1 Topic by viking39457

  • viking39457
  • viking39457
  • Member
  • Offline
  • From: Scandinavia
  • Registered: 2017-02-06
  • Posts: 17

Topic: Send as alias or forwarder not working in 0.9.7

======== Required information ====
- iRedMail version (check /etc/iredmail-release): 0.9.7
- Linux/BSD distribution name and version: Debian Jessie
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Web server (Apache or Nginx): Apache
- Manage mail accounts with iRedAdmin-Pro? No
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====
In previous iRedMail (using alias table), mail users could send out as any address in the 'goto' field:

SQL

address                              goto
account1@iredmail.server  account1@iredmail.server,account2@iredmail.server,remote1@other.server

/opt/iredapd/settings.py

ALLOWED_LOGIN_MISMATCH_LIST_MEMBER = True

User could use account1@iredmail.server, account2@iredmail.server or remote1@other.server as the 'From' field and Postfix will accept it and send the mail.

Now with the new upgrade and after the mysql migrate script added those existing alias records into the forwardings table, I am getting the error that mail cannot be sent with mismatched login and from email addresses.

I could add all my accounts into:
/opt/iredapd/settings.py

ALLOWED_LOGIN_MISMATCH_SENDERS = ['account1@iredmail.server', 'account2@iredmail.server' .... etc]

but that seams sloppy.

What is the iRedMail way to get this working as was before the upgrade?

P.S.
yes, I did the scripts as instructed

cd /etc/postfix/mysql/
perl -pi -e 's#alias\.address#forwardings.address#g' *.cf
perl -pi -e 's#alias\.goto#forwardings.forwarding#g' *.cf
perl -pi -e 's#alias\.active#forwardings.active#g' *.cf
perl -pi -e 's#alias\.domain#forwardings.domain#g' *.cf
perl -pi -e 's#alias,#forwardings,#g' *.cf

and restarted postfix service, still same error.

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,770

Re: Send as alias or forwarder not working in 0.9.7

Looks like bug of iRedAPD plugin "reject_sender_login_mismatch". Did you upgrade iRedAPD to the latest iRedAPD-2.1? If yes, could you please turn on debug mode in iRedAPD, reproduce this issue and extract full log related to this testing email? i need log for troubleshooting.
FYI: http://www.iredmail.org/docs/debug.iredapd.html

3 Reply by viking39457 (edited by viking39457 2017-07-10 18:51:16)

  • viking39457
  • viking39457
  • Member
  • Offline
  • From: Scandinavia
  • Registered: 2017-02-06
  • Posts: 17

Re: Send as alias or forwarder not working in 0.9.7

Yes, 2.1

(I replaced addresses:
user@ired.server = the local account configured in iRedmail
user@alias.server = the alias email I am trying to send 'from'
user@recipient.com = a functioning recipient trying to send a test mail to )
This is the only entry that /var/log/iredapd/iredapd.log shows when trying to send with local account and an aliased 'from'. 

2017-07-10 11:39:20 INFO [IP] RCPT, user@ired.server => user@alias.server -> user@recipient.com, REJECT Sender is not same as SMTP authenticate username [0.0081s]

in settings.py

ALLOWED_LOGIN_MISMATCH_LIST_MEMBER = True
...
log_file = "/var/log/iredapd/iredapd.log" 
...
# Enabled plugins.                                                                                     
plugins = ["reject_null_sender", "reject_sender_login_mismatch", "throttle", "sql_alias_access_policy"]

if I add user@ired.server to the `ALLOWED_LOGIN_MISMATCH_SENDERS` it does work as its supposed to.

