Hi,
I hope someone can help me with this problem. First, some background. I'm new to Webmin/Virtualmin and I have a server running CentOS 6.5 which came with Webmin installed. I then installed Virtualmin and all the associated services, and from what I've read it sounds like I did it the hard way.
I've had lots of problems getting email working along the way but now nearly everything's working with one exception. I'm using Postfix, Dovecot, Procmail and SpamAssasin and I can send and receive on my main account and send from my virtual server accounts but not receive. For example:
user@hostname.com -> delivered to user's mailbox somethingrandom@hostname.com -> delivered to hostname's mailbox user@virtualserver.com -> bounced
The error I receive is:
Apr 13 12:29:12 7838 postfix/smtpd[22276]: NOQUEUE: reject: RCPT from sendingserver.com[x.x.x.x]: 554 5.7.1 <martin@virtualserver.com>: Relay access denied; from=<martin@fromaddress.com> to=<martin@virtualserver.com> proto=ESMTP helo=<sendingserver.com>
The last few lines of /etc/postfix/main.cf are:
virtual_alias_maps = hash:/etc/postfix/virtual
canonical_maps = hash:/etc/postfix/canonical
sender_canonical_maps = hash:/etc/postfix/canonical
virtual_alias_domains =
smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated permit_inet_interfaces reject_unauth_destination
smtpd_tls_cert_file = /etc/postfix/postfix.cert.pem
smtpd_tls_key_file = /etc/postfix/postfix.key.pem
smtpd_tls_security_level = may
smtpd_tls_mandatory_ciphers = high
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
And the end of /etc/postfix/virtual looks like this:
martin@virtualserver.com martin.virtualserver
hostname@hostname.com hostname
hostname.com hostname.com
@hostname.com hostname
virtualserver.com virtualserver.com
Regardless of whether I send a message from another web server or from Thunderbird I get the same result.
If I add my virtual server domain to /etc/postfix/main.cf like this:
virtual_alias_domains = virtualserver.com
then mail to user@virtualserver.com gets delivered to hostname@hostname.com, which is a start but obviously not right.
Does anyone have any ideas?
Thanks,
Martin.
Howdy,
Hmm, are other Virtual Servers able to send email properly? Is it just this one that's having problems? Or do all Virtual Servers have that problem?
Also, what is the output of the command "postconf -n"?
The error you're receiving suggests that Postfix doesn't think it's supposed to be handling email for that domain -- but it does appear that it's listed in the virtual file.
-Eric
Hi Eric,
I only have two virtual servers set up so far - one migrated from cPanel and the other created via Virtualmin. Both can send OK but neither can receive.
Here's postconf:
alias_database = hash:/etc/aliasesalias_maps = hash:/etc/aliases
broken_sasl_auth_clients = yes
canonical_maps = hash:/etc/postfix/canonical
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
html_directory = no
inet_interfaces = all
inet_protocols = all
mail_spool_directory = /var/spool/mail
mailbox_command = /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain, test.$myhostname
mydomain = hostname.com
myhostname = hostname.com
mynetworks = 192.168.0.0/24, 127.0.0.0/8
myorigin = $mydomain
newaliases_path = /usr/bin/newaliases.postfix
readme_directory = /usr/share/doc/postfix-2.6.6/README_FILES
relay_domains =
sample_directory = /usr/share/doc/postfix-2.6.6/samples
sender_canonical_maps = hash:/etc/postfix/canonical
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated permit_inet_interfaces reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_tls_cert_file = /etc/postfix/postfix.cert.pem
smtpd_tls_key_file = /etc/postfix/postfix.key.pem
smtpd_tls_mandatory_ciphers = high
smtpd_tls_security_level = may
unknown_local_recipient_reject_code = 550
virtual_alias_domains =
virtual_alias_maps = hash:/etc/postfix/virtual
Thanks,
Martin.
I tried changing a few settings in main.cf to see if it made any difference (it didn't) but noticed this in maillog when I restarted Postfix:
warning: database /etc/postfix/virtual.db is older than source file /etc/postfix/virtualI don't know if it's relevant?
Martin.
It might be! You can fix that by running the command
postmap /etc/Postfix/virtual
That will recreate the compiled db file.
Hi,
OK, I tried that and I'm not getting the warning but mail still isn't getting through with the same "Relay access denied" error. Any other ideas?
Thanks,
Martin.
Hi again,
OK, I finally got it working and the problem was this line in /etc/postfix/virtual:
@hostname.com hostnameI've removed it and everything's working but I'm confused as to why that should mean mail sent to user@virtualdomain.com was being delivered to hostname instead?
One other question: in Webmin > Postfix > Virtual Domains I set 'Domains to perform virtual mapping for' to "From domain mapping tables" instead of a list of domains. Is that OK? The only problem seems to be this error in var/log/maillog:
Apr 26 15:57:28 7838 postfix/trivial-rewrite[19798]: warning: do not list domain hostname in BOTH mydestination and virtual_alias_domainsSo am I better off listing the domains instead?
Thanks,
Martin.
Howdy,
I'm glad you got your email delivery working!
The warning you're seeing now in the email logs is normal -- that warning is safe to ignore.
-Eric
Thanks. From what I've been reading it sounds like I should have my hostname as something.domain.com rather than domain.com so I guess that would help with the error anyway, right? If I do that should myhostname and mydomain both be set to "something.domain.com"? And then I'd setup domain.com as a virtual server?
One other question: is there any reason why I can't use that hostname ("something.domain.com") as my email incoming/outgoing server name?
(I appreciate these questions are increasingly less and less about Virtualmin but it's all new to me so I'm grateful for any help.)
Thanks, Martin.
Howdy,
I receive that notice on my own system as well, which uses "host.domain.tld" as the hostname.
I no longer remember the specific cause of that warning, but it is normal, and isn't indicating a problem.
As far as the incoming/outgoing server name, you actually can use anything you want, so long as it resolves to your own IP address.
By default, Virtualmin creates a mail.domain.tld alias for every Virtual Server that's setup, a lot of folks use those.
Another option is that if you install an SSL certificate into Dovecot/Postfix, you'd probably want to use the name that the SSL certificate is tied to.
So if your SSL certificate is "secure.example.com", you'd want to use secure.example.com as the incoming/outgoing server so that it doesn't throw an SSL warning.
-Eric
Yeah, that's the plan, to buy an SSL cert and use that for my main mail server name.
Thanks again for your help.
Martin.