1

Topic: Mail forwarding not working in iRedOS 0.61

Hi ,

After setting up users and reading posts in forum unable to setup User mail forwarding through phpldapadmin

1) Login to LDAP admin user
2) Select the entry for mail user who requires forwarding
3) Add attirbute mailForwardingAddress and mail address
4) Restart LDAP / Dovecot

Any help appreciated.

Regards
Shyamal

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: Mail forwarding not working in iRedOS 0.61

- It's better to export LDIF data of this user and paste here, so that others can help troubleshoot. (REPLACE userPassword and sensitive information before post.)

- iRedMail-0.7.0 was released 2011-03-31, it's ready for production use. It's recommended to use iRedMail-0.7.0 instead of iRedOS-0.6.1 which ships iRedMail-0.6.1.

3

Re: Mail forwarding not working in iRedOS 0.61

ZhangHuangbin wrote:

- It's better to export LDIF data of this user and paste here, so that others can help troubleshoot. (REPLACE userPassword and sensitive information before post.)

- iRedMail-0.7.0 was released 2011-03-31, it's ready for production use. It's recommended to use iRedMail-0.7.0 instead of iRedOS-0.6.1 which ships iRedMail-0.6.1.

=======================
# LDIF Export for mail=sagartest@xxx.org,ou=Users,domainName=xxx.org,o=domains,dc=mail,dc=xxx,dc=org
# Server: My LDAP Server (127.0.0.1)
# Search Scope: sub
# Search Filter: (objectClass=*)
# Total Entries: 1
#
# Generated by phpLDAPadmin (http://phpldapadmin.sourceforge.net) on April 6, 2011 4:27 am
# Version: 1.2.0.5

version: 1

# Entry 1: mail=sagartest@xxx.org,ou=Users,domainName=xxx...
dn: mail=sagartest@xxx.org,ou=Users,domainName=xxx.org,o=domains,dc=mail,dc=xxx,dc=org
accountstatus: active
cn: sagar
createtimestamp: 20110207125642Z
creatorsname: cn=vmailadmin,dc=mail,dc=xxx,dc=org
enabledservice: mail
enabledservice: smtp
enabledservice: deliver
enabledservice: pop3
enabledservice: pop3secured
enabledservice: imap
enabledservice: imapsecured
enabledservice: managesieve
enabledservice: managesievesecured
enabledservice: sieve
enabledservice: sievesecured
enabledservice: internal
enabledservice: senderbcc
enabledservice: recipientbcc
enabledservice: shadowaddress
enabledservice: displayedInGlobalAddressBook
enabledservice: forward
entrycsn: 20110405114817Z#000000#00#000000
entrydn: mail=sagartest@xxx.org,ou=Users,domainName=xxx.org,o=domains,dc=mail,dc=xxx,dc=org
entryuuid: 74abb498-c705-102f-8990-e3d46d999870
hassubordinates: FALSE
homedirectory: /var/vmail/vmail1/xxx.org/s/sa/sag/sagartest-2011.02.07.18.26.42/
mail: sagartest@xxx.org
mailforwardingaddress: abhitest@xxx.org
mailmessagestore: vmail1/xxx.org/s/sa/sag/sagartest-2011.02.07.18.26.42/
mailquota: 1073741824
modifiersname: cn=Manager,dc=mail,dc=xxx,dc=org
modifytimestamp: 20110405114817Z
mtatransport: dovecot
objectclass: inetOrgPerson
objectclass: mailUser
objectclass: shadowAccount
objectclass: amavisAccount
sn: sagartest
storagebasedirectory: /var/vmail
structuralobjectclass: inetOrgPerson
subschemasubentry: cn=Subschema
uid: sagartest
userpassword: {SSHA}+XXX

========================
Can we upgrade the existing iRedmail 0.6.1 to iRedMail 0.7.0 keeping all mailboxes and configguration intact ? Will go through migrate/upgrade maual

Thanks and Regards
Shyamal

4

Re: Mail forwarding not working in iRedOS 0.61

- Can you paste content of /etc/postfix/ldap_virtual_alias_maps.cf here?

