HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Server Operation (http://www.howtoforge.com/forums/forumdisplay.php?f=5)
-   -   Would the problem come from postfix? (http://www.howtoforge.com/forums/showthread.php?t=19654)

satimis 21st January 2008 16:33

Would the problem come from postfix?
 
Hi folks,


Mail Server:
Ubuntu 7.04 server amd64
SquirrelMail 1.4.11
Postfix - pop, smtp


Workstation
Ubuntu 7.04 desktop
Evolution 2.10.1



IIRC before installing SquirrelMail workstation can send/receive mail on Evolution via the Mail Server w/o problem.

SM is working w/o problem. Just discovered Evolution can receive mails but can't send mails via the Mail Server. With the same password it can't authenticate to send mails, always complaining "Unable to authenticate to SMTP server. Bad authentication response from server". However the same password works to login SM.


What I have done on the Mail Server were;

1)
Installed SM, the webmail

2)
Configuring CentOS 5 (Guest OS) running on VMWare. CentOS can browse Internet BUT Internet can't get into CenOS. I'm still trying to solve this problem.


If uncheck "server require authentical", Evolution can send mails to other users registered on the Mail Server". But can't send mails to Internet with following warning;
Code:


RCPT TO <user1@abc.com> failed: <user1@abc.com>: Relay access denied


I haven't run Evolution on workstation to send mails for sometimes since SquirrelMail running. Would the problem come from postfix? If YES how to reconfigure "main.cf" TIA



B.R.
satimis

falko 22nd January 2008 20:16

Any errors in your mail log? What's in your main.cf?

satimis 23rd January 2008 02:54

Quote:

Originally Posted by falko
Any errors in your mail log?

1)
On Evolution

uncheck "server require authentication"


$ tail /var/log/mail.err
Code:

Jan  2 14:52:23 mail postfix[5415]: fatal: the postfix command is reserved for t
he superuser
Jan  4 15:20:26 mail postfix[6060]: error: to submit mail, use the Postfix sendm
ail command
Jan  4 15:20:26 mail postfix[6060]: fatal: the postfix command is reserved for t
he superuser
Jan  4 15:20:39 mail postfix[6061]: error: to submit mail, use the Postfix sendm
ail command
Jan  4 15:20:39 mail postfix[6061]: fatal: the postfix command is reserved for t
he superuser
Jan 10 20:50:04 mail postfix[5705]: error: to submit mail, use the Postfix sendm
ail command
Jan 10 20:50:04 mail postfix[5705]: fatal: the postfix command is reserved for t
he superuser
Jan 10 20:50:11 mail postfix[5706]: error: to submit mail, use the Postfix sendm
ail command
Jan 10 20:50:11 mail postfix[5706]: fatal: the postfix command is reserved for t
he superuser
Jan 21 11:39:05 mail postfix[5877]: fatal: myhostname and relayhost parameter se
ttings must not be identical: mail.satimis.com


$ tail /var/log/mail.log
Code:

Jan 23 08:59:45 mail authdaemond: Installing libauthpam
Jan 23 08:59:45 mail authdaemond: Installation complete: authpam
Jan 23 08:59:48 mail postfix/master[4928]: daemon started -- version 2.3.8, configuration /etc/postfix
Jan 23 09:37:15 mail postfix/smtpd[5441]: connect from host-22.124-157-220.dynamic.totalbb.net.tw[220.157.124.22]
Jan 23 09:37:15 mail postfix/smtpd[5441]: warning: support for restriction "reject_maps_rbl" will be removed from
Postfix; use "reject_rbl_client domain-name" instead
Jan 23 09:37:16 mail postfix/smtpd[5441]: NOQUEUE: reject: RCPT from host-22.124-157-220.dynamic.totalbb.net.tw[22
0.157.124.22]: 554 5.7.1 Service unavailable; Client host [220.157.124.22] blocked using bl.spamcop.net; Blocked -
 see http://www.spamcop.net/bl.shtml?220.157.124.22; from=<bostjan182@schow.biz> to=<mail@satimis.com> proto=ESMTP
 helo=<[220.157.124.22]>
Jan 23 09:37:16 mail postfix/smtpd[5441]: disconnect from host-22.124-157-220.dynamic.totalbb.net.tw[220.157.124.2
2]
Jan 23 09:40:36 mail postfix/anvil[5444]: statistics: max connection rate 1/60s for (smtp:220.157.124.22) at Jan 2
3 09:37:15
Jan 23 09:40:36 mail postfix/anvil[5444]: statistics: max connection count 1 for (smtp:220.157.124.22) at Jan 23 0
9:37:15
Jan 23 09:40:36 mail postfix/anvil[5444]: statistics: max cache size 1 at Jan 23 09:37:15


