Postfix errors

20 posts / 0 new
Last post
#1 Wed, 07/29/2015 - 00:05
siteXmedia

Postfix errors

I thought i had back ups of the server config files etc but it seems like that did not work as planned. The result is a non working postfix system on a Centos 7 server.

Can anybody assist, I have been on this for hours now

postconf -n

alias_maps = hash:/etc/aliases
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5
default_destination_concurrency_limit = 5
html_directory = no
inet_protocols = all
mailbox_command = /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
mynetworks_style = host
newaliases_path = /usr/bin/newaliases.postfix
readme_directory = /usr/share/doc/postfix-2.10.1/README_FILES
sample_directory = /usr/share/doc/postfix-2.10.1/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
smtpd_sasl_security_options = noanonymous noplaintext
smtpd_use_tls = no
unknown_local_recipient_reject_code = 550

main.cf

command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
inet_protocols = all
unknown_local_recipient_reject_code = 550
alias_maps = hash:/etc/aliases
debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
ddd $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/sbin/sendmail.postfix
newaliases_path = /usr/bin/newaliases.postfix
mailq_path = /usr/bin/mailq.postfix
setgid_group = postdrop
html_directory = no
manpage_directory = /usr/share/man
sample_directory = /usr/share/doc/postfix-2.10.1/samples
readme_directory = /usr/share/doc/postfix-2.10.1/README_FILES
smtpd_use_tls = no
smtpd_sasl_security_options = noanonymous noplaintext
default_destination_concurrency_limit = 5
smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
mynetworks_style = host
broken_sasl_auth_clients = yes
smtpd_sasl_auth_enable = yes
mailbox_command = /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME

There may be problems with dovecot butto start with I am seeing

Relay access denied

When the system accepts a connection from a mail server trying to deliver mail to user on the system.

Many thanks for any help

Wed, 07/29/2015 - 08:44
andreychek

Howdy,

Well, you'd want to make sure you have this line in there:

virtual_alias_maps = hash:/etc/postfix/virtual

That tells Postfix about your various users. You'd also need to make sure you have the referenced "virtual" file though.

-Eric

Wed, 07/29/2015 - 09:54 (Reply to #2)
siteXmedia

warning: hash:/etc/postfix/virtual is unavailable. open database /etc/postfix/virtual.db: No such file or directory

It does not look as though it is there, how do I create it please

Thanks

Wed, 07/29/2015 - 10:04
andreychek

Well, is the "virtual" file there though, and just the virtual.db is missing?

If so, you can re-generate that with this command:

postmap /etc/postfix/virtual

Wed, 07/29/2015 - 10:14
siteXmedia

It has created a virtual file, but on another system I see many domain entries at the bottom of the etc/postfix/virtual file

It is not the same on this server, there is no domain entries at the bottom of the file, should there be?

There is VIRTUAL(5) at the very bottom

Thanks

Wed, 07/29/2015 - 10:51
siteXmedia

After I removed and reinstalled both postfix and dovecot, I am now not getting any mail to the server

My new postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5
html_directory = no
inet_interfaces = localhost
inet_protocols = all
mail_owner = postfix
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
mydestination = $myhostname, localhost.$mydomain, localhost,
newaliases_path = /usr/bin/newaliases.postfix
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.10.1/README_FILES
sample_directory = /usr/share/doc/postfix-2.10.1/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtpd_recipient_restrictions = permit_inet_interfaces permit_sasl_authenticated
unknown_local_recipient_reject_code = 550
virtual_alias_maps = hash:/etc/postfix/virtual

Going round in cirlces here so can anybody advise

Many thanks

Wed, 07/29/2015 - 11:18
andreychek

Reinstalling Postfix and Dovecot while in the midst of troubleshooting them won't fix anything, it just means we need to start over :-)

I would recommend using your previous Postfix main.cf file, as it was nearly correct... the new one is missing a number of things.

As far as the "virtual" file is concerned -- if that's missing entries, that would be a problem... those are added at the time the "Mail for domain" feature is enabled.

If you don't have a backup of that file, the easiest way to re-generate those entries would be to disable "Mail for Domain", and then re-enable that.

-Eric

Wed, 07/29/2015 - 12:22
siteXmedia

I am struggling to find how to disable this, I have played with a few settings but not got it to be disable or to add the info to the virtual file.

