Mail server configuration : postfix, dovecot, postfixadmin & mariadb

Francesco_Insyde · 07-11-2019, 04:52 AM

Hi everybody !

Well, i have followed this tuto to create my professionnal mail address :
https://www.rosehosting.com/blog/set...l-PostfixAdmin
I should verify my configuration and begin again from start because i did follow others tutos on the web
Now, my configuration semmes clean :

Code:

[root@laios conf.d]# postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5
html_directory = no
inet_interfaces = all
inet_protocols = ipv4
mail_owner = postfix
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
milter_default_action = accept
mydestination = localhost
myhostname = laios.infosysdevconcept.org
mynetworks = 127.0.0.0/8
newaliases_path = /usr/bin/newaliases.postfix
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.10.1/README_FILES
sample_directory = /usr/share/doc/postfix-2.10.1/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtpd_milters = inet:127.0.0.1:12345
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination, check_policy_service unix:private/policy-spf
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = private/auth
smtpd_sasl_type = dovecot
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/letsencrypt/live/laios.infosysdevconcept.org/cert.pem
smtpd_tls_key_file = /etc/letsencrypt/live/laios.infosysdevconcept.org/privkey.pem
smtpd_use_tls = yes
unknown_local_recipient_reject_code = 550
virtual_alias_maps = proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_maps.cf, proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_maps.cf, proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_catchall_maps.cf
virtual_mailbox_domains = proxy:mysql:/etc/postfix/sql/mysql_virtual_domains_maps.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/sql/mysql_virtual_mailbox_maps.cf, proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_mailbox_maps.cf
virtual_transport = lmtp:unix:private/dovecot-lmtp
[root@laios conf.d]# dovecot -n
# 2.2.36 (1f10bfa63): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.24 (124e06aa)
# OS: Linux 3.10.0-957.21.3.el7.x86_64 x86_64 CentOS Linux release 7.6.1810 (Core)  btrfs
# Hostname: laios.infosysdevconcept.org
auth_mechanisms = plain login
first_valid_uid = 150
last_valid_uid = 150
mail_gid = mail
mail_location = maildir:/var/mail/%d/%n
mail_privileged_group = mail
mail_uid = vmail
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext
mbox_write_locks = fcntl
namespace inbox {
  inbox = yes
  location = 
  mailbox Drafts {
    special_use = \Drafts
  }
  mailbox Junk {
    special_use = \Junk
  }
  mailbox Sent {
    special_use = \Sent
  }
  mailbox "Sent Messages" {
    special_use = \Sent
  }
  mailbox Trash {
    special_use = \Trash
  }
  prefix = 
}
passdb {
  args = /etc/dovecot/conf.d/dovecot-sql.conf.ext
  driver = sql
}
plugin {
  sieve = file:~/sieve;active=~/.dovecot.sieve
}
postmaster_address = postmaster@infosysdevconcept.org
service auth-worker {
  user = vmail
}
service auth {
  unix_listener /var/spool/postfix/private/auth {
    group = postfix
    mode = 0666
    user = postfix
  }
  unix_listener auth-userdb {
    mode = 0600
    user = vmail
  }
  user = dovecot
}
service lmtp {
  unix_listener /var/spool/postfix/private/dovecot-lmtp {
    group = postfix
    mode = 0600
    user = postfix
  }
}
ssl_cert = </etc/letsencrypt/live/laios.infosysdevconcept.org/cert.pem
ssl_key =  # hidden, use -P to show it
userdb {
  args = uid=vmail gid=vmail home=/var/mail/vhosts/%d/%n
  driver = static
}

But i have this error message on /var/log/maillog

Code:

Jul 11 11:21:54 laios dovecot: auth: Warning: sql: Ignoring changed user_query in /etc/dovecot/conf.d/dovecot-sql.conf.ext, because userdb sql not used. (If this is intentional, set userdb_warning_disable=yes)

Well, i do have an user query and can't hope authentication if it's ignored...
My configuration uses user vmail:mail and postfix

ostfix
How can i change it to let sql user make the user_query ?
Here /etc/dovecot/conf.d/dovecot-sql.conf.ext (from a precedent configuration, directory of user vmail:mail is mail and not vmail... should not be important)

Code:

driver = mysql
connect = host=51.68.59.83 dbname=mailserver user=mailuser password=uudeu{GhieNgo8kei
default_pass_scheme = MD5-CRYPT
password_query = SELECT username as user, password, '/var/mail/%d/%n' as userdb_home, 'maildir:/var/mail/%d/%n' as userdb_mail, 150 as userdb_uid, 8 as userdb_gid FROM mailbox WHERE username = '%u' AND active = '1'
user_query = SELECT '/var/mail/%d/%u' as home, 'maildir:/var/mail/%d/%u' as mail, 150 AS uid, 8 AS gid, concat('dirsize:storage=',  quota) AS quota FROM mailbox WHERE username = '%u' AND active = '1'

PS : my database is external and from precedents configurations have others username and database. Should not be important.

