Postfix bounces all incoming mail. No local delivery.

14 posts / 0 new
Topic locked
Last post
#1 Fri, 07/15/2011 - 07:21
thetitan

Postfix bounces all incoming mail. No local delivery.

Hello,

I spent all day yesterday trying to figure this out. I have a feeling that is something very simple. I am just not seeing it.

I set up a new box - Ubuntu 10.04. The mail system is Postfix, Dovecot, SpamAssasin and ClamAV. Virtualmin is setup to configure virus/spam filtering per user.

Here are the contents of /etc/procmailrc

LOGFILE=/var/log/procmail.log
TRAP=/etc/webmin/virtual-server/procmail-logger.pl
:0wi
VIRTUALMIN=|/etc/webmin/virtual-server/lookup-domain.pl $LOGNAME
EXITCODE=$?
:0
* ?/usr/bin/test "$EXITCODE" = "73"
/dev/null
EXITCODE=0
:0
* ?/usr/bin/test "$VIRTUALMIN" != ""
{
INCLUDERC=/etc/webmin/virtual-server/procmail/$VIRTUALMIN
}
ORGMAIL=$HOME/Maildir/
DEFAULT=$HOME/Maildir/
DROPPRIVS=yes

I have determined that:

  • Mail clients can connect to the server and download existing messages in the mail boxes (I synced the mail boxes to the ones on my old server - CentOS 5.2).
  • I can send outgoing mail.
  • Local mail is sent, but not received and there is no bounce message.
  • All external mail bounces with the following message:

The mail system

<support.theclient.com@ops01.thesystem.com> (expanded from
    <support@theclient.com>): unknown user: "support.theclient.com" Reporting-MTA: dns; ops01.thesystem.com
X-Postfix-Queue-ID: 9FEC910C16D7
X-Postfix-Sender: rfc822; theclient@live.com
Arrival-Date: Fri, 15 Jul 2011 06:48:33 -0500 (CDT)

Final-Recipient: rfc822; support.theclient.com@ops01.thesystem.com
Original-Recipient: rfc822;support@theclient.com
Action: failed
Status: 5.1.1
Diagnostic-Code: X-Postfix; unknown user: "support.theclient.com"

The mailboxes are not virtual they are also users on the system. I am able to login via Dovecot and download messages. It just that something is preventing Postfix from seeing the mail account/user.

The is the output from:

hostname ops01.thesystem.com hostname -f ops01.thesystem.com hostname -s ops01

grep myhostname /etc/postfix/main.cf

smtpd_banner = $myhostname ESMTP
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
relay_domains = $myhostname, localhost.$mydomain, localhost, $mydomain

postconf -n

alias_maps = hash:/etc/aliases
biff = no
broken_sasl_auth_clients = yes
canonical_maps = hash:/etc/postfix/canonical
config_directory = /etc/postfix
deliver_lock_delay = 3s
disable_vrfy_command = yes
fork_delay = 3s
header_checks = regexp:/etc/postfix/header_checks
header_size_limit = 5242880
home_mailbox = Maildir/
ipc_idle = 60s
mail_spool_directory = /var/spool/mail
mailbox_command = /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME
mailbox_size_limit = 52428800
message_size_limit = 15728640
minimal_backoff_time = 1000s
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
mynetworks = 127.0.0.0/8, 71.23.160.130, 67.159.45.42, 97.16.50.186
myorigin = /etc/mailname
qmgr_message_active_limit = 1000
qmgr_message_recipient_limit = 2000
queue_run_delay = 1000s
readme_directory = no
recipient_canonical_maps = hash:/etc/postfix/recipient_canonical
recipient_delimiter = .
relay_domains = $myhostname, localhost.$mydomain, localhost, $mydomain
relocated_maps = hash:/etc/postfix/relocated
sender_bcc_maps = hash:/etc/postfix/bcc
sender_canonical_maps = hash:/etc/postfix/sender_canonical
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP
smtpd_client_restrictions = permit_mynetworks permit_inet_interfaces reject_unknown_reverse_client_hostname
smtpd_error_sleep_time = 10s
smtpd_hard_error_limit = 20
smtpd_helo_required = yes
smtpd_recipient_restrictions = permit_mynetworks permit_inet_interfaces reject_unknown_reverse_client_hostname permit_sasl_authenticated reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/sender_access
smtpd_timeout = 300s
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
transport_maps = hash:/etc/postfix/transport
virtual_alias_maps = hash:/etc/postfix/virtual
Fri, 07/15/2011 - 08:31
Locutus

To me it looks like your postconf is missing the "myhostname" and "mydomain" entries, so postfix does not know what is your local domains.

In mine, there's no such placeholders by the way, but the hostname is directly written there. Relevant parts follow:

myhostname = orion.tianet.de
myorigin = /etc/mailname
mydestination = orion.tianet.de, localhost.tianet.de, , localhost
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_command = /usr/bin/procmail-wrapper -o -a $DOMAIN -a "$EXTENSION" -d $LOGNAME
home_mailbox = Maildir/
Fri, 07/15/2011 - 08:38
andreychek

Howdy,

Hmm, a few questions for you --

  • If you go into System Settings -> Re-Check Config, does everything check out okay?

  • In your above example, it's trying to deliver to a user named "support.theclient.com". Is there a user on your system with that name? That is, if you run "id support.theclient.com", do you see a uid and gid for that user, or do you get an error about the user not existing?

