1

Topic: iRedAdmin Pro 3.1 - mlmmj Problem

==== Required information ====
- iRedMail version (check /etc/iredmail-release):
- Linux/BSD distribution name and version:
- Store mail accounts in which backend (LDAP/MySQL/PGSQL):
- Web server (Apache or Nginx):
- Manage mail accounts with iRedAdmin-Pro?
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
======== Required information ====
- iRedMail version (check /etc/iredmail-release): 0.9.8
- Linux/BSD distribution name and version:  Ubuntu 16.04 LTS
- Store mail accounts in which backend (LDAP/MySQL/PGSQL):  LDAP
- Web server (Apache or Nginx): Apache
- Manage mail accounts with iRedAdmin-Pro? yes
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.

Apr  3 15:41:45 bamboo /usr/bin/mlmmj-send[68944]: init_sockfd.c:56: Could not connect to 127.0.0.1: Connection refused

====

Hi,

I've updated our mail cluster to the latest iredmail and iredadmin-pro release. Adding new mailinglists works fine but when I try to add a new member and check the "Send email to new members for subscription confirm" I'm getting the following error message:

Apr  3 15:41:45 bamboo /usr/bin/mlmmj-send[68944]: init_sockfd.c:56: Could not connect to 127.0.0.1: Connection refused

and the user is not receiving any confirmation mail. I also get a user unknwon error when trying to send an email to that mailinglist.

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: iRedAdmin Pro 3.1 - mlmmj Problem

I think this happens because my IRedAdmin Server does not run amavis and therefore can't send any mails. Is it possible to define a custom smtp_host in mlmmj settingy.py ?

3

Re: iRedAdmin Pro 3.1 - mlmmj Problem

Do you have this setting in Amavisd config file (to enable port 10027)?

$interface_policy{'10027'} = 'MLMMJ';
$policy_bank{'MLMMJ'} = {
    originating => 1,           # declare that mail was submitted by our smtp client
    allow_disclaimers => 0,     # mailing list should use footer text instead.
    enable_dkim_signing => 1,   # sign DKIm signature
    smtpd_discard_ehlo_keywords => ['8BITMIME'],
    terminate_dsn_on_notify_success => 0,  # don't remove NOTIFY=SUCCESS option
    bypass_spam_checks_maps => [1],     # don't check spam
    bypass_virus_checks_maps => [1],    # don't check virus
    bypass_banned_checks_maps => [1],   # don't check banned file names and types
    bypass_header_checks_maps => [1],   # don't check bad header
};

It's mentioned in mlmmj integration tutorials.

4 (edited by toxic 2018-04-03 22:52:06)

Re: iRedAdmin Pro 3.1 - mlmmj Problem

Yes I do have this option set but the option is set on our 3 mailservers that run postfix/dovecot/amavis. The iredadmin server only runs iredadmin (and mlmmj since today) For iredadmin I'm using the option AMAVISD_QUARANTINE_HOST to connect to one of our mailservers amavis daemon instead of the local one.

ZhangHuangbin wrote:

Do you have this setting in Amavisd config file (to enable port 10027)?

$interface_policy{'10027'} = 'MLMMJ';
$policy_bank{'MLMMJ'} = {
    originating => 1,           # declare that mail was submitted by our smtp client
    allow_disclaimers => 0,     # mailing list should use footer text instead.
    enable_dkim_signing => 1,   # sign DKIm signature
    smtpd_discard_ehlo_keywords => ['8BITMIME'],
    terminate_dsn_on_notify_success => 0,  # don't remove NOTIFY=SUCCESS option
    bypass_spam_checks_maps => [1],     # don't check spam
    bypass_virus_checks_maps => [1],    # don't check virus
    bypass_banned_checks_maps => [1],   # don't check banned file names and types
    bypass_header_checks_maps => [1],   # don't check bad header
};

It's mentioned in mlmmj integration tutorials.

5

Re: iRedAdmin Pro 3.1 - mlmmj Problem

This will be a problem.

mlmmj connects to 127.0.0.1:10027 (port 10027 is configured by iRedMail) by default, it doesn't connect to external server. Let me check how to get it working with external Amavisd server.

6

Re: iRedAdmin Pro 3.1 - mlmmj Problem

Try this:

cd /opt/mlmmjadmin/tools/
python maillist_admin.py update <mail> relayhost=<ip-of-amavisd-server>

* Replace <mail> by the full mail address of your mailing list.
* <ip-of-amavisd-server> is the IP address (or hostname) of your Amavisd server.

