Lost Email Catch All Settings

Discussion in 'Installation/Configuration' started by Marwan Kandeel, Apr 24, 2019.

  1. Marwan Kandeel

    Marwan Kandeel New Member

    Hi,

    I have catch all configured for some of my domains. It was working perfectly. Till yesterday. I decided to do some changes on postfix and dovecot. Now catch all do not work. Any help please?

    Postfix config:


    # See /usr/share/postfix/main.cf.dist for a commented, more complete version


    # Debian specific: Specifying a file name will cause the first
    # line of that file to be used as the name. The Debian default
    # is /etc/mailname.
    #myorigin = /etc/mailname

    smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
    biff = no

    # appending .domain is the MUA's job.
    append_dot_mydomain = no

    # Uncomment the next line to generate "delayed mail" warnings
    #delay_warning_time = 4h

    readme_directory = /usr/share/doc/postfix

    # TLS parameters
    #smtpd_tls_cert_file = /etc/postfix/smtpd.cert
    #smtpd_tls_key_file = /etc/postfix/smtpd.key
    #smtpd_tls_cert_file = /etc/ssl/private/fullchain.pem
    smtpd_tls_cert_file = /etc/letsencrypt/live/mail.domain.tld/fullchain.pem
    #smtpd_tls_key_file = /etc/ssl/private/privkey.pem
    smtpd_tls_key_file = /etc/letsencrypt/live/mail.domain.tld/privkey.pem
    smtpd_tls_CAfile = /etc/postfix/cert//etc/letsencrypt/live/mail.domain.tld/chain.pem
    smtpd_use_tls = yes
    smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
    smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

    # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
    # information on enabling SSL in the smtp client.

    readme_directory = /usr/share/doc/postfix

    # TLS parameters
    #smtpd_tls_cert_file = /etc/postfix/smtpd.cert
    #smtpd_tls_key_file = /etc/postfix/smtpd.key
    #smtpd_tls_cert_file = /etc/ssl/private/fullchain.pem
    smtpd_tls_cert_file = /etc/letsencrypt/live/mail.domain.tld/fullchain.pem
    #smtpd_tls_key_file = /etc/ssl/private/privkey.pem
    smtpd_tls_key_file = /etc/letsencrypt/live/mail.domain.tld/privkey.pem
    smtpd_tls_CAfile = /etc/postfix/cert//etc/letsencrypt/live/mail.domain.tld/chain.pem
    smtpd_use_tls = yes
    smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
    smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

    # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
    # information on enabling SSL in the smtp client.

    smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
    myhostname = mail1.domain.tld
    alias_maps = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
    alias_database = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
    myorigin = /etc/mailname
    mydestination = mail1.domain.tld, localhost, localhost.localdomain
    relayhost =
    mynetworks = 127.0.0.0/8 [::1]/128
    mailbox_size_limit = 0
    recipient_delimiter = +
    inet_interfaces = all
    inet_protocols = all
    html_directory = /usr/share/doc/postfix/html
    virtual_alias_domains =
    virtual_alias_maps = hash:/var/lib/mailman/data/virtual-mailman, proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, proxy:mysql:/etc/postfi$
    virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
    GNU nano 2.5.3 File: /etc/postfix/main.cf

    smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
    myhostname = mail1.domain.tld
    alias_maps = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
    alias_database = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
    myorigin = /etc/mailname
    mydestination = mail1.domain.tld, localhost, localhost.localdomain
    relayhost =
    mynetworks = 127.0.0.0/8 [::1]/128
    mailbox_size_limit = 0
    recipient_delimiter = +
    inet_interfaces = all
    inet_protocols = all
    html_directory = /usr/share/doc/postfix/html
    virtual_alias_domains =
    virtual_alias_maps = hash:/var/lib/mailman/data/virtual-mailman, proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, proxy:mysql:/etc/postfi$
    virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
    virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
    virtual_mailbox_base = /var/vmail
    virtual_uid_maps = mysql:/etc/postfix/mysql-virtual_uids.cf
    virtual_gid_maps = mysql:/etc/postfix/mysql-virtual_gids.cf
    smtpd_sasl_auth_enable = yes
    broken_sasl_auth_clients = yes
    smtpd_sasl_authenticated_header = yes
    smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, check_recipient_access mysql:/etc/postf$
    smtpd_tls_security_level = may
    transport_maps = hash:/var/lib/mailman/data/transport-mailman, proxy:mysql:/etc/postfix/mysql-virtual_transports.cf
    relay_domains = mysql:/etc/postfix/mysql-virtual_relaydomains.cf
    relay_recipient_maps = mysql:/etc/postfix/mysql-virtual_relayrecipientmaps.cf
    proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $sender_bcc_maps $virtual_mailbox_maps $virtu$
    smtpd_sender_restrictions = check_sender_access regexp:/etc/postfix/tag_as_originating.re , permit_mynetworks, permit_sasl_authenticated, check$
    smtpd_client_restrictions = check_client_access mysql:/etc/postfix/mysql-virtual_client.cf
    smtpd_client_message_rate_limit = 100
    maildrop_destination_concurrency_limit = 1

