Problem: Mail is being forwarded to root

Discussion in 'Installation/Configuration' started by DaFux, Feb 16, 2009.

  1. DaFux

    DaFux New Member

    I am running ISPConfig (latest stable version) with postfix (maildir is checked). Under Admin I have created one reseller, no clients no sites.

    The single reseller has 3 clients and a long list of sites.

    Now, this is what happens: For most of the sites (but not all of them) their mails get auto-forwarded to site#1. The original receipient gets no mail at all.

    This is how the mail headers look like:

    Return-Path: <[email protected]>
    X-Original-To: [email protected]
    Delivered-To: [email protected]
    Received: from SendersHost (senders.host.com [senders.ip])
    by client1.com (Postfix) with ESMTP id 15CDC1EECC72
    for <[email protected]>; Mon, 16 Feb 2009 11:26:20 +0100 (CET)
    From: "sender.com" <[email protected]>
    To: <[email protected]>
    Subject: test
    Date: Mon, 16 Feb 2009 11:26:19 +0100
    Message-ID: <001101c99021$01e894f0$05b9bed0$@com>
    MIME-Version: 1.0
    X-Security: message sanitized on MyServer
    See http://www.impsec.org/email-tools/sanitizer-intro.html
    for details. $Revision: 1.151 $Date: 2006-01-20 07:29:24-08
    X-Security: The postmaster has not enabled quarantine of poisoned messages.
    Content-Type: multipart/alternative;
    boundary="----=_NextPart_000_0012_01C99029.63ACFCF0"
    X-Mailer: Microsoft Office Outlook 12.0
    Thread-Index: AcmQIQF/7FZ1aTN7Sjm612QjJyHcqw==
    X-Virus-Status: No
    X-Virus-Checker-Version: clamassassin 1.2.4 with clamscan / ClamAV 0.94/8995/Mon Feb 16 04:40:05 2009

    In this example, mail was sent to [email protected] but was actually delivered to [email protected]. This is very weird, I cannot find any reason for this behaviour.

    Btw: [email protected] is defined in ISP User / User & Email. CatchAll-Email is checked, all the rest is default.

    /var/log/mail.log contains:

    Feb 16 11:26:19 MyServer postfix/smtpd[27523]: connect from senders.host.com[senders.ip]
    Feb 16 11:26:20 MyServer postfix/smtpd[27523]: 15CDC1EECC72: client=senders.host.com[senders.ip], sasl_method=LOGIN, sasl_username=web5_admin
    Feb 16 11:26:20 MyServer postfix/cleanup[27527]: 15CDC1EECC72: message-id=<001101c99021$01e894f0$05b9bed0$@com>
    Feb 16 11:26:20 MyServer postfix/qmgr[21656]: 15CDC1EECC72: from=<[email protected]>, size=2670, nrcpt=1 (queue active)
    Feb 16 11:26:20 MyServer postfix/pickup[27242]: 529101EECD0A: uid=10001 from=<web4_admin>
    Feb 16 11:26:20 MyServer postfix/cleanup[27527]: 529101EECD0A: message-id=<[email protected]>
    Feb 16 11:26:20 MyServer postfix/qmgr[21656]: 529101EECD0A: from=<[email protected]>, size=384, nrcpt=1 (queue active)
    Feb 16 11:26:20 MyServer postfix/local[27545]: 529101EECD0A: to=<[email protected]>, relay=local, delay=0.07, delays=0.03/0.01/0/0.02, dsn=2.0.0, status=sent (delivered to command: /usr/bi
    n/procmail -f-)
    Feb 16 11:26:20 MyServer postfix/qmgr[21656]: 529101EECD0A: removed
    Feb 16 11:26:22 MyServer postfix/smtpd[27523]: disconnect from senders.host.com[senders.ip]
    Feb 16 11:26:23 MyServer postfix/local[27528]: 15CDC1EECC72: to=<[email protected]>, orig_to=<[email protected]>, relay=local, delay=3.1, delays=0.24/0.01/0/2.8, dsn=2.0.0, status=sent (delivered
    to command: /usr/bin/procmail -f-)
    Feb 16 11:26:23 MyServer postfix/qmgr[21656]: 15CDC1EECC72: removed
    Feb 16 11:26:51 MyServer courierpop3login: Connection, ip=[::ffff:senders.ip]

    Usually the problem sits in front of the computer - but I can't find the mistake I made. Can anybody help?