7

Re: iRedAdmin Pro 3.1 - mlmmj Problem

Here's patch for iRedAdmin-Pro-LDAP-3.1:

diff -r f4904f55d9f1 libs/ldaplib/ml.py
--- a/libs/ldaplib/ml.py    Tue Apr 03 16:54:38 2018 +0200
+++ b/libs/ldaplib/ml.py    Tue Apr 03 22:27:58 2018 +0200
@@ -197,6 +197,10 @@
 
     mlmmj_params = form_utils.get_mlmmj_params_from_web_form(form=form)
 
+    # Append relay_host
+    if settings.AMAVISD_QUARANTINE_HOST:
+        mlmmj_params['relay_host'] = settings.AMAVISD_QUARANTINE_HOST
+
     # create mlmmj account
     qr = mlmmj.create_account(mail=mail, form=mlmmj_params)
     if not qr[0]:
@@ -611,6 +615,10 @@
         params['only_subscriber_can_post'] = 'no'
         params['only_moderator_can_post'] = 'yes'
 
+    # Append relay_host
+    if settings.AMAVISD_QUARANTINE_HOST:
+        params['relay_host'] = settings.AMAVISD_QUARANTINE_HOST
+
     qr = mlmmj.create_account(mail=mail, form=params)
     if not qr[0]:
         return qr
@@ -715,6 +723,10 @@
               # Use postmaster@ as default owner
               'owner': 'postmaster@' + domain}
 
+    # Append relay_host
+    if settings.AMAVISD_QUARANTINE_HOST:
+        params['relay_host'] = settings.AMAVISD_QUARANTINE_HOST
+
     qr = mlmmj.create_account(mail=mail, form=params)
     if not qr[0]:
         return qr

And here's patch for iRedAdmin-Pro-SQL-2.9.0:

diff -r f4904f55d9f1 libs/sqllib/ml.py
--- a/libs/sqllib/ml.py    Tue Apr 03 16:54:38 2018 +0200
+++ b/libs/sqllib/ml.py    Tue Apr 03 22:27:58 2018 +0200
@@ -198,6 +198,10 @@
     try:
         mlmmj_params = form_utils.get_mlmmj_params_from_web_form(form=form)
 
+        # Append relay_host
+        if settings.AMAVISD_QUARANTINE_HOST:
+            mlmmj_params['relay_host'] = settings.AMAVISD_QUARANTINE_HOST
+
         # create mlmmj account
         qr = mlmmj.create_account(mail=mail, form=mlmmj_params)
         if not qr[0]:
@@ -574,6 +578,10 @@
     # Use postmaster@ as default owner
     params['owner'] = 'postmaster@' + domain
 
+    # Append relay_host
+    if settings.AMAVISD_QUARANTINE_HOST:
+        params['relay_host'] = settings.AMAVISD_QUARANTINE_HOST
+
     qr = mlmmj.create_account(mail=mail, form=params)
     if not qr[0]:
         return qr

8

Re: iRedAdmin Pro 3.1 - mlmmj Problem

Hi,

Thank you very much for the patch. Now I got a little step further. IRedAdmin is connecting to the IP behind AMAVISD_QUARANTINE_HOST to port 10027 but in syslog I can see the following error. Do you know how to fix this ?

Apr  4 08:40:39 bamboo /usr/bin/mlmmj-send[124964]: mlmmj-send.c:391: No proper greeting to our connectReply: [none / error / closed connection]: Success
Apr  4 08:40:39 bamboo /usr/bin/mlmmj-send[124964]: mlmmj-send.c:400: Error with HELO. Reply: [none / error / closed connection]: Success

9

Re: iRedAdmin Pro 3.1 - mlmmj Problem

Did you update the settings for existing mlmmj mailing list account like below?

cd /opt/mlmmjadmin/tools/
python maillist_admin.py update <mail> relayhost=<ip-of-amavisd-server>

The iRedAdmin-Pro patch works for newly created mailing lists, but not existing accounts.

10

Re: iRedAdmin Pro 3.1 - mlmmj Problem

ZhangHuangbin wrote:

Did you update the settings for existing mlmmj mailing list account like below?

cd /opt/mlmmjadmin/tools/
python maillist_admin.py update <mail> relayhost=<ip-of-amavisd-server>

The iRedAdmin-Pro patch works for newly created mailing lists, but not existing accounts.

No I added a new mailing list to test with

11

Re: iRedAdmin Pro 3.1 - mlmmj Problem

toxic wrote:
ZhangHuangbin wrote:

Did you update the settings for existing mlmmj mailing list account like below?

cd /opt/mlmmjadmin/tools/
python maillist_admin.py update <mail> relayhost=<ip-of-amavisd-server>

The iRedAdmin-Pro patch works for newly created mailing lists, but not existing accounts.

