HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Server Operation (http://www.howtoforge.com/forums/forumdisplay.php?f=5)
-   -   Postfix hostname changes (http://www.howtoforge.com/forums/showthread.php?t=48041)

holykim 18th August 2010 02:53

Postfix hostname changes
 
Hi All

I have multiple IP addresses on my server and want to send emails from my mail server (mail.ibsp.co.nz) with it's IP address.

my server's hostname is ibsp.co.nz and IP is 202.89.33.167
my mail server is mail.ibsp.co.nz and IP is 202.89.33.168
IP block owner set the PTR record for my mail server

I changed the hostname in main.cf to mail.ibsp.co.nz (it was ibsp.co.nz) and sent a test email to gmail account but the client-ip is still 202.89.33.167 and the email contained "Received: from mail.ibsp.co.nz (www.ibsp.co.nz [202.89.33.167])".

Currently ISPConfig 2 and postfix are installed with CentOS5.
(I have ISPConfig 3 server with postfix and it has the same problem.....)

Could you please advise how to change the mail server in Postfix?

Thanks in advance.

Harry

Mark_NL 18th August 2010 10:11

Code:

"Received: from mail.ibsp.co.nz (www.ibsp.co.nz [202.89.33.167])"
That's because postfix still mails through that interface, and most MTA's do a reversed lookup on the ip, to grab the hostname ..

seth eth0 to .168 and eth0:0 to .167

holykim 18th August 2010 10:58

Thanks Mark

Doesn't it affect to any other services? I am running APM, DNS, and etc on the same server. Please advise.

Cheers

Harry

Mark_NL 18th August 2010 11:32

nah if you keep both ip's up it shouldn't be any problem. but remember that the default external ip for your server will become .168 then .. so keep in mind of firewalls etc ..

holykim 18th August 2010 11:51

Hi Mark

It works great! email send through .168. Thanks again.

I have another problem with DKIM with amavisd-new. I put the below code into amavisd.conf and tested Ok.

$enable_dkim_verification = 1;
$enable_dkim_signing = 1;
dkim_key('netcafe24.net', 'mail', '/var/db/dkim/netcafe24.key.pem');
@dkim_signature_options_bysender_maps = (
{ '.' => { ttl => 21*24*3600, c => 'relaxed/simple' } } );
@mynetworks = qw(0.0.0.0/8 127.0.0.0/8);

amavisd testkeys
TESTING#1: mail._domainkey.mail.netcafe24.net => pass

I made a TXT record as below
Hostname : mail._domainkey.mail.netcafe24.net with the
Text : v=DKIM1; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDSMM8gWgE1 nmvrZ0s7myIA52Ykemqkc6ICzlCPMOpgflNmoVcvIkYUh0KLZf 2mEJt362/qLZxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

I sent an email to gmail account but I can not find DKIM signature. My mail server is mail.netcafe24.net. Can you please advise what's wrong?

Cheers
Harry

Mark_NL 18th August 2010 12:03

Your mail server is mail.netcafe24.net .. but your domain is netcafe24.net ..

I'd rather set the key on mail._domainkey.netcafe24.net .. but it's not required (it's just cleaner imho ;)

anyway, could you post the complete headers from the mail you send to gmail?

holykim 18th August 2010 12:09

Thanks Mark

I matched both name but it didn't work. I attached the headers below. Thanks Mark.

Delivered-To: holykim66@gmail.com
Received: by 10.229.185.4 with SMTP id cm4cs13014qcb;
Wed, 18 Aug 2010 02:55:07 -0700 (PDT)
Received: by 10.142.141.3 with SMTP id o3mr6966780wfd.15.1282125306922;
Wed, 18 Aug 2010 02:55:06 -0700 (PDT)
Return-Path: <postmaster@netcafe24.net>
Received: from mail.netcafe24.net (ns1.netcafe24.net [202.89.33.170])
by mx.google.com with ESMTP id s16si134162wfc.81.2010.08.18.02.55.05;
Wed, 18 Aug 2010 02:55:06 -0700 (PDT)
Received-SPF: pass (google.com: domain of postmaster@netcafe24.net designates 202.89.33.170 as permitted sender) client-ip=202.89.33.170;
Authentication-Results: mx.google.com; spf=pass (google.com: domain of postmaster@netcafe24.net designates 202.89.33.170 as permitted sender) smtp.mail=postmaster@netcafe24.net
Received: from localhost (unknown [127.0.0.1])
by mail.netcafe24.net (Postfix) with ESMTP id C47CDA38167
for <holykim66@gmail.com>; Wed, 18 Aug 2010 09:46:42 +0000 (UTC)
X-Virus-Scanned: amavisd-new at netcafe24.net
Received: from mail.netcafe24.net ([127.0.0.1])
by localhost (netcafe24.net [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id iBbOXDx7FuQT for <holykim66@gmail.com>;
Wed, 18 Aug 2010 21:46:34 +1200 (NZST)
Received: from [192.168.2.253] (unknown [60.234.231.107])
(Authenticated sender: support@netcafe24.co.nz)
by mail.netcafe24.net (Postfix) with ESMTP id 58D28A38154
for <holykim66@gmail.com>; Wed, 18 Aug 2010 21:46:33 +1200 (NZST)
Message-ID: <4C6BADF2.4060608@netcafe24.net>
Date: Wed, 18 Aug 2010 21:54:58 +1200
From: Netcafe24 <postmaster@netcafe24.net>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-GB; rv:1.9.2.8) Gecko/20100802 Thunderbird/3.1.2
MIME-Version: 1.0

Mark_NL 18th August 2010 13:00

looking at the headers, there is no DKIM signing ..
SPF is fine ..

Code:

mark@mark-desktop:~$ host netcafe24.net
netcafe24.net has address 202.89.33.170
netcafe24.net mail is handled by 10 mail.netcafe24.net.

mark@mark-desktop:~$ host -t txt netcafe24.net
netcafe24.net descriptive text "v=spf1 a mx ptr -all"

now add a mail._domainkey TXT in netcafe24.net with:

Code:

v=DKIM1; g=*; p=<key>
so we're going for this response:

Code:

mark@mark-desktop:~$ host -t txt netcafe24.net
netcafe24.net descriptive text "v=spf1 a mx ptr -all"
netcafe24.net descriptive text "v=DKIM1; g=*; p=<key>"


holykim 18th August 2010 13:34

Hi Mark

I added a TXT record as below.
Hostname : mail._domainkey.netcafe24.net
Text : v=DKIM1; p=<key>

You mean the Hostname in the TXT record must be netcafe24.net instead of mail._domainkey.netcafe24.net?

Cheers
Harry

Mark_NL 18th August 2010 13:50

no, at first you had:

Hostname : mail._domainkey.mail.netcafe24.net

But it should be

Hostname : mail._domainkey.netcafe24.net

because the sender is user@netcafe24.net

Code:

mark@mark-desktop:~$ host -t txt netcafe24.net ns1.netcafe24.net
netcafe24.net descriptive text "v=spf1 a mx ptr -all"

i still get just one TXT record back .. (or i'm to fast ;-)


All times are GMT +2. The time now is 14:49.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.