CentOS 8 / Almalinux 8 mailman - unkonwn user in virtual mailbox table

Hello,
I have installed ISPConfig on Almalinux 8 following instruction for CentOS 8.
Everithing works perfect exept mailman.
Running latest version of ISPConfig 3.2.8p1

I have added mail domain domain.tld and some mailboxes, and I have added mailman list [email protected].

If I send messages to mailboxes added to that domain works, but when I sent mail to list [email protected] from member on that list i got:

Code:

Jun 10 21:49:13 mail postfix/submission/smtpd[2906049]: NOQUEUE: reject: RCPT from unknown[XX.XX.XX.XX]: 550 5.1.1 <[email protected]>: Recipient address rejected: User unknown in virtual
mailbox table; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<[XX.XX.XX.XX]>

In /etc/postfix/main.cf everithing looks ok:

Code:

# postconf -n
address_verify_negative_refresh_time = 60s
address_verify_sender_ttl = 15686s
address_verify_transport_maps = static:smtp:[127.0.0.1]:10025
address_verify_virtual_transport = smtp:[127.0.0.1]:10025
alias_database = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
alias_maps = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
authorized_flush_users =
authorized_mailq_users = nagios, icinga
body_checks = regexp:/etc/postfix/body_checks
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
compatibility_level = 2
content_filter = lmtp:[127.0.0.1]:10024
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5
dovecot_destination_recipient_limit = 1
enable_original_recipient = no
greylisting = check_policy_service inet:127.0.0.1:10023
header_checks = regexp:/etc/postfix/header_checks
html_directory = no
inet_interfaces = all
inet_protocols = all
mail_owner = postfix
mailbox_size_limit = 0
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
message_size_limit = 0
meta_directory = /etc/postfix
mime_header_checks = regexp:/etc/postfix/mime_header_checks
mydestination = mail.domain.tld, localhost, localhost.localdomain
myhostname = mail.domain.tld
mynetworks = 127.0.0.0/8 [::1]/128
nested_header_checks = regexp:/etc/postfix/nested_header_checks
newaliases_path = /usr/bin/newaliases.postfix
owner_request_special = no
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $sender_bcc_maps $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $smtpd_sender_login_maps $virtual_uid_maps $virtual_gid_maps $smtpd_client_restrictions $smtpd_sender_restrictions $smtpd_recipient_restrictions $smtp_sasl_password_maps $sender_dependent_relayhost_maps
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix/README_FILES
receive_override_options = no_address_mappings
relay_domains = proxy:mysql:/etc/postfix/mysql-virtual_relaydomains.cf
relay_recipient_maps = proxy:mysql:/etc/postfix/mysql-virtual_relayrecipientmaps.cf
sample_directory = /usr/share/doc/postfix/samples
sender_bcc_maps = proxy:mysql:/etc/postfix/mysql-virtual_outgoing_bcc.cf
sender_dependent_relayhost_maps = proxy:mysql:/etc/postfix/mysql-virtual_sender-relayhost.cf
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
shlib_directory = /usr/lib64/postfix
smtp_dns_support_level = dnssec
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = proxy:mysql:/etc/postfix/mysql-virtual_sender-relayauth.cf, texthash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous, noplaintext
smtp_sasl_tls_security_options = noanonymous
smtp_sender_dependent_authentication = yes
smtp_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt
smtp_tls_CApath = /etc/pki/tls/certs
