Improper command pipelining after DATA

November 26, 2013, 3:17 am

≫ Next: Re: Improper command pipelining after DATA

≪ Previous: Re: Backup problem - wrong username or password

======== Required information ====
- iRedMail version: 0.8.5
- iRedAdmin-Pro-LDAP version: 1.9.0
- iRedAPD version: 1.4.1
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): LDAP
- Linux/BSD distribution name and version: Ubuntu 12.04.3 LTS
- Related log if you're reporting an issue: /var/log/syslog
====

Our incoming mail is delivered first to a anti-spam relay (Bytemark) before being passed onto our iredmail server (a VPS hosted by Bytemark). From time to time I am seeing the following entries appearing in our logs and wondered what they mean and whether they indicate a problem:

postfix/smtpd[2913]: improper command pipelining after DATA from nospam1.sh.bytemark.co.uk[89.16.184.148]

I have logged a call with Bytemark on this issue and they are looking into it, but I believe at the moment it is as much a mystery to them. They cannot see corresponding errors in their mail logs.

Any advice gratefully received.

↧

Re: Improper command pipelining after DATA

November 26, 2013, 3:55 am

≫ Next: Re: SSL Certificate integration

≪ Previous: Improper command pipelining after DATA

No idea at all. I suggest you read this mailing list thread as reference:
http://readlist.com/lists/postfix.org/p … 76929.html

I think you need to turn on debug for this bytemark IP address in Postfix to check detailed SMTP session.

↧

Re: SSL Certificate integration

November 26, 2013, 3:59 am

≫ Next: Re: CalDav Server

≪ Previous: Re: Improper command pipelining after DATA

On Ubuntu, the SSL certificate used in Apache/Dovecot/Postfix are:

- /etc/ssl/certs/iRedMail_CA.pem
- /etc/ssl/private/iRedMail.key

Just replace them by GoDaddy one.

↧

Re: CalDav Server

November 26, 2013, 4:00 am

≫ Next: Re: PHP Error: required kolabformat module

≪ Previous: Re: SSL Certificate integration

You should check SOGo official tutorial.

↧

Re: PHP Error: required kolabformat module

November 26, 2013, 4:01 am

≫ Next: Re: Postfix Multiple SSL Certificates

≪ Previous: Re: CalDav Server

You have to check kolab tasklist installation guide, especially its requirements.

↧

Re: Postfix Multiple SSL Certificates

November 26, 2013, 4:02 am

≫ Next: Re: Backup mx - error - user no found

≪ Previous: Re: PHP Error: required kolabformat module

Could you please show me full content of /etc/postfix/master.cf? And SQL record of this domain in table "vmail.domain".

↧

Re: Backup mx - error - user no found

November 26, 2013, 4:43 am

≫ Next: Re: one domain works with BackupMX but all others comes with user unknown

≪ Previous: Re: Postfix Multiple SSL Certificates

Could you show me full content of file '/etc/postfix/mysql/transport_maps_domain.cf'? I believe we didn't check column 'domain.backupmx' in this file. This is the root cause.

↧

Re: one domain works with BackupMX but all others comes with user unknown

November 26, 2013, 7:44 am

≫ Next: Re: Backup mx - error - user no found

≪ Previous: Re: Backup mx - error - user no found

WORK ONE
[root@264644-web2 ldap]# for cf in $(ls); do echo ${cf}; postmap -q 'WORKING.com.hk' ldap:./${cf}; done
ldap
postmap: fatal: read ./ldap: Is a directory
ldap_catch_all_maps.cf
postmap: warning: dict_ldap_connect: Unable to bind to server ldap://127.0.0.1:389 as cn=vmail,dc=iredmail,dc=org: 49 (Invalid credentials)
ldap_recipient_bcc_maps_domain.cf
ldap_recipient_bcc_maps_user.cf
ldap_relay_domains.cf
WORKING.com.hk
ldap_sender_bcc_maps_domain.cf
ldap_sender_bcc_maps_user.cf
ldap_sender_login_maps.cf
ldap_transport_maps_domain.cf
smtp:[XXX.215.XXX.XXX]:25
ldap_transport_maps_user.cf
ldap_virtual_alias_alias.cf
ldap_virtual_alias_maps.cf
ldap_virtual_alias_user.cf
ldap_virtual_group_maps.cf
ldap_virtual_mailbox_domains.cf
ldap_virtual_mailbox_maps.cf

NOT WORK ONE BELOW
[root@264644-web2 ldap]# for cf in $(ls); do echo ${cf}; postmap -q 'NOTWORKING.com' ldap:./${cf}; done
ldap
postmap: fatal: read ./ldap: Is a directory
ldap_catch_all_maps.cf
postmap: warning: dict_ldap_connect: Unable to bind to server ldap://127.0.0.1:389 as cn=vmail,dc=iredmail,dc=org: 49 (Invalid credentials)
ldap_recipient_bcc_maps_domain.cf
ldap_recipient_bcc_maps_user.cf
ldap_relay_domains.cf
NOTWORKING.com
ldap_sender_bcc_maps_domain.cf
ldap_sender_bcc_maps_user.cf
ldap_sender_login_maps.cf
ldap_transport_maps_domain.cf
smtp:[xxx.17.215.XXX]:25
ldap_transport_maps_user.cf
ldap_virtual_alias_alias.cf
ldap_virtual_alias_maps.cf
ldap_virtual_alias_user.cf
ldap_virtual_group_maps.cf
ldap_virtual_mailbox_domains.cf
ldap_virtual_mailbox_maps.cf

