ISPconfig 3

Discussion in 'Installation/Configuration' started by Christovampaynes, Jan 4, 2012.

  1. Christovampaynes

    Christovampaynes New Member

    Hello,
    Sorry for the English, because I'm from Brazil!
    I'm migrating from ISPConfig 2 to ISPconfig3 and have some questions:

    1 - ispconfig3 has in setting up the "virtusertable" and "local-host-names", these files have to create manual or ispconfig3 not need?

    2 - The file has the set of alias ISPconfig3 right through?

    thank you
     
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    1) ISPConfig does not need tehse files.
    2) There is no alias file used by ISPCOnfig 3.

    ISPConfig 2 is aLinux system user postfix setup while ispconfig 3 uses a virtual user setup based on mysql. So you will not find any of the ispconfig 2 configuration files on a ispconfig 3 server as the setup is completely different.
     
  3. Christovampaynes

    Christovampaynes New Member

    So how will that setting these parameters?

    mydestination = /etc/postfix/local-host-names
    local_recipient_maps=proxy:unix:passwd.byname $alias_maps

    virtual_maps = hash:/etc/postfix/virtusertable
     
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    The settings you posted are from a ispconfig 2 file, they can not work with ispconfig 3 as ispconfig 3 uses a virtusl user setup as I described above.

    Postfix is completely configured by the ispconfig 3 installer. Just install your new server as described in the perfect setup guide for ispconfig 3 (not the one for ispconfig 2, as thats incompatible with ispconfig 3 and ispconfig 3 van not be installed on a system that is configured for ispconfig 2) and then install ispconfig 3, the ispconfig installer will configure all config files. Dont change any settings in main.cf file manually.
     
  5. Christovampaynes

    Christovampaynes New Member

    now I understand. One more thing, these settings below can be made ​​through the ispconfig 3?

    smtpd_client_restrictions =
    permit_sasl_authenticated,
    permit_mynetworks,
    check_client_access hash:/etc/postfix/ip-access,
    reject_unauth_pipelining,
    reject_rbl_client maps_rbl_domains



    smtpd_helo_restrictions =
    permit_sasl_authenticated,
    permit_mynetworks,
    check_helo_access regexp:/etc/postfix/regras_ehlo,
    reject_invalid_hostname,
    reject_unauth_pipelining,
    reject_rhsbl_sender dsn.rfc-ignorant.org,



    smtpd_sender_restrictions =
    permit_sasl_authenticated,
    check_sender_access hash:/etc/postfix/bloqueados,
    reject_unknown_sender_domain,
    reject_unauth_pipelining,
    reject_non_fqdn_sender,
    reject_authenticated_sender_login_mismatch,
    reject_unauthenticated_sender_login_mismatch,
    reject_non_fqdn_sender,
    reject_unlisted_sender,
    reject_unauth_pipelining



    smtpd_recipient_restrictions =
    permit_sasl_authenticated,
    permit_mynetworks,
    reject_invalid_hostname,
    reject_unverified_recipient,
    reject_unknown_recipient_domain,
    reject_unauth_pipelining,
    reject_unauth_destination,
    permit
     
  6. till

    till Super Moderator Staff Member ISPConfig Developer

    Install a ispconfig setup as I described above, then verify that it works and make a backup of the main.cf file and then you can adjust settings if you think they are nescessary. If you then see that your changes dont work, then you can rollback your changes.
     
  7. Christovampaynes

    Christovampaynes New Member

    configuration that generates automatic pro ispconfig3 postfix is enough? is secure ?
     
  8. till

    till Super Moderator Staff Member ISPConfig Developer

    The base setup is enough to run a secure webserver, but of course you can always configure it stricter. Most settings that you posted above are spam control settings and not security settings, if you want to add some of them additionally to the ispconfig base or not depends on your companys antispam policys and which users you want to block or not and if you can afford to block legetimate emails without content inspections from servers that have not a fully compliant configuration.

    If you dont install ispconfig 3, you will not see the config that it generates ;)
     
  9. Christovampaynes

    Christovampaynes New Member

    already installed from this how, "http://www.howtoforge.com/perfect-server-ubuntu-11.10-ispconfig-3-p6", the settings I posted are of the same SPAM, you have any tips for extra security? or some point that should be given more attention?
     
  10. Christovampaynes

    Christovampaynes New Member

    hello, as I create a reverse zone? adiconar need manual? in the primary zone is necessary to add a PTR record?
    thank you
     
  11. falko

    falko Super Moderator ISPConfig Developer

    Normally you tell your hoster to create a PTR record for you (unless you own the IP subnet).
     
  12. Christovampaynes

    Christovampaynes New Member

    ok Falko, I created a new zone and just added the PTR records. Thank you!
     
  13. Christovampaynes

    Christovampaynes New Member

    I returned a database ispconfig3 through phpmyadmin, only that the data is not in linux, but ispconfig3 appear, is to run some script so that these data are added in linux?
     
    Last edited: Jan 18, 2012
  14. Christovampaynes

    Christovampaynes New Member

    Hello, there is some peculiarity in ispconfig3 to configure with Outlook? signed up as a User in Outlook and is asking for password when sending mail, he's getting!


