PDA

View Full Version : Howto: set up a mail server in Ubuntu



Pages : [1] 2 3

flurdy
June 1st, 2006, 05:42 PM
A how to for a complete step by step guide to install, configure and run
a mail server on a GNU / Linux system

The server includes theses programs:
Ubuntu + Postfix + Courier IMAP + MySQL + Amavisd-new + SpamAssassin + ClamAV + SASL + TLS + SquirrelMail + Postgrey

flurdy.com/docs/postfix (http://flurdy.com/docs/postfix)

The how to is now beeing upgraded to support dapper since it was released today.
It is extensive and widely used.

You can use it as extension or alternative to the guides on the wiki, E.g.
https://wiki.ubuntu.com/Postfix
https://wiki.ubuntu.com/PostfixBasicSetupHowto
https://wiki.ubuntu.com/PostfixVirtualMailBoxClamSmtpHowto
https://wiki.ubuntu.com/PostfixCompleteVirtualMailSystemHowto

Please discuss in this thread any issues or comments regarding this, the 5th edition for dapper.

Staff note: The following links are very old; please note that they may not apply to recent versions of Ubuntu.
For other version please use these threadsL
Breezy howto thread. (/showthread.php?t=97600)
Hoary howto thread. (/showthread.php?t=40047)

flurdy
June 2nd, 2006, 12:23 PM
Forgot to include the url! :)
first post edited to include it.

http://flurdy.com/docs/postfix

mossholderm
June 5th, 2006, 04:42 AM
FYI, its TLS (Transport Layer Security), not TSL :)

flurdy
June 5th, 2006, 06:08 PM
Thanks. :) cant spell in any language

woot
June 5th, 2006, 09:18 PM
woooah! can't wait to try this myself! Im on a laptop with dapper but my server at home, well server is a big word...call it a download pc :) is still running win2k but after the exams im planning to put dapper on it! looking forward to play around with the mail server thingy!

thnx for the howto

the_man_stephen
June 8th, 2006, 07:22 AM
Hi,

After following the guidelines set out in http://flurdy.com/docs/postfix I get an error saying "Invalid Zone Type: Local"

Can anyone help me out as I can't seem to find the solution to the problem anywhere online?

Cheers

Aeudian
June 9th, 2006, 07:57 PM
I am pretty far along in the guide, at the testing stage and i am having undeliverable mail. I am using postfix to smtp relay to an exchange server, i telnet into the device and am able to ehlo, mail from, rcpt to, and data, just fine and it queues up my mail message. But at the point watching the exchange server the email never nor does my system connect to the server with the email. i put my exchange server under relayhost in the main.cf and also changed 127.0.0.1 for mynetworks to my external ip's network.

Any idea whats wrong or how to debug the postfix step by step.

makan
June 26th, 2006, 06:24 PM
can i use postfixadmin (http://high5.net/postfixadmin/) to manage my posfix if i use your howto? :-k

FedeKrum
June 27th, 2006, 09:05 PM
Cant get to http://flurdy.com/docs/postfix .
The page it is not viewable.

Any other place to get this howto?

THX

RShadow
June 30th, 2006, 09:08 AM
SOLVED: I had an error in authmysqlrc .. now I just need to figure out how I can send mail to the outsideworld. If I send mail to an address in my domain it works fine.. but If I try and send mail to say my gmail account the server denies the relay request.

sorry for teh double posting... didn't realize there was a dapper thread

anways..

---
I am running into a small problem. Whenever I try to auth to check mail the login fails. I have verified that the password that is being send and the password stored in the mysql database match, so I can't figure out why it is failing.

However I have noticed the following in my logs


Jun 30 07:24:52 zues imaplogin: Connection, ip=[::ffff:xxx.xxx.xxx.xxx]
Jun 30 07:24:52 zues imaplogin: LOGIN: DEBUG: ip=[::ffff:xxx.xxx.xxx.xxx], command=CAPABILITY
Jun 30 07:24:53 zues imaplogin: LOGIN: DEBUG: ip=[::ffff:xxx.xxx.xxx.xxx], command=LOGIN
Jun 30 07:24:53 zues imaplogin: LOGIN: DEBUG: ip=[::ffff:xxx.xxx.xxx.xxx], username=user@domain
Jun 30 07:24:53 zues imaplogin: LOGIN: DEBUG: ip=[::ffff:xxx.xxx.xxx.xxx], password=cleartextpass
Jun 30 07:24:53 zues imaplogin: authdaemon: starting client module
Jun 30 07:24:53 zues imaplogin: authdaemon: TEMPFAIL - no more modules will be tried
Jun 30 07:24:58 zues imaplogin: LOGIN FAILED, ip=[::ffff:xxx.xxx.xxx.xxx]

stripped IP's and acutal domains/passwords/users.. any ideas what is wrong with my setup?

RShadow
June 30th, 2006, 03:00 PM
Well I have fixed my courier sasl problem, but now I am having a problem with smtpd sasl issues.

Whenever I am trying to send mail outside of my domain it is being rejected. Here are a few log's

mysql log


35 Connect mail@localhost on maildb
35 Query SELECT destination FROM aliases WHERE mail='mydomain' and enabled = 1
36 Connect mail@localhost on maildb
36 Query SELECT domain FROM domains WHERE domain='mydomain' and enabled = 1
060630 13:51:50 35 Query SELECT destination FROM aliases WHERE mail='gmail.com' and enabled = 1
36 Query SELECT domain FROM domains WHERE domain='gmail.com' and enabled = 1


What I find strange is that it is running a query looking for gmail.com which I know is failing... I can't possible list every domain that somebody might want to send mail too.. so I know something is arsed up in my cofigs somewhere.. I just can't seem to figure out where.

mail.log


Jun 30 13:51:50 zues postfix/smtpd[2787]: NOQUEUE: reject: RCPT from unknown[xxx.xxx.xxx.xxx]: 554 <theuser@gmail.com>: Relay access denied; from=<localuser@mydomain> to=<theuser@gmail.com> proto=ESMTP helo=<[192.168.2.2]>
Jun 30 13:51:51 zues postfix/smtpd[2787]: lost connection after RCPT from unknown[xxx.xxx.xxx.xxx]


main.cf (snippets of relevant stuff)


inet_interfaces = all
mynetworks_style = host

# requirements for teh sender details
smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_non_fqdn_sender, reject_unknown_sender_domain, reject_unauth_pipelining, permit

# requirements for the connectin server
smtpd_client_restrictions = reject_rbl_client relays.ordb.org, reject_rbl_client blackholes.easynet.n1, reject_rbl_client dnsb1.njab1.org

#adding the postgrey policy:
smtpd_recipient_restrictions = reject_unauth_pipelining, permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_unauth_destination, check_policy_service inet:127.0.0.1:60000, permit


smtpd_sasl_auth_enabled = yes
broken_sasl_auth_clients = yes
smtpd_sasl_path = /etc/postfix/sasl:/usr/lib/sasl2
smtpd_sasl_security_options = nonanonymous
smtpd_sasl_local_domain =

smtpd_use_tls = yes
smtpd_tls_cert_file = /etc/postfix/postfix.cert
smtpd_tls_key_file = /etc/postfix/postfix.key
smtpd_data_restrictions = reject_unauth_pipelining


smtpd.conf


pwcheck_method: auxprop
auxprop_plugin: sql
mech_list: plain login cram-md5 digest-md5
sql_engine: mysql
sql_hostnames: 127.0.0.1
sql_user: mail
sql_passwd: myubersecurepassword
sql_database: maildb
sql_select: select clear from users where id='%u@%r' and enabled = 1


any help would be appreciated.

herald
June 30th, 2006, 11:15 PM
SOLVED: I had an error in authmysqlrc .. now I just need to figure out how I can send mail to the outsideworld.

First, I'd like to apologize to Flurdy for posting my first request in the wrong thread...Didn't realize there was a whole other Dapper Drake thread! Sorry!

I'm probably being an idiot here, but where did you find the authmysqlrc file for dapper drake? I understand from the courier-authlibs information page that mysql support is integrated into that tarball, but after doing the "apt-cache search courier-authmysql", I can't seem to find the package, and therefore I have no authmysqlrc file...10 to 1 says that it has to be manually built from source code, but I'd like to have someone confirm or deny that. Thanks!
BTW, this is a AMD-64 build, so the repositories may be different?

leetcharmer
July 1st, 2006, 06:12 AM
the tutorial is too confusing for someone who is new. Please make it more newbie friendly, k thx~ :D

example: write in commands to edit / create files 'sudo vim /etc/postfix/(whatever)'

Also, be more precise and confident with the content: I want what you're offering, not something similar. Give me all the steps to make exactly what you have.

sebastian2
July 1st, 2006, 09:19 AM
/var/log/mail.log says:


Jul 1 10:07:14 mail postfix/smtpd[10067]: connect from some.host.com[1.2.3.4]
Jul 1 10:07:14 mail postfix/smtpd[10067]: warning: SASL authentication failure: no secret in database
Jul 1 10:07:14 mail postfix/smtpd[10067]: warning: some.host.com[1.2.3.4]: SASL CRAM-MD5 authentication failed
Jul 1 10:07:14 mail postfix/smtpd[10067]: warning: SASL authentication failure: Password verification failed
Jul 1 10:07:14 mail postfix/smtpd[10067]: warning: some.host.com[1.2.3.4]: SASL PLAIN authentication failed
Jul 1 10:07:14 mail postfix/smtpd[10067]: warning: some.host.com[1.2.3.4]: SASL LOGIN authentication failed
Jul 1 10:07:19 mail postfix/smtpd[10067]: warning: SASL authentication failure: no secret in database
Jul 1 10:07:19 mail postfix/smtpd[10067]: warning: some.host.com[1.2.3.4]: SASL CRAM-MD5 authentication failed
Jul 1 10:07:20 mail postfix/smtpd[10067]: warning: SASL authentication failure: Password verification failed
Jul 1 10:07:20 mail postfix/smtpd[10067]: warning: some.host.com[1.2.3.4]: SASL PLAIN authentication failed
Jul 1 10:07:23 mail postfix/smtpd[10067]: warning: some.host.com[1.2.3.4]: SASL LOGIN authentication failed
Jul 1 10:07:27 mail postfix/smtpd[10067]: lost connection after AUTH from some.host.com[1.2.3.4]
Jul 1 10:07:27 mail postfix/smtpd[10067]: disconnect from some.host.com[1.2.3.4]

while /var/log/mysql/mysql.log says nothing (it logs other queries, so logging itself seems to be ok)

/etc/postfix/sasl/smtpd.conf is


pwcheck_method: auxprop
auxprop_plugin: sql
mech_list: plain login cram-md5 digest-md5
sql_engine: mysql
sql_hostnames: 127.0.0.1
sql_user: someuser
sql_passwd: somepass
sql_database: somedb
sql_select: select clear from users where id='%u@%r' and enabled = 1

someuser with somepass is allowed do connect to use somedb at localhost. So where is the problem? It seems that postfix/sasl does not even try to connect to the database

RShadow
July 1st, 2006, 11:44 AM
Hmm.. no postfix gurus around? Still have not been able to solve this one.

as for my authmysqlrc file.. I had to create it myself in /etc/courier

Kurdt
July 3rd, 2006, 01:32 PM
Well, i am having a problem described here,

http://www.ubuntuforums.org/showthread.php?t=206591
(SASL per-process initialization failed)

Maybe posting here gives me more luck to find the solution and maybe flurdy sees my question.

Thanks

willytk
July 3rd, 2006, 05:30 PM
Has anyone managed to get amavisd-new to work with mysql-white/blacklisting (wbl). I've roughly followed http://www.ijs.si/software/amavisd/README.sql.txt and have managed to get amavisd to store the quarantined messages in a table...but I can not get it to look up the wbl table. There's no sign of the query in the mysql.log.

I've set $sql_select_white_black_list = 'SELECT wb FROM wblist,mailaddr WHERE (wblist.rid=?) AND (wblist.sid=mailaddr.id) AND (mailaddr.email IN (%k)) ORDER BY mailaddr.priority DESC' in the 50-user conf file amavis/conf.d

Anyone help me? Show me their amavis conf files? Thanks a lot!

Regards,
Willy T. Koch
Oslo, Norway

RShadow
July 4th, 2006, 05:41 AM
I think I posted this somewhere else, but if you are having trouble going through flurdy's guide then I would suggest you give this howto a try

http://workaround.org/articles/ispmail-sarge/

It worked perfectly for me, and it explains alot of what is going on as well. I guess it just made more sense to me, made me understand why I was doing what I was doing so when I did run into a few hitches (misspellings) I knew exactly where to look and was up and runnign with this guide in about 20 min.

the_idol
July 6th, 2006, 10:40 PM
Has anyone including the author been sucessful in this installation?

The Idol

viniosity
July 6th, 2006, 11:34 PM
Has anyone including the author been sucessful in this installation?
The Idol

I have not been.. I'm getting closer though. A few typos here and there messed me up. Right now I'm at the stage where I can access the courier imap via thunderbird but I can't send myself an email from anywhere (internal or external). I keep getting this error:




Jul 7 09:43:04 mail2 postfix/smtpd[4816]: connect from unknown[50.59.29.10]
Jul 7 09:43:04 mail2 postfix/smtpd[4816]: NOQUEUE: reject: RCPT from unknown[207.59.239.130]: 554 <viniosity@foo.net>: Relay access denied; from=<testaccount@gmail.com> to=<viniosity@foo.net> proto=ESMTP helo=<mail.gmail.com>


I've done lots of searching on google for 554 relay access denied but the solutions I found don't seem to apply to this scenario where domains are kept in the dbase instead of /etc/postfix/virtual

Any ideas?

neufena
July 7th, 2006, 08:17 PM
Hi,

Firstly thanks Flurdy for the howto, greetins from a fellow manc!

I've managed to get my server up and running really well, the only bit I can't seem to get sorted is the SASL for sending mail. By tailing the logs it appears that the auth is checking with the MySQL tables but not accepting my password as correct.

I've attached the relevent config files. I hope someone can help me fix the problem. let me know if you need any of the log files on any more info.

the_idol
July 8th, 2006, 07:16 AM
I got mine working finally by using a combination of flurdy's howto and this one mentioned earlier http://workaround.org/articles/ispmail-sarge/
Now that I've got it working I am now going work on making postfixadmin work with this setup and I'll be happy.

The Idol

viniosity
July 8th, 2006, 05:09 PM
the_idol: Could you give us a few hints as to what modifications you made to the flurdy docs to get going? I tried replacing my main.cf and master.cf files with the ones from neufena but am still getting the relay error when attempting to receive mail. Any tips would be appreciated..

tbird469
July 10th, 2006, 03:44 AM
After much hair pulling with getting postfix/smtp/sasl/mysql working, it turned out that I had trailing spaces at the end of each line from the copy/paste in the /etc/postfix/sasl/smtpd.conf

After removing the spaces from the file and reloading postfix all was well.

I was getting errors in /var/log/auth.log like these until I removed the trailing spaces:

postfix/smtpd[27381]: SQL engine 'mysql ' not supported
postfix/smtpd[27381]: auxpropfunc error no mechanism available
postfix/smtpd[27381]: _sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: sql

Other than that the howto was great.

caledfwlch
July 14th, 2006, 11:05 AM
I'm in need of some help,

I can't seem to be able to login to SquirrelMail. I double checked my authmysqlrc file and all the fields are set properly, double checked my db and everything's fine. The squirrelmail config test goes well. The test on Furby's site went well. I have no idea what else could be wrong.

This is my mail.log below, any ideas?

Jul 14 21:28:04 mail imaplogin: Connection, ip=[::ffff:127.0.0.1]
Jul 14 21:28:04 mail imaplogin: LOGIN: DEBUG: ip=[::ffff:127.0.0.1], command=LOGIN
Jul 14 21:28:04 mail imaplogin: LOGIN: DEBUG: ip=[::ffff:127.0.0.1], username=username@domain.tld
Jul 14 21:28:04 mail imaplogin: LOGIN: DEBUG: ip=[::ffff:127.0.0.1], password=mypassword
Jul 14 21:28:04 mail imaplogin: authdaemon: starting client module
Jul 14 21:28:04 mail imaplogin: authdaemon: TEMPFAIL - no more modules will be tried
Jul 14 21:28:09 mail imaplogin: LOGIN FAILED, ip=[::ffff:127.0.0.1]
Jul 14 21:28:09 mail imaplogin: LOGIN: DEBUG: ip=[::ffff:127.0.0.1], command=LOGOUT
Jul 14 21:28:09 mail imaplogin: LOGOUT, ip=[::ffff:127.0.0.1]

SquirrelMail config test:

SquirrelMail configtest

This script will try to check some aspects of your SquirrelMail configuration and point you to errors whereever it can find them. You need to go run conf.pl in the config/ directory first before you run this script.

SquirrelMail version: 1.4.6
Config file version: 1.4.0
Config file last modified: 14 July 2006 18:09:40
Checking PHP configuration...
PHP version 4.4.2-1build1 OK.
PHP extensions OK.
Checking paths...
Data dir OK.
Attachment dir OK.
Plugins are not enabled in config.
Themes OK.
Default language OK.
Base URL detected as: http://192.168.1.122/squirrelmail/src
Checking outgoing mail service....
SMTP server OK (220 mydomain.com ESMTP Postfix)
Checking IMAP service....
IMAP server ready (* OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA AUTH=CRAM-MD5 AUTH=CRAM-SHA1 IDLE ACL ACL2=UNION STARTTLS] Courier-IMAP ready. Copyright 1998-2004 Double Precision, Inc. See COPYING for distribution information.)
Capabilities: * CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA AUTH=CRAM-MD5 AUTH=CRAM-SHA1 IDLE ACL ACL2=UNION STARTTLS
Checking internationalization (i18n) settings...
gettext - Gettext functions are available. You must have appropriate system locales compiled.
mbstring - Mbstring functions are available.
recode - Recode functions are unavailable.
iconv - Iconv functions are available.
timezone - Webmail users can change their time zone settings.
Checking database functions...
PHP Pear DB support is present.
mysql database support present.
preferences database connect successful.
mysql database support present.
addressbook database connect successful.
mysql database support present.
global addressbook database connect successful.

Congratulations, your SquirrelMail setup looks fine to me!

caledfwlch
July 14th, 2006, 11:07 AM
I'm in need of some help,

I can't seem to be able to login to SquirrelMail. I double checked my authmysqlrc file and all the fields are set properly, double checked my db and everything's fine. The squirrelmail config test goes well. The test on Furby's site went well. I have no idea what else could be wrong.

This is my mail.log below, any ideas?

Jul 14 21:28:04 mail imaplogin: Connection, ip=[::ffff:127.0.0.1]
Jul 14 21:28:04 mail imaplogin: LOGIN: DEBUG: ip=[::ffff:127.0.0.1], command=LOGIN
Jul 14 21:28:04 mail imaplogin: LOGIN: DEBUG: ip=[::ffff:127.0.0.1], username=username@domain.tld
Jul 14 21:28:04 mail imaplogin: LOGIN: DEBUG: ip=[::ffff:127.0.0.1], password=mypassword
Jul 14 21:28:04 mail imaplogin: authdaemon: starting client module
Jul 14 21:28:04 mail imaplogin: authdaemon: TEMPFAIL - no more modules will be tried
Jul 14 21:28:09 mail imaplogin: LOGIN FAILED, ip=[::ffff:127.0.0.1]
Jul 14 21:28:09 mail imaplogin: LOGIN: DEBUG: ip=[::ffff:127.0.0.1], command=LOGOUT
Jul 14 21:28:09 mail imaplogin: LOGOUT, ip=[::ffff:127.0.0.1]

SquirrelMail config test:

SquirrelMail configtest

This script will try to check some aspects of your SquirrelMail configuration and point you to errors whereever it can find them. You need to go run conf.pl in the config/ directory first before you run this script.

SquirrelMail version: 1.4.6
Config file version: 1.4.0
Config file last modified: 14 July 2006 18:09:40
Checking PHP configuration...
PHP version 4.4.2-1build1 OK.
PHP extensions OK.
Checking paths...
Data dir OK.
Attachment dir OK.
Plugins are not enabled in config.
Themes OK.
Default language OK.
Base URL detected as: http://192.168.1.122/squirrelmail/src
Checking outgoing mail service....
SMTP server OK (220 mydomain.com ESMTP Postfix)
Checking IMAP service....
IMAP server ready (* OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA AUTH=CRAM-MD5 AUTH=CRAM-SHA1 IDLE ACL ACL2=UNION STARTTLS] Courier-IMAP ready. Copyright 1998-2004 Double Precision, Inc. See COPYING for distribution information.)
Capabilities: * CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA AUTH=CRAM-MD5 AUTH=CRAM-SHA1 IDLE ACL ACL2=UNION STARTTLS
Checking internationalization (i18n) settings...
gettext - Gettext functions are available. You must have appropriate system locales compiled.
mbstring - Mbstring functions are available.
recode - Recode functions are unavailable.
iconv - Iconv functions are available.
timezone - Webmail users can change their time zone settings.
Checking database functions...
PHP Pear DB support is present.
mysql database support present.
preferences database connect successful.
mysql database support present.
addressbook database connect successful.
mysql database support present.
global addressbook database connect successful.

Congratulations, your SquirrelMail setup looks fine to me!

Edit: I changed the username/password fields in the log file here to hide it, it is passing that info correctly.

Meant to edit the first post, not reply. ](*,)

caledfwlch
July 17th, 2006, 06:38 AM
It might not be a problem with SquirrelMail afterall, when trying to connect to courier from telnet I get:

telnet localhost 143
A01 LOGIN myuser@mydomain.com mypassword
A01 NO Login failed.

Would anyone have any clues? I'm at a real loss.

Edit:

Nevermind, was a typo in my authmysqlrc file... Two and a half days of debugging for a typo. Weee. Log files are now my best friend.

Edit The Second:

Just wanted to pass along a thank you to Flurdy, great tut! After haggling with a few minor issues that were entirely of my own doing, I've got a email server running, sending and receiveing without a hitch to the postmaster account. Cheers!

matko
July 20th, 2006, 11:24 PM
hello. after i succesfully login with SquirrelMail version 1.4.4 i get error


Preference database error (no such field). Exiting abnormally

is it problem with postfix, squid or mysql?

than you

crilen007
July 21st, 2006, 06:42 PM
I went through the entire setup, but I can't seem to Telnet to my postfix server from localhost.

It starts up ok, and without error. Not sure what files one may need to help with this.

elvis
July 25th, 2006, 04:02 AM
Another "thank you" to Flurdy for the great guide. Your time and effort is greatly appreciated.

I've followed the guide and learned a LOT about postfix and courier (coming from a sendmail/cyrus background, and wanting to learn something different). Mail seems to be arriving where it ought to, which is a good thing.

One problem I have however is I can't log into the Courier-IMAP server from mutt. I don't know if this is a mutt problem, an SASL problem, or something else.

I open mutt, tell it to connect (press "c") and feed it imap://user:pass@servername . It finds the TLS certificitate fine, tells me it's authenticating via CRAM-MD5, and then gives me a "SASL Authentication Failed" error.

My logfiles look like this:


Jul 25 10:19:46 localhost imaplogin: Connection, ip=[::ffff:127.0.0.1]
Jul 25 10:19:46 localhost imaplogin: LOGIN: DEBUG: ip=[::ffff:127.0.0.1], command=CAPABILITY
Jul 25 10:19:46 localhost imaplogin: LOGIN: DEBUG: ip=[::ffff:127.0.0.1], command=STARTTLS
Jul 25 10:19:47 localhost imaplogin: LOGIN: DEBUG: ip=[::ffff:127.0.0.1], command=CAPABILITY
Jul 25 10:19:48 localhost imaplogin: LOGIN: DEBUG: ip=[::ffff:127.0.0.1], command=AUTHENTICATE
Jul 25 10:19:51 localhost imaplogin: authdaemon: starting client module
Jul 25 10:19:51 localhost imaplogin: authdaemon: REJECT
Jul 25 10:19:56 localhost imaplogin: LOGIN FAILED, ip=[::ffff:127.0.0.1]
Jul 25 10:19:58 localhost imaplogin: LOGIN: DEBUG: ip=[::ffff:127.0.0.1], command=LOGOUT


Now if I telnet it instead, I get the following:



# telnet localhost 143
Trying 127.0.0.1...
Connected to localhost.localdomain.
Escape character is '^]'.
* OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA AUTH=CRAM-MD5 AUTH=CRAM-SHA1 IDLE ACL ACL2=UNION STARTTLS] Courier-IMAP ready. Copyright 1998-2004 Double Precision, Inc. See COPYING for distribution information.
imap login user@servername pass
imap OK LOGIN Ok.
imap logout
* BYE Courier-IMAP server shutting down
imap OK LOGOUT completed
Connection closed by foreign host.


And the logs:


Jul 25 12:53:29 localhost imaplogin: Connection, ip=[::ffff:127.0.0.1]
Jul 25 12:53:47 localhost imaplogin: LOGIN: DEBUG: ip=[::ffff:127.0.0.1], command=LOGIN
Jul 25 12:53:47 localhost imaplogin: LOGIN: DEBUG: ip=[::ffff:127.0.0.1], username=user@servername
Jul 25 12:53:47 localhost imaplogin: LOGIN: DEBUG: ip=[::ffff:127.0.0.1], password=pass
Jul 25 12:53:47 localhost imaplogin: authdaemon: starting client module
Jul 25 12:53:47 localhost imaplogin: authdaemon: ACCEPT, username user@servername
Jul 25 12:53:47 localhost imaplogin: LOGIN, user=user@servername, ip=[::ffff:127.0.0.1], protocol=IMAP
Jul 25 12:56:34 localhost imaplogin: LOGOUT, user=user@servername, ip=[::ffff:127.0.0.1], headers=0, body=0, time=167


Is someone able to shed some light on this? The box is in another location, so I'm unable to test it locally with a GUI client like mozilla-thunderbird, etc. I will try to get near it eventually and test with other clients. Is mutt the problem? Or did I break something?

[edit]
World's quickest edit! The username is "user@servername". When using mutt and telling it to connect to imap://user:pass@servername, the username is only "user".

Instead, I now tell mutt to connect to "imap://servername". It prompts me for a username, which I enter as "user@servername" (ie: the complete entry from "id" column from the "users" table) and the correct password, and I am in.

Sometimes you just need to talk out your problem, and the solution becomes clear.

And once again, thanks heaps to Flurdy for the clear and concise guide. Great software is nothing without people who take the time to explain/howto it.

wwinfrey
July 26th, 2006, 09:54 PM
Great tutorial, thanks for the update for Dapper.

However, I'm wondering, how would I set up server-side mail filtering? I come from a qmail/vpopmail background, where I'm able to use .qmail files to pipe the incoming mail into a Perl script employing Mail::Audit that will sort my mail into different destination folders. Mail::Audit works just fine with Maildir directories so that's not an issue.

TIA

Criocaps
August 8th, 2006, 04:23 PM
Hello,

I'have follow the first part of Flurdy tutorial (excluding the security part) and try to make it works (receive, send e-mail...)

I've the following problem :

I can send e-mail with postfix from server to another adress
I can send e-mail from outside to the server and i see that it comes in because i see it in the queue and the aliases working well too...