I have replaced the main.cf with the one above and I am now getting mail servers connect but still showing disable "Relay access denied"

I also just added a new user to a domain, this was added to the etc/postfix/virtual file but on testing it also showed "Relay access denied"

Thanks

Wed, 07/29/2015 - 13:43
andreychek

Howdy,

Try going into Edit Virtual Server -> Enabled Features, and disable/re-enable Mail for Domain there.

After doing that, does it add entries into the virtual file?

-Eric

Wed, 07/29/2015 - 13:55 (Reply to #9)
siteXmedia

After removing the features it removed the name from the file, as I did it with the new name I had tested on a domain. But after adding a new user and it adding the name to the virtual file, it still had the relay problem.

I have added some records manually but they also have relay problems

Then has a problem re installing the features, I got an error messgae

Failed to modify server : No outgoing address mapping file (sender_canonical_maps) was found in your Postfix configuration!

Should I try and set up another mail service? as I really need something working soon

Thu, 07/30/2015 - 08:18
siteXmedia

My server is now accepting mail, but with problems

#main.cf#
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
inet_protocols = all
inet_interfaces = all
unknown_local_recipient_reject_code = 550
alias_maps = hash:/etc/aliases
debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
ddd $daemon_directory/$process_name $process_id & sleep 5
#
#The above two lines are "tabbed indented" but does not show on here
#
sendmail_path = /usr/sbin/sendmail.postfix
newaliases_path = /usr/bin/newaliases.postfix
mailq_path = /usr/bin/mailq.postfix
setgid_group = postdrop
html_directory = no
manpage_directory = /usr/share/man
sample_directory = /usr/share/doc/postfix-2.10.1/samples
readme_directory = /usr/share/doc/postfix-2.10.1/README_FILES
smtpd_use_tls = yes
#smtpd_sasl_security_options = noanonymous noplaintext
default_destination_concurrency_limit = 5
#
#smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination check_recipient_access hash:/etc/postfix/access reject_unknown_recipient_domain reject_unverified_recipient reject_non_fqdn_recipient reject_non_fqdn_sender reject_invalid_hostname
#
# The above has been shown to refuse emails from companies like ebay, needs to ber sorted
#
#mynetworks_style = host
broken_sasl_auth_clients = yes
mailbox_command = /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME
virtual_alias_maps = hash:/etc/postfix/virtual
mydomain = 100.mydomain.com
myorigin = $mydomain
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain, 100.mydomain.com,
disable_vrfy_command = yes
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom
smtpd_tls_cert_file = /etc/postfix/cert.pem
smtpd_tls_key_file = /etc/postfix/key.pem
sender_canonical_maps = hash:/etc/postfix/canonical

Can anybody advise if they see any problems with the above?

Mail is arriving and being put in the user folder, you can view the emails using usermin but you can not see the emails if you look in the Postfix Mail Server / User Mailboxes page /mailboxes/ I just see "No users with email were found."

Entourage mail client - I have a friend who is able to access his mail by IPhone but not on his Apple Mac using Entourage. I have not been able to visit him yet but any ideas on what has changed to stop the mail colecton from the above

Thanks

Thu, 07/30/2015 - 09:09
andreychek

Howdy,

Well, let's ignore the issue with "No users with email were found.", that may just be a setting of where Virtualmin is looking for email when performing that test.

Since it's working in Usermin and iPhone, that's good, that means your setup is good.

What error is this person seeing in Entourage? And what ports are they connecting to?

-Eric

Thu, 07/30/2015 - 10:44
siteXmedia

Not sure why he is being blocked but it is probably something to do with the increased security settings, just going to see him for a coffee and have a look in person.

Meanwhile... I have added a few more lines to the main.cf withh some comments if it will help others

#Added after#
smtpd_client_restrictions = reject_rbl_client sbl.spamhaus.org # To combat spam
smtp_host_lookup = native # to combat some error I forgot to make note of

#Added later#
transport_maps = hash:/etc/postfix/transport
queue_directory = /var/spool/postfix
data_directory = /var/lib/postfix
mail_owner = postfix
#sender_bcc_maps = hash:/etc/postfix/bcc #unavailable. open database /etc/postfix/bcc.db: No such file or directory
home_mailbox = Maildir/
smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination
mailbox_size_limit = 0
allow_percent_hack = no
milter_default_action = accept
milter_protocol = 2
smtpd_sasl_auth_enable = yes

# Some of the above were on another server I have

RESULT!!!!

