Postfix configuration - how to change user.user@hostname.fqdn.com to user@domain.com

61 posts / 0 new
Last post
Wed, 10/16/2019 - 12:44 (Reply to #51)
Jfro

[NOTE: I'm not saying the OP made multiple changes - but I've seen folk do it.] ;)

Please don't look over my shoulder next time ;)

YUP i do / did , but with backup and testing afterwards hmm should be ok, only for debuging a error / failure not the best way as you say hard to find the buggy parts then. ( though much is connected to settings elsewhere , so you have todo more then one change sometimes)

Look at the rules for the parts network / myinetinterfaces , receipients, adn so some more.

A example don't know this is a good one: ?

# Recipient restrictions:
smtpd_recipient_restrictions =
permit_mynetworks,
    permit_inet_interfaces,
permit_sasl_authenticated,
reject_unknown_recipient_domain,
    reject_unauth_destination,
    reject_unauth_pipelining,
    reject_non_fqdn_recipient

You have then if mynetworks for that part to set the right stuff.

Some problems with network and also php-fpm are after update virtualmin . See issues

Wed, 10/16/2019 - 14:11 (Reply to #52)
Dibs

This is a good read for someone wanting to know what are good restrictions and what are bad.

http://www.postfix.org/SMTPD_ACCESS_README.html

And how to use the other ones too.

Wed, 10/16/2019 - 16:06 (Reply to #53)
Jfro

Thanks if reply was for me mine ? was to let readers know that these settings from me are not for everybody the same .... ;)

But to take a look at those to and your link explains more to the readers here.

Wed, 10/16/2019 - 16:41
adamjedgar

I still cannot understand why Virtualmin would not add the new email user i created properly? (hence all of the changes)

For example, I have just logged into the primary domain virtual server (ie the domain for the host itself) and created a new user email account (email only). Virtualmin creates the user, however, look at what happens when i log into Usermin....

https://drive.google.com/file/d/1mdjnZRSai47KdEX2_aBmOOF29QeN232F/view?u...

and this

https://drive.google.com/file/d/15ZGfC3s1mcd2m5bmVXmKE5ZubjqRr9cb/view?u...

logs below

Use of uninitialized value $mailbox::in{"start"} in int at /usr/share/usermin/mailbox/index.cgi line 106.
Use of uninitialized value in addition (+) at /usr/share/usermin/mailbox/index.cgi line 107.
Use of uninitialized value in numeric eq (==) at /usr/share/usermin/mailbox/index.cgi line 29.
Use of uninitialized value $mailbox::in{"jump"} in pattern match (m//) at /usr/share/usermin/mailbox/index.cgi line 77.
Use of uninitialized value $mailbox::in{"start"} in int at /usr/share/usermin/mailbox/index.cgi line 85.
Use of uninitialized value $mailbox::in{"folder"} in concatenation (.) or string at /usr/share/usermin/mailbox/index.cgi line 378.
Use of uninitialized value $mailbox::in{"start"} in int at /usr/share/usermin/mailbox/index.cgi line 85.
Use of uninitialized value in addition (+) at /usr/share/usermin/mailbox/index.cgi line 382.
Use of uninitialized value in addition (+) at /usr/share/usermin/mailbox/index.cgi line 385.
Use of uninitialized value in subtraction (-) at /usr/share/usermin/mailbox/index.cgi line 387.
Use of uninitialized value in subtraction (-) at /usr/share/usermin/mailbox/index.cgi line 388.
Use of uninitialized value $mailbox::in{"start"} in int at /usr/share/usermin/mailbox/index.cgi line 106.
Use of uninitialized value in addition (+) at /usr/share/usermin/mailbox/index.cgi line 107.
Use of uninitialized value in numeric eq (==) at /usr/share/usermin/mailbox/index.cgi line 29.
Use of uninitialized value $mailbox::in{"jump"} in pattern match (m//) at /usr/share/usermin/mailbox/index.cgi line 77.
Use of uninitialized value $mailbox::in{"start"} in int at /usr/share/usermin/mailbox/index.cgi line 85.
Use of uninitialized value $mailbox::in{"start"} in int at /usr/share/usermin/mailbox/index.cgi line 85.
[17/Oct/2019:08:13:25 +1100] [120.146.145.157] /404.cgi : File not found
Use of uninitialized value in numeric ge (>=) at /usr/share/usermin/mailbox/index.cgi line 86.
Use of uninitialized value in numeric ge (>=) at /usr/share/usermin/mailbox/index.cgi line 86.

Now Usermin is not working for users on the postfix server. I have checked this for 2 domains, neither of them are working properly even though they are receiving and sending emails (i have checked the email in webmin for new user adamjedgar@domain.com...the email sent to it contains my test email sent from hotmail)

Also, why is the url when accessed from virtualmin link, the host.fqdn.com:20000 instead of domain.com:20000?

in the first image and user mailbox, the url is also missing the link "/mailbox/index.cgi?id=INBOX&xnavigation=1"

AJECreative is the home of $5 webhosting, $15/month VPS servers (1cpu,1gb RAM, 25GB storage)
Centos7, Debian9, or Ubuntu18LTS
Available Control Panels = Centos-Webpanel, Cyberpanel, or Virtualmin

https://ajecreative.com.au

Wed, 10/16/2019 - 23:42 (Reply to #55)
Dibs

@adamjedgar - Glad your emails are working correctly, as in send\receive now. The "new" issues:

usermin - try the suggestions in the following post - https://www.virtualmin.com/node/54601

hostname - alter your DNS A record & remove the Host part from it, leaving it at just the domain. It shouldn't be there. Instead add an additional CNAME for it, much like for www, ftp, mail, etc.

