Current time: 05-06-2024, 11:24 PM Hello There, Guest! (LoginRegister)


Post Reply 
[FreeBSD] Postfix problem -> Recipient address rejected: Domain not found
Author Message
BeNe Offline
Moderator
*****
Moderators

Posts: 5,899
Joined: Jan 2007
Reputation: 68
Post: #1
[FreeBSD] Postfix problem -> Recipient address rejected: Domain not found
Hey Guys,

i started into a new round "ispCP on FreeBSD".
My current problem is still Postfix.

  • I´m able to Login via IMAP from the Webmailer
  • I can send Mails from user1@domain.tld to user2@domain.tld
  • The eMail is moved without any problems to the maildir


But i can´t send mails outside in the wide wide World to yahoo for example because of this Error:
Code:
Mar 16 11:49:29 root postfix/smtpd[2022]: connect from unknown[127.0.0.1]
Mar 16 11:49:29 root postfix/smtpd[2022]: NOQUEUE: reject: RCPT from unknown[127.0.0.1]: 450 4.1.2 <my-nick@yahoo.com>: Recipient address rejected: Domain not found; from=<bene2@root.mydomain.tld> to=<my-nick@yahoo.com> proto=ESMTP helo=<admin.root.mydomain.tld>
Mar 16 11:49:29 root postfix/smtpd[2022]: lost connection after RCPT from unknown[127.0.0.1]
Mar 16 11:49:29 root postfix/smtpd[2022]: disconnect from unknown[127.0.0.1]
As i said, from one User to the other on the same Domain it works fine.
Here is the current postfix config:
Code:
root# postconf -n
alias_database = hash:/usr/local/etc/postfix/ispcp/aliases
alias_maps = hash:/usr/local/etc/postfix/ispcp/aliases
append_at_myorigin = yes
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = yes
command_directory = /usr/local/sbin
config_directory = /usr/local/etc/postfix
daemon_directory = /usr/local/libexec/postfix
inet_interfaces = all
local_destination_recipient_limit = 1
local_recipient_maps = unix:passwd.byname $alias_database
local_transport = local
mail_spool_directory = /var/mail
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
message_size_limit = 0
mydestination = $myhostname, $mydomain
mydomain = mail.root.mydomain.tld
myhostname = mail.root.mydomain.tld
mynetworks_style = host
myorigin = $myhostname
recipient_delimiter = +
setgid_group = maildrop
smtpd_banner = $myhostname ESMTP ispCP 1.0.5 OMEGA Managed
smtpd_data_restrictions = reject_multi_recipient_bounce,                               reject_unauth_pipelining
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks,                               permit_sasl_authenticated,                               reject_invalid_helo_hostname,                               reject_non_fqdn_helo_hostname
smtpd_recipient_restrictions = reject_non_fqdn_recipient,                               reject_unknown_recipient_domain,                               permit_mynetworks,                               permit_sasl_authenticated,                               reject_unauth_destination,                               reject_unlisted_recipient,                               check_policy_service inet:127.0.0.1:12525,                               check_policy_service inet:127.0.0.1:10023,                               permit
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
smtpd_sender_restrictions = reject_non_fqdn_sender,                               reject_unknown_sender_domain,                               permit_mynetworks,                               permit_sasl_authenticated
transport_maps = hash:/usr/local/etc/postfix/ispcp/transport
virtual_alias_maps = hash:/usr/local/etc/postfix/ispcp/aliases
virtual_gid_maps = static:125
virtual_mailbox_base = /var/mail/virtual
virtual_mailbox_domains = hash:/usr/local/etc/postfix/ispcp/domains
virtual_mailbox_limit = 0
virtual_mailbox_maps = hash:/usr/local/etc/postfix/ispcp/mailboxes
virtual_minimum_uid = 1003
virtual_transport = virtual
virtual_uid_maps = static:1003
I checked my DNS-Server of course - but yahoo for example is available for me:
Code:
root# ping yahoo.com
PING yahoo.com (209.131.36.159): 56 data bytes
64 bytes from 209.131.36.159: icmp_seq=0 ttl=55 time=194.066 ms
64 bytes from 209.131.36.159: icmp_seq=1 ttl=55 time=194.281 ms
64 bytes from 209.131.36.159: icmp_seq=2 ttl=55 time=193.731 ms
64 bytes from 209.131.36.159: icmp_seq=3 ttl=55 time=193.204 ms
64 bytes from 209.131.36.159: icmp_seq=4 ttl=55 time=194.828 ms
^C
--- yahoo.com ping statistics ---
5 packets transmitted, 5 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 193.204/194.022/194.828/0.543 ms
root#
I tried man other Mailadresses with the same result.
I can´t find the Error Sad
Any tipps ?

