Comments on: Configuring Postfix for virtual domains and Dovecot auth http://diymacserver.com Mon, 06 Feb 2012 16:07:33 +0000 hourly 1 http://wordpress.org/?v=3.2.1 By: No No http://diymacserver.com/installing-the-mailserver/the-mailserver-on-leopard/configuring-postfix-for-virtual-domains-and-dovecot-auth/comment-page-1/#comment-10273 No No Mon, 16 May 2011 03:49:47 +0000 http://diymacserver.com/?page_id=662#comment-10273 (Finally, I have a non-picayune suggestion!:-) The promise of *domain* aliases in postfixadmin (and its SQL schema) is not realized by your mysql_..._maps.cf files above. (In other words, mailboxes and aliases in a virtual domain are not also recognized for a domain aliased to it, and they should be.) You need two additional mysql_..._maps.cf files that cross the alias_domain table with the mailbox and alias tables, to generate a translated target address. I believe that you can copy verbatim the code presented in http://gfdsa.gfdsa.org/2009/03/16/alias_domain-postfixadmin-postfix-configuration/ (Finally, I have a non-picayune suggestion!:-)
The promise of *domain* aliases in postfixadmin (and its SQL schema) is not realized by your mysql_…_maps.cf files above. (In other words, mailboxes and aliases in a virtual domain are not also recognized for a domain aliased to it, and they should be.) You need two additional mysql_…_maps.cf files that cross the alias_domain table with the mailbox and alias tables, to generate a translated target address. I believe that you can copy verbatim the code presented in http://gfdsa.gfdsa.org/2009/03/16/alias_domain-postfixadmin-postfix-configuration/

]]> By: Richard http://diymacserver.com/installing-the-mailserver/the-mailserver-on-leopard/configuring-postfix-for-virtual-domains-and-dovecot-auth/comment-page-1/#comment-10271 Richard Sun, 15 May 2011 18:15:51 +0000 http://diymacserver.com/?page_id=662#comment-10271 @NoNo, again you are correct. I forgot to put this on a todo list and will change it. Thanks for the remark on the chmod, I will look into it if we can do this without too much problems. Again thanks for all the comments @NoNo, again you are correct. I forgot to put this on a todo list and will change it. Thanks for the remark on the chmod, I will look into it if we can do this without too much problems.

Again thanks for all the comments

]]> By: No No http://diymacserver.com/installing-the-mailserver/the-mailserver-on-leopard/configuring-postfix-for-virtual-domains-and-dovecot-auth/comment-page-1/#comment-10270 No No Sun, 15 May 2011 18:08:24 +0000 http://diymacserver.com/?page_id=662#comment-10270 Bump: A change acknowledged in 2008 by @Richard and mentioned above by @Rob is (maybe?) still pending as of the re-write of 2011: Because the document installing-everything-on-snow-leopard/securing-your-mySQL-install continues to recommend "skip-networking" in /etc/my.cnf as it has in the past, then the mysql_virtual_*_maps.cf codeblocks above still need to be changed to "hosts = unix:/tmp/mysql.sock" (As an aside, I was mildly surprised that there was no chmod 600 suggested for these files, which contain plaintext mySQL passwords. But might that in turn require a chown on them so the process itself can read 'em? Not sure who's running which process...) Bump: A change acknowledged in 2008 by @Richard and mentioned above by @Rob is (maybe?) still pending as of the re-write of 2011:
Because the document installing-everything-on-snow-leopard/securing-your-mySQL-install continues to recommend “skip-networking” in /etc/my.cnf as it has in the past, then the mysql_virtual_*_maps.cf codeblocks above still need to be changed to “hosts = unix:/tmp/mysql.sock”

(As an aside, I was mildly surprised that there was no chmod 600 suggested for these files, which contain plaintext mySQL passwords. But might that in turn require a chown on them so the process itself can read ‘em? Not sure who’s running which process…)

]]> By: Stevan Bajić http://diymacserver.com/installing-the-mailserver/the-mailserver-on-leopard/configuring-postfix-for-virtual-domains-and-dovecot-auth/comment-page-1/#comment-7553 Stevan Bajić Sun, 29 Aug 2010 14:49:18 +0000 http://diymacserver.com/?page_id=662#comment-7553 Tjena, tjena Micke BBB is blocking outbound port 25. You need to use their server (aka: smtp.bredband.net) for relaying. But I see you have already discovered that. Tjena, tjena Micke

BBB is blocking outbound port 25. You need to use their server (aka: smtp.bredband.net) for relaying. But I see you have already discovered that.

