Getting an IMAP server going, Dovecot is working out fine. Postfix seems to boggle me. I've read a ton of Falko's posts that seem to help people with similar issues, the solutions posted there didn't help my issue. Receiving mail works out fine no matter what client you're using (I'm testing with Thunderbird and Outlook). Sending mail does not work. Outlook Express responds with a 554 relay denied Code: May 22 18:50:23 mail postfix/smtpd[3337]: connect from c-24-22-xxx.xxx.hsd1.or.comcast.net[24.22.xxx.xxx] [B]May 22 18:50:24 mail postfix/trivial-rewrite[3341]: warning: do not list domain mydomain.com in BOTH virtual_alias_domains and virtual_mailbox_domains[/B] May 22 18:50:24 mail postfix/smtpd[3337]: NOQUEUE: reject: RCPT from c-24-22-xxx.xxx.hsd1.or.comcast.net[24.22.xxx.xxx]: 554 5.7.1 <[email protected]>: Relay access denied; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<computer> May 22 18:50:24 mail postfix/smtpd[3337]: disconnect from c-24-22-xxx.xxx.hsd1.or.comcast.net[24.22.xxx.xxx] Thunderbird connects and that's as far as it gets Code: May 22 18:10:46 mail postfix/smtpd[3219]: lost connection after UNKNOWN from c-24-22-xxx-xxx.hsd1.or.comcast.net[24.22.xxx.xxx] May 22 18:10:46 mail postfix/smtpd[3219]: disconnect from c-24-22-xxx-xxx.hsd1.or.comcast.net[24.22.xxx.xxx] However, postfix warns me not to use mydomain.com in both the virtual_alias_list and the virtual_domain_list. I only list it in virtual_alias_list. netstat -tap Code: mail:/etc/postfix# netstat -tap Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 *:imaps *:* LISTEN 3013/dovecot tcp 0 0 *:nfs *:* LISTEN - tcp 0 0 *:afpovertcp *:* LISTEN 3136/afpd tcp 0 0 *:swat *:* LISTEN 2824/inetd tcp 0 0 localhost:10025 *:* LISTEN 2968/perl tcp 0 0 *:mysql *:* LISTEN 2336/mysqld tcp 0 0 *:34444 *:* LISTEN 1854/rpc.statd tcp 0 0 *:imap2 *:* LISTEN 3013/dovecot tcp 0 0 localhost:spamd *:* LISTEN 2395/spamd.pid tcp 0 0 *:sunrpc *:* LISTEN 1842/portmap tcp 0 0 *:35091 *:* LISTEN - tcp 0 0 *:ftp *:* LISTEN 2981/vsftpd tcp 0 0 mail.mydomain.co:domain *:* LISTEN 2225/named tcp 0 0 localhost:domain *:* LISTEN 2225/named tcp 0 0 *:ssh *:* LISTEN 2254/sshd tcp 0 0 localhost:ipp *:* LISTEN 2753/cupsd tcp 0 0 *:smtp *:* LISTEN 2891/master tcp 0 0 *:50905 *:* LISTEN 2813/rpc.mountd tcp 0 0 localhost:953 *:* LISTEN 2225/named tcp 0 0 mail.mydomain.com:imaps c-24-22-xxx.xxx.hs:1147 ESTABLISHED 3218/imap-login tcp 0 300 mail.mydomain.com:ssh c-24-22-xxx.xxx.hs:1179 ESTABLISHED 3239/0 tcp 0 0 mail.mydomain.com:imaps c-24-22-xxx.xxx.hs:1317 ESTABLISHED 3224/imap-login tcp 0 0 mail.mydomain.com:imaps c-24-22-xxx.xxx.hs:3413 ESTABLISHED 3045/imap-login tcp6 0 0 [::]:netbios-ssn [::]:* LISTEN 2906/smbd tcp6 0 0 [::]:www [::]:* LISTEN 3178/apache2 tcp6 0 0 [::]:domain [::]:* LISTEN 2225/named tcp6 0 0 [::]:ssh [::]:* LISTEN 2254/sshd tcp6 0 0 ip6-localhost:953 [::]:* LISTEN 2225/named tcp6 0 0 [::]:microsoft-ds [::]:* LISTEN 2906/smbd main.cf Code: mail:/etc/postfix# cat main.cf # # Postfix MTA Manager Main Configuration File; # # Please do NOT edit this file manually; # # # Postfix directory settings; These are critical for normal Postfix MTA functionallity; # command_directory = /usr/sbin daemon_directory = /usr/lib/postfix program_directory = /usr/lib/postfix # # Some common configuration parameters; # inet_interfaces = all mynetworks = 127.0.0.0/8 #, 192.168.10.0/24 [B][COLOR="Red"]I've tried both this and 'mynetworks = 127.0.0.0/8, 192.168.10.0/24' both return the same results[/COLOR][/B] mynetworks_style = host # Debian specific: Specifying a file name will cause the first # line of that file to be used as the name. The Debian default # is /etc/mailname. #myorigin = /etc/mailname myorigin = mydomain.com smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU) biff = no # appending .domain is the MUA's job. append_dot_mydomain = no # Uncomment the next line to generate "delayed mail" warnings #delay_warning_time = 4h readme_directory = no # TLS parameters smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key smtpd_use_tls=yes smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for # information on enabling SSL in the smtp client. myhostname = mail.mydomain.com alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases #mydestination = localhost.mydomain.com, localhost mydestination = localhost relayhost = mailbox_command = procmail -a "$EXTENSION" mailbox_size_limit = 0 recipient_delimiter = + inet_interfaces = all # Virtual mailbox settings virtual_mailbox_domains = proxy:mysql:$config_directory/mysql_virtual_domains_maps.cf virtual_mailbox_base = /var/spool/mail/vmail virtual_mailbox_maps = proxy:mysql:$config_directory/mysql_virtual_mailbox_maps.cf virtual_alias_maps = proxy:mysql:$config_directory/mysql_virtual_alias_maps.cf virtual_alias_domains = mydomain.com virtual_minimum_uid = 150 virtual_uid_maps = static:150 virtual_gid_maps = static:8 virtual_transport = dovecot dovecot_destination_recipient_limit = 1 # SASL Authentication smtpd_sasl_auth_enable = yes smtpd_sasl_exceptions_networks = $mynetworks smtpd_sasl_security_options = noanonymous broken_sasl_auth_clients = yes smtpd_sasl_type = dovecot smtpd_sasl_path = private/auth smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination #permit master.cf Code: mail:/etc/postfix# cat master.cf # # Postfix master process configuration file. For details on the format # of the file, see the master(5) manual page (command: "man 5 master"). # # Do not forget to execute "postfix reload" after editing this file. # # ========================================================================== # service type private unpriv chroot wakeup maxproc command + args # (yes) (yes) (yes) (never) (100) # ========================================================================== smtp inet n - - - - smtpd #submission inet n - - - - smtpd # -o smtpd_tls_security_level=encrypt # -o smtpd_sasl_auth_enable=yes # -o smtpd_client_restrictions=permit_sasl_authenticated,reject # -o milter_macro_daemon_name=ORIGINATING #smtps inet n - - - - smtpd # -o smtpd_tls_wrappermode=yes # -o smtpd_sasl_auth_enable=yes # -o smtpd_client_restrictions=permit_sasl_authenticated,reject # -o milter_macro_daemon_name=ORIGINATING #628 inet n - - - - qmqpd pickup fifo n - - 60 1 pickup cleanup unix n - - - 0 cleanup qmgr fifo n - n 300 1 qmgr #qmgr fifo n - - 300 1 oqmgr tlsmgr unix - - - 1000? 1 tlsmgr rewrite unix - - - - - trivial-rewrite bounce unix - - - - 0 bounce defer unix - - - - 0 bounce trace unix - - - - 0 bounce verify unix - - - - 1 verify flush unix n - - 1000? 0 flush proxymap unix - - n - - proxymap proxywrite unix - - n - 1 proxymap smtp unix - - - - - smtp # When relaying mail as backup MX, disable fallback_relay to avoid MX loops relay unix - - - - - smtp -o smtp_fallback_relay= # -o smtp_helo_timeout=5 -o smtp_connect_timeout=5 showq unix n - - - - showq error unix - - - - - error retry unix - - - - - error discard unix - - - - - discard local unix - n n - - local virtual unix - n n - - virtual lmtp unix - - - - - lmtp anvil unix - - - - 1 anvil scache unix - - - - 1 scache # # ==================================================================== # Interfaces to non-Postfix software. Be sure to examine the manual # pages of the non-Postfix software to find out what options it wants. # # Many of the following services use the Postfix pipe(8) delivery # agent. See the pipe(8) man page for information about ${recipient} # and other message envelope options. # ==================================================================== # # maildrop. See the Postfix MAILDROP_README file for details. # Also specify in main.cf: maildrop_destination_recipient_limit=1 # maildrop unix - n n - - pipe flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient} # # See the Postfix UUCP_README file for configuration details. # uucp unix - n n - - pipe flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient) # # Other external delivery methods. # ifmail unix - n n - - pipe flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient) bsmtp unix - n n - - pipe flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient scalemail-backend unix - n n - 2 pipe flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension} mailman unix - n n - - pipe flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py ${nexthop} ${user} # ========================================================================== # service type private unpriv chroot wakeup maxproc command + args # (yes) (yes) (yes) (never) (100) # ========================================================================== dovecot unix - n n - - pipe flags=DRhu user=vmail:mail argv=/usr/lib/dovecot/deliver -d $(recipient) I'm sure I'm missing something rudimentary, looking at it for too long, but if I can get some help spotting it, I'd sure appreciate the crap out of it. TIA Erik Edit: Followup: 'mydomain.com' was found in the mysql table for dovecot, I removed the 'virtual_alias_list' this removed the postfix warning.
