1 Topic by Phyrax

  • Phyrax
  • Member
  • Offline
  • Registered: 2019-02-27
  • Posts: 10

Topic: Relaying problem for unknown users on iredmail

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release):  0.9.9 MARIADB edition
- Deployed with iRedMail Easy or the downloadable installer?
- Linux/BSD distribution name and version: CENTOS 7
- Store mail accounts in which backend (LDAP/MySQL/PGSQL):  MySQL
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? Yes
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

Hi, I've been using iRedMail Pro for a while now for various domains but now i'm running into a bit of an issue when trying to add another domain name as the iRedMail server isn't the only server containing mailboxes for this domain name.
Let me try to explain the situation.

On the front end we are using EFA (Mail Scanner), for the domain domainname.com emails are then being routed to our MS Exchange server which check if the mailbox is present, if not there is a send connector which send the email to our SuSe open exchange postfix mail server and iRedmail. The goal is to move away from the SuSe postfix server and migrate them all to iRedMail, however the MS Exchange server will still remain.

For a user on SuSe to be able to send emails to a mailbox on Exchange we had to create every single mailbox present on the MS Exchange server on the SuSe and make a manual rule on the dummy mailbox to forward emails to a domain name only present on the MS Exchange server. I'm hoping I can come up with a solution on how to avoid having all my Exchange users also on iRedadmin and then do manual forwarding to exchange again.

There are a few scenarios that should work.
1. Mail from external
2. Mail from MS Exchange to iRedMail + SuSe
3. Mail from a mailbox on Suse --> mailbox on iRedMail
4. Mail from a mailbox on iRedMail to MS Exchange + SuSe

Scenario 1 and 2 are working due to the send connector on Exchange.
Scenario 3 i'm don't care too much about because this will only be temporary.
Scenario 4 will be very important and is what i'm currently trying to resolve.

When I send an email now from a mailbox on iredmail to a user on exchange i get the error message:
Recipient address rejected: User unknown in virtual mailbox table which makes sense because this user doesn't exist on iredmail. So I've been doing some searching on the forum and found some posts with similar issues.

I've tried to use the relay feature on domain level by relaying received emails back to EFA by using smtp:[example.com]:25   
I still get the same error message, user unknown in virtual mailbox table. When I enable the checkbox relay without verifying local recipients I cannot login with any user for this domain on the webmail or connect to this mailbox with outlook.

Anyone has any suggestions on how to find a solution for this?
I know i can simply create every single user that I have on exchange on iredmail and do relaying on a user level, this works.
However I want to avoid creating over 200 dummy mailboxes just for forwarding purposes if in any way possible.

Kind regards,
Phyrax

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,770

Re: Relaying problem for unknown users on iredmail

Phyrax wrote:

I've tried to use the relay feature on domain level by relaying received emails back to EFA by using smtp:[example.com]:25   
I still get the same error message, user unknown in virtual mailbox table. When I enable the checkbox relay without verifying local recipients I cannot login with any user for this domain on the webmail or connect to this mailbox with outlook.
Anyone has any suggestions on how to find a solution for this?

Try this:

- Keep the "relay without verifying local recipients" option and relay setting
- Open file /etc/postfix/mysql/sender_login_maps.cf, remove 'AND domain.backupmx=0' in the "query =" line, restart or reload postfix service.
- Do the same change to /etc/dovecot/dovecot-mysql.conf, restart dovecot service.

3 Reply by Phyrax (edited by Phyrax 2019-02-28 20:30:11)

  • Phyrax
  • Member
  • Offline
  • Registered: 2019-02-27
  • Posts: 10

Re: Relaying problem for unknown users on iredmail

Thanks for the quick answer, part of the issue is solved with this solution, i can now send emails from iredmail to exchange/suse.

However, when i send an email from a mailbox on iredmail to another mailbox on iredmail it's still relaying, doesn't seem to check wether it should be delivered locally.

