[Dovecot] Mail undeliverable error
Hi Guys,
I've already posted this to the postfix mailing list and they made sure the error as the title suggest was generated by dovecot and not the other way around. I have an almost perfectly working multi domain mail server running dovecot+postfix+mysql+postfixadmin behind pfsense, when we transferred office, issues arose, suddenly users using email clients like thunderbird/outlook suddenly can't send mail when outside the office and instead gets an smtp denied or worst a mail undeliverable error. The mail undeliverable error was that the postmaster user is unknown yet I've created the alias using postfixadmin. I've made repeated test and sent mail directly to the postmaster and the email was received by the intended user, I'm stumped and have no idea to fix this.
Hope you can help me, TIA.
Here's the output of dovecot -n:
dovecot -n # /etc/dovecot.conf base_dir: /var/run/dovecot/ log_timestamp: %Y-%m-%d %H:%M:%S ssl_cert_file: /etc/postfix/ssl/mail-cert.pem ssl_key_file: /etc/postfix/ssl/mail-key.pem login_dir: /var/run/dovecot//login login_executable(default): /usr/libexec/dovecot/imap-login login_executable(imap): /usr/libexec/dovecot/imap-login login_executable(pop3): /usr/libexec/dovecot/pop3-login first_valid_uid: 150 last_valid_uid: 150 mail_extra_groups: mail mail_location: maildir:/home/virtualmail/%d/%u maildir_copy_with_hardlinks: yes mail_executable(default): /usr/libexec/dovecot/imap mail_executable(imap): /usr/libexec/dovecot/imap mail_executable(pop3): /usr/libexec/dovecot/pop3 mail_plugin_dir(default): /usr/lib/dovecot/imap mail_plugin_dir(imap): /usr/lib/dovecot/imap mail_plugin_dir(pop3): /usr/lib/dovecot/pop3 pop3_client_workarounds(default): pop3_client_workarounds(imap): pop3_client_workarounds(pop3): outlook-no-nuls oe-ns-eoh auth default: mechanisms: plain login digest-md5 user: nobody passdb: driver: sql args: /etc/dovecot-sql.conf userdb: driver: sql args: /etc/dovecot-sql.conf socket: type: listen client: path: /var/run/dovecot/auth-client mode: 432 user: postfix group: mail master: path: /var/run/dovecot/auth-master mode: 432 user: virtualmail group: mail
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Mon, 2 Feb 2009, jan gestre wrote:
when we transferred office, issues arose, suddenly users using email clients like thunderbird/outlook suddenly can't send mail when outside the office and instead gets an smtp denied or worst a mail undeliverable error. The mail undeliverable error was that the
Do you use Dovecot SASL in Postfix to authentificate the users? Do you use Dovecot deliver to drop the mail? Does the recipients are local or remote users? What does postfix says in its logs about the error? When the users login from internal hosts, do they connect to the same port as when they connect from outside the office? If not, what are Postfix' config differences?
Bye,
Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux)
iQEVAwUBSYcVSHWSIuGy1ktrAQLyLggAxqeIPm5uuZ9ONI4yc0umBH+qTSl97XZo xnGv6gXhCc3Xt2eC+pTP7OOMg0xKDFTwY73fHLt1Dd/tRz17kZpjdIo9pNSfYx1e wp0bYib84+y5ui+ZDzXPxuEOq1fkGoKSJDiukMa1l3ZuOMDynGZMMAGfnP8ALhIj 2bOvqzHFb9WdRTYzODznfQbPZqHxDW82svjB+AZe5nvvuEgE5Qzgh7MbGtotGH3l wSMH8AoyOlqpknNLGRBOFHkIJGixEjjWIpEWBj52RA2o8307I3FV6bp3MY0hBlYj 4QBhl/E1P46lrORqtoTsqP0IqXUkK/RjzMctMJWg/Fx670GgJYbn5g== =/YYL -----END PGP SIGNATURE-----
On Mon, Feb 2, 2009 at 11:46 PM, Steffen Kaiser <skdovecot@smail.inf.fh-brs.de> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Mon, 2 Feb 2009, jan gestre wrote:
when we transferred office, issues arose, suddenly users using email clients like thunderbird/outlook suddenly can't send mail when outside the office and instead gets an smtp denied or worst a mail undeliverable error. The mail undeliverable error was that the
Do you use Dovecot SASL in Postfix to authentificate the users? Do you use Dovecot deliver to drop the mail? Does the recipients are local or remote users? What does postfix says in its logs about the error? When the users login from internal hosts, do they connect to the same port as when they connect from outside the office? If not, what are Postfix' config differences?
