Loading ...
Sorry, an error occurred while loading the content.
 

relay denied in postfix

Expand Messages
  • Tim Dunphy
    Hello, I ve just built a postfix server in amazon EC2 with an elastic IP. And I found that while I can connect to and send emails to my mail server when I
    Message 1 of 18 , Mar 15, 2014
      Hello,


      I've just built a postfix server in amazon EC2 with an elastic IP. And I found that while I can connect to and send emails to my mail server when I telnet to localhost when I telnet to the external FQDN I get relay denied.

      I'll first demonstrate success, then failure.

      root@mail:~# telnet localhost 25
      Trying 127.0.0.1...
      Connected to localhost.
      Escape character is '^]'.
      220 mail.example.com ESMTP Postfix (Ubuntu)
      MAIL FROM: <bluethundr@...>
      250 2.1.0 Ok
      RCPT TO: <bluethundr@...>
      250 2.1.5 Ok
      DATA
      354 End data with <CR><LF>.<CR><LF>
      Subject: Test to internal localhost
      .
      250 2.0.0 Ok: queued as B97CA24B8B
      quit

      And the logs confirm success:

      Mar 15 19:27:35 mail postfix/smtpd[5294]: B97CA24B8B: client=localhost[127.0.0.1]
      Mar 15 19:28:18 mail postfix/cleanup[5306]: B97CA24B8B: message-id=<20140315192735.B97CA24B8B@...>
      Mar 15 19:28:18 mail postfix/qmgr[5221]: B97CA24B8B: from=<bluethundr@...>, size=356, nrcpt=1 (queue active)
      Mar 15 19:28:18 mail postfix/cleanup[5306]: AD51725096: message-id=<20140315192735.B97CA24B8B@...>
      Mar 15 19:28:18 mail amavis[3401]: (03401-09) Passed BAD-HEADER-1 {RelayedOutbound,Quarantined}, LOCAL [127.0.0.1]:58766 [127.0.0.1] <bluethundr@...> -> <bluethundr@...>, quarantine: W/badh-WyjD4kEQ4Mls, Queue-ID: B97CA24B8B, Message-ID: <20140315192735.B97CA24B8B@...>, mail_id: WyjD4kEQ4Mls, Hits: -, size: 356, queued_as: AD51725096, 140 ms
      Mar 15 19:28:18 mail postfix/smtp[5317]: B97CA24B8B: to=<bluethundr@...>, relay=127.0.0.1[127.0.0.1]:10024, delay=51, delays=51/0.03/0/0.16, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as AD51725096)
      Mar 15 19:28:18 mail postfix/qmgr[5221]: B97CA24B8B: removed

      However, if I telnet to the externally available FQDN (from the mail server) I get a relay denied error:

      root@mail:~# telnet mail.example.com 25
      Trying xx.xx.xx.xx...
      Connected to mail.example.com.
      Escape character is '^]'.
      220 mail.example.com ESMTP Postfix (Ubuntu)
      MAIL FROM: <bluethundr@...>
      250 2.1.0 Ok
      RCPT TO: <bluethundr@...>
      454 4.7.1 <bluethundr@...>: Relay access denied

      In the logs when I try to telnet to the FQDN, I see this:

      Mar 15 19:38:00 mail postfix/smtpd[5392]: NOQUEUE: reject: RCPT from unknown[54.85.41.178]: 454 4.7.1 <bluethundr@...>: Relay access denied; from=<bluethundr@...> to=<bluethundr@...> proto=SMTP helo=<mail.example.com>

      I've done some googling on this, and often people do site this setting as a potential cause of this situation. Here's mine, although nothing seems to stand out: 

      smtpd_recipient_restrictions = reject_unauth_pipelining, permit_mynetworks, permit_sasl_authenticated,  reject_non_fqdn_recipient, reject_unknown_recipient_domain, reject_unauth_destination, check_policy_service inet:127.0.0.1:10023, permit

      Here is the output of postconf -n

      root@mail:~# postconf -n

      alias_database = hash:/etc/postfix/aliases

      alias_maps = hash:/etc/postfix/aliases

      append_dot_mydomain = no

      biff = no

      broken_sasl_auth_clients = no

      config_directory = /etc/postfix

      content_filter = amavis:[127.0.0.1]:10024

      delay_warning_time = 4h

      disable_vrfy_command = yes

      inet_interfaces = all

      local_recipient_maps =

      mailbox_size_limit = 0

      masquerade_domains = mail.example.com example.com !sub.dyndomain.com

      masquerade_exceptions = root

      maximal_backoff_time = 8000s

      maximal_queue_lifetime = 7d

      minimal_backoff_time = 1000s

      mydestination =

      myhostname = mail.example.com

      mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128

      mynetworks_style = host

      myorigin = example.com

      readme_directory = no

      recipient_delimiter = +

      relayhost =

      smtp_helo_timeout = 60s

      smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt

      smtp_tls_note_starttls_offer = yes

      smtp_tls_security_level = may

      smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

      smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)

      smtpd_client_restrictions = reject_rbl_client sbl.spamhaus.org, reject_rbl_client blackholes.easynet.nl

      smtpd_data_restrictions = reject_unauth_pipelining

      smtpd_delay_reject = yes

      smtpd_hard_error_limit = 12

      smtpd_helo_required = yes

      smtpd_helo_restrictions = permit_mynetworks, warn_if_reject reject_non_fqdn_hostname, reject_invalid_hostname, permit

      smtpd_recipient_limit = 16

      smtpd_recipient_restrictions = reject_unauth_pipelining, permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_unknown_recipient_domain, reject_unauth_destination, check_policy_service inet:127.0.0.1:10023, permit

      smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination

      smtpd_sasl_auth_enable = yes

      Another potential trouble area may be that I can't seem to telnet to port 25 remotely from my work station: 


      [me@home:~] #telnet mail.example.com 25

      Trying xx.xx.xx.xx..

      telnet: connect to address xx.xx.xx.xx: Operation timed out

      telnet: Unable to connect to remote host


      As mentioned this is an amazon EC2 instance, but I have opened up port 25 on the security groups and made sure that ufw (the ubuntu firewall) was not running on the instance.

      I'd definitely appreciate your esteemed advice on this!

      Thanks,

      Tim



      -- 
      GPG me!!

      gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B

    • Larry Stone
      I see two issues here. You havenÆt told it what domains to accept and youÆve defined mynetworks to be only localhost. ... Accepted and queued but no evidence
      Message 2 of 18 , Mar 15, 2014
        I see two issues here. You haven’t told it what domains to accept and you’ve defined mynetworks to be only localhost.