    Regards
    DaFux
     
    Last edited: Mar 2, 2009
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    Take a look in your aliases file, some linux distributions put there default aliases that forward emails to root. Remove the lines that you dont need and run the newaliases command.
     
  3. DaFux

    DaFux New Member

    Sorry for my late reply - didn't see there was a message...

    I already checked that - aliases just contains the standards (and even them I removed for testing - no change).

    Address reqwriting and masquerading is also off.

    I have checked everything and ust can't find the problem.
     
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    is the domain of this site the same then the hostname of your server?
     
  5. DaFux

    DaFux New Member

    No, domain and hostname are not the same. The hostname is a unique name which does not appear in my domain names...
     
  6. falko

    falko Super Moderator Howtoforge Staff

    What's in /etc/postfix/main.cf, /etc/postfix/local-host-names, and /etc/postfix/virtusertable?
     
  7. DaFux

    DaFux New Member

    /etc/postfix/main.cf

    #myorigin = /etc/mailname
    smtpd_banner = $myhostname ESMTP
    biff = no
    # appending .domain is the MUA's job.
    append_dot_mydomain = no
    # Uncomment the next line to generate "delayed mail" warnings
    #delay_warning_time = 4h
    # TLS parameters
    smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
    smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
    smtpd_use_tls = yes
    smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
    smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache

    # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
    # information on enabling SSL in the smtp client.

    myhostname = <domain name of site #1>
    alias_maps = hash:/etc/aliases
    alias_database = hash:/etc/aliases
    myorigin = /etc/mailname
    #mydestination = <domain name of site #1>, <hostname>, localhost.localdomain, localhost
    relayhost =
    mynetworks = 127.0.0.0/8
    mailbox_command = procmail -a "$EXTENSION"
    mailbox_size_limit = 0
    recipient_delimiter = +
    inet_interfaces = all
    inet_protocols = all
    smtpd_sasl_local_domain =
    smtpd_sasl_auth_enable = yes
    smtpd_sasl_security_options = noanonymous
    broken_sasl_auth_clients = yes
    smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
    smtpd_tls_auth_only = no
    smtp_use_tls = yes
    smtp_tls_note_starttls_offer = yes
    smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
    smtpd_tls_loglevel = 1
    smtpd_tls_received_header = yes
    smtpd_tls_session_cache_timeout = 3600s
    tls_random_source = dev:/dev/urandom

    virtual_maps = hash:/etc/postfix/virtusertable

    mydestination = /etc/postfix/local-host-names


    /etc/postfix/local-host-names

    this is a very long file, containing all domains on the server. Sorry, but can't publish here without causing problems with privacy and my customers

    in general, the file looks like

    localhost
    <hostname>
    localhost.<hostname>
    localhost.localdomain
    <www.site1.tld>
    <www.site2.tld>
    etc.

    /etc/postfix/virtusertable

    same problem as above - privacy, can't post that...

    anyway, I have checked and rechecked this file for possible problems myself many times and could not find any. All associations are correct and exactly what they should be.

    Thanks
    DaFux
     
  8. DaFux

    DaFux New Member

    Update: In my original posting I said "for most of the sites (but not all of them) their mails get auto-forwarded to site#1". I just verified that - actually all mail for all sites is forwarded to site #1.
     
  9. falko

    falko Super Moderator Howtoforge Staff

  10. DaFux

    DaFux New Member

    Unfortunately not.