smtp_tls_exclude_ciphers = RC4, aNULL
smtp_tls_protocols = !SSLv2,!SSLv3
smtp_tls_security_level = dane
smtpd_banner = Cloud Home Mail
smtpd_client_message_rate_limit = 100
smtpd_client_restrictions = check_client_access proxy:mysql:/etc/postfix/mysql-virtual_client.cf, permit_inet_interfaces, permit_mynetworks, permit_sasl_authenticated, reject_rbl_client zen.spamhaus.org, reject_rbl_client cbl.abuseat.org, reject_unauth_pipelining, permit
smtpd_data_restrictions = permit_mynetworks, reject_unauth_pipelining, reject_multi_recipient_bounce, permit
smtpd_etrn_restrictions = permit_mynetworks, reject
smtpd_forbidden_commands = CONNECT,GET,POST,USER,PASS
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks, check_helo_access regexp:/etc/postfix/helo_access, permit_sasl_authenticated, reject_invalid_helo_hostname, reject_non_fqdn_helo_hostname, check_helo_access regexp:/etc/postfix/blacklist_helo, reject_unknown_helo_hostname, permit
smtpd_recipient_restrictions = permit_mynetworks, reject_unknown_recipient_domain, reject_unlisted_recipient, check_recipient_access proxy:mysql:/etc/postfix/mysql-verify_recipients.cf, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_unauth_destination, check_recipient_access proxy:mysql:/etc/postfix/mysql-virtual_recipient.cf, check_recipient_access mysql:/etc/postfix/mysql-virtual_policy_greylist.cf, check_policy_service unix:private/quota-status
smtpd_reject_unlisted_sender = no
smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
smtpd_restriction_classes = greylisting
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_path = private/auth
smtpd_sasl_type = dovecot
smtpd_sender_login_maps = proxy:mysql:/etc/postfix/mysql-virtual_sender_login_maps.cf
smtpd_sender_restrictions = reject_authenticated_sender_login_mismatch, check_sender_access regexp:/etc/postfix/tag_as_originating.re, permit_mynetworks, check_sender_access proxy:mysql:/etc/postfix/mysql-virtual_sender.cf, reject_sender_login_mismatch, permit_sasl_authenticated, reject_non_fqdn_sender, reject_unlisted_sender, check_sender_access regexp:/etc/postfix/tag_as_foreign.re
smtpd_tls_cert_file = /etc/postfix/smtpd.cert
smtpd_tls_exclude_ciphers = RC4, aNULL
smtpd_tls_key_file = /etc/postfix/smtpd.key
smtpd_tls_mandatory_ciphers = medium
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
smtpd_tls_protocols = !SSLv2,!SSLv3
smtpd_tls_security_level = may
smtpd_use_tls = yes
tls_medium_cipherlist = ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA
tls_preempt_cipherlist = yes
transport_maps = hash:/var/lib/mailman/data/transport-mailman, proxy:mysql:/etc/postfix/mysql-virtual_transports.cf
unknown_local_recipient_reject_code = 550
virtual_alias_domains = proxy:mysql:/etc/postfix/mysql-virtual_alias_domains.cf
virtual_alias_maps = hash:/var/lib/mailman/data/virtual-mailman, proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, proxy:mysql:/etc/postfix/mysql-virtual_alias_maps.cf, proxy:mysql:/etc/postfix/mysql-virtual_email2email.cf
virtual_gid_maps = proxy:mysql:/etc/postfix/mysql-virtual_gids.cf
virtual_mailbox_base = /var/vmail
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
virtual_transport = lmtp:unix:private/dovecot-lmtp
virtual_uid_maps = proxy:mysql:/etc/postfix/mysql-virtual_uids.cf
postconf: warning: /etc/postfix/main.cf: unused parameter: maildrop_destination_concurrency_limit=1
postconf: warning: /etc/postfix/main.cf: unused parameter: maildrop_destination_recipient_limit=1

