HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Installation/Configuration (http://www.howtoforge.com/forums/forumdisplay.php?f=27)
-   -   ISPConfig3, postfix, dovecot with allow custom login name problem... (http://www.howtoforge.com/forums/showthread.php?t=56499)

flyingaggie 10th March 2012 20:19

ISPConfig3, postfix, dovecot with allow custom login name problem...
 
Hey Guys,

I went through setting up the Debian cluster, following this tutorial:

http://www.howtoforge.com/installing...th-ispconfig-3

Everything is up and running, but I have an issue with the "allow custom login " with mail.

I'll preface this with the fact that I'm moving everything from a ISPconfig 2 setup to the new servers. With clients already setup with logins, etc on the old system, I'm trying to make the change as transparent as possible...hence, wanting to use the custom login names if possible.

I've checked the box for that in ISPConfig and I can log in to squirrel mail using the extra login after changing the dovecot-sql.conf to use login = '%u' instead of email = '%u'. However, if I send mail that way from any virtual hosts, it shows it comes from login_name@main.servername.com, instead of emailname@virtualserver.com. And, when I try to send mail back to the true address (emailname@virtualserver.com), it is kicked back with "unknown user".

Now, the weird part, if I either uncheck the allow custom login, or change the login to the same name as the email, everything works as it should both sending and receiving.

Is there something else I need to mod to make this work correctly. I've scoured the forums hoping someone else had this problem, but haven't found anything. Any help would be greatly appreciated. I've been driving myself nuts on this for a couple days. I'm sure it's probably something right under my nose, but I've just been looking at it took long to see.

Also, I can do http://www.somedomain.com/webmail and it won't work, but will work with the trailing / after webmail. I know I've fixed that before in years past, but can't seem to remember now.

Thanks a lot!!!!

till 12th March 2012 08:54

Please post the exact error messages from the mail.log.

d-signet 12th March 2012 12:23

is this the same problem i was having with custom usernames?

http://www.howtoforge.com/forums/showthread.php?t=56484

(from post #5 onwards)

Till's solution on page 2 worked for me

flyingaggie 12th March 2012 15:37

Quote:

Originally Posted by till (Post 275314)
Please post the exact error messages from the mail.log.

Here's what it shows when sending inbound with the 'allow user selected' and the login selected to something other than the actual email address.

Code:

Mar 12 09:21:08 mail amavis[21772]: (21772-13) Passed CLEAN, [98.139.91.202] [xx.xxx.xxx.xxx] <xxxxxxxxxxxx@yahoo.com> -> <user@mydomain.com>, Message-ID: <1331562066.43681.YahooMailNeo@web112605.mail.gq1.yahoo.com>, mail_id: bHmbOLaGIDQD, Hits: -0.098, size: 2957, queued_as: 2D315314A394, 378 ms
Mar 12 09:21:08 mail postfix/smtp[24027]: 9CE16314A37A: to=<user@mydomain.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=0.62, delays=0.23/0/0/0.38, dsn=2.0.0, status=sent (250 2.0.0 Ok, id=21772-13, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 2D315314A394)
Mar 12 09:21:08 mail postfix/qmgr[2971]: 9CE16314A37A: removed
Mar 12 09:21:08 mail postfix/pipe[24031]: 2D315314A394: to=<user@mydomain.com>, relay=dovecot, delay=0.02, delays=0.01/0.01/0/0.01, dsn=5.1.1, status=bounced (user unknown)
Mar 12 09:21:08 mail postfix/cleanup[24026]: 327BF314A399: message-id=<20120312142108.327BF314A399@serverboxname.com>
Mar 12 09:21:08 mail postfix/bounce[24033]: 2D315314A394: sender non-delivery notification: 327BF314A399
Mar 12 09:21:08 mail postfix/qmgr[2971]: 327BF314A399: from=<>, size=5446, nrcpt=1 (queue active)
Mar 12 09:21:08 mail postfix/qmgr[2971]: 2D315314A394: removed
Mar 12 09:21:09 mail postfix/smtp[24034]: 327BF314A399: to=<xxxxxxxxxxxxxxx@yahoo.com>, relay=mta7.am0.yahoodns.net[66.94.238.147]:25, delay=0.84, delays=0/0.01/0.25/0.58, dsn=2.0.0, status=sent (250 ok dirdel)
Mar 12 09:21:09 mail postfix/qmgr[2971]: 327BF314A399: removed


Here's what it shows when I send mail from squirrelmail with the same setup, where it replaces the email with the user with the login and the domain as the name of the server box (changed here for security).

