Configuration Issues with Virtual Users on Postfix/Courier/MySQL Fedora 12

I can feel brain goop leaking from my nose.

http://www.howtoforge.com/virtual-users-domains-postfix-courier-mysql-squirrelmail-fedora-12-x86_64

I was following the above guide to get a mail server up and running. The major difference in it all is the fact that my server is running i686, but I compensated for that easily, just a difference in folder/RPM names.

Otherwise I followed it to a "T." Everything seemed to go smoothly, no trips or falls until the very end.

After installing squirrelmail and trying to login on [email protected] returns ERROR: Connection dropped by IMAP server.

Uncle google tells me to run this command because SELinux is overzealous:
setsebool -P httpd_can_network_connect=1

And that works, and I thought I was home free. However, after that, I'm presented with a new error. I forget exactly what it was. However, google told me to send an email to create the mailbox because it wasn't there, yet. So I send a test email on over, but that fails, and so does mailx. So there's a lot goofed up, here.

Next I created /home/vmail/withfrosted.com/admin while logged into the vmail user for proper permissions. Squirrelmail now logs into the mail box but gives me yet another new error, in which I am now stuck on:
ERROR:
ERROR: Could not complete request.
Query: SELECT "INBOX"
Reason Given: Unable to open this mailbox.

As a summary, because I'm all over the place, here:
1. Can't view the mailbox via Squirrelmail.
2. Can't receive email, tried with mailx and a test email from gmail.

Regarding #2, the gmail test email, from the maillog:

(What's really odd? No bounceback email in my gmail inbox! I'm assuming that sprouts from the DSN error returned, here.)

If you all need any more information at all, just please reply and let me know. I would really appreciate any leads. I generally don't like littering forums with useless topics, and I honestly don't mean to. I promise that I looked as hard as I could on this one, literally all night and now I'm at work. >.> Mailservers are my weak spot, they shotgun my brain-power.

 

Please disable SELinux and try again.

 

EDIT:

D'oh. Just sent myself another test email and everything looks a-okay.
But now I know more specifically what the problem is. Thanks so much for your help.

I'm going to research fixing SELinux, but please let me know if you have any guidance to share.

-------------
Heya falko,

Just disabled selinux, still experiencing the same issue:

ERROR:
ERROR: Could not complete request.
Query: SELECT "INBOX"
Reason Given: Unable to open this mailbox.

Thanks for taking the time. What do you suggest, next?

 

Did you send an email to that mail box before you tried to log in?
What's the output of

Code:

getenforce

?
Any errors in your mail log now?

 

getenforce returns "Permissive"

I re-enabled SELinux and everything is now working as it should, and I'm not exactly sure why that is. I can create new accounts, send them their first email, and everything is good to go.

If you have any idea why that is, I would love to know.

 

Virtual and non-virtual users

Falko,

I too followed the tutorial to the letter, had the same problem with i686. Since I have used many of your tutorials, I have learned to adjust on the fly. Here is my issue, prior to using the Postfix/Courier/MySQL tutorial I was running my Fedora 12 server based on your perfect server tutorial minus the ISPConfig part. Therefore I was running Postfix and Dovecot, I shutdown Dovecot and disabled it so it is out of the way. I had trouble logging into my primary mail account, checked the maillog and found an entry about warning, don't put server name in both the hostname and virtual hostname. So I deleted the servers domain from the MySQL database and that error went away. However I could not find emails for my wamtechnology.com account. I change the main.cf for postfix and un-commented the Maildir entry, sent an email with mailx and it showed up in /home/bill.mcdonald/Maildir.