Thanks & Greez
BeNe
03-16-2010 11:32 PM
Visit this user's website Find all posts by this user Quote this message in a reply
nuke3d Offline
Junior Member
*

Posts: 107
Joined: Sep 2007
Reputation: 1
Post: #2
RE: [FreeBSD] Postfix problem -> Recipient address rejected: Domain not found
I assume "dig -t MX domain.tld" works as well... Did you rule out the sender/recipient restrictions as the culprit?
03-16-2010 11:43 PM
Find all posts by this user Quote this message in a reply
BeNe Offline
Moderator
*****
Moderators

Posts: 5,899
Joined: Jan 2007
Reputation: 68
Post: #3
RE: [FreeBSD] Postfix problem -> Recipient address rejected: Domain not found
Quote:I assume "dig -t MX domain.tld" works as well
Yep Wink
Code:
root# dig -t MX yahoo.com

; <<>> DiG 9.6.1-P1 <<>> -t MX yahoo.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 27126
;; flags: qr rd ra; QUERY: 1, ANSWER: 8, AUTHORITY: 7, ADDITIONAL: 12

;; QUESTION SECTION:
;yahoo.com.                     IN      MX

;; ANSWER SECTION:
yahoo.com.              1800    IN      MX      1 e.mx.mail.yahoo.com.
yahoo.com.              1800    IN      MX      1 f.mx.mail.yahoo.com.
yahoo.com.              1800    IN      MX      1 g.mx.mail.yahoo.com.
yahoo.com.              1800    IN      MX      1 h.mx.mail.yahoo.com.
yahoo.com.              1800    IN      MX      1 a.mx.mail.yahoo.com.
yahoo.com.              1800    IN      MX      1 b.mx.mail.yahoo.com.
yahoo.com.              1800    IN      MX      1 c.mx.mail.yahoo.com.
yahoo.com.              1800    IN      MX      1 d.mx.mail.yahoo.com.

;; AUTHORITY SECTION:
yahoo.com.              94096   IN      NS      ns5.yahoo.com.
yahoo.com.              94096   IN      NS      ns2.yahoo.com.
yahoo.com.              94096   IN      NS      NS1.yahoo.com.
yahoo.com.              94096   IN      NS      ns8.yahoo.com.
yahoo.com.              94096   IN      NS      ns4.yahoo.com.
yahoo.com.              94096   IN      NS      ns3.yahoo.com.
yahoo.com.              94096   IN      NS      ns6.yahoo.com.

;; ADDITIONAL SECTION:
a.mx.mail.yahoo.com.    1634    IN      A       67.195.168.31
b.mx.mail.yahoo.com.    1800    IN      A       74.6.136.65
c.mx.mail.yahoo.com.    1256    IN      A       206.190.54.127
d.mx.mail.yahoo.com.    1363    IN      A       209.191.88.254
e.mx.mail.yahoo.com.    1363    IN      A       67.195.168.230
f.mx.mail.yahoo.com.    1800    IN      A       98.137.54.237
g.mx.mail.yahoo.com.    1363    IN      A       98.137.54.238
h.mx.mail.yahoo.com.    1800    IN      A       66.94.236.34
ns2.yahoo.com.          94098   IN      A       68.142.255.16
ns3.yahoo.com.          94098   IN      A       121.101.152.99
ns4.yahoo.com.          94099   IN      A       68.142.196.63
ns5.yahoo.com.          94098   IN      A       119.160.247.124