↧

Re: Backup mx - error - user no found

November 26, 2013, 9:07 am

≫ Next: Re: Postfix Multiple SSL Certificates

≪ Previous: Re: one domain works with BackupMX but all others comes with user unknown

user = vmail
password = xxxxxxxxxxxxxxxxxx
hosts = 127.0.0.1
port = 3306
dbname = vmail
query = SELECT transport FROM domain WHERE domain='%s' AND active=1

↧

Re: Postfix Multiple SSL Certificates

November 26, 2013, 10:44 am

≫ Next: Re: Postfix Multiple SSL Certificates

≪ Previous: Re: Backup mx - error - user no found

ZhangHuangbin wrote:

Could you please show me full content of /etc/postfix/master.cf? And SQL record of this domain in table "vmail.domain".

main.cf

 
# See /usr/share/postfix/main.cf.dist for a commented, more complete version


# Debian specific:  Specifying a file name will cause the first
# line of that file to be used as the name.  The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

readme_directory = no

# TLS parameters
#smtpd_tls_cert_file = /etc/ssl/certs/iRedMail_CA.pem
#smtpd_tls_cert_file = /etc/ssl/certs/iRedMail_CA_Postfix.pem
#smtpd_tls_key_file = /etc/ssl/private/iRedMail.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.

myhostname = cygni.example.com
alias_maps = hash:/etc/postfix/aliases
alias_database = hash:/etc/postfix/aliases
myorigin = cygni.example.com
mydestination = $myhostname, localhost, localhost.localdomain, localhost.$myhostname
relayhost = 
mynetworks = 127.0.0.0/8
mailbox_command = /usr/lib/dovecot/deliver
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = ipv4
virtual_alias_domains = 
allow_percent_hack = no
swap_bangpath = no
mydomain = example.com
mynetworks_style = host
smtpd_data_restrictions = reject_unauth_pipelining
smtpd_reject_unlisted_recipient = yes
smtpd_reject_unlisted_sender = yes
smtpd_sender_restrictions = permit_mynetworks, reject_sender_login_mismatch, permit_sasl_authenticated
delay_warning_time = 0h
maximal_queue_lifetime = 4h
bounce_queue_lifetime = 4h
proxy_read_maps = $canonical_maps $lmtp_generic_maps $local_recipient_maps $mydestination $mynetworks $recipient_bcc_maps $recipient_canonical_maps $relay_domains $relay_recipient_maps $relocated_maps $sender_bcc_maps $sender_canonical_maps $smtp_generic_maps $smtpd_sender_login_maps $transport_maps $virtual_alias_domains $virtual_alias_maps $virtual_mailbox_domains $virtual_mailbox_maps $smtpd_sender_restrictions
smtp_data_init_timeout = 240s
smtp_data_xfer_timeout = 600s
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_helo_hostname, reject_invalid_helo_hostname, check_helo_access pcre:/etc/postfix/helo_access.pcre
queue_run_delay = 300s
minimal_backoff_time = 300s
maximal_backoff_time = 4000s
enable_original_recipient = no
disable_vrfy_command = yes
home_mailbox = Maildir/
allow_min_user = no
message_size_limit = 15728640
virtual_minimum_uid = 2000
virtual_uid_maps = static:2000
virtual_gid_maps = static:2000
virtual_mailbox_base = /var/vmail
transport_maps = proxy:pgsql:/etc/postfix/pgsql/transport_maps_user.cf, proxy:pgsql:/etc/postfix/pgsql/transport_maps_domain.cf
virtual_mailbox_domains = proxy:pgsql:/etc/postfix/pgsql/virtual_mailbox_domains.cf
virtual_mailbox_maps = proxy:pgsql:/etc/postfix/pgsql/virtual_mailbox_maps.cf
virtual_alias_maps = proxy:pgsql:/etc/postfix/pgsql/virtual_alias_maps.cf, proxy:pgsql:/etc/postfix/pgsql/domain_alias_maps.cf, proxy:pgsql:/etc/postfix/pgsql/catchall_maps.cf, proxy:pgsql:/etc/postfix/pgsql/domain_alias_catchall_maps.cf
sender_bcc_maps = proxy:pgsql:/etc/postfix/pgsql/sender_bcc_maps_user.cf, proxy:pgsql:/etc/postfix/pgsql/sender_bcc_maps_domain.cf
recipient_bcc_maps = proxy:pgsql:/etc/postfix/pgsql/recipient_bcc_maps_user.cf, proxy:pgsql:/etc/postfix/pgsql/recipient_bcc_maps_domain.cf
relay_domains = $mydestination, proxy:pgsql:/etc/postfix/pgsql/relay_domains.cf
smtpd_sender_login_maps = proxy:pgsql:/etc/postfix/pgsql/sender_login_maps.cf
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = 
broken_sasl_auth_clients = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_authenticated_header = no
smtpd_recipient_restrictions = reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unlisted_recipient, check_policy_service inet:127.0.0.1:7777, check_policy_service inet:127.0.0.1:10031, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
smtpd_end_of_data_restrictions = check_policy_service inet:127.0.0.1:10031
smtpd_tls_security_level = may
smtpd_tls_loglevel = 0
#smtpd_tls_CAfile = /etc/ssl/certs/iRedMail_CA.pem
#smtpd_tls_CAfile = /etc/ssl/certs/iRedMail_CA_Postfix.pem
tls_random_source = dev:/dev/urandom
virtual_transport = dovecot
dovecot_destination_recipient_limit = 1
smtpd_sasl_type = dovecot
smtpd_sasl_path = ./dovecot-auth
content_filter = smtp-amavis:[127.0.0.1]:10024
smtp-amavis_destination_recipient_limit = 1

