1 (edited by alirezahbb 2013-12-29 23:39:13)

Topic: Problem with aliass

==== Required information ====
- iRedMail version:  0.8.5
- Store mail accounts in which backend (LDAP/MySQL/PGSQL):  MYSQL
- Linux/BSD distribution name and version:  Debian 7.2
- Related log if you're reporting an issue:
====

Dear Zhang

i have problem with alias

i created alias like test@domain.com

add new member to it like  22@domain.com

after pushing save button it says  "Profile updated success."

but in member filed there aren't any emails ( i didn't had any problem with older version )

in database

select * from alias;
     address: test@domain.com
        goto:
        name: For test
  moderators:
accesspolicy: membersonly
      domain: domain.com
     created: 2013-12-29 15:28:16
    modified: 2013-12-29 15:29:33
     expired: 9999-12-31 00:00:00
      active: 1

i try it several times
but couldn't add any memebrs sad

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 (edited by alirezahbb 2013-12-29 23:49:18)

Re: Problem with aliass

after enable debug on iredadmin-PRO

UPDATE alias SET goto = ' ', modified = '2013-12-29 15:45:56', accesspolicy = 'membersonly', moderators = '', active = 1, name = 'ss' WHERE address='test@domain.com'


but i enterd 22@domain.com on member area

3

Re: Problem with aliass

Do you have '22@domain.com' in both SQL tables: alias, mailbox?

If member doesn't exist, iRedAdmin-Pro will discard it.

4 (edited by alirezahbb 2013-12-30 13:27:55)

Re: Problem with aliass

22@domain.com exist in mailbox

and also there is test@domain.com exist in alias

i tried to manualy insert goto filed from database and after that it shows on member area

but when i try to send email to my alias ( test@domain.com )

with email address  acl@domain.com

my email will be forwarded to 22@domain.com but it should be rejected because only members can send email to this alias

sad

5

Re: Problem with aliass

alirezahbb wrote:

my email will be forwarded to 22@domain.com but it should be rejected because only members can send email to this alias

This is controlled by iRedAPD. Do you have plugin "sql_alias_access_policy" enabled in iRedAPD?

6

Re: Problem with aliass

May i know which version of iRedAdmin-Pro-MySQL you're running? Did you try the latest release, v1.8.1?

7

Re: Problem with aliass

in my /opt/iredapd/settings.py

plugins = ["sql_alias_access_policy", "sql_user_restrictions"]


my iredadmin pro is 1.8

8

Re: Problem with aliass

i upgraded to last version and didn't solved !

9

Re: Problem with aliass

*) Was your iRedMail server migrated from old server?
*) Could you please show me output of below SQL commands? WARNING: Please replace real domain name, password before posting.

-- Get full record of your alias account.
sql> SELECT * FROM alias WHERE address='test@domain.com' \G

-- Get full record of your alias member.
sql> SELECT * FROM mailbox WHERE username='22@domain.com' \G
sql> SELECT * FROM alias WHERE address='22@domain.com' \G

10

Re: Problem with aliass

dose it necessary to add moderator on list?

i added a moderator and after that try to add new member and works !

11 (edited by alirezahbb 2013-12-30 15:39:38)

Re: Problem with aliass

still have problem  to restrict user to send email to list

people who  not in the list's member can send email to list

*************************** 18. row ***************************
     address: test7@domain.com
        goto: 22@domain.com,33@domain.com
        name: sasaa
  moderators: admin@domain.com
accesspolicy: membersonly
      domain: domain.com
     created: 2013-12-30 07:14:58
    modified: 2013-12-30 07:24:10
     expired: 9999-12-31 00:00:00
      active: 1


------update-------------------

i try to send email to my list outside of my domain ( gmail )

and it works and reject my email

it seems that it doesn't work with internal users

12

Re: Problem with aliass

Show me output of command "postconf smtpd_recipient_restrictions" please.

13 (edited by alirezahbb 2013-12-30 21:26:55)

Re: Problem with aliass

root@mail:~# postconf smtpd_recipient_restrictions
smtpd_recipient_restrictions = reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unlisted_recipient, check_policy_service inet:127.0.0.1:7777, permit_mynetworks, reject_rbl_client  reject_rbl_client , permit_sasl_authenticated, reject_unauth_destination, check_policy_service inet:127.0.0.1:10031
root@mail:~#