    virtual_mailbox_base = /var/vmail
    virtual_uid_maps = mysql:/etc/postfix/mysql-virtual_uids.cf
    virtual_gid_maps = mysql:/etc/postfix/mysql-virtual_gids.cf
    smtpd_sasl_auth_enable = yes
    broken_sasl_auth_clients = yes
    smtpd_sasl_authenticated_header = yes
    smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, check_recipient_access mysql:/etc/postf$
    smtpd_tls_security_level = may
    transport_maps = hash:/var/lib/mailman/data/transport-mailman, proxy:mysql:/etc/postfix/mysql-virtual_transports.cf
    relay_domains = mysql:/etc/postfix/mysql-virtual_relaydomains.cf
    relay_recipient_maps = mysql:/etc/postfix/mysql-virtual_relayrecipientmaps.cf
    proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $sender_bcc_maps $virtual_mailbox_maps $virtu$
    smtpd_sender_restrictions = check_sender_access regexp:/etc/postfix/tag_as_originating.re , permit_mynetworks, permit_sasl_authenticated, check$
    smtpd_client_restrictions = check_client_access mysql:/etc/postfix/mysql-virtual_client.cf
    smtpd_client_message_rate_limit = 100
    maildrop_destination_concurrency_limit = 1
    maildrop_destination_recipient_limit = 1
    virtual_transport = dovecot
    header_checks = regexp:/etc/postfix/header_checks
    mime_header_checks = regexp:/etc/postfix/mime_header_checks
    nested_header_checks = regexp:/etc/postfix/nested_header_checks
    body_checks = regexp:/etc/postfix/body_checks
    owner_request_special = no
    smtp_tls_security_level = may
    smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
    smtpd_tls_protocols = !SSLv2,!SSLv3
    smtp_tls_protocols = !SSLv2,!SSLv3
    dovecot_destination_recipient_limit = 1
    smtpd_sasl_type = dovecot
    smtpd_sasl_path = private/auth
    message_size_limit = 0
    smtpd_milters = inet:127.0.0.1:12345
    milter_connect_macros = j {daemon_name} {client_connections} {client_addr} {client_ptr} v
    virtual_transport = dovecot
    header_checks = regexp:/etc/postfix/header_checks
    mime_header_checks = regexp:/etc/postfix/mime_header_checks
    nested_header_checks = regexp:/etc/postfix/nested_header_checks
    body_checks = regexp:/etc/postfix/body_checks
    owner_request_special = no
    smtp_tls_security_level = may
    smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
    smtpd_tls_protocols = !SSLv2,!SSLv3
    smtp_tls_protocols = !SSLv2,!SSLv3
    dovecot_destination_recipient_limit = 1
    smtpd_sasl_type = dovecot
    smtpd_sasl_path = private/auth
    message_size_limit = 0
    smtpd_milters = inet:127.0.0.1:12345
    milter_connect_macros = j {daemon_name} {client_connections} {client_addr} {client_ptr} v
    milter_default_action = accept
    content_filter = amavis:[127.0.0.1]:10024
    receive_override_options = no_address_mappings
    sender_bcc_maps = proxy:mysql:/etc/postfix/mysql-virtual_outgoing_bcc.cf
    smtpd_restriction_classes = greylisting
    greylisting = check_policy_service inet:127.0.0.1:10023
    smtpd_sender_login_maps = proxy:mysql:/etc/postfix/mysql-virtual_sender_login_maps.cf
    smtpd_helo_required = yes
    smtpd_helo_restrictions = permit_sasl_authenticated, permit_mynetworks, check_helo_access regexp:/etc/postfix/helo_access, reject_invalid_hostn$
    smtpd_tls_exclude_ciphers = RC4, aNULL
    smtp_tls_exclude_ciphers = RC4, aNULL


    smtp_tls_note_starttls_offer = yes
    smtpd_tls_loglevel = 1
    smtpd_tls_received_header = yes
     