    Jan 25 09:21:30 postfix/trivial-rewrite[24476]: warning: do not list domain mydomain.com.br in BOTH mydestination and virtual_mailbox_domains
    Jan 25 09:21:30 postfix/smtpd[24471]: AB31F2800B9: client=unknown[192.168.1.19]
    Jan 25 09:21:30 postfix/cleanup[24478]: AB31F2800B9: message-id=<000501ccdb53$c12026a0$436073e0$@com>
    Jan 25 09:21:30 postfix/qmgr[24452]: AB31F2800B9: from=<[email protected]>, size=3665, nrcpt=1 (queue active)
    Jan 25 09:21:30 amavis[1589]: (01589-11) NOTICE: reconnecting in response to: err=2006, HY000, DBD::mysql::st execute failed: MySQL server has gone away at (eval 105) line 166, <GEN123> line 5.
    Jan 25 09:21:33 postfix/smtpd[24471]: disconnect from unknown[192.168.1.19]
    Jan 25 09:21:48 postfix/smtpd[24484]: connect from localhost.localdomain[127.0.0.1]
    Jan 25 09:21:48 postfix/trivial-rewrite[24476]: warning: do not list domain mydomain.com.br in BOTH mydestination and virtual_mailbox_domains
    Jan 25 09:21:48 postfix/smtpd[24484]: EEBAB2800BA: client=localhost.localdomain[127.0.0.1]
    Jan 25 09:21:48 postfix/cleanup[24478]: EEBAB2800BA: message-id=<000501ccdb53$c12026a0$436073e0$@com>
    Jan 25 09:21:48 postfix/smtpd[24484]: disconnect from localhost.localdomain[127.0.0.1]
    Jan 25 09:21:48 postfix/qmgr[24452]: EEBAB2800BA: from=<[email protected]>, size=4163, nrcpt=1 (queue active)
    Jan 25 09:21:48 postfix/trivial-rewrite[24476]: warning: do not list domain mydomain.com.br in BOTH mydestination and virtual_mailbox_domains
    Jan 25 09:21:48 morpheus amavis[1589]: (01589-11) Passed CLEAN, LOCAL [192.168.1.19] [192.168.1.19] <[email protected]> -> <[email protected]>, Message-ID: <000501ccdb53$c12026a0$436073e0$@com>, mail_id: 0gUay2QkhRm9, Hits: -0.999, size: 3665, queued_as: EEBAB2800BA, 18229 ms
    Jan 25 09:21:48 morpheus postfix/local[24485]: EEBAB2800BA: to=<[email protected]>, relay=local, delay=0.01, delays=0/0.01/0/0, dsn=2.0.0, status=sent (delivered to mailbox)
    Jan 25 09:21:48 morpheus postfix/qmgr[24452]: EEBAB2800BA: removed
    Jan 25 09:21:48 morpheus postfix/smtp[24479]: AB31F2800B9: to=<[email protected]>, relay=127.0.0.1[127.0.0.1]:10024, delay=18, delays=0.06/0.01/0/18, dsn=2.0.0, status=sent (250 2.0.0 from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as EEBAB2800BA)
    Jan 25 09:21:48 morpheus postfix/qmgr[24452]: AB31F2800B9: removed

    then get this Message in Outlook


    His message was not received by one or more of the recipients.

    Assunto: testeww
    Enviada em: 25/01/2012 09:40

    Não é possível encontrar os seguintes destinatários:

    '[email protected]' em 25/01/2012 09:40
    554 5.7.1 <[email protected]>: Relay access denied
     
    Last edited: Jan 25, 2012
  15. iceman

    iceman New Member

    MS Outlook

    you shoud change following option in your Outlook settings:
    1) "my outgoing server (SMTP) requires authentication"
    2) "use same settings as my incoming mail server"
     

    Attached Files:

  16. Christovampaynes

    Christovampaynes New Member

    Thanks Iceman,
    I had already done so, and he keeps asking me password!
    I do not know if it's because of Warnings that are appearing in the logs ..
    suddenly miss something

    Jan 25 09:21:48 postfix/trivial-rewrite[24476]: warning: do not list domain mydomain.com.br in BOTH mydestination and virtual_mailbox_domains

    if I select this option in Outlook I get this Message logs:

    Jan 25 10:24:20 postfix/smtpd[27727]: warning: unknown[192.168.1.19]: SASL LOGIN authentication failed: no mechanism available
    Jan 25 10:24:20 postfix/smtpd[27727]: lost connection after AUTH from unknown[192.168.1.19]
    Jan 25 10:24:20 postfix/smtpd[27727]: disconnect from unknown[192.168.1.19]
     
    Last edited: Jan 25, 2012
  17. iceman

    iceman New Member

    MS Outlook

    how about this part?
     

    Attached Files:

  18. iceman

    iceman New Member

    Message logs

    Forget about message logs for now! :)
     
  19. Christovampaynes

    Christovampaynes New Member

  20. iceman

    iceman New Member

    Best of luck then. :)
     

Share This Page