Hi All, This may have been covered in a previous post. If so, please accept my apologies for the duplicate post. I have a CentOS 5.5 server running Falko's Perfect Server configuration with ISPConfig3. I have ISPConfig configured to be have Web DB and VServer enabled, but I have Mail, DNS, and File services disabled on it. All of these settings are set under System, System Services, pubweb.internal.exampledomain.com (note that I've changed the real server name and domain name for the sake of a forum post) Under our primary domain name (exampledomain.com) I have a web-based help desk software set up. It has worked fine until I rebooted the server last Friday. After that we stopped getting helpdesk notifications, which are emailed from the PHP mail() function when a user puts in a request. I took a look at my /var/log/maillog file from Postfix, and here's what I see: Nov 25 14:17:20 pubweb sendmail[12838]: oAPJHKMb012838: Authentication-Warning: pubweb.internal.exampledomain.com: apache set sender to [email protected] using -f Nov 25 14:17:20 pubweb sendmail[12838]: oAPJHKMb012838: [email protected], size=560, class=0, nrcpts=1, msgid=<[email protected]>, relay=apache@localhost Nov 25 14:17:20 pubweb postfix/smtpd[12839]: connect from localhost.localdomain[127.0.0.1] Nov 25 14:17:20 pubweb postfix/smtpd[12839]: D8974C1034E: client=localhost.localdomain[127.0.0.1] Nov 25 14:17:21 pubweb postfix/cleanup[12842]: D8974C1034E: message-id=<[email protected]> Nov 25 14:17:21 pubweb sendmail[12838]: oAPJHKMb012838: to=[email protected], delay=00:00:01, xdelay=00:00:01, mailer=relay, pri=30560, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (Ok: queued as D8974C1034E) Nov 25 14:17:21 pubweb postfix/qmgr[12793]: D8974C1034E: from=<[email protected]>, size=1210, nrcpt=1 (queue active) Nov 25 14:17:21 pubweb postfix/local[12843]: D8974C1034E: to=<[email protected]>, relay=local, delay=0.23, delays=0.2/0.03/0/0, dsn=2.0.0, status=sent (delivered to mailbox) Nov 25 14:17:21 pubweb postfix/smtpd[12839]: disconnect from localhost.localdomain[127.0.0.1] Nov 25 14:17:21 pubweb postfix/qmgr[12793]: D8974C1034E: removed Nov 25 14:17:21 pubweb sendmail[12844]: oAPJHLfQ012844: Authentication-Warning: pubweb.internal.exampledomain.com: apache set sender to [email protected] using -f Nov 25 14:17:21 pubweb sendmail[12844]: oAPJHLfQ012844: [email protected], size=487, class=0, nrcpts=1, msgid=<[email protected]>, relay=apache@localhost Nov 25 14:17:21 pubweb postfix/smtpd[12839]: connect from localhost.localdomain[127.0.0.1] Nov 25 14:17:21 pubweb postfix/smtpd[12839]: 234F4C1034E: client=localhost.localdomain[127.0.0.1] Nov 25 14:17:21 pubweb postfix/cleanup[12842]: 234F4C1034E: message-id=<[email protected]> Nov 25 14:17:21 pubweb sendmail[12844]: oAPJHLfQ012844: [email protected], delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=30487, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (Ok: queued as 234F4C1034E) Nov 25 14:17:21 pubweb postfix/qmgr[12793]: 234F4C1034E: from=<[email protected]>, size=1138, nrcpt=1 (queue active) Nov 25 14:17:21 pubweb postfix/local[12843]: 234F4C1034E: to=<[email protected]>, relay=local, delay=0.05, delays=0.05/0/0/0, dsn=2.0.0, status=sent (delivered to mailbox) Nov 25 14:17:21 pubweb postfix/qmgr[12793]: 234F4C1034E: removed Nov 25 14:17:21 pubweb postfix/smtpd[12839]: disconnect from localhost.localdomain[127.0.0.1] (Again, note that I've masqueraded the hostname/username/domain above) So, somewhere Postfix or ISPConfig3 or something else is rewriting the email address [email protected] to be [email protected] and then attempting to deliver that message to our Exchange server, which doesn't have any clue what to do with it and rejects it. Actually, in the example above the message was delivered locally based on a