root@mail:~# netstat -nlp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 0.0.0.0:587             0.0.0.0:*               LISTEN      13134/master
tcp        0      0 0.0.0.0:110             0.0.0.0:*               LISTEN      2098/dovecot
tcp        0      0 127.0.0.1:9998          0.0.0.0:*               LISTEN      994/amavisd (master
tcp        0      0 0.0.0.0:143             0.0.0.0:*               LISTEN      2098/dovecot
tcp        0      0 127.0.0.1:10031         0.0.0.0:*               LISTEN      1183/postfix-policy
tcp        0      0 0.0.0.0:54735           0.0.0.0:*               LISTEN      782/rpc.statd
tcp        0      0 0.0.0.0:111             0.0.0.0:*               LISTEN      770/portmap
tcp        0      0 127.0.0.1:10032         0.0.0.0:*               LISTEN      1184/postfix-policy
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      1355/sshd
tcp        0      0 0.0.0.0:25              0.0.0.0:*               LISTEN      13134/master
tcp        0      0 127.0.0.1:4190          0.0.0.0:*               LISTEN      2098/dovecot
tcp        0      0 127.0.0.1:7777          0.0.0.0:*               LISTEN      15109/python
tcp        0      0 0.0.0.0:993             0.0.0.0:*               LISTEN      2098/dovecot
tcp        0      0 0.0.0.0:995             0.0.0.0:*               LISTEN      2098/dovecot
tcp        0      0 127.0.0.1:10024         0.0.0.0:*               LISTEN      994/amavisd (master
tcp        0      0 127.0.0.1:10025         0.0.0.0:*               LISTEN      13134/master
tcp        0      0 127.0.0.1:3306          0.0.0.0:*               LISTEN      1869/mysqld
tcp6       0      0 :::80                   :::*                    LISTEN      17221/apache2
tcp6       0      0 :::22                   :::*                    LISTEN      1355/sshd
tcp6       0      0 :::443                  :::*                    LISTEN      17221/apache2
udp        0      0 0.0.0.0:958             0.0.0.0:*                           782/rpc.statd
udp        0      0 0.0.0.0:43866           0.0.0.0:*                           782/rpc.statd
udp        0      0 0.0.0.0:111             0.0.0.0:*                           770/portmap

14

Re: Problem with aliass

Please, you didn't show me sql records for your members:

-- Get full record of your alias member.
sql> SELECT * FROM mailbox WHERE username='22@domain.com' \G
sql> SELECT * FROM alias WHERE address='22@domain.com' \G
alirezahbb wrote:

root@mail:~# postconf smtpd_recipient_restrictions

Postfix config looks just fine. You have to enable debug mode in iRedAPD for troubleshooting.

*) Please open /opt/iredapd/settings.py, set log_level to 'debug':

log_level = 'debug'

*) Restart iRedAPD service.
*) Send one more testing email, then paste full log related to this testing email here to help troubleshoot.

15 (edited by alirezahbb 2013-12-31 13:53:40)

Re: Problem with aliass

my alias is = test7
my members are = 22 ,33, admin, info....

mysql> select * from mailbox where username='test7@domain.com';
Empty set (0.00 sec)

mysql> select * from mailbox where username='22@domain.com'\G;
*************************** 1. row ***************************
                username: 22@domain.com
                password: $xxxxxx
                    name: 22
                language: en_US
    storagebasedirectory: /var/vmail
             storagenode: vmail1
     ...

mysql> select * from alias where address='test7@domain.com';
     address: test7@domain.com
        goto: 22@domain.com,33@domain.com
        name: sasaa
  moderators: admin@domain.com
accesspolicy: membersonly
      domain: domain.com
     created: 2013-12-30 07:14:58
    modified: 2013-12-30 07:24:10
     expired: 9999-12-31 00:00:00
      active: 1



i enabled debug mode on iredpad and restart service

i tried to send email from info@domain.com to test7@domain.com
and email received to the both 22@domain & 33@domain ( it should be rejected !!! )
there aren't any log on iredpad at this moment

i tried to send email from my gmail to test7@domain.com

and it rejected and iredpad said

2013-12-31 09:06:52 DEBUG SQL Record: ('membersonly', '22@domain.com,33@domain.com', 'admin@domain.com')
2013-12-31 09:06:52 DEBUG XX@gmail.com -> test7@domain.com, access policy: membersonly
2013-12-31 09:06:52 DEBUG policy: membersonly
2013-12-31 09:06:52 DEBUG members: 22@domain.com,33@domain.com
2013-12-31 09:06:52 DEBUG moderators: admin@domain.com
2013-12-31 09:06:52 DEBUG <-- Result: REJECT Not authorized

16

Re: Problem with aliass

Could you please paste me FULL log in iRedAPD related to this testing email? Do NOT strip log lines you consider which it's useless.

17

Re: Problem with aliass

Also, which version of iRedAPD are you running? Did you try to upgrade to the latest iRedAPD (v1.4.2)?

You can download here:
http://iredmail.org/yum/misc/

18

Re: Problem with aliass

my iRedpad version is 1.4.2

there aren't any log when i try to send email from info@domain  tomy alias  test7@domain

