1 Topic by eddie (edited by eddie 2021-12-18 20:11:08)

  • eddie
  • Member
  • Offline
  • Registered: 2021-12-14
  • Posts: 20

Topic: Solved: Domain Alias not working externally (from gmail) after move

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): `2021091301 (Backend: mariadb, Date: 2021-12-12 23:16:00) iRedMail Easy: https://www.iredmail.org/easy.html`
- Deployed with iRedMail Easy
- Linux/BSD distribution name and version: Ubuntu 20.04
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Web server (Apache or Nginx): nginx
- Manage mail accounts with iRedAdmin-Pro? no, just SQL
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====


TL;DR
- I can send mail
- I can receive mail
- Just not from gmail
- It's been days (not just DNS)
- Gmail never attempts to contact my mail server (not tls, etc)

-------------


I have my primary domain and aliases working.
postmaster@domain.tld   (here forward domain.tld is my primary, which iredmail was installed with)
- me@
- eddie@

I can receive mail for all 3 addresses from external senders. I can reply as the alias. :check:


I am trying to add alias domain so that I will also have:
me@alias.tld. 
eddie@alias.tld

( here forward alias.tld is another domain i own, pointed at iredmail server with all mx, txt records set for mail)

I added to `alias_domain` table per docs.
I added to `alias` table per docs


Postfix will see these rules and forward for internal users,but for external users (gmail) postfix shows nothing (no connections, no errrors, just silent), and sender gets no errors  or bounces.



MySQL Tables:

MariaDB [vmail]> select * from alias_domain;
+--------------+------------------+---------------------+---------------------+--------+
| alias_domain | target_domain    | created             | modified            | active |
+--------------+------------------+---------------------+---------------------+--------+
| alias.tld | domain.tld | 1970-01-01 01:01:01 | 1970-01-01 01:01:01 |      1 |
+--------------+------------------+---------------------+---------------------+--------+
1 row in set (0.002 sec)

MariaDB [vmail]> select * from domain;
+------------------+------------------------------+------------+---------+-----------+-----------+----------+-------+-----------+----------+----------+---------------------+---------------------+---------------------+--------+
| domain           | description                  | disclaimer | aliases | mailboxes | maillists | maxquota | quota | transport | backupmx | settings | created             | modified            | expired             | active |
+------------------+------------------------------+------------+---------+-----------+-----------+----------+-------+-----------+----------+----------+---------------------+---------------------+---------------------+--------+
| domain.tld | domain Growers Community | NULL       |       0 |         0 |         0 |        0 |     0 | dovecot   |        0 |          | 2021-12-12 23:19:06 | 2021-12-13 00:35:29 | 9999-12-31 00:00:00 |      1 |
+------------------+------------------------------+------------+---------+-----------+-----------+----------+-------+-----------+----------+----------+---------------------+---------------------+---------------------+--------+
1 row in set (0.000 sec)

MariaDB [vmail]> select * from alias;
+------------------------+------+--------------+------------------+---------------------+---------------------+---------------------+--------+
| address                | name | accesspolicy | domain           | created             | modified            | expired             | active |
+------------------------+------+--------------+------------------+---------------------+---------------------+---------------------+--------+
| eddie@domain.tld |      |              | domain.tld | 1970-01-01 01:01:01 | 1970-01-01 01:01:01 | 9999-12-31 00:00:00 |      1 |
| me@domain.tld    |      |              | domain.tld | 1970-01-01 01:01:01 | 1970-01-01 01:01:01 | 9999-12-31 00:00:00 |      1 |
+------------------------+------+--------------+------------------+---------------------+---------------------+---------------------+--------+

asavisd is happy with DKIM, and mx records are set.

$ dig -t mx alias.tld

; <<>> DiG 9.10.6 <<>> -t mx alias.tld
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 57603
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;alias.tld.                  IN      MX

;; ANSWER SECTION:
alias.tld.           300     IN      MX      10 mail.domain.tld.

