Multiserver Environment - Postfix - Mail(PHP5)

Discussion in 'Server Operation' started by erosbk, Apr 19, 2011.

  1. erosbk

    erosbk New Member

    Hello all,

    I have a little problem... this are my servers

    webserver debian 6 (apache, php5, etc.)
    mailserver debian 6 (postfix, spamassasin, courier, etc.)

    When I try to send a mail from a webpage in webserver, it doesn't reach the mail server... I think I must change php.ini in order to contact the mailserver when function is activated... and I know I need to use a mail address belonging the website where the mail function is used...

    Could you helpme to set this up pls? I can't make php mail function work =(

    Thanks!
     
  2. erosbk

    erosbk New Member

    Ok, I installed postfix on client server. I can't make it work... I am using in webserver, the mail server as relayhosts (postfix config in client)... I will keep updated this post... when I find the solution I will make my first guide: "PHP mail with postfix in a multiserver environment with Debian 6" :p
     
  3. till

    till Super Moderator Staff Member ISPConfig Developer

    The steps are basically these:

    1) Add postfix on the webserver.
    2) set the mailserver as relayhost in postfix main.cf on the webserver.
    3) edit postfix main.cf on the mail server and add the IP of the mynetworks line, separated by a ","
     
  4. erosbk

    erosbk New Member

    Yes, thank you, that is my configuration. In the mail server log my webserver is connecting to my mailserver... all is normal in it:

    Apr 19 16:10:17 mail1 imapd: LOGOUT, user=[email protected], ip=[::ffff:192.168.1.202], headers=0, body=0, rcvd=25, sent=334, time=0
    Apr 19 16:10:17 mail1 imapd: Connection, ip=[::ffff:192.168.1.202]
    Apr 19 16:10:17 mail1 imapd: LOGIN, user=[email protected], ip=[::ffff:192.168.1.202], port=[54724], protocol=IMAP
    Apr 19 16:10:17 mail1 imapd: LOGOUT, user=[email protected], ip=[::ffff:192.168.1.202], headers=468, body=0, rcvd=311, sent=1879, time=0
    Apr 19 16:10:17 mail1 imapd: Connection, ip=[::ffff:192.168.1.202]
    Apr 19 16:10:17 mail1 imapd: LOGIN, user=[email protected], ip=[::ffff:192.168.1.202], port=[54725], protocol=IMAP
    Apr 19 16:10:17 mail1 imapd: LOGOUT, user=[email protected], ip=[::ffff:192.168.1.202], headers=0, body=0, rcvd=286, sent=1857, time=0
    Apr 19 16:10:30 mail1 imapd: Connection, ip=[::ffff:192.168.1.202]
    Apr 19 16:10:30 mail1 imapd: LOGIN, user=[email protected], ip=[::ffff:192.168.1.202], port=[54726], protocol=IMAP
    Apr 19 16:10:30 mail1 imapd: LOGOUT, user=[email protected], ip=[::ffff:192.168.1.202], headers=0, body=0, rcvd=10, sent=237, time=0
    Apr 19 16:10:30 mail1 imapd: Connection, ip=[::ffff:192.168.1.202]
    Apr 19 16:10:30 mail1 imapd: LOGIN, user=[email protected], ip=[::ffff:192.168.1.202], port=[54727], protocol=IMAP
    Apr 19 16:10:30 mail1 imapd: LOGOUT, user=[email protected], ip=[::ffff:192.168.1.202], headers=0, body=0, rcvd=33, sent=431, time=0
    Apr 19 16:10:38 mail1 imapd: Connection, ip=[::ffff:192.168.1.202]
    Apr 19 16:10:38 mail1 imapd: LOGIN, user=[email protected], ip=[::ffff:192.168.1.202], port=[54728], protocol=IMAP
    Apr 19 16:10:38 mail1 imapd: LOGOUT, user=[email protected], ip=[::ffff:192.168.1.202], headers=0, body=0, rcvd=10, sent=237, time=0
    Apr 19 16:10:59 mail1 imapd: Connection, ip=[::ffff:192.168.1.202]
    Apr 19 16:10:59 mail1 imapd: LOGIN, user=[email protected], ip=[::ffff:192.168.1.202], port=[54731], protocol=IMAP
    Apr 19 16:10:59 mail1 imapd: LOGOUT, user=[email protected], ip=[::ffff:192.168.1.202], headers=0, body=0, rcvd=10, sent=237, time=0
    Apr 19 16:11:43 mail1 imapd: Connection, ip=[::ffff:192.168.1.202]



    But, roundcube shows a message: Failed to send message

    If I change /var/lib/roundcube/config/main.inc.php specifying smtp_server, smtp_user and smtp_pass (using mailserverhosting, %u and %p) it works perfectly. I can send messages using roundcube to any mail address (but in this way, I am doing a bypass of the local postfix server). The problem is when I want to use php mail function...

