Thank you for answering,
Did it, but now there's new problem
there's no iredapd and amavis checks.
how can i make them listen to the new port as well?
Thank you
↧
Re: postscreen and Haproxy
↧
Subaddressing question
==== Required information ====
- iRedMail version (check /etc/iredmail-release): 0.9.5-1
- Linux/BSD distribution name and version: CentOS 7
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Web server (Apache or Nginx): Apache
- Manage mail accounts with iRedAdmin-Pro? Yes
- Related log if you're reporting an issue:
====
Hello,
We have a helpdesk system where it uses POP to retrieve messages from a specific mailbox (let's call it "sales" mailbox) and creates tickets, so the customer can reply back and forth via email with a ticket number associated with their question - As you know, a very standard feature used by almost all ticketing systems out there.
-> A visitor sends an email to sales@mydomain.com
-> Ticket system logs onto sales@mydomain.com mailbox, retrieves the message and creates a new ticket. If the message received has a ticket number associated with it, then the ticketing system retrieves the message and it simply appends it as a new message to the existing ticket
- The 'reply to' address on responses received by the visitor is always set to 'sales@mydomain.com'
The above works great *without* sub-addressing enabled on the ticketing system.
Now, we enable the *sub-addressing" feature within the ticketing system (we have to have this option enabled if we want to take advantage of a specific feature that they offer):
-> A visitor sends an email to sales@mydomain.com
-> Ticket system logs onto sales@mydomain.com mailbox, retrieves the message and creates a new ticket.
-> Agent replies back to visitor's ticket.
-> When visitor wants to reply back to the ticket, the 'reply to' address now has some random email address like - sales+39383731313537@mydomain.com (good, we know the subaddressing is working so far)
- > Visitor goes ahead and replies back to the ticket using the above random email address
-> No responses logged on the ticket.
To investigate further we log onto sales@mydomain.com mailbox and noticed a new folder called "39383731313537" and indeed the new message is sitting within that folder. However, the ticketing system knows nothing about that sub-folder because it only retrieves the messages from the default "Inbox" folder.
So, we are half way through with getting the sub-addressing working. we know iRedMail can support sub-address because it just received the above message without any bounce backs or anything.
However, how do I make it (if there is any way), so all emails received using sub-addressing also goes directly into the main "Inbox" folder instead of their own sub-folders?
↧
↧
Re: SpamAssassin Bayes doesn't really work
Well I don't know how it counts, but the bayes counter in the mysql database ist over 13.000
↧
Re: Email aliases / mail lists
Sure. It's really simple when you think about it.
vi /etc/postfix/aliases and add your mail list as an include:
maillist: :include:/etc/mail/maillist.txt
Run newaliases command
Enter the plain mail addresses in the format name@domain.net, one per line, no special formatting,
email to: maillist@localhost.localdomain
Works just like it you would expect.
↧
Re: Using only port 587
oicrambc wrote:
Wait... now i'm thinking... maybe a i'm making confusion... correct me if i'm wrong; the mta server needs the port 25 for comunicating with another servers, and the clients of this server that make connections throught port 587 if i want TLS..
I'm right?
Hi! I'm also from Brazil. I am facing a similar problem. When I try to send e-mails outside of my domain, I'm receiving the following error:
Apr 19 16:28:55 MYEMAILSERVER postfix/smtp[34615]: 6F8741840414: to=<name@otherdomain.com.br>, relay=none, delay=534, delays=504/0.02/30/0, dsn=4.4.1, status=deferred (connect to otherdomain.com.br[192.185.215.165]:25: Connection timed out)I've changed my e-mail server name to MYMAILSERVER and the destination e-mail to name@otherdomain.com.br for security means.
I'm not trying to relay or anything, just to send e-mails outside of my domain.
My ISP is Copel and they closed port 25, following the recommendation made by CGI.br (Comitê Gestor da Internet) through CGI.br/RES/2009/001/P
Reference: http://blog.ccna.com.br/2013/01/05/bloq … no-brasil/
Now, how can I change the outbound port from 25 to 587, for example?