2)
On Evolution

check "server require authentication"
PLAIN

$ tail /var/log/mail.log
Code:

Jan 23 10:28:43 mail postfix/smtpd[5515]: NOQUEUE: reject: RCPT from unknown[220.232.213.178]: 554 5.7.1 <satimisliu@gmail.com>: Relay access denied; from=<smsliu@satimis.com> to=<satimisliu@gmail.com> proto=ESMTP helo=<[192.168.0.11]>
Jan 23 10:28:43 mail postfix/smtpd[5515]: disconnect from unknown[220.232.213.178]
Jan 23 10:31:15 mail postfix/smtpd[5521]: connect from unknown[220.232.213.178]
Jan 23 10:31:15 mail postfix/smtpd[5521]: NOQUEUE: reject: RCPT from unknown[220.232.213.178]: 554 5.7.1 <satimisliu@gmail.com>: Relay access denied; from=<smsliu@satimis.com> to=<satimisliu@gmail.com> proto=ESMTP helo=<[192.168.0.11]>
Jan 23 10:31:15 mail postfix/smtpd[5521]: disconnect from unknown[220.232.213.178]
Jan 23 10:33:17 mail postfix/smtpd[5529]: connect from pool-71-179-10-74.bltmmd.fios.verizon.net[71.179.10.74]
Jan 23 10:33:19 mail postfix/smtpd[5529]: warning: support for restriction "reject_maps_rbl" will be removed from Postfix; use "reject_rbl_client domain-name" instead
Jan 23 10:33:19 mail postfix/smtpd[5529]: NOQUEUE: reject: RCPT from pool-71-179-10-74.bltmmd.fios.verizon.net[71.179.10.74]: 554 5.7.1 Service unavailable; Client host [71.179.10.74] blocked using bl.spamcop.net; Blocked - see http://www.spamcop.net/bl.shtml?71.179.10.74; from=<incurablytw93@freejesuspictures.com> to=<satimis@satimis.com> proto=ESMTP helo=<Wireless_Broadband_Router>
Jan 23 10:33:19 mail postfix/smtpd[5529]: lost connection after DATA from pool-71-179-10-74.bltmmd.fios.verizon.net[71.179.10.74]
Jan 23 10:33:19 mail postfix/smtpd[5529]: disconnect from pool-71-179-10-74.bltmmd.fios.verizon.net[71.179.10.74]


Quote:

What's in your main.cf?
$cat /etc/postfix/main.cf
Code:

# See /usr/share/postfix/main.cf.dist for a commented, more complete version

# Debian specific:  Specifying a file name will cause the first
# line of that file to be used as the name.  The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

# TLS parameters
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtpd_use_tls = yes
smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache

# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.

myhostname = mail.satimis.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = satimis.com
mydestination = mail.satimis.com, satimis.com, localhost.satimis.com, localhost.localdomain, localhost
relayhost =
#mynetworks = 127.0.0.0/8, 192.168.1.0/24
mynetworks = 127.0.0.0/8, 192.168.0.0/24
mailbox_command =
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all
smtpd_sasl_local_domain =
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
#smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
#smtpd_tls_auth_only = no
smtpd_tls_auth_only = yes
smtp_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
home_mailbox = Maildir/
virtual_alias_maps = hash:/etc/postfix/virtual
# Specify your NAT/proxy EXTERNAL address here.
proxy_interfaces = 220.232.213.178
#proxy_interfaces = 1.2.3.4
#virtual_alias_domains = satimis.com satimis.changeip.net

# Enable SMTP authentication support
smtp_sasl_auth_enable = no
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = $mydomain
unknown_local_recipient_reject_code = 450
maps_rbl_domains =
    bl.spamcop.net,
    xbl.spamhaus.org

smtpd_recipient_restrictions =
    permit_mynetworks,
    permit_sasl_authenticated,
    reject_unauth_destination
    reject_invalid_hostname,
    reject_non_fqdn_sender,
    reject_non_fqdn_recipient,
    reject_unknown_sender_domain,
    reject_unknown_recipient_domain,
    reject_unauth_pipelining,
    reject_unauth_destination,
    reject_maps_rbl,

smtpd_client_restrictions = permit_mynetworks


Edit:


I suppose the problem coming from Evolution. I checked Kmail running on F7 (on another HD on the same Worksation). It can send and receive mails on the Mail Server without problem. However Evolution can send mails via ISP server.

satimis

falko 23rd January 2008 14:17

Are you using ISPConfig?

satimis 23rd January 2008 15:13

Quote:

Originally Posted by falko
Are you using ISPConfig?

