1 Topic by vasileiosg (edited by vasileiosg 2016-03-21 17:38:31)

  • vasileiosg
  • Member
  • Offline
  • From: Netherlands
  • Registered: 2016-03-18
  • Posts: 38

Topic: [FIXED] changing the relayhost

==== Required information ====
- iRedMail version (check /etc/iredmail-release): 0.9.4
- Linux/BSD distribution name and version: FreeBSD
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): LDAP
- Web server (Apache or Nginx): Apache
- Manage mail accounts with iRedAdmin-Pro? No Pro
- Related log if you're reporting an issue:
====

Hello,

I am new in iRedMail and until now I am positively surprised for the good work that has been done here.


I am sorry to complain though but I have an issue. Tried finding the solution online but I am very sure that I missed it somewhere..

I did the iRedMail setup and I am able to receive but not to send. I want to use my ISP relayhost (requires username and password) but I cannot find where to do that.

I assume that I should do the settings on postfix?

I added these lines in /usr/local/etc/postfix/main.cf:
relayhost = [smtp.ziggo.nl]:587
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/usr/local/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous

and i added this line in /usr/local/etc/postfix/sasl_passwd:
[smtp.ziggo.nl]:25 USERNAME@ISP.COM:PASSWORD

I tried sending an email from roundcube (that comes with iRedMail) but did not receive it.

Any help would be appreciated.

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

vasileiosg's Website

2 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,789

Re: [FIXED] changing the relayhost

What's the related log in Postfix log file? Cannot help without related log.

3 Reply by vasileiosg (edited by vasileiosg 2016-03-18 21:24:13)

  • vasileiosg
  • Member
  • Offline
  • From: Netherlands
  • Registered: 2016-03-18
  • Posts: 38

Re: [FIXED] changing the relayhost

Thank you for the very quick reply!

First of i need to tell you that i broke also the receiving part. I don't know exactly how but back tracing my steps, i did something like described here:

https://easyengine.io/tutorials/linux/u … mail-smtp/

Anyway, to your request:

Mar 18 14:09:20 mail amavis[953]: Using primary internal av scanner code for ClamAV-clamd
Mar 18 14:09:20 mail amavis[953]: Found secondary av scanner ClamAV-clamscan at /usr/local/bin/clamscan
Mar 18 14:09:20 mail amavis[953]: Deleting db files __db.001,__db.002,__db.003,snmp.db,nanny.db in /var/amavis/db
Mar 18 14:09:20 mail amavis[953]: Creating db in /var/amavis/db/; BerkeleyDB 0.55, libdb 5.3
Mar 18 14:09:35 mail postfix[986]: Postfix is running with backwards-compatible default settings
Mar 18 14:09:35 mail postfix[986]: See http://www.postfix.org/COMPATIBILITY_README.html for details
Mar 18 14:09:35 mail postfix[986]: To disable backwards compatibility use "postconf compatibility_level=2" and "postfix reload"
Mar 18 14:09:35 mail postfix/postfix-script[1063]: warning: /var/spool/postfix/etc/resolv.conf and /etc/resolv.conf differ
Mar 18 14:09:35 mail postfix/postfix-script[1068]: starting the Postfix mail system
Mar 18 14:09:35 mail postfix/master[1070]: /usr/local/etc/postfix/master.cf: line 144: using backwards-compatible default setting chroot=y
Mar 18 14:09:35 mail postfix/master[1070]: /usr/local/etc/postfix/master.cf: line 150: using backwards-compatible default setting chroot=y
Mar 18 14:09:35 mail postfix/master[1070]: daemon started -- version 3.1.0, configuration /usr/local/etc/postfix
Mar 18 14:09:35 mail postfix/qmgr[1073]: 9848DB6109: from=<root@mail.MYDOMAIN.COM>, size=770, nrcpt=1 (queue active)
Mar 18 14:09:35 mail postfix/qmgr[1073]: 19751B6105: from=<vasileiosg@MYDOMAIN.COM>, size=1588, nrcpt=1 (queue active)
Mar 18 14:09:35 mail postfix/qmgr[1073]: 8A360B6127: from=<sogod@mail.MYDOMAIN.COM>, size=1234, nrcpt=1 (queue active)
Mar 18 14:09:35 mail postfix/smtp[1088]: warning: database /usr/local/etc/postfix/sasl_passwd.db is older than source file /usr/local/etc/postfix/sasl_passwd
Mar 18 14:09:35 mail postfix/smtp[1088]: warning: unsupported SASL client implementation: cyrus
Mar 18 14:09:35 mail postfix/smtp[1088]: fatal: SASL library initialization
Mar 18 14:09:35 mail postfix/qmgr[1073]: 416ECB613A: from=<sogod@mail.MYDOMAIN.COM>, size=1234, nrcpt=1 (queue active)
Mar 18 14:09:36 mail postfix/master[1070]: warning: process /usr/local/libexec/postfix/smtp pid 1089 exit status 1
Mar 18 14:09:36 mail postfix/master[1070]: warning: /usr/local/libexec/postfix/smtp: bad command startup -- throttling
Mar 18 14:09:36 mail postfix/master[1070]: warning: process /usr/local/libexec/postfix/smtp pid 1088 exit status 1
Mar 18 14:09:36 mail postfix/master[1070]: warning: /usr/local/libexec/postfix/smtp: bad command startup -- throttling
Mar 18 14:10:00 mail postfix/pickup[1072]: 9B67DB6164: uid=846 from=<sogod>
Mar 18 14:10:00 mail postfix/cleanup[1211]: 9B67DB6164: message-id=<20160318131000.9B67DB6164@mail.MYDOMAIN.COM>
Mar 18 14:10:00 mail postfix/qmgr[1073]: 9B67DB6164: from=<sogod@mail.MYDOMAIN.COM>, size=1234, nrcpt=1 (queue active)
Mar 18 14:10:08 mail postfix/pickup[1072]: 36F51B6165: uid=0 from=<root>
Mar 18 14:10:08 mail postfix/cleanup[1211]: 36F51B6165: message-id=<20160318131008.36F51B6165@mail.MYDOMAIN.COM>
Mar 18 14:10:08 mail postfix/qmgr[1073]: 36F51B6165: from=<root@mail.MYDOMAIN.COM>, size=1252, nrcpt=1 (queue active)
Mar 18 14:10:36 mail postfix/smtp[1218]: warning: database /usr/local/etc/postfix/sasl_passwd.db is older than source file /usr/local/etc/postfix/sasl_passwd
Mar 18 14:10:36 mail postfix/smtp[1219]: warning: database /usr/local/etc/postfix/sasl_passwd.db is older than source file /usr/local/etc/postfix/sasl_passwd
Mar 18 14:10:36 mail postfix/smtp[1219]: warning: unsupported SASL client implementation: cyrus
Mar 18 14:10:36 mail postfix/smtp[1219]: fatal: SASL library initialization
Mar 18 14:10:36 mail postfix/smtp[1218]: warning: unsupported SASL client implementation: cyrus
Mar 18 14:10:36 mail postfix/smtp[1218]: fatal: SASL library initialization
Mar 18 14:10:37 mail postfix/master[1070]: warning: process /usr/local/libexec/postfix/smtp pid 1219 exit status 1
Mar 18 14:10:37 mail postfix/master[1070]: warning: /usr/local/libexec/postfix/smtp: bad command startup -- throttling
Mar 18 14:10:37 mail postfix/master[1070]: warning: process /usr/local/libexec/postfix/smtp pid 1218 exit status 1
Mar 18 14:10:37 mail postfix/master[1070]: warning: /usr/local/libexec/postfix/smtp: bad command startup -- throttling