No I added a new mailing list to test with

Also Postfix keeps complaining that the newly created mailinglist does not exists. Might there be something wrong with the ldap filter ? Because the mailinglist exists in ldap

This is the error I get when I write a mail to the mailinglist

Final-Recipient: rfc822; list@nits.it
Original-Recipient: rfc822;list@nits.it
Action: failed
Status: 5.1.1
Diagnostic-Code: x-unix; user unknown

12 (edited by toxic 2018-04-04 15:36:05)

Re: iRedAdmin Pro 3.1 - mlmmj Problem

I had a look at the connection between mlmmj and amavis and mlmmj sends the following data but after the mail from the connection is reset

HELO bamboo.testdomain.de (the hostname is correct)
MAIL FROM:  <kaputt+bounces-confsub-6cdcee72023cc5f2-test=testdomain.de@nichtfunktionieren.de> | RSET

13

Re: iRedAdmin Pro 3.1 - mlmmj Problem

Show us output of commands below:

cd /etc/postfix/ldap/
for cf in $(ls); do echo $cf; postmap -q 'list@nits.it' ldap:./$cf; done

Also please show us the filter defined in file /etc/postfix/ldap/virtual_group_maps.cf and /etc/postfix/ldap/transport_maps_user.cf. You'd better compare them with the iRedMail upgrade tutorial first.
https://docs.iredmail.org/integration.m … ntegration

14 (edited by toxic 2018-04-05 15:15:54)

Re: iRedAdmin Pro 3.1 - mlmmj Problem

Hi,

I double checked the filters that should be modified according to the integration manual but they look correct. The output of your command looks like this:

catchall_maps.cf
recipient_bcc_maps_domain.cf
recipient_bcc_maps_user.cf
relay_domains.cf
sender_bcc_maps_domain.cf
sender_bcc_maps_user.cf
sender_dependent_relayhost_maps_domain.cf
sender_dependent_relayhost_maps_user.cf
sender_login_maps.cf
transport_maps_domain.cf
transport_maps_user.cf
virtual_alias_maps.cf
virtual_group_maps.cf
list@nits.it
virtual_group_members_maps.cf
virtual_mailbox_domains.cf
virtual_mailbox_maps.cf

virtual_group_maps

server_host     = ldap://10.100.7.253:389
server_port     = 389
version         = 3
bind            = yes
start_tls       = no
bind_dn         = ***
bind_pw         = ***
search_base     = ***
scope           = sub
query_filter     = (&(accountStatus=active)(!(domainStatus=disabled))(enabledService=mail)(enabledService=deliver)(|(&(objectClass=mailUser)(|(memberOfGroup=%s)(shadowAddress=%s)))(&(memberOfGroup=%s)(!(shadowAddress=%s))(|(objectClass=mailExternalUser)(&(objectClass=mailList)(!(enabledService=mlmmj)))(objectClass=mailAlias)))(&(objectClass=mailList)(enabledService=mlmmj)(|(mail=%s)(shadowAddress=%s)))))
result_attribute= mail
debuglevel      = 0

transport_maps_user.cf

server_host     = ldap://10.100.7.253:389
server_port     = 389
version         = 3
bind            = yes
start_tls       = no
bind_dn         = ***
bind_pw         = ***
search_base     = ***
scope           = one
query_filter    = (&(|(objectClass=mailUser)(&(objectClass=mailList)(enabledService=mlmmj)))(|(mail=%s)(shadowAddress=%s))(accountStatus=active)(!(domainStatus=disabled))(enabledService=mail))
result_attribute= mtaTransport
debuglevel      = 0

15

Re: iRedAdmin Pro 3.1 - mlmmj Problem

toxic wrote:

virtual_group_maps.cf
list@nits.it

As you can see in the output, Postfix finds the mlmmj mailing list.

Did you subscribe any member to the mailing list?

16

Re: iRedAdmin Pro 3.1 - mlmmj Problem

I have to users subscribed to that list but the LDIF Output for the Mailinglist shows no members

dn: mail=list@nits.it,ou=Groups,domainName=nits.it,o=domains,dc=mx,dc=***,dc=de
accessPolicy: membersonly
accountStatus: active
cn: Testlist
enabledService: mail
enabledService: deliver
enabledService: mlmmj
mail: list@nits.it
mailingListID: 4d78aea9-79d3-47f5-a4e1-ee86ac1202ab
mtaTransport: mlmmj:nits.it/list
objectClass: mailList

17

Re: iRedAdmin Pro 3.1 - mlmmj Problem

toxic wrote:

I have to users subscribed to that list but the LDIF Output for the Mailinglist shows no members

This is correct. Because members are stored under /var/vmail/mlmmj/<domain>/<list>/subscribers.d/.

I cannot figure out the issue with provided log/output, is it possible to give me direct ssh access for troubleshooting?

18

Re: iRedAdmin Pro 3.1 - mlmmj Problem

Hi,

I found the problem. I changed the transport_maps_user according to this post:

Re: mlmmj subscribe error user unknown
Hi,

i ran into the same issue. Finally i fixed it.

Change the file /etc/postfix/ldap/transport_maps_user.cf like this:

search_base = domainName=%d,o=domains,dc=xxx,dc=xxx
scope = sub

The values i had:

search_base = ou=Users,domainName=%d,o=domains,dc=xxx,dc=xxx
scope = one

Hope this helps.

And the second problem was fixed by changing inet_acl in the amavis configuration because mlmmj tried to send mails to amavis not from localhost but the servers ip address. I also had to add the ip of the iredadmin server so that it can send confirm subscription mails etc