LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Server (http://www.linuxquestions.org/questions/linux-server-73/)
-   -   Postfix won't move mail from /var/spool/mail to /home/vmail (http://www.linuxquestions.org/questions/linux-server-73/postfix-wont-move-mail-from-var-spool-mail-to-home-vmail-534570/)

jmoschetti45 03-04-2007 05:43 PM

Postfix won't move mail from /var/spool/mail to /home/vmail
 
I have postfix setup for virtual domains with mysql, and its accepting email fine, just dumping it in /var/spool/mail. It's not doing me much good there, it needs to end up in /home/vmail/%domain%/%user%. I've checked the config over several times and am not finding anything. Anyone have any ideas?

Berhanie 03-04-2007 06:18 PM

Let's start by posting the output of "postconf -n" and relevant lines from the logs showing what happens to a typical email addressed to a virtual domain (from receipt of mail to delivery).

jmoschetti45 03-04-2007 07:10 PM

[root@radio276 postfixadmin-2.1.0]# postconf -n
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
inet_interfaces = all
mydestination = radio276.com, localhost, localhost.localdomain
myhostname = radio276.com
mynetworks = 127.0.0.0/8
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_tls_cert_file = /home/CA/certs/smtpd.crt
smtpd_tls_key_file = /home/CA/keys/smtpd.key
smtpd_use_tls = yes
transport_maps = proxy:mysql:/etc/postfix/mysql-virtual_transports.cf
virtual_alias_domains =
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, mysql:/etc/postfix/mysql-virtual_email2email.cf
virtual_create_maildirsize = yes
virtual_gid_maps = static:5000
virtual_mailbox_base = /home/vmail
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
virtual_mailbox_limit_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailbox_limit_maps.cf
virtual_mailbox_limit_override = yes
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
virtual_maildir_limit_message = "The user you are trying to reach is over quota."
virtual_overquota_bounce = yes
virtual_uid_maps = static:5000


Mar 4 20:11:16 radio276 postfix/smtpd[2067]: connect from wr-out-0506.google.com[64.233.184.228]
Mar 4 20:11:16 radio276 postfix/smtpd[2067]: 4EDB2444E20: client=wr-out-0506.google.com[64.233.184.228]
Mar 4 20:11:16 radio276 postfix/cleanup[2076]: 4EDB2444E20: message-id=<ab7d49a20703041508t2a696bcfq6f2eea070d43788f@mail.gmail.com>
Mar 4 20:11:16 radio276 postfix/qmgr[1636]: 4EDB2444E20: from=<jmoschetti45@gmail.com>, size=2108, nrcpt=1 (queue active)
Mar 4 20:11:16 radio276 postfix/local[2079]: 4EDB2444E20: to=<asmith@radio276.com>, relay=local, delay=0, status=sent (delivered to mailbox)
Mar 4 20:11:16 radio276 postfix/qmgr[1636]: 4EDB2444E20: removed

Berhanie 03-04-2007 08:14 PM

Code:

mydestination = radio276.com, localhost, localhost.localdomain
...
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf

The problem is that the domain you're sending to is listed in mydestination, which means that the local delivery agent will be called to deliver to it:

Code:

Mar 4 20:11:16 radio276 postfix/local[2079]: 4EDB2444E20: to=<asmith@radio276.com>, relay=local, delay=0, status=sent (delivered to mailbox)
Instead, that domain should be listed in virtual_mailbox_domains and only there.

jmoschetti45 03-04-2007 10:39 PM

Fixed. Thanks :)

jmoschetti45 03-05-2007 04:13 AM

Now I can't send email from anything but roundcube running on the server. I've checked the relay settings, but they look fine. Suggestions?

Berhanie 03-05-2007 11:22 AM

Add your network address to mynetworks.

Otherwise, if a sender is not connecting from $mynetworks, he would have to authenticate, as per your smtpd_recipient_restrictions :

Code:

smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination

jmoschetti45 03-05-2007 01:16 PM

Somethings wrong with the authentication then. There's nobody sending mail from the network the server is on so I didn't bother putting it in $mynetworks. Any suggestions where to look?