  2. Marwan Kandeel

    Marwan Kandeel New Member

    Dovecot config:

    ##
    ## SSL settings
    ##

    # SSL/TLS support: yes, no, required. <doc/wiki/SSL.txt>
    ssl = required

    # PEM encoded X.509 SSL/TLS certificate and private key. They're opened before
    # dropping root privileges, so keep the key file unreadable by anyone but
    # root. Included doc/mkcert.sh can be used to easily generate self-signed
    # certificate, just make sure to update the domains in dovecot-openssl.cnf
    ssl_cert = </etc/letsencrypt/live/mail.domain.tld/fullchain.pem
    ssl_key = </etc/letsencrypt/live/mail.domain.tld/privkey.pem

    # If key file is password protected, give the password here. Alternatively
    # give it when starting dovecot with -p parameter. Since this file is often
    # world-readable, you may want to place this setting instead to a different
    # root owned 0600 file by using ssl_key_password = <path.
    #ssl_key_password =

    # PEM encoded trusted certificate authority. Set this only if you intend to use
    # ssl_verify_client_cert=yes. The file should contain the CA certificate(s)
    # followed by the matching CRL(s). (e.g. ssl_ca = </etc/ssl/certs/ca.pem)
    #ssl_ca =

    # Require that CRL check succeeds for client certificates.
    #ssl_require_crl = yes

    # Directory and/or file for trusted SSL CA certificates. These are used only
    # when Dovecot needs to act as an SSL client (e.g. imapc backend). The
    # directory is usually /etc/ssl/certs in Debian-based systems and the file is
    # /etc/pki/tls/cert.pem in RedHat-based systems.
    #ssl_client_ca_dir =

    # root owned 0600 file by using ssl_key_password = <path.
    #ssl_key_password =

    # PEM encoded trusted certificate authority. Set this only if you intend to use
    # ssl_verify_client_cert=yes. The file should contain the CA certificate(s)
    # followed by the matching CRL(s). (e.g. ssl_ca = </etc/ssl/certs/ca.pem)
    #ssl_ca =

    # Require that CRL check succeeds for client certificates.
    #ssl_require_crl = yes

    # Directory and/or file for trusted SSL CA certificates. These are used only
    # when Dovecot needs to act as an SSL client (e.g. imapc backend). The
    # directory is usually /etc/ssl/certs in Debian-based systems and the file is
    # /etc/pki/tls/cert.pem in RedHat-based systems.
    #ssl_client_ca_dir =
    #ssl_client_ca_file =

    # Request client to send a certificate. If you also want to require it, set
    # auth_ssl_require_client_cert=yes in auth section.
    #ssl_verify_client_cert = no

    # Which field from certificate to use for username. commonName and
    # x500UniqueIdentifier are the usual choices. You'll also need to set
    # auth_ssl_username_from_cert=yes.
    #ssl_cert_username_field = commonName

    # DH parameters length to use.
    #ssl_dh_parameters_length = 1024

    # SSL protocols to use
    ssl_protocols = !SSLv2 !SSLv3

    # SSL ciphers to use
    #ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL

    # Prefer the server's order of ciphers over client's.
    #ssl_prefer_server_ciphers = no

    # SSL crypto device to use, for valid values run "openssl engine"
    #ssl_crypto_device =
     
  3. Jesse Norell

    Jesse Norell Well-Known Member

    What settings did you change?
     
  4. Marwan Kandeel

    Marwan Kandeel New Member

    Too many actuallyy to mention :D
     
  5. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    Restore the old working settings and check it works now.
    Then do the changes you want to do one by one, checking after each change.
    If you want to know how the configuration files have changed get from backup the old copy and the new, then compare them with diff-command. Better yet, install meld on your workstation and compare the files there, it shows the differences very nicely. Meld is likely available in Linux distro repositories, or from http://meldmerge.org/ .
     

Share This Page