    Actually the variable $mydomain does not exist at all in my main.cf. Instead I have $myhostname which is indeed set to the domain name of the user who receives all mail.

    BUT: If I change that to another value and reload postfix, nothing changes. Still the same problem.

    The header looks like:

    Code:
    X-Original-To: info@<recipient.com>
    Delivered-To: web4_admin@<wrong_recipient.com>
    Received: from ... (... [213.xxx.xxx.xxx])
    	by <value in $myhostname> (Postfix) with SMTP id 75C2A1EECCE5
    
    I tried almost everything for $myhostname, does not make any difference. Actually $myhostname is used for the server banner only, so it should not make much difference, it just appears in the mail header.

    Cheers
    DaFux
     
    Last edited: Mar 9, 2009
  11. falko

    falko Super Moderator Howtoforge Staff

    Please check the output of
    Code:
    postconf -d
     
  12. DaFux

    DaFux New Member

    postconf -d shows:

    mydomain = localdomain
     
  13. falko

    falko Super Moderator Howtoforge Staff

    Is the domain maybe listed in /etc/mailname?
     
  14. DaFux

    DaFux New Member

    Yes, /etc/mailname contains the domain to which all mail is being forwarded.

    I have already replaced the line

    myorigin = /etc/mailname
    by
    myorigin = <domainname> (where <domainname> is the same as in myhostname)

    in main.cf - without any results (I reloaded/restarted postfix on the way).

    I just tried something else - I have set both (myorigin and myhostname to 'localhost')

    AND THAT SEEMED TO SOLVE THE PROBLEM.

    I am however worried if this setting does not have other side effects. Dor example a

    telnet <domainname> 25

    shows this output

    Trying <IPAddress>...
    Connected to <hostname>.
    Escape character is '^]'.
    220 localhost ESMTP
    QUIT
    221 2.0.0 Bye
    Connection closed by foreign host.

    That "220 localhost" does not look right...

    However, the problem itself seems to be solved - thank you very much for your support!

    Cheers
    DaFux
     
  15. DaFux

    DaFux New Member

    OK, the original problem was solved, but now I have a new one:

    Mails sent by my server are coming back for several reasons. A few are:
    550-HELO/EHLO must contain YOUR OWN FQDN or IP literal;
    localhost is MY 550-name/IP! 550 Please see RFC 2821 section 4.1.1.1
    550
    Access denied - Invalid HELO name (See RFC2821 4.1.1.1) (in reply to MAIL
    FROM command)
    504 5.5.2 <localhost>: Helo command rejected: need fully-qualified hostname

    OK, this is the localhost which as I thought cannot be right.

    Question: Is it possible to make postfix use the proper domain name for the corresponding domain? I.e. when sending/receiving mail it should use the proper domain name, not just a single one (as before) or a wrong one (the localhost test - my fault).
     
  16. till

    till Super Moderator Staff Member ISPConfig Developer

    Every mailserver uses its own hostname when sending emails and not a virtual domain. Thats the normal behaviour. Just make sure that you set the complete full hostname of the server, e.g. server1.yourdomain.com in main.cf as myhostname and mydomain and also in the file /etc/myilname in case that it exists.
     
  17. DaFux

    DaFux New Member

    That does not work ...
    If I use a full hostname like myserver.domainname.com, I am getting the following error:

    Mar 18 09:24:00 myserver postfix/smtp[16698]: 6A8931EECDAB: to=<[email protected]>, orig_to=<info@domain_belonging_to_web20>, relay=none, delay=0.04, delays=0.02/0/0.02/0, dsn=5.4.6, status=bounced (mail for myserver.domainname.com loops back to myself)
     
  18. till

    till Super Moderator Staff Member ISPConfig Developer

    This message means that it works. You just have to set the hostname also at the end of /etc/postfix/local-host-names
     
  19. DaFux

    DaFux New Member

    Absolutely perfect!

    Thanks!!!

    That problem has taken so much time, I am really thankful that you guys did not give up on me!
     

Share This Page