        On Mar 15, 2014, at 3:01 PM, Tim Dunphy <bluethundr@...> wrote:

        > Hello,
        >
        >
        > I've just built a postfix server in amazon EC2 with an elastic IP. And I found that while I can connect to and send emails to my mail server when I telnet to localhost when I telnet to the external FQDN I get relay denied.
        >
        > I'll first demonstrate success, then failure.
        >
        > And the logs confirm success:
        >
        > Mar 15 19:27:35 mail postfix/smtpd[5294]: B97CA24B8B: client=localhost[127.0.0.1]
        > Mar 15 19:28:18 mail postfix/cleanup[5306]: B97CA24B8B: message-id=<20140315192735.B97CA24B8B@...>
        > Mar 15 19:28:18 mail postfix/qmgr[5221]: B97CA24B8B: from=<bluethundr@...>, size=356, nrcpt=1 (queue active)
        > Mar 15 19:28:18 mail postfix/cleanup[5306]: AD51725096: message-id=<20140315192735.B97CA24B8B@...>
        > Mar 15 19:28:18 mail amavis[3401]: (03401-09) Passed BAD-HEADER-1 {RelayedOutbound,Quarantined}, LOCAL [127.0.0.1]:58766 [127.0.0.1] <bluethundr@...> -> <bluethundr@...>, quarantine: W/badh-WyjD4kEQ4Mls, Queue-ID: B97CA24B8B, Message-ID: <20140315192735.B97CA24B8B@...>, mail_id: WyjD4kEQ4Mls, Hits: -, size: 356, queued_as: AD51725096, 140 ms
        > Mar 15 19:28:18 mail postfix/smtp[5317]: B97CA24B8B: to=<bluethundr@...>, relay=127.0.0.1[127.0.0.1]:10024, delay=51, delays=51/0.03/0/0.16, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as AD51725096)
        > Mar 15 19:28:18 mail postfix/qmgr[5221]: B97CA24B8B: removed
        >

        Accepted and queued but no evidence of local delivery. Possibly still queued until it bounces.

        > However, if I telnet to the externally available FQDN (from the mail server) I get a relay denied error:
        >
        > root@mail:~# telnet mail.example.com 25
        > Trying xx.xx.xx.xx...
        > Connected to mail.example.com.
        > Escape character is '^]'.
        > 220 mail.example.com ESMTP Postfix (Ubuntu)
        > HELO mail.example.com
        > 250 mail.example.com
        > MAIL FROM: <bluethundr@...>
        > 250 2.1.0 Ok
        > RCPT TO: <bluethundr@...>
        > 454 4.7.1 <bluethundr@...>: Relay access denied
        >

        Because you’re now connecting from a non-localhost address and you haven’t told Postfix that’s local.


        > Here is the output of postconf -n
        >
        > mydestination =
        >

        mydestination defines what domains are to be delivered locally. You set it blank so you’re saying no domains are delivered locally.

        > mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128

        You’ve set this to make only localhost to be considered a local network address.

        See http://www.postfix.org/BASIC_CONFIGURATION_README.html for more information.

        --
        Larry Stone
        lstone19@...
        http://www.stonejongleux.com/
      • Tim Dunphy
        Hey all, I fixed the problem with being able to access the FQDN of the mail host via telnet from the command line by editing mynetworks to contain the name of
        Message 3 of 18 , Mar 15, 2014
          Hey all,

           I fixed the problem with being able to access the FQDN of the mail host via telnet from the command line by editing mynetworks to contain the name of the mail host:


          But it appears that mail IS making its way to the mail server, but being rejected once it arrives. 

          Here's an example of a mail rejected from yahoo

          Mar 16 02:27:58 mail postfix/smtpd[22335]: connect from n11-vm3.bullet.mail.bf1.external.com[66.196.81.194]

          Mar 16 02:27:59 mail postfix/smtpd[22335]: Anonymous TLS connection established from n11-vm3.bullet.mail.bf1.external.com[66.196.81.194]: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)

          Mar 16 02:27:59 mail postfix/smtpd[22335]: NOQUEUE: reject: RCPT from n11-vm3.bullet.mail.bf1.external.com[66.196.81.194]: 454 4.7.1 <bluethundr@...>: Relay access denied; from=<reg.gi3tqmjyge4dama-bluethundr=example.com@...> to=<bluethundr@...> proto=ESMTP helo=<n11-vm3.bullet.mail.bf1.external.com>

          Mar 16 02:27:59 mail postfix/smtpd[22335]: disconnect from n11-vm3.bullet.mail.bf1.external.com[66.196.81.194]

          Mar 16 02:30:55 mail postfix/smtpd[22335]: connect from n11-vm3.bullet.mail.bf1.external.com[66.196.81.194]

          Mar 16 02:30:55 mail postfix/smtpd[22335]: Anonymous TLS connection established from n11-vm3.bullet.mail.bf1.external.com[66.196.81.194]: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)

          Mar 16 02:30:55 mail postfix/smtpd[22335]: NOQUEUE: reject: RCPT from n11-vm3.bullet.mail.bf1.external.com[66.196.81.194]: 454 4.7.1 <bluethundr@...>: Relay access denied; from=<reg.gi3tqmjyge4dama-bluethundr=example.com@...> to=<bluethundr@...> proto=ESMTP helo=<n11-vm3.bullet.mail.bf1.external.com>

          Mar 16 02:30:55 mail postfix/smtpd[22335]: disconnect from n11-vm3.bullet.mail.bf1.external.com[66.196.81.194]

          Mar 16 02:31:41 mail postfix/smtpd[22335]: connect from nm48.bullet.mail.ne1.external.com[98.138.120.55]Mar 16 02:31:41 mail postfix/smtpd[22335]: NOQUEUE: reject: RCPT from nm48.bullet.mail.ne1.external.com[98.138.120.55]: 454 4.7.1 <bluethundr@...>: Relay access denied; from=<bluethundr609@...> to=<bluethundr@...> proto=SMTP helo=<nm48.bullet.mail.ne1.external.com>Mar 16 02:31:41 mail postfix/smtpd[22335]: disconnect from nm48.bullet.mail.ne1.external.com[98.138.120.55]

          Mar 16 02:33:24 mail postfix/smtpd[22335]: connect from nm48.bullet.mail.ne1.external.com[98.138.120.55]

          Mar 16 02:33:24 mail postfix/smtpd[22335]: NOQUEUE: reject: RCPT from nm48.bullet.mail.ne1.external.com[98.138.120.55]: 454 4.7.1 <bluethundr@...>: Relay access denied; from=<bluethundr609@...> to=<bluethundr@...> proto=SMTP helo=<nm48.bullet.mail.ne1.external.com>

          Mar 16 02:33:24 mail postfix/smtpd[22335]: disconnect from nm48.bullet.mail.ne1.external.com[98.138.120.55]



          And here's an example from gmail


          Mar 16 02:23:20 mail postfix/smtpd[21652]: NOQUEUE: reject: RCPT from mail-la0-f48.google.com[209.85.215.48]: 454 4.7.1 <bluethundr@...>: Relay access denied; from=<bluethundr@...> to=<bluethundr@...> proto=ESMTP helo=<mail-la0-f48.google.com>

          Mar 16 02:35:01 mail postfix/smtpd[22335]: NOQUEUE: reject: RCPT from mail-lb0-f177.google.com[209.85.217.177]: 454 4.7.1 <bluethundr@...>: Relay access denied; from=<bluethundr@...> to=<bluethundr@...> proto=ESMTP helo=<mail-lb0-f177.google.com>


          OK, so it seems as if I'm in the home stretch! What do I need to alter in my postfix configuration to get this mail server rocking?