After adding the above, my other problem "No users with email were found" has been corrected

The below are suggestions made from another topic on these forums - https://www.virtualmin.com/node/19714 - Kill your SPAM with this block list

#To Be Add later#
smtpd_error_sleep_time = 1s
smtpd_soft_error_limit = 3
smtpd_hard_error_limit = 2
smtpd_client_connection_count_limit = 2
smtpd_client_connection_rate_limit = 2
smtpd_client_new_tls_session_rate_limit = 2
smtpd_sasl_auth_enable = yes # Already added above
smtpd_tls_auth_only = yes

# I have not added the above lines yet, is it worth doing? The

smtpd_client_restrictions = reject_rbl_client sbl.spamhaus.org # To combat spam

Line I added seems to be doing its job but always looking to improve spam detection

Fri, 07/31/2015 - 10:13
siteXmedia

I am still unable to send mail from my home pc through my server for mike@domain.com to jimmy@xxx.net

below is the log error

Jul 31 16:00:14 yorks100 postfix/smtpd[21709]: NOQUEUE: reject: RCPT from xxxx: 454 4.7.1 : Relay access denied; from= to= proto=ESMTP helo=

My friend is able to collect mail using pop3 through port 995

Thanks

Fri, 07/31/2015 - 14:43
siteXmedia

I have just tried contacting tpnsolutions to see if they offer paid support but I got the below error

Failed to send mail : SMTP command rcpt to: support@tpnsolutions.com failed : 454 4.7.1 support@tpnsolutions.com: Relay access denied

The email was being sent from usermin on one of the domains

This problem is dragging on with no sign of being sorted out. I will keep trying as I need it to work

Fri, 07/31/2015 - 15:25
andreychek

Howdy,

When attempting to send an email from your home PC, make sure that it's configured to authenticate the outgoing email.

Not all email clients will attempt to authenticate outgoing by default.

If it's not authenticating, it will generate a "Relay access denied" error when given an email to send.

If you get stuck, and you're looking for someone to log in and take a look around, we do offer Professional Services here at Virtualmin where we could log in and figure out what's going awry.

Once logged in, it shouldn't take too long to sort out the issue you're seeing there (though we'd probably start with a fresh main.cf file). We charge $125/hour for Professional Services.

If you'd like to go that route, open up a request in the Support Tracker, and we can go over what you'd like for us to do, and we'd give you an estimate.

There are other folks here who provide similar support, including tpnsolutions. He is also cheaper than we are :-) If email isn't working, you can get ahold of him via Skype.

-Eric

Fri, 07/31/2015 - 20:46
siteXmedia

You did not understand the problem above and then want $125 an hour to fix it...

I posted that I was actually using Virtualmin when I had the problems, so I was logged into the server NOT using my PC to connect

I have a plan to resolve my issues, which involves moving back to CPanel

But it really does leave a sour taste in my mouth that you guys ask $125 ph to fix something that should be so easy to fix.

I would also like to point out that most of your documentation on your site is well out of date and does not relate to current versions of your software.

If I am wrong, please point me in the right direction of resolving my issues, without paying you $125 ph... or would that be why you choose to offer so little help on your product

I am happy to pay a decent amount for support with people that know what they are doing;, but $125 ph for people that cant resolve simple issues by forum support????.

Jog on...

Fri, 07/31/2015 - 22:12
andreychek

I thought we've been trying to help you here in the Forums for free.

I was merely offering that we could log in and fix it for you rather than troubleshooting it here if you didn't want to continue discussing it in the Forums.

If you don't want our help though I'll go help some other folks :-)

-Eric

Sat, 08/01/2015 - 18:10
siteXmedia

You could say that you have been trying to help for free...

But the problem is ongoing after 3 days.... And re reading the above posts see very little in the way of help.

It is not a case of not wanting help, unless your referring to the $125 an hour, it is that I am not getting help or I am a sure the problem would be resolved

UPDATE...

Looks like, after 3+ days and many hours studying the pros and cons of a mail server set up using postfix and dovecot, it is all fixed now.

Virtualmin / centos 7 installs dovecot version 2.2.10

Using ssl

Incomming SSL/TLS port 995 Outgoing port STARTLS 587

Would like to say thanks for the help but we all know that would be a lie...

Sat, 08/01/2015 - 19:45
andreychek

The Virtualmin forums are a place for respectful and polite technical discussion, and this is your one and only warning.

If you'd like to get help for the issues you're seeing, you're welcome to do so, but you're going to need to treat the folks here politely.

If someone didn't understand a comment you made, then you can respectfully point out the misunderstanding.

If you're more interested in treating people rudely than you are in getting help, you're going to need to go elsewhere.

-Eric

Topic locked