- Any output message with below command:

# postmap -q sagartest@xxx.org ldap:/etc/postfix/ldap_virtual_alias_maps.cf

It should return all email addresses listed in attribute "mailForwardingAddress". In your example, it should return "abhitest@xxx.org".

- In iRedMail-0.7.0, the query_filter in /etc/postfix/ldap_virtual_alias_maps.cf (actually, it's /etc/postfix/ldap/virtual_alias_maps.cf) is:

query_filter    = (&(|(mail=%s)(shadowAddress=%s))(accountStatus=active)(enabledService=mail)(enabledService=deliver)(|(objectClass=mailAlias)(&(objectClass=mailUser)(enabledService=forward))))

You LDIF data is OK for this query_filter.

5 (edited by sthatte 2011-04-06 13:50:24)

Re: Mail forwarding not working in iRedOS 0.61

Yes the result is "abhitest@xxx.org"

Below is copy of /etc/postfix/ldap_virtual_alias_maps.cf
server_host     = 127.0.0.1
server_port     = 389
version         = 3
bind            = yes
start_tls       = no
bind_dn         = cn=vmail,dc=mail,dc=xxx,dc=org
bind_pw         = XXX
search_base     = domainName=%d,o=domains,dc=mail,dc=xxx,dc=org
scope           = sub
query_filter    = (&(|(mail=%s)(shadowAddress=%s))(accountStatus=active)(enabledService=mail)(enabledService=deliver)(|(objectClass=mailAlias)(&(objectClass=mailUser)(enabledService=forward))))
result_attribute= mailForwardingAddress
debuglevel      = 0

Upgrading to 0.7.0 can be done only after successful rollout on current version

Can there be a problem if port 389 is blocked by iptables ?
Below output of
# service iptables status

Table: filter
Chain INPUT (policy DROP)
num  target     prot opt source               destination         
1    ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED
2    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           multiport dports 80,443,25,465,110,995,143,993,587,465,22
3    ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           
4    ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 8

Chain FORWARD (policy DROP)
num  target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
num  target     prot opt source               destination   

Thanks
Shyamal

6

Re: Mail forwarding not working in iRedOS 0.61

sthatte wrote:

Yes the result is "abhitest@xxx.org"

Below is copy of /etc/postfix/ldap_virtual_alias_maps.cf

query_filter    = (&(|(mail=%s)(shadowAddress=%s))(accountStatus=active)(enabledService=mail)(enabledService=deliver)(|(objectClass=mailAlias)(&(objectClass=mailUser)(enabledService=forward))))

You have correct result and postfix setting. So it should work as expected.
What does "Mail Forwarding not working" exactly mean? Sorry.

Can there be a problem if port 389 is blocked by iptables ?

2    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           multiport dports 80,443,25,465,110,995,143,993,587,465,22

Access to openldap service via port 389 or 636 on localhost is ok, we just block access request from external network.

7

Re: Mail forwarding not working in iRedOS 0.61

Since the users cannot set forwarding in this version of roundcube we added the MailForwardingAddress attribute to them in LDAP with appropriate valid forwarding mail address.

When we send mail to sagartest@xxx.org we expect it to be forwarded to abhitest@xxx.org, however the email just reaches the mailbox of sagartest@xxx.org and is never forwarded to abhitest@xxx.org

Is there any log file to check ?

In /var/log/iredapd.log we see
2011-04-05 22:25:31 INFO external@gmail.co.in -> sagartest@xxx.org, DUNNO

8

Re: Mail forwarding not working in iRedOS 0.61

Thank you it is working after restart of server.

Do we have to restart
LDAP / DOVECOT /HTTP after the change to forwarding.

Regards
Shyamal

9

Re: Mail forwarding not working in iRedOS 0.61

sthatte wrote:

When we send mail to sagartest@xxx.org we expect it to be forwarded to abhitest@xxx.org, however the email just reaches the mailbox of sagartest@xxx.org and is never forwarded to abhitest@xxx.org

How did you send this testing email? From local with command "mail" in command line? or a normal mail client?

Can you show us output of below command?

# postconf -n | grep 'mysql:'

10

Re: Mail forwarding not working in iRedOS 0.61

We sent mail using external 'gmail' account.

No output for command above.

Can we also create a 'catch-all' mail account for all users ? We intend to only backup the one account from mail server.