it just only write to log when i send from gmail or etc

here are complete logs when i send email from gmail






2013-12-31 17:24:00 DEBUG Connect from 127.0.0.1, port 56361.
2013-12-31 17:24:00 DEBUG smtp session: request=smtpd_access_policy
2013-12-31 17:24:00 DEBUG smtp session: protocol_state=RCPT
2013-12-31 17:24:00 DEBUG smtp session: protocol_name=ESMTP
2013-12-31 17:24:00 DEBUG smtp session: client_address=209.85.213.173
2013-12-31 17:24:00 DEBUG smtp session: client_name=mail-ig0-f173.google.com
2013-12-31 17:24:00 DEBUG smtp session: reverse_client_name=mail-ig0-f173.google.com
2013-12-31 17:24:00 DEBUG smtp session: helo_name=mail-ig0-f173.google.com
2013-12-31 17:24:00 DEBUG smtp session: sender=a***b@gmail.com
2013-12-31 17:24:00 DEBUG smtp session: recipient=test7@domain.com
2013-12-31 17:24:00 DEBUG smtp session: recipient_count=0
2013-12-31 17:24:00 DEBUG smtp session: queue_id=
2013-12-31 17:24:00 DEBUG smtp session: instance=fac.52c2cc78.894e3.0
2013-12-31 17:24:00 DEBUG smtp session: size=0
2013-12-31 17:24:00 DEBUG smtp session: etrn_domain=
2013-12-31 17:24:00 DEBUG smtp session: stress=
2013-12-31 17:24:00 DEBUG smtp session: sasl_method=
2013-12-31 17:24:00 DEBUG smtp session: sasl_username=
2013-12-31 17:24:00 DEBUG smtp session: sasl_sender=
2013-12-31 17:24:00 DEBUG smtp session: ccert_subject=
2013-12-31 17:24:00 DEBUG smtp session: ccert_issuer=
2013-12-31 17:24:00 DEBUG smtp session: ccert_fingerprint=
2013-12-31 17:24:00 DEBUG smtp session: encryption_protocol=TLSv1
2013-12-31 17:24:00 DEBUG smtp session: encryption_cipher=RC4-SHA
2013-12-31 17:24:00 DEBUG smtp session: encryption_keysize=128
2013-12-31 17:24:00 DEBUG --> Apply plugin: sql_alias_access_policy
2013-12-31 17:24:00 DEBUG SQL: SELECT accesspolicy, goto, moderators
            FROM alias
            WHERE
                address='test7@domain.com'
                AND address <> goto
                AND domain='domain.com'
                AND active=1
            LIMIT 1

2013-12-31 17:24:00 DEBUG SQL Record: ('membersonly', '22@domain.com,33@domain.com', 'admin@domain.com')
2013-12-31 17:24:00 DEBUG a**b@gmail.com -> test7@domain.com, access policy: membersonly
2013-12-31 17:24:00 DEBUG policy: membersonly
2013-12-31 17:24:00 DEBUG members: 22@domain.com, 33@domain.com
2013-12-31 17:24:00 DEBUG moderators: admin@domain.com
2013-12-31 17:24:00 DEBUG <-- Result: REJECT Not authorized
2013-12-31 17:24:00 INFO [209.85.213.173] a**b@gmail.com -> test7@domain.com, REJECT Not authorized
2013-12-31 17:24:00 DEBUG Connection closed
2013-12-31 17:24:00 DEBUG Closed SQL connection.

19

Re: Problem with aliass

You have 2 members (22@, 33@), and access policy is "membersonly" (Only member can send email to this mail list/alias), and obviously, sender 'a**b@gmail.com' is not a member, so iRedAPD rejects it.

Works as designed.

20 (edited by alirezahbb 2014-01-01 20:14:30)

Re: Problem with aliass

Yes zhang you right  and i said that when i sent email from outside of my domain it works

but

i tried to send email from info@domain.com to test7@domain.com
and email received to the both 22@domain & 33@domain ( it should be rejected !!! )
there aren't any log on iredpad at this moment

21

Re: Problem with aliass

alirezahbb wrote:

i tried to send email from info@domain.com to test7@domain.com
and email received to the both 22@domain & 33@domain ( it should be rejected !!! )
there aren't any log on iredpad at this moment

There must be some log in iRedAPD log file since you have iRedAPD enabled in Postfix (smtpd_recipient_restrictions).
I'm afraid that i cannot help without related log. Could you please try to send some more testing emails again? Show us related log in both Postfix and iRedAPD log files.

22

Re: Problem with aliass

Go into Domain Advanced Preferences and disable grey listing...

23 (edited by alirezahbb 2014-01-04 19:10:09)

Re: Problem with aliass

Hi zhang
i reinstall iredmail on my virtual machine and every thing works
i dont know why my mail server is not working properly
my mail server is iredmail 8.5 on debian 6.6 and my virtual machine was debian 7.2 and iredmail 8.6
iredpad on both server was = 1.4.2
there isn't any iredpad  log when i send email from one user to another user that belong to alias memeber

how can i trace where is  my problem ?

i mean what  reason caused to  iredpad doesn't write any logs?

24

Re: Problem with aliass

alirezahbb wrote:

my mail server is iredmail 8.5 on debian 6.6 and my virtual machine was debian 7.2 and iredmail 8.6
iredpad on both server was = 1.4.2

iRedMail-0.8.5 ships iRedAPD-1.4.1, not 1.4.2.

alirezahbb wrote:

how can i trace where is  my problem ?

Just turn on debug mode in iRedAPD and see whether it works.

25

Re: Problem with aliass

i manually upgrade iredpad to the last version

debugging mode is enables but not written any log while sending email from internal users to alias