          Thanks!

          Tim



          On Sat, Mar 15, 2014 at 4:01 PM, Tim Dunphy <bluethundr@...> wrote:
          Hello,


          I've just built a postfix server in amazon EC2 with an elastic IP. And I found that while I can connect to and send emails to my mail server when I telnet to localhost when I telnet to the external FQDN I get relay denied.

          I'll first demonstrate success, then failure.

          root@mail:~# telnet localhost 25
          Trying 127.0.0.1...
          Connected to localhost.
          Escape character is '^]'.
          220 mail.example.com ESMTP Postfix (Ubuntu)
          MAIL FROM: <bluethundr@...>
          250 2.1.0 Ok
          RCPT TO: <bluethundr@...>
          250 2.1.5 Ok
          DATA
          354 End data with <CR><LF>.<CR><LF>
          Subject: Test to internal localhost
          .
          250 2.0.0 Ok: queued as B97CA24B8B
          quit

          And the logs confirm success:

          Mar 15 19:27:35 mail postfix/smtpd[5294]: B97CA24B8B: client=localhost[127.0.0.1]
          Mar 15 19:28:18 mail postfix/cleanup[5306]: B97CA24B8B: message-id=<20140315192735.B97CA24B8B@...>
          Mar 15 19:28:18 mail postfix/qmgr[5221]: B97CA24B8B: from=<bluethundr@...>, size=356, nrcpt=1 (queue active)
          Mar 15 19:28:18 mail postfix/cleanup[5306]: AD51725096: message-id=<20140315192735.B97CA24B8B@...>
          Mar 15 19:28:18 mail amavis[3401]: (03401-09) Passed BAD-HEADER-1 {RelayedOutbound,Quarantined}, LOCAL [127.0.0.1]:58766 [127.0.0.1] <bluethundr@...> -> <bluethundr@...>, quarantine: W/badh-WyjD4kEQ4Mls, Queue-ID: B97CA24B8B, Message-ID: <20140315192735.B97CA24B8B@...>, mail_id: WyjD4kEQ4Mls, Hits: -, size: 356, queued_as: AD51725096, 140 ms
          Mar 15 19:28:18 mail postfix/smtp[5317]: B97CA24B8B: to=<bluethundr@...>, relay=127.0.0.1[127.0.0.1]:10024, delay=51, delays=51/0.03/0/0.16, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as AD51725096)
          Mar 15 19:28:18 mail postfix/qmgr[5221]: B97CA24B8B: removed

          However, if I telnet to the externally available FQDN (from the mail server) I get a relay denied error:

          root@mail:~# telnet mail.example.com 25
          Trying xx.xx.xx.xx...
          Connected to mail.example.com.
          Escape character is '^]'.
          220 mail.example.com ESMTP Postfix (Ubuntu)
          MAIL FROM: <bluethundr@...>
          250 2.1.0 Ok
          RCPT TO: <bluethundr@...>
          454 4.7.1 <bluethundr@...>: Relay access denied

          In the logs when I try to telnet to the FQDN, I see this:

          Mar 15 19:38:00 mail postfix/smtpd[5392]: NOQUEUE: reject: RCPT from unknown[54.85.41.178]: 454 4.7.1 <bluethundr@...>: Relay access denied; from=<bluethundr@...> to=<bluethundr@...> proto=SMTP helo=<mail.example.com>

          I've done some googling on this, and often people do site this setting as a potential cause of this situation. Here's mine, although nothing seems to stand out: 

          smtpd_recipient_restrictions = reject_unauth_pipelining, permit_mynetworks, permit_sasl_authenticated,  reject_non_fqdn_recipient, reject_unknown_recipient_domain, reject_unauth_destination, check_policy_service inet:127.0.0.1:10023, permit

          Here is the output of postconf -n

          root@mail:~# postconf -n

          alias_database = hash:/etc/postfix/aliases

          alias_maps = hash:/etc/postfix/aliases

          append_dot_mydomain = no

          biff = no

          broken_sasl_auth_clients = no

          config_directory = /etc/postfix

          content_filter = amavis:[127.0.0.1]:10024

          delay_warning_time = 4h

          disable_vrfy_command = yes

          inet_interfaces = all

          local_recipient_maps =

          mailbox_size_limit = 0

          masquerade_domains = mail.example.com example.com !sub.dyndomain.com

          masquerade_exceptions = root

          maximal_backoff_time = 8000s

          maximal_queue_lifetime = 7d

          minimal_backoff_time = 1000s

          mydestination =

          myhostname = mail.example.com

          mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128

          mynetworks_style = host

          myorigin = example.com

          readme_directory = no

          recipient_delimiter = +

          relayhost =

          smtp_helo_timeout = 60s

          smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt

          smtp_tls_note_starttls_offer = yes

          smtp_tls_security_level = may

          smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

          smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)

          smtpd_client_restrictions = reject_rbl_client sbl.spamhaus.org, reject_rbl_client blackholes.easynet.nl

          smtpd_data_restrictions = reject_unauth_pipelining

          smtpd_delay_reject = yes

          smtpd_hard_error_limit = 12

          smtpd_helo_required = yes

          smtpd_helo_restrictions = permit_mynetworks, warn_if_reject reject_non_fqdn_hostname, reject_invalid_hostname, permit

          smtpd_recipient_limit = 16

          smtpd_recipient_restrictions = reject_unauth_pipelining, permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_unknown_recipient_domain, reject_unauth_destination, check_policy_service inet:127.0.0.1:10023, permit

          smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination

          smtpd_sasl_auth_enable = yes

          Another potential trouble area may be that I can't seem to telnet to port 25 remotely from my work station: 


          [me@home:~] #telnet mail.example.com 25

          Trying xx.xx.xx.xx..

          telnet: connect to address xx.xx.xx.xx: Operation timed out

          telnet: Unable to connect to remote host


          As mentioned this is an amazon EC2 instance, but I have opened up port 25 on the security groups and made sure that ufw (the ubuntu firewall) was not running on the instance.