in /var/lib/mailman/data/transport-mailman
i see correct created home list:

Code:

# STANZA START: home
# CREATED: Fri Jun 10 21:08:51 2022
[email protected]              local
[email protected]        local
[email protected]      local
[email protected]      local
[email protected]         local
[email protected]        local
[email protected]        local
[email protected]      local
[email protected]    local
[email protected]  local
# STANZA END: home

Here my /etc/mailman/mm_cfg.py

Code:

# -*- python -*-

# Copyright (C) 1998,1999,2000 by the Free Software Foundation, Inc.
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
# 02110-1301 USA


"""This is the module which takes your site-specific settings.

From a raw distribution it should be copied to mm_cfg.py.  If you
already have an mm_cfg.py, be careful to add in only the new settings
you want.  The complete set of distributed defaults, with annotation,
are in ./Defaults.  In mm_cfg, override only those you want to
change, after the

  from Defaults import *

line (see below).

Note that these are just default settings - many can be overridden via the
admin and user interfaces on a per-list or per-user basis.

Note also that some of the settings are resolved against the active list
setting by using the value as a format string against the
list-instance-object's dictionary - see the distributed value of
DEFAULT_MSG_FOOTER for an example."""


#######################################################
#    Here's where we get the distributed defaults.    #

from Defaults import *

##############################################################
# Put YOUR site-specific configuration below, in mm_cfg.py . #
# See Defaults.py for explanations of the values.            #

#-------------------------------------------------------------
# The name of the list Mailman uses to send password reminders
# and similar. Don't change if you want mailman-owner to be
# a valid local part.
MAILMAN_SITE_LIST = 'mailman'

#-------------------------------------------------------------
# If you change these, you have to configure your http server
# accordingly (Alias and ScriptAlias directives in most httpds)
DEFAULT_URL_PATTERN = 'http://%s/mailman/'
PRIVATE_ARCHIVE_URL = '/mailman/private'
IMAGE_LOGOS         = '/images/mailman/'

#-------------------------------------------------------------
# Default domain for email addresses of newly created MLs
DEFAULT_EMAIL_HOST = 'domain.tld'
#-------------------------------------------------------------
# Default host for web interface of newly created MLs
DEFAULT_URL_HOST   = 'domain.tld'
#-------------------------------------------------------------
# Required when setting any of its arguments.
add_virtualhost(DEFAULT_URL_HOST, DEFAULT_EMAIL_HOST)

#-------------------------------------------------------------
# The default language for this server.
DEFAULT_SERVER_LANGUAGE = 'en'

#-------------------------------------------------------------
# Iirc this was used in pre 2.1, leave it for now
USE_ENVELOPE_SENDER    = 0              # Still used?

#-------------------------------------------------------------
# Unset send_reminders on newly created lists
DEFAULT_SEND_REMINDERS = 0

#-------------------------------------------------------------
# Uncomment this if you configured your MTA such that it
# automatically recognizes newly created lists.
# (see /usr/share/doc/mailman/README.Exim4.Debian or
# /usr/share/mailman/postfix-to-mailman.py)
# MTA=None   # Misnomer, suppresses alias output on newlist

#-------------------------------------------------------------
# Uncomment if you use Postfix virtual domains (but not
# postfix-to-mailman.py), but be sure to see
# /usr/share/doc/mailman/README.Debian first.
MTA='Postfix'
POSTFIX_STYLE_VIRTUAL_DOMAINS = ['domain.tld']
#-------------------------------------------------------------
# Uncomment if you want to filter mail with SpamAssassin. For
# more information please visit this website:
# http://www.jamesh.id.au/articles/mailman-spamassassin/
# GLOBAL_PIPELINE.insert(1, 'SpamAssassin')

POSTFIX_MAP_CMD = '/etc/mailman/virtual_to_transport.sh'

# Note - if you're looking for something that is imported from mm_cfg, but you
# didn't find it above, it's probably in /usr/lib/mailman/Mailman/Defaults.py.

Any ideas why I get error for unknown mailbox?
I will be happy if any help with that.

 

After few hours investigation I see empty: /var/lib/mailman/data/aliases

I have another machine with debian 10 and there for example:
file /var/lib/mailman/data/aliases contain created lists:

Code:

# This file is generated by Mailman, and is kept in sync with the
# binary hash file aliases.db.  YOU SHOULD NOT MANUALLY EDIT THIS FILE
# unless you know what you're doing, and can keep the two files properly
# in sync.  If you screw it up, you're on your own.

# The ultimate loop stopper address
mailman-loop: /var/lib/mailman/data/owner-bounces.mbox

# STANZA START: mailman
# CREATED: Fri Jun 10 21:29:04 2022
mailman:             "|/var/lib/mailman/mail/mailman post mailman"
mailman-admin:       "|/var/lib/mailman/mail/mailman admin mailman"
mailman-bounces:     "|/var/lib/mailman/mail/mailman bounces mailman"
mailman-confirm:     "|/var/lib/mailman/mail/mailman confirm mailman"
mailman-join:        "|/var/lib/mailman/mail/mailman join mailman"
mailman-leave:       "|/var/lib/mailman/mail/mailman leave mailman"
mailman-owner:       "|/var/lib/mailman/mail/mailman owner mailman"
mailman-request:     "|/var/lib/mailman/mail/mailman request mailman"
mailman-subscribe:   "|/var/lib/mailman/mail/mailman subscribe mailman"
mailman-unsubscribe: "|/var/lib/mailman/mail/mailman unsubscribe mailman"
# STANZA END: mailman

