LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Server (https://www.linuxquestions.org/questions/linux-server-73/)
-   -   Postfix as a mail delivery server fails (status bounced loops back to myself) (https://www.linuxquestions.org/questions/linux-server-73/postfix-as-a-mail-delivery-server-fails-status-bounced-loops-back-to-myself-891946/)

Larry James 07-15-2011 04:50 PM
Postfix as a mail delivery server fails (status bounced loops back to myself)
 
I'm trying to configure my Postfix server as a delivery agent for the server. From studying the Postfix documentation it appears that the feature for this is virtual_alias_domains and virtual_alias_maps.

I created a virtual hash file. No matter what I do with the virtual access the system will interpret the address as local and send the email to the local system, not the specified domain. I know that the Postfix server can find the domain because a mail test with the virtual setup removed will send the mail to the proper machine.

/etc/postfix/main.cf:
Code:
# See /usr/share/postfix/main.cf.dist for a commented, more complete version
# Debian specific:  Specifying a file name will cause the first
# line of that file to be used as the name.  The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no
# appending .domain is the MUA's job.
append_dot_mydomain = no
# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h
readme_directory = no
# TLS parameters
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.
myhostname = ubunserver.apollo3.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = ubunserver.apollo3.com, localhost.apollo3.com, , localhost
relayhost =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_command =
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
smtpd_sasl_local_domain =
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination

# ----------- Virtual Block ----------------------------
virtual_alias_domains = apollo3.com
virtual_alias_maps = hash:/etc/postfix/virtual
# ------------------------------------------------
I tried these /etc/postfix/virtual.db files:

Code:
apollo3.com                ignore_this_line
ljames@apollo3.com        ljames@apollo3.com
mailtest:
Code:
echo "test" | mail -s "test subject" ljames@apollo3.com
/var/log/mail.log:
Code:
Jul 15 17:15:10 ubuntuserver postfix/pickup[10001]: 23D2FDFC6D: uid=1002 from=<ljames>
Jul 15 17:15:10 ubuntuserver postfix/cleanup[10007]: 23D2FDFC6D: message-id=<20110715211510.23D2FDFC6D@ubunserver.apollo3.com>
Jul 15 17:15:10 ubuntuserver postfix/qmgr[10002]: 23D2FDFC6D: from=<ljames@ubuntuserver.apollo3.com>, size=337, nrcpt=1 (queue active)
Jul 15 17:15:10 ubuntuserver postfix/error[10009]: 23D2FDFC6D: to=<ljames@apollo3.com>, relay=none, delay=0.18, delays=0.1/0/0/0.07, dsn=5.0.0, status=bounced (User unknown in virtual alias table)
Jul 15 17:15:10 ubuntuserver postfix/cleanup[10007]: 471DEDFC81: message-id=<20110715211510.471DEDFC81@ubunserver.apollo3.com>
Jul 15 17:15:10 ubuntuserver postfix/qmgr[10002]: 471DEDFC81: from=<>, size=2183, nrcpt=1 (queue active)
Jul 15 17:15:10 ubuntuserver postfix/bounce[10011]: 23D2FDFC6D: sender non-delivery notification: 471DEDFC81
Jul 15 17:15:10 ubuntuserver postfix/qmgr[10002]: 23D2FDFC6D: removed
Jul 15 17:15:10 ubuntuserver postfix/smtp[10012]: 471DEDFC81: to=<ljames@ubuntuserver.apollo3.com>, relay=none, delay=0.08, delays=0.07/0/0/0, dsn=5.4.6, status=bounced (mail for ubuntuserver.apollo3.com loops back to myself)
Jul 15 17:15:10 ubuntuserver postfix/qmgr[10002]: 471DEDFC81: removed
For some reason the system will turn the ljames@apollo3.com to ljames@ubuntuserver.apollo3.com and deliver the mail to itself rather than to the apollo3.com machine.

I also tried:
/etc/postfix/virtual.db:
Code:
apollo3.com                ignore_this_line
ljames@apollo3.com        ljames
It still delivered the email to itself rather than the apollo3.com machine.