But :
I can connect to the server with a mail client to fetch the mails.
It prompt me for user/password and refuse it.

Any clue ?

Thanks a lot,

Didier.

NeoFax
August 10th, 2006, 01:45 AM
Postfix is not delivering my email to the /var/spool/mail/virtual/user directory. It is just dropping all of the email to /var/spool/mail/terry mbox file. Where should I change my main.cf to make it deliver to the maildir folder?

jjtechno
August 10th, 2006, 03:43 AM
Thanks you saved me a bunch of trouble.
regards

NeoFax
August 10th, 2006, 11:42 PM
Hello,

I'have follow the first part of Flurdy tutorial (excluding the security part) and try to make it works (receive, send e-mail...)

I've the following problem :

I can send e-mail with postfix from server to another adress
I can send e-mail from outside to the server and i see that it comes in because i see it in the queue and the aliases working well too...

But :
I can connect to the server with a mail client to fetch the mails.
It prompt me for user/password and refuse it.

Any clue ?

Thanks a lot,

Didier.

For the username are you using user@domain? I had problems until I did this.

Criocaps
August 18th, 2006, 01:41 PM
I finally found and correct the problem...

1 Indeed i need to use user@domain as user in pop3 login, thanks Neofax !
2 I found also somes typos

But how can i use the real username in place of user@domain ?

crilen007
August 23rd, 2006, 08:15 PM
I'm getting a Maildir invalud, no 'cur' directory error when trying to check mail

Any ideas on whats causing this or where I can create a cur directory?
Where I can see if one exists?

crilen007
August 23rd, 2006, 09:55 PM
Well I fixed that (Ran makemaildir) and now pop3 and squirrelmail work ok.

However, I can't seem to send messages to the server.

it tells me the mailbox is unavailable.

I checked mysql and the entries are ok for maildir and home and all that.

I did chown to the maildir, and the users folder inside that folder with the virtual:virtual thing.

Any ideas? Do you need to see any file logs?

bonyari
August 25th, 2006, 04:40 PM
How can I integrate procmail and spamassassin per virutal domain/users. I see that there was a procmailrc and spamassassinrc field added to the users table. Any pointer to documentation is appreciated.

Thanks

Kurdt
August 29th, 2006, 01:44 PM
Hi, i made a question here http://www.ubuntuforums.org/showthread.php?t=245165 about a problem with foreign bounces and FQDN i am experiencing, maybe someone or flurdy can help me and that's why i post it also here.

Thanks!! ;)

elvis
August 30th, 2006, 01:47 AM
I finally found and correct the problem...

1 Indeed i need to use user@domain as user in pop3 login, thanks Neofax !
2 I found also somes typos

But how can i use the real username in place of user@domain ?

Yeah, I had the same problem (see page 3 of this thread - it had the same solution).

To make the usernames not contain the domain name (ie: to make them "user" and not "user@domain"), you need to do the following:

1) In the table "users" the guide specifies that each 'id' feild is "user@domain". Change this to just "user" and that will be the logon name for your mail client.

2) In the table "aliases" you have a pair of values 'mail' and 'destination'. Change the 'destination' to match the 'id' field from the "users" table.

So for instance if I had the table "users" with an entry:

id: elvis@mydomain.com
name: elvis
uid: 5000
gid: 5000
home: /var/spool/mail/virtual
maildir: elvis/
enabled: 1
change_password: 1
clear: elvispass
etc...

and the table "aliases" with an entry:
pkid: 1
mail: elvis@mydomain.com
destination: elvis@mydomain.com

I would change these to:

table users:
id: elvis
name: elvis
uid: 5000
gid: 5000
home: /var/spool/mail/virtual
maildir: elvis/
enabled: 1
change_password: 1
clear: elvispass
etc...

table aliases:
pkid: 1
mail: elvis@mydomain.com
destination: elvis

Just make sure that for every user account there is an alias pointing to it, or your mail will not be delivered! You can have aliases pointing to multiple accounts (say for instance a "staff@domain.com" alias that points to all user accounts "elvis,priscilla,lisa" - sort of an easy mailing list setup).

You can also have multiple aliases for the same account (say alias "elvis@mydomain.com" pointing to account "elvis" as well as alias "elvis@someotherdomain.com" also pointing to the user account "elvis", and a third "thefatguy@mydomain.com" pointing there as well - this way all of those aliases land in the same inbox).

Hope that helps.

Truster
September 13th, 2006, 09:14 AM
Hi.

I have set up an email server as descripted in the howto on Ubuntu server 6.0.6. Everything seems to be work fine, i can login via terminal, but when i try to login with squirrelmail, i always geht the folowing error: at the top: ERROR: Could not complete request.
Query: SELECT "INBOX"
Reason Given: Unable to open this mailbox.

At left side: ERROR: Connection dropped by IMAP server.
Query: SUBSCRIBE "INBOX.Sent"

no more Infos at syslog etc :(

elvis
September 14th, 2006, 03:45 AM
I was wondering if anyone has a good autoreply guide that works with this setup. I've tried a few, but they constantly fail. I've made a new transport called "autoreply:", and I've told the system that any messages being sent to "autoreply.mydomain.com" is to be sent by that transport instead of the "virtual:" transport (as specified in the "domains" table).

But I keep getting errors telling me that the user at that domain is not found, which looks like it's not using the correct transport and instead it's looking for a particular mailbox.

If anyone can offer any advice, I'm all ears.

elvis
September 14th, 2006, 06:44 AM
This is twice in a row now where I've asked a question and answered it myself. Maybe I should have a bit more patience before I post questions to the forums? :)

The problem was not defining the transport_maps which I've got sorted out now.

Anyways... I've set up autoreply / autoresponder / vactaion email notices (whatever you want to call it). I did the following:

1) In /etc/postfix/main.cf was the following as per flurdy's guide:


# this is how to connect to the domains (all virtual, but the option is there)
# not used yet
# transport_maps = mysql:/etc/postfix/mysql_transport.cf


I uncommented the last line:


# this is how to connect to the domains (all virtual, but the option is there)
# not used yet
transport_maps = mysql:/etc/postfix/mysql_transport.cf


2) I created a /etc/postfix/mysql_transport.cf file which looked up the "transport" field of the "domains" table:


user=database_username
password=database_password
dbname=maildb
table=domains
select_field=transport
where_field=domain
hosts=127.0.0.1
additional_conditions = and enabled = 1


3) I added the transport type "autoreply" to /etc/postfix/master.cf:


autoreply unix - n n - - pipe
flags= user=nobody argv=/etc/postfix/autoreply $sender $mailbox


4) I created an executable script /etc/postfix/autoreply :


mail -s"Fireworks Digital Autoreply From: <$2>" $1 < /etc/postfix/autoreply_message

Make sure you chmod 755 the file to make it executable.

And with it, the text /etc/postfix/autoreply_message to go with it (make this whatever you want).

5) Into the table "domains" I added the row domain="autoreply.mydomain.com" transport="autoreply:" (note the trailing ":" - it is important).

Basically that's it. Now autoreply is working. To enable a user to be set to autoreply, in the "aliases" table, add the destination "user@autoreply.mydomain.com". What happens is the mail server looks up the domain "autoreply.mydomain.com", see's the transport is the unix pipe to the script /etc/postfix/autoreply, which in turn fires an email back at the original sender with the message attached!

And with that working, my client can now take holidays. Wish I could too. :)

cdnwetzel
September 16th, 2006, 04:34 PM
Aside from a few typos I seem to have done alright following the howto, I can send from squirrelmail, but I can't seem to receive mail. From tail -f /var/log/mail.info, I get the following:



Jul 29 17:41:41 cwetzel postfix/qmgr[4859]: 2549D2BDF6: from=<cdnwetzel@comcast.net>, size=1216, nrcpt=1 (queue active)
Jul 29 17:41:41 cwetzel postfix/local[4936]: 2549D2BDF6: to=<chris@cwetzel.com>, relay=local, delay=1, status=sent (delivered to mailbox)
Jul 29 17:41:41 cwetzel postfix/qmgr[4859]: 2549D2BDF6: removed
Jul 29 17:41:42 cwetzel postfix/smtpd[4930]: disconnect from sccrmhc12.comcast.net[204.127.200.82]


So it seems to me that the message hits the incoming queue, is sent to my mailbox, but when I view squirrelmail there's no new mail. I have tried sending from myself to myself, and from comcast.net and my work e-mail, and everytime the same result. Any ideas what I might have missed?

cdnwetzel
September 17th, 2006, 09:36 PM
Postfix is not delivering my email to the /var/spool/mail/virtual/user directory. It is just dropping all of the email to /var/spool/mail/terry mbox file. Where should I change my main.cf to make it deliver to the maildir folder?

NeoFax, did you find an answer to this? I'm afraid I'm at the same point you got stuck at in this post. Everything appears to work, except that I never see any e-mail in Squirrelmail and I found all my mail is showing up in the same /var/spool/mail/$USER mbox rather than /var/spool/mail/virtual/$USER Any help would be great. Thanks.

Truster
September 18th, 2006, 08:09 AM
Suggestions about TLS/SSL:

When you create the Certificate as descripted in the howto, you can't use Outlook (Express) because you have no valid Certificate installed.

Here is a little Workaround to create Certificates with a self-signed root certificate.

i suggest to create a CA Certificate with the CA.pl script
e.g

/usr/lib/ssl/misc/CA.pl -newca
hit RETURN

Enter the required information

Example:

Making CA certificate ...
Generating a 1024 bit RSA private key
.................................++++++
...............++++++
writing new private key to './demoCA/private/cakey.pem'
Enter PEM pass phrase:
Verifying - Enter PEM pass phrase:
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:AT
State or Province Name (full name) [Some-State]:AUSTRIA
Locality Name (eg, city) []:MYCITY
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Rast + Ruh GmbH
Organizational Unit Name (eg, section) []:
Common Name (eg, YOUR name) []:Mailserver Root Certificate Authority
Email Address []:webmaster@mailserver.abc

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
Using configuration from /usr/lib/ssl/openssl.cnf
Enter pass phrase for ./demoCA/private/cakey.pem:
Check that the request matches the signature
Signature ok
Certificate Details:
Serial Number:
ab:c2:1e:02:cb:e0:eb:71
Validity
Not Before: Sep 15 12:16:49 2006 GMT
Not After : Sep 12 12:16:49 2016 GMT
Subject:
countryName = AT
stateOrProvinceName = AUSTRIA
organizationName = Rast + Ruh GmbH
commonName = Mailserver Root Certificate Authority
emailAddress = webmaster@mailserver.abc
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Comment:
OpenSSL Generated Certificate
X509v3 Subject Key Identifier:
DF:33:B9:82:B0:26:3A:99:4C:B9:41:C3:09:45:CA:79:7D :4B:67:85
X509v3 Authority Key Identifier:
keyid:DF:33:B9:82:B0:26:3A:99:4C:B9:41:C3:09:45:CA :79:7D:4B:67:85

Certificate is to be certified until Sep 12 12:16:49 2016 GMT (3650 days)

Write out database with 1 new entries
Data Base Updated


You have to remember the choosen phassphrase. you will need it later to sign the certificate

Now let's create the private key with:

/usr/lib/ssl/misc/CA.pl -newreq-nodes

Fill out the required field as you have it done before.
REMEMBER: The common name (CN) must be the server adress eg sv00.mydomain.at


Generating a 1024 bit RSA private key
.................++++++
.........++++++
writing new private key to 'newkey.pem'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:AT
State or Province Name (full name) [Some-State]:AUSTRIA
Locality Name (eg, city) []:MYCITY
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Rast + Ruh GMBH
Organizational Unit Name (eg, section) []:
Common Name (eg, YOUR name) []:sv00.mydomain.at
Email Address []:

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
Request is in newreq.pem, private key is in newkey.pem


So we have the required certificate to self-sign our one with:

/usr/lib/ssl/misc/CA.pl -sign

This will self-sign our certificate with our own CA-Certificate


Using configuration from /usr/lib/ssl/openssl.cnf
Enter pass phrase for ./ChatfreakCA/private/cakey.pem:
Check that the request matches the signature
Signature ok
Certificate Details:
Serial Number:
ab:c2:1e:02:cb:e0:eb:72
Validity
Not Before: Sep 15 12:22:25 2006 GMT
Not After : Sep 12 12:22:25 2016 GMT
Subject:
countryName = AT
stateOrProvinceName = AUSTRIA
localityName = MYCITY
organizationName = Rast + Ruh GMBH
commonName = sv00.mydomain.at
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Comment:
OpenSSL Generated Certificate
X509v3 Subject Key Identifier:
22:AA:9C:E1:9E:3C:B3:B4:A4:6C:7C:1E:76:54:D0:20:33 :7C:0C:FA
X509v3 Authority Key Identifier:
keyid:12:E2:B5:E0:E2:69:E3:F8:10:1D:82:F5:9D:B7:AE :3B:11:E2:FA:14

Certificate is to be certified until Sep 12 12:22:25 2016 GMT (3650 days)
Sign the certificate? [y/n]:y


1 out of 1 certificate requests certified, commit? [y/n]y
Write out database with 1 new entries
Data Base Updated
Signed certificate is in newcert.pem


now type ls and see, wat we have, it should look like this

demoCA newcert.pem newkey.pem newreq.pem
You can copy newcert.pem and newkey.pem to your /etc/postfix directory and update the main.cf file

To use the certificate with courier, both (key and certificate) file must be in one file. You can do this with:

root@test:~# cat newkey.pem >> imapd.pem
root@test:~# cat newcert.pem >> imapd.pem

and copy the new file to /etc/courier/

now cd to demoCA

you'll find a file named cacert.pem

you can use this file to import it in Internet Explorer/Outlook/Entourage/

This will result in no nag of wrong root Certificate :)

Hint: you can edit the /usr/lib/ssl/misc/CA.pl and /usr/lib/ssl/openssl.cnf to adjust paths, date, and other settings

Truster
September 18th, 2006, 09:07 AM
Aside from a few typos I seem to have done alright following the howto, I can send from squirrelmail, but I can't seem to receive mail. From tail -f /var/log/mail.info, I get the following:



Jul 29 17:41:41 cwetzel postfix/qmgr[4859]: 2549D2BDF6: from=<cdnwetzel@comcast.net>, size=1216, nrcpt=1 (queue active)
Jul 29 17:41:41 cwetzel postfix/local[4936]: 2549D2BDF6: to=<chris@cwetzel.com>, relay=local, delay=1, status=sent (delivered to mailbox)
Jul 29 17:41:41 cwetzel postfix/qmgr[4859]: 2549D2BDF6: removed
Jul 29 17:41:42 cwetzel postfix/smtpd[4930]: disconnect from sccrmhc12.comcast.net[204.127.200.82]


So it seems to me that the message hits the incoming queue, is sent to my mailbox, but when I view squirrelmail there's no new mail. I have tried sending from myself to myself, and from comcast.net and my work e-mail, and everytime the same result. Any ideas what I might have missed?

as i can see, your reley is local. on my server it's virtual and dropped into the correct folder:

Sep 18 10:04:43 sv00 postfix/smtp[31797]: 723598BC47: to=<webmaster@example.at>, relay=127.0.0.1[127.0.0.1], delay=2, status=sent (250 2.6.0 Ok, id=31336-01, from MTA([127.0.0.1]:10025): 250 Ok: queued as CCBF48BC52)
Sep 18 10:04:43 sv00 postfix/qmgr[31787]: 723598BC47: removed
Sep 18 10:04:43 sv00 postfix/virtual[31803]: CCBF48BC52: to=<truster@example.at>, orig_to=<webmaster@example.at>, relay=virtual, delay=0, status=sent (delivered to maildir)

mabybe some configuration errors in: main.cf master.cf mysql_*.cf ?

Truster
September 18th, 2006, 09:08 AM
/delete

cdnwetzel
September 19th, 2006, 04:44 AM
Sep 18 23:27:26 cwetzel postfix/smtpd[10454]: connect from localhost[127.0.0.1]
Sep 18 23:27:26 cwetzel postfix/smtpd[10454]: 5C6342BF1D: client=localhost[127.0.0.1]
Sep 18 23:27:26 cwetzel postfix/cleanup[10456]: 5C6342BF1D: message-id=<1579.68.44.63.212.1158633922.squirrel@webmail.cwet zel.com>
Sep 18 23:27:26 cwetzel postfix/qmgr[10444]: 5C6342BF1D: from=<chris@cwetzel.com>, size=1144, nrcpt=1 (queue active)
Sep 18 23:27:26 cwetzel amavis[10318]: (10318-02) FWD via SMTP: <chris@cwetzel.com> -> <chris@cwetzel.com>, BODY=8BITMIME, 250 2.6.0 Ok, id=10318-02, from MTA([127.0.0.1]:10025): 250 Ok: queued as 5C6342BF1D
Sep 18 23:27:26 cwetzel amavis[10318]: (10318-02) Passed CLEAN, LOCAL [127.0.0.1] [68.44.63.212] <chris@cwetzel.com> -> <chris@cwetzel.com>, Message-ID: <1579.68.44.63.212.1158633922.squirrel@webmail.cwet zel.com>, mail_id: 6COCScsQNwwQ, Hits: -0.89, 2469 ms
Sep 18 23:27:26 cwetzel amavis[10318]: (10318-02) TIMING [total 2484 ms] - SMTP EHLO: 9 (0%)0, SMTP pre-MAIL: 4 (0%)1, mkdir tempdir: 1 (0%)1, create email.txt: 1 (0%)1, SMTP pre-DATA-flush: 7 (0%)1, SMTP DATA: 29 (1%)2, body_digest: 3 (0%)2, gen_mail_id: 1 (0%)2, mkdir parts: 2 (0%)2, mime_decode: 26 (1%)3, get-file-type1: 56 (2%)6, decompose_part: 21 (1%)6, parts_decode: 0 (0%)6, AV-scan-1: 1023 (41%)48, AV-scan-2: 1 (0%)48, spam-wb-list: 8 (0%)48, SA msg read: 2 (0%)48, SA parse: 8 (0%)48, SA check: 870 (35%)83, update_cache: 4 (0%)84, fwd-connect: 112 (5%)88, fwd-mail-from: 6 (0%)88, fwd-rcpt-to: 174 (7%)95, write-header: 5 (0%)96, fwd-data: 2 (0%)96, fwd-data-end: 53 (2%)98, fwd-rundown: 4 (0%)98, main_log_entry: 41 (2%)100, update_snmp: 5 (0%)100, unlink-1-files: 3 (0%)100, rundown: 1 (0%)100
Sep 18 23:27:26 cwetzel postfix/smtpd[10454]: disconnect from localhost[127.0.0.1]
Sep 18 23:27:26 cwetzel postfix/smtp[10450]: 8CCFE2BEA2: to=<chris@cwetzel.com>, relay=127.0.0.1[127.0.0.1], delay=2524, status=sent (250 2.6.0 Ok, id=10318-02, from MTA([127.0.0.1]:10025): 250 Ok: queued as 5C6342BF1D)
Sep 18 23:27:26 cwetzel postfix/qmgr[10444]: 8CCFE2BEA2: removed
Sep 18 23:27:26 cwetzel postfix/local[10449]: 5C6342BF1D: to=<chris@cwetzel.com>, relay=local, delay=0, status=sent (delivered to mailbox)
Sep 18 23:27:26 cwetzel postfix/qmgr[10444]: 5C6342BF1D: removed


Well, I went over those files... admittedly, I cound't find the issue, however, if you reference my newest post from my mail.info, it seems going over my master.cf/main.cf has accidently fixed something in terms of my content filtering, which now appears in the log entry. ](*,) Attached are my master.cf, main.cf, mysql_mailbox.cf, and mail.info for anyone who can help review and see if there are typos. If you need anything else, please ask. Thanks for all the help! :D

Truster
September 19th, 2006, 09:29 AM
@cdnwetzel: Read your Logs

It semms that your ClamAV Scanner is broken

Sep 18 23:27:24 cwetzel amavis[10318]: (10318-02) ClamAV-clamd: Can't send to socket /var/run/clamav/clamd.ctl: Transport endpoint is not connected, retrying (1)

and it always says Transprot: local

Make sure, that postfix can access the mysql DB

tail -f the mysql log and send a mail to your account and see what's happen

and...... . holy ****, you have a fatal error in your master.cf

Example of your file:
smtp inet n - - - - smtpd
-o cleanup_service_name=pre-cleanup
You have two separated lines
-o blahblah is a new line in your config but it must belong to the line above
that means, you have to tab or space to the second line, DO NOT HIT ENTER

fix this issue in all lines, and try it again

Good Luck ;)

cdnwetzel
September 20th, 2006, 03:20 AM
I'm going to continue going over those files and check spaces and tabs, I found loads of lines spaced in 5-6 times rather than tabbed, I'm attaching my mysql.log in case that might show something useful, it all seemed normal to me, no errors that is...

cdnwetzel
September 20th, 2006, 03:37 AM
Thank you for all your help, I found the more I reviewed those files the more I found slight typos. I had my mysql_domains.cf duplicating my aliases, rather than querying the right tables and fields. I then found once I fixed that, I had put my domain name in mydestination also (hence the local relay), once I removed that line, everything works! Mail now goes to my maildir, rather than an mbox! Thanks for pushing me the right direction (the one that pointed the finger back at me, LOL). :D

achra
September 25th, 2006, 02:55 AM
Much thanks for this great howto.. I've learned a lot troubleshooting it, and I've finally got a working mailserver.

However, I can't send mail from outside my home network. If I'm outside the trusted network and attempt to send via my smtp server, I get greylisted.. Any ideas on how to do this? I understand why it's happening, but is there a way to not greylist a foreign host if I am logging in with a valid mail login?

Thanks,
-Achra

artioli1984
September 26th, 2006, 10:06 AM
Hi all, i'm new to postfix, i try to install it with this tutorial, now it running, but when i test system it can't send messages
](*,)
my telnet:

root@ubuntu:/home/davide# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 ubuntu.d-one.info ESMTP Postfix (Ubuntu)
EHLO ubuntu
250-ubuntu.d-one.info
250-PIPELINING
250-SIZE 10240000
250-ETRN
250-STARTTLS
250 8BITMIME
MAIL FROM: <gianmarco.artioli@poste.it>
250 Ok
RCPT TO: <xandros@lala.com>
Connection closed by foreign host.

I force stop postfix because it loops on recipient.

root@ubuntu:/home/davide# tail -f /var/log/mail.log

root@ubuntu:/home/davide# tail -f /var/log/mail.log
Sep 26 09:49:01 ubuntu postfix/master[7504]: daemon started -- version 2.2.10, c onfiguration /etc/postfix
Sep 26 09:49:05 ubuntu postfix/smtpd[7509]: connect from localhost[127.0.0.1]
Sep 26 09:50:04 ubuntu postfix/smtpd[7509]: warning: connect #1 to subsystem public/cleanup: Connection refused
Sep 26 09:50:14 ubuntu postfix/smtpd[7509]: warning: connect #2 to subsystem public/cleanup: Connection refused
Sep 26 09:50:24 ubuntu postfix/smtpd[7509]: warning: connect #3 to subsystem public/cleanup: Connection refused
Sep 26 09:50:34 ubuntu postfix/smtpd[7509]: warning: connect #4 to subsystem public/cleanup: Connection refused
Sep 26 09:50:44 ubuntu postfix/smtpd[7509]: warning: connect #5 to subsystem public/cleanup: Connection refused
Sep 26 09:50:54 ubuntu postfix/smtpd[7509]: warning: connect #6 to subsystem public/cleanup: Connection refused
Sep 26 09:51:04 ubuntu postfix/smtpd[7509]: warning: connect #7 to subsystem public/cleanup: Connection refused
Sep 26 09:51:14 ubuntu postfix/smtpd[7509]: warning: connect #8 to subsystem public/cleanup: Connection refused
Sep 26 09:51:24 ubuntu postfix/smtpd[7509]: warning: connect #9 to subsystem public/cleanup: Connection refused

################################################## #####



root@ubuntu:/etc/postfix# netstat -tap
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 localhost:60000 *:* LISTEN 4141/postgrey.pid -
tcp 0 0 localhost:mysql *:* LISTEN 7204/mysqld
tcp 0 0 *:10000 *:* LISTEN 6017/perl
tcp 0 0 *:smtp *:* LISTEN 8923/master
tcp 0 0 192.168.0.170:36019 72.14.217.99:www ESTABLISHED4962/firefox-bin
tcp6 0 0 *:imaps *:* LISTEN 4292/couriertcpd
tcp6 0 0 *:www *:* LISTEN 4756/apache2
tcp6 0 0 *:ssh *:* LISTEN 4656/sshd




############################################

tail -f /var/log/mysql/mysql.log


060926 10:38:31 48 Connect mail@localhost on maildb
48 Query SELECT destination FROM aliases WHERE mail='poste.it' and enabled = 1
49 Connect mail@localhost on maildb
49 Query SELECT domain FROM domains WHERE domain='poste.it' and enabled = 1
060926 10:39:00 48 Query SELECT destination FROM aliases WHERE mail='lala.com' and enabled = 1
49 Query SELECT domain FROM domains WHERE domain='lala.com' and enabled = 1
060926 10:39:01 50 Connect mail@localhost on maildb
50 Query SELECT destination FROM aliases WHERE mail='xandros@lala.com' and enabled = 1
50 Query SELECT destination FROM aliases WHERE mail='@lala.com' and enabled = 1
060926 10:40:00 49 Quit
48 Quit


########################################


i think /etc/hosts.allow can create problems, so i write ALL : ALL, but not changed.


what can i do? plese help me!!!

pht3k
September 27th, 2006, 04:05 AM
hi,

i installed postfix according to the howto and it works! Thanks for this. But i had to make some adjustments ....

1. amavis was not starting. i found it was due to the missing operator in the mydomain line :

$mydomain 'yourdomain.com';

should be

$mydomain ='yourdomain.com';

2. a permission error given me some troubles. To fix it:

cd /var/lib/amavis

chown virtual:virtual db

3. those packages should be in the neeeded packages list :

courier-pop courier-pop-ssl

Otherwise, info is very precise. But some like some other users said : it's maybe not a howto for newbie.

cya,
pht3k

oziemike
September 28th, 2006, 06:59 AM
Hi guys,

I would appreciate a litte help. Firtsly I have put a system together exactly as per Flurdy's HOWTO. Thanks you for all your time and effort. Something has gone wrong, probably my fault, but need a little guidance as to what I should look for.

The system is working fine and I have about 5 users. The problem has now come about when I try to add new users. I enter them into the database via phpmyadmin and it enters them OK. All looks fine with the entry.

But it doesn't go and create the mailboxes in /var/spool/mail/virtual

If I try and log in via Squirrelmail or use a pop client to a new user, it rejects it. Squirrelmail reports that the Imap has dropped the connection. Interestingly if I try a dud (non-existent) user, it reports doesn't know the user. So it seems it knows about my new user, but can't authenticate it, then drops it.

The mail log reports that there was no such dircetory for that person (as previously explained).

Couple of quetsions. At what stage does the system create the new mailbox?? Is it right at the time you create the entry in MySQL, or the first time somebody logs in??

Please let me know if you need any log outputs or to see any of the config files etc.