master.cf

 
#
# Postfix master process configuration file.  For details on the format
# of the file, see the master(5) manual page (command: "man 5 master").
#
# Do not forget to execute "postfix reload" after editing this file.
#
# ==========================================================================
# service type  private unpriv  chroot  wakeup  maxproc command + args
#               (yes)   (yes)   (yes)   (never) (100)
# ==========================================================================
#smtp      inet  n       -       -       -       -       smtpd
#smtp      inet  n       -       -       -       1       postscreen
#smtpd     pass  -       -       -       -       -       smtpd
#dnsblog   unix  -       -       -       -       0       dnsblog
#tlsproxy  unix  -       -       -       -       0       tlsproxy
#submission inet n       -       -       -       -       smtpd
#  -o syslog_name=postfix/submission
#  -o smtpd_tls_security_level=encrypt
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#  -o milter_macro_daemon_name=ORIGINATING
#smtps     inet  n       -       -       -       -       smtpd
#  -o syslog_name=postfix/smtps
#  -o smtpd_tls_wrappermode=yes
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#  -o milter_macro_daemon_name=ORIGINATING
#628       inet  n       -       -       -       -       qmqpd
pickup    fifo  n       -       -       60      1       pickup
cleanup   unix  n       -       -       -       0       cleanup
qmgr      fifo  n       -       n       300     1       qmgr
#qmgr     fifo  n       -       n       300     1       oqmgr
tlsmgr    unix  -       -       -       1000?   1       tlsmgr
rewrite   unix  -       -       -       -       -       trivial-rewrite
bounce    unix  -       -       -       -       0       bounce
defer     unix  -       -       -       -       0       bounce
trace     unix  -       -       -       -       0       bounce
verify    unix  -       -       -       -       1       verify
flush     unix  n       -       -       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
proxywrite unix -       -       n       -       1       proxymap
smtp      unix  -       -       -       -       -       smtp
relay     unix  -       -       -       -       -       smtp
#       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq     unix  n       -       -       -       -       showq
error     unix  -       -       -       -       -       error
retry     unix  -       -       -       -       -       error
discard   unix  -       -       -       -       -       discard
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       -       -       -       lmtp
anvil     unix  -       -       -       -       1       anvil
scache    unix  -       -       -       -       1       scache
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# Many of the following services use the Postfix pipe(8) delivery
# agent.  See the pipe(8) man page for information about ${recipient}
# and other message envelope options.
# ====================================================================
#
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
maildrop  unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
#
# ====================================================================
#
# Recent Cyrus versions can use the existing "lmtp" master.cf entry.
#
# Specify in cyrus.conf:
#   lmtp    cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4
#
# Specify in main.cf one or more of the following:
#  mailbox_transport = lmtp:inet:localhost
#  virtual_transport = lmtp:inet:localhost
#
# ====================================================================
#
# Cyrus 2.1.5 (Amos Gouaux)
# Also specify in main.cf: cyrus_destination_recipient_limit=1
#
#cyrus     unix  -       n       n       -       -       pipe
#  user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
#
# ====================================================================
# Old example of delivery via Cyrus.
#
#old-cyrus unix  -       n       n       -       -       pipe
#  flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
#
# ====================================================================
#
# See the Postfix UUCP_README file for configuration details.
#
uucp      unix  -       n       n       -       -       pipe
  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
#
# Other external delivery methods.
#
ifmail    unix  -       n       n       -       -       pipe
  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp     unix  -       n       n       -       -       pipe
  flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix  -       n       n       -       2       pipe
  flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman   unix  -       n       n       -       -       pipe
  flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
  ${nexthop} ${user}

#submission inet n       -       n       -       -       smtpd
#  -o smtpd_tls_security_level=encrypt
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_client_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
#  -o content_filter=smtp-amavis:[127.0.0.1]:10026