Any help welcome to solve my problem, and i could make a french and english tuto for this pretty good configuration on www.infosysdevconcept.org !
Thanks very much,
Franck

scasey · 07-11-2019, 10:49 AM

Code:

Jul 11 11:21:54 laios dovecot: auth: Warning: sql: Ignoring changed user_query in /etc/dovecot/conf.d/dovecot-sql.conf.ext, because userdb sql not used. (If this is intentional, set userdb_warning_disable=yes)

That's a warning, not an error. See the parenthetical comment at the end of the warning (highlighted)

Is something not working?

Francesco_Insyde · 07-24-2019, 10:31 PM

Hi everybody,

the new configuration of my mail server came after an ancient configuration... not so clean !
So, i have re-configured the server from start with postfix, dovecot, opendkim, spamassassin, policiyd, postfixadmin and dovecot.
The configuration of the mail server was made after this tuto :
https://www.rosehosting.com/blog/set...b-on-centos-7/
Well, my client mail (evolution) can(t pass the aythentification test (the password is OK, i have verified it !).

So, one more time, any help welcome to see what's wrong

Her a bit of my log :

Code:

Jul 25 05:24:54 laios spamd[23403]: spamd: server killed by SIGTERM, shutting down
Jul 25 05:24:54 laios dovecot: master: Warning: Killed with signal 15 (by pid=23544 uid=0 code=kill)
Jul 25 05:24:54 laios postfix/postfix-script[23551]: stopping the Postfix mail system
Jul 25 05:24:54 laios postfix/master[23450]: terminating on signal 15
Jul 25 05:24:54 laios spamd[23554]: logger: removing stderr method
Jul 25 05:24:54 laios postfix/postfix-script[23639]: starting the Postfix mail system
Jul 25 05:24:54 laios postfix/master[23641]: daemon started -- version 2.10.1, configuration /etc/postfix
Jul 25 05:24:54 laios dovecot: master: Dovecot v2.2.36 (1f10bfa63) starting up for imap, pop3, lmtp (core dumps disabled)
Jul 25 05:24:55 laios spamd[23601]: spamd: server started on IO::Socket::IP [127.0.0.1]:783, IO::Socket::IP [::1]:783 (running version 3.4.0)
Jul 25 05:24:55 laios spamd[23601]: spamd: server pid: 23601
Jul 25 05:24:55 laios spamd[23601]: spamd: server successfully spawned child process, pid 23663
Jul 25 05:24:55 laios spamd[23601]: spamd: server successfully spawned child process, pid 23664
Jul 25 05:24:55 laios spamd[23601]: prefork: child states: IS
Jul 25 05:24:55 laios spamd[23601]: prefork: child states: II
Jul 25 05:24:57 laios opendkim[23462]: OpenDKIM Filter: mi_stop=1
Jul 25 05:24:57 laios opendkim[23462]: OpenDKIM Filter v2.11.0 terminating with status 0, errno = 0
Jul 25 05:24:57 laios opendkim[23667]: OpenDKIM Filter v2.11.0 starting (args: -x /etc/opendkim.conf -P /var/run/opendkim/opendkim.pid)
Jul 25 05:25:16 laios dovecot: pop3-login: Disconnected (auth failed, 2 attempts in 14 secs): user=<francesco>, method=PLAIN, rip=93.25.186.102, lip=51.68.59.82, TLS, session=<g4qh+HiO1IpdGbpm>
Jul 25 05:25:19 laios dovecot: imap-login: Disconnected (auth failed, 3 attempts in 17 secs): user=<francesco>, method=PLAIN, rip=93.25.186.102, lip=51.68.59.82, TLS, session=<Gzqg+HiOcrFdGbpm>
Jul 25 05:25:21 laios dovecot: imap-login: Disconnected (auth failed, 1 attempts in 4 secs): user=<francesco>, method=PLAIN, rip=93.25.186.102, lip=51.68.59.82, TLS, session=<h/aG+XiOdrFdGbpm>

the only thing i changed is the cert.pem and privkey.pem issued form certbot as a wildcard for my domain, and used both for postfix and dovecot.

Any idea ?
Any help welcome !!!

Thanks,
Bien à vous,
Bien cordialement,

Francesco

btmiller · 09-28-2019, 09:35 PM

A couple of points:

1. Posting your server's IP and your SQL database user name and password to a public forum is really not wise. I hope you changed them.

2. I'm awat from my Dovecot system - but your userdb and passdb settings look OK. How did you verify that that the password is OK? Did you try actually running the apropriate query within MariaDB to make sure that it returned the correct fields?