I'm no expert but I think I just use MySQL since I'm using PostfixAdmin, correct? Whether the recipient is a local or remote when sending mails from outside the office produces the same mail undeliverable error result. Inside and Outside ports are the same i.e. port 25 and 587 for smtp, 110 for pop3 and 143 for imap.
Here's my /var/log/maillog:
Feb 1 21:26:38 mail postfix/cleanup[19777]: 55E6C148049: hold: header Received: from [127.0.0.1] (unknown [122.53.207.8])??by mail.ddblocal.com (Postfix) with ESMTP id 55E6C148049??for <ragestre@xinapse.net>; Sun, 1 Feb 2009 21:26:37 +0800 (PHT) from unknown[122.53.207.8]; from=<jan.gestre@ddblocal.com> to=<ragestre@xinapse.net> proto=ESMTP helo=<[127.0.0.1]> Feb 1 21:26:38 mail postfix/cleanup[19777]: 55E6C148049: message-id=<4985A3E0.7000802@ddblocal.com> Feb 1 21:26:38 mail postfix/smtpd[19520]: disconnect from unknown[122.53.207.8] Feb 1 21:26:38 mail dovecot: imap-login: Login: user=<jan.gestre@ddblocal.com>, method=plain, rip=::ffff:122.53.207.8, lip=::ffff:192.168.1.3
Feb 1 21:26:42 mail MailScanner[17048]: Uninfected: Delivered 1 messages Feb 1 21:26:42 mail MailScanner[17048]: MailScanner child dying of old age Feb 1 21:26:42 mail postfix/pipe[19788]: D9A6D148050: to=<postmaster@ddblocal.com>, relay=dovecot, delay=5.6, delays=5.6/0.01/0/0.03, dsn=5.1.1, status=bounced (user unknown)
On 2/2/2009, jan gestre (ipcopper.ph@gmail.com) wrote:
Feb 1 21:26:42 mail MailScanner[17048]: Uninfected: Delivered 1 messages Feb 1 21:26:42 mail MailScanner[17048]: MailScanner child dying of old age Feb 1 21:26:42 mail postfix/pipe[19788]: D9A6D148050:
Mailscanner may be the cuplrit here... it is well known to have lots of potential for problems, to the point that the postfix maintainers simply will not assist in troubleshooting a server that uses it...
Take it out of the loop, and see if the problem goes away... if it does, at least you know which direction to go.
--
Best regards,
Charles
On Tue, Feb 3, 2009 at 1:15 AM, Charles Marcus <CMarcus@media-brokers.com> wrote:
On 2/2/2009, jan gestre (ipcopper.ph@gmail.com) wrote:
Here's the output of dovecot -n:
dovecot -n
What version is this?
Recent versions show more info in dovecot -n output, like... dovecot version... upgrading may be a good idea...
dovecot-1.0.7-2.el5 , I'm afraid to upgrade it coz it might break the box and further complicate my problem. I tried to use a latest rebuilt version before deployment but it didn't work so I was force to use the default version that comes with CentOS5.1
On Tue, Feb 3, 2009 at 4:19 PM, jan gestre <ipcopper.ph@gmail.com> wrote:
On Tue, Feb 3, 2009 at 1:15 AM, Charles Marcus <CMarcus@media-brokers.com> wrote:
On 2/2/2009, jan gestre (ipcopper.ph@gmail.com) wrote:
Here's the output of dovecot -n:
dovecot -n
What version is this?
Recent versions show more info in dovecot -n output, like... dovecot version... upgrading may be a good idea...
dovecot-1.0.7-2.el5 , I'm afraid to upgrade it coz it might break the box and further complicate my problem. I tried to use a latest rebuilt version before deployment but it didn't work so I was force to use the default version that comes with CentOS5.1
correction, dovecot's version is dovecot-1.0-1.2.rc15.el5
On 2/3/2009, jan gestre (ipcopper.ph@gmail.com) wrote:
correction, dovecot's version is dovecot-1.0-1.2.rc15.el5
rc15 was known to be buggy and is very old... you really need to upgrade before pursuing this further, so might as well upgrade to the latest - or better, wait for 1.1.11 which is imminent (today probably)...
--
Best regards,
Charles
On Tue, Feb 3, 2009 at 6:35 PM, Charles Marcus <CMarcus@media-brokers.com> wrote:
On 2/3/2009, jan gestre (ipcopper.ph@gmail.com) wrote:
correction, dovecot's version is dovecot-1.0-1.2.rc15.el5
rc15 was known to be buggy and is very old... you really need to upgrade before pursuing this further, so might as well upgrade to the latest - or better, wait for 1.1.11 which is imminent (today probably)...