]]> By: Micke http://diymacserver.com/installing-the-mailserver/the-mailserver-on-leopard/configuring-postfix-for-virtual-domains-and-dovecot-auth/comment-page-1/#comment-7552 Micke Sun, 29 Aug 2010 14:21:29 +0000 http://diymacserver.com/?page_id=662#comment-7552 In this case it was easy. My ISP has port 25 open and no authentication is necessary so all I had to do was to add this line in /etc/postfix/main.cf relayhost = smtp.bredband.net In this case it was easy. My ISP has port 25 open and no authentication is necessary so all I had to do was to add this line in /etc/postfix/main.cf

relayhost = smtp.bredband.net

]]> By: Richard http://diymacserver.com/installing-the-mailserver/the-mailserver-on-leopard/configuring-postfix-for-virtual-domains-and-dovecot-auth/comment-page-1/#comment-7551 Richard Sun, 29 Aug 2010 14:11:01 +0000 http://diymacserver.com/?page_id=662#comment-7551 @Micke, for incoming mail you can use these instructions from my old blog: http://switch.richard5.net/2006/02/28/what-to-do-about-an-isp-blocking-port-25/ For outgoing mail I know there are many instructions available on the net. I guess I need to write some instructions for this as well. Google on "postfix relay isp" edit: found these instructions that will help: http://www.riverturn.com/blog/?p=239 @Micke, for incoming mail you can use these instructions from my old blog: http://switch.richard5.net/2006/02/28/what-to-do-about-an-isp-blocking-port-25/

For outgoing mail I know there are many instructions available on the net. I guess I need to write some instructions for this as well. Google on “postfix relay isp”

edit: found these instructions that will help: http://www.riverturn.com/blog/?p=239

]]> By: Micke http://diymacserver.com/installing-the-mailserver/the-mailserver-on-leopard/configuring-postfix-for-virtual-domains-and-dovecot-auth/comment-page-1/#comment-7550 Micke Sun, 29 Aug 2010 14:03:52 +0000 http://diymacserver.com/?page_id=662#comment-7550 Yes, appearently the ISP is blocking port 25. Except for their own smtp-server of course. (The ISP is bredbandsbolaget.se) Do you have any instructions on how to use them as a relay? Yes, appearently the ISP is blocking port 25. Except for their own smtp-server of course. (The ISP is bredbandsbolaget.se)

Do you have any instructions on how to use them as a relay?

]]> By: Stevan Bajić http://diymacserver.com/installing-the-mailserver/the-mailserver-on-leopard/configuring-postfix-for-virtual-domains-and-dovecot-auth/comment-page-1/#comment-7549 Stevan Bajić Sun, 29 Aug 2010 13:56:53 +0000 http://diymacserver.com/?page_id=662#comment-7549 @Mike: Okay. That is another issue. I tried to connect to that host and it works from my leased line: =-=-=-=-=-=-=-=-=-=-=-=-=-= theia ~ # telnet 195.35.82.79 25 Trying 195.35.82.79... Connected to 195.35.82.79. Escape character is '^]'. 220 mail-gw01.fsdata.se Microsoft ESMTP MAIL Service ready at Sun, 29 Aug 2010 15:44:39 +0200 RSET 250 2.0.0 Resetting QUIT 221 2.0.0 Service closing transmission channel Connection closed by foreign host. theia ~ # cd =-=-=-=-=-=-=-=-=-=-=-=-=-= Do you have in general an issue sending mails or is it just that Swedish server? Can you try to connect to one of the Yahoo servers? a.mx.mail.yahoo.com b.mx.mail.yahoo.com c.mx.mail.yahoo.com d.mx.mail.yahoo.com e.mx.mail.yahoo.com f.mx.mail.yahoo.com g.mx.mail.yahoo.com h.mx.mail.yahoo.com i.mx.mail.yahoo.com j.mx.mail.yahoo.com k.mx.mail.yahoo.com Or could you try to connect to one of the Google servers? google.com.s9a1.psmtp.com google.com.s9a2.psmtp.com google.com.s9b1.psmtp.com google.com.s9b2.psmtp.com If you have a problem to connect to them then it is most likely that your ISP is blocking you from connecting to any host on port 25. You usually can read on the ISP homepage if they are doing that. If they do that then it is most likely that you must use them (your ISP) as a smart host or a relay. What is your ISP? What is their homepage? @Mike: Okay. That is another issue. I tried to connect to that host and it works from my leased line:
=-=-=-=-=-=-=-=-=-=-=-=-=-=
theia ~ # telnet 195.35.82.79 25
Trying 195.35.82.79…
Connected to 195.35.82.79.
Escape character is ‘^]’.
220 mail-gw01.fsdata.se Microsoft ESMTP MAIL Service ready at Sun, 29 Aug 2010 15:44:39 +0200
RSET
250 2.0.0 Resetting
QUIT
221 2.0.0 Service closing transmission channel
Connection closed by foreign host.
theia ~ # cd
=-=-=-=-=-=-=-=-=-=-=-=-=-=