I am not sure how back you want me to go so i will stop here.

vasileiosg's Website

4 Reply by vasileiosg

  • vasileiosg
  • Member
  • Offline
  • From: Netherlands
  • Registered: 2016-03-18
  • Posts: 38

Re: [FIXED] changing the relayhost

I have found some more information now. I removed the options i said i had put because they were causing the issue of not receiving as well as not sending. Now when i check the log, i see:

Mar 18 16:31:19 mail postfix/smtp[3718]: connect to mx3.mail.icloud.com[17.142.163.15]:25: Operation timed out
Mar 18 16:31:49 mail postfix/smtp[3718]: connect to mx2.mail.icloud.com[17.142.163.11]:25: Operation timed out
Mar 18 16:31:49 mail postfix/smtp[3718]: 97041B244A: to=<some@me.com>, relay=none, delay=151, delays=0.01/0.01/151/0, dsn=4.4.1, status=deferred (connect to mx2.mail.icloud.com[17.142.163.11]:25: Operation timed out)
Mar 18 19:12:10 mail postfix/submission/smtpd[6800]: NOQUEUE: reject: RCPT from 5ED210A3.cm-7-3a.dynamic.ziggo.nl[]: 450 4.1.2 <name@gmail.com>: Recipient address rejected: Domain not found; from=<name@savagi.net> to=<name@gmail.com> proto=ESMTP helo=<[]>

vasileiosg's Website

5 Reply by vasileiosg

  • vasileiosg
  • Member
  • Offline
  • From: Netherlands
  • Registered: 2016-03-18
  • Posts: 38

Re: [FIXED] changing the relayhost

OK so i am getting closer now. I found that adding relayhost = smtp.ziggo.nl on main.cf allows the emails to reach my ISP relay host. Problem now is the authentication.

I realised that the reason i am getting the error fatal: SASL library initialisation has something to do with the sasl and postfix.

I have no idea what it is or how to fix it, but i will continue looking. In the meantime, if anyone has anything to add... please do so! It will save me few hours

vasileiosg's Website

6 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,789

Re: [FIXED] changing the relayhost

This setting works for me with a fresh iRedMail server:

*) Append below settings in /etc/postfix/main.cf:

relayhost = [relay.server]:25
smtp_sasl_password_maps = hash:/etc/postfix/sasl_password
smtp_sasl_auth_enable = yes
smtp_sasl_mechanism_filter = login
smtp_sasl_security_options = noanonymous

*) And this is the content in /etc/postfix/sasl_password:

relay.server user:password

Run postmap and restart Postfix service:

postmap hash:/etc/postfix/sasl_password
service postfix restart

If it doesn't work for you, please post output of command "postconf -n" here. Also, please do not modify /etc/postfix/master.cf.

7 Reply by vasileiosg

  • vasileiosg
  • Member
  • Offline
  • From: Netherlands
  • Registered: 2016-03-18
  • Posts: 38

Re: [FIXED] changing the relayhost

Did that, this is the log:

Mar 19 08:36:54 mail postfix/smtp[19703]: warning: unsupported SASL client implementation: cyrus
Mar 19 08:36:54 mail postfix/smtp[19703]: fatal: SASL library initialization