# Use dovecot deliver program as LDA.
dovecot unix    -       n       n       -       -      pipe
    flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${domain} -m ${extension}

smtp-amavis unix -  -   -   -   2  smtp
    -o smtp_data_done_timeout=1200
    -o smtp_send_xforward_command=yes
    -o disable_dns_lookups=yes
    -o max_use=20

127.0.0.1:10025 inet n  -   -   -   -  smtpd
    -o content_filter=
    -o local_recipient_maps=
    -o relay_recipient_maps=
    -o smtpd_restriction_classes=
    -o smtpd_delay_reject=no
    -o smtpd_tls_security_level=none
    -o smtpd_client_restrictions=permit_mynetworks,reject
    -o smtpd_helo_restrictions=
    -o smtpd_sender_restrictions=
    -o smtpd_recipient_restrictions=permit_mynetworks,reject
    -o smtpd_end_of_data_restrictions=
    -o mynetworks_style=host
    -o mynetworks=127.0.0.0/8
    -o strict_rfc821_envelopes=yes
    -o smtpd_error_sleep_time=0
    -o smtpd_soft_error_limit=1001
    -o smtpd_hard_error_limit=1000
    -o smtpd_client_connection_count_limit=0
    -o smtpd_client_connection_rate_limit=0
    -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_address_mappings

## added
127.0.0.1:smtp inet n  -  n   -   -  smtpd
    -o content_filter=smtp-amavis:[127.0.0.1]:10024
    -o smtpd_tls_cert_file=/etc/ssl/certs/iRedMail_CA_Postfix.pem
    -o smtpd_tls_key_file=/etc/ssl/private/iRedMail.key   
    -o smtpd_tls_CAfile=/etc/ssl/certs/iRedMail_CA_Postfix.pem

127.0.0.1:submission inet n  -  n   -   -  smtpd
    -o content_filter=smtp-amavis:[127.0.0.1]:10024
    -o smtpd_tls_cert_file=/etc/ssl/certs/iRedMail_CA_Postfix.pem
    -o smtpd_tls_key_file=/etc/ssl/private/iRedMail.key
    -o smtpd_tls_CAfile=/etc/ssl/certs/iRedMail_CA_Postfix.pem

# IPv4
192.168.1.100:smtp inet n  -   n   -   -  smtpd
  -o content_filter=smtp-amavis:[127.0.0.1]:10024
  -o smtpd_tls_cert_file=/etc/ssl/certs/iRedMail_CA_Dovecot.pem
  -o smtpd_tls_key_file=/etc/ssl/private/iRedMail.key
  -o smtpd_tls_CAfile=/etc/ssl/certs/iRedMail_CA_Dovecot.pem

192.168.1.100:submission inet n  -   n   -   -  smtpd
  -o content_filter=smtp-amavis:[127.0.0.1]:10024
  -o smtpd_tls_cert_file=/etc/ssl/certs/iRedMail_CA_Dovecot.pem
  -o smtpd_tls_key_file=/etc/ssl/private/iRedMail.key
  -o smtpd_tls_CAfile=/etc/ssl/certs/iRedMail_CA_Dovecot.pem
  -o smtpd_tls_security_level=encrypt
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_client_restrictions=permit_mynetworks,permit_sasl_authenticated,reject

192.168.1.101:smtp inet n  -   n   -   -  smtpd
  -o mydomain=example.org
#  -o myhostname=example.org
  -o content_filter=smtp-amavis:[127.0.0.1]:10024
  -o smtpd_tls_cert_file=/etc/ssl/certs/example.org_dovecot.pem
  -o smtpd_tls_key_file=/etc/ssl/private/example.org.key
  -o smtpd_tls_CAfile=/etc/ssl/certs/example.org_dovecot.pem
#  -o smtp_bind_address=192.168.1.101

192.168.1.101:submission inet n  -  n   -   -  smtpd
  -o mydomain=example.org
#  -o myhostname=example.org  
  -o content_filter=smtp-amavis:[127.0.0.1]:10024
  -o smtpd_tls_cert_file=/etc/ssl/certs/example.org_dovecot.pem
  -o smtpd_tls_key_file=/etc/ssl/private/example.org.key
  -o smtpd_tls_CAfile=/etc/ssl/certs/example.org_dovecot.pem
  -o smtpd_tls_security_level=encrypt
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_client_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
  -o smtp_bind_address=192.168.1.101
#  -o smtp_helo_name=example.org


example_com  unix -  -  -  -  -  smtp
   -o smtp_bind_address=192.168.1.100
#   -o smtp_helo_name=example.com
 
example_org  unix -  -  -  -  -  smtp
   -o smtp_bind_address=192.168.1.101
#   -o smtp_helo_name=example.org

vmail.domain record

 
"domain","description","disclaimer","aliases","mailboxes","maxquota","quota","transport","backupmx","defaultlanguage","defaultuserquota","defaultuseraliases","disableddomainprofiles","disableduserprofiles","defaultpasswordscheme","minpasswordlength","maxpasswordlength","created","modified","expired","active"
"example.com","","","0","0","0","0","dovecot","0","en_US","1024","","","","","0","0","2013-09-29 15:43:55.506361","1970-01-01 00:00:00","9999-12-31 00:00:00","1"
"example.org","","","0","0","0","0","dovecot","0","en_US","1024","","","","","0","0","2013-09-29 19:58:28","1970-01-01 00:00:00","9999-12-31 00:00:00","1"

