[postfix-users] virtuelle User und dovecot lmtp

Lars Täuber taeuber at bbaw.de
Do Okt 27 16:36:36 CEST 2011 

Ich hätte es wirklich gerne möglichst einfach und ohne »Hilfskonstrukte« mit
den natürlichen Postfix-Mitteln konfiguriert.

Deshalb:

Am Thu, 27 Oct 2011 12:56:59 +0200
Ralf Hildebrandt <Ralf.Hildebrandt at charite.de> schrieb:
> Ich würde nun empfehlen:
> 
> 1) postconf -n nochmal aktuell zeigen

alias_database = $alias_maps
alias_maps = hash:/etc/postfix/aliases
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
inet_interfaces = all
mailbox_command = procmail -a "$EXTENSION"
message_size_limit = 41943040
mydomain = bbaw.de
myhostname = mailix.bbaw.de
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104    [::1]/128    194.95.188.5    194.95.188.6
recipient_delimiter = +
relayhost = [mail.bbaw.de]
smtp_tls_security_level = may
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
smtpd_helo_required = yes
smtpd_recipient_restrictions = reject_non_fqdn_sender    reject_unknown_sender_domain    reject_non_fqdn_recipient    reject_unknown_recipient_domain    reject_unauth_pipelining    reject_sender_login_mismatch    permit_mynetworks    permit_sasl_authenticated    reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_path = private/dovecot-auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_sender_login_maps = ldap:/etc/postfix/ldap-sender.cf
smtpd_sender_restrictions = reject_unknown_sender_domain
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/ssl/certs/mailix.bbaw.de.pem
smtpd_tls_key_file = /etc/ssl/private/mailix.bbaw.de.key
smtpd_tls_mandatory_ciphers = medium
smtpd_tls_mandatory_protocols = SSLv3, TLSv1
smtpd_tls_received_header = yes
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
tls_random_source = dev:/dev/urandom
virtual_alias_maps = hash:/etc/postfix/test_aliases
virtual_mailbox_domains = virtuelle.domain.de
virtual_transport = lmtp:unix:private/dovecot-lmtp

/etc/postfix/test_aliases:
muster at virtuelle.domain.de		mustermann at dovecot.lmtp, musterfrau at dovecot.lmtp

# postmap -q muster at virtuelle.domain.de hash:/etc/postfix/test_aliases
mustermann at dovecot.lmtp, musterfrau at dovecot.lmtp


> 2) Testmail schicken und davon logs

/var/log/mail.log:
Oct 27 16:30:42 mailix postfix/smtpd[19958]: connect from mail.bbaw.de[194.95.188.6]
Oct 27 16:30:42 mailix postfix/smtpd[19958]: 348225F763: client=mail.bbaw.de[194.95.188.6]
Oct 27 16:30:42 mailix postfix/cleanup[19962]: 348225F763: message-id=<20111027163041.f741423c.taeuber at bbaw.de>
Oct 27 16:30:42 mailix postfix/smtpd[19958]: disconnect from mail.bbaw.de[194.95.188.6]
Oct 27 16:30:42 mailix postfix/qmgr[19934]: 348225F763: from=<taeuber at bbaw.de>, size=2011, nrcpt=1 (queue active)
Oct 27 16:30:42 mailix postfix/lmtp[19963]: 348225F763: to=<muster at virtuelle.domain.de>, orig_to=<muster at virtuelle.domain.de@mailix.bbaw.de>, relay=mailix.bbaw.de[private/dovecot-lmtp], delay=0.06, delays=0.01/0.01/0.03/0.02, dsn=5.1.1, status=bounced (host mailix.bbaw.de[private/dovecot-lmtp] said: 550 5.1.1 <muster at virtuelle.domain.de> User doesn't exist: muster at virtuelle.domain.de (in reply to RCPT TO command))
Oct 27 16:30:42 mailix postfix/cleanup[19962]: 42ED05F785: message-id=<20111027143042.42ED05F785 at mailix.bbaw.de>
Oct 27 16:30:42 mailix postfix/bounce[19968]: 348225F763: sender non-delivery notification: 42ED05F785
Oct 27 16:30:42 mailix postfix/qmgr[19934]: 42ED05F785: from=<>, size=4111, nrcpt=1 (queue active)
Oct 27 16:30:42 mailix postfix/qmgr[19934]: 348225F763: removed
Oct 27 16:30:42 mailix postfix/smtp[19969]: 42ED05F785: to=<taeuber at bbaw.de>, relay=mail.bbaw.de[194.95.188.6]:25, delay=0.11, delays=0/0.01/0/0.1, dsn=2.0.0, status=sent (250 Ok: queued as 120AA4A8076)
Oct 27 16:30:42 mailix postfix/qmgr[19934]: 42ED05F785: removed


/var/log/dovecot:
Oct 27 16:30:42 lmtp(19964): Debug: none: root=, index=, control=, inbox=
Oct 27 16:30:42 lmtp(19964): Info: Connect from local
Oct 27 16:30:42 auth: Debug: Loading modules from directory: /usr/lib/dovecot/modules/auth
Oct 27 16:30:42 auth: Debug: Module loaded: /usr/lib/dovecot/modules/auth/libauthdb_ldap.so
Oct 27 16:30:42 auth: Debug: master in: USER	1	muster at virtuelle.domain.de	service=lmtp
Oct 27 16:30:42 auth: Debug: prefetch(muster at virtuelle.domain.de): passdb didn't return userdb entries, trying the next userdb
Oct 27 16:30:42 auth: Debug: ldap(muster at virtuelle.domain.de): user search: base=dc=bbaw, dc=de scope=subtree filter=(&(objectClass=posixAccount)(uid=muster at virtuelle.domain.de)) fields=uid
Oct 27 16:30:42 auth: Info: ldap(muster at virtuelle.domain.de): unknown user
Oct 27 16:30:42 auth: Debug: master out: NOTFOUND	1
Oct 27 16:30:42 lmtp(19964): Debug: auth input: 
Oct 27 16:30:42 lmtp(19964): Info: Disconnect from local: Client quit


> 3) und dann wenn alle stricke reissen mal mit -v arbeiten

Welchen Prozess, smtpd?

Das darf doch eigentlich auch nicht sein, oder? (wegen virtual_mailbox_domains = virtuelle.domain.de)
# postconf -d virtual_alias_domains
virtual_alias_domains = $virtual_alias_maps

Aber selbst mit
  virtual_alias_domains =
verhält sich postfix unverändert.

Lars

Mehr Informationen über die Mailingliste postfix-users