Thank you. 
↧
↧
iRedmail on a Raspeerry pi 3?
==== Required information ====
- iRedMail version (check /etc/iredmail-release):
- Linux/BSD distribution name and version: Debian
- Store mail accounts in which backend (LDAP/MySQL/PGSQL):
- Web server (Apache or Nginx): Apache
- Manage mail accounts with iRedAdmin-Pro?
- Related log if you're reporting an issue:
====
Hi there,
I'm wondering can Iredmail run on a Raspberry Pi 3 with 1GB of ram that is also quad core? if I have a small website running along side? Will it be able to run without hogging all the ram?
Anyone here have experience with running iRedmail on a limited configuration like this?
↧
Re: SMTP error
ZhangHuangbin wrote:
quyhoang wrote:SMTPRecipientsRefused: {'quy.hoang@xxx': (554, '5.7.1 <quy.hoang@xxx>: Recipient address rejected: Sender is not same as SMTP authenticate username')}
The SMTP SASL username is not same as the address in "From:" (mail header). Please fix it.
Or, if you allow this SMTP SASL AUTH username to send email as different senders, please add this setting in /opt/iredapd/settings.py, then restart iRedAPD service:ALLOWED_LOGIN_MISMATCH_SENDERS = ['your_sasl_auth_username']
Can you have something like:
ALLOWED_LOGIN_MISMATCH_SENDERS = ['*']
To turn this off?
Thanks.
↧
Re: SMTP error
ZhangHuangbin wrote:
quyhoang wrote:SMTPRecipientsRefused: {'quy.hoang@xxx': (554, '5.7.1 <quy.hoang@xxx>: Recipient address rejected: Sender is not same as SMTP authenticate username')}
The SMTP SASL username is not same as the address in "From:" (mail header). Please fix it.
Or, if you allow this SMTP SASL AUTH username to send email as different senders, please add this setting in /opt/iredapd/settings.py, then restart iRedAPD service:ALLOWED_LOGIN_MISMATCH_SENDERS = ['your_sasl_auth_username']
I added to /usr/local/www/iRedAdmin-0.7/settings.py
ALLOWED_LOGIN_MISMATCH_SENDERS = ['domain1.com', 'domain2.com', 'domain3.com', 'domain4.com']
then ran:
service iredapd restart
But same error though. Does iredapd have a log?
Thanks.
↧
Re: SpamAssassin Bayes doesn't really work
ZhangHuangbin wrote:
I suggest waiting for some more days until SpamAssassin was trained with enough different emails.
Hi, I use bayes on mysql, I see too a lot of counts on DB, its has a lot of registry, but in logs I see this (for example):
<enolic@kienfore.com> -> <domain@domain.com>, Queue-ID: 34FCB2EA1B5D, Message-ID: <Qa5B_2GUZKWEViJF9pbQRRfxjueanX
oibSX051wb90w.WOYFLjdt1rNJXxZKVsPq0YhtKC7K0bOTasw-NEy7dsg@kienfore.com>, mail_id: 236V8GpTjc1m, Hits: 0.951, size: 46468, queued_as: 8001A2EA1B62, Subject: "Boost Sexual Health and Performance", From: "VigorThrive"_<enolic@kienfore.com>,
helo=kienfore.com, Tests: [ALL_TRUSTED=-1,HTML_FONT_LOW_CONTRAST=0.001,HTML_MESSAGE=0.001,URIBL_ABUSE_SURBL=1.948,URIBL_BLOCKED=0.001], autolearn=no autolearn_force=no, autolearnscore=1.95, 651 ms
Apr 20 05:53:23 mail postfix/smtp[25802]: 34FCB2EA1B5D: to=<domain@domain.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=2.6, delays=1.9/0/0/0.74, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as
8001A2EA1B62)Here more info:
$ sa-learn --dump magic
0.000 0 3 0 non-token data: bayes db version
0.000 0 0 0 non-token data: nspam
0.000 0 554 0 non-token data: nham
0.000 0 53882 0 non-token data: ntokens
0.000 0 1491912844 0 non-token data: oldest atime
0.000 0 1492665084 0 non-token data: newest atime
0.000 0 0 0 non-token data: last journal sync atime
0.000 0 1492644242 0 non-token data: last expiry atime
0.000 0 0 0 non-token data: last expire atime delta
0.000 0 0 0 non-token data: last expire reduction countmysql> SELECT COUNT(*) FROM bayes_token;
+----------+
| COUNT(*) |
+----------+
| 53947 |
+----------+Clearly its spam but this email isn't marked as SPAM. I enabled bayes on DB 3 days ago and I talked with my partners to mark email as SPAM. Should I wait a bit more? I am worried by that "autolearn=no".