Is is possible to set Postfix up for both virtual and non-virtual accounts and retrieve emails from the server for non-virtual accounts using Thunderbird? I can get my virtual accounts through Squirrelmail just fine, send and receive. It's the non-virtual account I cannot seem to access from Thunderbird or Squirrelmail

Here is my Postfix main.cf

queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
mail_owner = postfix
inet_interfaces = all
inet_protocols = all
mydestination = wamtechnology.com, localhost, localhost.localdomain
unknown_local_recipient_reject_code = 550
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
home_mailbox = Maildir/
debug_peer_level = 2
debugger command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
ddd $daemon_directory/$process_name $process_id & sleep 5 This is the Sendmail-compatible mail posting interface.
sendmail_path = /usr/sbin/sendmail.postfix
newaliases_path = /usr/bin/newaliases.postfix
mailq_path = /usr/bin/mailq.postfix
setgid_group = postdrop
setgid_group = postdrop
html_directory = no
manpage_directory = /usr/share/manThis parameter is obsolete as of Postfix 2.1.
sample_directory = /usr/share/doc/postfix-2.6.5/samples
readme_directory = /usr/share/doc/postfix-2.6.5/README_FILES
myhostname = wamtechnology.com
mynetworks = 127.0.0.0/8
virtual_alias_domains =
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, mysql:/etc/postfix/mysql-virtual_email2email.cf
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
virtual_mailbox_base = /home/vmail
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_sasl_authenticated_header = yes
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
smtpd_use_tls = yes
smtpd_tls_cert_file = /etc/postfix/smtpd.cert
smtpd_tls_key_file = /etc/postfix/smtpd.key
transport_maps = proxy:mysql:/etc/postfix/mysql-virtual_transports.cf
virtual_create_maildirsize = yes
virtual_maildir_extended = yes
virtual_mailbox_limit_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailbox_limit_maps.cf
virtual_mailbox_limit_override = yes
virtual_maildir_limit_message = "The user you are trying to reach is over quota."
virtual_overquota_bounce = yes
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recip
ient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_
maps
content_filter = amavis:[127.0.0.1]:10024
receive_override_options = no_address_mappings

 

Yes, but only for different domains.

Any errors in your mail log?

 

The domain is different from the ones in the MySQL database. I have a web server running under the wamtechnology (hostname) domain then two virtual domains. Postfix is receiving mail, for wamtechnology and putting it in Maildir. I just can't seem to connect to the mailbox from Thunderbird. The only error I am getting is a loop back error.

Jul 20 18:56:01 web clamd[1645]: SelfCheck: Database status OK.
Jul 20 19:06:06 web clamd[1645]: SelfCheck: Database modification detected. Forcing reload.
Jul 20 19:06:07 web clamd[1645]: Reading databases from /var/lib/clamav
Jul 20 19:06:13 web clamd[1645]: Database correctly reloaded (806931 signatures)
Jul 20 19:16:13 web clamd[1645]: SelfCheck: Database status OK.
Jul 20 19:22:55 web postfix/qmgr[1774]: A03CBA968A: from=<[email protected]>, size=1353, nrcpt=1 (queue active)
Jul 20 19:22:55 web postfix/smtp[2653]: A03CBA968A: to=<[email protected]>, relay=none, delay=25576, delays=25576/0.08/0/0, dsn=5.4.6, status=bounced (mail for web.wamtechnology.com loops back to myself)
Jul 20 19:22:55 web postfix/cleanup[2656]: 7AAFAA9689: message-id=<[email protected]>
Jul 20 19:22:55 web postfix/qmgr[1774]: 7AAFAA9689: from=<>, size=3306, nrcpt=1 (queue active)
Jul 20 19:22:55 web postfix/bounce[2654]: A03CBA968A: sender non-delivery notification: 7AAFAA9689
Jul 20 19:22:55 web postfix/qmgr[1774]: A03CBA968A: removed
Jul 20 19:22:55 web postfix/smtp[2653]: 7AAFAA9689: to=<[email protected]>, relay=none, delay=0.14, delays=0.13/0.01/0/0, dsn=5.4.6, status=bounced (mail for web.wamtechnology.com loops back to myself)
Jul 20 19:22:55 web postfix/qmgr[1774]: 7AAFAA9689: removed

I can connect to the virtual mailboxes through Squirrelmail.