          I'd definitely appreciate your esteemed advice on this!

          Thanks,

          Tim



          -- 
          GPG me!!

          gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B




          --
          GPG me!!

          gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B

        • Larry Stone
          ... Did you read the reply I sent earlier? Apparently not. If youÆre going to ask for help, you need to actually read the help provided. -- Larry Stone
          Message 4 of 18 , Mar 15, 2014
            On Mar 15, 2014, at 9:40 PM, Tim Dunphy <bluethundr@...> wrote:

            > But it appears that mail IS making its way to the mail server, but being rejected once it arrives.

            Did you read the reply I sent earlier? Apparently not. If you’re going to ask for help, you need to actually read the help provided.

            --
            Larry Stone
            lstone19@...
          • Noel Jones
            ... Postfix doesn t know it should accept mail for example.com. example.com must be listed in *one* of mydestination, relay_domains, virtual_mailbox_domains,
            Message 5 of 18 , Mar 15, 2014
              On 3/15/2014 9:40 PM, Tim Dunphy wrote:
              > Hey all,
              >
              > But it appears that mail IS making its way to the mail server, but
              > being rejected once it arrives.
              >
              > Here's an example of a mail rejected from yahoo
              >
              >
              > Mar 16 02:27:59 mail postfix/smtpd[22335]: NOQUEUE: reject: RCPT
              > from n11-vm3.bullet.mail.bf1.external.com
              > <http://n11-vm3.bullet.mail.bf1.external.com>[66.196.81.194]: 454
              > 4.7.1 <bluethundr@... <mailto:bluethundr@...>>:
              > Relay access denied;
              > from=<reg.gi3tqmjyge4dama-bluethundr=example.com@...
              > <mailto:example.com@...>>
              > to=<bluethundr@... <mailto:bluethundr@...>>
              > proto=ESMTP helo=<n11-vm3.bullet.mail.bf1.external.com
              > <http://n11-vm3.bullet.mail.bf1.external.com>>


              Postfix doesn't know it should accept mail for example.com.

              example.com must be listed in *one* of mydestination, relay_domains,
              virtual_mailbox_domains, virtual_alias_domains, depending on where
              the mail is to be delivered.

              http://www.postfix.org/ADDRESS_CLASS_README.html
              http://www.postfix.org/BASIC_CONFIGURATION_README.html
              http://www.postfix.org/SOHO_README.html
              http://www.postfix.org/STANDARD_CONFIGURATION_README.html



              -- Noel Jones
            • Tim Dunphy
              Guys, For some reason gmail decided to shunt this conversation into my spam folder. So, sorry if I ve missed any of your replies. At any rate I had a perusal
              Message 6 of 18 , Mar 16, 2014
                Guys,

                 For some reason gmail decided to shunt this conversation into my spam folder. So, sorry if I've missed any of your replies. 

                At any rate I had a perusal of the digest form of the list and found this reply from Noel:

                Postfix doesn't know it should accept mail for example.com.
                example.com must be listed in *one* of mydestination, relay_domains,
                virtual_mailbox_domains, virtual_alias_domains, depending on where
                the mail is to be delivered.


                So my thanks to Noel. I set 'mydestination' to example.com and lo and behold my new mail server started recieving emails. In such a way that I could pull them up in the roundcube webmail interface. Neat!

                However one thing that's still puzzling me is that my routing needs SHOULD be covered by my virtual_mailbox_domains setting, as best I would know.

                This is how I have that set in main.cf :

                virtual_mailbox_domains = mysql:/etc/postfix/mysql_domains.cf


                And this is what I have in my database:

                mysql> select * from domains;

                +------+-----------------------+-----------+---------+

                | pkid | domain                | transport | enabled |

                +------+-----------------------+-----------+---------+

                |    1 | localhost             | virtual:  |       1 |

                |    2 | localhost.localdomain | virtual:  |       1 |

                |    3 | example.com          | virtual:  |       1 |

                |    4 | mail.example.com     | virtual:  |       1 |

                |    5 | example2.com             | virtual:  |       1 |

                |    6 | mail.example2.com        | virtual:  |       1 |

                +------+-----------------------+-----------+---------+

                6 rows in set (0.00 sec)


                It seems that postfix is able to read from the database, as would be evidenced of my being able to receive emails to accounts that are stored in the db. So why it's unable to read from the domains list is a bit puzzling.

                Here's my current postconf -n output if anyone would like to help with advice on why virtual domains aren't working as desired.


                [root@mail:~] #postconf -n

                alias_database = hash:/etc/postfix/aliases

                alias_maps = hash:/etc/postfix/aliases

                append_dot_mydomain = no

                biff = no

                broken_sasl_auth_clients = no

                config_directory = /etc/postfix

                content_filter = amavis:[127.0.0.1]:10024

                delay_warning_time = 4h

                disable_vrfy_command = yes

                inet_interfaces = all

                local_recipient_maps =

                mailbox_size_limit = 0

                masquerade_domains = mail.jokefire.com jokefire.com !sub.dyndomain.com

                masquerade_exceptions = root

                maximal_backoff_time = 8000s

                maximal_queue_lifetime = 7d

                minimal_backoff_time = 1000s

                mydestination = mail.jokefire.com jokefire.com

                myhostname = mail.jokefire.com

                mynetworks = 127.0.0.0/8 mail.jokefire.com

                mynetworks_style = host

                myorigin = jokefire.com

                readme_directory = no

                recipient_delimiter = +

                relayhost =

                smtp_helo_timeout = 60s

                smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt

                smtp_tls_note_starttls_offer = yes

                smtp_tls_security_level = may

                smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

                smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)

                smtpd_client_restrictions = reject_rbl_client sbl.spamhaus.org, reject_rbl_client blackholes.easynet.nl

                smtpd_data_restrictions = reject_unauth_pipelining

                smtpd_delay_reject = yes

                smtpd_hard_error_limit = 12

                smtpd_helo_required = yes

                smtpd_helo_restrictions = permit_mynetworks, warn_if_reject reject_non_fqdn_hostname, reject_invalid_hostname, permit

                smtpd_recipient_limit = 16

                smtpd_recipient_restrictions = reject_unauth_pipelining, permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_unknown_recipient_domain, reject_unauth_destination, check_policy_service inet:127.0.0.1:10023, permit

                smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination

                smtpd_sasl_auth_enable = yes

                smtpd_sasl_local_domain =

                smtpd_sasl_security_options = noanonymous

                smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks, warn_if_reject reject_non_fqdn_sender, reject_unknown_sender_domain, reject_unauth_pipelining, permit

                smtpd_soft_error_limit = 3

                smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem

                smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key

                smtpd_tls_loglevel = 1

                smtpd_tls_received_header = yes

                smtpd_tls_security_level = may

                smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache

                smtpd_tls_session_cache_timeout = 3600s

                smtpd_use_tls = yes

                tls_random_source = dev:/dev/urandom

                transport_maps = mysql:/etc/postfix/mysql_transport.cf

                unknown_local_recipient_reject_code = 450

                virtual_alias_maps = mysql:/etc/postfix/mysql_alias.cf

                virtual_gid_maps = static:5000

                virtual_mailbox_base = /var/spool/mail/virtual

                virtual_mailbox_domains = mysql:/etc/postfix/mysql_domains.cf

                virtual_mailbox_maps = mysql:/etc/postfix/mysql_mailbox.cf

                virtual_uid_maps = static:5000


                Thanks!