Hope someone can help. Thanks in advance. Mike.

pht3k
September 28th, 2006, 01:51 PM
oziemike: the user need to receive mail before the dir get created. so send him mail and check again.

oziemike
September 28th, 2006, 04:30 PM
Thank you so much for that. I have been tearing my hair out for two days now trying to work out why the new accounts would not work and the answer was as simple as that.

Just got to get amavis and the aliases working now and it is all complete.

Thank you again for putting me out of my misery.

Mike

pht3k
September 29th, 2006, 04:10 AM
hehe, me too I have been tearing my hair out for a couple of days before i found the answer!

oziemike
September 29th, 2006, 04:09 PM
Amavis is going now too, just the same permissions you found.

Would you know if you can put multiple recipients into the alias list in the database or is it one only per alias?? I did try but only the fist recipent got the mail.

Mike

listerthrawn
October 9th, 2006, 06:05 PM
Guide is great but I'm having problems.

I've got postfix receiving ok but can't get courier to access. I keep getting a NO Login failed. when I try to log in. I've checked the mysql log and it doesn't change at all when i try to do this. It's not looking up the address. I'll post my authmysqlrc file. (passwords changed)

Any ideas? Anyone?

MYSQL_SERVER localhost
MYSQL_USERNAME mail
MYSQL_PASSWORD apassword
MYSQL_PORT 0
MYSQL_OPT 0
MYSQL_DATABASE maildb
MYSQL_USER_TABLE users
MYSQL_CLEAR_PWFIELD clear
MYSQL_UID_FIELD uid
MYSQL_GID_FIELD gid
MYSQL_LOGIN_FIELD id
MYSQL_HOME_FIELD home
MYSQL_NAME_FIELD name
MYSQL_MAILDIR_FIELD concat(home,'/',maildir)
MYSQL_WHERE_CLAUSE enabled=1

badmojo
October 12th, 2006, 06:27 PM
Has anyone setup the squirrelmail plugin "courrier_vacation" with this?
I have a system built around this guide and I am quite happy with it, but I would realy like to make this plugin work. Any help or advice is greatly appreciated!

xtek
October 15th, 2006, 08:20 AM
I'm having a little problem with getting the server to work. I think I have everything right but for some reason avamis will not work. I get this error in /var/log/mail.log.


Oct 15 00:16:59 localhost postfix/qmgr[14286]: warning: connect to transport amavis: No such file or directory

Any ideas?

Also has anyone tried to get fetchmail working with this setup? (It would be usefull to be able to pull emails from multiple accounts)

ngms27
October 15th, 2006, 04:42 PM
I've got most of this going but amavis wount start. I get

Starting amavisd: /etc/init.d/amavis: line 64: /var/run/amavis: No such file or directory

I have tried creating a file and a directory and setting ownership to virtual:virtual but nothing works.

Could someone please post a working 50-user file for amavis etc?

Thanks

JonnyT

ngms27
October 15th, 2006, 08:31 PM
A copy of /var/run/amavis would also help!

shakyamuni
October 16th, 2006, 11:07 PM
Dear friends,

Once created the account, I 'm not able to login via squirrelmail, giving an error : "ERROR Unknown user or password incorrect", so, since it's not working for squirrelmail, it won't work either for any email client.

Does anyone knows about this? is it an error in the email creation procedure ?

regards,

Carlos.

ngms27
October 17th, 2006, 07:35 AM
Try using username@mydomain.org

Works for me

shakyamuni
October 17th, 2006, 01:48 PM
It should work if you have that domain.... I don't have it so I still have the same issue.... thanks anyway ....does anyone knows any other possible solution?


thanks,in advance..

regards,
Carlos.

ngms27
October 17th, 2006, 06:36 PM
What is your domain?
What is your user id?

jmc1664
October 17th, 2006, 08:55 PM
I wondered if anyone could point me in the right direction. I have just carried out the install procedure while taking notes etc, and everything went nicely. Courier is allowing me to log in etc, but Postfix freezes every time I enter the "MAIL FROM: " telnet command. Looking at the mail.log, the relevant error would seem to be:

ubuntu postfix/trivial-rewrite[5697]: warning: connect to mysql server localhost: Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)

I have checked for obvious things like spacing, typos etc, but nothing so far. The only decisions I have taken outside following flurdy's guide are choosing "Internet Site" when installing postfix and choosing the "Create Directories" option when installing courier.

The only other thing to report is that the etc/postfix/main.cf file seemed to be missing a lot of the entries specified in the guide.

Any working solutions will be gratefully received and rewarded with cash prizes!

Thanks,

John

jmc1664
October 17th, 2006, 10:11 PM
I wondered if anyone could point me in the right direction. I have just carried out the install procedure while taking notes etc, and everything went nicely. Courier is allowing me to log in etc, but Postfix freezes every time I enter the "MAIL FROM: " telnet command. Looking at the mail.log, the relevant error would seem to be:

ubuntu postfix/trivial-rewrite[5697]: warning: connect to mysql server localhost: Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)

I have checked for obvious things like spacing, typos etc, but nothing so far. The only decisions I have taken outside following flurdy's guide are choosing "Internet Site" when installing postfix and choosing the "Create Directories" option when installing courier.

The only other thing to report is that the etc/postfix/main.cf file seemed to be missing a lot of the entries specified in the guide.

Any working solutions will be gratefully received and rewarded with cash prizes!

Thanks,

John


The reason for the above error was that /etc/postfix/mysql_alias.cf was missing a line break. This resulted in completely breaking the mysql connection.

I'll post back once it either totally works or I break it again!

ngms27
October 18th, 2006, 01:22 PM
Right got this working and the AV and Spam filtering is working great but...

Where does amavis / spamassassin put my spam?

Thanks

JonnyT

shakyamuni
October 18th, 2006, 01:56 PM
What is your domain?
What is your user id?

username:ccubillos
domain: stitchkin.cl


as far as I know... i already added domains and the account... but it's not working. The only piece I didn't set was the .htaccess file for the squirrelmail but I don't think that's problem...

any suggestions?

shakyamuni
October 18th, 2006, 06:07 PM
username:ccubillos
domain: stitchkin.cl


as far as I know... i already added domains and the account... but it's not working. The only piece I didn't set was the .htaccess file for the squirrelmail but I don't think that's problem...

any suggestions?

This is an additional post...
I have the same issue using root account

login : root@localhost
password: xxxxx

squirrelmail sent me an error message with username/password invalid.
...
Additionally, I've included a portion of the mail.err log file :
Oct 18 18:57:31 garuda amavis[3542]: TROUBLE in pre_loop_hook: db_home directory is not writable: /var/lib/amavis/db at /usr$
Oct 18 19:41:13 garuda imaplogin: LOGIN FAILED, ip=[::ffff:127.0.0.1]
seems like db folder has no rights to write....

any ideas?

thanks a lot in advance.

carlos.

giorg
October 19th, 2006, 09:46 AM
Guys I get this warning in my mail.log:

Oct 19 10:38:10 mail amavis[1432]: (01432-01) WARN: DSPAM problem, exit 64, result=[1553] warn: Unknown option: s\n

but actually the anti-span is working... any idea?
Thx a lot
Andrea

giorg
October 19th, 2006, 10:07 AM
By the way, any chance to avoid amavis running for localnetworks? This would save performances... And the last problem I have is to give virus whitelist to amavis; seems to be possible only for spam.
Thx

shakyamuni
October 19th, 2006, 09:35 PM
Dear friends,

I've found another error connecting myself via telnet doing " sudo telnet -d 127.0.0.1 25"
I write a message as follows:
"mail from: <username@domain>
503 Error: send HELO/EHLO first" --> this is the issue ...
any ideas?
i'm running out of ideas...

thanks

Carlos.

sputicus
October 24th, 2006, 05:14 PM
I wondered if anyone could point me in the right direction. I have just carried out the install procedure while taking notes etc, and everything went nicely. Courier is allowing me to log in etc, but Postfix freezes every time I enter the "MAIL FROM: " telnet command. Looking at the mail.log, the relevant error would seem to be:

ubuntu postfix/trivial-rewrite[5697]: warning: connect to mysql server localhost: Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)


I just solved this problem myself, it has to do with the unix socket not being available in the chrooted postfix environment. If you set your "hosts = 127.0.0.1" postfix will use TCP rather than the unix socket to communicate with mysql.

I also posted about this in the following thread:

http://www.ubuntuforums.org/showthread.php?p=1656729#post1656729

willg
October 25th, 2006, 06:03 AM
I was able to get most everything running after several attempts. However, two problems still remain

1. I have seen this post twice, but not seen a solution. Basically, mail is getting delivered to /var/spool/mail/virtual/willg/ but is not showing up in Squirrelmail (when it was working)..which brings me to my next problem

2. After following the Squirrelmail section about adding mysql://username:password@127.0.0.1/database in the DSN for Address Book section and DSN for Preferences section I now get the following error when I try to login to Squirrelmail


Warning: main(DB.php): failed to open stream: No such file or directory in /usr/share/squirrelmail/functions/db_prefs.php on line 40

Warning: main(): Failed opening 'DB.php' for inclusion (include_path='.:/usr/share/pear') in /usr/share/squirrelmail/functions/db_prefs.php on line 40
ERROR:
Could not include PEAR database functions required for the database backend.
Is PEAR installed, and is the include path set correctly to find DB.php?
Please contact your system administrator and report this error.


Any help would be greatly appreciated. Thanks!

shakyamuni
October 25th, 2006, 10:19 PM
I was able to get most everything running after several attempts. However, two problems still remain

1. I have seen this post twice, but not seen a solution. Basically, mail is getting delivered to /var/spool/mail/virtual/willg/ but is not showing up in Squirrelmail (when it was working)..which brings me to my next problem

2. After following the Squirrelmail section about adding mysql://username:password@127.0.0.1/database in the DSN for Address Book section and DSN for Preferences section I now get the following error when I try to login to Squirrelmail


Warning: main(DB.php): failed to open stream: No such file or directory in /usr/share/squirrelmail/functions/db_prefs.php on line 40

Warning: main(): Failed opening 'DB.php' for inclusion (include_path='.:/usr/share/pear') in /usr/share/squirrelmail/functions/db_prefs.php on line 40
ERROR:
Could not include PEAR database functions required for the database backend.
Is PEAR installed, and is the include path set correctly to find DB.php?
Please contact your system administrator and report this error.


Any help would be greatly appreciated. Thanks!


Is not so clear in the howto manual, but ...have you tried to replace username:password for your squirrel username and password created in mysql?

regards,
Carlos.

extasy
October 27th, 2006, 12:34 PM
Nice and easy howto! just what I needed, but does this howto work for edgy to or is it changes? I also wondered if this install can handle multiple domains?

rofl0r
November 3rd, 2006, 10:33 PM
thanks for the great tutorial. it also works on debian 3.1 with some little differences (i.e. amavis uses one single config file instead of 50-user and so on) =D>

dninja
November 17th, 2006, 11:28 AM
How can I integrate procmail and spamassassin per virutal domain/users. I see that there was a procmailrc and spamassassinrc field added to the users table. Any pointer to documentation is appreciated.

Thanks

Hi
Has anyone got an answer to this? I initially put the procmailrc file in my users home directory but then realised that the mail account is a virtual one so that wouldn't help. The field in the database doesn't seem to be used for anything, no sql is pulling the info out.

Help, I'm missing my filtering.

lawkie
November 22nd, 2006, 02:43 PM
Hello,

I have come to the point that I have installed the mail server on Ubuntu (I am a complete novice, so I just followed the guide), now I want to start adding users to my domain. To do this with mysql queries each time is very tiresome. I heard there are ways to use web-based programs.

Can someone please tell me what a good program is and more inportant, how do I link it to the database used in this tutorial? How do I set up such a program to be able to talk to mysql and update my users table!? Anyone who has done this?

Help is very much appreciated!

Thanks,

Rens

gregd
November 24th, 2006, 10:45 PM
I had exactly the same problem with "SASL authentication failure: no secret in database" error. It would be great if the guide had a warning about trailing whitespace problem inside sasl conf file. Thanks tbird469 for the solution.

hecchan
November 29th, 2006, 12:35 PM
Hi forum,

First my public thanks to flurdy for this great howto (http://flurdy.com/docs/postfix/), (and to all the people who wrote this free software we are using)

This is my first post, the mail server seems to work now, not too much testing yet. But i can connect from a client machine in my LAN with evolution and send emails to the internet and receive from my Netscape webmail. Also squirrelmail and phpmyadmin seems OK.
I didn't follow blindly the howto, i readed the docs for the most important programs. But unfortunately, i didn't find the link to this forum until i got it working. Shame on me, the most of the answers were here. Just read the posts.
I just will put together a few problems i found.
My SO is Ubuntu dapper and i have did exactly as flurdy said except for the php, i have installed php5 and i didn't install the shorewall as my router includes one.

Postfix:
If your ISP relay host needs authentication, you have to set up the sasl_passwd(.db) file
I changed

mynetworks_style = host
to

mynetworks_style = subnet
as i want my mail server accepts mail sent from inside the LAN

Amavis:
I mixed flurdy's with wiki'sPostfixAmavisNew (https://wiki.ubuntu.com/PostfixAmavisNew)
I had to set owner for /var/lib/amavis/db
so i think change
-------------------------
# You may have to change this

cd /var/lib/amavis
mkdir tmp
chown virtual:virtual tmp
chown virtual:virtual virusmails
------------------------ by

chown -R virtual:virtual /var/lib/amavis/*
----------------------

Authentication:
******************** VERY IMPORTANT ****************************
**************** CHECK TRAILING SPACES IN /etc/postfix/sasl/smtpd.conf
************************************************** **************
It drove me crazy, i was able to authenticate from squirrelmail but from evolution or kmail i
got an authentication error which gives little information in the logs

Encryption:
Evolution still doesn't like the certs i have created following forum user: trusted instructions

SquirrelMail:
I have installed php5, so i had to change php4-pear by php-pear and php-db
I did a symlink to /etc/squirrelmail/apache.conf to keep the squirrelmail config together
ATTENTION:-after you create a mail account with mysql or phpmyadmin
YOU MUST SEND AN EMAIL TO THE NEW ACCOUNT for the directory to be created under
/var/spool/mail/virtual/

phpMyAdmin:
Here i found the darkest point of this howto.
I'm a newbee to all this stuff, so please, this is a call to someone with a deeper knowledge on this subject to review what i will say, because it seems to me it can be an important security hole for the the people who follow the phpmyadmin instructions.
After read the docs for phpmyadmin in dapper about /etc/phpmyadmin/config.inc.php:

$cfg['PmaAbsoluteUri']
docs suggets to leave it blank (it's working for me like that)

$cfg['Servers'][$i]['user'] = 'mail';
$cfg['Servers'][$i]['password'] = 'apassword';
******************** VERY IMPORTANT ****************************
**************** NEVER PUT USER AND PASSWORD IN /etc/phpmyadmin/config.inc.php
************************************************** **************
this file can be readed for any person who can run cgi scripts on the server
In the docs there is a solution creating an user with low privileges

$cfg['Servers'][$i]['controluser'] = 'pma';
$cfg['Servers'][$i]['controlpass'] = 'apasswordforpmauser';
there is a sql script to create other usefull tables for mysql
********************** READ THE PHPMYADMIN DOCUMENTATION ********************************

Sorry for using so much upper case.

I belive this a really great howto. It leaded me to get an email server working, and that it's a lot of stuff.

A newbee lazy sugestion:
To make copy and paste the code easier, fix the line returns for Linux

All the best

akosh
December 10th, 2006, 02:30 PM
First of all, thank you for the great howto!

I've configured a server using it and it works well, but I have a warning that I can not really fix.

The MX was set to my IP address two days ago, it pointed to the server of my ISP before. A backup MX is still pointig there.

Please if you know of any possible solution, I would very much appreciate.

It is some kind of loopback problem:


Dec 10 12:18:02 mail postfix/pickup[1235]: 9C13339831A: uid=105 from=<amavis>
Dec 10 12:18:02 mail postfix/cleanup[1367]: 9C13339831A: message-id=<20061210111802.9C13339831A@mail.xxxx.hu>
Dec 10 12:18:02 mail postfix/qmgr[27797]: 9C13339831A: from=<amavis@mail.xxxx.hu>, size=707, nrcpt=1 (queue active)
Dec 10 12:18:02 mail amavis[32272]:) ESMTP::10024 /var/lib/amavis/tmp/amavis-20061210T031802-32272: <amavis@mail.xxxx.hu> -> <amavis@mail.xxxx.hu> Received: SIZE=707 from mail.xxxx.hu ([127.0.0.1]) by localhost (mail.xxxx.hu [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id for <amavis@mail.xxxx.hu>; Sun, 10 Dec:18:02 +0100 (CET)
Dec 10 12:18:02 mail amavis[32272]:) Checking: 2p5kb2-H+LM4 <amavis@mail.xxxx.hu> -> <amavis@mail.xxxx.hu>
Dec 10 12:18:02 mail amavis[32272]:) p001 1 Content-Type: text/plain, size: 172 B, name:
Dec 10 12:18:02 mail postfix/smtpd[1373]: connect from localhost[127.0.0.1]
Dec 10 12:18:02 mail postfix/smtpd[1373]: EB6923982DC: client=localhost[127.0.0.1]
Dec 10 12:18:03 mail postfix/cleanup[1367]: EB6923982DC: message-id=<20061210111802.9C13339831A@mail.xxxx.hu>
Dec 10 12:18:03 mail postfix/qmgr[27797]: EB6923982DC: from=<amavis@mail.xxxx.hu>, size=1134, nrcpt=1 (queue active)
Dec 10 12:18:03 mail amavis[32272]:) FWD via SMTP: <amavis@mail.xxxx.hu> -> <amavis@mail.xxxx.hu>, 250 2.6.0 Ok, id=32272-08, from MTA([127.0.0.1]:10025): 250 Ok: queued as EB6923982DC
Dec 10 12:18:03 mail amavis[32272]:) Passed CLEAN, <amavis@mail.xxxx.hu> -> <amavis@mail.xxxx.hu>, Message-ID: <20061210111802.9C13339831A@mail.xxxx.hu>, mail_id: 2p5kb2-H+LM4, Hits: -0.001, 349 ms
Dec 10 12:18:03 mail amavis[32272]:) TIMING [total 353 ms] - SMTP EHLO: 3 (1%)1, SMTP pre-MAIL: 1 (0%)1, SMTP pre-DATA-flush: 2 (1%)2, SMTP DATA: 42 (12%)13, body_digest: 1 (0%)14, gen_mail_id: 0 (0%)14, mime_decode: 7 (2%)16, get-file-type1: 12 (3%)19, decompose_part: 1 (0%)19, parts_decode: 0 (0%)19, AV-scan-1: 4 (1%)21, spam-wb-list: 2 (1%)21, SA msg read: 0 (0%)21, SA parse: 1 (0%)22, SA check: 149 (42%)64, update_cache: 1 (0%)64, fwd-connect: 34 (10%)74, fwd-mail-from: 5 (2%)75, fwd-rcpt-to: 5 (2%)77, write-header: 1 (0%)77, fwd-data: 0 (0%)77, fwd-data-end: 67 (19%)96, fwd-rundown: 1 (0%)97, main_log_entry: 9 (3%)99, update_snmp: 1 (0%)100, unlink-1-files: 1 (0%)100, rundown: 0 (0%)100
Dec 10 12:18:03 mail amavis[32272]:) extra modules loaded: unicore/lib/gc_sc/Digit.pl, unicore/lib/gc_sc/SpacePer.pl
Dec 10 12:18:03 mail postfix/smtp[1370]: 9C13339831A: to=<amavis@mail.xxxx.hu>, orig_to=<amavis>, relay=127.0.0.1[127.0.0.1], delay=1, status=sent (250 2.6.0 Ok, id=32272-08, from MTA([127.0.0.1]:10025): 250 Ok: queued as EB6923982DC)
Dec 10 12:18:03 mail postfix/smtpd[1373]: disconnect from localhost[127.0.0.1]
Dec 10 12:18:03 mail postfix/qmgr[27797]: 9C13339831A: removed
Dec 10 12:18:03 mail postfix/smtpd[1378]: connect from host-xxx-xx.opticon.hu[85.90.xxx.xx]
Dec 10 12:18:03 mail postfix/smtp[1377]: warning: host mail.xxxx.hu[85.90.xxx.xx] greeted me with my own hostname mail.xxxx.hu
Dec 10 12:18:03 mail postfix/smtp[1377]: warning: host mail.xxxx.hu[85.90.xxx.xx] replied to HELO/EHLO with my own hostname mail.xxxx.hu
Dec 10 12:18:03 mail postfix/smtp[1377]: EB6923982DC: to=<amavis@mail.xxxx.hu>, relay=mail.xxxx.hu[85.90.xxx.xx], delay=1, status=bounced (mail for mail.xxxx.hu loops back to myself)
Dec 10 12:18:03 mail postfix/smtpd[1378]: disconnect from host-xxx-xx.opticon.hu[85.90.xxx.xx]
Dec 10 12:18:03 mail postfix/cleanup[1367]: 2371039831F: message-id=<20061210111803.2371039831F@mail.xxxx.hu>
Dec 10 12:18:03 mail postfix/qmgr[27797]: 2371039831F: from=<>, size=2775, nrcpt=1 (queue active)
Dec 10 12:18:03 mail postfix/qmgr[27797]: EB6923982DC: removed
Dec 10 12:18:03 mail postfix/smtpd[1378]: connect from host-xxx-xx.opticon.hu[85.90.xxx.xx]
Dec 10 12:18:03 mail postfix/smtp[1377]: warning: host mail.xxxx.hu[85.90.xxx.xx] greeted me with my own hostname mail.xxxx.hu
Dec 10 12:18:03 mail postfix/smtp[1377]: warning: host mail.xxxx.hu[85.90.xxx.xx] replied to HELO/EHLO with my own hostname mail.xxxx.hu
Dec 10 12:18:03 mail postfix/smtp[1377]: 2371039831F: to=<amavis@mail.xxxx.hu>, relay=mail.xxxx.hu[85.90.xxx.xx], delay=0, status=bounced (mail for mail.xxxx.hu loops back to myself)
Dec 10 12:18:03 mail postfix/smtpd[1378]: disconnect from host-xxx-xx.opticon.hu[85.90.xxx.xx]
Dec 10 12:18:03 mail postfix/qmgr[27797]: 2371039831F: removed

neptune
December 10th, 2006, 06:27 PM
Does this HowTo include instructions for collecting remote mail from your ISPs mail server and forward to / dump into one of the virtual accounts?

eg: you have your own @yourname.com domain, and you also have emailaccount@yourisp.com.

This document covers how to setup Ubuntu as mail server for @yourname.com, which is great. I also have emails coming to @yourisp.com which I'd like to collect and drop into one of the virtual mailboxes.

Is that possible?

Thanks!

dninja
December 10th, 2006, 06:57 PM
Install yourself fetchmail then create a file called .fetchmailrc like this on in your users home directory:



poll <isp server> proto pop3 nodns
user <isp username> with password <password> is <the full local username> here
forcecr keep

the last two statments are optional, look in the man pages to see what they do.

You can then run fetchmail manually to bring the mail down or run fetchmail -d <time> to put it in daemon mode.

patg51
December 12th, 2006, 05:40 PM
Loved the tutorial. Various configuration files are modified at different times in the tutorial. At the end my config files (/etc/postfix/main.cf and master.cf for example) are pretty hacked up.

I try to keep related stuff together and had a hard time doing that with the various updates to the same config file in different places in the tutorial.

An additional link that would show the complete config files would be helpful (to me at least).

Have been playing with this for a while and cannot get past the amavisd-new tests.

I was successful in testing the mail server up to section Configure / IMAP (Courier).

The next step for the amavisd-new get a "connection refused" to port 10024.

I have no idea where to look. Any suggestions?

mootpoint
December 29th, 2006, 04:41 PM
I've been working through this setup howto. I'd strongly suggest that in the "data" section, you tell us which database to put the data into! I figured it out, but:

Current text:

So we got a fully set up mail server... Well no, there is no users, domains, no nothing!

Okay, first you need add some default data, some which are required, some which make sense.

Then we'll add your own users and domains.

Proposed text:

So we have a fully set up mail server ... Well, no, there are no users, domains, no anything!

OK, first we need to add some default data to maildb. Some is required, some just makes sense. Then we'll add your own users and domains.

First, open the maildb database as the mail user:

mysql -u mail -p maildb

Enter the password for the mail sql account when prompted.

Then add the required domains for local email: <continue with current text>


Hope that proves useful ... and I imagine I'll have a question or two shortly.

mootpoint

dninja
December 29th, 2006, 04:53 PM
Something telling how to use the procmail columns in the database as well would be good.

Sprinker
January 1st, 2007, 07:24 AM
Hey can someone make this sticky? I think its a terrific tutorial and should be used by anyone who is slightly new to Linux and setting up a mail server can be a daunting task, I know it was for me. I would like to personally thank Flurdy for this contribution.

Acker
January 8th, 2007, 04:03 PM
Hi!

At first thx for the great guide. My Server is up and running. But it seems that spamassassin doesnt work. I don't get any X-Spam header e.g. Virus scan with amavis works...

Anyone got the same problem?

Acker

milwell
January 12th, 2007, 03:59 AM
I encountered this error after following flurdy's tutorial.

Warning: include_once(DB.php) [function.include-once]: failed to open stream: No such file or directory in /usr/share/squirrelmail/functions/db_prefs.php on line 40

Warning: include_once() [function.include]: Failed opening 'DB.php' for inclusion (include_path='.:/usr/share/php:/usr/share/php/PEAR') in /usr/share/squirrelmail/functions/db_prefs.php on line 40

It turns out, php-pear does not install DB.php, just enter:

pear install DB

and it will connect to database. :rolleyes:

Thanks to flurdy for the great guide.

foxmulder
January 14th, 2007, 12:39 PM
Hi Guys,

I think Flurdy's How-to is nice, but it would be a lot more useful if it was setup like this one: http://www.howtoforge.com/perfect_setup_ubuntu_6.06

The reason for that is, that that one actually has all the commands spelled out as well, so the real n00b's (like myself) can just copy/paste most of it!

Especially the part with all the packages is rather time consuming! Now I have to go find out each time what I need to apt-get, because the guide just says:

"Now everything is installed it is time to configure each of the core applications used." Duh, I haven't installed anything yet! Because the guide does not tell me the package names!

Is there ANYONE out there that can actually turn Flurdy's how-to in something like that?

mrsym0r
January 15th, 2007, 06:09 AM
Hello all,

I've followed this guide, and installed all the required packages, but when I try to create the first mysql table, i get:

ERROR 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''ALIASES' (
`pkid` smallint(3) NOT NULL auto_increment,
`mail` varchar(120) NOT ' at line 1
mysql>

The mysql version installed was 5.0.22-Debian_0ubuntu6.06-log .

I'm guessing that since the guide was created, the syntax has changed. Is anyone able to point me in the right direction of what it would now be?

Thanks in advance to anyone who replies.

-Simon

dninja
January 15th, 2007, 11:06 AM
I've tried this command on a matching mysql server and it worked fine. Make sure that the cut and paste didn't get any extra characters or miss any.

shakyamuni
January 16th, 2007, 12:44 AM
Hi Everyone.