Actually, that's enough for the moment... I have some more questions based on the answers to the above :-)

-Eric

Fri, 07/15/2011 - 09:00
thetitan

@Locutus, My settings are bit more broad, because the system serves multiple domains.

@Eric, The config check is all good. It has been good the whole time. In the past it has helped me resolve issue, but this time is does not report any problems.

Regarding the user. When I go to System > Users and Group, I can see the user and its id 1020. When I execute "id support.theclient.com" the system reports the same: uid=1020(support.theclient.com) gid=1016(theclient.com) groups=1016(theclient.com) I can login into Usermin, via mail client, sync mailboxes, send out.

Fri, 07/15/2011 - 09:14
andreychek

In theory -- your mydestination should be okay. However, Locutus is right that it would normally explicitly list your server's hostname.

The mydestination line is just a list of names for which your server receives deliveries -- adding a name there wouldn't break anything that currently works.

Just as a troubleshooting step, I'd recommend adding "ops01.thesystem.com" to the end of that mydestination line in your main.cf, and restarting Postfix.

I don't think it'll fix it (the error message for that particular problem is usually different), but it's worth a try :-)

Also, having the recipient_canonical_maps set is a non-default... it's possible a setting within those maps could be causing the trouble you're seeing.

You might want to temporarily comment out the line beginning with "recipient_canonical_maps" and restart Postfix, just to verify that things don't spring to life afterwards.

-Eric

Fri, 07/15/2011 - 09:36
thetitan

I made the changes, but the problem remains. Still the same error.

By the way, I know this is an old topic, but do you remember what you did for this person - https://www.virtualmin.com/node/11123 - at the very end?

Fri, 07/15/2011 - 10:25
andreychek

I know this is an old topic, but do you remember what you did for this person

I was originally going to say "I have no idea", but after doing some digging, I dug up an email I sent afterwards explaining what I changed.

In summary:

  1. The hostname was a domain (like domain.tld), not a FQDN (like host.domain.tld) -- this isn't true in your case.

  2. The domain had a Virtual Server setup for it -- and that Virtual Server had a catchall that was forwarding email elsewhere. That was causing all email to bounce. If your hostname is "ops01.thesystem.com", I'd recommend making sure that there isn't a Virtual Server of the same name. That can cause trouble :-)

  3. In /etc/hosts, the server's hostname was listed next to 127.0.0.1. Instead, it should be next to the server's public IP address.

    -Eric

Fri, 07/15/2011 - 10:39 (Reply to #7)
thetitan

On the system I have a virtual server for thesystem.com, ONLY. But I do have a DNS entry for ops01.thesystem.com Also, in the host file, ops01.thesystem.com is set for the external IP address.

Overall, I pretty much replicated the configuration from the old server to the new server. I did not copy the config files. I just went page by page between the to servers and matched, where applicable, the configuration. The post fix settings between the two machines are almost identical, but I do not remember the old server ever having this problem.

Fri, 07/15/2011 - 11:07
andreychek

Well, I'm not sure what specifically is causing the trouble.

I notice that your Postfix config has some non-default things in it... you should certainly be able to make various edits and changes to that, many folks do.

But, when seeing the problems you're seeing -- you may want to start whittle things out of there, working your way towards a default Postfix config, to see if something in there is causing the problem you're having.

I'm looking at a new Ubuntu install here, and it looks like your Postfix config has 16 lines in it that a default installation doesn't contain. That may or may not be the actual problem, but it's worth looking into it :-)

Here is what a default setup looks like -- if you were to change the mydestination line, but otherwise use the rest of this as-is... does that work for you?

If so, you could start adding in your changes one at a time until you begin having that problem again.

alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
allow_percent_hack = no
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
home_mailbox = Maildir/
inet_interfaces = all
mailbox_command = /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME
mailbox_size_limit = 0
mydestination = domain.tld, localhost.localdomain, localhost, hostname.domain.tld
myhostname = ubuntu.domain.tld
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
readme_directory = no
recipient_delimiter = +
relayhost =
sender_bcc_maps = hash:/etc/postfix/bcc
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
virtual_alias_maps = hash:/etc/postfix/virtual
Fri, 07/15/2011 - 13:36
thetitan

Eric,

Resetting to the default worked. Mail is coming through, both external and local. The Postfix version on the old server is 2.3, on the new one 2.7. So something has changed.

I will update here once I pinpoint the problem.

Eric. Thank you so much for your time. I really appreciate it.

Fri, 07/15/2011 - 14:37
thetitan

I pinpoint the problem to recipient_delimiter.

The default for the Ubuntu setup is recipient_delimiter = + On my old CentOS setup I did not use this parameter. On this system, when I saw that it was used, I changed it to recipient_delimiter = ., because I have configured Virtualmin to format user accounts with . when appending the domain.

When I remove the parameter or change it back to + mail is delivered normally.

Eric, thank you again for your help.

Fri, 07/15/2011 - 14:43
andreychek

Hey, that's great, I'm glad you figured it out!

Thanks for the update.

Have a good weekend!

-Eric

Fri, 07/15/2011 - 19:20
thetitan

Thank you Eric. You too.

Regards,

Alexandar

Fri, 07/15/2011 - 19:32
thetitan

Thank you Eric. You too.

Regards,

Alexandar

EDIT: sorry for the double post. The page crashed and the reload resubmitted the form. If you want, just delete this post.

Topic locked