Problem with recipient verification
Hi I'm running Postfix v2.5.6 which I compiled myself from unmodified sources. (postconf -d appended below) I have a small server handling 5 domains and I'm having trouble with one of my virtual domains wrt recipient verification. Mail to 4 of the domains behaves correctly and is either accepted if the email address exists or is rejected with a 550 Mailbox unknown. The other domain (just added) attempts to connect to my ISP (relayhost) and rejects with a: 450 4.1.1 bo...@aaa.co.nz: Recipient address rejected: unverified address: connect to A.net.nz[XXX.XX.242.10]:24: Connection refused (see /var/log/mail excerpt below) Fair enough that this is being refused, but why is postfix probing my relayhost ? It should be verifying the address locally like it does with all the other domains. I've read the ADDRESS VERIFICATION README file but I cannot figure out why this one domain is behaving differently to all the others. Each domain is listed identically in my /etc/postfix/vdomains file on a line by itself. (I've also tried with hash:/etc/postfix/vdomains and adding an OK to the end and postmap'ing the vdomains file + reload, to no effect.) I'm running with Cyrus IMAP and using essentially the: Non-Postfix mailbox store: separate domains, non-UNIX accounts configuration from the VIRTUAL README. Any assistance would be appreciated. Thanks = /var/log/mail=== Nov 15 21:33:31 aeryn postfix/cleanup[1566]: 67AFAD0621: message- id=20091115083331.67afad0...@aeryn.aaa.aa Nov 15 21:33:31 aeryn postfix/qmgr[1425]: 67AFAD0621: from=double-bou...@aaa.aa, size=266, nrcpt=1 (queue active) Nov 15 21:33:31 aeryn postfix/lmtp[1568]: 67AFAD0621: to=mdxad...@aaa.aa, orig_to=aa...@aaa.co.nz, relay=aeryn.AAA.AA[/var/lib/imap/socket/lmtp], del ay=0.3, delays=0.01/0.04/0.22/0.04, dsn=2.1.5, status=deliverable (250 2.1.5 ok) Nov 15 21:33:31 aeryn postfix/qmgr[1425]: 67AFAD0621: removed Nov 15 21:33:31 aeryn postfix/smtpd[1543]: NOQUEUE: reject: RCPT from unknown[DDD.DDD.157.227]: 450 4.1.1 aa...@aa.co.nz: Recipient address rejected: unverified address: connect to myisp.net.nz[DDD.DD.242.10]:24: Connection refused; from=t...@aaa.aaa to=aa...@aa.co.nz proto=SMTP helo=.co.nz Nov 15 21:33:48 aeryn postfix/master[1110]: terminating on signal 15 =postconf -n= address_verify_map = btree:/var/lib/postfix/verify alias_maps = hash:/etc/aliases broken_sasl_auth_clients = yes canonical_maps = hash:/etc/postfix/canonical command_directory = /usr/sbin config_directory = /etc/postfix content_filter = smtp-amavis:[127.0.0.1]:10028 daemon_directory = /usr/lib/postfix data_directory = /var/lib/postfix debug_peer_level = 2 defer_transports = disable_dns_lookups = no disable_vrfy_command = yes header_checks = regexp:/etc/postfix/header_checks html_directory = no local_destination_concurrency_limit = 5 local_destination_recipient_limit = 300 local_recipient_maps = mail_owner = postfix mail_spool_directory = /var/mail
Re: Problem with recipient verification
Jeremy Bowen wrote: Hi I'm running Postfix v2.5.6 which I compiled myself from unmodified sources. (postconf -d appended below) I have a small server handling 5 domains and I'm having trouble with one of my virtual domains wrt recipient verification. Why you even use address verification, if all users are on local machine? -- Eero
Re: Problem with recipient verification
Eero Volotinen wrote: Jeremy Bowen wrote: Hi I'm running Postfix v2.5.6 which I compiled myself from unmodified sources. (postconf -d appended below) I have a small server handling 5 domains and I'm having trouble with one of my virtual domains wrt recipient verification. Why you even use address verification, if all users are on local machine? Sorry, I forgot to mention that one domain is used for a few mailing lists handled by a mailman installation running on a separate server. This is handled by an entry in the transport file.