↧

Re: Postfix Multiple SSL Certificates

November 26, 2013, 8:53 pm

≫ Next: Re: is there anyway to manage spam and its settings on iredmail-mysql

≪ Previous: Re: Postfix Multiple SSL Certificates

I saw you have '192.168.1.100:smtp' in master.cf, does it work if you set transport to 'smtp:[192.168.1.100]:25'? And you should add '-o smtp_bind_address=192.168.1.100' for '192.168.1.100:smtp' first in master.cf.

↧

Re: is there anyway to manage spam and its settings on iredmail-mysql

November 26, 2013, 9:56 pm

≫ Next: Re: Log iredapd.log

≪ Previous: Re: Postfix Multiple SSL Certificates

Quarantining SPAMs into MySQL database,Whitelist support. Based on IP address, sender address, DNS name,Blacklist support. Based on IP address, sender address, DNS name, HELO.,SpamAssassin integration

↧

Re: Log iredapd.log

November 26, 2013, 11:08 pm

≫ Next: Sender address rejected: User unknown in virtual mailbox table

≪ Previous: Re: is there anyway to manage spam and its settings on iredmail-mysql

ZhangHuangbin wrote:

Log format: sender -> recipient, SMTP ACTION.
Why not dunno?

If DUNNO mean "don't know" -> iredapd don't know (dunno) SMTP ACTION with sender -> recipient!
May be it's problem for me?

↧

Sender address rejected: User unknown in virtual mailbox table

November 27, 2013, 2:09 am

≫ Next: Re: Improper command pipelining after DATA

≪ Previous: Re: Log iredapd.log

==== Required information ====
- iRedMail version: latest
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): mysql
- Linux/BSD distribution name and version: centos 6.x
- Related log if you're reporting an issue: -
====

I have a strange error using iredmail.

The facts
- I created the user
- GMail can send to this user (I receive the message, its inside the webmail)
- 2 other external SMTP servers can't send to the user.
The error they give:
<info@xxxxxxx.xxxx>: host xxxx.xxxxx.xx[164.138.31.130] said: 550
5.1.0 <xxxx@xxxxxx.xxx>: Sender address rejected: User unknown in
virtual mailbox table (in reply to RCPT TO command)

So I thought, lets search with google what to do, I found several questions about this topic.
And see that you (iRedMail webmaster) ask for this:

"Does the user exist ?"
[root@imap1a log]# cd /etc/postfix/mysql/
[root@imap1a mysql]# for cf in $(ls *.cf); do echo ${cf}; postmap -q xxx@xxxx.xx mysql:./${cf}; done
catchall_maps.cf
domain_alias_catchall_maps.cf
domain_alias_maps.cf
recipient_bcc_maps_domain.cf
recipient_bcc_maps_user.cf
relay_domains.cf
sender_bcc_maps_domain.cf
sender_bcc_maps_user.cf
sender_login_maps.cf
info@autozoeker.nl
transport_maps_domain.cf
transport_maps_user.cf
virtual_alias_maps.cf
info@autozoeker.nl
virtual_mailbox_domains.cf
virtual_mailbox_maps.cf
vmail1/xxxx.xx/i/n/f/info-2013.11.13.16.23.29//Maildir/

Yes It exists, (and I can receive messages sended from gmail).

What about the logfiles (after sending a message to my user, not using gmail):
- /var/log/maillog > no new lines added
- /var/log/iredapd.log > no new lines added