No. Webmin and Usermin are running here.


I suppose it is a relay problem. On clicking "Send" it popup
Code:

RCPT TO <user1@abc.com> failed: <user1@abc.com>: Relay access denied

satimis

falko 24th January 2008 14:54

Can you try to configure an email account as shown here: http://www.howtoforge.com/forums/showthread.php?t=2
and test again?

satimis 24th January 2008 15:04

Quote:

Originally Posted by falko
Can you try to configure an email account as shown here: http://www.howtoforge.com/forums/showthread.php?t=2
and test again?

OK, I'll test it later. Thanks.

However I can't resolve why Kmail works w/o problem. It is on the same PC, same ISP, same Mail Server, same accounts and same recipients for testing etc. The only difference is Kmail running on F7 on anoterh HD.


Edit - 1
=====

I'll follow;
http://www.howtoforge.com/forums/showthread.php?t=2

to proceed.


The Mail Server is running serving several users. They already have their accounts created. Therefore I'll skip following steps
Code:

postconf -e 'home_mailbox = Maildir/'
postconf -e 'mailbox_command ='
/etc/init.d/postfix restart

useradd -d /home/sample_user -g users sample_user
passwd sample_user


$ ls /etc/postfix
Code:

dynamicmaps.cf    master.cf      sasl
main.cf          postfix-files  ssl
postfix-script  virtual
post-install    virtual.db

What are "virtual" and "virtual.db" for ???


$ sudo postconf -e 'virtual_maps = hash:/etc/postfix/virtusertable'
$ sudo postconf -e 'mydestination = /etc/postfix/local-host-names'


$ sudo nano /etc/postfix/local-host-names
copying following lines on it
Code:

localhost
mail.satimis.com
localhost.mail.satimis.com
example.com (Shall I retain this domain ???)
satimis.com

What is "example.com" for?? I don't have this domain on main.cf


$ sudo nano /etc/postfix/virtusertable

adding following lines on it
Code:

info@satimis.com  user1
user1@example.com  user1
webmaster@satimis.com  user1

info@satimis.com  user2
user2@example.com  user2
webmaster@satimis.com  user1 (OR user2 ???)

info@satimis.com  user3
user3@example.com  user3
webmaster@satimis.com  user1 (OR user3 ???)

etc. (create above 3 lines for each user ???)


$ sudo postmap /etc/postfix/virtusertable

$ sudo /etc/init.d/postfix restart


Please advise to avoid making mistake and causing problem to existing users. TIA



Edit - 2:
=====

I'm now on the same Workstation running F7. New discovery;

Evolution running on F7 works seamlessly. It can send and receive mails, with the same settings as on Ubuntu, via the Mail Server w/o problem. This discovery makes me considering that Evolution on Ubuntu may has no problem. Neither there is a problem on the Mail Server. Ubuntu may has some misconfiguration causing the problem on "Relay access denied".


satimis

falko 25th January 2008 16:41

Quote:

Originally Posted by satimis
Ubuntu may has some misconfiguration causing the problem on "Relay access denied".


satimis

Are you absolutely sure that you've enabled authentication in Evolution? Please compare the settings of Evolution on Fedora and Ubuntu.

satimis 25th January 2008 16:53

Quote:

Originally Posted by falko
Are you absolutely sure that you've enabled authentication in Evolution? Please compare the settings of Evolution on Fedora and Ubuntu.

Yes. But it can't work. I have spent 2 days on this problem w/o a solution. Finally I solved the problem on Ubuntu by running;

$ sudo apt-get --reinstall install evolution


Now I can send mails on Postfix without authentication. I'm now googling around for tutorial to setup Postfix with SMTP-AUTH. I found your tutorial for Ubuntu 7.04. But I'm running Ubuntu 7.10. Can the tutorial be followed?


satimis

falko 26th January 2008 19:04

Quote:

Originally Posted by satimis
I found your tutorial for Ubuntu 7.04.

Which one exactly (URL)?


All times are GMT +2. The time now is 19:15.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.