ZhangHuangbin wrote:

Looks like bug of iRedAPD plugin "reject_sender_login_mismatch". Did you upgrade iRedAPD to the latest iRedAPD-2.1? If yes, could you please turn on debug mode in iRedAPD, reproduce this issue and extract full log related to this testing email? i need log for troubleshooting.
FYI: http://www.iredmail.org/docs/debug.iredapd.html

4 Reply by viking39457

  • viking39457
  • viking39457
  • Member
  • Offline
  • From: Scandinavia
  • Registered: 2017-02-06
  • Posts: 17

Re: Send as alias or forwarder not working in 0.9.7

I forgot to turn DEBUG mode on, now I get more in the log file. I can see its looking for:

2017-07-10 12:46:31 DEBUG [SQL] query per-user alias address:                                           
SELECT address                                                                                          
                           FROM forwardings                                                             
                          WHERE address='user@alias.server' AND forwarding='user@ired.server' AND is_
alias=1                                                                                                 
                          LIMIT 1                                                                       
2017-07-10 12:46:31 DEBUG SQL query result: None

I looked in MYSQL and confirmed no entry.

However I remembered this was an alias domain mailer (can send from any/many addresses from same domain) and previously in vmail alias table was just set as that:

address    goto    name    moderators    accesspolicy    domain    islist    is_alias    alias_to    created    modified    expired    active
alias.server    user@ired.server         NULL         alias.server    0    0         2017-03-07 12:22:50    2017-03-07 12:22:50    9999-12-31 00:00:00    1

In the debug its looking for something in domain alias..

2017-07-10 12:58:37 DEBUG [SQL] query alias domains:                                                
SELECT alias_domain                                                                                 
                               FROM alias_domain                                                    
                              WHERE alias_domain='alias.server' AND target_domain='ired.server'  
                              LIMIT 1                                                               
2017-07-10 12:58:37 DEBUG SQL query result: None                                                    
2017-07-10 12:58:37 DEBUG No alias domain found.

That table (alias_domain) is empty (is there a bug in the account migrate script maybe?) Do I need to create this record?

What is the full instructions with new SQL structure for setting up an ired existing account to be able to send as any address from a domain?

Full debug log file:

2017-07-10 12:58:37 DEBUG Connect from 127.0.0.1, port 53214.
2017-07-10 12:58:37 DEBUG smtp session: request=smtpd_access_policy                                     
2017-07-10 12:58:37 DEBUG smtp session: protocol_state=RCPT                                             
2017-07-10 12:58:37 DEBUG smtp session: protocol_name=ESMTP                                             
2017-07-10 12:58:37 DEBUG smtp session: client_address={ip}                                   
2017-07-10 12:58:37 DEBUG smtp session: client_name={domain}                  
2017-07-10 12:58:37 DEBUG smtp session: reverse_client_name={domain}          
2017-07-10 12:58:37 DEBUG smtp session: helo_name=[192.168.0.73]                                       
2017-07-10 12:58:37 DEBUG smtp session: sender=user@alias.server                                             
2017-07-10 12:58:37 DEBUG smtp session: recipient=user@recipient.com                                     
2017-07-10 12:58:37 DEBUG smtp session: recipient_count=0                                               
2017-07-10 12:58:37 DEBUG smtp session: queue_id=                                                       
2017-07-10 12:58:37 DEBUG smtp session: instance=34fa.59635ddd.d2fc9.0                                  
2017-07-10 12:58:37 DEBUG smtp session: size=1015                                                       
2017-07-10 12:58:37 DEBUG smtp session: etrn_domain=                                                    
2017-07-10 12:58:37 DEBUG smtp session: stress=                                                         
2017-07-10 12:58:37 DEBUG smtp session: sasl_method=PLAIN                                               
2017-07-10 12:58:37 DEBUG smtp session: sasl_username=user@ired.server                          
2017-07-10 12:58:37 DEBUG smtp session: sasl_sender=                                                    
2017-07-10 12:58:37 DEBUG smtp session: ccert_subject=                                                  
2017-07-10 12:58:37 DEBUG smtp session: ccert_issuer=                                                   
2017-07-10 12:58:37 DEBUG smtp session: ccert_fingerprint=                                              
2017-07-10 12:58:37 DEBUG smtp session: ccert_pubkey_fingerprint=                                       
2017-07-10 12:58:37 DEBUG smtp session: encryption_protocol=TLSv1.2                                     
2017-07-10 12:58:37 DEBUG smtp session: encryption_cipher=ECDHE-RSA-AES128-GCM-SHA256                   
2017-07-10 12:58:37 DEBUG smtp session: encryption_keysize=128                                          
2017-07-10 12:58:37 DEBUG --> Apply plugin: reject_null_sender                                          
2017-07-10 12:58:37 DEBUG <-- Result: DUNNO                                                             
2017-07-10 12:58:37 DEBUG --> Apply plugin: reject_sender_login_mismatch                                
2017-07-10 12:58:37 DEBUG Sender: user@alias.server, SASL username: user@ired.server                 
2017-07-10 12:58:37 DEBUG Allowed SASL senders: {allowed accounts}              
2017-07-10 12:58:37 DEBUG Sender is not allowed to send email as other user (ALLOWED_LOGIN_MISMATCH_SEND
ERS).                                                                                                   
2017-07-10 12:58:37 DEBUG Apply strict restriction (ALLOWED_LOGIN_MISMATCH_STRICTLY=True).              
2017-07-10 12:58:37 DEBUG Apply list/alias member restriction (ALLOWED_LOGIN_MISMATCH_LIST_MEMBER=True).
2017-07-10 12:58:37 DEBUG [SQL] query per-user alias address:                                           
SELECT address                                                                                          
                           FROM forwardings                                                             
                          WHERE address='user@alias.server' AND forwarding='user@ired.server' AND is_
alias=1                                                                                                 
                          LIMIT 1                                                                       
2017-07-10 12:58:37 DEBUG SQL query result: None                                                        
2017-07-10 12:58:37 DEBUG No per-user alias address found.                                              
2017-07-10 12:58:37 DEBUG [SQL] query alias domains:                                                    
SELECT alias_domain                                                                                     
                               FROM alias_domain                                                        
                              WHERE alias_domain='alias.server' AND target_domain='ired.server'      
                              LIMIT 1                                                                   
2017-07-10 12:58:37 DEBUG SQL query result: None                                                        
2017-07-10 12:58:37 DEBUG No alias domain found.                                                        
2017-07-10 12:58:37 DEBUG [SQL] query members of mail alias account (user@alias.server):                     
SELECT forwarding                                                                                       
                           FROM forwardings                                                             
                          WHERE address='user@alias.server' AND forwarding='user@ired.server' AND is_
list=1                                                                                                  
                          LIMIT 1                                                                       
2017-07-10 12:58:37 DEBUG SQL query result: None                                                        
2017-07-10 12:58:37 DEBUG No such mail alias account.                                                   
2017-07-10 12:58:37 DEBUG <-- Result: REJECT Sender is not same as SMTP authenticate username           
2017-07-10 12:58:37 DEBUG Session ended.                                                                
2017-07-10 12:58:37 INFO [31.208.110.84] RCPT, user@ired.server => user@alias.server -> user@recipient
.com, REJECT Sender is not same as SMTP authenticate username [0.0130s]

5 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,770

Re: Send as alias or forwarder not working in 0.9.7

viking39457 wrote:

in settings.py

ALLOWED_LOGIN_MISMATCH_LIST_MEMBER = True
...
log_file = "/var/log/iredapd/iredapd.log"

Do you add "ALLOWED_LOGIN_MISMATCH_LIST_MEMBER = True" in first line of /opt/iredapd/settings.py? This is not gonna work, please move it to the bottom and restart iredapd service.

Did you see the line at the top of config file?

############################################################
# DO NOT MODIFY THIS LINE, IT'S USED TO IMPORT DEFAULT SETTINGS.
from libs.default_settings import *
############################################################

If you add settings above this line, your settings will be overrode by settings in libs/default_settings.py.