Code:

Mar 12 09:25:30 mail postfix/smtpd[24137]: C06B0314A394: client=localhost[127.0.0.1]
Mar 12 09:25:30 mail postfix/cleanup[24131]: C06B0314A394: message-id=<891bedc6d90b9d1dbad1798c306fff12.squirrel@mydomain.com>
Mar 12 09:25:30 mail postfix/qmgr[2971]: C06B0314A394: from=<login@servername.com>, size=1275, nrcpt=1 (queue active)
Mar 12 09:25:30 mail amavis[21849]: (21849-12) Passed CLEAN, LOCAL [127.0.0.1] [xx.xxx.xxx.xxx] <login@servername.com> -> <xxxxxxxxxxxxx@yahoo.com>, Message-ID: <891bedc6d90b9d1dbad1798c306fff12.squirrel@mydomain.com>, mail_id: wxkb-F3uze7S, Hits: -1, size: 787, queued_as: C06B0314A394, 165 ms
Mar 12 09:25:30 mail postfix/smtpd[24137]: disconnect from localhost[127.0.0.1]
Mar 12 09:25:30 mail postfix/smtp[24132]: 8EEB4314A37A: to=<xxxxxxxxxxxxxx@yahoo.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=0.22, delays=0.05/0.01/0/0.17, dsn=2.0.0, status=sent (250 2.0.0 Ok, id=21849-12, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as C06B0314A394)
Mar 12 09:25:30 mail postfix/qmgr[2971]: 8EEB4314A37A: removed
Mar 12 09:25:31 mail postfix/smtp[24138]: C06B0314A394: to=<xxxxxxxxxxxxxx@yahoo.com>, relay=mta5.am0.yahoodns.net[98.137.54.238]:25, delay=0.67, delays=0.01/0.01/0.16/0.49, dsn=2.0.0, status=sent (250 ok dirdel)
Mar 12 09:25:31 mail postfix/qmgr[2971]: C06B0314A394: removed

Hopefully that gives something to go on. Obviously, I changed the actual names from the log for security. login@servername.com is the login name from the allow login box in ispconfig and servername.com is the actually name of the server box. mydomain.com is the actual virtual domain.

Thanks!

flyingaggie 12th March 2012 15:39

Quote:

Originally Posted by d-signet (Post 275329)
is this the same problem i was having with custom usernames?

http://www.howtoforge.com/forums/showthread.php?t=56484

(from post #5 onwards)

Till's solution on page 2 worked for me

Thanks I hadn't found that post, but had figured out that solution for getting logged in. Sure appreciate you pointing that out, though! :)

I have my system configured the way Till suggested (corrected version) on the last page.

Tim

flyingaggie 13th March 2012 04:38

Playing around again with this today, I did get it to send mail correctly using the alternate login instead of the true email address. I changed the password_query to this:

Code:

password_query = SELECT password, email FROM mail_user WHERE login = '%u' AND disable%Ls = 'n'
Basically, I just added the email selection to it and now the mail shows from name@virtualdomain.com instead of login@servername.com.

the user_query is:

Code:

user_query = SELECT email as user, maildir as home, CONCAT('maildir:', maildir, '/Maildir') as mail, uid, gid, CONCAT('*:storage=', quota, 'B') AS quota_rule, CONCAT(maildir, '/.sieve') as sieve FROM mail_user WHERE login = '%u' AND disable%Ls = 'n'
Just as a note the master.cf shows this for the dovecot:

Code:

dovecot  unix  -      n      n      -      -      pipe
  flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop}

I guess the question I should be asking, when dovecot receives the email from the MTA (postfix in this case), where does it look to find if the user exists? According to the logs, postfix is correctly handing it off to dovecot. Does it use the password_query, user_query, both or none of the above? I think that will help diagnose why it's not finding the user. It's definitely strange to me that it works perfect when I don't try to use an alternate login and makes me think it's looking at the wrong id to check for the user.

Just in case it's needed, here's the authentication section of the dovecot.conf

Code:

## Authentication processes

# Executable location
#auth_executable = /usr/lib/dovecot/dovecot-auth
auth default {
  mechanisms = plain login

  # SQL database <doc/wiki/AuthDatabase.SQL.txt>
  passdb sql {
    # Path for SQL configuration file
    args = /etc/dovecot/dovecot-sql.conf
  }

# new quota support:
  userdb prefetch {
  }

  userdb sql {
    args = /etc/dovecot/dovecot-sql.conf
  }


  ## dovecot-lda specific settings
  ##
  socket listen {
    master {
      path = /var/run/dovecot/auth-master
      mode = 0600
      user = vmail # User running Dovecot LDA
      #group = vmail # Or alternatively mode 0660 + LDA user in this group
    }
  client {
          path = /var/spool/postfix/private/auth
          mode = 0660
          user = postfix
          group = postfix
        }
  }

}

mail_location = maildir:/var/vmail/%d/%n/Maildir

mail_uid = <removed>
mail_gid = <removed>

Thanks again for the help!

flyingaggie 14th March 2012 21:42

Anyone? Any ideas????

till 16th March 2012 08:08

Quote:

where does it look to find if the user exists?
It checks the mysql database and uses the queries in the dovecot-sql.conf file. You can enable verbose auth llogging in dovecot to see the exact queries used be the deliver agent:

http://wiki1.dovecot.org/Logging

till 16th March 2012 08:15

Another thing that you can try is to replace:

Code:

login = '%u'
in the queries with:

Code:

(login = '%u' or email = '%u')

flyingaggie 16th March 2012 08:36

Thanks Till!

Trying your suggestion now.

I think it may be narrowed down to Postfix somewhere, actually. Postfix uses the mysql-virtual_*.cf files for validation, right? It doesn't use the Dovecot queries, does it? For instance, when it says (user unknown) in the mail.log as above, that's postfix correct? Or, has it handed the message off to dovecot already?


All times are GMT +2. The time now is 21:40.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.