problems Hello, I don't see in main.cf this line: Code: smtpd_client_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_rbl_client bl.spamcop.net, reject_rbl_client zen.spamhaus.org smtpd_sender_restrictions = reject_unknown_sender_domain smtpd_data_restrictions = reject_unauth_pipelining Can you post dovecot.conf ?
Thanks for your reply. None of the walkthroughs I read mentioned those. dovecot.conf Code: mail:/etc/dovecot# cat dovecot.conf ## Dovecot configuration file # base_dir = /var/run/dovecot/ # # imap imaps pop3 pop3s (use imaps and pop3s if configured for SSL) protocols = imap imaps # # Uncomment the ssl_listen statements and comment out listen if using SSL protocol imap { listen = *:143 ssl_listen = *:993 } log_timestamp = â%Y-%m-%d %H:%M:%S â # # Uncomment these if using SSL ssl_cert_file = /etc/ssl/dovecot/dovecot.cert.pem ssl_key_file = /etc/ssl/dovecot/dovecot.key.pem ssl_parameters_regenerate = 168 verbose_ssl = no # # Where the mailboxes are located mail_location = maildir:/var/spool/mail/vmail/%d/%u # mail_extra_groups = mail mail_debug = yes first_valid_uid = 150 last_valid_uid = 150 maildir_copy_with_hardlinks = yes # protocol imap { login_executable = /usr/lib/dovecot/imap-login mail_executable = /usr/lib/dovecot/imap imap_max_line_length = 65536 } # auth_verbose = no auth_debug = yes auth_debug_passwords = yes # disable_plaintext_auth = no # auth default { mechanisms = plain passdb sql { args = /etc/dovecot/dovecot-sql.conf } userdb sql { args = /etc/dovecot/dovecot-sql.conf } user = nobody socket listen { master { path = /var/run/dovecot/auth-master mode = 0660 user = vmail group = mail } client { path = /var/spool/postfix/private/auth mode = 0660 user = postfix group = postfix } } # # If you want client certificates, use these lines # ssl_require_client_cert = yes # ssl_username_from_cert = yes } Edit: Thanks for taking your time to look over my setup, I appreciate it a LOT.
No. Receiving is fine, sending is schmutzed. 554 from Outlook, non response from Thunderbird. Dovecot only receives mail, though, postfix is the guy to send mail. (edit: funny concept for me, here, I wonder if I'm misunderstading something) I'm wondering if there is some conflict in the virtual crap that I'm not seeing.
reject_unknown_sender_domain is usefull for reject the request when the sender mail address has no DNS A or MX record. smtpd_client_restrictions this parameter restricts what clients this system accepts SMTP connections from. For more info see: http://www.postfix.org/uce.html I ask you to print dovecot.conf to see auth in dovecot how it is configured. When you receive mail you use imap and login with it. When you send mail, you will first authenticated with dovecot then you will send mail with postfix. So, you put this line in postfix main.cf and restart the postfix and dovecot ? Code: smtpd_client_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_rbl_client bl.spamcop.net, reject_rbl_client zen.spamhaus.org smtpd_sender_restrictions = reject_unknown_sender_domain smtpd_data_restrictions = reject_unauth_pipelining /Later Edit In dovecot.conf change the line Code: mechanisms = plain with Code: mechanisms = plain [B]login[/B]