                Tim



                 




                On Sat, Mar 15, 2014 at 4:01 PM, Tim Dunphy <bluethundr@...> wrote:
                Hello,


                I've just built a postfix server in amazon EC2 with an elastic IP. And I found that while I can connect to and send emails to my mail server when I telnet to localhost when I telnet to the external FQDN I get relay denied.

                I'll first demonstrate success, then failure.

                root@mail:~# telnet localhost 25
                Trying 127.0.0.1...
                Connected to localhost.
                Escape character is '^]'.
                220 mail.example.com ESMTP Postfix (Ubuntu)
                MAIL FROM: <bluethundr@...>
                250 2.1.0 Ok
                RCPT TO: <bluethundr@...>
                250 2.1.5 Ok
                DATA
                354 End data with <CR><LF>.<CR><LF>
                Subject: Test to internal localhost
                .
                250 2.0.0 Ok: queued as B97CA24B8B
                quit

                And the logs confirm success:

                Mar 15 19:27:35 mail postfix/smtpd[5294]: B97CA24B8B: client=localhost[127.0.0.1]
                Mar 15 19:28:18 mail postfix/cleanup[5306]: B97CA24B8B: message-id=<20140315192735.B97CA24B8B@...>
                Mar 15 19:28:18 mail postfix/qmgr[5221]: B97CA24B8B: from=<bluethundr@...>, size=356, nrcpt=1 (queue active)
                Mar 15 19:28:18 mail postfix/cleanup[5306]: AD51725096: message-id=<20140315192735.B97CA24B8B@...>
                Mar 15 19:28:18 mail amavis[3401]: (03401-09) Passed BAD-HEADER-1 {RelayedOutbound,Quarantined}, LOCAL [127.0.0.1]:58766 [127.0.0.1] <bluethundr@...> -> <bluethundr@...>, quarantine: W/badh-WyjD4kEQ4Mls, Queue-ID: B97CA24B8B, Message-ID: <20140315192735.B97CA24B8B@...>, mail_id: WyjD4kEQ4Mls, Hits: -, size: 356, queued_as: AD51725096, 140 ms
                Mar 15 19:28:18 mail postfix/smtp[5317]: B97CA24B8B: to=<bluethundr@...>, relay=127.0.0.1[127.0.0.1]:10024, delay=51, delays=51/0.03/0/0.16, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as AD51725096)
                Mar 15 19:28:18 mail postfix/qmgr[5221]: B97CA24B8B: removed

                However, if I telnet to the externally available FQDN (from the mail server) I get a relay denied error:

                root@mail:~# telnet mail.example.com 25
                Trying xx.xx.xx.xx...
                Connected to mail.example.com.
                Escape character is '^]'.
                220 mail.example.com ESMTP Postfix (Ubuntu)
                MAIL FROM: <bluethundr@...>
                250 2.1.0 Ok
                RCPT TO: <bluethundr@...>
                454 4.7.1 <bluethundr@...>: Relay access denied

                In the logs when I try to telnet to the FQDN, I see this:

                Mar 15 19:38:00 mail postfix/smtpd[5392]: NOQUEUE: reject: RCPT from unknown[54.85.41.178]: 454 4.7.1 <bluethundr@...>: Relay access denied; from=<bluethundr@...> to=<bluethundr@...> proto=SMTP helo=<mail.example.com>

                I've done some googling on this, and often people do site this setting as a potential cause of this situation. Here's mine, although nothing seems to stand out: 

                smtpd_recipient_restrictions = reject_unauth_pipelining, permit_mynetworks, permit_sasl_authenticated,  reject_non_fqdn_recipient, reject_unknown_recipient_domain, reject_unauth_destination, check_policy_service inet:127.0.0.1:10023, permit

                Here is the output of postconf -n

                root@mail:~# postconf -n

                alias_database = hash:/etc/postfix/aliases

                alias_maps = hash:/etc/postfix/aliases

                append_dot_mydomain = no

                biff = no

                broken_sasl_auth_clients = no

                config_directory = /etc/postfix

                content_filter = amavis:[127.0.0.1]:10024

                delay_warning_time = 4h

                disable_vrfy_command = yes

                inet_interfaces = all

                local_recipient_maps =

                mailbox_size_limit = 0

                masquerade_domains = mail.example.com example.com !sub.dyndomain.com

                masquerade_exceptions = root

                maximal_backoff_time = 8000s

                maximal_queue_lifetime = 7d

                minimal_backoff_time = 1000s

                mydestination =

                myhostname = mail.example.com

                mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128

                mynetworks_style = host

                myorigin = example.com

                readme_directory = no

                recipient_delimiter = +

                relayhost =

                smtp_helo_timeout = 60s

                smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt

                smtp_tls_note_starttls_offer = yes

                smtp_tls_security_level = may

                smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

                smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)

                smtpd_client_restrictions = reject_rbl_client sbl.spamhaus.org, reject_rbl_client blackholes.easynet.nl

                smtpd_data_restrictions = reject_unauth_pipelining

                smtpd_delay_reject = yes

                smtpd_hard_error_limit = 12

                smtpd_helo_required = yes

                smtpd_helo_restrictions = permit_mynetworks, warn_if_reject reject_non_fqdn_hostname, reject_invalid_hostname, permit

                smtpd_recipient_limit = 16

                smtpd_recipient_restrictions = reject_unauth_pipelining, permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_unknown_recipient_domain, reject_unauth_destination, check_policy_service inet:127.0.0.1:10023, permit

                smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination

                smtpd_sasl_auth_enable = yes

                Another potential trouble area may be that I can't seem to telnet to port 25 remotely from my work station: 


                [me@home:~] #telnet mail.example.com 25

                Trying xx.xx.xx.xx..

                telnet: connect to address xx.xx.xx.xx: Operation timed out

                telnet: Unable to connect to remote host


                As mentioned this is an amazon EC2 instance, but I have opened up port 25 on the security groups and made sure that ufw (the ubuntu firewall) was not running on the instance.