HIH

Dibs

Wed, 10/16/2019 - 16:42
Dibs

@Jfro - no worries. Reply wasn't really for you - for everyone. LOL

Wed, 10/16/2019 - 18:30 (Reply to #57)
Jfro

Ok thanks have non worries about your posts, nice and so.. ;)

Worries i have for such ADMINS as here http://regi.plusonline.nl/ you see the version. :(

They even don't want to come to the phone or reply by mail about that SSL v3 and much more dangerous stuff with that old box. Sorry is offtopic.

But also for forumusers important if someone takes the time to warn you as serveradmin for some insecure things please take note for that , and if important have it asap on your todo list. ;) AND don't be BRUTE or unpolite please.

Thu, 10/17/2019 - 06:38
alberttf
I think somewhere along the line that got changed from inet_protocols =
did i post my postfix conf file?

Some lignes seems to be missing :
myhostname = hostname.domaine.com

smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
myhostname = hostname.domaine.com
alias_maps = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases


and more lignes are missing...
Try to get the original file (main.cf) of postfix to be sure...

The solution can be here to separate each domain name and get the right smtp banner when you are sending emails and not the "hostname" of your server which will give a bad deliverability.

http://www.postfix.org/postconf.5.html#inet_interfaces
http://www.postfix.org/postconf.5.html#myhostname

Good luck !!!

Thu, 10/17/2019 - 10:26
Dibs

For anyone interested - the core issue got resolved today after a few hours with the OP.

Crux of the issues was

  1. DNS entries need correcting. 1 A record to the root domain and multiple CNAMe's for the sub-domains, i.e. mail, www, ftp, etc. and 1 MX record.

  2. Incorrect hostnames or not all of them in the hostnames for the LE SSL certs. Once corrected and new certs requested from LE, they needed copying to Postfix, webmin & usermin to overwrite the previous ones which referenced a host (subdomin) no longer in use.

  3. The change suggested in post 5 from https://www.virtualmin.com/node/52271 - changing default_mail_env to mail_location.

  4. Deleting & recreating a user.

Everything started working after that.

I personally think everything was installed (Virtualmin & everything else inclusing SSL certs) when the host/subdomain perhaps had a different name and then the subdomain was dropped.

All the changes done thru the UI's.

Sun, 10/20/2019 - 05:31
adamjedgar

thanks for all your help Dibbs, it was a bit of a marathon session on Mikogo to get through it all and i really appreciate your help.

Definately, i wont be following the Virtualmin "suggested dns records" again...that is a complete fail for sure. I am not sure how it is I got into not using cname records for this, but that will save me a lot of time in the future should the server public ipaddress ever need changing. I hadnt thought about the amount of work Virtualmin were potentially throwing in my arms by telling me to use A records for everything in dns (i should have realised this to be honest)

We should also not forget the stubborn directory issue in SSL. Virtualmin stubbornly refused to use any other directory than one that belonged to a virtual server that had been deleted long ago. Even though we were copying webmin cert from postfix, it wasnt changing this directory input...hence external email ssl were failing.

Just one slight input on the above,... this server has never had any other hostname other than what it is currently. The subdomain "billing.domain.com" has only been used as a virtual subserver for Blesta Billing. I had so much trouble with Blesta that i changed to whmcs and then removed the Blesta billing virtual sub server from Virtualmin (but that was more than a year ago). The trouble i had with Blesta was it would not reliably automate provisioning services in Virtualmin through the API...well actually it would provision, but not receive the API reply from Virtualmin to update its own database to say the service had been successfully provisioned. I spent quite some time with Blesta developers accessing my system directly however the problem remained. They complained that the trouble was Blesta cannot be hosted on the same system where it is making API calls to provision. Apparently, connection between Blesta and Virtualmin keeps getting lost because of the way Virtualmin refreshes its GUI interface when its making changes via the UI (I dont really understand this part but suffice to say connection between the two is lost after the API call is made), and so Bleasta doesnt actually ever realise Virtualmin has updated and provisioned if it is installed on the same system.

WHMCS on the other hand, just works.

Certainly for the most part, the 3 big issues were inet_protocols, and copying Virtualmin SSL certs to Postfix, and the outbound mail setting.

There was also a 4th issue, Webmin>Servers>Postfix Mail Server> General Options> Separator Usernames/address extensions = + (mine was blank here)

An interesting thing right at the end of our session that i was surprised at, is the immediate Letsencrypt error that was created as soon as we tried to setup a webmail.domain.com in dns and apply SSL cert to that. It immediately threw the port error because of Usermin standard port being 20000. I would like to know how more about what is going on with that? Can we not have both "webmail" and "mail" in dns at the same time?

UPDATE... we made a mistake in DNS Dibbs...

after some further research, i have realised its not good to have a canonical name dns record for the host when it also acts as a mail server...(which in my case it does). Therefore, 2 "A records" are required as a minimum for my setup (not 1). Also, its actually not permitted to have a "mail" server point at a canonical name

below is bad

domain.com - A record - 123.45.678.9
server1.domain.com - CNAME - domain.com
domain.com - mx record - server1.domain.com


this will return an mxlookup "Canonical Name domain.com"(which is wrong)

Below is good

domain.com - A record - 123.45.678.9
server1.domain.com - A record - 123.45.678.9  (where server1.domain.com is also acting as a mail server)
domain.com - mx record - server1.domain.com


dns for domain returns "IP Address - 123.45.678.9"

AND, also mxlookup returns "IP ADDRESS - 123.45.678.9" (which is correct)

AJECreative is the home of $5 webhosting, $15/month VPS servers (1cpu,1gb RAM, 25GB storage)
Centos7, Debian9, or Ubuntu18LTS
Available Control Panels = Centos-Webpanel, Cyberpanel, or Virtualmin

https://ajecreative.com.au

Pages

Topic locked