--
Best regards,
Charles
I've been googling around for answers and I've found this article about smtp-auth via mysql:
/usr/lib/sasl2/smtpd.conf
pwcheck_method: auxprop mech_list: PLAIN LOGIN auxprop_plugin: sql sql_verbose: yes sql_engine: mysql sql_hostnames: localhost sql_user: postfix sql_passwd: password sql_database: postfix sql_select: select password from mailbox where username = '%u@%r'
I'm not sure what exactly does it do, do I need to turn on saslauthd? It's currently not running.
I've also tried to upgrade via yum, almost broke it because before I was able to recall that I've rebuilt in from source.
On 2/3/2009 3:20 AM, jan gestre wrote:
Here's the output of dovecot -n:
dovecot -n
What version is this?
Recent versions show more info in dovecot -n output, like... dovecot version... upgrading may be a good idea...
dovecot-1.0.7-2.el5 , I'm afraid to upgrade it coz it might break the box and further complicate my problem. I tried to use a latest rebuilt version before deployment but it didn't work so I was force to use the default version that comes with CentOS5.1
correction, dovecot's version is dovecot-1.0-1.2.rc15.el5
Umm... I just looked at your previous messages... you had earlier sent the output of dovecot -n that showed version 1.0.7... was this your failed upgrade attempt?
Anyway, are you using cyrus-sasl or dovecot-sasl?
I'm not sure what exactly does it do, do I need to turn on saslauthd? It's currently not running.
Only if you're using cyrus-sasl...
I've also tried to upgrade via yum, almost broke it because before I was able to recall that I've rebuilt in from source.
Try upgrading from atrpms/net repository...
--
Best regards,
Charles
jan gestre wrote:
Hi Guys,
I've already posted this to the postfix mailing list and they made sure the error as the title suggest was generated by dovecot and not the other way around. Yes, they are right :
Feb 1 21:26:42 mail postfix/pipe[19788]: D9A6D148050: to=<postmaster@ddblocal.com>, relay=dovecot, delay=5.6, delays=5.6/0.01/0/0.03, dsn=5.1.1, status=bounced (user unknown)
dovecot bounces message "status=bounced (user unknown)"
userdb: driver: sql args: /etc/dovecot-sql.conf
You din't provide contents of "/etc/dovecot-sql.conf". Message is bounced as dovecot can't find "postmaster@ddblocal.com" in mysql database. There is something wrong with configuration in "/etc/dovecot-sql.conf" or mysql database itself.
"when we transferred office, issues arose, suddenly users using email clients like thunderbird/outlook suddenly can't send mail when outside the office and instead gets an smtp denied"
If you use Dovecot SASL in Postfix to authentificate the users it fails to too... this is why you got "smtp denied" errors. Relay rulues prevents unauthentificated users to send messages.
Check your userdb configuration an MySQL database itself.
Uldis
On Tue, Feb 3, 2009 at 9:13 AM, Uldis Pakuls <neko@it4u.lv> wrote:
jan gestre wrote:
Hi Guys,
I've already posted this to the postfix mailing list and they made sure the error as the title suggest was generated by dovecot and not the other way around.
Yes, they are right :
Feb 1 21:26:42 mail postfix/pipe[19788]: D9A6D148050: to=<postmaster@ddblocal.com>, relay=dovecot, delay=5.6, delays=5.6/0.01/0/0.03, dsn=5.1.1, status=bounced (user unknown)
dovecot bounces message "status=bounced (user unknown)"
userdb: driver: sql args: /etc/dovecot-sql.conf
You din't provide contents of "/etc/dovecot-sql.conf". Message is bounced as dovecot can't find "postmaster@ddblocal.com" in mysql database. There is something wrong with configuration in "/etc/dovecot-sql.conf" or mysql database itself.
Here's my dovecot-sql.conf:
driver = mysql connect = host=localhost dbname=postfix user=dovecot password=secret default_pass_scheme = MD5 user_query = SELECT '/home/virtualmail/%d/%n' as home, 'maildir:/home/virtualmail/%d/%n' as mail, 150 AS uid, 12 AS gid, concat('dirsize:storage=', quota) AS quota FROM mailbox WHERE username = '%u' AND active = '1' password_query = SELECT username as user, password, '/home/virtualmail/%d/%n' as userdb_home, 'maildir:/home/virtualmail/%d/%n' as userdb_mail, 150 as userdb_uid, 12 as userdb_gid FROM mailbox WHERE username = '%u' AND active = '1'
"when we transferred office, issues arose, suddenly users using email clients like thunderbird/outlook suddenly can't send mail when outside the office and instead gets an smtp denied"
If you use Dovecot SASL in Postfix to authentificate the users it fails to too... this is why you got "smtp denied" errors. Relay rulues prevents unauthentificated users to send messages.
Check your userdb configuration an MySQL database itself.
Uldis
participants (4)
-
Charles Marcus
-
jan gestre
-
Steffen Kaiser
-
Uldis Pakuls