Code:
Jul 15 17:20:05 ubuntuserver postfix/pickup[10164]: 84324DFC6D: uid=1002 from=<ljames>
Jul 15 17:20:05 ubuntuserver postfix/cleanup[10173]: 84324DFC6D: message-id=<20110715212005.84324DFC6D@ubunserver.apollo3.com>
Jul 15 17:20:05 ubuntuserver postfix/qmgr[10165]: 84324DFC6D: from=<ljames@ubuntuserver.apollo3.com>, size=337, nrcpt=1 (queue active)
Jul 15 17:20:05 ubuntuserver postfix/smtp[10175]: 84324DFC6D: to=<ljames@ubuntuserver.apollo3.com>, orig_to=<ljames@apollo3.com>, relay=none, delay=0.15, delays=0.13/0.02/0/0, dsn=5.4.6, status=bounced (mail for ubuntuserver.apollo3.com loops back to myself)
Jul 15 17:20:05 ubuntuserver postfix/cleanup[10173]: B52D8DFC81: message-id=<20110715212005.B52D8DFC81@ubunserver.apollo3.com>
Jul 15 17:20:05 ubuntuserver postfix/qmgr[10165]: B52D8DFC81: from=<>, size=2342, nrcpt=1 (queue active)
Jul 15 17:20:05 ubuntuserver postfix/bounce[10177]: 84324DFC6D: sender non-delivery notification: B52D8DFC81
Jul 15 17:20:05 ubuntuserver postfix/qmgr[10165]: 84324DFC6D: removed
Jul 15 17:20:05 ubuntuserver postfix/smtp[10175]: B52D8DFC81: to=<ljames@ubuntuserver.apollo3.com>, relay=none, delay=0.1, delays=0.09/0/0/0, dsn=5.4.6, status=bounced (mail for ubuntuserver.apollo3.com loops back to myself)
Jul 15 17:20:05 ubuntuserver postfix/qmgr[10165]: B52D8DFC81: removed
If I uncomment the virtual block from the main.cf file the system will deliver the mail to the proper place. Of course it isn't using the virtual.db configuration.

/etc/postfix/main.cf
Code:
# ----------- Virtual Block ----------------------------
# virtual_alias_domains = apollo3.com
# virtual_alias_maps = hash:/etc/postfix/virtual
# ------------------------------------------------
/var/log/mail.log
Code:
Jul 15 17:24:58 ubuntuserver postfix/master[10309]: daemon started -- version 2.8.2, configuration /etc/postfix
Jul 15 17:25:03 ubuntuserver postfix/pickup[10312]: A821BDFC6D: uid=1002 from=<ljames>
Jul 15 17:25:03 ubuntuserver postfix/cleanup[10321]: A821BDFC6D: message-id=<20110715212503.A821BDFC6D@ubunserver.apollo3.com>
Jul 15 17:25:03 ubuntuserver postfix/qmgr[10313]: A821BDFC6D: from=<ljames@ubuntuserver.apollo3.com>, size=337, nrcpt=1 (queue active)
Jul 15 17:25:06 ubuntuserver postfix/smtp[10323]: A821BDFC6D: to=<ljames@apollo3.com>, relay=mail.apollo3.com[216.153.132.70]:25, delay=2.4, delays=0.11/0.01/2.3/0.02, dsn=2.0.0, status=sent (250 2.0.0 p6FLP3u6006021 Message accepted for delivery)
Jul 15 17:25:06 ubuntuserver postfix/qmgr[10313]: A821BDFC6D: removed
The postfix service was restarted between each configuration change.

I'm running the Ubuntu 11.04 server. The postfix installation is from the distro repository.

Thanks in advance for anyone who has any insight one this.

-- L. James

--
L. D. James
ljames@apollo3.com
www.apollo3.com/~ljames

kbp 07-17-2011 09:25 PM
Just checking ...
Quote:
I tried these /etc/postfix/virtual.db files:
- you didn't edit the .db file did you? .. these should be generated by running 'postmap /etc/postfix/virtual'

Larry James 07-17-2011 10:54 PM
Quote:
Originally Posted by kbp (Post 4417696)
Just checking ... - you didn't edit the .db file did you? .. these should be generated by running 'postmap /etc/postfix/virtual'
Thanks for the attention, kbp. That's correct. The file I edited was virtual. The postmap command created the hash virtual.db file from the virtual file I created.