While creating Alias managed to add wrong 'ou' now cannot delete it from LDAP Admin.

# LDIF Export for ou=Aliases,domainName=xxx.org,o=domains,dc=mail,dc=xxx,dc=org
# Server: My LDAP Server (127.0.0.1)
# Search Scope: sub
# Search Filter: (objectClass=*)
# Total Entries: 1
#
# Generated by phpLDAPadmin (http://phpldapadmin.sourceforge.net) on April 6, 2011 4:53 am
# Version: 1.2.0.5

version: 1

# Entry 1: ou=Aliases,domainName=xxx.org,o=domains,dc=mail,dc...
dn: ou=Aliases,domainName=xxx.org,o=domains,dc=mail,dc=xxx,dc=org
objectclass: organizationalUnit
objectclass: top
ou: Aliases
ou: Mail   <------ added by mistake

Thank you very much for the support. Really appreciate your help and deep understanding of the stack.

Regards
Shyamal

11

Re: Mail forwarding not working in iRedOS 0.61

Oops, it should be:

# postconf -n | grep 'ldap:'

Not 'mysql:'. My mistake, sorry.

sthatte wrote:

Can we also create a 'catch-all' mail account for all users ? We intend to only backup the one account from mail server.

You can create a alias account for this user, it's better for a catch-all account.
Because catch-all account will receive all mails which sent to non-exist accounts, that means you will receive many SPAMs.

sthatte wrote:

While creating Alias managed to add wrong 'ou' now cannot delete it from LDAP Admin.

Can't delete this incorrect value with phpLDAPadmin?
I'm sorry that i didn't try to add multiple value of "ou" before, not tested. But you should give it a try.

12

Re: Mail forwarding not working in iRedOS 0.61

postconf -n | grep 'ldap:'
recipient_bcc_maps = proxy:ldap:/etc/postfix/ldap_recipient_bcc_maps_domain.cf, proxy:ldap:/etc/postfix/ldap_recipient_bcc_maps_user.cf
relay_domains = $mydestination, proxy:ldap:/etc/postfix/ldap_relay_domains.cf
relay_recipient_maps = proxy:ldap:/etc/postfix/ldap_virtual_mailbox_maps.cf
sender_bcc_maps = proxy:ldap:/etc/postfix/ldap_sender_bcc_maps_domain.cf, proxy:ldap:/etc/postfix/ldap_sender_bcc_maps_user.cf
smtpd_sender_login_maps = proxy:ldap:/etc/postfix/ldap_sender_login_maps.cf
transport_maps = proxy:ldap:/etc/postfix/ldap_transport_maps_user.cf, proxy:ldap:/etc/postfix/ldap_transport_maps_domain.cf
virtual_alias_maps = proxy:ldap:/etc/postfix/ldap_virtual_alias_maps.cf, proxy:ldap:/etc/postfix/ldap_virtual_group_maps.cf, proxy:ldap:/etc/postfix/ldap_sender_login_maps.cf, proxy:ldap:/etc/postfix/ldap_catch_all_maps.cf
virtual_mailbox_domains = proxy:ldap:/etc/postfix/ldap_virtual_mailbox_domains.cf
virtual_mailbox_maps = proxy:ldap:/etc/postfix/ldap_virtual_mailbox_maps.cf


I do not see 'mailAlias' attribute in LDAP admin, however

# grep mailAlias /etc/openldap/schema/iredmail.schema

objectclass ( 1.3.6.1.4.1.32349.1.2.4.4 NAME 'mailAlias'

13

Re: Mail forwarding not working in iRedOS 0.61

You can create mail alias account like below:

dn: mail=thiennk@demo.iredmail.org,ou=Aliases,domainName=demo.iredmail.org,o=domains,dc=iredmail,dc=org
accountStatus: active
cn: Nguyen Khanh Thien
enabledService: mail
enabledService: deliver
mail: thiennk@demo.iredmail.org
mailForwardingAddress: rkadmin@demo.iredmail.org
objectClass: mailAlias

P.S. it's recommended to purchase iRedAdmin-Pro to manage mail accounts.
- Feature list: http://www.iredmail.org/admin_panel.html
- Demo: http://www.iredmail.org/admin_demo.html