| View previous topic :: View next topic |
| Author |
Message |
elmar283
Guru
Joined: 06 Dec 2004
Posts: 316
Location: Haarlem, Netherlands
|
 Posted: Fri Nov 30, 2012 7:46 pm Post subject: [solved] Posfix width multiple domains |
 |
|
I have installed a mailserver width multiple domains. I used the documentation on http://www.gentoo.org/doc/en/virt-mail-howto.xml.
No not all mail is delivered to my mailboxes. It is only from some domains (e.g. dds.nl). I do not get any error, the smtp server at that domains simply are not able to find my mailserver.
I have three domains on my server. One the FQDN and two are virtual.
The server is connected width my modem. The modem forwards everything to this server (firewall is on the server width iptables, but that is outside this discussion). My internet hoster is XS4ALL. There my ipaddress is binded width my FQDN domain:
| Code: |
ottere1@xs8:~$ ping -c 3 mail.elmarotter.eu
PING mail.elmarotter.eu (83.161.154.53) 56(84) bytes of data.
64 bytes from mail.elmarotter.eu (83.161.154.53): icmp_req=1 ttl=62 time=5.80 ms
64 bytes from mail.elmarotter.eu (83.161.154.53): icmp_req=2 ttl=62 time=7.00 ms
64 bytes from mail.elmarotter.eu (83.161.154.53): icmp_req=3 ttl=62 time=5.31 ms
--- mail.elmarotter.eu ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2001ms
rtt min/avg/max/mdev = 5.319/6.043/7.007/0.709 ms
|
So no problem there.
The domains are hosted at http://your-webhost.nl. At the config panel there I changed the DNS settings:
| Code: |
FQDN:
* A (Internet adres) 83.161.154.53
elmarotter.eu. TXT (text record) v=spf1 ip4:83.161.154.53 a mx ~all
elmarotter.eu. NS (name server) ns3.your-webhost.nl.
elmarotter.eu. MX (mail server) mail.elmarotter.eu.
elmarotter.eu. A (Internet adres) 83.161.154.53
elmarotter.eu. NS (name server) ns4.your-webhost.nl.
ftp A (Internet adres) 83.161.154.53
mail.elmarotter.eu. A (Internet adres)83.161.154.53
pop A (Internet adres) 83.161.154.53
smtp A (Internet adres) 83.161.154.53
www A (Internet adres) 83.161.154.53 |
Virtual 1:
| Code: |
* A (Internet adres) 83.161.154.53
elmarotter.nl. A (Internet adres) 83.161.154.53
ftp A (Internet adres) 83.161.154.53
pop A (Internet adres) 83.161.154.53
smtp A (Internet adres) 83.161.154.53
www A (Internet adres) 83.161.154.53
elmarotter.nl. MX (mail server) mail.elmarotter.eu.
mail.elmarotter.nl. MX (mail server) mail.elmarotter.eu.
elmarotter.nl. NS (name server) ns3.your-webhost.nl.
elmarotter.nl. NS (name server) ns4.your-webhost.nl.
elmarotter.nl. TXT (text record) v=spf1 ip4:83.161.154.53 a mx ~all
|
Virtual 2:
| Code: |
* A (Internet adres) 83.161.154.53
dwarsleeuwarden.nl. NS (name server) ns1.your-webhost.nl
dwarsleeuwarden.nl. A (Internet adres) 83.161.154.53
dwarsleeuwarden.nl. TXT (text record) v=spf1 ip4:83.161.154.53 a mx ~all
dwarsleeuwarden.nl. MX (mail server) mail.elmarotter.eu.
dwarsleeuwarden.nl. NS (name server) ns2.your-webhost.nl
ftp A (Internet adres) 83.161.154.53
pop A (Internet adres) 83.161.154.53
smtp A (Internet adres) 83.161.154.53
www A (Internet adres) 83.161.154.53
|
Question one is wether there is an error in this configuration? I don't fink the problem is with the postfix configuration because mail only fails from some domains / mailhosters.