Re: Problem with recipient verification
Jeremy Bowen wrote: Eero Volotinen wrote: Jeremy Bowen wrote: Hi I'm running Postfix v2.5.6 which I compiled myself from unmodified sources. (postconf -d appended below) I have a small server handling 5 domains and I'm having trouble with one of my virtual domains wrt recipient verification. Why you even use address verification, if all users are on local machine? Sorry, I forgot to mention that one domain is used for a few mailing lists handled by a mailman installation running on a separate server. This is handled by an entry in the transport file. Well, sounds like configuration problem? maybe you missed postmap the transport file? Is that domain listed in my domains? -- Eero
Re: Problem with recipient verification
2009/11/15 Jeremy Bowen jer...@smartpoint.co.nz: I'm running Postfix v2.5.6 which I compiled myself from unmodified sources. (postconf -d appended below) I don't seem to have the original for this, perhaps the thread got broken somewhere, but gmail shouldn't have lost it. Anyway, you need to post the output of `postconf -n` (settings that are non-default) - read the help, it tells you that -d shows the defaults, which are useless for diagnosis. I'm not sure where people get this from... I have a small server handling 5 domains and I'm having trouble with one of my virtual domains wrt recipient verification. Why you even use address verification, if all users are on local machine? Sorry, I forgot to mention that one domain is used for a few mailing lists handled by a mailman installation running on a separate server. This is handled by an entry in the transport file. That sounds like that domain is a candidate for classification as a relay_domain. Apologies if this has been mentioned before, but is that how you've got it configured? If you don't change too many settings, you generally already get recipient verification for designated local domains.
Re: Problem with recipient verification
Barney Desmond wrote: 2009/11/15 Jeremy Bowen jer...@smartpoint.co.nz: I'm running Postfix v2.5.6 which I compiled myself from unmodified sources. (postconf -d appended below) Anyway, you need to post the output of `postconf -n` (settings that are non-default) - read the help, it tells you that -d shows the defaults, which are useless for diagnosis. I'm not sure where people get this from... Actually the output I posted was from postconf -n. The -d was a typo. Sorry for the confusion. Sorry, I forgot to mention that one domain is used for a few mailing lists handled by a mailman installation running on a separate server. This is handled by an entry in the transport file. That sounds like that domain is a candidate for classification as a relay_domain. Apologies if this has been mentioned before, but is that how you've got it configured? If you don't change too many settings, you generally already get recipient verification for designated local domains. That part of the system isn't the problem and is working perfectly well. (Yes, it is a relay, handled in the transport file) I have a prolem with the new domain I added to the server and it is this new domain which is doing verification probes to my ISP.
Re: Problem with recipient verification
That part of the system isn't the problem and is working perfectly well. (Yes, it is a relay, handled in the transport file) I have a prolem with the new domain I added to the server and it is this new domain which is doing verification probes to my ISP. So, you need to add that domain to mydestination= parameter? -- Eero
Re: Problem with recipient verification
I have a prolem with the new domain I added to the server and it is this new domain which is doing verification probes to my ISP. So, you need to add that domain to mydestination= parameter? It's added to my vdomains file as per: virtual_mailbox_domains = /etc/postfix/vdomains (And Yes, I've done all the relevant postmap and posfix reload commands)
Re: Problem with recipient verification
On 11/15/2009, (Wietse Venema) wie...@porcupine.org wrote: If you specify /etc/postfix/vdomains then postmap is not required, and some parts of Postfix never find out that the file has changed until postfix reload. postmap is required with, for example, hash:/etc/postfix/vdomains instead of /etc/postfix/vdomains. Thanks. Yes, I know this. I'm not a newbie. I was just trying to pre-empt a bunch of replies telling me I needed to remap/reload. I detailed this in my original post. What is the logic behind where the verification probe is sent ? 4 out of 5 domains (all configured identically as far as I can tell) operate correctly and the probe seems to be handled locally. The other domain passes the verification probe to my upstream (relayhost). For the domain handling my mailing lists (relay[] entry in transport) verification probes are sent correctly to the mailman server.