I 've been through hard times setting the server. I made it and it worked for a while. I decided to mount another server with more capacity, and I copied all the config files (postfix main and master cf files + courier+ virtual tables) from the first server to the new one. Everything looked good but I detected a subtle error when sending email via smtp. In the first server I have a couple of mozilla thunderbird clients authenticated using username and password to send email. But I could make it with the second server using authentication with SMTP, so I had to set them as not authenticated.

Any ideas to workaround?

thanks alot in advance.

CARLOS.

Jonhoo
January 20th, 2007, 05:27 PM
Great tutorial!
Only thing is, do you know when you will release the guide for Edgy?

Looking forward to it :)

Jonhoo

mlcampbe
January 22nd, 2007, 04:20 PM
I've been reading over this thread and the flurdy howto preparing to upgrade my exisitng mail server. I currently have approx 30 email users and am not using mysql to store the user info. What is the advantage of putting everything into a database? Should I really consider mysql for just 30 users?

Juzz
January 22nd, 2007, 08:08 PM
For those who get errors like:


relay=none
and

Connection refused [10024]

try to start up Amavis while in the debug windows (the log windows).
That can give an indication of what could possibly be wrong (in my case wrong permissions on a dir that I could fix in an instant - while I had been staring me blind on it).

Now all I need to figure out is how I can import mails from my old SuSE sendmail/cyrus imap system...
If anyone has a clue to that please point me in the right direction :cool:

shakyamuni
January 23rd, 2007, 10:29 PM
This is twice in a row now where I've asked a question and answered it myself. Maybe I should have a bit more patience before I post questions to the forums? :)

The problem was not defining the transport_maps which I've got sorted out now.

Anyways... I've set up autoreply / autoresponder / vactaion email notices (whatever you want to call it). I did the following:

1) In /etc/postfix/main.cf was the following as per flurdy's guide:


# this is how to connect to the domains (all virtual, but the option is there)
# not used yet
# transport_maps = mysql:/etc/postfix/mysql_transport.cf


I uncommented the last line:


# this is how to connect to the domains (all virtual, but the option is there)
# not used yet
transport_maps = mysql:/etc/postfix/mysql_transport.cf


2) I created a /etc/postfix/mysql_transport.cf file which looked up the "transport" field of the "domains" table:


user=database_username
password=database_password
dbname=maildb
table=domains
select_field=transport
where_field=domain
hosts=127.0.0.1
additional_conditions = and enabled = 1


3) I added the transport type "autoreply" to /etc/postfix/master.cf:


autoreply unix - n n - - pipe
flags= user=nobody argv=/etc/postfix/autoreply $sender $mailbox


4) I created an executable script /etc/postfix/autoreply :


mail -s"Fireworks Digital Autoreply From: <$2>" $1 < /etc/postfix/autoreply_message

Make sure you chmod 755 the file to make it executable.

And with it, the text /etc/postfix/autoreply_message to go with it (make this whatever you want).

5) Into the table "domains" I added the row domain="autoreply.mydomain.com" transport="autoreply:" (note the trailing ":" - it is important).

Basically that's it. Now autoreply is working. To enable a user to be set to autoreply, in the "aliases" table, add the destination "user@autoreply.mydomain.com". What happens is the mail server looks up the domain "autoreply.mydomain.com", see's the transport is the unix pipe to the script /etc/postfix/autoreply, which in turn fires an email back at the original sender with the message attached!

And with that working, my client can now take holidays. Wish I could too. :)


Hello Elvis and everybody,:KS

I've configured this mini-how to to implement vacations on postfix, but when I'm trying to send an email to test the autoreply message, instead, I receive this kind of email :

This is the Postfix program at host mailman.stitchkin.cl.

I'm sorry to have to inform you that your message could not
be delivered to one or more recipients. It's attached below.

For further assistance, please send mail to <postmaster>

If you do so, please include this problem report. You can
delete your own text from the attached returned message.

The Postfix program

<webmaster@autoreply.domain.com> (expanded from <webmaster@domain.com>):
Command died with status 127: "/etc/postfix/autoreply". Command output:
/etc/postfix/autoreply: line 1: mail: command not found


Any ideas?


thanks a lot in advance.

regards,
Carlos.

Jonhoo
January 28th, 2007, 06:29 PM
Hmm..
Had the same problem, but I think all I did was:
sudo apt-get install mail

:P

BTW:
When will the guide be updated for Edgy? ^^

shakyamuni
January 28th, 2007, 08:08 PM
Hmm..
Had the same problem, but I think all I did was:
sudo apt-get install mail

:P

BTW:
When will the guide be updated for Edgy? ^^

install mail??? I'm sorry, but I don't think that fix the problem....how many coincidences with packages in the repositories could be with "mail"?

thank you anyway.....
I still have the same problem....
Does anyone knows what's happening with this issue?

thanks

Carlos.

Tspiritstorm
January 29th, 2007, 04:39 PM
Great Guide!

I am having one issue that remains and I know it is me doing something stupid. Aliases are not working correctly. I can tell it is checking via the /etc/postfix/mysql_alias.cf and then checking the DB but for some reason it is not resolving that myalias@mydomain.com should resolve to myaccount@mydomain.com.

I am getting an Unknown User error with the alias email account.

Lord_Pancake
February 16th, 2007, 07:28 AM
I am trying to test my server setup now. I can send mail to my gmail account, and recieve it. But when I try to reply to it, I never recieve it on my machine, At least i don't think I am. But I don't recieve a mesg saing it failed.

Thank you,
-Lord_Pancake

ltk5
February 16th, 2007, 11:42 AM
have to try this mail-thingie. It looks really cute :)

DanteUseless
February 19th, 2007, 05:08 PM
Hi there!
This is a great tutorial, but I'm missing some parts:
*Edgy.. (fixed after some work)
*Userspesific spamassasin and procmail (use the fields allready made in db) - anyone got tips about this?
*Teach spamassassin spam. Testing and debuging.
*Same goes for antivirus.

Btw, the tutorial is HUGE, should be split up to several pages :)

Juzz
March 13th, 2007, 11:17 PM
For those who get errors when trying to send mails using TLS/SSL by entering login info and you get this error:


"no secret in database"

Then find this line in main.cf :


smtpd_sasl_path = /etc/postfix/sasl:/usr/lib/sasl2

and replace with:


smtpd_sasl_path = smtpd

It got my system running and enabling users to put in their usernames when sending mails over TLS/SSL.

Juzz
March 14th, 2007, 04:58 PM
Can anyone here help me?

I cannot get amavis/postfix to insert the header "X-Spam-Status:" - I have tried several things... I have followed flurdy's howto and mixed it up with the workaround.org and help.ubuntu.com PostfixAmavisNew - all to no avail :(

Is it Thunderbird that thinks that the user shouldn't see that header - or is it just not getting inserted?

I am trying both the "Show All Headers" option in Thunderbird and pressing CTRL-U for viewing the source and neither reveals the header...

Has the header been removed from amavis and have they created a new method of marking spam?

Juzz
March 21st, 2007, 05:35 PM
I figured out how to enable the spamheaders...

You have to activate some bypass settings!?! :-k

In one of the config files: "/etc/amavis/conf.d/15-content_filter_mode"

You have to uncomment the bypass variables...

I think that's a weird way of thinking... To activate a bypass setting to enable the scanners...

sirgeekalot
March 30th, 2007, 11:46 AM
Hi
Has anyone got an answer to this? I initially put the procmailrc file in my users home directory but then realised that the mail account is a virtual one so that wouldn't help. The field in the database doesn't seem to be used for anything, no sql is pulling the info out.

Help, I'm missing my filtering.

Did anyone ever get any response to this question?? i would like to use procmail for filtering instead of amavis due to resource problems. (i.e. i dont have enough of them!!)

The Muttster
March 31st, 2007, 03:29 PM
It don't work.

Now I've got that out of the way, I'll describe what's happening:

When I connect to port 110 and authenticate my username and password, I get

-ERR Temporary problem, please try again later
Connection closed by foreign host.

Obviously, that presents me with a problem as I'd like to read my mail. I can connect on port 25 and send an email but that's only half the job.

Sadly, this is where the guide is a bit lacking for noobs like myself. The question is, how do I go about investigating what's wrong and how do I fix it?

DanteUseless
April 1st, 2007, 11:18 AM
Did anyone ever get any response to this question?? i would like to use procmail for filtering instead of amavis due to resource problems. (i.e. i dont have enough of them!!)

Hi there. I gave up using procmail and i found out a solution using maildrop.
Basicly postfix delivers the mail to maildrop (not virtual: ), and maildrop looks at DB for user-info (username, aliases, maildir, etc). But its still not using the sql-field for filter. I've goto make the filters by hand in files.

Another problem was that ubuntu's maildrop had to be recompiled with mysql-support.

kkevin
May 25th, 2007, 05:55 PM
For those who get errors when trying to send mails using TLS/SSL by entering login info and you get this error:


"no secret in database"

Then find this line in main.cf :


smtpd_sasl_path = /etc/postfix/sasl:/usr/lib/sasl2

and replace with:


smtpd_sasl_path = smtpd

It got my system running and enabling users to put in their usernames when sending mails over TLS/SSL.

Hi Juzz,
just wanted to say thank you for posting this. It did fix my problem (that I've been researching for literally DAYS).

Does anyone know what the implication is here? What is going on with this change?
Thanks.

badfeet
May 30th, 2007, 03:24 AM
Hello, I just followed this guide and (most) everything went smoothly. The only problem I have is that
the users are not being created in /var/mail/vitrual. The first two I set up had the directories created,
but all the users I've added since won't create the directory, so they are unable to receive any mail
and can't log in via IMAP or squirrelmail. Any assistance you can provide would be appreciated.

Thanks!

Pollywoggy
May 31st, 2007, 12:00 AM
This is an excellent tutorial. I am setting up Postfix on a second machine and using the information in the tutorial. If it works out, I will do the same on the main machine.

I am confused about something. In the section CREATE TABLE `users`:

CREATE TABLE `users` (
`id` varchar(128) NOT NULL default '',
`name` varchar(128) NOT NULL default '',
`uid` smallint(5) unsigned NOT NULL default '5000',
`gid` smallint(5) unsigned NOT NULL default '5000',
`home` varchar(255) NOT NULL default '/var/spool/mail/virtual',
`maildir` varchar(255) NOT NULL default 'blah/',
`enabled` tinyint(3) unsigned NOT NULL default '1',
`change_password` tinyint(3) unsigned NOT NULL default '1',
`clear` varchar(128) NOT NULL default 'ChangeMe',
`crypt` varchar(128) NOT NULL default 'sdtrusfX0Jj66',
`quota` varchar(255) NOT NULL default '',
`procmailrc` varchar(128) NOT NULL default '',
`spamassassinrc` varchar(128) NOT NULL default '',
PRIMARY KEY (`id`),
UNIQUE KEY `id` (`id`)
) ;

What is the purpose of the line

`clear` varchar(128) NOT NULL default 'ChangeMe',
`crypt` varchar(128) NOT NULL default 'sdtrusfX0Jj66'

I suspect I should have put something other than 'ChangeMe' and 'sdtrusfX0Jj66' when I did it. If that is the case, do I need to use md5crypt to generate them? Can I use PHPMyadmin to change the entries so I do not need to remove the table and enter the table info again?

Thanks for the tutorial.

oziemike
July 16th, 2007, 05:01 AM
Hi all

I have setup about 3 of these servers now and they all work well. Having a problem (or maybe it is supposed to be this way??) with email clients.

In Evolution every time I open evol I get a message about the certificates and have to accept them for each session. Much the same with Outlook Express in Windoze.

I am using SSL on port 995 for receiving and TLS on 587 for sending.

Evolution always starts with "Failed to get a valid greeting from ....... (the server)"

Can anyone give me some pointers??

Thanks

Mike

evilmrrogers411
July 25th, 2007, 05:48 PM
Im just getting started on this howto guide and was looking at the part
"""""""""
OS: Ubuntu
The most important setting, security wise, is to configure the firewall. This off course varies between firewalls, your usage. Shorewall main config files in /etc/shorewall that we are concerned with, are interfaces, hosts, zones, policy and rules.
Here is a typical basic zones file

#zone display comment
loc Local Local network
net Net Tinternet
"""""""""

I dont see these files (interfaces, hosts, zones, policy and rules) even when I have it showing hidden files. Am I suppose to create these files and just copy and paste what he has written like above or did I do something wrong when I got the packages (The way I installed all the packages was using the synaptic package manager and just looking up and marking all the packages that was said along with their dependencies).

Verifier
August 8th, 2007, 11:05 AM
I got the "no secret in database" problem. I've changed to "smtpd_sasl_path = smtpd" in main.cf and I do not have any trailing spaces in /etc/postfix/sasl/smtpd.con.


Aug 8 10:53:07 www postfix/smtpd[9470]: connect from unknown[192.168.1.100]
Aug 8 10:53:27 www postfix/smtpd[9470]: warning: SASL authentication failure: no secret in database
Aug 8 10:53:27 www postfix/smtpd[9470]: warning: unknown[192.168.1.100]: SASL CRAM-MD5 authentication failed
Aug 8 10:53:27 www postfix/smtpd[9470]: warning: SASL authentication failure: Password verification failed
Aug 8 10:53:27 www postfix/smtpd[9470]: warning: unknown[192.168.1.100]: SASL PLAIN authentication failed
Aug 8 10:53:27 www postfix/smtpd[9470]: warning: unknown[192.168.1.100]: SASL LOGIN authentication failed
Aug 8 10:54:28 www postfix/smtpd[9470]: lost connection after AUTH from unknown[192.168.1.100]
Aug 8 10:54:28 www postfix/smtpd[9470]: disconnect from unknown[192.168.1.100]


All suggestions are most welcome since this is driving me mad after a couple of days trying to fix it :/

dmeyer
August 14th, 2007, 06:47 PM
I'm having a problem relaying to an Exchange server inside my domain. The Ubuntu server is located in the DMZ. In my initial postfix setup I had the relay working properly, but now that I have virtual domains it isn't working. I have two local domains and my third domain is a relay domain and that is the one I'm having trouble with.

I'm testing th SMTP connection manually and when I get to

RCPT TO: <****@relaydomain.tld> the server responds with "454 4.7.1 <****@relaydomain.tld> Relay access denied".

A few items from my main.cf:

#blank for virtual domains:
local_recipient_map =
my_destination =

#so I don't lose any messages during testing:
soft_bounce = yes

#transport maps are tested and working
transport_maps = hash:/etc/postfix/transport

#domain to relay for is specified here:
relay_domains = [relaydomain.tld]

#there might be an issue with this section?
smtpd_recipient_restrictions = reject_unauth_pipelining, permit_mynetworks, reject_non_fqdn_recipient, reject_unknown_recipient_domain, reject_unauth_destination, check_policy_service inet:192.168.2.2:10023, permit


I think the problem is either with the smtpd_recipient_restrictions statement or the problem is happening when it does a lookup in the domains table in mysql. I think it might be overriding the transport_maps setting and looking up the domain in the domains table and then rejecting it. Is there possibly a way to specify the transport_maps setting in the transport field of the domains table?

I know I'm very close, but I'm not sure where to go from here, so any suggestions would be greatly appreciated.

dmeyer
August 15th, 2007, 03:37 PM
I got the relay problem working by adding in the line "mynetworks = 127.0.0.1, 192.168.2.0, etc... " to the postfix main.cf file. I'm not sure why that wasn't included in the howto, but I guess it isn't necessary for all configurations.

kevin79
August 17th, 2007, 09:20 PM
I went through the entire setup, but I can't seem to Telnet to my postfix server from localhost.

It starts up ok, and without error. Not sure what files one may need to help with this.

I know this message is old but do you remember how your fixed this? I'm having the same problem.

flurdy
August 26th, 2007, 08:35 PM
If the shorewall files arent there, then you should create them.
There are examples in /usr/share/shorewall

bobster_b
September 24th, 2007, 03:00 AM
I've been working through this tutorial which seems to be rather good. I'm having one problem so far, the courier-authmysql package cannot be found. I'm fairly new to Ubuntu, so I'm not exactly sure on where to go next...

Thanks, Heath

evanleibovitch
October 17th, 2007, 08:39 PM
Hello Ivar and everyone,

I appreciate the work that has gone into this system; it has worked very well and demonstrated what can be done with a combination of open source tools.

I now have an installation that has been running smoothly for some time, but the users have requested a vacation-reply system.

Is there one technique that is recommended? In this forum I have seen a number of approaches, including a Squirrel plugin and some methods that require adding database tables.

Since this method has become widely used, are there any preferred approaches?

Thanks for any suggestions!

- Evan

oziemike
December 25th, 2007, 06:09 AM
I would just like to highlight to anyone the importance of setting the "smtpd_sasl_path = smtpd" as mentioned below in the quote.

I had a full setup running on 6.06 LTS which has been running well for about a year. I had been overseas for a few months and when I got back near the machine I did the full dist-upgrade. It upgraded kernel. mysql, sasl and lots of other packages and it seemed all had gone OK till I tried to send mail.

I was getting the same messages as below and the simple act of changing the above parameter from Flurdy's original line fixed it. This was after much hunting, reloading backups etc, but kit all came down to that and is going fine again all updated.

This is still one of the best mail servers I have used and is extremely reliable.

Mike


I got the "no secret in database" problem. I've changed to "smtpd_sasl_path = smtpd" in main.cf and I do not have any trailing spaces in /etc/postfix/sasl/smtpd.con.


Aug 8 10:53:07 www postfix/smtpd[9470]: connect from unknown[192.168.1.100]
Aug 8 10:53:27 www postfix/smtpd[9470]: warning: SASL authentication failure: no secret in database
Aug 8 10:53:27 www postfix/smtpd[9470]: warning: unknown[192.168.1.100]: SASL CRAM-MD5 authentication failed
Aug 8 10:53:27 www postfix/smtpd[9470]: warning: SASL authentication failure: Password verification failed
Aug 8 10:53:27 www postfix/smtpd[9470]: warning: unknown[192.168.1.100]: SASL PLAIN authentication failed
Aug 8 10:53:27 www postfix/smtpd[9470]: warning: unknown[192.168.1.100]: SASL LOGIN authentication failed
Aug 8 10:54:28 www postfix/smtpd[9470]: lost connection after AUTH from unknown[192.168.1.100]
Aug 8 10:54:28 www postfix/smtpd[9470]: disconnect from unknown[192.168.1.100]


All suggestions are most welcome since this is driving me mad after a couple of days trying to fix it :/

MarilenCorciovei
December 27th, 2007, 04:37 PM
Here is my experience (http://www.len.ro/work/tools/gutsy-on-a-ubuntu-server/qmail/view) installing qmail using the qmailrocks guide with some modifications.

breiko
March 26th, 2008, 05:26 PM
Hi there,
I tried to follow the how-to as careful as I could. Now I'm testing the system and I have this problem:


breiko@rory:~$ telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 mail.MYDOMAIN.com ESMTP Postfix (Ubuntu)
ehlo mail.MYDOMAIN.com
250-mail.MYDOMAIN.com
250-PIPELINING
250-SIZE 10240000
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
mail from:test@test.com
250 2.1.0 Ok
rcpt to:info@MYDOMAIN.com
554 5.7.1 Service unavailable; Client host [127.0.0.1] blocked using relays.ordb.org; ordb.org was shut down on December 18, 2006. Please remove from your mailserver.
quit
221 2.0.0 Bye
Connection closed by foreign host.


Service unavailable?? :confused:

breiko
March 26th, 2008, 05:56 PM
Hi there,

Service unavailable?? :confused:

Solved.
Just removed all rbl entries in main.cf

lofgren
May 20th, 2008, 03:20 AM
Hi all,

I've used this excellent howto to configure postfix/squirrelmail and mysql db's with the overall goal being a smarthost configuration.

My domain is registered with godaddy and I have configured a catch-all address there.

I can send internally and relay outbound, but sorting incoming mail is the problem.

My question is - what's the best way to sort mail sucked down from the catch-all address?
Has anyone done this? Got some config files I can peek at to get an idea?

I am trying to do: [ISP] -> fetch -> sort -> [MTA]

It doesn't have to be incredibly complicated. Probably a couple of filters to grab my wife's mail and the rest can go to my mailbox.

I have toyed with 'fetchmail' / 'getmail' into postfix.

From what I have seen/tried fetchmail is okay to dump mail into postfix for one mailbox. getmail wants to dump to mbox or maildir folders, or use an intermediate mta such as procmail/maildrop.

As per the getmail page (http://pyropus.ca/software/getmail/configuration.html#conf-retriever-multidrop), the godaddy config is not a "maildrop" or "domain mailbox" setup.
It is missing the necessary headers to make it easy for me ;)

Thanks for any help (and for the awesome guide),
Lofgren

PS>
My system is ubuntu, upgraded from 7.04 -> 7.10 -> 8.04 then I've followed this guide, installed postfix/squirrelmail etc.
It also runs mythtv and has had mysql from the start.

A couple of issues I found with the current guide are:
-Pear DB not installed. Needed to run: pear install db
-needed square brackets around the relayhost host in main.cf and to include a port for godaddy smtp.
-old hosts in rbl entries as mentioned by the previous poster eg: spamhaus.org

BlairKatu
May 28th, 2008, 03:32 AM
SquirrelMail gives me the following error an a successful login


Connection dropped by IMAP server.


I have tested extensively and found little help, If anyone knows about this it would be appreciated

lofgren
May 31st, 2008, 08:48 AM
SquirrelMail gives me the following error an a successful login


Connection dropped by IMAP server.

I have tested extensively and found little help, If anyone knows about this it would be appreciated

It's been a couple of weeks now and I am swiftly forgetting.. but does the user you are trying to log in as have mail yet?

I found that to "enable" the user's mailbox, I had to send them mail from the command line (see the test section in the howto).
This creates their mail folders and seems to fulfill one of the requirements for squirrelmail and courier-imap.

Once I had sent mail to one mailbox, I could log in to squirrelmail and then send mail to the others.

There might have been other steps I had to do as well, but I do recall this was one of them.

good luck.

exactaperfecta
June 25th, 2008, 06:13 PM
I am completely new to Ubuntu OS and I am trying to set up an email server for the first time.

I have installed all of the packages and now I am trying to configure Shorewall.

I am having trouble editing the config files in the Terminal. I am unable to change the text without error messages coming up. Also, I don't know how to save the edited file when I am done.

Please advise.

Thanks,
Ward

qrwe
July 3rd, 2008, 09:34 AM
Has anyone tried the flurdy guide together with Roundcube instead of Squirrelmail?

There are two major packages available through aptitude:
roundcube: Makes the major configurations for you, including creating the Roundcube database.
roundcube-webmail: No database is created. It's easier to follow the official installation guide (http://trac.roundcube.net/wiki/Howto_Install) with this one though.

qrwe
July 3rd, 2008, 09:38 AM
Hi there,
I tried to follow the how-to as careful as I could. Now I'm testing the system and I have this problem:


breiko@rory:~$ telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 mail.MYDOMAIN.com ESMTP Postfix (Ubuntu)
ehlo mail.MYDOMAIN.com
250-mail.MYDOMAIN.com
250-PIPELINING
250-SIZE 10240000
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
mail from:test@test.com
250 2.1.0 Ok
rcpt to:info@MYDOMAIN.com
554 5.7.1 Service unavailable; Client host [127.0.0.1] blocked using relays.ordb.org; ordb.org was shut down on December 18, 2006. Please remove from your mailserver.
quit
221 2.0.0 Bye
Connection closed by foreign host.


Service unavailable?? :confused:

You're trying to use a blacklist which is not available anymore. Remove it from smtpd_client_restrictions in /etc/postfix/main.cf (and don't forget to postmap and reload afterwards).

***

Added later:
Sorry for the double post, missed the post right afterwards.

Temujin_12
July 4th, 2008, 09:56 PM
I've run through the guide, loaded data, and was able to test (ie: manually telnet'ing works).

After adding the extra services (auth, ssl, spamassasin, clamav, etc.) when I start courier-imap-ssl I get the following error:



* Starting Courier IMAP-SSL server...
/etc/init.d/courier-imap-ssl: xmalloc: ../bash/make_cmd.c:99: cannot allocate 557 bytes (0 bytes allocated)


I've tried increasing IMAP_ULIMITD in /etc/courier/imapd as per this forum thread posting (http://isp-control.net/forum/howto-make-ispcp-more-secure-t-257-2.html#pid5676), but to no avail. I even tried setting it to unlimited but still get the same error.

Starting non SSL imap works just fine.

Any ideas as to what may be causing this?


EDIT: By the way this is on an Ubuntu 6.04 server following the 5th edition of the guide (http://flurdy.com/docs/postfix/edition5.html).

fade2gray
July 6th, 2008, 04:05 PM
At Configuration > Content Checks (amivisd-new) (http://flurdy.com/docs/postfix/#config-adv-content)
cd /etc/amavis.d/conf.d
Should that read
cd /etc/amavis/conf.d:confused:

And
vi /etc/spamassassin/local.rf
Should that read
vi /etc/spamassassin/local.cf:confused:

Also, there seems to be a conflict at Configuration > Encryption (TLS) (http://flurdy.com/docs/postfix/#config-secure-crypt) - You are advised to "Please refer to previous edition (http://flurdy.com/docs/postfix/edition5.html#conf_encryption) for more detail", where you are told to enter into the master.cf file
smtps inet n - n - - smtpdReturning to Configuration > Encryption (TLS) (http://flurdy.com/docs/postfix/#config-secure-crypt), you are told to enter
smtps inet n - - - - smtpd:confused:

Any advice please?

lofgren
July 7th, 2008, 05:10 AM
First part should be "cd /etc/amavis/conf.d" according to my system.

The older tute asks you to edit "50User", but seems a little rushed in that section - I think it was also a quote from someone else's suggestion or something.

Anyway on my system, "50-User" was the actual file to be edited.


I cannot comment on spamassassin as I skipped that section.

I'm not 100% sure of the smtps line. From the comments in my file, I believe the second "n" will make the process run in a chroot jail. I vaguely recall reading some conflicting discussion on whis as to which was best and why.
Either way, mine is set without the second "n".

Hope that helps.

fade2gray
July 8th, 2008, 02:42 AM
Thanks for the reply lofgren.

Also, I think 'vi /etc/courier/authmysql' should read 'vi /etc/courier/authmysqlrc' (the latter already exists after install).
I this is true, should 'authmodulelist="authmysql"' read 'authmodulelist="authmysqlrc"' within '/etc/courier/authdaemonrc'?

448191
July 17th, 2008, 08:38 PM
After much hair pulling with getting postfix/smtp/sasl/mysql working, it turned out that I had trailing spaces at the end of each line from the copy/paste in the /etc/postfix/sasl/smtpd.conf

After removing the spaces from the file and reloading postfix all was well.

I was getting errors in /var/log/auth.log like these until I removed the trailing spaces:

postfix/smtpd[27381]: SQL engine 'mysql ' not supported
postfix/smtpd[27381]: auxpropfunc error no mechanism available
postfix/smtpd[27381]: _sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: sql

Other than that the howto was great.

That was very helpful. I was pulling my GD hair out. Removed all trailing spaces and voila.

bucksquare
July 18th, 2008, 01:03 AM
Hello,
I'm following : https://help.ubuntu.com/community/PostfixBasicSetupHowto.

