You are not logged in. Please login or register.
iRedMail → iRedAdmin-Pro Support → mlmmj subscription emails missing
OK, craig1234@ is the real mailbox, and craig@ is the per-user alias address.
I expect Postfix to use craig1234@ as final destination, but it doesn't. I need to do some testing to reproduce this bug and fix it.
----
Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.OK, that's fine. I had to arrange something else for the temporary project I needed the mailing list for, so there's no rush any more. But, of course, I would like it to work as expected. Thanks.
Craig
Confirmed it's a bug and fixed it. Here's the procedure of why it happened:
1) Someone sends email to a mlmmj mailing list.
2) mlmmj connects to Amavisd for DKIM signing (port 10027, without spam/virus/bad-header/banned checks). Using port 25 is not ok because Amavisd will not sign DKIM on it. Port 587 is not ok either because it requires SMTP AUTH.
3) Amavisd re-injects the email back to Postfix through port 10025
4) Postfix sends the email to final recipient
The problem occurs at step #3 when Postfix accepts the email. With default iRedMail setting, in /etc/postfix/master.cf, there's a line for port 10025:
10025 inet n - n - - smtpd
...
-o receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_address_mappingsWith option 'no_address_mappings', Postfix does not perform virtual aliad address expansion, so it doesn't know the final recipient address of your per-user alias address (craig1234@) is actually crag@, then it hands over the email to LDA (local deliver agent, it's Dovecot LDA in our case). But in Dovecot config file, the SQL query doesn't check virtual alias mapping.
Since there're many kinds of address mappings, it's not ideal to handle this in Dovecot. Instead, we did some changes in Postfix and Amavisd config files to make it working perfectly.
I will publish the fix soon in (DRAFT) iRedMail upgrade tutorial.
Here's the detailed fix.
*) In /etc/amavsd/amavisd.conf, find existing config lines like below:
$policy_bank{'MLMMJ'} = {
...
};Add a new line inside the {} block:
$policy_bank{'MLMMJ'} = {
...
forward_method => 'smtp:[127.0.0.1]:10028',
};Here we use a new smtp port 10028.
*) Append new lines to file /etc/postfix/master.cf:
10028 inet n - n - - smtpd
-o syslog_name=postfix/10028
-o content_filter=
-o mynetworks_style=host
-o mynetworks=127.0.0.1
-o local_recipient_maps=
-o relay_recipient_maps=
-o strict_rfc821_envelopes=yes
-o smtp_tls_security_level=none
-o smtpd_tls_security_level=none
-o smtpd_restriction_classes=
-o smtpd_delay_reject=no
-o smtpd_client_restrictions=permit_mynetworks,reject
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o smtpd_end_of_data_restrictions=
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000
-o smtpd_client_connection_count_limit=0
-o smtpd_client_connection_rate_limit=0
-o receive_override_options=no_header_body_checks,no_unknown_recipient_checksIt's very similar to existing transport '10025', but without option "no_address_mappings".
Note: port 10025 is used BEFORE content filter, but 10028 is used AFTER content filter, so one needs 'no_address_mappings' and the other one doesn't, that's why we cannot use existing 10025.
*) Restart both postfix and amavisd services.
That's all. Please try it and let me know whether or not it works perfectly for you.
That's all. Please try it and let me know whether or not it works perfectly for you.
Thanks Zhang, it does indeed work perfectly. Excellent!
Now, about those zombie processes. Mlmmj is not a systemd service, so restarting doesn't work. Any suggestions?
Thanks.
Craig
Sorry, let me clarify my last post. I know I can kill the zombie processes, of course, but what can I do to avoid them in the first place? Why are they happening?
Thanks.
No idea yet, this is first report of the zombie process issue.
Any way to reproduce it steadily?
Not sure what you mean by "reproduce it steadily". There are zombie processes that have been running steadily since I opened this support ticket a couple of weeks ago. If there's something you like me to do or test I'm happy to do so.
About "reproduce it steadily", i mean:
1: the system doesn't have any zombie process
2: do something
3: the system have zombie process after step 2. and you can also see zombie process after 1+2.
I'm just going to update this post almost two years later to state that the zombie processes never became an issue and never came back again later.
Apologies for not updating sooner.
Craig
iRedMail → iRedAdmin-Pro Support → mlmmj subscription emails missing
Powered by PunBB, supported by Informer Technologies, Inc.
Currently installed 2 official extensions. Copyright © 2003–2010 PunBB.
Generated in 0.012 seconds (70% PHP - 30% DB) with 10 queries