How to set up mail server on a remote Virtualmin server for a Virtualmin domain?

21 posts / 0 new
Last post
#1 Fri, 11/21/2014 - 13:31

How to set up mail server on a remote Virtualmin server for a Virtualmin domain?

I have on a VPS and on another VPS and both have Virtualmin installed. has website but no email enabled. has email but no website enabled.

I created an A record for and set it as the MX for

What else do I need to do so that can send and receive mail as ?????


Fri, 11/21/2014 - 15:08


What I would do, probably, is create on the second VPS as well (forget about on there, unless you host a site for the mail virtual server) and just disable everything you can except for mail. Since in your DNS you have the MX records and A records pointing at it, any mail that is attempted to be delivered will be sent to the second VPS.

In my mind, this should work. I cannot test it to be 100% sure at this time. Let me know how it works out for you.


Fri, 11/21/2014 - 15:36

Thank you for the reply. I had already tried that but the mail server bounced the mail saying it refused relaying, so I added to the Postfix Restrict mail relaying in Webmin ( I set = $mydestination

At this point if I try to send an email to, the mail bounces from with the different message: "mail for loops back to myself".

So while this looks like somewhat of a progress, I still need to convince that mail to needs to be delivered locally to the mailbox.

Also, I need to have all mail from be delivered anywhere as mail from .

After achieving that, I can have a beer. And you can too.

Fri, 11/21/2014 - 15:58


Well it was worth a shot :)

How did you try to send the test messages? From an external server or from the server? I am confused about the "refused relay" message as I don't believe mail should be getting relayed at all. It is simply being delivered at a different server. If you wouldn't mind, I would like to write out my idea a little bit more and ask if you can confirm it matches one of your tests?

  • Server 1
    • Virtual server "" with DNS enabled and Mail disabled ( Delete all created DNS records, except for name server ones, and create the ones below )
      • A record for > SERVER1_IP
      • A record for > SERVER2_IP
      • MX record for >
  • Server 2
    • Virtual server "" with Mail enabled

Let DNS propagate for an hour or so, so grab a coffee... or three... and some chips... great now I'm hungry! :)

Using third party email, such as Gmail, send a message to "". Login to usermin on "Server 2" as "" and you should receive the message. Feel free to reply to it, you should receive the reply. Also create a new message and send it to a third party, such as that gmail address, and you should receive it on Gmail.

This should work because it is how I understand that I am using Office365 for my email and how things worked when I ran my own Exchange server.

Please confirm and/or try to replicate this configuration if you can and let me know how things turn out. Make sure to undo any configuration changes you tried, like the restrict mail relay option, before attempting this configuration again.


Fri, 11/21/2014 - 16:48 (Reply to #4)

Thank you, but that was my first attempt, and when I do that, I get: "Relay access denied" .

That's why I went and add to the Restrict mail relaying field. Then the error changes to the "loop to myself".

So it looks like I should not have relayed because then sends it back to the origin in a loop, but then at the same time I need to inform that it needs to accept email from

Just setting the MX record does not seem to be enough.

Fri, 11/21/2014 - 16:57


That is interesting. I have no idea why it is attempting to relay it. I'm going to try to research this a bit more and get back to you. Maybe somebody else who is more knowledgeable than me will answer you before then and has the right solution :)


EDIT: Could you post the relevant entries from the postfix log (/var/log/maillog) from both servers? Still trying to understand the relay error.

Fri, 11/21/2014 - 18:45

Sure maillog entry:

<>: Relay access denied; from=<> to=<> proto=ESMTP helo=<> maillog entry: no entry (the email was sent from a 3rd party account), but the bouced email had:

The error that the other server returned was:
554 5.7.1 <>: Relay access denied
Fri, 11/21/2014 - 19:16

OK then if I add to the Webmin > Postfix general options > What domains to receive mail for (= $mydestination) , the email still bounces but this time with the error:

The error that the other server returned was:
550 5.1.1 <>: Recipient address rejected: User unknown in local recipient table

I think I see this type of error when someone enters a random name for the correct domain.

