1

Topic: issue getting 0.8.3 to work as backup MX

==== Required information ====
- iRedMail version: iRedMail-0.8.3
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): LDAP
- Linux/BSD distribution name and version: Ubuntu 12.04
- Related log if you're reporting an issue: mail.log
====

Hi Guys,

I'm having trouble getting 0.8.3 working as Backup MX. It keeps complaining about "user unknown"
It's a freshly installed server, supposed to only work as backup MX.

I've set BackupMXdomain to: yes, for all domains on the server.

I've tried commenting out $relay_recipient_maps in the proxy_read_maps line of main.cf

One of our other, older, iRedmail server (patched though) is working fine, with just setting BackupMXdomain to yes.

Is this a known problem, Am I looking over something?

If you guys need more info, pls. let me know.

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: issue getting 0.8.3 to work as backup MX

seems this is fixed by setting mtaTransport which is not explicitly in the documentation as far as I could tell (it sounded like an option).

Might be obvious but I've searched almost every topic and this wasn't explicitly said.

So please set: mtaTransport  to : "smtp:domainname:25" to get things to work (or with [A-record] if you have an A-record you wish to point your domain to.

3

Re: issue getting 0.8.3 to work as backup MX

jer wrote:

I've tried commenting out $relay_recipient_maps in the proxy_read_maps line of main.cf

Please don't do this.

jer wrote:

seems this is fixed by setting mtaTransport

Then this is not a backup mx. You relay all emails to smtp server set in mtaTransport.
If backup mx doesn't work, could you please show us output of command "postconf -n"? And content of file /etc/postfix/ldap/relay_domains.cf (remove password before posting)?

4

Re: issue getting 0.8.3 to work as backup MX

Hi Zhanghuanbin,

here you go:

root@backupmail:/etc/postfix# postconf -n
alias_database = hash:/etc/postfix/aliases
alias_maps = hash:/etc/postfix/aliases
allow_min_user = no
append_dot_mydomain = no
biff = no
bounce_queue_lifetime = 5d
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
content_filter = smtp-amavis:[127.0.0.1]:10024
delay_warning_time = 0h
disable_vrfy_command = yes
dovecot_destination_recipient_limit = 1
enable_original_recipient = no
home_mailbox = Maildir/
inet_interfaces = all
inet_protocols = ipv4, ipv6
mailbox_command = /usr/lib/dovecot/deliver
mailbox_size_limit = 0
maximal_backoff_time = 4000s
maximal_queue_lifetime = 5d
message_size_limit = 15728640
minimal_backoff_time = 300s
mydestination = $myhostname, localhost, localhost.localdomain, localhost.$myhostname
mydomain = muntinternet.net
myhostname = backupmail.muntinternet.net
mynetworks = 127.0.0.0/8
mynetworks_style = subnet
myorigin = backupmail.muntinternet.net
proxy_read_maps = $canonical_maps $lmtp_generic_maps $local_recipient_maps $mydestination $mynetworks $recipient_bcc_maps $recipient_canonical_maps $relay_domains $relay_recipient_maps $relocated_maps $sender_bcc_maps $sender_canonical_maps $smtp_generic_maps $smtpd_sender_login_maps $transport_maps $virtual_alias_domains $virtual_alias_maps $virtual_mailbox_domains $virtual_mailbox_maps $smtpd_sender_restrictions
queue_run_delay = 300s
readme_directory = no
recipient_bcc_maps = proxy:ldap:/etc/postfix/ldap/recipient_bcc_maps_user.cf, proxy:ldap:/etc/postfix/ldap/recipient_bcc_maps_domain.cf
recipient_delimiter = +
relay_domains = $mydestination, proxy:ldap:/etc/postfix/ldap/relay_domains.cf
relayhost =
sender_bcc_maps = proxy:ldap:/etc/postfix/ldap/sender_bcc_maps_user.cf, proxy:ldap:/etc/postfix/ldap/sender_bcc_maps_domain.cf
smtp-amavis_destination_recipient_limit = 1
smtp_data_init_timeout = 240s
smtp_data_xfer_timeout = 600s
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
smtpd_data_restrictions = reject_unauth_pipelining
smtpd_end_of_data_restrictions = check_policy_service inet:127.0.0.1:10031
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks,permit_sasl_authenticated, check_helo_access pcre:/etc/postfix/helo_access.pcre
smtpd_recipient_restrictions = reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unlisted_recipient, check_policy_service inet:127.0.0.1:7777, check_policy_service inet:127.0.0.1:10031, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_non_fqdn_helo_hostname, reject_invalid_helo_hostname
smtpd_reject_unlisted_recipient = yes
smtpd_reject_unlisted_sender = yes
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = no
smtpd_sasl_local_domain =
smtpd_sasl_path = ./dovecot-auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_sender_login_maps = proxy:ldap:/etc/postfix/ldap/sender_login_maps.cf
smtpd_sender_restrictions = permit_mynetworks, reject_sender_login_mismatch, permit_sasl_authenticated
smtpd_tls_CAfile = /etc/ssl/certs/iRedMail_CA.pem
smtpd_tls_cert_file = /etc/ssl/certs/iRedMail_CA.pem
smtpd_tls_key_file = /etc/ssl/private/iRedMail.key
smtpd_tls_loglevel = 0
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom
transport_maps = proxy:ldap:/etc/postfix/ldap/transport_maps_user.cf, proxy:ldap:/etc/postfix/ldap/transport_maps_domain.cf
virtual_alias_domains =
virtual_alias_maps = proxy:ldap:/etc/postfix/ldap/virtual_alias_maps.cf, proxy:ldap:/etc/postfix/ldap/virtual_group_maps.cf, proxy:ldap:/etc/postfix/ldap/virtual_group_members_maps.cf, proxy:ldap:/etc/postfix/ldap/catchall_maps.cf
virtual_gid_maps = static:1001
virtual_mailbox_base = /var/vmail
virtual_mailbox_domains = proxy:ldap:/etc/postfix/ldap/virtual_mailbox_domains.cf
virtual_mailbox_maps = proxy:ldap:/etc/postfix/ldap/virtual_mailbox_maps.cf
virtual_minimum_uid = 1001
virtual_transport = dovecot
virtual_uid_maps = static:1001