Where do i place - A Maildir is a directory (often named Maildir) with three subdirectories named tmp, new, and cur. The subdirectories should all reside on the same filesystem-this directory.

Thanks

Next.

I tried to use my domain mmail but the mx record does not exist. is this something the domain holder does or do I use dns server in the ubuntu server.

Thanks

pavel989
July 18th, 2008, 07:09 AM
Kool!, this'll be awesome if i ever do start a website. thnx!

cochones
July 19th, 2008, 05:56 PM
Hi there,
after following a part of this tutorial my webserver (apache2) don't start. I have tried many things and have also googled the error. So i don't know what to do an I hope someone of you can help me!

When I try to start the webserver with this command:
/etc/init.d/apache2 start

I get this error:


Starting web server (apache2)...
(98)Address already in use: make_sock: could not bind to address [::]:443
(98)Address already in use: make_sock: could not bind to address 0.0.0.0:443
no listening sockets available, shutting down
Unable to open logs
failed!


I have already looked up if another application is running which is using port 443 or port 80. But there is nothing.

Hope to get help :-)

cochones
July 20th, 2008, 01:54 PM
Hi there,
I have fixed the Problem. I don't exaktly know what the problem was, but know it works :D. If anyone wanna know the solution was...write here.

So far..stay tuned!

oink
August 4th, 2008, 09:11 PM
Hi all,

I have a problem integrating getmail in the flurdy mailserver. For some users i fetch the mail from a pop3 box with getmail and give it to Postfix with the MDA_external = /usr/sbin/sendmail command.


[options]
#message_log = /var/log/getmaillog
delete = false

[retriever]
type = SimplePOP3SSLRetriever
server = pop.gmail.com
username = myname@gmail.com
password = mypasswd

[destination]
type = MDA_external
path = /usr/sbin/sendmail
arguments = ('-bm','myname@mydomail.com')
unixfrom = true


The problem is that amavis is bypassed if i fetch my mail with getmail.

Anyone any idea, i'am really stuck!!
Thanks!!!

RalphG1000
August 6th, 2008, 09:35 AM
I am running
Ubuntu 6.06.2 LTS

After following this tutorial I can telnet to port 25 from another machine.
I can: ehlo abc.com
mail from:<mr@abc.com>
rcpt to:<mrs@def.co.uk> (A domain registered on the server)

but then it always cuts me off tating "connection lost"

The logs in /var/log/mail.* show...

"Aug 6 00:05:39 ubuntu postfix/smtpd[4182]: fatal: 127.0.0.1:: missing service information"

The full log is below:

root@ubuntu:/var/log# vi mail.info.0
Aug 5 23:59:07 ubuntu spamd[3604]: spamd: server pid: 3604
Aug 5 23:59:07 ubuntu spamd[3604]: spamd: server successfully spawned child process, pid 3642
Aug 5 23:59:07 ubuntu spamd[3604]: spamd: server successfully spawned child process, pid 3643
Aug 5 23:59:07 ubuntu spamd[3604]: prefork: child states: II
Aug 5 23:59:17 ubuntu authdaemond.plain: modules="authmysql", daemons=5
Aug 5 23:59:20 ubuntu postfix/master[3975]: daemon started -- version 2.2.10, configuration /etc/postfix
Aug 6 00:05:05 ubuntu postfix/smtpd[4182]: connect from unknown[192.168.0.3]
Aug 6 00:05:39 ubuntu postfix/smtpd[4182]: fatal: 127.0.0.1:: missing service information
Aug 6 00:05:40 ubuntu postfix/master[3975]: warning: process /usr/lib/postfix/smtpd pid 4182 exit status 1
Aug 6 00:05:40 ubuntu postfix/master[3975]: warning: /usr/lib/postfix/smtpd: bad command startup -- throttling

I have spent many hours trying to solve this one problem and would appreciate any suggestions.

Thanks in advance, Ralph.

RalphG1000
August 6th, 2008, 03:50 PM
Still can't narrow the problem down any further so built another server using "http://workaround.org/articles/ispmail-sarge/" and it ran like a dream first attempt.

Will play tutorials off against each other now have a working box to add postgrey etc.

Ralph : )

stony999
August 8th, 2008, 02:25 PM
I tried all ways,

I removed trailing spaces.
I tried smtpd_sasl_path = /etc/postfix/sasl:/usr/lib/sasl2
I tried smtpd_sasl_path = smtpd
I created /etc/sasldb2
I copied /etc/sasldb2 to /var/spool/postfix/etc/sasldb2, changed acces rights
I tried pwcheck_method: saslauthd with saslauthd and smtpd_sasl_path = /var/run/saslauthd
If I put PLAIN LOGIN into smtpd.conf the smtp-Dialog still offers
250-AUTH=NTLM LOGIN PLAIN DIGEST-MD5 CRAM-MD5
I straced postfix but I found no entry for smtpd.conf
I wrote a script which automatically starts strace on smtpd when it starts but I found no entry for smtpd.conf. (Ok, I am of course missing the first part in the trace, as it takes time to detect that smtpd has started and to stat strace, so)
I tried saslfinger -s and it always gives me "There is no smtpd.conf that defines what SASL should do for Postfix. SMTP AUTH can't work!


I am pretty sure now that postfix does not try to load smtpd.conf in one of these paths. I have no clue where I shall put it. Even strace didn't help.

Also mysql.log does not show any entries, when trying to send mails. When sending mails it works though).

In auth.log I always get


Aug 8 06:01:57 mail postfix/smtpd[14122]: sql_select option missing
Aug 8 06:01:57 mail postfix/smtpd[14122]: auxpropfunc error no mechanism available
Aug 8 06:01:57 mail postfix/smtpd[14122]: _sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: sql

Questions:

Any idea where to look further?
Anyone has it running on 8.04 and may post it's configuration?


I have

Ubuntu 8.04
postfix 2.5.1-2ubuntu1
postfix-mysql (2.5.1-2ubuntu1)
ibntlm0_0.3.13-1
libgsasl7_0.2.21-1
libsasl2-modules-sql_2.1.22.dfsg1-18ubuntu2
libauthen-sasl-perl_2.10-1

stony999
August 8th, 2008, 04:15 PM
After modifying saslfinger shell script in order to give some more output where he seeks the file, I found out that indeed the smtpd.conf contained a space at the end in it's filename

My entry in main.cf is now

smtpd_sasl_path = smtpd

And my /etc/postfix/sasl/smtpd.conf is now

pwcheck_method:auxprop
auxprop_plugin:sql
mech_list:plain login cram-md5 digest-md5
sql_engine:mysql
sql_hostnames:127.0.0.1
sql_user:user
sql_passwd:pass
sql_database:maildb
sql_select:select clear from users where id='%u@%r' and enabled = 1

qrwe
August 23rd, 2008, 10:46 AM
This is an excellent tutorial. I am setting up Postfix on a second machine and using the information in the tutorial. If it works out, I will do the same on the main machine.

I am confused about something. In the section CREATE TABLE `users`:

CREATE TABLE `users` (
`id` varchar(128 ) NOT NULL default '',
`name` varchar(128) NOT NULL default '',
`uid` smallint(5) unsigned NOT NULL default '5000',
`gid` smallint(5) unsigned NOT NULL default '5000',
`home` varchar(255) NOT NULL default '/var/spool/mail/virtual',
`maildir` varchar(255) NOT NULL default 'blah/',
`enabled` tinyint(3) unsigned NOT NULL default '1',
`change_password` tinyint(3) unsigned NOT NULL default '1',
`clear` varchar(128) NOT NULL default 'ChangeMe',
`crypt` varchar(128) NOT NULL default 'sdtrusfX0Jj66',
`quota` varchar(255) NOT NULL default '',
`procmailrc` varchar(128) NOT NULL default '',
`spamassassinrc` varchar(128) NOT NULL default '',
PRIMARY KEY (`id`),
UNIQUE KEY `id` (`id`)
) ;

What is the purpose of the line

`clear` varchar(128) NOT NULL default 'ChangeMe',
`crypt` varchar(128) NOT NULL default 'sdtrusfX0Jj66'

I suspect I should have put something other than 'ChangeMe' and 'sdtrusfX0Jj66' when I did it. If that is the case, do I need to use md5crypt to generate them? Can I use PHPMyadmin to change the entries so I do not need to remove the table and enter the table info again?

Thanks for the tutorial.

This was a typical post where smileys should be banned from the surface of Earth! :-) <- OK, nevermind..

My problem is similar to this. When I tell courier to look for the "crypt" table in the database, it says that the passwords doesn't match. I succeed to log in when using plaintext ("clear" table) though. I do not want to reveal my password in the logs though (yes, I can read it clearly there), so how do I tell courier to decrypt the passwords in the crypt table?

Thanks for your support!

noclue2008
August 27th, 2008, 12:10 PM
Hi im new to the ubuntu thing,
I need some help im receiving this error

* Stopping MySQL database server mysqld [ OK ]
* Starting MySQL database server mysqld [ OK ]
* Checking for corrupt, not cleanly closed and upgrade needing tables.

dumarjo
August 28th, 2008, 09:34 PM
is it possible to use some gui web based interface to administer this setup ?

Dumarjo

wetjet43
September 3rd, 2008, 06:31 PM
It seems that a LOT of people are having problems with this guide. Everything from small typos to commands that just aren't working. I'm stuck on creating a new certificate using the command:

openssl req -x509 -newkey rsa:1024 -keyout imapd.pem \ -out imapd.pem -nodes -days 999

It just won't work. :confused:

This guide needs to be updated so the people who want to setup an email server for their orginazation can do so without hiccups and problems. I'm trying to get the elementary school I work at away from M$ Xchange server, and I'm unable to because the instructions in the guide are not 100% correct. I'd love to ditch our current mail server and go with this one... but for not it's not possible.

One more thing... VI is horrible! I like nano instead. Much easier to use, and the commands are right there that tell you how to use it.

ewtrowbr
September 8th, 2008, 03:52 PM
Flurdy,

I was able to get most of the stuff working with some fiddling... I had to take the time to read through and make sure you know what's up with individual apps instead of cut-paste-pray.

All in all, an excellent guide. This server was used last weekend to host mail for various New Orleans Small businesses fleeing Gustav, including the St. Bernard Parish Government. Flurdy, I'll be looking for your tipjar/wishlist, if it exists.

Never did manage to get the crypt passwords working, so I used plain in SQL. I had to reference an earlier version of the guide to help me do this.

If you want pop, you have to 'sudo apt-get install courier-pop' and configure.

I'll go back through this thread and see if I can help people.

I am interested in making unique spam folders for my users to hold quarantined mail. I cannot figure out how to do this without user shell accounts. If somebody knows, they can save me some research time. ;)

Erich

ewtrowbr
September 8th, 2008, 03:53 PM
Hi im new to the ubuntu thing,
I need some help im receiving this error

* Stopping MySQL database server mysqld [ OK ]
* Starting MySQL database server mysqld [ OK ]
* Checking for corrupt, not cleanly closed and upgrade needing tables.

I don't believe that's an error, just a statement that the software is checking for jacked up tables. Mine does the same thing. You should be cool...

Erich

ewtrowbr
September 8th, 2008, 03:57 PM
One more thing... VI is horrible!

I tried using nano, but the 'esc:w' feature was broken, so I went back to vim.

:lolflag:

Erich

issackelly
October 12th, 2008, 09:10 PM
I'm having problems with SASL and SSL on SMTP.

Here are my logs from a connection request


postfix/smtpd[2699]: connect from (outside host)
postfix/smtpd[2699]: setting up TLS connection from (outside host)
postfix/smtpd[2699]: SSL_accept error from (outside host_: -1
postfix/smtpd[2699]: lost connection after STARTTLS from (outside host)
postfix/smtpd[2699]: disconnect from (outside host)
postfix/smtpd[2714]: warning: xsasl_cyrus_server_get_mechanism_list: no applicable SASL mechanisms
postfix/smtpd[2714]: fatal: no SASL authentication mechanisms
postfix/master[1746]: warning: process /usr/lib/postfix/smtpd pid 2714 exit status 1
postfix/master[1746]: warning: /usr/lib/postfix/smtpd: bad command startup -- throttling


OK... and HERE is what happens when I don't use SSL



postfix/smtpd[2838]: connect from (outside host)
postfix/smtpd[2838]: warning: SASL authentication failure: no secret in database
postfix/smtpd[2838]: warning: (outside host): SASL CRAM-MD5 authentication failed: authentication failure
imapd-ssl: LOGIN, user=issac@servee.com, ip=[::ffff:(outside host)], port=[49997], protocol=IMAP


IMAP is connecting fine (over ssl) and SMTP still won't connect at all (using the same credentials on the same database)


And just before that bit in the logs is this (not sure if it's related)


postfix/master[2811]: warning: process /usr/lib/postfix/smtpd pid 2822 exit status 1
postfix/master[2811]: warning: /usr/lib/postfix/smtpd: bad command startup -- throttling
postfix/smtpd[2823]: fatal: unexpected command-line argument: reject
postfix/master[2811]: warning: process /usr/lib/postfix/smtpd pid 2823 exit status 1
postfix/master[2811]: warning: /usr/lib/postfix/smtpd: bad command startup -- throttling

it always fails.

zmaj_lee
October 15th, 2008, 10:40 PM
I am stuck ](*,)with my problem and it is so frustrating. I am hoping that somebody knows answer to my problem. I already have postfix setup with spamassassin and it is relaying emails to my exchange, and it also have a nice set of rules configured where one of them is to block anybody from outside who tries to send email somewhere else using my servers which is awesome but now I am in the situation where I need to make an exception so this particular IP address can send e-mail on my behalf to other people thru my email servers. I have no idea how to get this working and I need this working like yesterday ofcourse :). I found something on postfix smtp auth but I am not so sure if I can do that on my existing setup or if that would actually help me. Please ubuntu/postfix guru's show me the way and I'll follow. :guitar:

obitori
October 22nd, 2008, 12:26 AM
I just installed the Ubuntu 8.10 beta (Ibex). Some of the file names have changed. php-myadmin is now phpmyadmin and libclamav3 is now libclamav5.

If you cut and paste the below, you'll get all the programs that Flurdy installs...


apt-get install mysql-client mysql-server postfix postfix-mysql libsasl2-modules-sql libgsasl7 libauthen-sasl-cyrus-perl courier-base courier-authdaemon courier-authlib-mysql courier-imap courier-imap-ssl courier-ssl amavisd-new spamassassin spamc clamav-base libclamav5 clamav-daemon clamav-freshclam postgrey squirrelmail squirrelmail-locales php-pear php5-cli phpmyadmin shorewall shorewall-doc vim mutt lynx

Good luck!

obitori
October 23rd, 2008, 08:37 PM
I am a big fan of your HOWTO. In Edition 7 of your HOWTO, you provided the following script to create the table "users". My question is this:

Why do you create a "home" directory for the account? Wouldn't it make sense to use "id/", which should be unique, as the home?

maildir + / + id + / should create a unique home directory for each user's mail, correct?


CREATE TABLE `users` (
`id` varchar(128) NOT NULL default '',
`name` varchar(128) NOT NULL default '',
`uid` smallint(5) unsigned NOT NULL default '5000',
`gid` smallint(5) unsigned NOT NULL default '5000',
`home` varchar(255) NOT NULL default '/var/spool/mail/virtual',
`maildir` varchar(255) NOT NULL default 'blah/',
`enabled` tinyint(3) unsigned NOT NULL default '1',
`change_password` tinyint(3) unsigned NOT NULL default '1',
`clear` varchar(128) NOT NULL default 'ChangeMe',
`crypt` varchar(128) NOT NULL default 'sdtrusfX0Jj66',
`quota` varchar(255) NOT NULL default '',
`procmailrc` varchar(128) NOT NULL default '',
`spamassassinrc` varchar(128) NOT NULL default '',
PRIMARY KEY (`id`),
UNIQUE KEY `id` (`id`)
) ;


So what does each of these lines do? Well the domains are pretty straight forward.

The users are as well, it requires four fields. ID is the email address of the user, and also its username when loggin in, described later on. NAME is optional description of the user. MAILDIR is the name of the folder inside /var/spool/mail/virtual. It must end in a /, otherwise it wont be used as a unix maildir format. CRYPT is the encrypted text password to use.

lukeb.vr
November 5th, 2008, 12:48 AM
is it possible to use some gui web based interface to administer this setup ?

Dumarjo

I'm trying to get a webgui working on this system using postfixadmin, but it appears that Ill have to rework the entire mysql database to match the one expected in postfixadmin. Has anyone had any luck in doing this?

satimis
November 7th, 2008, 12:16 PM
Hi folks,


I'm following this howto to build a mail server. I prefer installing Roundcube as webmail dropping squirrelmail and squirrelmail-locales. Any other packages I can forget.


Is Roundcube available on Ubuntu repo? TIA



B.R.
satimis

dchurch24
November 23rd, 2008, 06:36 PM
Hi, great guide. Followed it and everything seems to be looking good.

I can send mail if I telnet in on 25, but having installed Squirrelmail, I can't log in to see if I have received mails.

This is entirely on a local network and I have sent test mails to root@localhost, but if I try to login to squirrelmail with root@localhost and [password], I get the following:

"ERROR
Unknown user or password incorrect."

Anyone else had this, or can point me in the right direction?

I did set this up before on another (external) server, and after a little bit of a struggle got it all working. That was without any spam or virus protection though, hence I followed this guide.

Please help, I'm stuck ;-)

UPDATE: I've managed to log in (for one user at least), but when I do I get the "IMAP dropped etc..." message - usually this means that the user hasn't received a mail and therefore the mail dirs are not set up. I have sent a mail to user@localhost, but this doesn't seem to be getting delivered.

I have teleneted on 25 and sent mail to external addresses and they have received fine. I'm obviously doing something wrong, but I cannot work out what.

aparrish
November 24th, 2008, 12:11 AM
dchurch24:

I just followed the directions today. I seem to have smtp sending via telnet on port 25 working as well.

I found that his instructions tell you to insert users into the user's table as user@domain.com this causes a lookup failure when loggin in via squirrelmail. The users when logging in via squirrelmail are user instead of user@domain.com. I just modified my entry in the user's table to be "user"

I also had to switch from crypt to clear in the /etc/courier/authmysqlrc file. I am now able to login with the text of the clear field in the database as my password.

This is an undesireable situation but at least lets me test my setup. I need to get encrypted passwords working now :)

Please respond to PM if you want to discuss via some instant messaging client.

aparrish
November 24th, 2008, 12:52 AM
Looks like you are getting something like this in /var/log/mail.log

Nov 23 18:50:22 sephiroth imapd-ssl: chdir /var/spool/mail/virtual/username/: No such file or directory


Fix it by creating your /var/spool/mail/virtual/username directory for the user you are working with. I also had to make sure to create the 5000 gid and uid and chown it to the virtual user.

Cheers!

dchurch24
November 24th, 2008, 11:19 AM
Hi, thanks for the reply (and the PM, have added you in AIM ;-) )

I had already created the user folders in the virtual directory and chowned them to the same user, but I still get the IMAP error in squirrelmail.

I think the problem is that the mail is just not arriving in the users inbox and thus not setting up something that it should to get it working.

I am getting the following in the /var/log/mail.log:



Nov 24 10:17:03 dave-desktop imapd-ssl: Connection, ip=[::ffff:127.0.0.1]
Nov 24 10:17:03 dave-desktop imapd-ssl: chdir Maildir: No such file or directory


So it implies that there is a folder called Maildir that is missing somewhere.

dchurch24
November 24th, 2008, 11:41 AM
Ok, created the folders /home/[user]/Maildir and subs /cur /tmp and new.

I can now log into the users mail using Squirrelmail.

However, there is no mail there waiting.

If I send a mail using Squirrelmail, it never arrives either, yet if I telnet to port 25 and send one manually, it arrives where is hould (just not in my [user]@localhost account).

Clearly I have set something up wrong, but I don't know what.

satimis
November 24th, 2008, 12:58 PM
Ok, created the folders /home/[user]/Maildir and subs /cur /tmp and new.

Hi dchurch24,

It's NOT necessary to create the subdirectories, /cur, /new and /tmp. They will be automatically generated on the arrival of the 1st mail.

But you must manually create /var/spool/mail/virtual/Maildir and run;

# chown -R virtual:virtaul /var/spool/mail/virtual/Maildir


Then you can send/read mails on SM

HTH


satimis

dchurch24
November 24th, 2008, 01:54 PM
Thanks for that.

I did the chown, but still no mail arrives (or can be sent) through Squirrelmail.

The user I have set up is 'dave', so I have sent mail to dave@localhost, but despite this user being in the db, the mail never arrives.

satimis
November 24th, 2008, 02:32 PM
Thanks for that.

I did the chown, but still no mail arrives (or can be sent) through Squirrelmail.

The user I have set up is 'dave', so I have sent mail to dave@localhost, but despite this user being in the db, the mail never arrives.
Ah dchurch24,


1)
Sorry I forgot to mention "virtual:virtual" works on my system.

/var/spool/mail/virtual/Maildir is owned by "virtual" and in the "virtual group" here. I don't know whether it is the same on your system. Otherwise you have to adjust them to suit your case. If the same, please check /etc/group to see they are there.


2)
Did you send the mail to 'dave' from another PC via Internet. Then you have to address the mail "dave@domain.com"


satimis

dchurch24
November 24th, 2008, 02:33 PM
Hi, thanks again.

I corrected the typo ;-) before I chown'ed.

I have looked in /etc/group and the last entry is 'virtual:x:5000:' - is that correct?

I am sending the mail from inside my network - on the same machine as the server in fact.

satimis
November 24th, 2008, 02:46 PM
Hi, thanks again.

I corrected the typo ;-) before I chown'ed.

I have looked in /etc/group and the last entry is 'virtual:x:5000:' - is that correct?

# grep virtual /etc/group

virtual:x:5000:
It is the same here




I am sending the mail from inside my network - on the same machine as the server in fact.
All servers here are headless. I install/config server remotely. I can't test it here.


My guess, please try;

dave@127.0.0.1
to check whether it works.

satimis

dchurch24
November 24th, 2008, 04:22 PM
rcpt to: dave@127.0.0.1

returns:

501 5.1.3 Bad recipient address syntax

hctopcu
December 17th, 2008, 12:17 PM
I'm a newbee. Your guide is extremely helpfull thank you.
I have a running apache server on my machine. I am afraid of messing up so I skipped setting up firewall for now.

I managed to set up Courier IMAP. I can log in through imap but when I try to send mails, I get:

Dec 17 13:09:13 mygitarapp postfix/smtpd[24035]: connect from unknown[88.235.53.100]
Dec 17 13:09:13 mygitarapp postfix/smtpd[24035]: NOQUEUE: reject_warning: RCPT from unknown[88.235.53.100]: 504 5.5.2 <ArGoNNB>: Helo command rejected: need fully-qualified hostname; from=<gunman@mygitar.com> to=<c@gri.in> proto=ESMTP helo=<ArGoNNB>
Dec 17 13:09:13 mygitarapp postfix/smtpd[24035]: NOQUEUE: reject: RCPT from unknown[88.235.53.100]: 554 5.7.1 <c@gri.in>: Relay access denied; from=<gunman@mygitar.com> to=<c@gri.in> proto=ESMTP helo=<ArGoNNB>
Dec 17 13:09:13 mygitarapp postfix/smtpd[24035]: NOQUEUE: reject_warning: RCPT from unknown[88.235.53.100]: 504 5.5.2 <ArGoNNB>: Helo command rejected: need fully-qualified hostname; from=<gunman@mygitar.com> to=<c@gri.in> proto=ESMTP helo=<ArGoNNB>
Dec 17 13:09:13 mygitarapp postfix/smtpd[24035]: NOQUEUE: reject: RCPT from unknown[88.235.53.100]: 554 5.7.1 <c@gri.in>: Relay access denied; from=<gunman@mygitar.com> to=<c@gri.in> proto=ESMTP helo=<ArGoNNB>
Dec 17 13:09:13 mygitarapp postfix/smtpd[24035]: NOQUEUE: reject_warning: RCPT from unknown[88.235.53.100]: 504 5.5.2 <ArGoNNB>: Helo command rejected: need fully-qualified hostname; from=<gunman@mygitar.com> to=<hctopcu@gmail.com> proto=ESMTP helo=<ArGoNNB>
Dec 17 13:09:13 mygitarapp postfix/smtpd[24035]: NOQUEUE: reject: RCPT from unknown[88.235.53.100]: 554 5.7.1 <hctopcu@gmail.com>: Relay access denied; from=<gunman@mygitar.com> to=<hctopcu@gmail.com> proto=ESMTP helo=<ArGoNNB>
Dec 17 13:09:14 mygitarapp postfix/smtpd[24035]: disconnect from unknown[88.235.53.100]
I can't understand why a client need to have a hostname. (As I said I'm a rookie)

hctopcu
December 17th, 2008, 01:56 PM
I made it by editing /etc/hostname and giving a correct domain.
But I don't get it. My server was accepting other smptp connections form gmail etc. I only had problems with clients. The problem and solution conflicts in my mind. I don't get it. If the problem was in servers hostname, why the rest of the world does not get the same problem?

nomaam
December 18th, 2008, 04:16 AM
Does any one know of an iso image download of a setup mail server for those of us who are not able to get this tutorial working? Possibly a Torrent download?

lukeyduke
December 23rd, 2008, 04:26 AM
I have recently installed a fantastic webmail client, Atmail. They are a commercial email server appliance and webmail provider, however they have recently released a free version of their software, called atmail open. The biggest advantage is that I can now access my emails from anywhere in the world from the same fantastic interface every time. I find it is a much faster, simpler, better looking interface than any other, such as hotmail and gmail.

You can find an tutorial for installing it on there website here, it worked first go for me without any hassles whatsoever --> http://atmail.com/kb/2008/installing-atmail-open-webmail-client-on-ubuntu/

anwoke8204
January 2nd, 2009, 07:26 AM
I too am having this issue, I have configured everything, but when I try to log in, I get the invalid user, or incorrect password. when I check the log it says that password entered doesn't match the crypt password. Anyone know how I can resolve this. Many thanks. I haven't set u TLS yet, because I wanted to get it up and running first then will get TLS going. I am running ubuntu server 8.04. many thanks
Andrew

anwoke8204
January 2nd, 2009, 08:19 PM
Could this be becuse I haven't enabled TLS, I have also tried switching to clear on the auth instead of crypt, but get the same issue. I have created the username and password using the add user script given on the site also given below

INSERT INTO users (id,name,maildir,clear) VALUES
('email@address','short description','foldername/',encrypt('password'));
INSERT INTO aliases (mail,destination) VALUES
('email@address','email@address');
but I put in the valid information and passwords.

I also have an issue with amavisd when it is enabled, postfix won't start, I have an issue finding out where the "pickup" transort part of the config file is where you are supposed to paste the following:

-o content_filter=
-o receive_override_options=no_header_body_checks

when that is enabled, postfix fails to start. could someone give me some advise. TIA

proddy
January 2nd, 2009, 11:42 PM
On the topic of "Unknown user, or invalid password" I had similar problems and found out the encrypted passwords created by MySQL (using encrypt()) don't match the MD5 checks done in the authentication library. I used the below script to generate the encrypted passwords and then manually inserted them into MySQL using the phpMyAdmin web app.