But to be complete my main.cf file:
| Code: | elmarotter@masterserver ~ $ cat /etc/postfix/main.cf
queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = //usr/libexec/postfix
data_directory = /var/lib/postfix
mail_owner = postfix
myhostname = mail.elmarotter.eu
mydomain = elmarotter.eu
myorigin = elmarotter.eu
inet_interfaces = all
mydestination = mail.elmarotter.eu, localhost.elmarotter.eu, elmarotter.eu
unknown_local_recipient_reject_code = 450
mynetworks = 192.168.0.0/24, 192.168.178.0/24, 127.0.0.0/8
home_mailbox = .maildir/
local_destination_concurrency_limit = 2
default_destination_concurrency_limit = 20
debug_peer_level = 2
debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
ddd $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/sbin/sendmail
newaliases_path = /usr/bin/newaliases
mailq_path = /usr/bin/mailq
setgid_group = postdrop
html_directory = no
manpage_directory = /usr/share/man
sample_directory = /etc/postfix
readme_directory = no
home_mailbox = .maildir/
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_sasl_local_domain =
smtpd_recipient_restrictions =
permit_sasl_authenticated,
permit_mynetworks,
reject_unauth_destination
smtp_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_use_tls = yes
#smtpd_tls_auth_only = yes
smtpd_tls_key_file = /etc/postfix/newkey.pem
smtpd_tls_cert_file = /etc/postfix/newcert.pem
smtpd_tls_CAfile = /etc/postfix/cacert.pem
smtpd_tls_loglevel = 3
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
# na hier is nieuw, als mijn mailboxen niet meer werken haal ik de tekst hieronder weg
# Beging nieuwe tekst ->
alias_maps = mysql:/etc/postfix/mysql-aliases.cf
relocated_maps = mysql:/etc/postfix/mysql-relocated.cf
local_transport = local
local_recipient_maps = $alias_maps $virtual_mailbox_maps unix:passwd.byname
virtual_transport = virtual
virtual_mailbox_domains = dwarsleeuwarden.nl, elmarotter.nl
virtual_minimum_uid = 1000
virtual_gid_maps = static:1003
virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-maps.cf
virtual_alias_maps = mysql:/etc/postfix/mysql-virtual.cf
virtual_uid_maps = static:1003
virtual_mailbox_base = /
#virtual_mailbox_limit =
owner_request_special = no
recipient_delimiter = +
#alias_maps = mysql:/etc/postfix/mysql-aliases.cf
# hash:/usr/local/mailman/data/aliases,
# mysql:/etc/postfix/mysql-aliases.cf
#virtual_alias_maps =
# hash:/usr/local/mailman/data/virtual-mailman,
# mysql:/etc/postfix/mysql-virtual.cf
#mailfitering starst here: Dus als de boel zo niet meer goed werkt dan hetgeen hieronder eerst in de prullenbak mieteren ;)
biff = no
empty_address_recipient = MAILER-DAEMON
queue_minfree = 120000000
content_filter = smtp-amavis:[127.0.0.1]:10024
#Equivalently when using lmtp:
#content_filter = lmtp-amavis:[127.0.0.1]:10024
# TRANSPORT MAP
#
# Insert text from sample-transport.cf if you need explicit routing.
#transport_maps = hash:/etc/postfix/transport
#relay_domains = $transport_maps
#mailbox_command = /usr/bin/procmail -a "elmarotter.eu"
#mailbox_command = /usr/bin/procmail -a "elmarotter.nl"
#mailbox_command = /usr/bin/procmail
|
Last edited by elmar283 on Sat Dec 01, 2012 12:16 pm; edited 2 times in total |
|
| Back to top |
|
 |
cach0rr0
Bodhisattva
Joined: 13 Nov 2008
Posts: 4123
Location: Houston, Republic of Texas
|
| Posted: Fri Nov 30, 2012 8:07 pm Post subject: |
|
|
a few quick things
-your DNS setup looks perfectly fine
-for longer config files, is best to strip comments. Many ways to do this, I usually just do something like egrep -v '^(\#|$)' /etc/postfix/main.cf
-your relay_domains setting does not make sense. You have referenced $transport_maps, but then $transport_maps is not defined anywhere.
-lastly, what is the actual error you are seeing?
NB: that howto is somewhat old, and doesnt explain much, and i dont like it, so I made this one
_________________
Lost configuring your system?
dump lspci -n here | see Pappy's guide | Link Stash |
|
| Back to top |
|
|
elmar283
Guru
Joined: 06 Dec 2004
Posts: 316
Location: Haarlem, Netherlands
|
| Posted: Fri Nov 30, 2012 8:47 pm Post subject: |
|
|
Thanks for your answer:
Yes, the transport maps can go. It is from: http://www.gentoo.org/doc/en/mailfilter-guide.xml. I did put that line out now.