                I'd definitely appreciate your esteemed advice on this!

                Thanks,

                Tim



                -- 
                GPG me!!

                gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B




                --
                GPG me!!

                gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B

              • Noel Jones
                ... [please post in plain-text only] Do not list your domain in more than one place, otherwise postfix will log warnings and various things may not work as
                Message 7 of 18 , Mar 16, 2014
                  On 3/16/2014 11:12 AM, Tim Dunphy wrote:
                  > Guys,
                  >
                  > For some reason gmail decided to shunt this conversation into my
                  > spam folder. So, sorry if I've missed any of your replies.
                  >
                  > At any rate I had a perusal of the digest form of the list and found
                  > this reply from Noel:
                  >
                  > Postfix doesn't know it should accept mail for example.com
                  > <http://example.com/>.
                  > example.com <http://example.com/> must be listed in *one* of
                  > mydestination, relay_domains,
                  > virtual_mailbox_domains, virtual_alias_domains, depending on where
                  > the mail is to be delivered.
                  >
                  >
                  >
                  > So my thanks to Noel. I set 'mydestination' to example.com
                  > <http://example.com> and lo and behold my new mail server started
                  > recieving emails. In such a way that I could pull them up in the
                  > roundcube webmail interface. Neat!
                  >
                  > However one thing that's still puzzling me is that my routing needs
                  > SHOULD be covered by my virtual_mailbox_domains setting, as best I
                  > would know.

                  [please post in plain-text only]

                  Do not list your domain in more than one place, otherwise postfix
                  will log warnings and various things may not work as expected.

                  Apparently your virtual_mailbox_domains lookup isn't working. Test
                  your lookup with:
                  postmap -q example.com mysql:/etc/postfix/mysql_domains.cf

                  Listed domains should return a result -- any non-empty result is
                  considered valid.

                  Nothing should be printed when testing unlisted domains.



                  -- Noel Jones
                • bluethundr@...
                  ... Good advice. Thanks. ... Hmm from this test it looks like I m not pulling any info from mysql: [root@mail:/etc/postfix] #postmap -q example.com
                  Message 8 of 18 , Mar 16, 2014
                    > Do not list your domain in more than one place, otherwise postfix
                    > will log warnings and various things may not work as expected.
                    >

                    Good advice. Thanks.


                    > Apparently your virtual_mailbox_domains lookup isn't working. Test
                    > your lookup with:
                    > postmap -q example.com mysql:/etc/postfix/mysql_domains.cf
                    >
                    > Listed domains should return a result -- any non-empty result is
                    > considered valid.
                    >
                    > Nothing should be printed when testing unlisted domains.

                    Hmm from this test it looks like I'm not pulling any info from mysql:

                    [root@mail:/etc/postfix] #postmap -q example.com
                    mysql:/etc/postfix/mysql_domains.cf
                    [root@mail:/etc/postfix] #postmap -q example.com
                    mysql:/etc/postfix/mysql_mailbox.cf
                    [root@mail:/etc/postfix] #postmap -q example.com
                    mysql:/etc/postfix/mysql_alias.cf
                    [root@mail:/etc/postfix] #postmap -q example.com
                    mysql:/etc/postfix/mysql_transport.cf

                    I actually tried testing all my mysql conf files this way and no info
                    was returned from any of them!

                    And I do have postfix-mysql installed.

                    [root@mail:/etc/postfix] #dpkg -l | grep postfix
                    ii postfix 2.10.2-1
                    amd64 High-performance mail transport agent
                    ii postfix-mysql 2.10.2-1
                    amd64 MySQL map support for Postfix

                    I'm wondering if there is some flaw in my config that is preventing
                    postfix from reading from the db? I'd really appreciate any advice you
                    might have n getting postfix to interface with mysql.

                    Thanks
                    Tim


                    On 2014-03-16 13:12, Noel Jones wrote:
                    > On 3/16/2014 11:12 AM, Tim Dunphy wrote:
                    >> Guys,
                    >>
                    >> For some reason gmail decided to shunt this conversation into my
                    >> spam folder. So, sorry if I've missed any of your replies.
                    >>
                    >> At any rate I had a perusal of the digest form of the list and found
                    >> this reply from Noel:
                    >>
                    >> Postfix doesn't know it should accept mail for example.com
                    >> <http://example.com/>.
                    >> example.com <http://example.com/> must be listed in *one* of
                    >> mydestination, relay_domains,
                    >> virtual_mailbox_domains, virtual_alias_domains, depending on where
                    >> the mail is to be delivered.
                    >>
                    >>
                    >>
                    >> So my thanks to Noel. I set 'mydestination' to example.com
                    >> <http://example.com> and lo and behold my new mail server started
                    >> recieving emails. In such a way that I could pull them up in the
                    >> roundcube webmail interface. Neat!
                    >>
                    >> However one thing that's still puzzling me is that my routing needs
                    >> SHOULD be covered by my virtual_mailbox_domains setting, as best I
                    >> would know.
                    >
                    > [please post in plain-text only]
                    >
                    > Do not list your domain in more than one place, otherwise postfix
                    > will log warnings and various things may not work as expected.
                    >
                    > Apparently your virtual_mailbox_domains lookup isn't working. Test
                    > your lookup with:
                    > postmap -q example.com mysql:/etc/postfix/mysql_domains.cf
                    >
                    > Listed domains should return a result -- any non-empty result is
                    > considered valid.
                    >
                    > Nothing should be printed when testing unlisted domains.
                    >
                    >
                    >
                    > -- Noel Jones
                  • Noel Jones
                    ... Sorry, I don t use sql and am unable to provide help beyond knowing what response postfix expects. Maybe someone else can help with your sql queries.
                    Message 9 of 18 , Mar 16, 2014
                      On 3/16/2014 12:24 PM, bluethundr@... wrote:
                      >> Apparently your virtual_mailbox_domains lookup isn't working. Test
                      >> your lookup with:
                      >> postmap -q example.com mysql:/etc/postfix/mysql_domains.cf
                      >>
                      >> Listed domains should return a result -- any non-empty result is
                      >> considered valid.
                      >>
                      >> Nothing should be printed when testing unlisted domains.
                      >
                      > Hmm from this test it looks like I'm not pulling any info from mysql:
                      >
                      > [root@mail:/etc/postfix] #postmap -q example.com
                      > mysql:/etc/postfix/mysql_domains.cf
                      > [root@mail:/etc/postfix] #postmap -q example.com
                      > mysql:/etc/postfix/mysql_mailbox.cf
                      > [root@mail:/etc/postfix] #postmap -q example.com
                      > mysql:/etc/postfix/mysql_alias.cf
                      > [root@mail:/etc/postfix] #postmap -q example.com
                      > mysql:/etc/postfix/mysql_transport.cf
                      >
                      > I actually tried testing all my mysql conf files this way and no
                      > info was returned from any of them!
                      >
                      > And I do have postfix-mysql installed.
                      >
                      > [root@mail:/etc/postfix] #dpkg -l | grep postfix
                      > ii postfix
                      > 2.10.2-1 amd64 High-performance mail
                      > transport agent
                      > ii postfix-mysql
                      > 2.10.2-1 amd64 MySQL map support for
                      > Postfix
                      >
                      > I'm wondering if there is some flaw in my config that is preventing
                      > postfix from reading from the db? I'd really appreciate any advice
                      > you might have n getting postfix to interface with mysql.
                      >
                      > Thanks
                      > Tim

                      Sorry, I don't use sql and am unable to provide help beyond knowing
                      what response postfix expects.