Re: Problem with recipient verification
On 11/15/2009, Eero Volotinen eero.voloti...@iki.fi wrote: virtual_mailbox_domains ($virtual_mailbox_maps) Postfix is final destination for the specified list of domains; mail is delivered via the $vir- tual_transport mail delivery transport. That domain is delivered via smtp, not via: No. I think I've confused you with the different domains. 1) Mailing list domain is a relay domain. Behaves correctly. External verify 2) Problem domain. Virtual domain. Locally handled. Verify via upstream. 3) Other domains. Virtual domains. Locally handled. Verify local. virtual_transport = lmtp:unix:/var/lib/imap/socket/lmtp The problem domain is (should be) handled by lmtp. Other identically configured domains are handled by lmtp and appear to be doing verification correctly. There is something different about one domain which causes it to send verification upstream.
Re: Problem with recipient verification
Jeremy Bowen: I have a prolem with the new domain I added to the server and it is this new domain which is doing verification probes to my ISP. So, you need to add that domain to mydestination= parameter? It's added to my vdomains file as per: virtual_mailbox_domains = /etc/postfix/vdomains If you specify /etc/postfix/vdomains then postmap is not required, and some parts of Postfix never find out that the file has changed until postfix reload. postmap is required with, for example, hash:/etc/postfix/vdomains instead of /etc/postfix/vdomains. Wietse
Re: Problem with recipient verification
Jeremy Bowen wrote: I have a prolem with the new domain I added to the server and it is this new domain which is doing verification probes to my ISP. So, you need to add that domain to mydestination= parameter? It's added to my vdomains file as per: virtual_mailbox_domains = /etc/postfix/vdomains (And Yes, I've done all the relevant postmap and posfix reload commands) Well, I think it is not virtual domain, if it is relayed via smtp? As you can see from documentation: virtual_mailbox_domains ($virtual_mailbox_maps) Postfix is final destination for the specified list of domains; mail is delivered via the $vir- tual_transport mail delivery transport. That domain is delivered via smtp, not via: virtual_transport = lmtp:unix:/var/lib/imap/socket/lmtp Maybe you just need to remove it from virtual_mailbox_maps and add it to mydestination = -- Eero
Re: Problem with recipient verification
Jeremy Bowen: What is the logic behind where the verification probe is sent ? 4 out of 5 domains (all configured identically as far as I can tell) operate correctly and the probe seems to be handled locally. The other domain passes the verification probe to my upstream (relayhost). You configured one domain in a different manner than the four domains. To convince yourself, you could add a sixth domain (such as example.com) and see how Postfix tries to handle it. Wietse
Re: Problem with recipient verification
On 11/15/2009, Jeremy Bowen jer...@smartpoint.co.nz wrote: On 11/15/2009, (Wietse Venema) wie...@porcupine.org wrote: You configured one domain in a different manner than the four domains. To convince yourself, you could add a sixth domain (such as example.com) and see how Postfix tries to handle it. OK, Just added example.com to /etc/postfix/vdomains. [snip] I really cannot explain what is going on here. No actually I can. I am an idiot. Found the issue after grep'ing my /etc/postfix directory and diff'ing the example.com and problem domain occurrences. Previously this domain was hosted on another server. I still had an old entry in my transport file which was forwarding it. Doh! Thanks for all the pointers.
Re: Problem with recipient verification
On 11/15/2009, (Wietse Venema) wie...@porcupine.org wrote: You configured one domain in a different manner than the four domains. To convince yourself, you could add a sixth domain (such as example.com) and see how Postfix tries to handle it. OK, Just added example.com to /etc/postfix/vdomains. Added t...@example.com jeremy to /etc/postfix/virtual and t...@example.com OK to /etc/postfix/vmailbox Ran postmap virtual, postmap vmailbox, postfix reload Tested a message to t...@example.com Accepted OK and delivered to my mailbox. Tested a message to bo...@example.com got a: 550 5.1.1 bo...@example.com: Recipient address rejected: undeliverable address: in the SMTP conversation and a ...[/var/lib/imap/socket/lmtp] said: 550-Mailbox unknown in my /var/log/mail This seems to work as expected. I really cannot explain what is going on here.