What about the logfiles (after sending a message to my user, using gmail):
- /var/log/maillog > no new lines added
Nov 27 10:50:12 imap1a postfix/smtpd[17620]: connect from unknown[209.85.215.177]
Nov 27 10:50:12 imap1a policyd: connection from: 127.0.0.1 port: 54207 slots: 0 of 2044 used
Nov 27 10:50:12 imap1a policyd: rcpt=25, module=bypass, host=209.85.215.177 (unknown), from=xxxx@xxxx.xxx, to=xxxx@xxxx.xxx, size=0
Nov 27 10:50:12 imap1a postfix/smtpd[17620]: 1EC2B21B72: client=unknown[209.85.215.177]
Nov 27 10:50:12 imap1a postfix/cleanup[17627]: 1EC2B21B72: message-id=<000c01ceeb56$0fe5db40$2fb191c0$@gmail.com>
Nov 27 10:50:12 imap1a postfix/qmgr[14346]: 1EC2B21B72: from=<xxxx@xxxx.xxx>, size=3986, nrcpt=1 (queue active)
Nov 27 10:50:12 imap1a postfix/smtpd[17620]: disconnect from unknown[209.85.215.177]
Nov 27 10:50:13 imap1a postfix/smtpd[17636]: connect from localhost[127.0.0.1]
Nov 27 10:50:13 imap1a postfix/smtpd[17636]: D2A2D21B7B: client=localhost[127.0.0.1]
Nov 27 10:50:13 imap1a postfix/cleanup[17627]: D2A2D21B7B: message-id=<000c01ceeb56$0fe5db40$2fb191c0$@gmail.com>
Nov 27 10:50:13 imap1a postfix/qmgr[14346]: D2A2D21B7B: from=<xxxx@xxxx.xxx>, size=4443, nrcpt=1 (queue active)
Nov 27 10:50:13 imap1a postfix/smtpd[17636]: disconnect from localhost[127.0.0.1]
Nov 27 10:50:13 imap1a amavis[16662]: (16662-01) Passed CLEAN {RelayedOutbound}, LOCAL [209.85.215.177]:44406 [84.245.40.74] <xxxx@xxxx.xxx> -> <xxxx@xxxx.xxx>, Message-ID: <000c01ceeb56$0fe5db40$
Nov 27 10:50:13 imap1a postfix/smtp[17632]: 1EC2B21B72: to=<xxxx@xxxx.xxx>, relay=127.0.0.1[127.0.0.1]:10024, delay=1.8, delays=0.06/0.01/0.01/1.8, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.$
Nov 27 10:50:13 imap1a postfix/qmgr[14346]: 1EC2B21B72: removed
Nov 27 10:50:13 imap1a postfix/pipe[17637]: D2A2D21B7B: to=<xxxx@xxxx.xxx>, relay=dovecot, delay=0.08, delays=0.01/0.01/0/0.06, dsn=2.0.0, status=sent (delivered via dovecot service)
Nov 27 10:50:13 imap1a postfix/qmgr[14346]: D2A2D21B7B: removed

- /var/log/iredapd.log > no new line added
2013-11-27 10:50:12 INFO [209.85.215.177] xxxxx@xxxx.com -> xxx@xxxx.xx, DUNNO

I did disabled greylisting a while ago.

postconf -n
---------------------
alias_database = hash:/etc/postfix/aliases
alias_maps = hash:/etc/postfix/aliases
allow_min_user = no
allow_percent_hack = no
biff = no
bounce_queue_lifetime = 4h
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
content_filter = smtp-amavis:[127.0.0.1]:10024
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
delay_warning_time = 0h
disable_vrfy_command = yes
enable_original_recipient = no
home_mailbox = Maildir/
html_directory = no
inet_interfaces = all
inet_protocols = ipv4
mail_owner = postfix
mailbox_command = /usr/libexec/dovecot/deliver
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
maximal_backoff_time = 4000s
maximal_queue_lifetime = 4h
message_size_limit = 15728640
minimal_backoff_time = 300s
mydestination = $myhostname, localhost, localhost.localdomain, localhost.$myhostname
mydomain = xxxx.xx
myhostname = imap1a.xxxx.xx
mynetworks = 127.0.0.0/8
mynetworks_style = host
myorigin = imap1a.xxxx.xx
newaliases_path = /usr/bin/newaliases.postfix
proxy_read_maps = $canonical_maps $lmtp_generic_maps $local_recipient_maps $mydestination $mynetworks $recipient_bcc_maps $recipient_can onical_maps $relay_domains $relay_recipient_maps $relocated_maps $sender_bcc_maps $sender_canonical_maps $smtp_generic_maps $smtpd_sende r_login_maps $transport_maps $virtual_alias_domains $virtual_alias_maps $virtual_mailbox_domains $virtual_mailbox_maps $smtpd_sender_res trictions
queue_directory = /var/spool/postfix
queue_run_delay = 300s
readme_directory = /usr/share/doc/postfix-2.6.6/README_FILES
recipient_bcc_maps = proxy:mysql:/etc/postfix/mysql/recipient_bcc_maps_user.cf, proxy:mysql:/etc/postfix/mysql/recipient_bcc_maps_domain .cf
recipient_delimiter = +
relay_domains = $mydestination, proxy:mysql:/etc/postfix/mysql/relay_domains.cf
sample_directory = /usr/share/doc/postfix-2.6.6/samples
sender_bcc_maps = proxy:mysql:/etc/postfix/mysql/sender_bcc_maps_user.cf, proxy:mysql:/etc/postfix/mysql/sender_bcc_maps_domain.cf
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtp_data_init_timeout = 240s
smtp_data_xfer_timeout = 600s
smtpd_data_restrictions = reject_unauth_pipelining
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_helo_hostname, reject_invalid_helo_hostname, che ck_helo_access pcre:/etc/postfix/helo_access.pcre
smtpd_recipient_restrictions = reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_non_fqdn_sender, reject_non_fqdn_re cipient, reject_unlisted_recipient, check_policy_service inet:127.0.0.1:7777, permit_mynetworks, permit_sasl_authenticated, reject_unaut h_destination, check_policy_service inet:127.0.0.1:10031
smtpd_reject_unlisted_recipient = yes
smtpd_reject_unlisted_sender = yes
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = no
smtpd_sasl_local_domain =
smtpd_sasl_path = ./dovecot-auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_sender_login_maps = proxy:mysql:/etc/postfix/mysql/sender_login_maps.cf
smtpd_sender_restrictions = permit_mynetworks, reject_sender_login_mismatch, permit_sasl_authenticated
smtpd_tls_CAfile = /etc/pki/tls/certs/iRedMail_CA.pem
smtpd_tls_cert_file = /etc/pki/tls/certs/iRedMail_CA.pem
smtpd_tls_key_file = /etc/pki/tls/private/iRedMail.key
smtpd_tls_loglevel = 0
smtpd_tls_security_level = may
swap_bangpath = no
tls_random_source = dev:/dev/urandom
transport_maps = proxy:mysql:/etc/postfix/mysql/transport_maps_user.cf, proxy:mysql:/etc/postfix/mysql/transport_maps_domain.cf
unknown_local_recipient_reject_code = 550
virtual_alias_domains =
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql/virtual_alias_maps.cf, proxy:mysql:/etc/postfix/mysql/domain_alias_maps.cf, proxy:my sql:/etc/postfix/mysql/catchall_maps.cf, proxy:mysql:/etc/postfix/mysql/domain_alias_catchall_maps.cf
virtual_gid_maps = static:2000
virtual_mailbox_base = /var/vmail
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql/virtual_mailbox_domains.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql/virtual_mailbox_maps.cf
virtual_minimum_uid = 2000
virtual_transport = dovecot
virtual_uid_maps = static:2000