-- L. James

--
L. D. James
ljames@apollo3.com
www.apollo3.com/~ljames

kbp 07-17-2011 11:29 PM
Cool, I'm guessing that you're sending the test email from the mail server itself, and $myorigin is the same as $myhostname ?

Quote:
ljames@apollo3.com ljames
Can you tell us what you were expecting this line to do ?

Larry James 07-18-2011 12:03 AM
Quote:
Originally Posted by kbp (Post 4417748)
Cool, I'm guessing that you're sending the test email from the mail server itself, and $myorigin is the same as $myhostname ?



Can you tell us what you were expecting this line to do ?
Actually I spend a number of days trying many different configurations, starting with the most default from the distro documentation. When that didn't work I browsed many sites including the postfix official site.

Some people appeared to have success with that particular example. Take a look at:

http://www.sysdesign.ca/guides/postfix_virtual.html

I saw this repeated many times. But of course I pointed out in my original text that I tried both.

I also removed "apollo3.com" from the variables you mentioned and that didn't help.

If you look at the code/quote where you took that from you'll see the first line has "apollo3.com". It appeared that the virtual map would use a domain block and convert the name without a domain to the domain in that block. I thought that was the purpose of the first line in the block.

Also if you look at the main.cf file the options there is also indicating apollo3.com as a specific domain:

Code:
# ----------- Virtual Block ----------------------------
virtual_alias_domains = apollo3.com
virtual_alias_maps = hash:/etc/postfix/virtual
# ------------------------------------------------
Again, I removed "apollo3.com" from everywhere so that the only place it would be seen would be in the applicable virtual block.

My objective is to have the server send the mail to the specified domain. I'm trying all the examples that I can find from all the documentation I can find to get it to work. I started over a number of times with a default main.cf. I follow every example I can find on the Postfix support site and the distro support site. The results so far is consistent. Every variation consistently comes back to Postfix trying to figure in a local delivery (again, even when none of the variable point to apollo3.com as local) or just fails to deliver.

Thanks again for your input!

-- L. James

--
L. D. James
ljames@apollo3.com
www.apollo3.com/~ljames

kbp 07-18-2011 12:39 AM
Code:
My objective is to have the server send the mail to the specified domain
Ok... postfix doesn't need to be explicitly told how to send mail though. If the recipient domain isn't in $mydestination then postfix will perform an MX lookup and send the mail to the appropriate server/s.

What exactly are you trying to do? .. forward mail for a local user to a remote user?

Your /etc/postfix/virtual config indicates that you're trying to send mail destined for ljames@apollo3.com to the local user ljames, is this correct ?

Larry James 07-18-2011 12:54 AM
Quote:
Originally Posted by kbp (Post 4417772)
Code:
My objective is to have the server send the mail to the specified domain
Ok... postfix doesn't need to be explicitly told how to send mail though. If the recipient domain isn't in $mydestination then postfix will perform an MX lookup and send the mail to the appropriate server/s.

What exactly are you trying to do? .. forward mail for a local user to a remote user?

Your /etc/postfix/virtual config indicates that you're trying to send mail destined for ljames@apollo3.com to the local user ljames, is this correct ?
I'm trying to setup the Postfix server to function as a backup mail delivery server for the apollo3.com domain. Currently it's performed with a very old Red Hat system using Sendmail. I can do this very easily using Sendmail. But I'm currently using Ubuntu on most of my machines and trying to get familiar with using the defaults tested by the developers... both for the purpose of convenience of a tested conventional environment and as a way that I can contribute my experience with the standard back to the community.

I believe the mail server is something referred to as a backup/cache server. It has an mx record in the apollo3.com records.

I actually have 300 names in the virtual map file. The purpose of the virtual map file is to stop the mail at the delivery server rather than caching it, then allowing apollo3.com to bounce it. So the virtual map is serving as an immediate reject flag for spammers who might try sending every name in the dictionary to apollo3.com.

The example excerpt of ljames@apollo3.com/ljames is an example for the test. The virtual file is actually more fully populated.

It's my experience that the backup server doesn't do an mx lookup. It just delivers the mail where it's told. Other servers does an mx look up to see where to send the mail for a domain. If one mx machine isn't available it'd proceed to the next one in line. I'm trying to put the Postfix server as the main one in the line.