                      Maybe someone else can help with your sql queries. Start a new
                      thread asking about this specific problem.



                      -- Noel Jones
                    • Sergei
                      ... Try the connection specified in the files manually by logging as that exact user and running the query. You might get some useful error messages from
                      Message 10 of 18 , Mar 16, 2014
                        On Sunday 16 March 2014 13:24:10 bluethundr@... wrote:
                        > I'm wondering if there is some flaw in my config that is preventing
                        > postfix from reading from the db? I'd really appreciate any advice you
                        > might have n getting postfix to interface with mysql.

                        Try the connection specified in the files manually by logging as that exact user
                        and running the query. You might get some useful error messages from MySQL.
                      • bluethundr@...
                        ... No problem, Noel. Thanks for your response. I ll do that at some point shortly I m sure. I actually used flurdy s postfix guide for the whole thing. I sort
                        Message 11 of 18 , Mar 16, 2014
                          > Sorry, I don't use sql and am unable to provide help beyond knowing
                          > what response postfix expects.
                          >
                          > Maybe someone else can help with your sql queries. Start a new
                          > thread asking about this specific problem.

                          No problem, Noel. Thanks for your response. I'll do that at some point
                          shortly I'm sure. I actually used flurdy's postfix guide for the whole
                          thing. I sort of doubt the SQL is to blame. Maybe more of an Ubuntu
                          specific install issue where postfix can't communicate with the
                          database. Maybe I'll hit up the ubuntu forums with this problem at some
                          point.

                          Thanks again,
                          Tim

                          On 2014-03-16 20:19, Noel Jones wrote:
                          > On 3/16/2014 12:24 PM, bluethundr@... wrote:
                          >>> Apparently your virtual_mailbox_domains lookup isn't working. Test
                          >>> your lookup with:
                          >>> postmap -q example.com mysql:/etc/postfix/mysql_domains.cf
                          >>>
                          >>> Listed domains should return a result -- any non-empty result is
                          >>> considered valid.
                          >>>
                          >>> Nothing should be printed when testing unlisted domains.
                          >>
                          >> Hmm from this test it looks like I'm not pulling any info from mysql:
                          >>
                          >> [root@mail:/etc/postfix] #postmap -q example.com
                          >> mysql:/etc/postfix/mysql_domains.cf
                          >> [root@mail:/etc/postfix] #postmap -q example.com
                          >> mysql:/etc/postfix/mysql_mailbox.cf
                          >> [root@mail:/etc/postfix] #postmap -q example.com
                          >> mysql:/etc/postfix/mysql_alias.cf
                          >> [root@mail:/etc/postfix] #postmap -q example.com
                          >> mysql:/etc/postfix/mysql_transport.cf
                          >>
                          >> I actually tried testing all my mysql conf files this way and no
                          >> info was returned from any of them!
                          >>
                          >> And I do have postfix-mysql installed.
                          >>
                          >> [root@mail:/etc/postfix] #dpkg -l | grep postfix
                          >> ii postfix
                          >> 2.10.2-1 amd64 High-performance mail
                          >> transport agent
                          >> ii postfix-mysql
                          >> 2.10.2-1 amd64 MySQL map support for
                          >> Postfix
                          >>
                          >> I'm wondering if there is some flaw in my config that is preventing
                          >> postfix from reading from the db? I'd really appreciate any advice
                          >> you might have n getting postfix to interface with mysql.
                          >>
                          >> Thanks
                          >> Tim
                          >
                          > Sorry, I don't use sql and am unable to provide help beyond knowing
                          > what response postfix expects.
                          >
                          > Maybe someone else can help with your sql queries. Start a new
                          > thread asking about this specific problem.
                          >
                          >
                          >
                          > -- Noel Jones
                        • bluethundr@...
                          Hi Sergei ... I tried pulling the info specified in the mysql_domains.cf file that s specified to retrieve domain info in my postfix setup. Here s what the
                          Message 12 of 18 , Mar 16, 2014
                            Hi Sergei

                            > Try the connection specified in the files manually by logging as that
                            > exact user
                            > and running the query. You might get some useful error messages from
                            > MySQL.

                            I tried pulling the info specified in the mysql_domains.cf file that's
                            specified to retrieve domain info in my postfix setup. Here's what the
                            file looks like:

                            [root@mail:/etc/postfix] #cat mysql_domains.cf
                            user=mail
                            password=secret
                            dbname=maildb
                            table=domains
                            select_field=domain
                            where_field=domain
                            hosts=127.0.0.1
                            additional_conditions = and enabled = 10

                            And I'm able to pull the info from the command line using the query
                            specified in the file:

                            [root@mail:/etc/postfix] #mysql -umail -p -h 127.0.0.1 maildb -e "select
                            domain from domains where domain like 'example.com'"
                            Enter password:
                            +--------------+
                            | domain |
                            +--------------+
                            | example.com |
                            +--------------+


                            Yet, nothing is still returned by querying the file using postmap:

                            [root@mail:/etc/postfix] #postmap -q example.com
                            mysql:/etc/postfix/mysql_domains.cf
                            [root@mail:/etc/postfix] #


                            Any further ideas would be welcome.

