1 (edited by koshie 2012-05-31 03:14:30)

Topic: [CentOS 6] Impossible to send / receive e-mail in Roundcube

==== Provide required information ====
- iRedMail version and backend (LDAP/MySQL/PGSQL):
- Linux/BSD distribution name and version:
- Any related log? Log is helpful for troubleshooting.
==== ==== Provide required information ====
- iRedMail version and backend (LDAP/MySQL/PGSQL):
- Linux/BSD distribution name and version:
- Any related log? Log is helpful for troubleshooting.
==== Hello,

I has a lot of troubles to install a mail server on my CentOS 6 (64 bits) and I've discovered iRedMail (0.8.0) so I'm trying to enjoy it smile.

First problem, I've NGinX and MySQL installed on this system, so I've choosen PostgreSQL for the database and I'm disabling NGinX the time to see if everythings works.

So I've installed with all options iRedMail and I've started services below :

_ postfix
_ dovecot
_ postgresql
_ httpd

And shut down nginx.

I can connect with account www to roundcube but I can't send or receive e-mail.

In /var/log/maillog I've :

May 30 16:54:20 omen postfix/pickup[27846]: 78523634EA: uid=0 from=<root>
May 30 16:54:20 omen postfix/cleanup[27848]: warning: connect to Milter service unix:public/dkim-filter: No such file or directory
May 30 16:54:20 omen postfix/cleanup[27848]: 78523634EA: milter-reject: CONNECT from localhost[127.0.0.1]: 4.7.1 Service unavailable - try again later; from=<root@omen.scopetic.fr>
May 30 16:54:20 omen postfix/pickup[27846]: 88715634EA: uid=0 from=<root>
May 30 16:54:20 omen postfix/cleanup[27848]: warning: connect to Milter service unix:public/dkim-filter: No such file or directory
May 30 16:54:20 omen postfix/cleanup[27848]: 88715634EA: milter-reject: CONNECT from localhost[127.0.0.1]: 4.7.1 Service unavailable - try again later; from=<root@omen.scopetic.fr>
May 30 16:55:01 omen postfix/postfix-script[28465]: stopping the Postfix mail system
May 30 16:55:01 omen postfix/master[27839]: terminating on signal 15

In /var/log/dovecot.log :

May 30 16:54:02 imap-login: Info: Login: user=<www@scopetic.fr>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=28395, secured
May 30 16:54:02 imap(www@scopetic.fr): Info: Disconnected: Logged out bytes=275/1236
May 30 16:54:56 imap(www@scopetic.fr): Info: Connection closed bytes=0/295
May 30 16:55:04 master: Warning: Killed with signal 15 (by pid=28522 uid=0 code=kill)
May 30 16:55:04 imap: Info: Server shutting down. bytes=98/797

Doesn't works if SELinux is disabled.

This is my iptables :

#---------------------------------------------------------------------
# This file is part of iRedMail, which is an open source mail server
# solution for Red Hat(R) Enterprise Linux, CentOS, Debian and Ubuntu.
#
# iRedMail is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# iRedMail is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with iRedMail.  If not, see <http://www.gnu.org/licenses/>.
#---------------------------------------------------------------------

#
# Sample iptables rules. It should be localted at:
#   /etc/sysconfig/iptables
#
# Shipped within iRedMail project:
#   * http://iRedMail.googlecode.com/
#

*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [0:0]

# Keep state.
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

# Loop device.
-A INPUT -i lo -j ACCEPT

# http/https, smtp/submission, pop3/pop3s, imap/imaps, ssh
-A INPUT -p tcp -m multiport --dport 80,443,25,587,110,995,143,993,465,4812  -j ACCEPT