Berhanie 03-05-2007 11:20 PM

You should be familiar with the sasl readme, which also explains how to test sasl. So, briefly, you would telnet to port 25 (e.g. "telnet localhost 25"), make sure that you see AUTH in the postfix greeting (and the mechanisms you expect, e.g. PLAIN), authenticate to the server, and, in case the authentication fails, read the log files to see what the complaint is.

Something you should consider after you get things working is "smtpd_tls_auth_only = yes", which advertises AUTH only after the client establishes tls. That way, you could just use PLAIN passwords, and not worry about their being trasmitted in the clear.

[Edit]
One more thing. Windows clients don't understand PLAIN. You have to include LOGIN in the mechanisms.

jmoschetti45 03-06-2007 07:07 AM

From the log below, it looks like it has issues getting the data out of the DB. Apparently its dropping the domain name out of the query. I've checked the config, can't seem to find where that's set, so I'm out of ideas. Suggestions where to look?

Mar 6 10:03:24 radio276 authdaemond: received auth request, service=smtp, authtype=login
Mar 6 10:03:24 radio276 authdaemond: authmysql: trying this module
Mar 6 10:03:24 radio276 postfix/smtpd[30204]: warning: SASL authentication failure: Password verification failed
Mar 6 10:03:24 radio276 postfix/smtpd[30204]: warning: localhost.localdomain[127.0.0.1]: SASL plain authentication failed
Mar 6 10:03:24 radio276 authdaemond: SQL query: SELECT email, password, "", 5000, 5000, "/home/vmail", CONCAT(SUBSTRING_INDEX(email,'@',-1),'/',SUBSTRING_INDEX(email,'@',1),'/'), quota, "", "" FROM users WHERE email = "jmoschetti.com"
Mar 6 10:03:24 radio276 authdaemond: zero rows returned
Mar 6 10:03:24 radio276 authdaemond: no password available to compare
Mar 6 10:03:24 radio276 authdaemond: authmysql: REJECT - try next module
Mar 6 10:03:24 radio276 authdaemond: FAIL, all modules rejected

Berhanie 03-06-2007 09:55 PM

Looks like you're using the Courier authdaemon to authenticate. If so, you should use authtest to perform your tests. Read its man page. The config files you're looking for should be in /etc/authlib/, possibly /usr/local/etc/authlib/. The sql query is defined in authmysqlrc, but instead of doing a query, I suggest that you use the default table as described here. You would have had an easier time had you started with a simple setup, i.e. authenticating against userdb, before moving to mysql.

jmoschetti45 03-07-2007 01:02 AM

The config looks fine, so I'm guessing something else is wrong since authtest works fine.

MYSQL_SERVER localhost
MYSQL_USERNAME mail_admin
MYSQL_PASSWORD ***
MYSQL_PORT 0
MYSQL_DATABASE mail
MYSQL_USER_TABLE users
MYSQL_CRYPT_PWFIELD password
#MYSQL_CLEAR_PWFIELD password
MYSQL_UID_FIELD 5000
MYSQL_GID_FIELD 5000
MYSQL_LOGIN_FIELD email
MYSQL_HOME_FIELD "/home/vmail"
MYSQL_MAILDIR_FIELD CONCAT(SUBSTRING_INDEX(email,'@',-1),'/',SUBSTRING_INDEX(email,'@',1),'/')
#MYSQL_NAME_FIELD
MYSQL_QUOTA_FIELD quota

Berhanie 03-07-2007 04:58 AM

I guess it might be the client, then, that's passing incomplete info to the mail server:

Code:

Mar 6 10:03:24 radio276 authdaemond: SQL query: SELECT email, password, "", 5000, 5000, "/home/vmail", CONCAT(SUBSTRING_INDEX(email,'@',-1),'/',SUBSTRING_INDEX(email,'@',1),'/'), quota, "", "" FROM users WHERE email = "jmoschetti.com"
Notice the part in bold. Something gave authdaemond the domain name instead of the full email address. Any ideas?

jmoschetti45 03-07-2007 06:03 AM

There's nothing wrong with the server actually. Turns out the problem was on my end. The university doesn't like to allow you to use an SMTP server besides theirs, so they modify the packets (had a lengthy discussion/bitching session with the techies). I enabled SSL SMTP on port 465 to avoid that, works now :)


All times are GMT -5. The time now is 07:31 AM.