Feb 28 13:16:25 mail roundcube: <s9nrb95g> User iredtest@abc.com [10.100.10.12]; Message for test1@abc.com; 250: 2.0.0 Ok: queued as 43AF66043BC0

Feb 28 13:16:25 mail amavis[14200]: (14200-03) Passed CLEAN {RelayedInternal}, ORIGINATING/MYNETS LOCAL [127.0.0.1]:45376 <iredtest@abc.com> -> <test1@abc.com>, Queue-ID: 43AF66043BC0, Message-ID: <45865520b01343347118ecca0b4251e6@abc.com>, mail_id: j4GikTXorOH6, Hits: -, size: 494, queued_as: 64B126043BCC, dkim_new=dkim:global.domain, 100 ms

Feb 28 13:16:25 mail amavis[14200]: (14200-03) Passed CLEAN, <iredtest@abc.com> -> <test1@abc.com>, Hits: -, tag=0, tag2=0, kill=0, queued_as: 64B126043BCC, L/0/0/0
Feb 28 13:16:25 mail postfix/amavis/smtp[18359]: 43AF66043BC0: to=<test1@abc.com>, relay=127.0.0.1[127.0.0.1]:10026, delay=0.16, delays=0.06/0/0/0.1, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 64B126043BCC)

Feb 28 13:16:25 mail postfix/smtp[18365]: 64B126043BCC: to=<test1@abc.com>, relay=10.101.1.30[10.101.1.30]:25, delay=0.04, delays=0.01/0.01/0.02/0.01, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as ADAFF201AD)
Feb 28 13:16:41 mail amavis[14200]: (14200-04) Passed CLEAN {RelayedInbound}, [10.101.1.23]:53365 <iredtest@abc.com> -> <test1@abc.com>, Queue-ID: 329DE6043BC9, Message-ID: <45865520b01343347118ecca0b4251e6@abc.com>, mail_id: IRKfamU6Sala, Hits: -, size: 2516, queued_as: 4B38B6043BC0, 101 ms

Feb 28 13:16:41 mail amavis[14200]: (14200-04) Passed CLEAN, <iredtest@abc.com> -> <test1@abc.com>, Hits: -, tag=0, tag2=0, kill=0, queued_as: 4B38B6043BC0, L/0/0/0
Feb 28 13:16:41 mail postfix/amavis/smtp[18359]: 329DE6043BC9: to=<test1@abc.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=0.13, delays=0.02/0/0/0.1, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 4B38B6043BC0)

Feb 28 13:16:41 mail postfix/smtp[18365]: 4B38B6043BC0: to=<test1@abc.com>, relay=10.101.1.30[10.101.1.30]:25, delay=0.04, delays=0/0/0.02/0.01, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 9413E201AD)
[root@mail log]#

10.101.1.30 is our EFA Mailscanner where relaying to.


EDIT: local delivery is completely disabled now, also when sending emails from exchange to iredmail.

4 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,770

Re: Relaying problem for unknown users on iredmail

Phyrax wrote:

However, when i send an email from a mailbox on iredmail to another mailbox on iredmail it's still relaying, doesn't seem to check wether it should be delivered locally.

Try to set a per-user relay for users on iRedMail. Per-user relay has higher priority than per-domain relay.

5 Reply by Phyrax

  • Phyrax
  • Member
  • Offline
  • Registered: 2019-02-27
  • Posts: 10

Re: Relaying problem for unknown users on iredmail

ZhangHuangbin wrote:

Try to set a per-user relay for users on iRedMail. Per-user relay has higher priority than per-domain relay.

So there is no escaping creating every single mailbox that I have on the Exchange server and do a per user relay for these users?
I was hoping there was a way for iredadmin to check wether a local user is present and if now relay it to the next hop.
Similar to how MS Exchange is dealing with this.

6 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,770

Re: Relaying problem for unknown users on iredmail

Phyrax wrote:

So there is no escaping creating every single mailbox that I have on the Exchange server and do a per user relay for these users?

I mean setting per-user relay for users already existing on iRedMail server, not creating all mailboxes same as Exchange.

7 Reply by Phyrax (edited by Phyrax 2019-03-01 16:58:32)

  • Phyrax
  • Member
  • Offline
  • Registered: 2019-02-27
  • Posts: 10

Re: Relaying problem for unknown users on iredmail

ZhangHuangbin wrote:

I mean setting per-user relay for users already existing on iRedMail server, not creating all mailboxes same as Exchange.

When doing a per-user relay i still get the message user unknown in virtual mailbox table when sending from iredmail mailbox to exchange mailbox. even though i'm relaying per-user all outgoing email to the EFA mailscanner.

8 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,770

Re: Relaying problem for unknown users on iredmail

Could you please show me the full + original Postfix log?
Just double check: you have "relay without verifying local recipients" checked in iRedAdmin-Pro, right?