1 Topic by camel1cz

  • camel1cz
  • camel1cz
  • Member
  • Offline
  • From: Czech Republic
  • Registered: 2013-04-20
  • Posts: 220

Topic: postmaster user in iredadmin

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 1.4.0 PGSQL edition
- Deployed with iRedMail Easy or the downloadable installer? downloadable installer
- Linux/BSD distribution name and version: Ubuntu 20.04.2 LTS
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): PGSQL
- Web server (Apache or Nginx): nginx
- Manage mail accounts with iRedAdmin-Pro? YES
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

Hello Zhang, I'm back now. Hope you're well. It has been a while... smile

Being a long therm user (about 8 years of active usage, 100+ domains and 1000+ accounts) of community version of iredmail, I decided to purchase Pro version to support the project and also to get admin panel which is great for bigger deployments (domain admins, etc.)

I have the new server installed and basically configured.

Now I'm working to migrate my old server to the new one and I have to review all hacks/adjustments/scripts/hooks I have made during the last years to make my work easier and server running better.

So I decided to review all my code and try to give it back to the community and hopefully implement it int iredmail/iredmail-pro ic case, you Zhang, will like it.

Thats the intro... now lets start easy with small issue:

When I create domain with my scripts, i do the following:
- add domain to the internal domains group in cluebringer. But this seems to be not needed anymore as iredapd has no such settings? Cluebringer used this to skip some checks for internal domains (I had a lot of headache becouse of local domains missing in this group).
- automatically add accounts postmaster@ and abuse@ ... I point them to my global postmaster account. At least the postmaster@ seems to be required by RFC822, the abuse is a good habit to have. What is the best way to implement this? In iredadmin? It should alias the addresses to all global admins or we can add new configuration value for this? Maybe a flag in global admin profile "Receive official reports YES/NO"?

Thanks for your great work!

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,788

Re: postmaster user in iredadmin

camel1cz wrote:

- add domain to the internal domains group in cluebringer. But this seems to be not needed anymore as iredapd has no such settings? Cluebringer used this to skip some checks for internal domains (I had a lot of headache becouse of local domains missing in this group).

Not necessary. Cluebringer was dropped long time ago.

camel1cz wrote:

- automatically add accounts postmaster@ and abuse@ ... I point them to my global postmaster account. At least the postmaster@ seems to be required by RFC822, the abuse is a good habit to have. What is the best way to implement this? In iredadmin? It should alias the addresses to all global admins or we can add new configuration value for this? Maybe a flag in global admin profile "Receive official reports YES/NO"?

We can define few new parameters for this purpose:

- One parameter (with True/False value) to indicate whether adds "postmaster@" automatically while creating new mail domain name.
- One parameter (with a list of usernames) to define the additional alias addresses assigned to postmaster@ users while creating new mail domain. This is used only when above parameter is set to True.

3 Reply by camel1cz

  • camel1cz
  • camel1cz
  • Member
  • Offline
  • From: Czech Republic
  • Registered: 2013-04-20
  • Posts: 220

Re: postmaster user in iredadmin

ZhangHuangbin wrote:
camel1cz wrote:

- automatically add accounts postmaster@ and abuse@...

We can define few new parameters for this purpose:

- One parameter (with True/False value) to indicate whether adds "postmaster@" automatically while creating new mail domain name.
- One parameter (with a list of usernames) to define the additional alias addresses assigned to postmaster@ users while creating new mail domain. This is used only when above parameter is set to True.

OK, how can we proceed? Do you eventually consider something like are hooks in wordpress?
We'll be then able to catch events and add some action. Like "on_domain_added" with argument1=domain_name - and I could write simple python script to insert postmaster@ and abuse@ accounts.

Simillary when adding domain, it would be possible to partially automatize setup od DKIM.

I can think of a lot of code hooked just to few events - add/delete (+modify?) for domain (+account, alias).

Thanks!

4 Reply by Cthulhu (edited by Cthulhu 2021-09-01 02:49:07)

  • Cthulhu
  • Member
  • Offline
  • Registered: 2019-06-04
  • Posts: 821

Re: postmaster user in iredadmin

There is another, way better solution.

/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
/*!40101 SET NAMES utf8 */;
/*!50503 SET NAMES utf8mb4 */;
/*!40014 SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0 */;
/*!40101 SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='NO_AUTO_VALUE_ON_ZERO' */;

-- Exportiere Struktur von Tabelle vmail.common_alias
CREATE TABLE IF NOT EXISTS `common_alias` (
  `address` varchar(128) NOT NULL,
  `goto` varchar(128) NOT NULL,
  `created` datetime DEFAULT current_timestamp(),
  `modified` datetime DEFAULT NULL ON UPDATE current_timestamp(),
  `active` tinyint(1) NOT NULL DEFAULT 1,
  PRIMARY KEY (`address`),
  UNIQUE KEY `address` (`address`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;

-- Exportiere Daten aus Tabelle vmail.common_alias: ~4 rows (ungefähr)
DELETE FROM `common_alias`;
/*!40000 ALTER TABLE `common_alias` DISABLE KEYS */;
INSERT INTO `common_alias` (`address`, `goto`, `created`, `modified`, `active`) VALUES
    ('abuse', 'goto@mail', '2019-06-24 03:35:46', '2019-06-24 03:36:33', 1),
    ('hostmaster', goto@mail', '2019-06-24 03:37:45', '2019-06-24 03:37:57', 1),
    ('no-reply', 'goto@mail', '2020-01-12 04:32:23', '2020-01-12 04:32:44', 1),
    ('webmaster', 'goto@mail', '2020-01-19 14:25:48', '2020-01-19 14:26:04', 1);
/*!40000 ALTER TABLE `common_alias` ENABLE KEYS */;