and here is the postconf -n

alias_database = hash:/usr/local/etc/postfix/aliases
alias_maps = hash:/usr/local/etc/postfix/aliases
allow_min_user = no
allow_percent_hack = no
biff = no
body_checks = pcre:/usr/local/etc/postfix/body_checks.pcre
broken_sasl_auth_clients = yes
command_directory = /usr/local/sbin
content_filter = smtp-amavis:[127.0.0.1]:10024
daemon_directory = /usr/local/libexec/postfix
data_directory = /var/db/postfix
debug_peer_level = 2
debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5
disable_vrfy_command = yes
dovecot_destination_recipient_limit = 1
enable_original_recipient = no
header_checks = pcre:/usr/local/etc/postfix/header_checks
home_mailbox = Maildir/
inet_interfaces = all
inet_protocols = all
lmtp_tls_mandatory_protocols = !SSLv2 !SSLv3
lmtp_tls_protocols = !SSLv2 !SSLv3
mail_owner = postfix
mailbox_command = /usr/local/libexec/dovecot/deliver
mailq_path = /usr/local/bin/mailq
message_size_limit = 15728640
mydestination = $myhostname, localhost, localhost.localdomain
mydomain = mail.savagi.net
myhostname = mail.savagi.net
mynetworks = 127.0.0.1
myorigin = mail.savagi.net
newaliases_path = /usr/local/bin/newaliases
postscreen_access_list = permit_mynetworks, cidr:/usr/local/etc/postfix/postscreen_access.cidr
postscreen_blacklist_action = enforce
postscreen_dnsbl_action = enforce
postscreen_dnsbl_reply_map = texthash:/usr/local/etc/postfix/postscreen_dnsbl_reply
postscreen_dnsbl_sites = zen.spamhaus.org*3 b.barracudacentral.org*2
postscreen_dnsbl_threshold = 2
postscreen_greet_action = enforce
proxy_read_maps = $canonical_maps $lmtp_generic_maps $local_recipient_maps $mydestination $mynetworks $recipient_bcc_maps $recipient_canonical_maps $relay_domains $relay_recipient_maps $relocated_maps $sender_bcc_maps $sender_canonical_maps $smtp_generic_maps $smtpd_sender_login_maps $transport_maps $virtual_alias_domains $virtual_alias_maps $virtual_mailbox_domains $virtual_mailbox_maps $smtpd_sender_restrictions
queue_directory = /var/spool/postfix
recipient_bcc_maps = proxy:ldap:/usr/local/etc/postfix/ldap/recipient_bcc_maps_user.cf proxy:ldap:/usr/local/etc/postfix/ldap/recipient_bcc_maps_domain.cf
recipient_delimiter = +
relay_domains = $mydestination proxy:ldap:/usr/local/etc/postfix/ldap/relay_domains.cf
relayhost = smtp.ziggo.nl
sender_bcc_maps = proxy:ldap:/usr/local/etc/postfix/ldap/sender_bcc_maps_user.cf proxy:ldap:/usr/local/etc/postfix/ldap/sender_bcc_maps_domain.cf
sendmail_path = /usr/local/sbin/sendmail
setgid_group = maildrop
smtp-amavis_destination_recipient_limit = 1
smtp_sasl_auth_enable = yes
smtp_sasl_mechanism_filter = login
smtp_sasl_password_maps = hash:/usr/local/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
smtp_tls_CAfile = $smtpd_tls_CAfile
smtp_tls_loglevel = 0
smtp_tls_mandatory_protocols = !SSLv2 !SSLv3
smtp_tls_note_starttls_offer = yes
smtp_tls_protocols = !SSLv2 !SSLv3
smtp_tls_security_level = may
smtpd_data_restrictions = reject_unauth_pipelining
smtpd_end_of_data_restrictions = check_policy_service inet:127.0.0.1:7777
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks permit_sasl_authenticated reject_non_fqdn_helo_hostname reject_invalid_helo_hostname check_helo_access pcre:/usr/local/etc/postfix/helo_access.pcre
smtpd_recipient_restrictions = reject_unknown_recipient_domain reject_non_fqdn_recipient reject_unlisted_recipient check_policy_service inet:127.0.0.1:7777 permit_mynetworks permit_sasl_authenticated reject_unauth_destination
smtpd_reject_unlisted_recipient = yes
smtpd_reject_unlisted_sender = yes
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain =
smtpd_sasl_path = private/dovecot-auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_sender_login_maps = proxy:ldap:/usr/local/etc/postfix/ldap/sender_login_maps.cf
smtpd_sender_restrictions = reject_unknown_sender_domain reject_non_fqdn_sender reject_unlisted_sender permit_mynetworks reject_sender_login_mismatch permit_sasl_authenticated check_sender_access pcre:/usr/local/etc/postfix/sender_access.pcre
smtpd_tls_CAfile = /etc/ssl/certs/iRedMail.crt
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/ssl/certs/iRedMail.crt
smtpd_tls_dh1024_param_file = /etc/ssl/dhparams.pem
smtpd_tls_exclude_ciphers = aNULL, eNULL, EXPORT, DES, RC4, MD5, PSK, aECDH, EDH-DSS-DES-CBC3-SHA, EDH-RSA-DES-CDC3-SHA, KRB5-DE5, CBC3-SHA
smtpd_tls_key_file = /etc/ssl/private/iRedMail.key
smtpd_tls_loglevel = 0
smtpd_tls_mandatory_protocols = !SSLv2 !SSLv3
smtpd_tls_protocols = !SSLv2 !SSLv3
smtpd_tls_security_level = may
swap_bangpath = no
tls_random_source = dev:/dev/urandom
transport_maps = proxy:ldap:/usr/local/etc/postfix/ldap/transport_maps_user.cf proxy:ldap:/usr/local/etc/postfix/ldap/transport_maps_domain.cf
unknown_local_recipient_reject_code = 550
virtual_alias_domains =
virtual_alias_maps = proxy:ldap:/usr/local/etc/postfix/ldap/virtual_alias_maps.cf proxy:ldap:/usr/local/etc/postfix/ldap/virtual_group_maps.cf proxy:ldap:/usr/local/etc/postfix/ldap/virtual_group_members_maps.cf proxy:ldap:/usr/local/etc/postfix/ldap/catchall_maps.cf
virtual_gid_maps = static:2000
virtual_mailbox_base = /var/vmail
virtual_mailbox_domains = proxy:ldap:/usr/local/etc/postfix/ldap/virtual_mailbox_domains.cf
virtual_mailbox_maps = proxy:ldap:/usr/local/etc/postfix/ldap/virtual_mailbox_maps.cf
virtual_minimum_uid = 2000
virtual_transport = dovecot
virtual_uid_maps = static:2000