# Allow PING from remote hosts.
-A INPUT -p icmp --icmp-type echo-request -j ACCEPT

# ejabberd
#-A INPUT -p tcp -m multiport --dport 5222,5223,5280 -j ACCEPT

# http/https
#-A INPUT -p tcp -m multiport --dport 80,443 -j ACCEPT

# smtp/smtps
#-A INPUT -p tcp -m multiport --dport 25,465 -j ACCEPT

# pop3/pop3s
#-A INPUT -p tcp -m multiport --dport 110,995 -j ACCEPT

# imap/imaps
#-A INPUT -p tcp -m multiport --dport 143,993 -j ACCEPT

# ldap/ldaps
#-A INPUT -p tcp -m multiport --dport 389,636 -j ACCEPT

# ftp.
#-A INPUT -p tcp -m multiport --dport 21,20 -j ACCEPT

# ssh
#-A INPUT -p tcp --dport 22 -j ACCEPT

COMMIT

And my DNS zone :

mail 10800 IN A 37.59.37.31
* 10800 IN A 37.59.37.31
@ 10800 IN A 37.59.37.31
www 10800 IN A 37.59.37.31
smtp 10800 IN CNAME mail.scopetic.fr.
imap 10800 IN CNAME mail.scopetic.fr.
pop 10800 IN CNAME mail.scopetic.fr.
webmail 10800 IN CNAME agent.mail.gandi.net.
@ 10800 IN MX 10 mail.scopetic.fr.
@ 10800 IN MX 50 mail.scopetic.fr.

If you need more information, tell me.

Koshiarlly, Koshie

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: [CentOS 6] Impossible to send / receive e-mail in Roundcube

koshie wrote:

May 30 16:54:20 omen postfix/cleanup[27848]: warning: connect to Milter service unix:public/dkim-filter: No such file or directory

It's pretty clear here, check your dkim-filter service please, and paste output of command "postconf -n".

Amavisd provides DKIM signing and verification, so i don't think you need dkim-filter anymore.

3 (edited by koshie 2012-05-31 16:56:48)

Re: [CentOS 6] Impossible to send / receive e-mail in Roundcube

ZhangHuangbin wrote:
koshie wrote:

May 30 16:54:20 omen postfix/cleanup[27848]: warning: connect to Milter service unix:public/dkim-filter: No such file or directory

It's pretty clear here, check your dkim-filter service please, and paste output of command "postconf -n".

Amavisd provides DKIM signing and verification, so i don't think you need dkim-filter anymore.

Hello and thanks for the reply smile !

This is my postconf -n :

alias_database = hash:/etc/postfix/aliases
alias_maps = hash:/etc/postfix/aliases
allow_min_user = no
append_dot_mydomain = no
biff = no
bounce_queue_lifetime = 1d
transport_maps = proxy:pgsql:/etc/postfix/pgsql/transport_maps_user.cf, proxy:pgsql:/etc/postfix/pgsql/transport_maps_domain.cf
unknown_address_reject_code = 554
unknown_client_reject_code = 554
unknown_hostname_reject_code = 554
unknown_local_recipient_reject_code = 550
virtual_alias_domains =
virtual_alias_maps = proxy:pgsql:/etc/postfix/pgsql/virtual_alias_maps.cf, proxy:pgsql:/etc/postfix/pgsql/domain_alias_maps.cf, proxy:pgsql:/etc/postfix/pgsql/catchall_maps.cf, proxy:pgsql:/etc/postfix/pgsql/domain_alias_catchall_maps.cf
virtual_gid_maps = static:504
virtual_mailbox_base = /var/vmail
virtual_mailbox_domains = proxy:pgsql:/etc/postfix/pgsql/virtual_mailbox_domains.cf
virtual_mailbox_maps = proxy:pgsql:/etc/postfix/pgsql/virtual_mailbox_maps.cf
virtual_minimum_uid = 504
virtual_transport = dovecot
virtual_uid_maps = static:504

So I don't need DKIM-Filter, I must remove it from my postfix configuration. But somethings sound strange for me.

IredMail download, install and configure everything for the user in few minutes but why DKIM-Milter is enabled if it's unnecessary ?

Maybe I've missed something, English's not my first language so sometimes...

Waiting for your reply.

Koshiarlly, Koshie

4

Re: [CentOS 6] Impossible to send / receive e-mail in Roundcube

koshie wrote:

This is my postconf -n :

Is this all output message of command 'postconf -n? there should be more, otherwise your iRedMail installation was not completed successfully.