    I can't right now, but I will try late at night to test php mail function with a form from a webpage hosted on my webserver... as you see, my servers are in a private lan right now, and I can't access vhosts :p

    Thanks in advance for all your help, If you need me to paste another conf files please just say it.

    Regards


    edit: I found this in the mail log (I was not doing anything, so this was automatic)

    Apr 19 16:30:12 mail1 postfix/smtp[10038]: 575922F80B3A: to=<[email protected]>, relay=web1.tectest.com.ar[192.168.1.202]:25, delay=0.09, delays=0.04/0/0/0.05, dsn=5.7.1, status=bounced (host web1.tectest.com.ar[192.168.1.202] said: 554 5.7.1 <[email protected]>: Relay access denied (in reply to RCPT TO command))
    Apr 19 16:30:12 mail1 postfix/qmgr[9763]: 575922F80B3A: removed

    Waht does it mean? Is it relationed with this? how can I solve this access denied? :p
     
    Last edited: Apr 19, 2011
  5. till

    till Super Moderator Staff Member ISPConfig Developer

    1) Which error messages do you get in the mail.log of the webserver when you use the php mail function?
    2) Has the webserver more then one IP address?
     
  6. erosbk

    erosbk New Member

    I checked the mail.log at webserver, and when I use roundcube to send mail using php mail (default if you don't specify a smtp server -leave blank-), I have NO ERROR, I have NO ACTIVITY AT ALL!!!!!!! (incredibly, as it would be contacting directly the mailserver, god!)

    This are the last lines of the log: (I tried to send mail from roundcube at 17:02)

    Apr 19 16:48:32 web1 postfix/anvil[7510]: statistics: max connection rate 2/60s for (smtp:192.168.1.203) at Apr 19 16:45:12
    Apr 19 16:48:32 web1 postfix/anvil[7510]: statistics: max connection count 1 for (smtp:192.168.1.203) at Apr 19 16:45:12
    Apr 19 16:48:32 web1 postfix/anvil[7510]: statistics: max cache size 1 at Apr 19 16:45:12
    Apr 19 17:00:01 web1 postfix/pickup[7032]: 3FE13BC14D8: uid=0 from=<root>
    Apr 19 17:00:01 web1 postfix/cleanup[7934]: 3FE13BC14D8: message-id=<[email protected]>
    Apr 19 17:00:01 web1 postfix/qmgr[7033]: 3FE13BC14D8: from=<[email protected]>, size=555, nrcpt=1 (queue active)
    Apr 19 17:00:01 web1 postfix/smtp[7958]: 3FE13BC14D8: to=<[email protected]>, orig_to=<root>, relay=192.168.1.203[192.168.1.203]:25, delay=0.46, dela$
    Apr 19 17:00:01 web1 postfix/qmgr[7033]: 3FE13BC14D8: removed
    Apr 19 17:00:11 web1 postfix/smtpd[7971]: connect from mail1.tectest.com.ar[192.168.1.203]
    Apr 19 17:00:11 web1 postfix/smtpd[7971]: NOQUEUE: reject: RCPT from mail1.tectest.com.ar[192.168.1.203]: 554 5.7.1 <[email protected]>: Relay access$
    Apr 19 17:00:11 web1 postfix/smtpd[7971]: disconnect from mail1.tectest.com.ar[192.168.1.203]
    Apr 19 17:00:11 web1 postfix/smtpd[7971]: connect from mail1.tectest.com.ar[192.168.1.203]
    Apr 19 17:00:11 web1 postfix/smtpd[7971]: NOQUEUE: reject: RCPT from mail1.tectest.com.ar[192.168.1.203]: 554 5.7.1 <[email protected]>: Relay access$
    Apr 19 17:00:11 web1 postfix/smtpd[7971]: disconnect from mail1.tectest.com.ar[192.168.1.203]



    My webserver has just one IP: 192.168.1.202
    My mailserver: 192.168.1.203

    One IP per server (I have two adapters on each, but I am just using one, eth0)


    edit: this is the content of my roundcube file, for this I think it is using php mail function... or it should be :p

    ...