change I just made to the mydestinations configuration parameter in Postfix. But trust me, prior to this the message was forwarded to our Exchange server, which bounced it with an NDR message. I checked in phpmyadmin under the ispconfig database. None of my mail_ tables have any content, so I'm wondering if this is ISPConfig doing this at all, or perhaps it's a consequence of installing ISPConfig and ISPConfig reconfiguring Postfix. So, my question is, why is the email address being rewritten, by what, and where can I fix it? Any help would be greatly appreciated, as none of our guys are getting their helpdesk request notices and they're missing important user issues. Here's my Postfix main.cf file: alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases command_directory = /usr/sbin daemon_directory = /usr/libexec/postfix debug_peer_level = 2 debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin xxgdb $daemon_directory/$process_name $process_id & sleep 5 html_directory = no inet_interfaces = all mail_owner = postfix mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man message_size_limit = 0 mydestination = $myhostname, pubweb.internal.exampledomain.com, localhost.$mydomain, localhost myhostname = www1.exampledomain.com mynetworks = 10.100.1.0/24, 127.0.0.0/8 [::1]/128 myorigin = pubweb.exampledomain.com newaliases_path = /usr/bin/newaliases.postfix queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES relayhost = sample_directory = /usr/share/doc/postfix-2.3.3/samples sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop unknown_local_recipient_reject_code = 550 mailbox_size_limit = 0 And here's my Postfix master.cf file: smtp inet n - n - - smtpd pickup fifo n - n 60 1 pickup cleanup unix n - n - 0 cleanup qmgr fifo n - n 300 1 qmgr tlsmgr unix - - n 1000? 1 tlsmgr rewrite unix - - n - - trivial-rewrite bounce unix - - n - 0 bounce defer unix - - n - 0 bounce trace unix - - n - 0 bounce verify unix - - n - 1 verify flush unix n - n 1000? 0 flush proxymap unix - - n - - proxymap smtp unix - - n - - smtp relay unix - - n - - smtp -o fallback_relay= showq unix n - n - - showq error unix - - n - - error discard unix - - n - - discard local unix - n n - - local virtual unix - n n - - virtual lmtp unix - - n - - lmtp anvil unix - - n - 1 anvil scache unix - - n - 1 scache maildrop unix - n n - - pipe flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient} ${extension} ${recipient} ${user} ${nexthop} ${sender} old-cyrus unix - n n - - pipe flags=R user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -m ${extension} ${user} cyrus unix - n n - - pipe user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -r ${sender} -m ${extension} ${user} uucp unix - n n - - pipe flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient) ifmail unix - n n - - pipe flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient) bsmtp unix - n n - - pipe flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient dovecot unix - n n - - pipe flags=DRhu user=vmail:vmail argv=/usr/libexec/dovecot/deliver -f ${sender} -d ${user}@${nexthop} #amavis unix - - - - 2 smtp # -o smtp_data_done_timeout=1200 # -o smtp_send_xforward_command=yes #127.0.0.1:10025 inet n - - - - smtpd # -o content_filter= # -o local_recipient_maps= # -o relay_recipient_maps= # -o smtpd_restriction_classes= # -o smtpd_client_restrictions= # -o smtpd_helo_restrictions= # -o smtpd_sender_restrictions= # -o smtpd_recipient_restrictions=permit_mynetworks,reject # -o mynetworks=127.0.0.0/8 # -o strict_rfc821_envelopes=yes # -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks # -o smtpd_bind_address=127.0.0.1 Thanks (in advance!) -- Anomaly0617
Yes, which is why this one didn't bounce. But there are other users that do not exist in /etc/passwd, and those messages bounce.