5

Re: [CentOS 6] Impossible to send / receive e-mail in Roundcube

I've doing an other "postconf -n" :

alias_database = hash:/etc/postfix/aliases
alias_maps = hash:/etc/postfix/aliases
allow_min_user = no
append_dot_mydomain = no
biff = no
bounce_queue_lifetime = 1d
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
content_filter = smtp-amavis:[127.0.0.1]:10024
delay_warning_time = 0h
disable_vrfy_command = yes
enable_original_recipient = no
home_mailbox = Maildir/
inet_interfaces = all
inet_protocols = ipv4
mailbox_command = /usr/libexec/dovecot/deliver
mailbox_size_limit = 0
masquerade_classes = envelope_sender, header_sender, header_recipient
masquerade_domains =
masquerade_exceptions = root
master_service_disable =
maximal_backoff_time = 4000s
maximal_queue_lifetime = 1d
message_size_limit = 15728640
milter_protocol = 6
minimal_backoff_time = 300s
mydestination = $myhostname, localhost, localhost.localdomain, localhost.$myhostname
mydomain = scopetic.fr
myhostname = omen.scopetic.fr
mynetworks = 127.0.0.0/8
mynetworks_style = subnet
myorigin = omen.scopetic.fr
non_smtpd_milters = unix:public/dkim-filter
proxy_read_maps = $canonical_maps $lmtp_generic_maps $local_recipient_maps $mydestination $mynetworks $recipient_bcc_maps $recipient_canonical_maps $relay_domains $relay_recipient_maps $relocated_maps $sender_bcc_maps $sender_canonical_maps $smtp_generic_maps $smtpd_sender_login_maps $transport_maps $virtual_alias_domains $virtual_alias_maps $virtual_mailbox_domains $virtual_mailbox_maps $smtpd_sender_restrictions
queue_run_delay = 300s
recipient_bcc_maps = proxy:pgsql:/etc/postfix/pgsql/recipient_bcc_maps_domain.cf, proxy:pgsql:/etc/postfix/pgsql/recipient_bcc_maps_user.cf
recipient_delimiter = +
relay_domains = $mydestination, proxy:pgsql:/etc/postfix/pgsql/relay_domains.cf
sender_bcc_maps = proxy:pgsql:/etc/postfix/pgsql/sender_bcc_maps_domain.cf, proxy:pgsql:/etc/postfix/pgsql/sender_bcc_maps_user.cf
smtp_data_init_timeout = 240s
smtp_data_xfer_timeout = 600s
smtp_tls_loglevel = 1
smtp_tls_security_level = may
smtp_tls_session_cache_database = btree:/var/lib/postfix/smtp_scache
smtpd_client_restrictions = check_client_access hash:/etc/postfix/client_access, reject_unknown_client_hostname
smtpd_data_restrictions = reject_unauth_pipelining
smtpd_end_of_data_restrictions = check_policy_service inet:127.0.0.1:10031
smtpd_enforce_tls = no
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks,permit_sasl_authenticated, check_helo_access pcre:/etc/postfix/helo_access.pcre
smtpd_milters = unix:public/dkim-filter
smtpd_recipient_restrictions = reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unlisted_recipient, check_policy_service inet:127.0.0.1:7777, check_policy_service inet:127.0.0.1:10031, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_non_fqdn_helo_hostname, reject_invalid_helo_hostname
smtpd_reject_unlisted_recipient = yes
smtpd_reject_unlisted_sender = yes
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = no
smtpd_sasl_local_domain =
smtpd_sasl_path = ./dovecot-auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_sender_login_maps = proxy:pgsql:/etc/postfix/pgsql/sender_login_maps.cf
smtpd_sender_restrictions = permit_mynetworks, reject_sender_login_mismatch, permit_sasl_authenticated
smtpd_tls_CAfile = /etc/pki/tls/certs/iRedMail_CA.pem
smtpd_tls_ask_ccert = yes
smtpd_tls_cert_file = /etc/pki/tls/certs/iRedMail_CA.pem
smtpd_tls_key_file = /etc/pki/tls/private/iRedMail.key
smtpd_tls_loglevel = 0
smtpd_tls_received_header = yes
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:/var/lib/postfix/smtpd_scache
strict_rfc821_envelopes = yes
tls_random_source = dev:/dev/urandom
transport_maps = proxy:pgsql:/etc/postfix/pgsql/transport_maps_user.cf, proxy:pgsql:/etc/postfix/pgsql/transport_maps_domain.cf
unknown_address_reject_code = 554
unknown_client_reject_code = 554
unknown_hostname_reject_code = 554
unknown_local_recipient_reject_code = 550
virtual_alias_domains =
virtual_alias_maps = proxy:pgsql:/etc/postfix/pgsql/virtual_alias_maps.cf, proxy:pgsql:/etc/postfix/pgsql/domain_alias_maps.cf, proxy:pgsql:/etc/postfix/pgsql/catchall_maps.cf, proxy:pgsql:/etc/postfix/pgsql/domain_alias_catchall_maps.cf
virtual_gid_maps = static:504
virtual_mailbox_base = /var/vmail
virtual_mailbox_domains = proxy:pgsql:/etc/postfix/pgsql/virtual_mailbox_domains.cf
virtual_mailbox_maps = proxy:pgsql:/etc/postfix/pgsql/virtual_mailbox_maps.cf
virtual_minimum_uid = 504
virtual_transport = dovecot
virtual_uid_maps = static:504

