I just moved a lot of clients, to my ISPConfig 3.2.7p1 multiserver setup with redundant mailservers. Only afterwards I realized that there are issues with missing X-Original-To headers. I found the following threads already addressing this: https://www.howtoforge.com/communit...inal-to-header-due-to-lmtp.85580/#post-411866 https://www.howtoforge.com/communit...ng-with-newly-setup-server-with-rspamd.82819/ https://forum.howtoforge.de/threads/x-original-to-header-geht-verloren-bei-postfix-dovecot.12284/ Since I'm still not an expert for mailserver configuration (and it is somewhat of time critical to get this to work) I'm worried to break (al least parts of) my setup. So I would very much appreciate a kind of step-by-step instruction to enable X-Original-To on my servers that includes some explanation of the consequences and how to ensure that the changes remain persistent through updates.
Does this reply help you out: https://www.howtoforge.com/communit...y-setup-server-with-rspamd.82819/#post-393988 You can make custom config upgrade proof easily: https://www.howtoforge.com/communit...-for-custom-postfix-and-dovecot-config.86559/
Thanks for your reply @Th0m. I tried to follow this: But my /etc/postfix/main.cf doesn't contain neither "flags" nor "DRhu". Same goes for /usr/local/ispconfig/server/conf-custom/install/dovecot_custom.conf.master and /etc/dovecot/conf.d/99-ispconfig-custom-config.conf Am I looking in the wrong place? I'm quite lost here.
The one thing related to X-Original-To in my /etc/postfix/main.cf seems to be Code: enable_original_recipient = no For some reason it is set to "no". According to the following default should be "yes". Is there any reason why it isn't used by ISPConfig?
It seems that this is related to this. What I don't get: Would just setting Code: enable_original_recipient = yes potentially break anything?
It seems that there was a commit that made a change to the installer regarding this: https://git.ispconfig.org/ispconfig/ispconfig3/-/commit/ef389a19fd51194fe421e5ace9568d018ad3ddcc I'm really afraid to make some change to the mailservers without entirely understanding the consequences.
Look in master.cf, not main.cf. That depends on your postfix version, and what you consider "broken" - it affects recipient deduplication as you quoted above, though I don't remember the details at this point (iirc, I get less duplicates from various mail forwards with 'no').
Thanks @Jesse Norell. Postfix version is: 3.4.14-0+deb10u1 My /etc/postfix/master.cf contains Code: maildrop unix - n n - - pipe flags=DRhu user=vmail argv=/usr/bin/maildrop -d vmail ${extension} ${recipient} ${user} ${nexthop} ${sender} and Code: dovecot unix - n n - - pipe flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop} So one more time to be sure not to get anything wrong. For getting the X-Original-To headers working I would have to (1) Change /etc/postfix/master.cf Code: maildrop unix - n n - - pipe flags=DRhu user=vmail argv=/usr/bin/maildrop -d vmail ${extension} ${recipient} ${user} ${nexthop} ${sender} to Code: maildrop unix - n n - - pipe flags=DROhu user=vmail argv=/usr/bin/maildrop -d vmail ${extension} ${recipient} ${user} ${nexthop} ${sender} and Code: dovecot unix - n n - - pipe flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop} to Code: dovecot unix - n n - - pipe flags=DROhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop} (2) Change /etc/postfix/main.cf Code: enable_original_recipient = no to Code: enable_original_recipient = yes This should get X-Original-To working with and the only possible downside is that maybe users get some more double email. So far so right? If the above is correct it would leave the problem of update persistence. As Th0m pointed out there is a way to ensure configuration persistence by using /usr/local/ispconfig/server/conf-custom/install/dovecot_custom.conf.master but I couldn't find much documentation about this. Can I use this for both files (main.cf and master.cf)? And if so: How exactly would I do that? Thanks a lot for your patience with me. I'm just really worried to produce any lost emails because of misconfiguration.
You should not use /usr/local/ispconfig/server/conf-custom/install/dovecot_custom.conf.master... It seems to me that it's obvious that you need /usr/local/ispconfig/server/conf-custom/install/postfix_custom.conf.master for Postfix conf This works for main.cf.
I don't believe 'maildrop' is used at all for dovecot systems, so you can ignore that one. The 'dovecot' service is what would need changed, and from a quick look at install/lib/installer_base.lib.php, that shouldn't be overwritten by an update (it only writes that line if 'dovecot' doesn't already exist, regardless of the content). Postfix changes should be made persistent as @Th0m mentioned. The only other thing I think you're missing is to actually use the dovecot service for delivery, rather than lmtp, which requires setting 'virtual_transport = dovecot' in main.cf (also tag_as_foreign.re and tag_as_originating.re use lmtp to send to amavis if you are using amavis, but I think you can leave those untouched for your purposes).
Ok, thank you both. So I summarize again in order to have one easy to follow step-by-step instruction. For getting the X-Original-To headers working one has to: (1) Change /etc/postfix/master.cf Code: dovecot unix - n n - - pipe flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop} to Code: dovecot unix - n n - - pipe flags=DROhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop} (2) Change /etc/postfix/main.cf Code: enable_original_recipient = no to Code: enable_original_recipient = yes and Code: virtual_transport = lmtp:unix:private/dovecot-lmtp to Code: virtual_transport = dovecot This gets X-Original-To headers working. Possible downside might be some more double email getting through. For making the hole thing update persistent one would furthermore have to (3) Add to /usr/local/ispconfig/server/conf-custom/install/postfix_custom.conf.master Code: enable_original_recipient = yes virtual_transport = dovecot If the /usr/local/ispconfig/server/conf-custom/install/postfix_custom.conf.master doesn't already exist (like on my system) just create it. It would be great if you would give one (hopefully) last feedback if this finally looks right. Thanks again to both of you. I can't wait to see all the nice "X-Original-To" headers appearing. ;-)
Hello again, after finally updating from 3.2.7p1 to 3.2.8p1 I found out, that there is still some error in this. The configuration didn't persist after the update. To be more specific: "virtual_transport" in my /etc/postfix/main.cf was set back to Code: virtual_transport = lmtp:unix:private/dovecot-lmtp So it seems that the last part of the step by step instructions don't work as they are intended. Would be great if you could have another look at it.
For safely customizing the config, see https://www.howtoforge.com/communit...-for-custom-postfix-and-dovecot-config.86559/
Thank you for the quick response @Th0m. It seems I need some additional help to figure out what I did wrong. I did as stated in the step by step instructions above: So I assumed that "virtual_transport = dovecot" would still be in effect after updating ISPConfig - but this didn't work out as hoped. Any idea where I might have gotten it wrong?
It looks like that value is set from a server update event (ie. editing the server config/settings), and does not use any template for that. You could write a little server plugin to catch that event and reset it, or something external (cronjob or montior main.cf for changes) which resets that when changed, but there is currently no way to prevent it when updating your server values.
Thanks @Th0m and @Jesse Norell for your help, again. The path and the file contents are correct/exactly as stated above. Well I guess a cronjob it will be then - even if it would be great not to need such workarounds just to enable (and keep enabled) a feature as basic as having "x-original-to" in the mail header. Have you already found out, where exactly this "server update event" comes from? Maybe there is some way to make it less configuration breaking.
It is when you edit the server config in System > Server Config or probably System > Server Services. Even changing tabs without changing any config values can trigger an update in my experience, you may not have to hit "Save".