#!/usr/bin/perl

if( $#ARGV != 0 )
{
print "usage: vcrypt password\n";
exit 1;
}
my $salt = join '', ('.', '/', 0..9,'A'..'Z', 'a'..'z')[rand 64, rand 64];
print crypt($ARGV[0], $salt) ."\n";

proddy
January 2nd, 2009, 11:49 PM
and, on the topic from hctopcu on the rejected clients, I had the same problem with postfix rejecting my Windows MS Outlook client "relay denied etc". I fixed it by:

1. including my home network in the postfix main.cf, e.g. adding
mynetworks = 10.0.0.0/24, 127.0.0.0/8

2. removing "reject_non_fqdn_recipient" from the smtpd_recipient_restrictions paramter also in the postfix main.cf

Hope that helps

Paul

proddy
January 2nd, 2009, 11:55 PM
One change perhaps for Edition 8 of this excellent guide is where you say

# then check if postfix is listening on 25 and mysql on 3306
netstat -tnp

on my Ubuntu 8.10 server it's netstat -tnpa (or -tnpl) to show the sockets that are actively listening

anwoke8204
January 3rd, 2009, 03:17 AM
for lhat script do I just use nano and copy it into there, and save it as filename.pl in an accessible directory from the webserver, or how do I use that script. Many thanks

proddy
January 3rd, 2009, 10:39 AM
copy it to a file and call it vcrypt. chmod 755 it. Then to run it use ./vcrypt <clean password> and it will generate the crypt'd version.

chamal
January 4th, 2009, 05:08 PM
Hi, I have a authentication problem in the basic configuration with the procedure of http://flurdy.com/docs/postfix/

the configuration that I check very times is the same as the web
I use Ubuntu 8.04 in a virtual machine and a client microsoft outlook 2007 to connect to imap server. I think that the problem is the crypt but I can not find anywhere the solution.

the syslog

Jan 4 16:18:10 ubmail authdaemond: received auth request, service=imap, authtype=login
Jan 4 16:18:10 ubmail authdaemond: authmysql: trying this module
Jan 4 16:18:10 ubmail authdaemond: SQL query: SELECT id, crypt, "", uid, gid, home, concat(home,'/',maildir), "", name, "" FROM users WHERE id = "prueba@chamalzone.com" AND (enabled=1)
Jan 4 16:18:10 ubmail authdaemond: supplied password 'prueba' does not match encrypted password 'sdtrusfX0Jj66'
Jan 4 16:18:10 ubmail authdaemond: authmysql: REJECT - try next module
Jan 4 16:18:10 ubmail authdaemond: FAIL, all modules rejected
Jan 4 16:18:10 ubmail imapd: LOGIN FAILED, user=prueba@chamalzone.com, ip=[::ffff:192.168.1.112]

Please, help me.

proddy
January 5th, 2009, 12:25 AM
dude, scroll-up and look at post #183

http://ubuntuforums.org/showpost.php?p=6482091&postcount=183

chamal
January 5th, 2009, 01:45 AM
Sorry because the question and thanks a lot. The scpript fix my problem

ttolliver
January 8th, 2009, 04:24 AM
Good evening,

First off, let me start with kudos for an awesome tutorial. Sure, there may be some rough edges for a lot of us working through it, but I'm an IT geek and appreciate the complexity of what we're pulling off here. So bravo Flurdy!!!

Okay, now to where I met my personal Waterloo ;~)

I worked through all the install and config, then found a typo when starting services for the first time. Right now I'm in the beginning of the testing on the step where you telnet to localhost to send an email manually. I can telnet fine, but I get an "unknown user" error for both the sending and receiving users in /var/log/mail.log when trying to send any email (see below).

I started out trying to send an email from my normal ISP account, but was running into spamhaus related block messages. So the test you see below is me just trying to email from one local user to another.

At this point I haven't processed a successful email, so I don't have the mail directories in /var/spool/mail/virtual yet.

I've read all of the posts I can find related to "unknown user" errors, but they all seem to be encountered by people much farther along in their testing -- usually around squirrelmail debug. So those answers don't seem to be pointed at my problem.

Any ideas would be greatly appreciated!

Thanks,
Tom




Jan 7 20:47:42 lndwr postfix/cleanup[16770]: 3448D3E1A4: message-id=<20090108024736.3448D3E1A4@mail.sdj.com>
Jan 7 20:47:42 lndwr postfix/qmgr[16765]: 3448D3E1A4: from=<test1@sdj.com>, size=382, nrcpt=1 (queue active)
Jan 7 20:47:42 lndwr postfix/virtual[16776]: 3448D3E1A4: to=<test2@sdj.com>, relay=virtual, delay=15, delays=15/0.01/0/0.01, dsn=5.1.1, status=bounced (unknown user: "test2@sdj.com")
Jan 7 20:47:42 lndwr postfix/cleanup[16770]: DEEE63E1A6: message-id=<20090108024742.DEEE63E1A6@mail.sdj.com>
Jan 7 20:47:42 lndwr postfix/qmgr[16765]: DEEE63E1A6: from=<>, size=2215, nrcpt=1 (queue active)
Jan 7 20:47:42 lndwr postfix/bounce[16773]: 3448D3E1A4: sender non-delivery notification: DEEE63E1A6
Jan 7 20:47:42 lndwr postfix/qmgr[16765]: 3448D3E1A4: removed
Jan 7 20:47:42 lndwr postfix/virtual[16776]: DEEE63E1A6: to=<test1@sdj.com>, relay=virtual, delay=0.03, delays=0.02/0/0/0.01, dsn=5.1.1, status=bounced (unknown user: "test1@sdj.com")
Jan 7 20:47:42 lndwr postfix/qmgr[16765]: DEEE63E1A6: removed

ttolliver
January 8th, 2009, 04:53 AM
Here's another question, probably not related to my last post (famous last words, hehehe).

I built my server with the server hostname of 'xxxxxx'. My expectation is that hostname can (and should) be totally separate from the fact that I'm building this box to host my domain, 'www.yyyyyy.com'. And as I build a mail server out of the same box, I feel like I should be able to have standard mail server naming conventions of 'smtp.yyyyyy.com' and 'pop.yyyyyy.com'.

Am I correct in those assumptions?

At some level, I understand completely that the 'www.yyyyyy.com', 'smtp.yyyyyy.com', and 'pop.yyyyyy.com' all hit my machine through the magic of DNS (DynDNS in my case) and a given port associated with the service. But once the network connection is made to my machine, it shouldn't care what my server hostname is. Right?

That being said, I'm willing to accept that my server hostname may be considered to have a full hostname of 'xxxxxx.yyyyyy.com' because it is a part of the established 'yyyyyy.com' domain. That's not unreasonable.

Oh, and one last tidbit. I wonder if there is an inconsistency in the v7 instructions. There are a couple places where we configure a hostname as 'smtp.yyyyyy.com' and a couple where we configure 'mail.yyyyyy.com'. I'm guessing we're supposed to use all one or all the other.

Thanks in advance for the education!

Tom

Peque
January 9th, 2009, 09:51 AM
Hey guys.

after and update of some perl packages UI'm, running into this error - Is there anything I can do about it ???


Jan 9 06:57:17 sif amavis[4791]: (04791-01-4) (!)PRESERVING EVIDENCE in /var/lib/amavis/tmp/amavis-20090109T065710-04791
Jan 9 06:57:17 sif postfix/smtp[4798]: B1EC415061E: to=<rita@xxxxxx.xxx>, relay=127.0.0.1[127.0.0.1]:10024, conn_use=4, delay=85072, delays=85019/47/0/6.2
, dsn=4.5.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.5.0 Error in processing, id=04791-01-4, quar+notif FAILED: temporarily unable to quaranti
ne: 451 4.5.0 Local delivery(1) to /var/lib/amavis/virusmails/v/spam-vtVlZTj5ZmNU.gz failed: Can't call method "value" on an undefined value at /usr/share/pe
rl5/IO/Compress/RawDeflate.pm line 98., id=04791-01-4 at /usr/sbin/amavisd-new line 10371. (in reply to end of DATA command))
Jan 9 06:57:18 sif amavis[4801]: (04801-01-3) (!)451 4.5.0 Local delivery(1) to /var/lib/amavis/virusmails/w/spam-wF3wbVF51GVY.gz failed: Can't call method
"value" on an undefined value at /usr/share/perl5/IO/Compress/RawDeflate.pm line 98.
Jan 9 06:57:18 sif amavis[4801]: (04801-01-3) (!!)TROUBLE in check_mail: quar+notif FAILED: temporarily unable to quarantine: 451 4.5.0 Local delivery(1) to
/var/lib/amavis/virusmails/w/spam-wF3wbVF51GVY.gz failed: Can't call method "value" on an undefined value at /usr/share/perl5/IO/Compress/RawDeflate.pm line
98., id=04801-01-3 at /usr/sbin/amavisd-new line 10371.
Jan 9 06:57:18 sif amavis[4801]: (04801-01-3) (!)PRESERVING EVIDENCE in /var/lib/amavis/tmp/amavis-20090109T065716-04801
Jan 9 06:57:18 sif postfix/smtp[4775]: BA82A150571: to=<rita@xxxxxx.xxx>, relay=127.0.0.1[127.0.0.1]:10024, conn_use=3, delay=145226, delays=145171/53/0/2.
1, dsn=4.5.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.5.0 Error in processing, id=04801-01-3, quar+notif FAILED: temporarily unable to quarant
ine: 451 4.5.0 Local delivery(1) to /var/lib/amavis/virusmails/w/spam-wF3wbVF51GVY.gz failed: Can't call method "value" on an undefined value at /usr/share/p
erl5/IO/Compress/RawDeflate.pm line 98., id=04801-01-3 at /usr/sbin/amavisd-new line 10371. (in reply to end of DATA command))
Jan 9 06:57:19 sif amavis[4791]: (04791-01-5) (!)451 4.5.0 Local delivery(1) to /var/lib/amavis/virusmails/f/spam-fmQs5XfFlx+6.gz failed: Can't call method
"value" on an undefined value at /usr/share/perl5/IO/Compress/RawDeflate.pm line 98.
Jan 9 06:57:19 sif amavis[4791]: (04791-01-5) (!!)TROUBLE in check_mail: quar+notif FAILED: temporarily unable to quarantine: 451 4.5.0 Local delivery(1) to
/var/lib/amavis/virusmails/f/spam-fmQs5XfFlx+6.gz failed: Can't call method "value" on an undefined value at /usr/share/perl5/IO/Compress/RawDeflate.pm line
98., id=04791-01-5 at /usr/sbin/amavisd-new line 10371.

NerdWorld
January 10th, 2009, 08:17 PM
Has anybody seen this error?

warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No such file or directory



I think I have the proper path variable to find smtpd.conf
smtpd_sasl_path = /etc/postfix/sasl:/usr/lib/sasl2



As far as I know, I'm not supposed to be using a the Berkely db. Correct?

This is preventing me from logging in (although everything else works fine!)

TIA!

qrwe
January 12th, 2009, 03:28 PM
Has anybody seen this error?

warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No such file or directory



I think I have the proper path variable to find smtpd.conf
smtpd_sasl_path = /etc/postfix/sasl:/usr/lib/sasl2



As far as I know, I'm not supposed to be using a the Berkely db. Correct?

This is preventing me from logging in (although everything else works fine!)

TIA!

Found this URL: SMTP Authentication with Postfix using files or MySQL (http://enc.com.au/myscripts/postfixmysql.html).
Hope you'll find something there.

bluethundr
January 14th, 2009, 04:44 AM
Hello Ubuntu linux guys,

Could really use your help with this one.

Well, first off MUCH THANKS to flurdy for his brilliant tutorial which I followed to the best of my ability here:

http://flurdy.com/docs/postfix/

Truly excellent work and an excellent tutorial.

Nevertheless I am having some problems that I can sure use some help on.

Let me state before going any further that I _need_ to mysqlize my postfix backend, any user limitations on my end be damned!

Currently, my postfix mail setup can send to the universe, but cannot receive.


Bear in mind that in the following config files you will see my domain obscured as mail. foo.com

The space you see is not a type-o in the config. It's a slight bug in the perl script I used to scrub my config and log files of important information that could open me up to security breaches. Better safe than sorry as they say. In short disregard the space you see when you see mail. foo.com I assure you it's really mail.foo.com in the actual config.

Mail sent to my account gets this bounce message:

http://paste.debian.net/25859/

Mail sent to my domain apparently disappears into a black hole for 7 days as my mail system delays bouncing it. I'd love to know why.

In this and in all of my further pastebins I have sanitized vital information in order to protect my domain and accounts from abuse. But you should still be able to tell what's going on from the info presented.

Here's one thing I would like to note before we proceed. This is how my virtual_mailbox_base is set in main.cf:

virtual_mailbox_base = /var/spool/mail/virtual

Yet though I have accounts setup in my mysql database, when I cd to that location the directory is completely empty.

Also, another odd thing is that I keep seeing references to user@foo.com. No where in my main.cf is foo.com mentioned so I am at a loss to understand this.

This you might not be able to help with though, because 'foo' is how I obscure my domain in posts to pastebin for security purposes.

Here's my logs (obscured of course using foo and other obfuscations including the nonsensical 666.666.666.666 representing my public IP).

http://paste.debian.net/25861/

As you can see, my logs are rife with errors that I am unclear on how to address.

Here is my my main.cf file (again obfuscated):

http://paste.debian.net/25863/

Here's my master.cf file for good measure (not sure if this helps or not):

http://paste.debian.net/25864/

This is my virtual_mailbox_maps = mysql:/etc/postfix/mysql_mailbox.cf

http://paste.debian.net/25867/

This is my virtual_uid_maps = mysql:/etc/postfix/mysql_uid.cf

http://paste.debian.net/25869/

This is my virtual_gid_maps = mysql:/etc/postfix/mysql_gid.cf

http://paste.debian.net/25870/

This is my virtual_alias_maps = mysql:/etc/postfix/mysql_alias.cf

http://paste.debian.net/25871/

And my final mysql interaction in my main.cf,

virtual_mailbox_domains = mysql:/etc/postfix/mysql_domains.cf

http://paste.debian.net/25872/

This is how my mail database is setup:

http://paste.debian.net/25873/

This is my aliases table in mysql:

http://paste.debian.net/25874/

This is my domains table:

http://paste.debian.net/25875/

and finally this is my users table:

http://paste.debian.net/25876/


And lastly, POP and IMAP refuse to authenticate valid user data.

Here is my /etc/courier/authmysqlrc:

http://paste.debian.net/25877/

This is my /etc/courier/imapd:

http://paste.debian.net/25879/

And finally, finally here's my /etc/courier/pop3d

http://paste.debian.net/25946/


That's all I can think of for now, it's late and I'm heading to bed.

ANY insight into my plight at all will save a poor sysadmin's sanity.

Thank you all very much.

qrwe
January 15th, 2009, 11:31 AM
Hello bluethundr,

As I assume you've already checked those config files carefully, it's always intresting to look out for unwanted incidents in '/var/log/mail.log'. As there's problem sending mail, it's sounds like something with postfix or/and amavis.
Another tip is to check '/etc/postfix/master.cf', there maybe something you've missed (or added inaccuratly) there. Compare with the flurdy guide if you're unsure, documentation at www.postfix.org is also your friend. :-)
Good luck.

Rolihla
January 22nd, 2009, 09:58 AM
hi everybody,

I'm a french newbe, someone can say me how to download the EC2 Amis to simply do test?

skywatcher
January 22nd, 2009, 06:16 PM
If I install Mailman from Synaptic, do I still have to go through this very complicated procedure of setting it up? Isn't there an easy-to-use mailing list program for Ubuntu?

walshie
February 7th, 2009, 07:05 AM
Hi all.

I am trying to set up a web and mail server for my parents business.
i have got the web server working although the web page is not yet complete.(www.gzone.com.au).
now i am looking at the web server setup, and it looks very daunting, oh i forgot to mention i am still a newb with linux. i dont suppose there is an easier way?
i doubt that there is! any advice or should i just go for it and hope for the best.

earth_walker
February 7th, 2009, 10:36 PM
Thanks for this how-to - I set a server up 2 years ago using this and on the software side it was amazing - stable, reliable and lots of features.

Unfortunately it was on old hardware and behind an unreliable connection, and finally the server has died and I've migrated the company's email to a professional service (fastmail.fm - so far I'm very impressed, and surprise surprise they use a similar setup).

However, here's my problem: Several of the users used squirrelmail only and want their old emails. I have full backups, but of course these emails are sitting in /var/mail/virtual/user folders in coded files that don't seem to be human readable, or at least I don't know how to access.

Can I quickly access these backed up emails in a human readable format, without setting up the whole mail server again?

Is there a way to import them into an email program so that I can then export them to the current email service? Is it just a matter of installing and configuring squirrelmail and IMAP for a local host?

Thanks,
EW

artifex
February 10th, 2009, 02:53 PM
Thanks for your brilliant howto!

I would like to setup maildrop for moving all spam to a different IMAP folder on Ibex. Is there any tutorial for that?

I have read a lot of different site and now it is working with maildrop instead of courier-maildrop (which does not include courier-authlib for unknown reason) + have to change /var/run/courier/authdaemon as world searchable but it is in very "hacked" state so I would like to clean up my setup a bit.

thelucster
February 18th, 2009, 03:36 PM
Thanks for the guide, very useful, however I am having some issues setting up SMTP authentication. I have followed the instructions to a t, but am unable to authenticate.

In /var/log/auth.log I get:


Feb 18 14:28:06 stackednotion postfix/smtpd[3920]: sql_select option missing
Feb 18 14:28:06 stackednotion postfix/smtpd[3920]: auxpropfunc error no mechanism available
Feb 18 14:28:06 stackednotion postfix/smtpd[3920]: _sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: sql


Here is my /etc/postfix/sasl/smtpd.conf:


pwcheck_method: auxprop
auxprop_plugin: sql
mech_list: plain login cram-md5 digest-md5
sql_engine: mysql
sql_hostnames: 127.0.0.1
sql_user: mail
sql_passwd: blah
sql_database: mail
sql_select: select clear from users where id='%u@%r' and enabled = 1

Any ideas, it sounds as if it can't find the SQL plugin, but it is definately installed:


# apt-get install libsasl2-modules-sql libgsasl7 libauthen-sasl-cyrus-perl
Reading package lists... Done
Building dependency tree
Reading state information... Done
libsasl2-modules-sql is already the newest version.
libgsasl7 is already the newest version.
libauthen-sasl-cyrus-perl is already the newest version.
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.

I am running 64bit 8.04.

Regards,

Luca Spiller

vtk
February 20th, 2009, 07:04 AM
Hello all. I worked through several of the rough spots in the setup, but I'm still experiencing a challenge.

To put it succinctly, I had to manually create the users directory in /var/spool/mail/virtual/<user_dir>. When I finally got a successful login, I am getting errors that there is no inbox. I've been through the HOWTO several times over the past few hours, to no avail. Any ideas?

I'm trying keep this short, in case this is a 'DUH' situation, but would be more than willing to pastebin any config files.

Thanks much all.

Peace,
V

flurdy
February 24th, 2009, 03:24 PM
Hello all. I worked through several of the rough spots in the setup, but I'm still experiencing a challenge.

To put it succinctly, I had to manually create the users directory in /var/spool/mail/virtual/<user_dir>. When I finally got a successful login, I am getting errors that there is no inbox. I've been through the HOWTO several times over the past few hours, to no avail. Any ideas?

I'm trying keep this short, in case this is a 'DUH' situation, but would be more than willing to pastebin any config files.

Thanks much all.

Peace,
V

Did the users in ...../virtual/.... receive an email?

Remember the folders only gets created when they receive their first email.

IanHobson
February 24th, 2009, 03:34 PM
Help!

Ubuntu newbie here - basic info please! :)

I've set things up according to version 7, and I can login to collect my email (or rather get a "No emails on server" result).

But I cannot get authenticated when I send emails.

Same username, same password, same "Use TLS if available" link.

How do I start investigating this?

Thanks

Ian

cory_
March 13th, 2009, 09:34 AM
Flurdy thanks for taking the time to make a howto on setting up an email server.

As usual nothing works the first time as you mentioned in your tutorial. I was testing my set up and noticed while tailing mysql log that postfix is unable to connect to mysql server. The error logged says that access is denied for 'mail'@'localhost' (using password: NO). I might add this happens automatically without me starting telnet localhost 25. Even though this was happening I tried to telnet and it times out after a long while with no results. I went through the tutorial twice and feel like I have everything set up the way you showed. I am installing this email server using Ubuntu 8.04 Hardy Heron.

Any help would be greatly appreciated.

mariuxx
March 17th, 2009, 08:37 PM
Hi everyone.

I just followed the excellent howto to set up a mail server. When I came to testing, I experienced some problems.
First of all, there are some differences regarding config files for the different modules. Also commands/program names are different than in the testing section which was written for Dapper more than two years ago. To make matters worse, I'm quite new to Linux configuration, so I don't have many clues about where to look if things don't work first time.
Well, here is where it all stopped...

First, the testing section says (that I'm to issue):
/etc/init.d/courier stop

There is no /etc/init.d/courier on my system. I believe I installed courier with: 'sudo apt-get courier-base'.
Now I have 3 services running: courier-authdaemon, courier-imap and courier-imap-ssl (all are located in /etc/init.d/)

Well, I have tried to ignore what does not result in direct errors. I stopped the above services, and more or less followed the testing section as well as I could.

The config files for postfix (/etc/postfix/master.cf and main.cf) on my system are quite different from what is shown in the howto. Specifically, none of the files contain an entry about content_filter.

Then, when I try to telnet in on port 25, the connection attempt is refused. I can telnet without specifying port, or specifying 23. I suppose I can edit some settings to let it happen, but I don't know where. I even stopped the Shorewall to be sure it was not the problem.

So, for first I would just love it if somebody could give me a hint to the following questions:
-How do I allow/accept telnet on port 25?
-How do I configure content filter?

Thanx for reading this.

flurdy
March 17th, 2009, 11:31 PM
Flurdy thanks for taking the time to make a howto on setting up an email server.

As usual nothing works the first time as you mentioned in your tutorial. I was testing my set up and noticed while tailing mysql log that postfix is unable to connect to mysql server. The error logged says that access is denied for 'mail'@'localhost' (using password: NO). I might add this happens automatically without me starting telnet localhost 25. Even though this was happening I tried to telnet and it times out after a long while with no results. I went through the tutorial twice and feel like I have everything set up the way you showed. I am installing this email server using Ubuntu 8.04 Hardy Heron.

Any help would be greatly appreciated.


(If only things would work straight away, then the estimations I do at work may be a bit more correct...)


Is the mail user correctly set up in mysql? e.g. can you log in as it via phpmyadmin or mysql command line?

Do the /etc/postfix/mysql_xxxx files have a password defined in them?

flurdy
March 17th, 2009, 11:42 PM
Hi everyone.

I just followed the excellent howto to set up a mail server. When I came to testing, I experienced some problems.
First of all, there are some differences regarding config files for the different modules. Also commands/program names are different than in the testing section which was written for Dapper more than two years ago. To make matters worse, I'm quite new to Linux configuration, so I don't have many clues about where to look if things don't work first time.
Well, here is where it all stopped...

First, the testing section says (that I'm to issue):
/etc/init.d/courier stop

There is no /etc/init.d/courier on my system. I believe I installed courier with: 'sudo apt-get courier-base'.
Now I have 3 services running: courier-authdaemon, courier-imap and courier-imap-ssl (all are located in /etc/init.d/)

Well, I have tried to ignore what does not result in direct errors. I stopped the above services, and more or less followed the testing section as well as I could.

The config files for postfix (/etc/postfix/master.cf and main.cf) on my system are quite different from what is shown in the howto. Specifically, none of the files contain an entry about content_filter.

Then, when I try to telnet in on port 25, the connection attempt is refused. I can telnet without specifying port, or specifying 23. I suppose I can edit some settings to let it happen, but I don't know where. I even stopped the Shorewall to be sure it was not the problem.

So, for first I would just love it if somebody could give me a hint to the following questions:
-How do I allow/accept telnet on port 25?
-How do I configure content filter?

Thanx for reading this.

Yes courier's init files have spawned into a few files, but stopping all of them is fine,(theorticaly not all is needed to be stopped, but easier)

Not sure what you mean when your files do not match the howto. The default postfix template config files are quite different to the ones described in this howto.

If telnetting to the box from the same box then it should be okay. If shorewall is stopped, make sure shorewall's routestopped config file is set to allow external access when firewall is down.

Addin content filters are desribeded here http://flurdy.com/docs/postfix/#config-adv-content

flurdy
March 17th, 2009, 11:54 PM
To answer ttoliver's posts from January in case he stills have the same issues, or if others face similar ones:



Here's another question, probably not related to my last post (famous last words, hehehe).

I built my server with the server hostname of 'xxxxxx'. My expectation is that hostname can (and should) be totally separate from the fact that I'm building this box to host my domain, 'www.yyyyyy.com'. And as I build a mail server out of the same box, I feel like I should be able to have standard mail server naming conventions of 'smtp.yyyyyy.com' and 'pop.yyyyyy.com'.

Am I correct in those assumptions?

At some level, I understand completely that the 'www.yyyyyy.com', 'smtp.yyyyyy.com', and 'pop.yyyyyy.com' all hit my machine through the magic of DNS (DynDNS in my case) and a given port associated with the service. But once the network connection is made to my machine, it shouldn't care what my server hostname is. Right?

That being said, I'm willing to accept that my server hostname may be considered to have a full hostname of 'xxxxxx.yyyyyy.com' because it is a part of the established 'yyyyyy.com' domain. That's not unreasonable.

Oh, and one last tidbit. I wonder if there is an inconsistency in the v7 instructions. There are a couple places where we configure a hostname as 'smtp.yyyyyy.com' and a couple where we configure 'mail.yyyyyy.com'. I'm guessing we're supposed to use all one or all the other.

Thanks in advance for the education!

Tom


Yes, the mail server does not have to be called the same as the actual server name. But it often is by default.

So make sure either you hardcode in the mail server name in myshostname or point it to /etc/mailname and edit that file to the chosen mail server name.

And yes I should be a bit more consistant with the names, however the actual names are up to each person. Also you may want to think of smtp.xxx as postfix only while courier etc could be mail.xxx?


Good evening,

First off, let me start with kudos for an awesome tutorial. Sure, there may be some rough edges for a lot of us working through it, but I'm an IT geek and appreciate the complexity of what we're pulling off here. So bravo Flurdy!!!

Okay, now to where I met my personal Waterloo ;~)

I worked through all the install and config, then found a typo when starting services for the first time. Right now I'm in the beginning of the testing on the step where you telnet to localhost to send an email manually. I can telnet fine, but I get an "unknown user" error for both the sending and receiving users in /var/log/mail.log when trying to send any email (see below).

I started out trying to send an email from my normal ISP account, but was running into spamhaus related block messages. So the test you see below is me just trying to email from one local user to another.

At this point I haven't processed a successful email, so I don't have the mail directories in /var/spool/mail/virtual yet.

I've read all of the posts I can find related to "unknown user" errors, but they all seem to be encountered by people much farther along in their testing -- usually around squirrelmail debug. So those answers don't seem to be pointed at my problem.