There is a way to know what is wrong ? Maybe I need to remove everything about iRedMail, properly. Perhaps I need to remove everything on this server (NginX, MySQL etc), install iRedMail and re-install my old configuration.

Also I've a question, that's possible to install iRedMail and modifying it with NGinX ? I've choose him because it's very fast and light so... Don't want to use Apache, even if it's for roundcube, it's an heavy way.

In the "worst" case that's possible to install only things about postfix and dovecot, without roundcube and Apache ? Or maybe I can install on an server a proper iRedMail with what is interesting for me, watch the config, adapt it for my use... Don't know the best way.

6

Re: [CentOS 6] Impossible to send / receive e-mail in Roundcube

koshie wrote:

non_smtpd_milters = unix:public/dkim-filter

Comment out or remove this line in Postfix config file (/etc/postfix/main.cf) first, restart Postfix, then try again.

7

Re: [CentOS 6] Impossible to send / receive e-mail in Roundcube

Hey,

I've tried to comment this line but it doesn't works too. I've a lot of errors in my /var/log/maillog and always about dkim-filter :

Jun  7 13:33:59 omen postfix/smtpd[9715]: warning: connect to Milter service unix:public/dkim-filter: No such file or directory
Jun  7 13:33:59 omen postfix/smtpd[9715]: NOQUEUE: milter-reject: CONNECT from omen.scopetic.fr[127.0.0.1]: 451 4.7.1 Service unavailable - try again later; proto=SMTP
Jun  7 13:33:59 omen postfix/smtpd[9715]: NOQUEUE: milter-reject: EHLO from omen.scopetic.fr[127.0.0.1]: 451 4.7.1 Service unavailable - try again later; proto=SMTP helo=<localhost>
Jun  7 13:33:59 omen postfix/smtpd[9715]: NOQUEUE: milter-reject: MAIL from omen.scopetic.fr[127.0.0.1]: 451 4.7.1 Service unavailable - try again later; from=<root@omen.scopetic.fr> proto=ESMTP helo=<localhost>
Jun  7 13:33:59 omen amavis[14502]: (14502-01) Negative SMTP resp. to DATA: 503 5.5.1 Error: need RCPT command
Jun  7 13:33:59 omen postfix/smtpd[9715]: disconnect from omen.scopetic.fr[127.0.0.1]
Jun  7 13:33:59 omen amavis[14502]: (14502-01) (!)FWD via SMTP: <root@omen.scopetic.fr> -> <root@omen.scopetic.fr>,BODY=7BIT 451 4.7.1 from MTA([127.0.0.1]:10025): 451 4.7.1 Service unavailable - try again later
Jun  7 13:33:59 omen amavis[14502]: (14502-01) Blocked MTA-BLOCKED, MYUSERS <root@omen.scopetic.fr> -> <root@omen.scopetic.fr>, Message-ID: <20120607113348.4658963524@omen.scopetic.fr>, mail_id: hvG9QyDAfggW, Hits: -0.001, size: 943, 10790 ms
Jun  7 13:33:59 omen postfix/smtp[9707]: 4658963524: to=<root@omen.scopetic.fr>, relay=127.0.0.1[127.0.0.1]:10024, delay=639230, delays=639219/0.11/0.02/11, dsn=4.7.1, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.7.1 id=14502-01 - Temporary MTA failure on relaying, from MTA([127.0.0.1]:10025): 451 4.7.1 Service unavailable - try again later (in reply to end of DATA command))