By the way, when Postfix sees the mx record, it actually sees itself since I want it to be the main mx server.

-- L. James

--
L. D. James
ljames@apollo3.com
www.apollo3.com/~ljames

kbp 07-18-2011 05:55 PM
Have you read this one yet? http://www.postfix.org/STANDARD_CONF...ME.html#backup

Larry James 07-18-2011 06:42 PM
Quote:
Originally Posted by kbp (Post 4418530)
I had found something similar that I was testing, but yours looks better. My workaround was delivering the mail, but only if I took down my other backup server. I'm going to change the resolution I was using for the one you posted and get back with the group.

Code:
# See /usr/share/postfix/main.cf.dist for a commented, more complete version                                 


# Debian specific:  Specifying a file name will cause the first                                               
# line of that file to be used as the name.  The Debian default                                               
# is /etc/mailname.                                                                                           
#myorigin = /etc/mailname                                                                                     

smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no

# appending .domain is the MUA's job.                                                                         
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings                                                 
#delay_warning_time = 4h                                                                                     

readme_directory = no

# TLS parameters                                                                                             
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for                                     
# information on enabling SSL in the smtp client.                                                             

myhostname = ubunserver.apollo3.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = ubunserver.apollo3.com, localhost.apollo3.com, , localhost
relayhost =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_command =
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
smtpd_sasl_local_domain =
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_sasl_authenticated,
                            permit_mynetworks,
                            reject_unauth_destination,
                            check_policy_service unix:private/policy-spf,
                            check_policy_service unix:private/policy-spf,
                            reject_invalid_hostname,
                            reject_unauth_pipelining,
                            reject_non_fqdn_sender,
                            reject_unknown_sender_domain,
                            reject_non_fqdn_recipient,
                            reject_unknown_recipient_domain,
                            # check_client_access hash:/etc/postfix/maps/access_client,                     
                            # check_helo_access hash:/etc/postfix/maps/access_helo,                         
                            # check_sender_access hash:/etc/postfix/maps/access_sender,                     
                            # check_recipient_access hash:/etc/postfix/maps/access_recipient,               
                            # reject_rhsbl_client blackhole.securitysage.com,                               
                            # reject_rhsbl_sender blackhole.securitysage.com,                               
                            # reject_rbl_client relays.ordb.org,                                             
                            # reject_rbl_client blackholes.easynet.nl,                                       
                            #  reject_rbl_client cbl.abuseat.org,                                           
                            #  reject_rbl_client proxies.blackholes.wirehub.net,                             
                            #  reject_rbl_client bl.spamcop.net,                                             
                            #  reject_rbl_client sbl.spamhaus.org,                                           
                            #  reject_rbl_client opm.blitzed.org,                                           
                            #  reject_rbl_client dnsbl.njabl.org,                                           
                            #  reject_rbl_client list.dsbl.org,                                             
                            #  reject_rbl_client multihop.dsbl.org,                                         
                            reject_rbl_client dnsbl.proxybl.org,
                            permit


# ----------- Virtual Block ----------------------------                                                     
# virtual_alias_domains = apollo3.com                                                                         
# virtual_alias_maps = hash:/etc/postfix/virtual                                                             
# ------------------------------------------------                                                           

# ----------- Check Entries ----------------------                                                           
mydomain = apollo3.com
relay_domains = apollo3.com, $mydestination
queue_run_delay = 200s
relay_recipient_maps = hash:/etc/postfix/relay_recipients
# content_filter = smtp-amavis:[localhost]:10024 # causes bounce back to server error.                       
# ------------------------------------------------                                                           
spf-policyd_time_limit = 3600s
Thank!

As you see I have lots of entries and commented out test. I'm immediately being bombarded with spam until I get the dnsbl's working. I believe the list I have commented out is old. I'm in the process of investigating them... but of course that's a subject for another thread.

Again, looking at the description of your link, I'm sure it's going to work perfect for this immediate application.

I really appreciate your taking the time to understand what I was looking for and to research.

-- L. James

--
L. D. James
ljames@apollo3.com
www.apollo3.com/~ljames


All times are GMT -5. The time now is 05:21 PM.