/*!40101 SET SQL_MODE=IFNULL(@OLD_SQL_MODE, '') */;
/*!40014 SET FOREIGN_KEY_CHECKS=IF(@OLD_FOREIGN_KEY_CHECKS IS NULL, 1, @OLD_FOREIGN_KEY_CHECKS) */;
/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;

/etc/postfix/mysql/virtual_common_alias_maps.cf

hosts       = 127.0.0.1:3306
user        = vmail
password    = yourpassword
dbname      = vmail
query       = SELECT goto FROM common_alias WHERE address = '%u' AND active='1' AND '%d' IN (SELECT domain FROM domain WHERE domain='%d');

/etc/postfix/main.cf

virtual_alias_maps =
    proxy:mysql:/etc/postfix/mysql/virtual_alias_maps.cf
    proxy:mysql:/etc/postfix/mysql/virtual_common_alias_maps.cf
    proxy:mysql:/etc/postfix/mysql/domain_alias_maps.cf
    proxy:mysql:/etc/postfix/mysql/catchall_maps.cf
    proxy:mysql:/etc/postfix/mysql/domain_alias_catchall_maps.cf

this will do the following:

each mail sent at abuse@yourmail.tld (postmaster, hostmaster, no-reply) will be automatically forwarded to your desired forwarding address, as long as the yourmail.tld is an active and enabled mail domain.

you dont need to create ANY mail accounts, you need to block them which should be easyly doable by a simple regex:

function EMAILCheckReserved($name)
    {
    return !preg_match("!^(?i)(abuse|hostmaster|postmaster|no-reply)$!", $name);
    }

just deny any creation of the reserved mailboxes.

for the no reply one, it actually needs to be a real mailbox, with 0 quota, just make sure the transport is set to "discard"

you can aswell allow sender forgery in iredapd to allow forged senders with no-reply@, but this is another thing, there are tutorials for doing this.

Hope this works out for you!


@ZhangHuangbin

I suggest this solution as implemented by default, just with empty database, so ppl can just add those aliases if wanted, it has 0 influence if the tables are left empty.

the management of mailboxes can aswell get implemented into iredadmin itself, as global admin you can choose to create and manage those common aliases and aswell block the creation of mailboxes with reserved virtual names.

makeing iredmail RFC valid by default would be a nice thing, and the effort is not that much

5 Reply by camel1cz

  • camel1cz
  • camel1cz
  • Member
  • Offline
  • From: Czech Republic
  • Registered: 2013-04-20
  • Posts: 220

Re: postmaster user in iredadmin

I'm not sure if global alias is good way to go - it's up to Zhang to pick the prefereed way to implement it.
I prefer to keep everything as simple and straightforward as possible. For me it's the alias/aliases in each domain.

But I totally agree with the need to create at least postmaster@ account by default to fulfill the RFC.

6 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,788

Re: postmaster user in iredadmin

Cthulhu wrote:

I suggest this solution as implemented by default

This solution is making things complex, no interest. Sorry.

We already have SQL tables and Postfix sql queries to get aliases/forwardings, no need to introduce a new sql table and new postfix sql query at all. We just need to create required aliases/forwardings while creating new domain, then why make things complex?

My preferred solution stays the same, but slightly improved:
==============
We can introduce a global parameter (a list with Python dicts) in iRedAdmin-Pro config file to indicate whether adds "postmaster@" automatically while creating new mail domain name.  Optionally set a hard-coded password (if empty, generate a random one instead). It's also able to specified alias addresses like "abuse@" to this account.

Note: currently we should just implement auto-create user account first, but ideally with this setting, it's able to auto-create any account type (e.g. an "all@" mailing list, alias, etc) while creating new domain.
==============

The (DRAFT) setting should look like this:

NEW_DOMAIN_POST_HOOKS = [
    {"type": "user",            # required
     "username": "postmaster",          # required
     "aliases": ["abuse", "no-reply"],    # optional
     "password": "my-hard-coded-password"},    # optional
    {"type": "ml",             # "ml" is subscribable (mlmmj) mailing list
     "username": "all",
     "aliases": ["all-employees", "all-people"]},
]

7 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,788

Re: postmaster user in iredadmin

Update: since we have sql table "iredadmin.settings" to store extra settings, maybe it's better to store these rules for creating new domain in sql table directly and manage them in iRedAdmin-Pro web UI.

8 Reply by performize

  • performize
  • Member
  • Offline
  • Registered: 2021-04-02
  • Posts: 6

Re: postmaster user in iredadmin

Hello ZhangHuangbin,
can you please write what's the current state of this feature?

I need to create postmaster@ alias for all my existing domains and it's unclear to me the best way to do that.

Thanks

9 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,788

Re: postmaster user in iredadmin

Still no planned yet. Sorry.
Busy working on upcoming product: iRedMail Pro, which combines iRedMail + iRedMail Easy + iRedAdmin-Pro into one single binary. FYI https://docs.iredmail.org/pro.html