;; Query time: 253 msec
;; SERVER: 192.168.86.1#53(192.168.86.1)
;; WHEN: Mon Dec 13 16:04:37 EST 2021
;; MSG SIZE  rcvd: 73

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by eddie (edited by eddie 2021-12-14 09:07:27)

  • eddie
  • Member
  • Offline
  • Registered: 2021-12-14
  • Posts: 20

Re: Solved: Domain Alias not working externally (from gmail) after move

It must be DNS..

I found this **AWESOME** tool
https://www.wormly.com/test-smtp-server

And it confirms when sent directly that server happily accepts and routes mail for the aliases...


So challenge is why despite mx records returning (checked a few dns cache sites for global) whuy isn't external source hitting me up?


OH WELL, NOT iredmail's fault!

3 Reply by Cthulhu

  • Cthulhu
  • Member
  • Offline
  • Registered: 2019-06-04
  • Posts: 907

Re: Solved: Domain Alias not working externally (from gmail) after move

try only adding alias domains, then create one real mailbox, and use the other ones as forwarding

example:

domain.tld
alias1.tld
alias2.tld

user1@domain.tld (real mailbox)
user2@domain.tld -> user1@domain.tld
user3@domain.tld -> user1@domain.tld

4 Reply by eddie (edited by eddie 2021-12-14 22:21:55)

  • eddie
  • Member
  • Offline
  • Registered: 2021-12-14
  • Posts: 20

Re: Solved: Domain Alias not working externally (from gmail) after move

Cthulhu wrote:

try only adding alias domains, then create one real mailbox, and use the other ones as forwarding

example:

domain.tld
alias1.tld
alias2.tld

user1@domain.tld (real mailbox)
user2@domain.tld -> user1@domain.tld
user3@domain.tld -> user1@domain.tld


I think that's exactly what I have....

I mentioned in my last post but sending direct to my server works, so I have to blame slow DNS caches somewhere.... I'm waiting a couple of days before I keep running in circles tongue

5 Reply by eddie

  • eddie
  • Member
  • Offline
  • Registered: 2021-12-14
  • Posts: 20

Re: Solved: Domain Alias not working externally (from gmail) after move

Actually @cthulhu - do you know if being unable to send form domain alias (works for name alias) would be related or indicator of misconfiguration elsewhere?

6 Reply by Cthulhu

  • Cthulhu
  • Member
  • Offline
  • Registered: 2019-06-04
  • Posts: 907

Re: Solved: Domain Alias not working externally (from gmail) after move

i could be triggered by sender mismatch:

https://docs.iredmail.org/allow.certain … .user.html

7 Reply by eddie

  • eddie
  • Member
  • Offline
  • Registered: 2021-12-14
  • Posts: 20

Re: Solved: Domain Alias not working externally (from gmail) after move

Thanks Cthulhu, my understanding is that when aliases are correctly setup the for the SASL to use, it should allow alias in FROM header, and therefore does not need the bypass exception you linked to.  [bold]This works within domain but not across domain alias.  [/bold]

As for the primary concern of external mail not coming in though I think I made progress!

My old mailserver had STS records, my new did not.  Gmail is one of the handful of providers that use STS, and   STS records have an obscenely long cache (usually a week), so that makes sense why the usual 24-72 hour for general DNS did not apply and seem limited to gmail.

So I setup a new STS policy just in case google is attempting to update but getting a 404 (and therefore keeping old info!)


i'll update in the next couple days on progress

8 Reply by eddie (edited by eddie 2021-12-18 20:12:08)

  • eddie
  • Member
  • Offline
  • Registered: 2021-12-14
  • Posts: 20

Re: Solved: Domain Alias not working externally (from gmail) after move

#### SOLUTION. #####

eddie wrote:

My old mailserver had STS records, my new did not.  Gmail is one of the handful of providers that use STS, and   STS records have an obscenely long cache (usually a week),

That was it! Took several hours but Gmail will talk to my server now that sts is valid.  And it just delivered emails from 4 days ago!! lol

If you're ever removing our moving with sts, set it to testing mode first to avoid my m mistake.