I've had this problem since I first installed ISPConfig. I tried changing the mail style in /home/admispconfig/ispconfig/lib/config.inc.php from sendmail to postfix, but when I do this all mail is rejected as unknown users. My question is, should mydestination = /etc/postfix/local-host-names in /etc/postfix/main.cf be changed to something else, or deleted entirely?
The line mydestination = /etc/postfix/local-host-names within your main.cf is ok. Make sure if you also have the following lines within main.cf: virtual_maps = hash:/etc/postfix/virtusertable home_mailbox = Maildir/ Within ISPConfig under >Management >Server >Settings verify if your settings for Postfix are correct. They Should be: MTA type: Postfix Virtuser File: Sendmail CW: /etc/postfix/local-host-names Mail Log: /var/log/mail.log Maildir: (enabled)
Unfortunately that didn't work. I get status=bounced (User unknown in virtual alias table) for every email address on my system. The interesting thing is all of the domains and addresses ARE in the virtusertable. Perhaps I'm missing something obvious in main.cf... Code: soft_bounce = no queue_directory = /var/spool/postfix command_directory = /usr/sbin daemon_directory = /usr/libexec/postfix mail_owner = postfix myhostname = mail.mydomain.com mydomain = mydomain.com myorigin = $mydomain inet_interfaces = all unknown_local_recipient_reject_code = 550 alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases debug_peer_level = 2 debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin xxgdb $daemon_directory/$process_name $process_id & sleep 5 sendmail_path = /usr/sbin/sendmail.postfix newaliases_path = /usr/bin/newaliases.postfix mailq_path = /usr/bin/mailq.postfix setgid_group = postdrop html_directory = no manpage_directory = /usr/share/man sample_directory = /usr/share/doc/postfix-2.1.5/samples readme_directory = /usr/share/doc/postfix-2.1.5/README_FILES smtpd_sasl_local_domain = smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = noanonymous broken_sasl_auth_clients = yes smtpd_client_restrictions = check_client_access cidr:/etc/postfix/reject.cidr, reject_unknown_client smtpd_sender_restrictions = reject_invalid_hostname, reject_non_fqdn_sender, reject_unknown_sender_domain, check_sender_access hash:/etc/postfix/sender_checks smtpd_recipient_restrictions = reject_invalid_hostname, permit_sasl_authenticated, reject_non_fqdn_hostname, reject_non_fqdn_sender, reject_unknown_sender_domain, reject_unknown_recipient_domain, permit_mynetworks, reject_unauth_destination, check_sender_access hash:/etc/postfix/sender_checks smtpd_tls_auth_only = no smtp_use_tls = yes smtpd_use_tls = yes smtp_tls_note_starttls_offer = yes smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem smtpd_tls_loglevel = 1 smtpd_tls_received_header = yes smtpd_tls_session_cache_timeout = 3600s tls_random_source = dev:/dev/urandom home_mailbox = Maildir/ virtual_maps = hash:/etc/postfix/virtusertable mydestination = /etc/postfix/local-host-names Note that "mail.mydomain.com" and "mydomain.com" point to actual domains and have been edited out.
Can you post an excerpt of your mail log where the error happens? What's in /etc/postfix/virtusertable and /etc/postfix/local-host-names?