and:

root@backupmail:/etc/postfix# cat /etc/postfix/ldap/relay_domains.cf 
server_host     = 127.0.0.1
server_port     = 389
bind            = yes
start_tls       = no
version         = 3
bind_dn         = cn=vmail,dc=domainname,dc=com
bind_pw         = passwd
search_base     = o=domains,dc=domainname,dc=com
scope           = one
query_filter    = (&(objectClass=mailDomain)(|(domainName=%s)(&(enabledService=domainalias)(domainAliasName=%s)))(domainBackupMX=yes)(accountStatus=active)(enabledService=mail))
result_attribute= domainName
debuglevel      = 0

5

Re: issue getting 0.8.3 to work as backup MX

Both Postfix and Dovecot config files look just fine.
Could you show me output of below commands:

# cd /etc/postfix/ldap/
# for cf in $(ls *.cf); do echo ${cf}; postmap -q 'YOUR_BACKUP_MX_DOMAIN' ldap:./${cf}; done

6

Re: issue getting 0.8.3 to work as backup MX

root@backup:/etc/postfix/ldap# for cf in $(ls *.cf); do echo ${cf}; postmap -q 'DOMAINNAME.COM' ldap:./${cf}; done
catchall_maps.cf
recipient_bcc_maps_domain.cf
recipient_bcc_maps_user.cf
relay_domains.cf
DOMAINNAME.COM
sender_bcc_maps_domain.cf
sender_bcc_maps_user.cf
sender_login_maps.cf
transport_maps_domain.cf
smtp:DOMAINNAME.COM:25
transport_maps_user.cf
virtual_alias_maps.cf
virtual_group_maps.cf
virtual_group_members_maps.cf
virtual_mailbox_domains.cf
virtual_mailbox_maps.cf
root@backup:/etc/postfix/ldap# 

I realise that the transport_maps_domain.cf now is set by myself (in LDAP). But without that, things are not working, as explained before.

7

Re: issue getting 0.8.3 to work as backup MX

As a backup mx, it should accept all emails to backup MX domain without verifying accounts existence. Then it will contact primary domain, if primary domain is up and running, backup mx will forward all emails to primary domain.

With custom transport, it simply relay all emails to another smtp server.

Your Postfix and Dovecot config look just fine, i have no idea why it reports "user unknown". sad

8

Re: issue getting 0.8.3 to work as backup MX

ok, how could I contribute to fixing this?

for the record, at the moment I'm able to get it working using "transport_maps_domain", but that is actually, according to you, a step too much.

I have the idea that this might be an issue in earlier versions too.

9

Re: issue getting 0.8.3 to work as backup MX

Still not sure what the problem is, sorry.