Should I enable anything more?
Thanks.
↧
↧
Re: postscreen and Haproxy
ZhangHuangbin wrote:
Why do you need iRedAPD/Amavisd listening on "non-standard" ports? Are you running HAProxy + iRedAPD + Amavisd on same server?
Im running Haproxy in 1 server and all the iredmail system in another server
i need that cause if some client send messages from web mail(sogo) i want to make sure that he wont send spam/virus
and wont pass his messages limit.
what can i do?
↧
Personal LDAP address book
Hi,
I would like to use personal LDAP address book instead of global address book and which has been automatically configured after installation. For personal addresses is configured sql address book, I would like to switch it to LDAP which will be personal for each user. Also I don't want to visible addresses from my domain to other users when I try to compose new mail (disable global address book). I want to use that each user will have own address book based on LDAP. How to do it? On we are only configurations for global settings, that users on one domain can see others on domain.
==== Required information ====
- iRedMail version (check /etc/iredmail-release): 0.9.5-1
- Linux/BSD distribution name and version: Debian 8.5
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): LDAP
- Web server (Apache or Nginx): Apache
- Manage mail accounts with iRedAdmin-Pro? No
- Related log if you're reporting an issue:
====
↧
Port 25 issue
==== Required information ====
- iRedMail version (check /etc/iredmail-release): 0.9.6 OPENLDAP edition
- Linux/BSD distribution name and version: Ubuntu 14.04 TLS
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): LDAP (MS Active Directory)
- Web server (Apache or Nginx): Apache
- Manage mail accounts with iRedAdmin-Pro? No
- Related log if you're reporting an issue: As follows
====
PS.: Sorry, I filled the Required information, but somehow it has been erased.
I was interacting with this post, but it's got closed without a solution: http://www.iredmail.org/forum/topic3056 … t-587.html
/var/log/mail.log excerpt:
Apr 20 09:26:08 MYEMAILSERVER postfix/smtp[29357]: connect to mx2.hotmail.com[65.54.188.94]:25: Connection timed out
Apr 20 09:26:08 MYEMAILSERVER postfix/smtp[29356]: connect to zpeed.com.br[192.185.215.165]:25: Connection timed out
Apr 20 09:26:08 MYEMAILSERVER postfix/smtp[29355]: connect to zpeed.com.br[192.185.215.165]:25: Connection timed out
Apr 20 09:26:08 MYEMAILSERVER postfix/smtp[29359]: connect to zpeed.com.br[192.185.215.165]:25: Connection timed out
Apr 20 09:26:08 MYEMAILSERVER postfix/smtp[29356]: AADCA18407DA: to=<USER@zpeed.com.br>, relay=none, delay=45019, delays=44989/0.07/30/0, dsn=4.4.1, status=deferred (connect to zpeed.com.br[192.185.215.165]:25: Connection timed out)
Apr 20 09:26:08 MYEMAILSERVER postfix/smtp[29359]: 806CE1840414: to=<USER2@zpeed.com.br>, relay=none, delay=45020, delays=44989/0.16/30/0, dsn=4.4.1, status=deferred (connect to zpeed.com.br[192.185.215.165]:25: Connection timed out)
Apr 20 09:26:08 MYEMAILSERVER postfix/smtp[29355]: A28F218405ED: to=<USER@zpeed.com.br>, relay=none, delay=45019, delays=44989/0.04/30/0, dsn=4.4.1, status=deferred (connect to zpeed.com.br[192.185.215.165]:25: Connection timed out)
Apr 20 09:26:08 MYEMAILSERVER postfix/smtp[29358]: connect to gmail-smtp-in.l.google.com[64.233.190.27]:25: Connection timed outI can ping all external domains, but when running "traceroute -n -T -p 25 hotmail.com", for example, it returns this:
traceroute to hotmail.com (157.56.198.220), 30 hops max, 60 byte packets
1 MY-ROUTER-IP 0.483 ms 0.451 ms 0.424 ms
2 * * *
3 * * *
4 * * *
5 * * *
6 * * *
7 * * *
8 * * *
9 * * *
10 * * *
11 * * *
12 * * *
13 * * *
14 * * *
15 * * *
16 * * *
17 * * *
18 * * *
19 * * *
20 * * *
21 * * *
22 * * *
23 * * *
24 * * *
25 * * *
26 * * *
27 * * *
28 * * *
29 * * *
30 * * *My router has no firewall or any other kind of rule that blocks out traffic.