Any ideas would be greatly appreciated!

Thanks,
Tom




Jan 7 20:47:42 lndwr postfix/cleanup[16770]: 3448D3E1A4: message-id=<20090108024736.3448D3E1A4@mail.sdj.com>
Jan 7 20:47:42 lndwr postfix/qmgr[16765]: 3448D3E1A4: from=<test1@sdj.com>, size=382, nrcpt=1 (queue active)
Jan 7 20:47:42 lndwr postfix/virtual[16776]: 3448D3E1A4: to=<test2@sdj.com>, relay=virtual, delay=15, delays=15/0.01/0/0.01, dsn=5.1.1, status=bounced (unknown user: "test2@sdj.com")
Jan 7 20:47:42 lndwr postfix/cleanup[16770]: DEEE63E1A6: message-id=<20090108024742.DEEE63E1A6@mail.sdj.com>
Jan 7 20:47:42 lndwr postfix/qmgr[16765]: DEEE63E1A6: from=<>, size=2215, nrcpt=1 (queue active)
Jan 7 20:47:42 lndwr postfix/bounce[16773]: 3448D3E1A4: sender non-delivery notification: DEEE63E1A6
Jan 7 20:47:42 lndwr postfix/qmgr[16765]: 3448D3E1A4: removed
Jan 7 20:47:42 lndwr postfix/virtual[16776]: DEEE63E1A6: to=<test1@sdj.com>, relay=virtual, delay=0.03, delays=0.02/0/0/0.01, dsn=5.1.1, status=bounced (unknown user: "test1@sdj.com")
Jan 7 20:47:42 lndwr postfix/qmgr[16765]: DEEE63E1A6: removed



Tailing the mysql log "may" be key here.

Either postfix is not talking to mysql at all, or the user is not defined correctly, or postfix mysql config is not correct.

maybe...

mariuxx
March 18th, 2009, 10:02 AM
Hi again, and thanks for your answer, flurdy.
Now I suppose I should explain the following:
I don't have local access to my server. It's hosted by a company run by a friend of mine, he installed the Ubuntu as a VMWare vm, and I use ssh to access it for any purpose. Of course, now it also run Apache, and I can access it through http (if I don't block it with shorewall of course:)), but I don't have local access to the box.
So, if I telnet to localhost in my ssh session, that works fine, unless I specify a port number, in which case I get the message "Unable to connect to remote host: Connection refused". I tried with the actual ip address and localhost, same result.
I can not telnet in, on any port, from the same location I use ssh. Using putty, it never connects, the window just closes without any messages.
I suppose this is not really related to the forum topic, but rather about general telnet(d) setup. But my testing stops at this point until I fix it...

mariuxx
March 19th, 2009, 08:28 PM
Hello again folks.

I have managed now to send emails to my server, and they get delivered in the right mailboxes. That's just fantastic!

But it seems that the clamav module isn't working as it should.
Anyone knows a remedy for this?


Mar 19 20:15:45 ubuntu amavis[14003]: (14003-04) ClamAV-clamd: Can't send to socket /var/run/clamav/clamd.ctl: 107, retrying (1)
Mar 19 20:15:46 ubuntu amavis[14003]: (14003-04) (!)ClamAV-clamd: Can't connect to UNIX socket /var/run/clamav/clamd.ctl: No such file or directory, retrying (2)
Mar 19 20:15:52 ubuntu amavis[14003]: (14003-04) (!!)ClamAV-clamd av-scanner FAILED: run_av error: Too many retries to talk to /var/run/clamav/clamd.ctl (Can't connect to UNIX socket /var/run/clamav/clamd.ctl: No such file or directory) at (eval 98) line 309.

Thanx in advance

M

CaptainMorgan
March 22nd, 2009, 10:42 AM
Flurdy, this is a superb tutorial- the amount of depth you go into is phenomenal. Thank you for your hard work.

I had a similar issue as another fellow upon the basic setup portion and then the testing of it- I get "..connection refused." upon attempting to telnet to it, both locally and remotely. Unless I missed something, is it possible my ISP is blocking the port completely? I'll probably make a call to them on Monday but I wanted to try this tutorial out this weekend and hopefully get some replies and/or do more research... and besides, I thought relay_hosts would solve the blocked port issue... unless I have it confused. Any thoughts?

EDIT 1
Also, it is wise to be doing this on a development/serving rig? My server runs more than a few websites(virtually), but maybe because of load I'm thinking I should use a spare older system I have to be solely a mail server... google searching for "benefits of a mail server" and different variations turned up commercial avenues; not what I'm looking for...

EDIT 2
Ok, so I called Comcast and was told to use 587, so I opened up that port on the router and I still received "....connection refused." Back to the drawing board I guess... unless anyone has any suggestions...

CommodoreTeach
March 25th, 2009, 06:26 PM
Hi all!

I'm new(ish) to linux, but really new to linux servers. I'm setting up the server mostly to be a mailman server, but originally it was going to be much more robust than that, so I started with and got to be comfortable with this guide.

I'm having a problem with SASL authentication, I think it has to do with the passwords not matching from the crypt command in MySQL. I tried the script that Proddy suggested in post 183, but that didn't seem to help either. However, there is the possibility that I am not doing something correctly. I ran it using "./vcrypt <password>" (replacing all of <password> with the real password) and then copy/pasted the result into the MySQL database. I then tried to send a mail through it and I got:


postfix/smtpd[5508]: warning: computer.domain[IP]: SASL LOGIN authentication failed: authentication failure

The only thing that seems to allow me to authenticate is if I put the passwords in plain text in the mail database. I don't really like that option, and so I was wondering what the alternatives were. I've been stumped on this for the last few days, and I haven't found any solution that works while keeping the passwords in the database encrypted (and not having to manually add the users to the sasldb2). I have included the saslfinger -s output below (or as much of it was in the buffer of the ssh program I use). Thanks in advance for any help or critique of the setup! :-)

saslfinger -c output:


-- smtpd is linked to --
libsasl2.so.2 => /usr/lib/libsasl2.so.2 (0xb7ced000)

-- active SMTP AUTH and TLS parameters for smtpd --
broken_sasl_auth_clients = yes
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = foo.domain.com
smtpd_sasl_path = smtpd
smtpd_sasl_security_options = noanonymous
smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
smtpd_tls_loglevel = 2
smtpd_tls_received_header = yes
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_tls_session_cache_timeout = 3600s


-- listing of /usr/lib/sasl2 --
total 864
drwxr-xr-x 2 root root 4096 2009-03-24 14:01 .
drwxr-xr-x 54 root root 20480 2009-03-17 09:11 ..
-rw-r--r-- 1 root root 13860 2008-10-10 10:40 libanonymous.a
-rw-r--r-- 1 root root 988 2008-10-10 10:39 libanonymous.la
-rw-r--r-- 1 root root 13752 2008-10-10 10:40 libanonymous.so
-rw-r--r-- 1 root root 13752 2008-10-10 10:40 libanonymous.so.2
-rw-r--r-- 1 root root 13752 2008-10-10 10:40 libanonymous.so.2.0.22
-rw-r--r-- 1 root root 16382 2008-10-10 10:40 libcrammd5.a
-rw-r--r-- 1 root root 974 2008-10-10 10:39 libcrammd5.la
-rw-r--r-- 1 root root 17848 2008-10-10 10:40 libcrammd5.so
-rw-r--r-- 1 root root 17848 2008-10-10 10:40 libcrammd5.so.2
-rw-r--r-- 1 root root 17848 2008-10-10 10:40 libcrammd5.so.2.0.22
-rw-r--r-- 1 root root 47752 2008-10-10 10:40 libdigestmd5.a
-rw-r--r-- 1 root root 997 2008-10-10 10:39 libdigestmd5.la
-rw-r--r-- 1 root root 46828 2008-10-10 10:40 libdigestmd5.so
-rw-r--r-- 1 root root 46828 2008-10-10 10:40 libdigestmd5.so.2
-rw-r--r-- 1 root root 46828 2008-10-10 10:40 libdigestmd5.so.2.0.22
-rw-r--r-- 1 root root 13902 2008-10-10 10:40 liblogin.a
-rw-r--r-- 1 root root 968 2008-10-10 10:39 liblogin.la
-rw-r--r-- 1 root root 13748 2008-10-10 10:40 liblogin.so
-rw-r--r-- 1 root root 13748 2008-10-10 10:40 liblogin.so.2
-rw-r--r-- 1 root root 13748 2008-10-10 10:40 liblogin.so.2.0.22
-rw-r--r-- 1 root root 30316 2008-10-10 10:40 libntlm.a
-rw-r--r-- 1 root root 962 2008-10-10 10:39 libntlm.la
-rw-r--r-- 1 root root 30196 2008-10-10 10:40 libntlm.so
-rw-r--r-- 1 root root 30196 2008-10-10 10:40 libntlm.so.2
-rw-r--r-- 1 root root 30196 2008-10-10 10:40 libntlm.so.2.0.22
-rw-r--r-- 1 root root 14222 2008-10-10 10:40 libplain.a
-rw-r--r-- 1 root root 968 2008-10-10 10:39 libplain.la
-rw-r--r-- 1 root root 17844 2008-10-10 10:40 libplain.so
-rw-r--r-- 1 root root 17844 2008-10-10 10:40 libplain.so.2
-rw-r--r-- 1 root root 17844 2008-10-10 10:40 libplain.so.2.0.22
-rw-r--r-- 1 root root 22394 2008-10-10 10:40 libsasldb.a
-rw-r--r-- 1 root root 999 2008-10-10 10:39 libsasldb.la
-rw-r--r-- 1 root root 21804 2008-10-10 10:40 libsasldb.so
-rw-r--r-- 1 root root 21804 2008-10-10 10:40 libsasldb.so.2
-rw-r--r-- 1 root root 21804 2008-10-10 10:40 libsasldb.so.2.0.22
-rw-r--r-- 1 root root 24156 2008-10-10 10:40 libsql.a
-rw-r--r-- 1 root root 1097 2008-10-10 10:39 libsql.la
-rw-r--r-- 1 root root 26064 2008-10-10 10:40 libsql.so
-rw-r--r-- 1 root root 26064 2008-10-10 10:40 libsql.so.2
-rw-r--r-- 1 root root 26064 2008-10-10 10:40 libsql.so.2.0.22
-rw-r--r-- 1 root root 259 2009-03-24 14:44 smtpd.conf

-- listing of /etc/postfix/sasl --
total 12
drwxr-xr-x 2 root root 4096 2009-03-03 15:25 .
drwxr-xr-x 3 root root 4096 2009-03-03 17:17 ..
-rw-r--r-- 1 root root 259 2009-03-24 14:45 smtpd.conf




-- content of /usr/lib/sasl2/smtpd.conf --
pwcheck_method: auxprop
auxprop_plugin: sql
mech_list: plain login cram-md5 digest-md5
sql_engine: mysql
sql_hostnames: 127.0.0.1
sql_user: --- replaced ---
sql_passwd: --- replaced ---
sql_database: maildb
sql_select: select clear from users where id='%u@%r' and enabled = 1

-- content of /etc/postfix/sasl/smtpd.conf --
pwcheck_method: auxprop
auxprop_plugin: sql
mech_list: plain login cram-md5 digest-md5
sql_engine: mysql
sql_hostnames: 127.0.0.1
sql_user: --- replaced ---
sql_passwd: --- replaced ---
sql_database: maildb
sql_select: select clear from users where id='%u@%r' and enabled = 1

-- content of /etc/postfix/sasl/smtpd.conf --
pwcheck_method: auxprop
auxprop_plugin: sql
mech_list: plain login cram-md5 digest-md5
sql_engine: mysql
sql_hostnames: 127.0.0.1
sql_user: --- replaced ---
sql_passwd: --- replaced ---
sql_database: maildb
sql_select: select clear from users where id='%u@%r' and enabled = 1


-- active services in /etc/postfix/master.cf --
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
smtp inet n - n - - smtpd
submission inet n - n - - smtpd
-o smtpd_sasl_auth_enable=yes
-o smtpd_tls_auth_only=yes
-o smtpd_client_restrictions=permit_sasl_authenticate d,reject_unauth_destination,reject
-o smtpd_sasl_security_options=noanonymous,noplaintex t
-o smtpd_sasl_tls_security_options=noanonymous
smtps inet n - n - - smtpd -v
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
-o smtpd_tls_auth_only=yes
-o smtpd_client_restrictions=permit_sasl_authenticate d,reject
-o smtpd_sasl_security_options=noanonymous,noplaintex t
-o smtpd_sasl_tls_security_options=noanonymous
pickup fifo n - - 60 1 pickup
-o content_filter=
-o receive_override_options=no_header_body_checks
cleanup unix n - - - 0 cleanup
qmgr fifo n - n 300 1 qmgr
tlsmgr unix - - - 1000? 1 tlsmgr
rewrite unix - - - - - trivial-rewrite
bounce unix - - - - 0 bounce
defer unix - - - - 0 bounce
trace unix - - - - 0 bounce
verify unix - - - - 1 verify
flush unix n - - 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - - - - smtp
relay unix - - - - - smtp
-o smtp_fallback_relay=
showq unix n - - - - showq
error unix - - - - - error
retry unix - - - - - error
discard unix - - - - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - - - - lmtp
anvil unix - - - - 1 anvil
scache unix - - - - 1 scache
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix - n n - 2 pipe
flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman unix - n n - - pipe
flags=FR user=list
argv=/usr/lib/mailman/bin/postfix-to-mailman.py ${nexthop} ${user}
amavis unix - - - - 2 smtp
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes
-o disable_dns_lookups=yes
-o max_use=20
127.0.0.1:10025 inet n - - - - smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_delay_reject=no
-o smtpd_client_restrictions=permit_mynetworks,reject
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,rej ect
-o smtpd_data_restrictions=reject_unauth_pipelining
-o smtpd_end_of_data_restrictions=
-o mynetworks=127.0.0.0/8
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000
-o smtpd_client_connection_count_limit=0
-o smtpd_client_connection_rate_limit=0
-o receive_override_options=no_header_body_checks,no_ unknown_recipient_checks

-- mechanisms on localhost --
250-AUTH PLAIN CRAM-MD5 DIGEST-MD5 LOGIN
250-AUTH=PLAIN CRAM-MD5 DIGEST-MD5 LOGIN


-- end of saslfinger output --

fusa
March 25th, 2009, 06:45 PM
In your example located at: http://flurdy.com/docs/postfix/#data

INSERT INTO users (id,name,maildir,clear) VALUES ('xandros@blobber.org','xandros','xandros/', encrypt('apassword') ), ('vivita@blobber.org','vivita','vivita/', encrypt('anotherpassword') );


should the maildir,clear) actually be maildir,crypt) It looks like your inserting the encrypted password into the clear text field.

Adriano1980
April 4th, 2009, 11:24 PM
Hello Forum,
This is a really grate tutorial however is was wondering what the fields `procmailrc` , `spamassassinrc` are and how I can use them. ant the quota field is it for courier and how i can use the quota ?
Thank you for clarification
Adriano

sTo0z
April 28th, 2009, 02:41 PM
flurdy,

I was wondering what you're advice would be on the best way to back this system up.

I am not knowledgeable so the best solution I can think of is to maybe rsync each user's folder and then dump the mysql data... is that what you would do?

I'm sure there's something better out there, I just don't know what it is.. I don't really know how I would back up the whole thing.

Any and all help is appreciated, thank you!

PS - Awesome guide, I followed your guide from 6.06 awhile back and the email server is still chugging along perfectly. I was a hero at work thanks to you. ;)

Villu
May 12th, 2009, 05:01 PM
This usually happens when the smtpd.conf file can not be found. If you're running Postfix 2.3, removing (commenting out) the smtpd_sasl_path in the main.cf file should fix the problem. This is because 2.3 has changed the way it looks for the file and now automatically prepends /etc/postfix/sasl/ and appends .conf, so smtpd could also be a valid value.


Thanks for the guide, very useful, however I am having some issues setting up SMTP authentication. I have followed the instructions to a t, but am unable to authenticate.

In /var/log/auth.log I get:


Feb 18 14:28:06 stackednotion postfix/smtpd[3920]: sql_select option missing
Feb 18 14:28:06 stackednotion postfix/smtpd[3920]: auxpropfunc error no mechanism available
Feb 18 14:28:06 stackednotion postfix/smtpd[3920]: _sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: sql
Here is my /etc/postfix/sasl/smtpd.conf:


pwcheck_method: auxprop
auxprop_plugin: sql
mech_list: plain login cram-md5 digest-md5
sql_engine: mysql
sql_hostnames: 127.0.0.1
sql_user: mail
sql_passwd: blah
sql_database: mail
sql_select: select clear from users where id='%u@%r' and enabled = 1Any ideas, it sounds as if it can't find the SQL plugin, but it is definately installed:


# apt-get install libsasl2-modules-sql libgsasl7 libauthen-sasl-cyrus-perl
Reading package lists... Done
Building dependency tree
Reading state information... Done
libsasl2-modules-sql is already the newest version.
libgsasl7 is already the newest version.
libauthen-sasl-cyrus-perl is already the newest version.
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.I am running 64bit 8.04.

Regards,

Luca Spiller

Villu
May 12th, 2009, 05:08 PM
Try commenting out the line.


Has anybody seen this error?

warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No such file or directory



I think I have the proper path variable to find smtpd.conf
smtpd_sasl_path = /etc/postfix/sasl:/usr/lib/sasl2



As far as I know, I'm not supposed to be using a the Berkely db. Correct?

This is preventing me from logging in (although everything else works fine!)

TIA!

slipstream180
May 12th, 2009, 11:49 PM
Flurdy: great tutorial! This is the most complete tutorial I've seen out there - thank you so much for putting the time and effort into this.

My issue has to do with getting bounced emails when using a relayhost. I've added this wrinkle to the Postfix config to circumvent the SPAM suppression my ISP (& which most good ones do) on port 25. Unfortunately, one side-effect of my attempt is that my configuration is auto-forwarding any incoming emails to my forwarding service. What am I doing wrong?

Here's the mail log output:


May 11 16:39:00 mail postfix/smtpd[25335]: connect from n54.bullet.mail.sp1.yahoo.com[98.136.44.32]
May 11 16:39:01 mail postfix/smtpd[25335]: 0E33218880A: client=n54.bullet.mail.sp1.yahoo.com[98.136.44.32]
May 11 16:39:01 mail postfix/cleanup[25330]: 0E33218880A: message-id=<783351.26703.qm@web45303.mail.sp1.yahoo.com>
May 11 16:39:01 mail postfix/qmgr[25118]: 0E33218880A: from=<user@yahoo.com>, size=2613, nrcpt=1 (queue active)
May 11 16:39:01 mail amavis[2631]: (02631-19) ESMTP::10024 /var/lib/amavis/tmp/amavis-20090506T093443-02631: <user@yahoo.com> -> <testuser@example.c> SIZE=2613 Received: from mail.example.com ([127.0.0.1]) by localhost (mail.example.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP for <testuser@example.c>; Mon, 11 May 2009 16:39:01 -0700 (PDT)
May 11 16:39:01 mail postfix/smtpd[25335]: disconnect from n54.bullet.mail.sp1.yahoo.com[98.136.44.32]
May 11 16:39:01 mail amavis[2631]: (02631-19) smtp connection cache, dt: 154.9, state: 0
May 11 16:39:01 mail amavis[2631]: (02631-19) dkim: VALID Author+Sender+MailFrom signature by i=@yahoo.com, From: <user@yahoo.com>, a=rsa-sha256, c=relaxed/relaxed, s=s1024, d=yahoo.com
May 11 16:39:01 mail amavis[2631]: (02631-19) dkim: VALID Author+Sender+MailFrom signature by i=user@yahoo.com, From: <user@yahoo.com>, a=rsa-sha1, c=nofws, s=s1024, d=yahoo.com
May 11 16:39:01 mail amavis[2631]: (02631-19) Checking: UNH1HEO39P8B [98.136.44.32] <user@yahoo.com> -> <testuser@example.c>
May 11 16:39:01 mail amavis[2631]: (02631-19) p003 1 Content-Type: multipart/alternative
May 11 16:39:01 mail amavis[2631]: (02631-19) p001 1/1 Content-Type: text/plain, size: 9 B, name:
May 11 16:39:01 mail amavis[2631]: (02631-19) p002 1/2 Content-Type: text/html, size: 127 B, name:
May 11 16:39:01 mail postfix/smtpd[25332]: connect from localhost[127.0.0.1]
May 11 16:39:01 mail postfix/smtpd[25332]: 5770B188810: client=localhost[127.0.0.1]
May 11 16:39:01 mail postfix/cleanup[25330]: 5770B188810: message-id=<783351.26703.qm@web45303.mail.sp1.yahoo.com>
May 11 16:39:01 mail postfix/qmgr[25118]: 5770B188810: from=<user@yahoo.com>, size=3239, nrcpt=1 (queue active)
May 11 16:39:01 mail postfix/smtpd[25332]: disconnect from localhost[127.0.0.1]
May 11 16:39:01 mail amavis[2631]: (02631-19) FWD via SMTP: <user@yahoo.com> -> <testuser@example.c>,BODY=7BIT 250 2.0.0 Ok, id=02631-19, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 5770B188810
May 11 16:39:01 mail amavis[2631]: (02631-19) Passed CLEAN, [98.136.44.32] [64.9.232.205] <user@yahoo.com> -> <testuser@example.c>, Message-ID: <783351.26703.qm@web45303.mail.sp1.yahoo.com>, mail_id: UNH1HEO39P8B, Hits: -, size: 2610, queued_as: 5770B188810, dkim_id=@yahoo.com,user@yahoo.com, 340 ms
May 11 16:39:01 mail postfix/smtp[25331]: 0E33218880A: to=<testuser@example.c>, orig_to=<testuser@example.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=0.79, delays=0.43/0/0.01/0.35, dsn=2.0.0, status=sent (250 2.0.0 Ok, id=02631-19, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 5770B188810)
May 11 16:39:01 mail postfix/qmgr[25118]: 0E33218880A: removed
May 11 16:39:01 mail amavis[2631]: (02631-19) TIMING [total 358 ms] - SMTP greeting: 3 (1%)1, SMTP EHLO: 2 (0%)1, SMTP pre-MAIL: 2 (1%)2, SMTP pre-DATA-flush: 4 (1%)3, SMTP DATA: 33 (9%)13, check_init: 2 (1%)13, digest_hdr: 62 (17%)30, digest_body_dkim: 4 (1%)32, gen_mail_id: 9 (3%)34, mime_decode: 33 (9%)43, get-file-type2: 21 (6%)49, parts_decode: 0 (0%)49, check_header: 5 (1%)51, update_cache: 3 (1%)52, decide_mail_destiny: 1 (0%)52, fwd-connect: 50 (14%)66, fwd-mail-pip: 6 (2%)67, fwd-rcpt-pip: 1 (0%)68, fwd-data-chkpnt: 0 (0%)68, write-header: 3 (1%)69, fwd-data-contents: 0 (0%)69, fwd-end-chkpnt: 41 (11%)80, prepare-dsn: 7 (2%)82, main_log_entry: 51 (14%)96, update_snmp: 5 (1%)98, SMTP pre-response: 1 (0%)98, SMTP response: 2 (0%)98, unlink-2-files: 1 (0%)99, rundown: 5 (1%)100
May 11 16:39:01 mail CRON[25337]: pam_unix(cron:session): session opened for user root by (uid=0)
May 11 16:39:01 mail dbus-daemon: Rejected send message, 1 matched rules; type="method_call", sender=":1.43" (uid=1000 pid=4498 comm="/usr/lib/indicator-applet/indicator-applet --oaf-a") interface="org.freedesktop.DBus.Properties" member="Get" error name="(unset)" requested_reply=0 destination=":1.760" (uid=0 pid=25337 comm="/USR/SBIN/CRON "))
May 11 16:39:01 mail /USR/SBIN/CRON[25344]: (root) CMD ( [ -x /usr/lib/php5/maxlifetime ] && [ -d /var/lib/php5 ] && find /var/lib/php5/ -type f -cmin +$(/usr/lib/php5/maxlifetime) -print0 | xargs -n 200 -r -0 rm)
May 11 16:39:01 mail CRON[25337]: pam_unix(cron:session): session closed for user root
May 11 16:39:02 mail postfix/smtp[25333]: 5770B188810: to=<testuser@example.c>, relay=outbound.mailhop.org[204.13.248.71]:2525, delay=0.88, delays=0.04/0/0.73/0.11, dsn=5.0.0, status=bounced (host outbound.mailhop.org[204.13.248.71] said: 550 testuser@example.c failed recipient verification (in reply to RCPT TO command))
May 11 16:39:02 mail postfix/cleanup[25330]: 502DE188811: message-id=<20090511233902.502DE188811@mail.example.com>
May 11 16:39:02 mail postfix/qmgr[25118]: 502DE188811: from=<>, size=5292, nrcpt=1 (queue active)
May 11 16:39:02 mail postfix/bounce[25334]: 5770B188810: sender non-delivery notification: 502DE188811
May 11 16:39:02 mail postfix/qmgr[25118]: 5770B188810: removed
May 11 16:39:03 mail postfix/smtp[25333]: 502DE188811: to=<user@yahoo.com>, relay=outbound.mailhop.org[204.13.248.71]:2525, delay=1.1, delays=0.01/0/0.7/0.41, dsn=2.0.0, status=sent (250 OK id=1M3f5L-0000uK-2h)
May 11 16:39:03 mail postfix/qmgr[25118]: 502DE188811: removed


Next the result of postconf -n:



alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_at_myorigin = no
append_dot_mydomain = no
biff = no
config_directory = /etc/postfix
content_filter = amavis:[127.0.0.1]:10024
delay_warning_time = 4h
disable_vrfy_command = yes
inet_interfaces = all
local_recipient_maps =
mailbox_size_limit = 0
masquerade_domains = example.com
masquerade_exceptions = root
maximal_backoff_time = 8000s
maximal_queue_lifetime = 3d
minimal_backoff_time = 1000s
mydestination =
mydomain = example.com
myhostname = mail.example.com
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mynetworks_style = host
myorigin = $mydomain
readme_directory = no
recipient_delimiter = +
relayhost = outbound.mailhop.org:2525
smtp_helo_timeout = 60s
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_password
smtp_sasl_security_options =
smtp_tls_CAfile = /etc/ssl/certs/Equifax_Secure_CA.pem
smtp_tls_note_starttls_offer = yes
smtp_tls_security_level = may
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtp_use_tls = yes
smtpd_banner = $myhostname ESMTP $mail_name
smtpd_client_restrictions = reject_rbl_client sbl.spamhaus.org, reject_rbl_client blackholes.easynet.nl, reject_rbl_client dnsblnjabl.org
smtpd_data_restrictions = reject_unauth_pipelining
smtpd_delay_reject = yes
smtpd_hard_error_limit = 12
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks, warn_if_reject reject_non_fqdn_hostname, reject_invalid_hostname, permit
smtpd_recipient_limit = 16
smtpd_recipient_restrictions = reject_unauth_pipelining, permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_unknown_recipient_domain, reject_unauth_destination, permit
smtpd_sender_restrictions = permit_mynetworks, warn_if_reject reject_non_fqdn_sender, reject_unknown_sender_domain, reject_unauth_pipelining, permit
smtpd_soft_error_limit = 3
smtpd_tls_cert_file = /etc/postfix/postfix.cert
smtpd_tls_key_file = /etc/postfix/postfix.key
smtpd_tls_received_header = yes
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
tls_random_source = dev:/dev/urandom
unknown_local_recipient_reject_code = 450
virtual_alias_maps = mysql:/etc/postfix/mysql_alias.cf
virtual_gid_maps = mysql:/etc/postfix/mysql_gid.cf
virtual_mailbox_base = /var/spool/mail/virtual
virtual_mailbox_domains = mysql:/etc/postfix/mysql_domains.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql_mailbox.cf
virtual_uid_maps = mysql:/etc/postfix/mysql_uid.cf


A few notes about my configuration/environment. I am using a home router w/ my own domain name (example.com). The mail server (mail.example.com) is running on Ubuntu 9.04 behind the home router. The router is set up to forward all of the relevant ports to the Ubuntu server. (Port 25 for SMTP and 143 for IMAP)

Also, I've checked my router and DNS records against the documentation, and I think I've got the MX records set up properly. (not totally confident there...) I've tested the setup externally, using mxtools. (http://www.mxtoolbox.com/ a very helpful tool!) Everything there checks out, except its attempt to telnet into mail.example.com. Here's the result:


May 11 16:24:17 mail postfix/smtpd[25121]: connect from mxtb-pws1.mxtoolbox.com[64.20.227.131]
May 11 16:24:18 mail postfix/smtpd[25121]: NOQUEUE: reject: RCPT from mxtb-pws1.mxtoolbox.com[64.20.227.131]: 554 5.7.1 <test@mxtoolbox.com>: Relay access denied; from=<test@mxtoolbox.com> to=<test@mxtoolbox.com> proto=SMTP helo=<please-read-policy.mxtoolbox.com>
May 11 16:24:18 mail postfix/smtpd[25121]: disconnect from mxtb-pws1.mxtoolbox.com[64.20.227.131]

Not sure if this has anything to do w/ my issue, but maybe it will provide some clues...