    // use this host for sending mails.
    // to use SSL connection, set ssl://smtp.host.com
    // if left blank, the PHP mail() function is used
    // Use %h variable as replacement for user's IMAP hostname
    $rcmail_config['smtp_server'] = '';

    // SMTP port (default is 25; 465 for SSL)
    $rcmail_config['smtp_port'] = 25;

    // SMTP username (if required) if you use %u as the username RoundCube
    // will use the current username for login
    $rcmail_config['smtp_user'] = '';

    // SMTP password (if required) if you use %p as the password RoundCube
    // will use the current user's password for login
    $rcmail_config['smtp_pass'] = '';

    ...
     
    Last edited: Apr 19, 2011
  7. till

    till Super Moderator Staff Member ISPConfig Developer

    I assume that you configured roundcube to use "localhost" as mailserver? Then it might be that localhost is not configured correctly in /etc/hosts

    Please check that /etc/hosts contaons a line like this:

    127.0.0.1 localhost
     
  8. erosbk

    erosbk New Member

    In roundcube configuration file:
    $rcmail_config['default_host'] = 'localhost';

    I get the error: Connection to IMAP server failed

    If I use:
    $rcmail_config['default_host'] = 'mail1.tecatest.com.ar';

    I can login successfully to the mailbox

    This are my postfix conf files:
    web1.tecatest.com.ar


    # See /usr/share/postfix/main.cf.dist for a commented, more complete version


    # Debian specific: Specifying a file name will cause the first
    # line of that file to be used as the name. The Debian default
    # is /etc/mailname.
    #myorigin = /etc/mailname

    smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
    biff = no

    # appending .domain is the MUA's job.
    append_dot_mydomain = no

    # Uncomment the next line to generate "delayed mail" warnings
    #delay_warning_time = 4h

    readme_directory = /usr/share/doc/postfix

    # TLS parameters
    smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
    smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
    smtpd_use_tls=yes
    smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
    smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

    # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
    # information on enabling SSL in the smtp client.

    myhostname = web1.tecatest.com.ar
    alias_maps = hash:/etc/aliases
    alias_database = hash:/etc/aliases
    myorigin = /etc/mailname
    mydestination = mail1.tecatest.com.ar,localhost
    relayhost = 192.168.1.203
    mynetworks = 127.0.0.0/8
    mailbox_command =
    mailbox_size_limit = 0
    recipient_delimiter = +
    inet_interfaces = all
    default_transport = smtp
    relay_transport = smtp
    inet_protocols = ipv4
    html_directory = /usr/share/doc/postfix/html



    mail1.tecatest.com.ar

    # See /usr/share/postfix/main.cf.dist for a commented, more complete version


    # Debian specific: Specifying a file name will cause the first
    # line of that file to be used as the name. The Debian default
    # is /etc/mailname.
    #myorigin = /etc/mailname

    smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
    biff = no

    # appending .domain is the MUA's job.
    append_dot_mydomain = no

    # Uncomment the next line to generate "delayed mail" warnings
    #delay_warning_time = 4h

    readme_directory = /usr/share/doc/postfix

    # TLS parameters
    smtpd_tls_cert_file = /etc/postfix/smtpd.cert
    smtpd_tls_key_file = /etc/postfix/smtpd.key
    smtpd_use_tls = yes
    smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
    smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

    # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
    # information on enabling SSL in the smtp client.