So I guess there must be a way to map to ?

Fri, 11/21/2014 - 22:45


I don't think you should have to map to, the second server should just know it. On your second server you have the virtual server ""? As I understand what you have been saying, your second server has the virtual server ""? Please correct me if I am mistaken. Also it is my understanding that you don't need to add "" to the postfix "domain to receive mail for" as it is set correctly as needed by virtualmin, although that field never appears to change values when you add or remove virtual servers. At least that is what I am told.


Sat, 11/22/2014 - 04:42

Hi Dustin,

the two servers are totally separated, so is the web server at IP1 and is the mail server at IP2. All they have in common is the Registered domain and the MX record pointing to

But the MX record is only there to indicate to 3rd parties which MX is supposed to handle mail to/from, so the above information is not enough for because the mail server should already know what to do without having to look up the DSN records.

So by adding to $mydestination I have reached the point where knows that is its destination.

But what it still does not know is how to interpret the usernames. So there must be some way to rewrite or map them to existing usernames on

I guess this is a quite common user case so I am surprised I cannot find some detailed explanations on how to set up this common scheme.

All mail accounts, mailboxes and SMTP / IMAP servers on and the web server on it's a normal setup so why it's so hard to find a down to earth tutorial?

I hope we can find the way (or maybe there is more than one way) and perhaps contribute to the Webmin / Virtualmin documentation.

PS: I guess this is relevant documentation:

Sat, 11/22/2014 - 07:17


Is your second servers hostname "mail.domain.con" by chance? If so, I have been told that causes issues. Change it to for example if you can. Also, the virtual server on said server should be, it doesn't and shouldn't be configured for otherwise it will be accepting mail for


Sat, 11/22/2014 - 08:45

Hey Justin thank you so much for your help.

However, the two servers have different IPs so I need to set an A record for the mail server as well. I called it but the prefix can be anything else. And I guess the MX records does not accepts IPs but only names.

The internal hostname can be anything as well and it does not have to be the same as the A record I guess.

I am afraid I have to read the Postfix documentation even though what I was hoping for was just a simple example since this scenario is very common.

For example, having user homes and mail under the same user as the website is a security risk. I saw recently a number of compromised sites because of the recent Drupal exploit and so I rather keep users and mail separated from the public folder. Also, some businesses keep many GB of mail so they may need the larger storage space while for a web server performance is more important etc.

Thanks again.

Sat, 11/22/2014 - 08:54

In fact, by the same token even on the same shared IP one should be easily able to create two Virtualmin virtual servers under separate acconts, and use one for mail and the other for web.

Everything else stays the same as far as my initial question except that the IP is shared in this case. So in this case the A record for will show the same IP as, but then internally Virtualmin will treat them as two separate virtual servers under separate user accounts and permissions. This is more secure than having everything under the same user account.

Sat, 11/22/2014 - 09:40


Actually the internal hostname does matter. I don't know the specifics of why it matters but apparently it does. The A records and MX records are fine, but the hostname should not be on the server itself. Perhaps someone who knows more about this can provide the specific reason.

I don't have time to read your entire reply at the moment but I will come back later and read and reply to what you said.

If you wish, I can perhaps Skype with you and we can try to work on your issue in more detail? If so, my skype username is the same as my forum username on here.


Sun, 11/23/2014 - 08:18

Ok I started figuring out something.

After adding to $mydestination in ( Webmin > Servers > Postfix Mail Server > General Options > What domains to receive mail for ), then Postfix will accept mail sent to

However, it will then look for an actually existing user. So, it will deliver only to usernames that actually exist as linux accounts (this is the way Virtualmin works as opposite to using virtual email addresses in the database).

So for example is in reality named after the account owner (= mail.domain) so the real username will be user1.mail.domain.

Therefore if I send a message to, the message gets successfully delivered to the inbox of (after I add to $mydestination).

But, if I send a message to, then it bounces with :

Recipient address rejected: User unknown in local recipient table

The reason it bounces is of course that there is no such user named "user1" on the linux box.