;; Query time: 45 msec
;; SERVER: 192.168.1.3#53(192.168.1.3)
;; WHEN: Tue Mar 16 13:46:29 2010
;; MSG SIZE  rcvd: 497

Quote:Did you rule out the sender/recipient restrictions as the culprit?
No! But if this is the problem, i won´t be able to send a Mail to an other User on the same Machine/Domain or ?

Greez BeNe
03-16-2010 11:56 PM
Visit this user's website Find all posts by this user Quote this message in a reply
nuke3d Offline
Junior Member
*

Posts: 107
Joined: Sep 2007
Reputation: 1
Post: #4
RE: [FreeBSD] Postfix problem -> Recipient address rejected: Domain not found
The config seems pretty standard to me, though.

Did you try an authenticated smtp send? I suspect it might be because it doesn't recognize localhost as an authorized sender (unknown[127.0.0.1]).
03-17-2010 12:15 AM
Find all posts by this user Quote this message in a reply
BeNe Offline
Moderator
*****
Moderators

Posts: 5,899
Joined: Jan 2007
Reputation: 68
Post: #5
RE: [FreeBSD] Postfix problem -> Recipient address rejected: Domain not found
I used Thunderbird and not the Webmail - Voila!
Code:
Mar 16 14:31:39 root postfix/smtpd[74300]: connect from unknown[192.168.1.31]
Mar 16 14:31:39 root postfix/smtpd[74300]: warning: SASL authentication problem: unable to open Berkeley db /usr/local/etc/sasldb2: No such file or directory
Mar 16 14:31:39 root postfix/smtpd[74300]: warning: SASL authentication problem: unable to open Berkeley db /usr/local/etc/sasldb2: No such file or directory
Mar 16 14:31:39 root postfix/smtpd[74300]: warning: SASL authentication failure: Password verification failed
I will check my SASL DB...

Greez BeNe
03-17-2010 12:40 AM
Visit this user's website Find all posts by this user Quote this message in a reply
BeNe Offline
Moderator
*****
Moderators

Posts: 5,899
Joined: Jan 2007
Reputation: 68
Post: #6
RE: [FreeBSD] Postfix problem -> Recipient address rejected: Domain not found
mmmh. The /usr/local/etc/sasldb2 exist and has a chmod 600.
Maybe it has something todo with a chroot Postfix.
Found this one here --> http://www.isp-control.net/forum/thread-...l#pid47769

But is postfix on FreeBSD per default chrooted ?
I didn´t run ispCP in Jail this time so this cant be the problem.
Sirko talked also about the SALS2 situation:
Quote:If postfix runs chrooted, you'll have to set a link to /var/spool/postfix/usr/local/etc/sasldb2.db

Greez BeNe
03-17-2010 07:36 PM
Visit this user's website Find all posts by this user Quote this message in a reply
BeNe Offline
Moderator
*****
Moderators

Posts: 5,899
Joined: Jan 2007
Reputation: 68
Post: #7
RE: [FreeBSD] Postfix problem -> Recipient address rejected: Domain not found
I fixed the SASL2 problem!
By copy the ispcp´s master.conf we chroot the whole Postfix Services.
In our ispCP´s master.conf the chroot fields are set with a "-" which means "default" - and for FreeBSD chroot is default. After i disabled the chroot for the services with a "n" - it works.