Do you have in general an issue sending mails or is it just that Swedish server? Can you try to connect to one of the Yahoo servers?
a.mx.mail.yahoo.com
b.mx.mail.yahoo.com
c.mx.mail.yahoo.com
d.mx.mail.yahoo.com
e.mx.mail.yahoo.com
f.mx.mail.yahoo.com
g.mx.mail.yahoo.com
h.mx.mail.yahoo.com
i.mx.mail.yahoo.com
j.mx.mail.yahoo.com
k.mx.mail.yahoo.com

Or could you try to connect to one of the Google servers?
google.com.s9a1.psmtp.com
google.com.s9a2.psmtp.com
google.com.s9b1.psmtp.com
google.com.s9b2.psmtp.com

If you have a problem to connect to them then it is most likely that your ISP is blocking you from connecting to any host on port 25. You usually can read on the ISP homepage if they are doing that. If they do that then it is most likely that you must use them (your ISP) as a smart host or a relay. What is your ISP? What is their homepage?

]]> By: Micke http://diymacserver.com/installing-the-mailserver/the-mailserver-on-leopard/configuring-postfix-for-virtual-domains-and-dovecot-auth/comment-page-1/#comment-7548 Micke Sun, 29 Aug 2010 13:40:34 +0000 http://diymacserver.com/?page_id=662#comment-7548 Ok, the domain name mess has been sorted out. I was confused :-) But I still have no luck sending mails. I get this in the logs: postfix/smtp[35345]: connect to mail-gw01.fsdata.se[195.35.82.79]:25: Operation timed out postfix/smtp[35345]: BF968F250A: to=, relay=none, delay=2192, delays=2162/0.02/30/0, dsn=4.4.1, status=deferred (connect to mail-gw01.fsdata.se[195.35.82.79]:25: Operation timed out) I cannot telnet to 195.35.82.79 : 25. If that port is blocked how shall this be handled? I guess that postfix gets the address (mail-gw01.fsdata.se) using DNS looking for an MX record for the recipient of the mail. Ok, the domain name mess has been sorted out. I was confused :-)

But I still have no luck sending mails. I get this in the logs:

postfix/smtp[35345]: connect to mail-gw01.fsdata.se[195.35.82.79]:25: Operation timed out
postfix/smtp[35345]: BF968F250A: to=, relay=none, delay=2192, delays=2162/0.02/30/0, dsn=4.4.1, status=deferred (connect to mail-gw01.fsdata.se[195.35.82.79]:25: Operation timed out)

I cannot telnet to 195.35.82.79 : 25.
If that port is blocked how shall this be handled? I guess that postfix gets the address (mail-gw01.fsdata.se) using DNS looking for an MX record for the recipient of the mail.

]]> By: Stevan Bajić http://diymacserver.com/installing-the-mailserver/the-mailserver-on-leopard/configuring-postfix-for-virtual-domains-and-dovecot-auth/comment-page-1/#comment-7547 Stevan Bajić Sun, 29 Aug 2010 12:46:06 +0000 http://diymacserver.com/?page_id=662#comment-7547 @Mike: You are confused! :) virtual domain feature means: Your users are VIRTUAL and do not exist on the local system (aka: no shell, no nothing. From your OS X viewpoint they do not exist). myhostname should not be aaa.com (domain dot top-level domain). It should be a real HOSTname (aka: host dot domain dot top-level domain. aka: myhost.aaa.com). Off course aaa.com is valid too but in your case it is better to use another value then aaa.com. You could even go that far to add myhost.invalid as myhostname. The value you have in myhostname is there so that Postfix knows if someone is addressing "someuser@(your myhostname)" that it should be delivered to the LOCAL account "someuser". But since all you want is to use VIRTUAL domains you don't need/want anything in myhostname that can be addressed from external. So adding something there that is invalid works too. The only problem when you add something that is not valid there is that Postfix will respond with that name you specify in myhostname when someone is doing a EHLO/HELO and this is maybe not something you like. So adding there a correct hostname might be beneficial in your case. @Mike: You are confused! :)

virtual domain feature means: Your users are VIRTUAL and do not exist on the local system (aka: no shell, no nothing. From your OS X viewpoint they do not exist).

myhostname should not be aaa.com (domain dot top-level domain). It should be a real HOSTname (aka: host dot domain dot top-level domain. aka: myhost.aaa.com).

Off course aaa.com is valid too but in your case it is better to use another value then aaa.com.

You could even go that far to add myhost.invalid as myhostname. The value you have in myhostname is there so that Postfix knows if someone is addressing “someuser@(your myhostname)” that it should be delivered to the LOCAL account “someuser”. But since all you want is to use VIRTUAL domains you don’t need/want anything in myhostname that can be addressed from external. So adding something there that is invalid works too. The only problem when you add something that is not valid there is that Postfix will respond with that name you specify in myhostname when someone is doing a EHLO/HELO and this is maybe not something you like. So adding there a correct hostname might be beneficial in your case.

]]>