Bill

 

Add web.wamtechnology.com to the mydestination line in /etc/postfix/main.cf and restart Postfix.

 

Okay,

I followed the above advice to correct the error. However, I still cannot get Thunderbird to connect to the incoming pop3 or imap courier server. I can send emails through that server using the wamtechnology.com account, but not retrieved them. The wamtechnology account is a non virtual that uses a system account. I can authenticate using authtest so that part is working. I made this change to the authdaemonrc file to get the authentication working for this account

authmodulelist="authpam authmysql"

Oh, and I just found out I can access this email account through Squirrelmail, so if I cannot get Thunderbird to connect, I may be able to live without it.

Thanks,

Bill.

 

What are the outputs of

Code:

netstat -tap

and

Code:

iptables -L

?

 

Code:

[[email protected] ~]# netstat -tap
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address               Foreign Address             State       PID/Program name
tcp        0      0 *:sunrpc                    *:*                         LISTEN      1049/rpcbind
tcp        0      0 *:41716                     *:*                         LISTEN      1229/rpc.statd
tcp        0      0 *:ssh                       *:*                         LISTEN      1464/sshd
tcp        0      0 localhost:ipp               *:*                         LISTEN      1306/cupsd
tcp        0      0 *:smtp                      *:*                         LISTEN      4189/master
tcp        0      0 localhost:10024             *:*                         LISTEN      6594/amavisd (maste
tcp        0      0 localhost:10025             *:*                         LISTEN      4189/master
tcp        0      0 *:mysql                     *:*                         LISTEN      1594/mysqld
tcp        0      0 localhost:mysql             localhost:57879             ESTABLISHED 1594/mysqld
tcp       58      0 localhost:38048             localhost:10025             CLOSE_WAIT  6609/amavisd (ch1-a
tcp        0      0 localhost:mysql             localhost:44262             ESTABLISHED 1594/mysqld
tcp       58      0 localhost:43003             localhost:10025             CLOSE_WAIT  6608/amavisd (ch1-a
tcp        0      0 localhost:44262             localhost:mysql             ESTABLISHED 6609/amavisd (ch1-a
tcp        0   1148 web.wamtechnology.com:ssh   192.168.1.30:54298          ESTABLISHED 6736/0
tcp        0      0 localhost:57879             localhost:mysql             ESTABLISHED 6608/amavisd (ch1-a
tcp        0      0 *:imap                      *:*                         LISTEN      4376/couriertcpd
tcp        0      0 *:sunrpc                    *:*                         LISTEN      1049/rpcbind
tcp        0      0 *:http                      *:*                         LISTEN      1792/httpd
tcp        0      0 *:ftp                       *:*                         LISTEN      1775/proftpd: (acce
tcp        0      0 *:ssh                       *:*                         LISTEN      1464/sshd
tcp        0      0 localhost:ipp               *:*                         LISTEN      1306/cupsd
tcp        0      0 *:smtp                      *:*                         LISTEN      4189/master
tcp        0      0 *:https                     *:*                         LISTEN      1792/httpd
tcp        0      0 *:imaps                     *:*                         LISTEN      4383/couriertcpd
tcp        0      0 *:pop3s                     *:*                         LISTEN      4395/couriertcpd
tcp        0      0 *:pop3                      *:*                         LISTEN      4389/couriertcpd

and...

Code:

iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED
ACCEPT     icmp --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:ssh
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:http
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:ftp
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:https
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:smtp
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:domain
ACCEPT     udp  --  anywhere             anywhere            state NEW udp dpt:domain
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:imaps
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:pop3s
REJECT     all  --  anywhere             anywhere            reject-with icmp-host-prohibited

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
REJECT     all  --  anywhere             anywhere            reject-with icmp-host-prohibited

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Thanks,

Bill

 

As far as I can see, you only have IMAPS and POP3S enabled in your firewall, but not POP3 (port 110) and IMAP (port 143). Try to open these as well.