I saw that the default master.conf for FreeBSD disabled chroot per default:

FreeBSD default master.conf
Code:
#
# Postfix master process configuration file.  For details on the format
# of the file, see the master(5) manual page (command: "man 5 master").
#
# Do not forget to execute "postfix reload" after editing this file.
#
# ==========================================================================
# service type  private unpriv  chroot  wakeup  maxproc command + args
#               (yes)   (yes)   (yes)   (never) (100)
# ==========================================================================
smtp      inet  n       -       n       -       -       smtpd
#submission inet n       -       n       -       -       smtpd
#  -o smtpd_tls_security_level=encrypt
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#  -o milter_macro_daemon_name=ORIGINATING
#smtps     inet  n       -       n       -       -       smtpd
#  -o smtpd_tls_wrappermode=yes
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#  -o milter_macro_daemon_name=ORIGINATING
#628       inet  n       -       n       -       -       qmqpd
pickup    fifo  n       -       n       60      1       pickup
cleanup   unix  n       -       n       -       0       cleanup
qmgr      fifo  n       -       n       300     1       qmgr
#qmgr     fifo  n       -       n       300     1       oqmgr
tlsmgr    unix  -       -       n       1000?   1       tlsmgr
rewrite   unix  -       -       n       -       -       trivial-rewrite
bounce    unix  -       -       n       -       0       bounce
defer     unix  -       -       n       -       0       bounce
trace     unix  -       -       n       -       0       bounce
verify    unix  -       -       n       -       1       verify
flush     unix  n       -       n       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
proxywrite unix -       -       n       -       1       proxymap
smtp      unix  -       -       n       -       -       smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
relay     unix  -       -       n       -       -       smtp
        -o smtp_fallback_relay=
#       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq     unix  n       -       n       -       -       showq
error     unix  -       -       n       -       -       error
retry     unix  -       -       n       -       -       error
discard   unix  -       -       n       -       -       discard
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       n       -       -       lmtp
anvil     unix  -       -       n       -       1       anvil
scache    unix  -       -       n       -       1       scache
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# Many of the following services use the Postfix pipe(8) delivery
# agent.  See the pipe(8) man page for information about ${recipient}
# and other message envelope options.
# ====================================================================
#
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
#maildrop  unix  -       n       n       -       -       pipe
#  flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
#
# ====================================================================
#
# Recent Cyrus versions can use the existing "lmtp" master.cf entry.
#
# Specify in cyrus.conf:
#   lmtp    cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4
#
# Specify in main.cf one or more of the following:
#  mailbox_transport = lmtp:inet:localhost
#  virtual_transport = lmtp:inet:localhost
#
# ====================================================================
#
# Cyrus 2.1.5 (Amos Gouaux)
# Also specify in main.cf: cyrus_destination_recipient_limit=1
#
#cyrus     unix  -       n       n       -       -       pipe
#  user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
#
# ====================================================================
#
# Old example of delivery via Cyrus.
#
#old-cyrus unix  -       n       n       -       -       pipe
#  flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
#
# ====================================================================
#
# See the Postfix UUCP_README file for configuration details.
#
#uucp      unix  -       n       n       -       -       pipe
#  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
#
# ====================================================================
#
# Other external delivery methods.
#
#ifmail    unix  -       n       n       -       -       pipe
#  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
#
#bsmtp     unix  -       n       n       -       -       pipe
#  flags=Fq. user=bsmtp argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient
#
#scalemail-backend unix -       n       n       -       2       pipe
#  flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store
#  ${nexthop} ${user} ${extension}
#
#mailman   unix  -       n       n       -       -       pipe
#  flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
#  ${nexthop} ${user}
ispCP master.conf
Code:
#
# Postfix master process configuration file.  For details on the format
# of the file, see the master(5) manual page (command: "man 5 master").
#
# ==========================================================================
# service type  private unpriv  chroot  wakeup  maxproc command + args
#               (yes)   (yes)   (yes)   (never) (100)
# ==========================================================================
smtp      inet  n       -       -       -       -       smtpd
#       -o receive_override_options=no_address_mappings                         # Uncomment this line, when unsing AMaViS
#submission inet n       -       -       -       -       smtpd
#  -o smtpd_enforce_tls=yes
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#smtps     inet  n       -       -       -       -       smtpd
#  -o smtpd_tls_wrappermode=yes
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
# For AOL-Accounts
587       inet  n       -       -       -       -       smtpd
        -o smtpd_client_restrictions=permit_sasl_authenticated,reject_unauth_destination
#628      inet  n       -       -       -       -       qmqpd
pickup    fifo  n       -       -       60      1       pickup
cleanup   unix  n       -       -       -       0       cleanup
qmgr      fifo  n       -       n       300     1       qmgr
#qmgr     fifo  n       -       -       300     1       oqmgr
tlsmgr    unix  -       -       -       1000?   1       tlsmgr
rewrite   unix  -       -       -       -       -       trivial-rewrite
bounce    unix  -       -       -       -       0       bounce
defer     unix  -       -       -       -       0       bounce
trace     unix  -       -       -       -       0       bounce
verify    unix  -       -       -       -       1       verify
flush     unix  n       -       -       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
smtp      unix  -       -       -       -       -       smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
relay     unix  -       -       -       -       -       smtp
        -o fallback_relay=
#       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq     unix  n       -       -       -       -       showq
error     unix  -       -       -       -       -       error
discard   unix  -       -       -       -       -       discard
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       -       -       -       lmtp
anvil     unix  -       -       -       -       1       anvil
scache    unix  -       -       -       -       1       scache
# ====================================================================
# ispCP Ï (OMEGA) a Virtual Hosting Control System
#
# @copyright    2001-2006 by moleSoftware GmbH
# @copyright    2006-2010 by ispCP | http://isp-control.net
# @version              SVN: $Id: master.cf 2694 2010-03-13 00:09:48Z nuxwin $
# @link                 http://isp-control.net
# @author               ispCP Team
# ====================================================================
# for AMaViS and SPAM filter support
amavis    unix  -       -       n       -       2       smtp
   -o smtp_data_done_timeout=1200
   -o smtp_send_xforward_command=yes
   -o disable_dns_lookups=yes