Iptables rules are these:
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp dpt:smtp
fail2ban-sogo tcp -- anywhere anywhere multiport dports http,https,smtp,submission,pop3,pop3s,imap2,imaps,sieve
fail2ban-postfix tcp -- anywhere anywhere multiport dports http,https,smtp,submission,pop3,pop3s,imap2,imaps,sieve
fail2ban-postfix tcp -- anywhere anywhere multiport dports http,https,smtp,submission,pop3,pop3s,imap2,imaps,sieve
fail2ban-dovecot tcp -- anywhere anywhere multiport dports http,https,smtp,submission,pop3,pop3s,imap2,imaps,sieve
fail2ban-roundcube tcp -- anywhere anywhere multiport dports http,https,smtp,submission,pop3,pop3s,imap2,imaps,sieve
fail2ban-sshd-ddos tcp -- anywhere anywhere multiport dports ssh
fail2ban-sshd tcp -- anywhere anywhere multiport dports ssh
ACCEPT tcp -- anywhere anywhere tcp dpt:webmin
fail2ban-sogo tcp -- anywhere anywhere multiport dports http,https,smtp,submission,pop3,pop3s,imap2,imaps,sieve
fail2ban-postfix tcp -- anywhere anywhere multiport dports http,https,smtp,submission,pop3,pop3s,imap2,imaps,sieve
fail2ban-postfix tcp -- anywhere anywhere multiport dports http,https,smtp,submission,pop3,pop3s,imap2,imaps,sieve
fail2ban-dovecot tcp -- anywhere anywhere multiport dports http,https,smtp,submission,pop3,pop3s,imap2,imaps,sieve
fail2ban-roundcube tcp -- anywhere anywhere multiport dports http,https,smtp,submission,pop3,pop3s,imap2,imaps,sieve
fail2ban-sshd-ddos tcp -- anywhere anywhere multiport dports ssh
fail2ban-sshd tcp -- anywhere anywhere multiport dports ssh
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT all -- anywhere anywhere
ACCEPT icmp -- anywhere anywhere icmp echo-request
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
ACCEPT tcp -- anywhere anywhere tcp dpt:http
ACCEPT tcp -- anywhere anywhere tcp dpt:https
ACCEPT tcp -- anywhere anywhere tcp dpt:smtp
ACCEPT tcp -- anywhere anywhere tcp dpt:submission
ACCEPT tcp -- anywhere anywhere tcp dpt:pop3
ACCEPT tcp -- anywhere anywhere tcp dpt:pop3s
ACCEPT tcp -- anywhere anywhere tcp dpt:imap2
ACCEPT tcp -- anywhere anywhere tcp dpt:imaps
Chain FORWARD (policy DROP)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain fail2ban-dovecot (2 references)
ACCEPT icmp -- anywhere anywhere icmp echo-request
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
ACCEPT tcp -- anywhere anywhere tcp dpt:http
ACCEPT tcp -- anywhere anywhere tcp dpt:https
ACCEPT tcp -- anywhere anywhere tcp dpt:smtp
ACCEPT tcp -- anywhere anywhere tcp dpt:submission
ACCEPT tcp -- anywhere anywhere tcp dpt:pop3
ACCEPT tcp -- anywhere anywhere tcp dpt:pop3s
ACCEPT tcp -- anywhere anywhere tcp dpt:imap2
ACCEPT tcp -- anywhere anywhere tcp dpt:imaps
Chain FORWARD (policy DROP)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain fail2ban-dovecot (2 references)
target prot opt source destination
RETURN all -- anywhere anywhere
RETURN all -- anywhere anywhere
Chain fail2ban-postfix (4 references)
target prot opt source destination
RETURN all -- anywhere anywhere
RETURN all -- anywhere anywhere
RETURN all -- anywhere anywhere