I agree with you that the explanation is poor on the virtual mail guide.
There is no error message on my log files. The mail does not come on my server. I think somewhere else something goes wrong on the origin of the mail.
This is the error mail I got from the mta on dds.nl:
I changed all @ tot (at).
| Code: |
This is the mail system at host rotring.dds.nl.
I'm sorry to have to inform you that your message could not
be delivered to one or more recipients. It's attached below.
For further assistance, please send mail to postmaster.
If you do so, please include this problem report. You can
delete your own text from the attached returned message.
The mail system
<elmar ( at) elmarotter.nl>: connect to mail.elmarotter.eu[83.161.154.53]:25:
Connection timed out
<elmar (at) elmarotter.eu>: connect to mail.elmarotter.eu[83.161.154.53]:25:
Connection timed out
Reporting-MTA: dns; rotring.dds.nl
X-Postfix-Queue-ID: EFE2E59063
X-Postfix-Sender: rfc822; ottere (at)dds.nl
Arrival-Date: Wed, 28 Nov 2012 17:21:17 +0100 (CET)
Final-Recipient: rfc822; elmar@elmarotter.nl
Original-Recipient: rfc822;elmar (at) elmarotter.nl
Action: failed
Status: 4.4.1
Diagnostic-Code: X-Postfix; connect to mail.elmarotter.eu[83.161.154.53]:25:
Connection timed out
Final-Recipient: rfc822; elmar (at) elmarotter.eu
Original-Recipient: rfc822;elmar (at) elmarotter.eu
Action: failed
Status: 4.4.1
Diagnostic-Code: X-Postfix; connect to mail.elmarotter.eu[83.161.154.53]:25:
Connection timed out
Van: Elmar Otter <ottere (at) dds.nl>
Onderwerp: test4
Datum: 28 november 2012 17:21:10 GMT+01:00
Aan: elmar (at) elmarotter.eu, elmar (at) elmarotter.nl
|
And thanks for your guide. (And if you know any good mailman guide. The mailman explenation from the virtual mail guide does not work for me.) |
|
| Back to top |
|
|
cach0rr0
Bodhisattva
Joined: 13 Nov 2008
Posts: 4123
Location: Houston, Republic of Texas
|
| Posted: Fri Nov 30, 2012 11:04 pm Post subject: |
|
|
| elmar283 wrote: | I think somewhere else something goes wrong on the origin of the mail.
|
I'm inclined to agree, namely because of this
| Code: |
connect to mail.elmarotter.eu[83.161.154.53]:25:
Connection timed out
|
the sending MTA attempted to connect to 83.161.154.53 on port 25
83.161.154.53 did not immediately RST the connection, it simply didn't respond
*if* there is an issue on your system, i would think it would be either a)a firewall, or b)your mail system hanging trying to look something up (DNS lookup taking forever?)
'B' is not as likely
'A' may be a possibility
one thing that will help you immensely for troubleshooting both this, and just in general, if you happen to use syslog-ng, emerge it with the 'hardened' USE flag set; all this does, is separate log files out, and in the case of postfix you have a nice clean /var/log/mail.* that is dedicated just to the mail facility. You could make custom syslog filters for this I guess, but when I can just emerge with a USE flag set, this seems easier
Anyway, reason i bring that up, my next step to make sure it was not the fault of my server, is to tail -f on /var/log/mail.log, send a test message, see if there is a connection attempt. Changing debug_peer_level will give you more information.
...but i still dont think this is an issue with your system. I think it is the sending MTA.
_________________
Lost configuring your system?
dump lspci -n here | see Pappy's guide | Link Stash |
|
| Back to top |
|
|
elmar283
Guru
Joined: 06 Dec 2004
Posts: 316
Location: Haarlem, Netherlands
|
| Posted: Sat Dec 01, 2012 9:01 am Post subject: |
|
|
I solved the problem. I blocked the ip-address 85.17.178.138 with: iptables -I INPUT -s 85.17.178.138 -j DROP.
Thank you for your input and guide page. I'm going to read the guide to get a better grip on my mailserver.[/code] |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
Networking & Security