Jun  7 13:33:59 omen postfix/smtpd[9715]: connect from omen.scopetic.fr[127.0.0.1]
Jun  7 13:33:59 omen postfix/smtpd[9715]: warning: connect to Milter service unix:public/dkim-filter: No such file or directory
Jun  7 13:33:59 omen postfix/smtpd[9715]: NOQUEUE: milter-reject: CONNECT from omen.scopetic.fr[127.0.0.1]: 451 4.7.1 Service unavailable - try again later; proto=SMTP
Jun  7 13:33:59 omen postfix/smtpd[9715]: NOQUEUE: milter-reject: EHLO from omen.scopetic.fr[127.0.0.1]: 451 4.7.1 Service unavailable - try again later; proto=SMTP helo=<localhost>
Jun  7 13:33:59 omen postfix/smtpd[9715]: NOQUEUE: milter-reject: MAIL from omen.scopetic.fr[127.0.0.1]: 451 4.7.1 Service unavailable - try again later; from=<root@omen.scopetic.fr> proto=ESMTP helo=<localhost>
Jun  7 13:33:59 omen amavis[14502]: (14502-02) Negative SMTP resp. to DATA: 503 5.5.1 Error: need RCPT command
Jun  7 13:33:59 omen amavis[14502]: (14502-02) (!)FWD via SMTP: <root@omen.scopetic.fr> -> <root@omen.scopetic.fr>,BODY=7BIT 451 4.7.1 from MTA([127.0.0.1]:10025): 451 4.7.1 Service unavailable - try again later
Jun  7 13:33:59 omen amavis[14502]: (14502-02) Blocked MTA-BLOCKED, MYUSERS <root@omen.scopetic.fr> -> <root@omen.scopetic.fr>, Message-ID: <20120607113348.67D9963526@omen.scopetic.fr>, mail_id: 4ZMHzColHVWJ, Hits: -0.001, size: 946, 136 ms
Jun  7 13:33:59 omen postfix/smtp[9707]: 67D9963526: to=<root@omen.scopetic.fr>, relay=127.0.0.1[127.0.0.1]:10024, delay=380025, delays=380014/11/0.01/0.15, dsn=4.7.1, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.7.1 id=14502-02 - Temporary MTA failure on relaying, from MTA([127.0.0.1]:10025): 451 4.7.1 Service unavailable - try again later (in reply to end of DATA command))

Again I wonder if it's not a better idea to test this on a virtual machine for apply the desired configuration on my others servers without using IRedMail. Or just retry the installation (without Apache if it's possible) and configure the webmail myself, just to have a usable mail server.

8

Re: [CentOS 6] Impossible to send / receive e-mail in Roundcube

I suggest re-installing iRedMail on a FRESH, clean system. As mentioned in iRedMail installation guide:

iRedMail is designed to be deployed on a FRESH server system, which means your server does NOT have mail related components installed, e.g. MySQL, OpenLDAP, Postfix, Dovecot, Amavisd, etc. Otherwise it may override your existing files/configurations althought it will backup files before modifing, and it may be not working as expected.

9

Re: [CentOS 6] Impossible to send / receive e-mail in Roundcube

I'll do that so. Thanks for the reply smile.

Cordially, Koshie