Here's the info you requested. Again, domain names have been changed to protect the innocent. Log file... Code: Apr 8 08:29:41 server postfix/smtpd[13611]: connect from mail845.carrierinternetsolutions.com[69.49.106.55] Apr 8 08:29:41 server postfix/smtpd[13611]: setting up TLS connection from mail845.carrierinternetsolutions.com[69.49.106.55] Apr 8 08:29:41 server postfix/smtpd[13611]: TLS connection established from mail845.carrierinternetsolutions.com[69.49.106.55]: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits) Apr 8 08:29:41 server postfix/smtpd[13611]: DFA471CB1FF: client=mail845.carrierinternetsolutions.com[69.49.106.55] Apr 8 08:29:42 server postfix/cleanup[13614]: DFA471CB1FF: message-id=<000801c779d9$8bea9820$db32a544@woernobm7aco> Apr 8 08:29:42 server postfix/qmgr[13563]: DFA471CB1FF: from=<[email protected]>, size=1853, nrcpt=1 (queue active) Apr 8 08:29:42 server postfix/smtpd[13611]: disconnect from mail845.carrierinternetsolutions.com[69.49.106.55] Apr 8 08:29:42 server postfix/error[13615]: DFA471CB1FF: to=<[email protected]>, orig_to=<[email protected]>, relay=none, delay=1, status=bounced (User unknown in virtual alias table) Apr 8 08:29:42 server postfix/cleanup[13614]: 25D571CB200: message-id=<[email protected]> Apr 8 08:29:42 server postfix/qmgr[13563]: 25D571CB200: from=<>, size=3654, nrcpt=1 (queue active) Apr 8 08:29:42 server postfix/qmgr[13563]: DFA471CB1FF: removed Apr 8 08:29:48 server postfix/smtp[13618]: 25D571CB200: to=<[email protected]>, relay=mx1c8.carrierinternetsolutions.com[69.49.109.14], delay=6, status=sent (250 2.0.0 l38CTmIe006533 Message accepted for delivery) Apr 8 08:29:48 server postfix/qmgr[13563]: 25D571CB200: removed virtusertable... Code: ################################### # # ISPConfig virtusertable Configuration File # Version 1.0 # ################################### www.mydomain.com VIRTUALDOMAIN [email protected] web11_admin [email protected] web11_admin [email protected] web11_admin [email protected] web11_admin [email protected] web11_admin [email protected] web11_heather [email protected] web11_heather [email protected] web11_heather mydomain.com VIRTUALDOMAIN [email protected] web11_admin [email protected] web11_admin [email protected] web11_admin [email protected] web11_admin [email protected] web11_admin [email protected] web11_heather [email protected] web11_heather [email protected] web11_heather www.mydomain2.com VIRTUALDOMAIN [email protected] web14_admin [email protected] web14_admin mydomain2.com VIRTUALDOMAIN [email protected] web14_admin [email protected] web14_admin www.mydomain3.com VIRTUALDOMAIN [email protected] web15_admin [email protected] web15_admin [email protected] web15_rickw [email protected] web15_rickw mydomain3.com VIRTUALDOMAIN [email protected] web15_admin [email protected] web15_admin [email protected] web15_rickw [email protected] web15_rickw www.mydomain4.com VIRTUALDOMAIN [email protected] web18_admin [email protected] web18_admin mydomain4.com VIRTUALDOMAIN [email protected] web18_admin [email protected] web18_admin www.mydomain5.com VIRTUALDOMAIN [email protected] web16_jim [email protected] web16_jim mydomain5.com VIRTUALDOMAIN [email protected] web16_jim [email protected] web16_jim #### MAKE MANUAL ENTRIES BELOW THIS LINE! #### local-host-names... Code: ################################### # # ISPConfig local-host-names Configuration File # Version 1.0 # ################################### localhost server.mydomain.com localhost.server.mydomain.com localhost.mydomain.com #### MAKE MANUAL ENTRIES BELOW THIS LINE! #### When I change back to sendmail style mail, all domains appear in local-host-names. But I think this is what should happen.
First, sendmail style works perefctly with postfix, so there is no need to change it zo postfix style. Is the user web11_admin listed in /etc/passwd ? What is the output of the command: hostname and hostname -f Please try to change: myhostname = mail.mydomain.com to: myhostname = server.mydomain.com and restart postfix.
That worked Till, thanks! Now we'll see how that goes for a while. The reason for changing is the sendmail style accepts messages to <systemuser>@anydomain.tld (ie: [email protected]) I have been unable to stop that from happening no matter what I do. I can't delete system users, so this may be the next best thing. My fear is that mail will be bounced and that can be as bad as an open relay.
As feared the change to sendmail started bouncing emails rather than rejecting them. I've returned to postfix style mail. I'd still like to reject system names (ie: [email protected]), but that doesn't seem possible.
Problem Solved This one took me forever to figure out. To stop mail from being accepted for mail@ addresses do the following: cd /etc/postfix Edit access and add the following line at the end of the file... mail@ accept_mynetworks,reject save and exit the editor and then type postmap hash:access Then in main.cf, under smtp_recipient_restrictions AFTER reject_unauth_destination add.. check_recipient_access hash:/etc/postfix/access save, reload postfix and now [email protected] will be rejected.
