan 7 00:40 ..
-rw------- 1 vmail vmail 2176 Jan 7 20:58 1199757481.Vca00I3d115M288472.thedude.my_local_domain.com
/ # ls -la /home/vmail/my_virtual_domain.com/damian/.maildir/cur/
total 21
drwx------ 2 vmail vmail 1024 Jan 7 20:54 .
drwx------ 9 vmail vmail 1024 Jan 7 00:40 ..
-rw------- 1 vmail vmail 2702 Jan 7 00:40 1199684402.Vca00I3d0efM658329.thedude.my_local_domain.com:2,
-rw------- 1 vmail vmail 2182 Jan 7 00:40 1199684402.Vca00I3d0f3M664602.thedude.my_local_domain.com:2,
-rw------- 1 vmail vmail 2146 Jan 7 00:40 1199684402.Vca00I3d0f7M665965.thedude.my_local_domain.com:2,
-rw------- 1 vmail vmail 2431 Jan 7 00:41 1199684486.Vca00I3d101M905700.thedude.my_local_domain.com:2,S
-rw------- 1 vmail vmail 2222 Jan 7 00:43 1199684610.Vca00I3d10dM977064.thedude.my_local_domain.com:2,S
-rw------- 1 vmail vmail 833 Jan 7 00:50 1199685002.Vca00I3d0d8M300831.thedude.my_local_domain.com:2,
-rw------- 1 vmail vmail 2129 Jan 7 20:54 1199757256.Vca00I3d11cM258685.thedude.my_local_domain.com:2,
/ # ls -la /home/vmail/my_virtual_domain.com/damian/.maildir/.Sent/cur/
total 4
drwx------ 2 vmail vmail 1024 Jan 7 19:57 .
drwx------ 6 vmail vmail 1024 Jan 7 19:56 ..
-rw-r--r-- 1 vmail vmail 535 Jan 7 19:56 1199753790.M49219P15869V000000000000CA00I0003D119_0.thedude.my_local_domain.com,S=535:2,S
-rw-r--r-- 1 vmail vmail 576 Jan 7 19:57 1199753875.M305226P15902V000000000000CA00I0003D11A_0.thedude.my_local_domain.com,S=576:2,S
/ # ls -la /home/vmail/my_virtual_domain.com/damian/.maildir/.Sent/new
total 2
drwx------ 2 vmail vmail 1024 Jan 7 00:40 .
drwx------ 6 vmail vmail 1024 Jan 7 19:56 ..
|
| Quote: | | If you log in as the local user via Squirelmail then you shoudl see the mail or grep in the ./new/ folder |
I must disagree with you there when it comes to my local domain. It is just as plain to see that mail isnt making it into the LOCAL domain user's .maildir
For instance, in squirrelmail, the INBOX is empty.
Also, i can't 'ls' and find any mail in the local domain's maildir
| Code: |
/ # ls -la /home/foo/.maildir/cur/
total 2
drwxr--r-- 2 foo foo 1024 Dec 28 00:40 .
drwxr--r-- 9 foo foo 1024 Jan 7 16:38 ..
/ # ls -la /home/foo/.maildir/new/
total 2
drwxr--r-- 2 foo foo 1024 Dec 28 00:40 .
drwxr--r-- 9 foo foo 1024 Jan 7 16:38 ..
|
however, if you look in the sent directory you see plenty of mail i have sent from there:
| Code: |
# ls -la /home/foo/.maildir/.Sent/cur/
total 9
drwx------ 2 foo foo 1024 Jan 7 19:55 .
drwx------ 6 foo foo 1024 Jan 6 21:54 ..
-rw-r--r-- 1 foo foo 539 Jan 6 22:23 1199676190.M253900P12756V000000000000CA00I0003D0D7_0.thedude.localdomain.com,S=539:2,S etc., etc, etc
|
UPDATE
changing user/group to 'vmail' from 'foo' as per my virtual domain doesnt help, and in fact spits out to the log:
| Code: | | Jan 7 22:11:46 thedude imapd: chdir /home/foo/.maildir/: Permission denied |
So we know imapd is looking in the right place, and i still have plenty of proof my maildir setting in the db isnt being ignored either, so where are the messages going when postfix declares 'Delivered to maildir' |
|
| Back to top |
|
|
FuriousGeorge
Apprentice
Joined: 03 Mar 2005
Posts: 160
|
| Posted: Tue Jan 08, 2008 6:57 am Post subject: |
|
|
UPDATE: I noticed this response of yours after my last response
| kashani wrote: | Nah the Gentoo How-to and PostfixAdmin use different db schemas so you can not use them in conjunction with each other. It did have you install phpmyadmin which does help with the administration, but it's nowhere near as nice as PostfixAdmin.
So four things to do here.
1. DELETE alias_maps from your main.cf. It is completely wrong and you do not need it. Remember to put any local aliases into /etc/mail/aliases and run newaliases
|
Found the offending block and eliminated it
| Code: |
#commented out as per forum suggestion
#alias_maps =
# hash:/usr/local/mailman/data/aliases,
# mysql:/etc/postfix/mysql-aliases.cf
|
| Quote: |
2. virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-transport.cf
I made a mistake and put the wrong query file on this one. Make sure it looks like the above. This is an improvement over the Gentoo How-to in that Postfix can start delivery to new domains as soon as you add them into the db. In the Gentoo How-to you need to add each domain manually and then restart Postfix for it to take affect.
3. virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual.cf
Again my fault though it would be nice if the file had a more descriptive name.
4. unknown_local_recipient_reject_code = 450
450 is a temporary error and won't bounce email. It's a good idea to set this to 450 from 550 while you're building a mail servers. However you do need to change it back one you're done as well as remove the -v from smtpd in your master.cf.
Unless I did something wrong (again) the above should work.
kashani |
I get a different error now:
| Code: |
thedude postfix/smtpd[17245]: NOQUEUE: reject: RCPT from an-out-0708.google.com[209.85.132.249]: 450 4.1.1 <admin@localdomain.com>: Recipient address rejected: User unknown in local recipient table; from=<brian@gmail.com> to=<admin@localdomain.com> proto=ESMTP helo=<an-out-0708.google.com>
|
I'm confused as to how its going to know about the admin->root alias if i am no longer pointing any postfix directive alias.cf. I assumed thats what /etc/mail/aliases was fot, but i guess not (it is complaining about a table...). So I tried a few settings in main.cf on my own to no avail
| Code: |
### removed as per forum recommendation local_recipient_maps = mysql:/etc/postfix/mysql-aliases.cf mysql:/etc/postfix/mysql-virtua$
#local_recipient_maps = unix:passwd.byname mysql:/etc/postfix/mysql-aliases.cf
#local_recipient_maps = unix:passwd.byname
#local_recipient_maps = |
also tried messing with my alias table a bit with the local_recipient_maps setting
I'm not sure if this is progress, but its nice to have some change, anyway. I'm gonna keep messing with stuff, if something works out ill post it. Let me know if you get any ideas.
POSTFIX Settings
| Code: |
# postconf -n
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/lib/postfix
debug_peer_level = 2
default_destination_concurrency_limit = 10
home_mailbox = .maildir/
html_directory = /usr/share/doc/postfix-2.4.5/html
inet_interfaces = all
local_destination_concurrency_limit = 2
mail_owner = postfix
mailq_path = /usr/bin/mailq
manpage_directory = /usr/share/man
mydestination = thedude, localhost.localdomain, localdomain.com
mydomain = localdomain.com
myhostname = thedude.localdomain.com
mynetworks = 67.18.17.0/24, 127.0.0.0/8
newaliases_path = /usr/bin/newaliases
owner_request_special = no
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.4.5/readme
recipient_delimiter = +
relocated_maps = mysql:/etc/postfix/mysql-relocated.cf
sample_directory = /etc/postfix
sendmail_path = /usr/sbin/sendmail
setgid_group = postdrop
smtp_tls_note_starttls_offer = yes
smtp_use_tls = yes
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
smtpd_tls_CAfile = /etc/postfix/cacert.pem
smtpd_tls_cert_file = /etc/postfix/newcert.pem
smtpd_tls_key_file = /etc/postfix/newkey.pem
smtpd_tls_loglevel = 3
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom
unknown_local_recipient_reject_code = 450
virtual_alias_maps = hash:/usr/local/mailman/data/virtual-mailman, mysql:/etc/postfix/mysql-virtual.cf
virtual_gid_maps = static:1000
virtual_mailbox_base = /
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-transport.cf
virtual_mailbox_limit = 112400000
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual-maps.cf
virtual_minimum_uid = 1000
virtual_transport = virtual
virtual_uid_maps = static:1000
|
/etc/mail/aliases
| Code: |
# cat /etc/mail/aliases
# Basic system aliases -- these MUST be present.
MAILER-DAEMON: postmaster
postmaster: root
# General redirections for pseudo accounts.
adm: root
bin: root
daemon: root
exim: root
lp: root
mail: root
named: root
nobody: root
postfix: root
# Well-known aliases -- these should be filled in!
root:admin@localdomain.com
operator:brian@localdomain.com
# Standard RFC2142 aliases
abuse: postmaster
ftp: root
hostmaster: root
news: usenet
noc: root
security: root
usenet: root
uucp: root
webmaster: root
www: webmaster
# trap decode to catch security attacks
# decode: /dev/null
|
|
|
| Back to top |
|
|
FuriousGeorge
Apprentice
Joined: 03 Mar 2005
Posts: 160
|
| Posted: Tue Jan 08, 2008 8:13 pm Post subject: |
|
|
After changing the settings as per your suggestions, I got a little help from IRC, and we solved the problem.
As I noticed before, no where were we pointing main.cf to the map for the alias table in my db, so I did so with the alias_maps directive. There may have been another way, but by adding an alias of 'admin' to 'root' in the alias table then solved the problem.
It seems that after all it was my alias, which was a minor deviation for the howto, was the culprit.
Mea maxima culpa.
Now, onto the spam filtering howto |
|
| Back to top |
|
|
kashani
Advocate
Joined: 02 Sep 2002
Posts: 2032
Location: San Francisco
|
| Posted: Tue Jan 08, 2008 8:55 pm Post subject: |
|
|
Virtual mail is always a bit of a bear to get right the first time. I think I finally felt comfortable with it after my third rebuild. Glad you got it worked out.
kashani
_________________
Will personally fix your server in exchange for motorcycle related shop tools in good shape. |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
Networking & Security