# STANZA START: home
# CREATED: Fri Jun 10 21:47:01 2022
home:             "|/var/lib/mailman/mail/mailman post home"
home-admin:       "|/var/lib/mailman/mail/mailman admin home"
home-bounces:     "|/var/lib/mailman/mail/mailman bounces home"
home-confirm:     "|/var/lib/mailman/mail/mailman confirm home"
home-join:        "|/var/lib/mailman/mail/mailman join home"
home-leave:       "|/var/lib/mailman/mail/mailman leave home"
home-owner:       "|/var/lib/mailman/mail/mailman owner home"
home-request:     "|/var/lib/mailman/mail/mailman request home"
home-subscribe:   "|/var/lib/mailman/mail/mailman subscribe home"
home-unsubscribe: "|/var/lib/mailman/mail/mailman unsubscribe home"
# STANZA END: home

but in AlmaLinux 8 that file /var/lib/mailman/data/aliases is empty.
I have tried to run:

Code:

/usr/lib/mailman/bin/genaliases

but nothing changed.
I will be happy if any has idea and solution how to fix that.

 

I have fixed that.

When I crate a new list from ISPConfig create new files:

Code:

/etc/mailman/virtual-mailman
/etc/mailman/aliases

and not write in configured in /etc/postfix/main.cf files

Code:

/var/lib/mailman/data/virtual-mailman
/var/lib/mailman/data/aliases

So, I modified /etc/postfix/main.cf:

Code:

# diff --color -u /etc/ispconfig/confs/main.cf /etc/postfix/main.cf 
--- /etc/ispconfig/confs/main.cf        2022-06-11 10:52:04.540165835 +0300 
+++ /etc/postfix/main.cf        2022-06-11 18:02:20.467182105 +0300 
@@ -402,7 +402,7 @@ 
# "postfix reload" to eliminate the delay. 
# 
#alias_maps = dbm:/etc/aliases 
-alias_maps = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases 
+alias_maps = hash:/etc/aliases, hash:/etc/mailman/aliases 
#alias_maps = hash:/etc/aliases, nis:mail.aliases 
#alias_maps = netinfo:/aliases 
 
@@ -413,7 +413,7 @@ 
# 
#alias_database = dbm:/etc/aliases 
#alias_database = dbm:/etc/mail/aliases 
-alias_database = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases 
+alias_database = hash:/etc/aliases, hash:/etc/mailman/aliases 
#alias_database = hash:/etc/aliases, hash:/opt/majordomo/aliases 
 
# ADDRESS EXTENSIONS (e.g., user+foo) 
@@ -739,7 +739,7 @@ 
meta_directory = /etc/postfix 
shlib_directory = /usr/lib64/postfix 
virtual_alias_domains = proxy:mysql:/etc/postfix/mysql-virtual_alias_domains.cf 
-virtual_alias_maps = hash:/var/lib/mailman/data/virtual-mailman, proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, proxy:mysql:/etc/postfix/mysql-virtual_alias_maps.cf, proxy:mysql:/e
tc/postfix/mysql-virtual_email2email.cf 
+virtual_alias_maps = hash:/etc/mailman/virtual-mailman, proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, proxy:mysql:/etc/postfix/mysql-virtual_alias_maps.cf, proxy:mysql:/etc/postfi
x/mysql-virtual_email2email.cf 
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf 
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf 
virtual_mailbox_base = /var/vmail

And now all mailman work.

Also in CentOS 8 Perfect Server documentation for /etc/httpd/conf.d/mailman.conf
has instructions to add:

Code:

ScriptAlias /cgi-bin/mailman/ /usr/lib/mailman/cgi-bin/

but Alma/CentOS8 in /etc/httpd/conf/httpd.conf (line 250) has:

Code:

ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"

and that make access to:
http://yourdomain/cgi-bin/mailman/listinfo
(for example) impossible.

I have comment:

Code:

#ScriptAlias /cgi-bin/ "/var/www/cgi-bin/" 

in httpd.conf and now http://yourdomain/cgi-bin/mailman/listinfo is accessable:

For Devs - I have post a issue: https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6352

 

Hi Guys,

After changing the config in /etc/postfix/main.cf, one needs to run:

Code:

postmap /etc/mailman/virtual-mailman

to create the new binary hash. Otherwise you'll get errors in the logs, such as:

Code:

error: open database /etc/mailman/virtual-mailman.db: No such file or directory

One might also add the following into /etc/httpd/conf.d/mailman.conf, to fix the icon rendering to the bottom of the web pages:

Code:

Alias /images/mailman/ /usr/lib/mailman/icons/
<Directory /usr/lib/mailman/icons>
    Options MultiViews FollowSymLinks
    AllowOverride None
    Require all granted
</Directory>