    alias_maps = hash:/etc/aliases
    alias_database = hash:/etc/aliases
    myorigin = /etc/mailname
    mydestination = mail1.tecatest.com.ar, localhost, localhost.localdomain, tecatest.com.ar
    mynetworks = 127.0.0.0/8, 192.168.1.202
    mailbox_command = procmail -a "$EXTENSION"
    mailbox_size_limit = 0
    recipient_delimiter = +
    html_directory = /usr/share/doc/postfix/html
    virtual_alias_domains =
    virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, mysql:/etc/postfix/mysql-virtual_email2email.cf
    virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
    virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
    virtual_mailbox_base = /var/vmail
    virtual_uid_maps = static:5000
    virtual_gid_maps = static:5000
    smtpd_sasl_auth_enable = yes
    broken_sasl_auth_clients = yes
    smtpd_sasl_authenticated_header = yes
    smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, check_recipient_access mysql:/etc/postfix/mysql-virtual_recipient.cf, reject_un$
    smtpd_tls_security_level = may
    transport_maps = proxy:mysql:/etc/postfix/mysql-virtual_transports.cf
    relay_domains = mysql:/etc/postfix/mysql-virtual_relaydomains.cf
    relay_recipient_maps = mysql:/etc/postfix/mysql-virtual_relayrecipientmaps.cf
    proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_reci$
    smtpd_sender_restrictions = check_sender_access mysql:/etc/postfix/mysql-virtual_sender.cf
    smtpd_client_restrictions = check_client_access mysql:/etc/postfix/mysql-virtual_client.cf
    maildrop_destination_concurrency_limit = 1
    maildrop_destination_recipient_limit = 1
    maildrop_destination_recipient_limit = 1
    virtual_transport = maildrop
    header_checks = regexp:/etc/postfix/header_checks
    mime_header_checks = regexp:/etc/postfix/mime_header_checks
    nested_header_checks = regexp:/etc/postfix/nested_header_checks
    body_checks = regexp:/etc/postfix/body_checks
    content_filter = amavis:[127.0.0.1]:10024
    receive_override_options = no_address_mappings
    message_size_limit = 0
    myhostname = mail1.tecatest.com.ar
    mydomain = tecatest.com.ar


    My hosts file in web1.tecatest.com.ar is:

    127.0.0.1 localhost.localdomain localhost
    192.168.1.202 web1.tecatest.com.ar web1
    192.168.1.203 mail1.tecatest.com.ar mail1
    192.168.1.200 dns1.tecatest.com.ar dns1
    192.168.1.201 dns2.tecatest.com.ar dns2
    # The following lines are desirable for IPv6 capable hosts
    #::1 ip6-localhost ip6-loopback
    #fe00::0 ip6-localnet
    #ff00::0 ip6-mcastprefix
    #ff02::1 ip6-allnodes
    #ff02::2 ip6-allrouters


    I tried to use this script:

    <?php
    mail('[email protected]','Test mail','The mail function is working!');
    echo 'OOOOOOOKkkkkkkkkk';
    ?>

    but... I have no new mail in my mailbox [email protected] =((((((((((((((

    I don't know if php mail function is failing (maybe an config error in php.ini????) or if this is a postfix conf problem.... cry cry cry cry
     
    Last edited: Apr 19, 2011
  9. erosbk

    erosbk New Member

    Fixed and working!!!

    In order to make work Roundcube and Postfix in a multiserver environment, you must do the follow:

    1)
    Web Server: install postfix, apache and roundcube
    ---- WebServerName: webx.yourdomain.com
    ---- WebServerIP: 192.168.1.202

    Mail Server: install postfix
    ---- MailServerName: mailx.yourdomain.com
    ---- MailServerIP: 192.168.1.203

    2) In order to access the mailboxes from roundcube:

    edit /var/lib/roundcube/config/main.inc.php

    $rcmail_config['smtp_server'] = 'mailx.yourdomain.com';
    $rcmail_config['smtp_user'] = '%u';
    $rcmail_config['smtp_pass'] = '%p';

    3) In WebServer webx.yourdomain.com:

    edit /etc/postfix/main.cf

    mydestination = localhost
    relayhost = 192.168.1.203
    mynetworks = 127.0.0.0/8
    inet_interfaces = all
    inet_protocols = all

    *** in /etc/mailname
    yourdomain.com (you can use webx.yourdomain.com, and every mail sent without a domain will be [email protected])

    4) In MailServer mailx.yourdomain.com:

    myorigin = /etc/mailname
    mydestination = localhost, localhost.localdomain, mailx.yourdomain.com, webx.yourdomain.com, yourdomain.com
    mynetworks = 127.0.0.0/8, 192.168.1.202
    myhostname = mailx.yourdomain.com
    mydomain = yourdomain.com

    ****************************************

    Thanks for all!!!
     
  10. till

    till Super Moderator Staff Member ISPConfig Developer

    Dont use a domain in /etc/mailname or mydomain or mydestination that is used as email domain in ispconfig or postfix will fail. So using mail.yourdomain.com is ok while using just yourdomain.com will cause postfix errors, as postfix will route incoming emails then to Linux system users instead of virtual users.
     
  11. erosbk

    erosbk New Member

    Thanks for the advise, I know now why you where using the fqdn instead of just the domain :p

    I will change it on my servers as soon as posible!
     

Share This Page