Thanks for the help, in advance.

Cheers!

slipstream180
May 13th, 2009, 07:42 PM
OK. Problem solved.

As it turns out, this problem has nothing to do with the configuration files listed above. Instead, I had the user@example.com account self-referenced in the MySQL aliases table like this:



pkid mail destination enabled
1 user@example.com user@example.com 1


So, the Postfix virtual mail delivery system was finding this erroneous entry in the 'aliases' table and then forwarding it on.

Hope this helps someone in the future!

Villu
May 14th, 2009, 06:07 PM
Thanks for a great tutorial, Flurdy!

I have managed to complement Flurdy's tutorial such that virtual transport is swapped for maildrop and spam is automatically delivered to a spam folder.

It is based on the excellent tutorial by Flurdy and complemented by parts of the tutorial found here: http://daemonforums.org/showthread.php?t=193

The latter tutorial also contains methods to implement vacation messaging.

If in doubt, check out the forementioned tutorial.

Here's what I did:

Complete Flurdy's tutorial and install maildrop

uncomment in main.cf:

transport_maps = mysql:/etc/postfix/mysql_transport.cfand add

maildrop_destination_recipient_limit = 1Master.cf file should contain the following line, change the user field to virtual:

maildrop unix - n n - - pipe
flags=DRhu user=virtual argv=/usr/bin/maildrop -d ${recipient}create mysql_transport.cf file and set the correct owner and permissions:

user=mail
password=changeme
dbname=maildb
table=domains
select_field=transport
where_field=domain
hosts=127.0.0.1
additional_conditions = and enabled = 1
create:

# cd /var/spool/mail/virtual/
# chmod +s /usr/bin/maildrop
# touch .mailfilter
# chmod 600 .mailfilter
# mkdir mailfilters
# chmod 700 mailfilters
# chown -R virtual:virtual .mailfilter mailfilterstest maildrop and check logs:

echo "test" | maildrop -V 9 -d you@example.comEdit the ...virtual/.mailfilter file (haven't tested this bit):

# Deliver to Inbox or Spam box (create spam box if it does not exist)
if (/^X-Spam-Flag: YES/:h)
{
`test -d $DEFAULT/.junkmail`
if ($RETURNCODE == 1)
{
`/usr/bin/maildirmake -f junkmail $DEFAULT`
`echo "junkmail" >> $DEFAULT/subscriptions`
}
exception {
to "$DEFAULT/.junkmail"
}
# if all else fails, do regular delivery
exception {
to "$DEFAULT"
}
}
Now use phpmyadmin and change domain transport field from "virtual:" to "maildrop:"

Restart postfix, check log files and pray :)

Much of the code here is curtesy of hamba from daemonforums.org

Hope this helps!

Cheers, Villu

flurdy
May 28th, 2009, 02:42 PM
In your example located at: http://flurdy.com/docs/postfix/#data

INSERT INTO users (id,name,maildir,clear) VALUES ('xandros@blobber.org','xandros','xandros/', encrypt('apassword') ), ('vivita@blobber.org','vivita','vivita/', encrypt('anotherpassword') );


should the maildir,clear) actually be maildir,crypt) It looks like your inserting the encrypted password into the clear text field.


Umm, yes good point. :)

flurdy
May 28th, 2009, 02:46 PM
flurdy,

I was wondering what you're advice would be on the best way to back this system up.

I am not knowledgeable so the best solution I can think of is to maybe rsync each user's folder and then dump the mysql data... is that what you would do?

I'm sure there's something better out there, I just don't know what it is.. I don't really know how I would back up the whole thing.

Any and all help is appreciated, thank you!

PS - Awesome guide, I followed your guide from 6.06 awhile back and the email server is still chugging along perfectly. I was a hero at work thanks to you. ;)


I (very briefly) do mention backing up in this section:
http://flurdy.com/docs/postfix/index.html#ext_back
But there probably are other more elaborate solutions to this, and mine may have some integrety or security issue. But that is all I do, and it works.

Good to hear the server is still working, and you got some cred for it!

flurdy
May 28th, 2009, 03:17 PM
Hi again, and thanks for your answer, flurdy.
Now I suppose I should explain the following:
I don't have local access to my server. It's hosted by a company run by a friend of mine, he installed the Ubuntu as a VMWare vm, and I use ssh to access it for any purpose. Of course, now it also run Apache, and I can access it through http (if I don't block it with shorewall of course:)), but I don't have local access to the box.
So, if I telnet to localhost in my ssh session, that works fine, unless I specify a port number, in which case I get the message "Unable to connect to remote host: Connection refused". I tried with the actual ip address and localhost, same result.
I can not telnet in, on any port, from the same location I use ssh. Using putty, it never connects, the window just closes without any messages.
I suppose this is not really related to the forum topic, but rather about general telnet(d) setup. But my testing stops at this point until I fix it...

I think you managed to solve most of these by your follow up post afterwards, but to clarify to others in the future:

Local physical access is not an issue, when I say locally I mean in a shell session on the mail server. Whether that is via SSH or login screen, is irrelevant to me.

Secondly when I mean telnetting it has nothing to do with telnetd. You are simple testing if the ports are open, and you can send SMTP/IMAP commands via telnet on those ports.

And firstly when testing you need to do this locally. Then external ISP blocking and (usually) firewall issues are irrelevant. If no reply or connectio refused, then basically that service (postfix or whatever) is not running.

Once local telneting responds okay to everything. Then you can start telnetting remotely. This will then test your firewall and any ISP blocking of ports.

flurdy
May 28th, 2009, 03:27 PM
Flurdy, this is a superb tutorial- the amount of depth you go into is phenomenal. Thank you for your hard work.

I had a similar issue as another fellow upon the basic setup portion and then the testing of it- I get "..connection refused." upon attempting to telnet to it, both locally and remotely. Unless I missed something, is it possible my ISP is blocking the port completely? I'll probably make a call to them on Monday but I wanted to try this tutorial out this weekend and hopefully get some replies and/or do more research... and besides, I thought relay_hosts would solve the blocked port issue... unless I have it confused. Any thoughts?

EDIT 1
Also, it is wise to be doing this on a development/serving rig? My server runs more than a few websites(virtually), but maybe because of load I'm thinking I should use a spare older system I have to be solely a mail server... google searching for "benefits of a mail server" and different variations turned up commercial avenues; not what I'm looking for...

EDIT 2
Ok, so I called Comcast and was told to use 587, so I opened up that port on the router and I still received "....connection refused." Back to the drawing board I guess... unless anyone has any suggestions...


Good to hear you find the howto usefull!

As mentioned in my previous post, regarding testing via telnet and ports: If it is rejected locally then it is you setup that is wrong, not the ISP. If works locally but not remotely, then either your firewall or the ISP is at fault.

Relay host does not solve blocked incomming port. It solves blocked outgoing ports, or use of backup mx for relaying/backup.


Regarding your 1st edit. How you split your servers up is down to your load, preferences and desire to have seperation of concerns.

Obviously it would be nice to have seperate machines/instance for each service. That way things are scalable and more secure. But usually it is not affordable. You can try it on the same server and see if it is affected by performance. I would think you have to have quite a few hundreds/thousends of users before that becomes an issue.


.. right, think ive used by forum credits for this month... :)

p1nkrubb3rd1ld0
June 1st, 2009, 09:33 PM
:(

nilton84
June 12th, 2009, 06:27 PM
thanks to all people that contribute to this forum..

I have a simple question, sorry if Im not to much expert...

is this server configuration let me send email to off-sites? i mean server on internet gmail or hotmail?

thanks i really appreciate your help. my email is niltonobando@gmail.com if you want to writte.

elfstone2
July 27th, 2009, 10:34 AM
Hello.. I relly enjoyed doing that tutorial, since its well written, and working nearley perfect.
There is one little typo, it says to start /etc/init.d/shorewall start, and if it works, edit the /etc/shorewall to Startup yes. But it should be the other way round, shorewall wont start, if the Startupflag has not been set to Yes.

Also I really really like to know, how to use procmail with this setup, and i tried to google for it and add it on my own, but up to now i failed.. there are 7 or 8 requests in this thread on how to do this, but no answers.. so if someone could PLEASE answer this, it would help a lot of people.

Thx

rikksullenberger
August 3rd, 2009, 03:36 AM
Hi, excellent howto!

I am having a problem with smtp authentication

I cant seem to get sasl to talk to mysql, I get the following error in the log file:

warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No such file or directory


any one have ideas?

Rikk

oziemike
August 7th, 2009, 12:07 PM
As usual Flurdy, this has been a very reliable mail sever for me now for about 3 years!! Still running on Ubuntu 6.06 server with regular normal Ubuntu updates.

Recently a new and rather dangerous problem cropped up. I went in via phpmyadmin to do some database work and found that phpmyadmin no longer had provision for logging on or off. It just went straight in there!! The login and logout icons were gone and this warning was on the main page:

"Cannot load mysqli extension. Please check your PHP configuration. - Documentation"

Some googling found that these extensions or something has changed with one of the MySQL or PHP updates and I cannot find how to fix it. Obviously anyone could go in and do damage to the db so I have disabled it till I can find some help. Any help would be seriously appreciated.

Mike

Grelf
August 27th, 2009, 07:45 PM
First off, amazing HowTo! I used the original HowTo to run my email for the past number of years, and my machine finally gave up the ghost, so it was time to upgrade her. New hardware, latest ubuntu server OS. Fast like lightening.

I've re-setup the email, and everything except sending out email works. Anytime I try to send email out, it asks me for my password (Even though I'm logged in via imap to get my email), and then it won't let me send email.

Syslog is telling me:


Aug 27 14:42:13 cthulu postfix/smtpd[12613]: warning: foo.net[my.ip]: SASL CRAM-MD5 authentication failed: generic failure
Aug 27 14:42:14 cthulu postfix/smtpd[12613]: warning: foo.net[my.ip]: SASL PLAIN authentication failed: authentication failure
Aug 27 14:42:16 cthulu postfix/smtpd[12613]: warning: foo.net[my.ip]: SASL LOGIN authentication failed: authentication failure


Any ideas?

wjase
September 3rd, 2009, 11:18 PM
Hi There,

I've got Postfix, POstfix Admin SASL and Courier Pop3 installed.

Having SASL authentication failures for SMTP (but pop works fine)

tried auxprop + sql and pam + sql but no joy either way.

Thought I might try and trace with strace but not sure how to insert the strace command into the execution stream so I can see where saslauthd is trying to run from...

Any advice on how to do this would be appreciated.

Thanks in advance,

Jase

kanngard
September 6th, 2009, 10:36 PM
I've re-setup the email, and everything except sending out email works. Anytime I try to send email out, it asks me for my password (Even though I'm logged in via imap to get my email), and then it won't let me send email.
Any ideas?
Logged into IMAP is not the same as submitting SMTP mail. You might have to login, depending on your setup. It might help us if you could add the part of your /etc/postfix/main.cf handling the smtpd, i.e. smtpd_recipient_restrictions. It should mention permit_sasl_authenticated.

kanngard
September 6th, 2009, 11:11 PM
Thanks for your great HOWTO, Flurdy! Everything worked on my first try except some minor difficulties, that had nothing to do with your guide! Rather it was of the RTM kind of stuff...

I found some minor typos in the 8th edition, it might be interesting to fix in edition 9. My setup uses Ubuntu Server 9.04.

Repositories (ClamAV)
Clamav requires libclamav6 and not libclamav5:

sudo aptitude install clamav-base libclamav5 clamav-daemon clamav-freshclam
Should be:

sudo aptitude install clamav-base libclamav6 clamav-daemon clamav-freshclam

Content Checks (Anti spam & anti virus)

cd /etc/amavis.d/conf.d
Should be:

cd /etc/amavis/conf.d


less 05-domain-id
Should be:

less 05-domain_id


less 05-node-id
Should be:

less 05-node_id

Webmail (Enable web access)
Suggestion for a more complete HOWTO: add a section on how to enable SSL access for Squirrelmail:

sudo a2enmod ssl
sudo a2ensite default-ssl

wjase
September 6th, 2009, 11:36 PM
Hi Folks,

I found I needed to er "adjust" my /etc/init.d/saslauthd script to set the permissions for the run directory created in the chroot for postfix to 750 (allow the sasl group to execute i believe).

I have the feeling that I need to take a shower as this seems like a slightly unclean thing to do...
But the mails are now coming in and out, and being authenticated as expected from my SQL maps...

ukripper
September 8th, 2009, 03:22 PM
Thanks Flurdy for this howto 8th edition.

I've successfully setup mail server using Postfix + courier + Squirrelmail (IMAP-SSL) port 993 + mysql following Flurdy's guide. However, i now wish to experiment with roundcube webmail instead of squirrelmail.

I am finding setting up roundcube bit difficult with my current setup. I wonder if anyone has already setup roundcube and can give some tips on how to enable roundcube with Flurdy's setup? I am getting following database error with roundcube? thanks in advance for any help..

DATABASE ERROR: CONNECTION FAILED!

Unable to connect to the database!
Please contact your server-administrator.

ukripper
September 9th, 2009, 01:32 PM
Looks like i have answered my own question!

After struggling for 3 days with roundcube I looked in /var/log/roundcube/errors for any errors and found plenty of below:

DB Error: unable to find package 'MDB2_Driver_mysql' file 'MDB2/Driver/mysql.php'

That means extra dependency needed to be installed to make roundcube work with mysql. So i installed that by
sudo apt-get install php-mdb2-driver-mysql

and opened roundcube in the browser and voila!!!everything works. No more squirrelmail for me, time for AJAX based webmail.....ROUNDCUBE<<<--------

Thanks Flurdy for your work with setting up mailserver, in future roundcube would be good addition to your guide..keep up with the good work!:guitar:

ukripper
September 9th, 2009, 02:59 PM
Anyone looking for nice roundcube theme and better than outlook 2007 webmail. - MVISION v2.2 http://www.roundcubethemes.net/news.php?id=6

majstora
November 11th, 2009, 07:49 PM
HI everybody,

I'm following this howto and I get an error:

chdir Maildir: No such file or directory

I think the line
MYSQL_MAILDIR_FIELD concat(home,'/',maildir) is not working and courier is setting up the default Maildir which doesn't exists.
When I create a user in Mysql and I send an e-mail to it I get the maildir in /var/spool/mail/virtual/user with cur/ new/ and tmp/ folders, but when I try to access it with squirrelmail or outlook I get this error.

Is it possible to be a permissions issue?
Any other ideas? thanks!

flurdy
November 12th, 2009, 03:55 PM
As usual Flurdy, this has been a very reliable mail sever for me now for about 3 years!! Still running on Ubuntu 6.06 server with regular normal Ubuntu updates.

Recently a new and rather dangerous problem cropped up. I went in via phpmyadmin to do some database work and found that phpmyadmin no longer had provision for logging on or off. It just went straight in there!! The login and logout icons were gone and this warning was on the main page:

"Cannot load mysqli extension. Please check your PHP configuration. - Documentation"

Some googling found that these extensions or something has changed with one of the MySQL or PHP updates and I cannot find how to fix it. Obviously anyone could go in and do damage to the db so I have disabled it till I can find some help. Any help would be seriously appreciated.

Mike

So which user did it run against mysql as?

I am personally not comfortable with exposing phpmyadmin to the world either. So I usually restrict it with a .htaccess login, and even sometimes ip restrictions.

flurdy
November 12th, 2009, 03:57 PM
Looks like i have answered my own question!

After struggling for 3 days with roundcube I looked in /var/log/roundcube/errors for any errors and found plenty of below:

DB Error: unable to find package 'MDB2_Driver_mysql' file 'MDB2/Driver/mysql.php'

That means extra dependency needed to be installed to make roundcube work with mysql. So i installed that by
sudo apt-get install php-mdb2-driver-mysql

and opened roundcube in the browser and voila!!!everything works. No more squirrelmail for me, time for AJAX based webmail.....ROUNDCUBE<<<--------

Thanks Flurdy for your work with setting up mailserver, in future roundcube would be good addition to your guide..keep up with the good work!:guitar:


If someone writes a roundcube howto extension to my postfix howto I would be happy to link to it. ;)

flurdy
November 12th, 2009, 04:05 PM
Thanks for your great HOWTO, Flurdy! Everything worked on my first try except some minor difficulties, that had nothing to do with your guide! Rather it was of the RTM kind of stuff...

I found some minor typos in the 8th edition, it might be interesting to fix in edition 9. My setup uses Ubuntu Server 9.04.

Repositories (ClamAV)
Clamav requires libclamav6 and not libclamav5:

sudo aptitude install clamav-base libclamav5 clamav-daemon clamav-freshclam
Should be:

sudo aptitude install clamav-base libclamav6 clamav-daemon clamav-freshclam

Content Checks (Anti spam & anti virus)

cd /etc/amavis.d/conf.d
Should be:

cd /etc/amavis/conf.d


less 05-domain-id
Should be:

less 05-domain_id


less 05-node-id
Should be:

less 05-node_id

Webmail (Enable web access)
Suggestion for a more complete HOWTO: add a section on how to enable SSL access for Squirrelmail:

sudo a2enmod ssl
sudo a2ensite default-ssl


Cheers!

Fixed the typos.

Incubusaurus
December 8th, 2009, 05:00 PM
I've just finished going through the 9th edition of How to set up a mail server on a GNU / Linux system and thought I'd share a few things that I found.

First, it's a great tutorial, and I didn't have many problems. Thanks Flurdy. But there were some problems, and some things worth mentioning:

Section MTA Postfix

With this setting in main.cf


mynetworks_style = hostI was unable to connect to the server from my email client, which is on another computer on the same subnet. This setting restricts trusted clients to the server itself. With this setting in place, if you attempt to use the server as your SMTP server from a client on the same subnet, you will probably receive this error in the logs:

554 5.7.1 <email address here>: Relay access denied;

Note also that if mynetworks is also set in main.cf, this will override mynetworks_style:


mynetworks = 192.168.1.0/24 # overrides mynetworks_style
mynetworks_style = host # overridden bt mynetworksTo resolve the problem, either specify your subnet in mynetworks, and comment out (or remove) mynetworks_style:


mynetworks = 192.168.1.0/24
#mynetworks_style = hostOr, comment out (or remove) mynetworks, and change mynetworks_style to subnet:


#mynetworks = 192.168.1.0/24
mynetworks_style = subnetFor more information, see:
http://www.postfix.org/postconf.5.html#mynetworks
http://www.postfix.org/postconf.5.html#mynetworks_style

There is the following entry in main.cf:


maximal_queue_lifetime = 7dThat's fine as it stands, but if you lower that value to less than the value of bounce_queue_lifetime (default 5d), then you will receive a warning in the log. I changed mine to 3d, so had to insert bounce_queue_lifetime at 3d as well:


maximal_queue_lifetime = 3d
bounce_queue_lifetime = 3d


For more information, see:
http://www.postfix.org/postconf.5.html#maximal_queue_lifetime
http://www.postfix.org/postconf.5.html#bounce_queue_lifetime

Section Anti Virus Postgrey

In the section on enabling Postgrey, the port 10023 is shown. It should be 60000.

Incorrect:


smtpd_recipient_restrictions =
reject_unauth_pipelining, permit_mynetworks,
permit_sasl_authenticated, reject_non_fqdn_recipient,
reject_unknown_recipient_domain, reject_unauth_destination,
check_policy_service inet:127.0.0.1:10023, permitCorrect:


smtpd_recipient_restrictions =
reject_unauth_pipelining, permit_mynetworks,
permit_sasl_authenticated, reject_non_fqdn_recipient,
reject_unknown_recipient_domain, reject_unauth_destination,
check_policy_service inet:127.0.0.1:60000, permitAlternatively, you can edit the value in /etc/default/postgrey:


POSTGREY_OPTS="--inet=127.0.0.1:60000"Testing

Before starting the configuration of Amavis-new, I suggest reading the following document:

http://www.ijs.si/software/amavisd/README.postfix

It contains more detialed information on configuring and testing Amavis-new, and helped me debug an issue that I encountered.

That's all for now. I hope this helps someone.

flurdy
December 10th, 2009, 12:43 PM
If someone writes a roundcube howto extension to my postfix howto I would be happy to link to it. ;)

Ps. http://flurdy.com/docs/postfix/ now includes roundcube section as ive started using roundcube myself....

ukripper
December 10th, 2009, 06:25 PM
Ps. http://flurdy.com/docs/postfix/ now includes roundcube section as ive started using roundcube myself....

Welldone mate! good job

q.dinar
December 27th, 2009, 05:06 PM
hello. i am going to install mail server to ubuntu 9.10 desktop. now i cannot install postfix without errors. when postfix is being installed this is in syslog:
Dec 27 17:59:18 dinar-desktop postfix/sendmail[13386]: fatal: execv /usr/sbin/postalias: No such file or directory
>22:51 utc+3 : solved , asked in #ubuntu to try install, one person said that it works, then i have tried to set one related apparmor profile to complain mode and there is other error now , #1 , was #75 as i remember.<
i check:
which execv
and it says nothing. i find in synaptic that it is in snoopy package.>21:33 utc+3 : i have been mistaken/i am mistaken, in snoopy is not that file. even may be execv is not file but function , so /usr/sbin/postalias does not exist? why ? as i know it is in postfix package. < if i check it to install i see:
depends on ld.so.preload-manager (>=0.1) but it is not installable.
why so? i have searched for it in web and have found:
http://packages.ubuntu.com/dapper/all/ld.so.preload-manager/download
https://launchpad.net/ubuntu/+source/ld.so.preload-manager

also i have installed extra apparmor profiles and enabled postfix profiles and it blocked up some things on installation and uninstallation, but i have fixed profiles. added to /usr/sbin/sendmail profile:

/etc/mailname r,
>2009-12-28 17:50 utc+3 : and also this profile should be in complain mode during install and then also add:

/etc/__db.aliases.db wr,
/etc/aliases.db k,<
and to /usr/sbin/userdel :

@{PROC}/ r,
/etc/.pwd.lock rwk,
capability sys_ptrace,
#/usr/sbin/userdel ,
@{PROC}/[0-9]*/status r,
@{PROC}/[0-9]*/task/ r,
capability fsetid,

would(?) not you start new thread for ubuntu 9.10? i thought whether to start new thread about this my problem and installation of mail server in ubuntu 9.10 looking(?) at http://flurdy.com/docs/postfix/ but as you still continue this thread and as i have just one this problem yet, i write here.

2009-12-28 17:51 utc+3 :
also add in /etc/apparmor.d/usr.lib.postfix.master :

#ub910
/etc/mailname r,
/var/spool/postfix/** k,
/var/lib/postfix/** wrk,
add in /etc/apparmor.d/usr.lib.postfix.qmgr and in /etc/apparmor.d/usr.lib.postfix.pickup :

/etc/mailname r,

q.dinar
December 28th, 2009, 03:47 PM
hello.
what is this:

# may want to view the file to check if ok.
# especially that the final alias, eg root goes
# to a real person
sudo postalias /etc/postfix/aliases

this command has said nothing.

is my /etc/postfix/aliases file correct? :

# See man 5 aliases for format
postmaster: root
clamav: root

you have written "especially that the final alias, eg root goes to a real person" so i should add:

root: dinar

? if so, after i add that, should i rerun sudo postalias /etc/postfix/aliases ?
now before you answer i do so i hope nothing bad if i do so...

2009-12-29 12:45 utc+3 : now i have root: dinar in root: dinar but do not have alias like that in maildb aliases table. should not it be?

q.dinar
December 28th, 2009, 04:42 PM
"If you specify an ip in hosts, (as opposed to 'localhost') then it will communicate over tcp and not the mysql socket. (chroot restriction)."
so you make this so that this can be moved to chroot then?

GRANT SELECT,INSERT,UPDATE,DELETE,CREATE,DROP ON maildb.* TO 'mail'@'localhost' IDENTIFIED by 'mailPASSWORD';
GRANT SELECT,INSERT,UPDATE,DELETE,CREATE,DROP ON maildb.* TO 'mail'@'%' IDENTIFIED by 'mailPASSWORD'; exit;
why is 'mail'@'%' adding to 'mail'@'localhost' ? what does it mean? possiblity to connect from other computer?

18:48 utc+3 : hm should be mysql_alias.cf etc with "none" permission for "others"? because mysql password is in it. 18:51 utc+3: and what should be owner user and group of them?

21:07 utc+3 :
INSERT INTO aliases (mail,destination) VALUES ('xandros@blobber.org','xandros@blobber.org'), ('vivita@blobber.org','vivita@blobber.org');
hm, to all users should be so ?

INSERT INTO aliases (mail,destination) VALUES ('@lala.com','@whupper.nu'),
...
('postmaster@whopper.nu','postmaster@localhost'), ('abuse@whopper.nu','abuse@localhost'),
...
('abuse@blobber.org','abuse@localhost');
then
You want all mail for whooper.nu to go to xandros (catchall).
INSERT INTO aliases (mail,destination) VALUES ('@whopper.nu','xandros@blobber.org');

so mail to postmaster@whopper.nu also will go to xandros@blobber.org ?

21:24 utc+3 : a typo : "whupper.nu" .
21:31 utc+3 : probably to write "distribution" is better than "distrobution", because probably that is from old latin word...