localhost:10025 inet  n -       n       -      -        smtpd
   -o content_filter=
   -o local_recipient_maps=
   -o relay_recipient_maps=
   -o smtpd_restriction_classes=
   -o smtpd_client_restrictions=
   -o smtpd_helo_restrictions=
   -o smtpd_sender_restrictions=
   -o smtpd_recipient_restrictions=permit_mynetworks,reject
   -o smtpd_override_options=no_address_mappings
   -o mynetworks=127.0.0.0/8
   -o strict_rfc821_envelopes=yes

# ispCP autoresponder
ispcp-arpl unix  -      n       n       -       -       pipe
  flags=O user=vmail argv=/usr/local/www/ispcp/engine/messenger/ispcp-arpl-msgr

# TLS - Activate, if TLS is avaiable/used
smtps     inet  n       -       -       -       -       smtpd
   -o smtpd_tls_wrappermode=yes
   -o smtpd_sasl_auth_enable=yes
#   -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# Many of the following services use the Postfix pipe(8) delivery
# agent.  See the pipe(8) man page for information about ${recipient}
# and other message envelope options.
# ====================================================================
#
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
maildrop  unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
#
# See the Postfix UUCP_README file for configuration details.
#
uucp      unix  -       n       n       -       -       pipe
  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
#
# Other external delivery methods.
#
ifmail    unix  -       n       n       -       -       pipe
  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp     unix  -       n       n       -       -       pipe
  flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix  -       n       n       -       2       pipe
  flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman   unix  -       n       n       -       -       pipe
  flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
  ${nexthop} ${user}

So we can disable the chroot in our master.conf in the trunk or we copy the needed files during the make install to /var/spool/postfix/usr/local/etc/

Greez BeNe
(This post was last modified: 03-20-2010 05:24 AM by BeNe.)
03-20-2010 01:41 AM
Visit this user's website Find all posts by this user Quote this message in a reply
Post Reply 


Forum Jump:


User(s) browsing this thread: 1 Guest(s)