vasileiosg's Website

8 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,789

Re: [FIXED] changing the relayhost

What's the output of command "postconf -A"?

also, reference: http://www.postfix.org/postconf.5.html#smtp_sasl_type

9 Reply by vasileiosg

  • vasileiosg
  • Member
  • Offline
  • From: Netherlands
  • Registered: 2016-03-18
  • Posts: 38

Re: [FIXED] changing the relayhost

postconf -A gives nothing
postconf -a gives dovecot

i tried activating through webmin and i got the same result. definitely the error is something with smtp sasl.

I have seen this site already but i don't know / understand what the heck i need to do to fix it sad

I understand that the problem is exactly the "fatal: SASL library initialization" but i have no clue how to fix it sad

One question though that i have which may (or may not) help me. How does the whole thing works? postfix receives the emails from the client and then sends directly or is it using something else in between for the MTA?

I am trying to look at it from all angles but again, i don't really know what i am doing :S

vasileiosg's Website

10 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,789

Re: [FIXED] changing the relayhost

Looks like your Postfix doesn't have cyrus-sasl support while compiling. Please try this to fix it:

cd /usr/ports/mail/postfix/
make config

Choose 'SASL' in the dialog page, then save. Run:

make reinstall

11 Reply by vasileiosg

  • vasileiosg
  • Member
  • Offline
  • From: Netherlands
  • Registered: 2016-03-18
  • Posts: 38

Re: [FIXED] changing the relayhost

That solved the problem!

vasileiosg's Website

12 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,789

Re: [FIXED] changing the relayhost

Committed this fix in development edition of iRedMail, it will be available in next release (0.9.5).
Thanks very much for the report.