So what needs to be done next is to create an alias that maps to user1.mail.domain.

Not only that, but also the mail aliases need to be mapped to aliases (such as the hostmaster@, webmaster@ etc default email aliases).

Finally, the outgoing mail needs to be somehow rewritten so that instead of being from , it appears as from

If someone can help me here I'd appreciate it. If not, I'll have to keep RTFMs.

Sun, 11/23/2014 - 08:33

PS and another thing to keep in mind:

when an email account user authenticates, it has to use a username such as user1.mail.domain.

But then in this setup, the default naming convention is not appropriate.

If on the other hand, I had named the account owner as "domain" instead of "mail.domain", then this would be better for the normal email account users because then they would authenticate as "user1.domain" rather than "user1.mail.domain".

So in other words, in this setup the administration user should be named after the domain name (less the extension), and not after the subdomain name.

Of course if the mail virtual host is on the same machine as the www virtual host, then it is the www virtual host account owner than needs to be named differently to avoid a conflict, eg "www.domain".

So in this case the owner will be "domain" and the owner will be "www.domain".

(So I am almost there except for the aliases and for the outgoing mail domain rewrite issue).

Sun, 11/23/2014 - 10:12


Yes you are correct, which is why you should create the virtual server in Virtualmin on your second server ( to be "" as well. Then just create users as normal and everything should work out fine. You shouldn't need to mess with the postfix settings or aliases.

I was able to get a hold of two servers and I tested the configuration I have been referencing and it worked as I had expected it should.


Mon, 11/24/2014 - 06:38

Thank you for your help, Dustin.

Yes using the shorter name for the virtual host is the thing to do.

However, if the mail server is on a separate VPS with a separate Virtualmin panel, then I found that I need to add "" to Postfix $mydestination variable or else I get a "Relay access denied" error.

This is probably not the case if the mail and the web servers are under the same Virtualmin machine.

Mon, 11/24/2014 - 12:03


You shouldn't have to add it manually as Virtualmin will handle that when you enable mail for a virtual server, at least that is what I am told. I am clueless as to what is causing your issue. As I said, I replicated your setup and I had no issues. If you'd like, I can provide you login details to my two test servers and you can compare my configurations to yours and perhaps spot the difference?


Tue, 11/25/2014 - 18:34


Well I made a mistake... :P When I was testing the configuration you wanted I forgot to update a DNS record. I was using my old server which was working. So it is not simple to do at all! I did manage to make it work though. I haven't nailed down all steps yet but here is basically what I did:

  • Copied virtualmin.repo file to my webmin server (Shouldn't need this step as you are using Virtualmin on both systems)
  • yum install procmail procmail-wrapper (Shouldn't need to do this step either)
  • I copied my configuration files for postfix (/etc/postfix/ and to my webmin server. Attached is my "General Options" for Postfix from Webmin.

I will try to nail down exactly what is required and exact steps but hopefully this gets you started.

  • Virtualmin server (web server) hostname:
  • Webmin server (mail server) hostname:

Virtual users only exist on my web server, but for your configuration:

  • Web server: Virtual server "" created to serve websites; Apache, DNS and Webmin login enabled
  • DNS Record: "A" record for pointed at your mail server
  • DNS Record: "MX" record for pointed at
  • Mail server: Virtual server "" created to serve mail; Mail for domain, Webmin login enabled
  • Mail users created here
  • Postfix configuration should resemble mine

In my attached image:

  • Replace "" in the field "Local internet domain name" with ""
  • Replace "" in the field "Internet hostname of this mail system" with ""
  • "Local networks" was populated for me so I would leave whatever Virtualmin configured as default.

I hope this was helpful somewhat. I can provide more assistance if this still isn't working for you. -Dustin

Wed, 01/06/2016 - 15:31


A year has passed and not sure if the issue has been resolved for the user.

I had a similar issue with the loop to itself error.

I fixed it once I noticed the entries in the /etc/hosts file.Once rectified, the error went away.

I hope this helps.

Topic locked