I hope you can see the problem...

Greetings,
Martijn

↧

Re: Improper command pipelining after DATA

November 27, 2013, 3:32 am

≫ Next: Questions from new user

≪ Previous: Sender address rejected: User unknown in virtual mailbox table

Thank you, I have added the Bytemark addresses to debug_peer_list in main.cf and the following two are examples of the more verbose logs resulting:

Nov 24 10:29:19 mail2 postfix/smtpd[32718]: 05E9498061: client=nospam2.sh.bytemark.co.uk[89.16.184.149]
Nov 24 10:29:19 mail2 postfix/smtpd[32718]: improper command pipelining after DATA from nospam2.sh.bytemark.co.uk[89.16.184.149]: 
Nov 24 10:29:19 mail2 postfix/smtpd[32718]: 05E9498061: reject: DATA from nospam2.sh.bytemark.co.uk[89.16.184.149]: 503 5.5.0 <DATA>: Data command rejected: Improper use of SMTP command pipelining; from=<blackballmedialz.F.7805.2.0@blackballmedia.gtml2.com> to=<snh@tridentgarages.co.uk> proto=ESMTP helo=<nospam2.sh.bytemark.co.uk>
Nov 24 10:29:19 mail2 postfix/smtpd[32718]: lost connection after DATA from nospam2.sh.bytemark.co.uk[89.16.184.149]
Nov 24 10:29:19 mail2 postfix/smtpd[32718]: disconnect from nospam2.sh.bytemark.co.uk[89.16.184.149]
Nov 24 10:29:36 mail2 postfix/smtpd[32718]: connect from nospam2.sh.bytemark.co.uk[89.16.184.149]
Nov 24 10:29:36 mail2 postfix/smtpd[32718]: 94AEF98061: client=nospam2.sh.bytemark.co.uk[89.16.184.149]
Nov 24 10:29:37 mail2 postfix/smtpd[32718]: disconnect from nospam2.sh.bytemark.co.uk[89.16.184.149]
Nov 24 10:29:40 mail2 postfix/smtpd[32718]: connect from nospam3.sh.bytemark.co.uk[89.16.184.150]
Nov 24 10:29:40 mail2 postfix/smtpd[32718]: 37AD398286: client=nospam3.sh.bytemark.co.uk[89.16.184.150]

Nov 24 10:41:34 mail2 postfix/smtpd[516]: 5867698061: client=nospam1.sh.bytemark.co.uk[89.16.184.148]
Nov 24 10:41:34 mail2 postfix/smtpd[516]: improper command pipelining after DATA from nospam1.sh.bytemark.co.uk[89.16.184.148]: 
Nov 24 10:41:34 mail2 postfix/smtpd[516]: 5867698061: reject: DATA from nospam1.sh.bytemark.co.uk[89.16.184.148]: 503 5.5.0 <DATA>: Data command rejected: Improper use of SMTP command pipelining; from=<shredonsitelz.F.20956.36.0@shredonsite.gtml2.com> to=<webmaster@tridentgarages.co.uk> proto=ESMTP helo=<nospam1.sh.bytemark.co.uk>
Nov 24 10:41:34 mail2 postfix/smtpd[516]: lost connection after DATA from nospam1.sh.bytemark.co.uk[89.16.184.148]
Nov 24 10:41:34 mail2 postfix/smtpd[516]: disconnect from nospam1.sh.bytemark.co.uk[89.16.184.148]
Nov 24 10:42:39 mail2 postfix/smtpd[516]: connect from nospam2.sh.bytemark.co.uk[89.16.184.149]
Nov 24 10:42:39 mail2 postfix/smtpd[516]: 1772198061: client=nospam2.sh.bytemark.co.uk[89.16.184.149]
Nov 24 10:42:40 mail2 postfix/smtpd[516]: disconnect from nospam2.sh.bytemark.co.uk[89.16.184.149]
Nov 24 10:42:41 mail2 postfix/smtpd[516]: connect from 121.8.187.81.in-addr.arpa[81.187.8.121]
Nov 24 10:42:41 mail2 postfix/smtpd[516]: disconnect from 121.8.187.81.in-addr.arpa[81.187.8.121]

