Email domain alias does not working

Discussion in 'General' started by Keagan, Dec 3, 2020.

  1. Keagan

    Keagan Member

    Hello,

    I have domain domain.tld but when I create alias of it on domainxy.tld I can't login with emails nor deliver emails on it.

    I can login and work with [email protected] but cant login or deliver with [email protected] .. any idea where is issue? Both MX are directing on server.

    After sending an email to alias domain I have this error as response

    554 5.7.1 <[email protected]domainxy.tld>: Relay access denied
     
    Last edited: Dec 3, 2020
  2. nhybgtvfr

    nhybgtvfr Active Member

    you can't login with it because it's an alias, not a mailbox. it has no login credentials of it's own.

    also, just to be clear, you created a mail domainalias, not a website domainalias? (i know, it's a stupid question to be asking, but people do make this mistake)

    what do the mail logs show for any mail sent to [email protected]?
     
  3. Keagan

    Keagan Member

    Yes is it mailbox domain alias, checked it for sure :))

    Log looks like this

    Code:
    postfix/smtpd[31223]: NOQUEUE: reject: RCPT from mail-ej1-x62f.google.com[2a00:1450:4864:20::62f]: 554 5.7.1 <[email protected]>: Relay access denied; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<mail-ej1-x62f.google.com>
     
  4. nhybgtvfr

    nhybgtvfr Active Member

  5. Keagan

    Keagan Member

  6. Th0m

    Th0m ISPConfig Developer Staff Member ISPConfig Developer

    Did you reconfigure services when upgrading?
     
  7. Keagan

    Keagan Member

    No I cam configuring it with ansible. Here is main.cf

    Code:
    # See /usr/share/postfix/main.cf.dist for a commented, more complete version
    
    
    # Debian specific:  Specifying a file name will cause the first
    # line of that file to be used as the name.  The Debian default
    # is /etc/mailname.
    #myorigin = /etc/mailname
    
    smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
    biff = no
    
    # appending .domain is the MUA's job.
    append_dot_mydomain = no
    
    # Uncomment the next line to generate "delayed mail" warnings
    #delay_warning_time = 4h
    
    readme_directory = no
    
    # See http://www.postfix.org/COMPATIBILITY_README.html -- default to 2 on
    # fresh installs.
    compatibility_level = 2
    
    
    
    # TLS parameters
    smtpd_tls_cert_file = /etc/ssl/ansible/cert.pem
    smtpd_tls_key_file = /etc/ssl/ansible/key.pem
    smtpd_use_tls = yes
    smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
    smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
    
    # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
    # information on enabling SSL in the smtp client.
    
    smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
    myhostname = server.host.tld
    alias_maps =
    alias_database = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
    myorigin = /etc/mailname
    mydestination = server.host.tld
    relayhost =
    mynetworks = 127.0.0.0/8 [::1]/128
    mailbox_size_limit = 0
    recipient_delimiter = +
    inet_interfaces = all
    inet_protocols = ipv4, ipv6
    dovecot_destination_recipient_limit = 1
    virtual_transport = dovecot
    smtpd_sasl_type = dovecot
    smtpd_sasl_path = private/auth
    content_filter = amavis:[127.0.0.1]:10024
    receive_override_options = no_address_mappings
    virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, proxy:mysql:/etc/postfix/mysql-virtual_email2email.cf
    message_size_limit = 52428800
    smtp_tls_exclude_ciphers = RC4, aNULL
    smtpd_tls_exclude_ciphers = RC4, aNULL
    smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
    smtpd_tls_protocols = !SSLv2,!SSLv3
    smtp_tls_protocols = !SSLv2,!SSLv3
    smtp_tls_security_level = may
    owner_request_special = no
    body_checks = regexp:/etc/postfix/body_checks
    nested_header_checks = regexp:/etc/postfix/nested_header_checks
    mime_header_checks = regexp:/etc/postfix/mime_header_checks
    header_checks = regexp:/etc/postfix/header_checks
    maildrop_destination_recipient_limit = 1
    maildrop_destination_concurrency_limit = 1
    smtpd_client_message_rate_limit = 100
    smtpd_client_restrictions = check_client_access mysql:/etc/postfix/mysql-virtual_client.cf
    smtpd_sender_restrictions = check_sender_access regexp:/etc/postfix/tag_as_originating.re , permit_mynetworks, permit_sasl_authenticated, check_sender_access mysql:/etc/postfix/mysql-virtual_sender.cf, check_sender_access regexp:/etc/postfix/tag_as_foreign.re
    smtpd_helo_restrictions = permit_sasl_authenticated, permit_mynetworks, check_helo_access regexp:/etc/postfix/helo_access, reject_invalid_hostname, reject_non_fqdn_hostname, reject_invalid_helo_hostname, reject_unknown_helo_hostname, check_helo_access regexp:/etc/postfix/blacklist_helo
    smtpd_helo_required = yes
    proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $sender_bcc_maps $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $smtpd_sender_login_maps
    smtpd_sender_login_maps = proxy:mysql:/etc/postfix/mysql-virtual_sender_login_maps.cf
    relay_recipient_maps = mysql:/etc/postfix/mysql-virtual_relayrecipientmaps.cf
    relay_domains = mysql:/etc/postfix/mysql-virtual_relaydomains.cf
    transport_maps = hash:/var/lib/mailman/data/transport-mailman, proxy:mysql:/etc/postfix/mysql-virtual_transports.cf
    smtpd_tls_security_level = may
    smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_rbl_client zen.spamhaus.org, check_recipient_access mysql:/etc/postfix/mysql-virtual_recipient.cf, check_recipient_access mysql:/etc/postfix/mysql-virtual_policy_greylist.cf
    greylisting = check_policy_service inet:127.0.0.1:10023
    smtpd_restriction_classes = greylisting
    smtpd_sasl_authenticated_header = yes
    broken_sasl_auth_clients = no
    smtpd_sasl_auth_enable = yes
    sender_bcc_maps = proxy:mysql:/etc/postfix/mysql-virtual_outgoing_bcc.cf
    virtual_gid_maps = mysql:/etc/postfix/mysql-virtual_gids.cf
    virtual_uid_maps = mysql:/etc/postfix/mysql-virtual_uids.cf
    virtual_mailbox_base = /var/vmail
    virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
    virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
    virtual_alias_domains =
    smtpd_tls_CAfile = /etc/ssl/ansible/ca.pem
    smtpd_reject_unlisted_sender = yes
    smtpd_etrn_restrictions = permit_mynetworks, reject
    smtpd_data_restrictions = permit_mynetworks, reject_unauth_pipelining, reject_multi_recipient_bounce, permit
    smtpd_tls_mandatory_ciphers = medium
    tls_medium_cipherlist = ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA
    tls_preempt_cipherlist = yes
    address_verify_negative_refresh_time = 60s
    enable_original_recipient = no
    smtpd_forbidden_commands = CONNECT,GET,POST,USER,PASS
    address_verify_sender_ttl = 15686s
    smtp_dns_support_level = dnssec
     
  8. Th0m

    Th0m ISPConfig Developer Staff Member ISPConfig Developer

    Try running the update again and reconfigure services.
     
  9. Keagan

    Keagan Member

    Sadly I cant upgrade.
    Code:
    There are no updates available for ISPConfig 3.2.1
    If you are sure you want to update to stable anyway, please use --force parameter
    DOWNGRADING MAY CAUSE ISSUES!
    
     
  10. Th0m

    Th0m ISPConfig Developer Staff Member ISPConfig Developer

    You can, with
    Code:
    ispconfig_update.sh --force
    , which is stated in the message aswell :)
     
  11. Keagan

    Keagan Member

    I am using my own config which is installed via ansible. I just need to know which configuration is handling email domain aliases in ISPConfig so I can properly setup them or change postfix/dovecot configuration .....
     
  12. Th0m

    Th0m ISPConfig Developer Staff Member ISPConfig Developer

  13. Keagan

    Keagan Member

    so I reconfigured service. Email is now not denying, but when I send email on alias domain, it does not appear in original [email protected] should not work it that way?
     
  14. Keagan

    Keagan Member

    It is working now, SSL bug on my side. Thanks for help.
     
    Th0m likes this.

Share This Page