RETURN all -- anywhere anywhere
Chain fail2ban-roundcube (2 references)
target prot opt source destination
RETURN all -- anywhere anywhere
RETURN all -- anywhere anywhere
Chain fail2ban-sogo (2 references)
target prot opt source destination
RETURN all -- anywhere anywhere
RETURN all -- anywhere anywhere
Chain fail2ban-sshd (2 references)
target prot opt source destination
REJECT all -- 45.247.212.142 anywhere reject-with icmp-port-unreachable
REJECT all -- 89.248.169.135 anywhere reject-with icmp-port-unreachable
REJECT all -- 61.177.172.40 anywhere reject-with icmp-port-unreachable
REJECT all -- 59.45.175.62 anywhere reject-with icmp-port-unreachable
RETURN all -- anywhere anywhere
RETURN all -- anywhere anywhere
Chain fail2ban-sshd-ddos (2 references)
target prot opt source destination
RETURN all -- anywhere anywhere
RETURN all -- anywhere anywhereSo, what would be the solution? Why I can't send e-mails to the outside world? Any suggestion would be very much appreciated, I am trying to put the mail server in production.
Thank you.
↧
Re: Track failed username and password for postfix smtp and dovecot
Thanks for the suggestion.
I followed the doc to add debugging to dovecot.
Although it did start adding a large amount of debug code to my log file, it did not provide the passwords. As a test I used my own account in thunderbird to send a message to an external account. My password was not in the debug code.
As a long term feature/solution we need a better method than debug code in log files. Obviously I don't know how to do it, but I am willing to help. It seems to me that if we could hook in to the calls to the database that verify the username/password combo we could then do lots of things. For instance we could make our own table of failed login attempts.
↧
↧
Re: Track failed username and password for postfix smtp and dovecot
no idea. i suggest posting your question to dovecot mailing list.
↧
Re: iRedmail on a Raspeerry pi 3?
we didn't test Raspberry Pi 3, so you are on your own. but with the latest iRedMail-0.9.6, it should work fine with 1GB ram since it detects ram size and automatically set concurrently processed mail in both amavisd and postfix (to 1). but no guarantee that clamav won't stop suddenly due to no enough ram.
↧
Re: SMTP error
DaveQB wrote:
Does iredapd have a log?
http://www.iredmail.org/docs/file.locat … ml#iredapd
http://www.iredmail.org/docs/debug.iredapd.html
↧
Re: SpamAssassin Bayes doesn't really work
Please enable debug mode in Amavisd to debug SpamAssassin. FYI:
http://www.iredmail.org/docs/debug.amavisd.html
↧
↧
Re: postscreen and Haproxy
check their config files, they have parameters to set port numbers.
↧
Re: Port 25 issue
seems your isp blocks port 25. contact them to get a confirm.
↧
Re: Port 25 issue
ZhangHuangbin wrote:
seems your isp blocks port 25. contact them to get a confirm.
Yeap, confirmed, port 25 was the only port that was blocked by them (Copel, an ISP from Brazil). I had to send an e-mail asking them to open it, it will take about 5 days.
Thank you.
↧