Bytemark are saying that they are seeing a timeout, but our mailserver is never under any significant load (it barely exceeds zero load average). This is an example of what they're seeing in the logs:

2013-11-25 05:46:50 1VjThK-0003f7-F9 == snh@tridentgarages.co.uk
R=hubbed_hosts_abmx T=remote_smtp defer (110): Connection timed out:
SMTP timeout while connected to 212.110.190.52 [212.110.190.52] after
MAIL FROM:<principalitlz.F.35437.125.0@principal.sgml1.co.uk> SIZE=21166

Once again, any suggestions gratefully received!

--
Chris

↧

Questions from new user

November 27, 2013, 4:18 am

≫ Next: Re: Questions from new user

≪ Previous: Re: Improper command pipelining after DATA

==== Required information ====
- iRedMail version: 0.8.5
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Linux/BSD distribution name and version: Debian 7.2
- Related log if you're reporting an issue:
====
Hi,

I am a new user testing the mailserver on VB. The installation was really easy. Thanks. I have been thinking about using Kolab but it seems to me that iRedMail is more mature. So I will go with iRedMail.

I installed iRedMail och a fresk Debian server and then proceeded with installation of ownCloud to test how they work together. I had to do some changes to the setup.

1. I changed AllowOverride to All in /etc/apache2/sites-enabled/000-default to enable .htaccess
2. I ran a2enmod rewrite and a2enmod headers and restarted the apache2 service.

These changes did not seem to affect the mailserver since I had no problem to login to my inbox afterwards. Is it OK to do this?

Now when I have owncloud on the server, is it possible to integrate the calendar and files into roundcube just like it is on Kolab?

And finally, when everything is set up is it just enough to point my mx records from my domain registrar to DynDns to make the mail to work?

Thanks for your help!

↧

Re: Questions from new user

November 27, 2013, 5:07 am

≫ Next: Re: Improper command pipelining after DATA

≪ Previous: Questions from new user

johan wrote:

1. I changed AllowOverride to All in /etc/apache2/sites-enabled/000-default to enable .htaccess
2. I ran a2enmod rewrite and a2enmod headers and restarted the apache2 service.
These changes did not seem to affect the mailserver since I had no problem to login to my inbox afterwards. Is it OK to do this?

It's fine.

johan wrote:

Now when I have owncloud on the server, is it possible to integrate the calendar and files into roundcube just like it is on Kolab?

If you have related plugins for Roundcube, you can do it.

johan wrote:

And finally, when everything is set up is it just enough to point my mx records from my domain registrar to DynDns to make the mail to work?

I'm not familiar with DynDNS, but if you're using a dynamic IP address (like ADSL), you'd better get a static IP address for mail server. Because most ISPs (like Gmail, Hotmail, Yahoo!, etc) blocks email sent from dynamic IP address.

↧

Re: Improper command pipelining after DATA

November 27, 2013, 5:12 am

≫ Next: Re: Log iredapd.log

≪ Previous: Re: Questions from new user

Could you please show us output of command "postconf -n" to help troubleshoot?

If it's caused by timeout, please try to increase time for below two Postfix parameters in main.cf:

smtp_data_done_timeout =    # <- Default is 600s (600 seconds), increase to, for example, 1200s.
smtp_data_xfer_timeout =    # <- Default is 180s, increase to, for example, 360s.

Restarting Postfix is recommended after changed its parameters.

References:
http://www.postfix.org/postconf.5.html# … ne_timeout
http://www.postfix.org/postconf.5.html# … er_timeout

↧

Re: Log iredapd.log

November 27, 2013, 5:15 am

≫ Next: Re: is there anyway to manage spam and its settings on iredmail-mysql

≪ Previous: Re: Improper command pipelining after DATA

If iRedAPD doesn't found explicit restriction rules (like REJECT, DISCARD), it will return DUNNO, and let further restrictions to make the decision.

This is normal action, i don't know why you think it's a problem.

↧

Re: is there anyway to manage spam and its settings on iredmail-mysql

November 27, 2013, 5:16 am

≫ Next: Re: Improper command pipelining after DATA

≪ Previous: Re: Log iredapd.log

Those features are provided by Amavisd, Policyd/Cluebringer, you can manage them with MySQL tools like phpMyAdmin, or MySQL command line tools. iRedAdmin-Pro just makes managing them easier for you.

↧