                            Thanks,
                            Tim
                          • Sergei
                            ... I am not familiar with this syntax. I use the following: user = mail password = secret hosts = 127.0.0.1 dbname = maildb query = SELECT * FROM domains
                            Message 13 of 18 , Mar 16, 2014
                              On Sunday 16 March 2014 21:19:24 bluethundr@... wrote:
                              > user=mail
                              > password=secret
                              > dbname=maildb
                              > table=domains
                              > select_field=domain
                              > where_field=domain
                              > hosts=127.0.0.1
                              > additional_conditions = and enabled = 10

                              I am not familiar with this syntax. I use the following:

                              user = mail
                              password = secret
                              hosts = 127.0.0.1
                              dbname = maildb
                              query = SELECT * FROM domains WHERE domain='%s'

                              You might want to try this instead.
                            • Viktor Dukhovni
                              ... Better: query = SELECT domain FROM domains WHERE domain= %s AND enabled = 10 there is no need to select all the columns. (No idea what the significance
                              Message 14 of 18 , Mar 16, 2014
                                On Mon, Mar 17, 2014 at 02:28:02AM +0100, Sergei wrote:

                                > On Sunday 16 March 2014 21:19:24 bluethundr@... wrote:
                                > > user=mail
                                > > password=secret
                                > > dbname=maildb
                                > > table=domains
                                > > select_field=domain
                                > > where_field=domain
                                > > hosts=127.0.0.1
                                > > additional_conditions = and enabled = 10
                                >
                                > I am not familiar with this syntax. I use the following:
                                >
                                > user = mail
                                > password = secret
                                > hosts = 127.0.0.1
                                > dbname = maildb
                                > query = SELECT * FROM domains WHERE domain='%s'

                                Better:

                                query = SELECT domain FROM domains WHERE domain='%s' AND enabled = 10

                                there is no need to select all the columns. (No idea what the
                                significance of "enabled = 10" is, except that seemingly this is
                                what the OP wants or perhaps it is the reason why no results are
                                returned).

                                --
                                Viktor.
                              • bluethundr@...
                                ... Thanks guys! This did the trick! However it looks like I have a type-o causing the problems. Instead of enabled = 10 should be enabled = 1 . LOL user =
                                Message 15 of 18 , Mar 16, 2014
                                  On 2014-03-16 21:32, Viktor Dukhovni wrote:
                                  > On Mon, Mar 17, 2014 at 02:28:02AM +0100, Sergei wrote:
                                  >
                                  >> On Sunday 16 March 2014 21:19:24 bluethundr@... wrote:
                                  >> > user=mail
                                  >> > password=secret
                                  >> > dbname=maildb
                                  >> > table=domains
                                  >> > select_field=domain
                                  >> > where_field=domain
                                  >> > hosts=127.0.0.1
                                  >> > additional_conditions = and enabled = 10
                                  >>
                                  >> I am not familiar with this syntax. I use the following:
                                  >>
                                  >> user = mail
                                  >> password = secret
                                  >> hosts = 127.0.0.1
                                  >> dbname = maildb
                                  >> query = SELECT * FROM domains WHERE domain='%s'
                                  >
                                  > Better:
                                  >
                                  > query = SELECT domain FROM domains WHERE domain='%s' AND enabled =
                                  > 10
                                  >
                                  > there is no need to select all the columns. (No idea what the
                                  > significance of "enabled = 10" is, except that seemingly this is
                                  > what the OP wants or perhaps it is the reason why no results are
                                  > returned).


                                  Thanks guys! This did the trick! However it looks like I have a type-o
                                  causing the problems. Instead of 'enabled = 10' should be 'enabled = 1'.
                                  LOL

                                  user = mail
                                  password = secret
                                  hosts = 127.0.0.1
                                  dbname = maildb
                                  query = SELECT * FROM domains WHERE domain='%s' AND enabled = 1

                                  Using the above query works fine with postfix:

                                  [root@mail:/etc/postfix] #postmap -q example.com
                                  mysql:/etc/postfix/mysql_domains.cf
                                  3,example.com,virtual:,1

                                  Once again, thank you ALL for your suggestions. Glad we got this one
                                  solved.

                                  Tim
                                • bluethundr@...
                                  ... Actually I should probably point out that the original syntax does work better: [root@mail:/etc/postfix] #cat mysql_domains.cf user=mail password=secret
                                  Message 16 of 18 , Mar 16, 2014
                                    On 2014-03-16 21:52, bluethundr@... wrote:
                                    > On 2014-03-16 21:32, Viktor Dukhovni wrote:
                                    >> On Mon, Mar 17, 2014 at 02:28:02AM +0100, Sergei wrote:
                                    >>
                                    >>> On Sunday 16 March 2014 21:19:24 bluethundr@... wrote:
                                    >>> > user=mail
                                    >>> > password=secret
                                    >>> > dbname=maildb
                                    >>> > table=domains
                                    >>> > select_field=domain
                                    >>> > where_field=domain
                                    >>> > hosts=127.0.0.1
                                    >>> > additional_conditions = and enabled = 10
                                    >>>
                                    >>> I am not familiar with this syntax. I use the following:
                                    >>>
                                    >>> user = mail
                                    >>> password = secret
                                    >>> hosts = 127.0.0.1
                                    >>> dbname = maildb
                                    >>> query = SELECT * FROM domains WHERE domain='%s'
                                    >>
                                    >> Better:
                                    >>
                                    >> query = SELECT domain FROM domains WHERE domain='%s' AND enabled =
                                    >> 10
                                    >>
                                    >> there is no need to select all the columns. (No idea what the
                                    >> significance of "enabled = 10" is, except that seemingly this is
                                    >> what the OP wants or perhaps it is the reason why no results are
                                    >> returned).
                                    >
                                    >
                                    > Thanks guys! This did the trick! However it looks like I have a type-o
                                    > causing the problems. Instead of 'enabled = 10' should be 'enabled =
                                    > 1'. LOL
                                    >
                                    > user = mail
                                    > password = secret
                                    > hosts = 127.0.0.1
                                    > dbname = maildb
                                    > query = SELECT * FROM domains WHERE domain='%s' AND enabled = 1
                                    >
                                    > Using the above query works fine with postfix:
                                    >
                                    > [root@mail:/etc/postfix] #postmap -q example.com
                                    > mysql:/etc/postfix/mysql_domains.cf
                                    > 3,example.com,virtual:,1
                                    >
                                    > Once again, thank you ALL for your suggestions. Glad we got this one
                                    > solved.
                                    >


                                    Actually I should probably point out that the original syntax does work
                                    better:

                                    [root@mail:/etc/postfix] #cat mysql_domains.cf
                                    user=mail
                                    password=secret
                                    dbname=maildb
                                    table=domains
                                    select_field=domain
                                    where_field=domain
                                    hosts=127.0.0.1
                                    additional_conditions = and enabled = 1


                                    [root@mail:/etc/postfix] #postmap -q example.com
                                    mysql:/etc/postfix/mysql_domains.cf
                                    example.com

                                    As opposed to the following output:

                                    [root@mail:/etc/postfix] #postmap -q example.com
                                    > mysql:/etc/postfix/mysql_domains.cf
                                    > 3,example.com,virtual:,1

                                    Using this syntax:

                                    > user = mail
                                    > password = secret
                                    > hosts = 127.0.0.1
                                    > dbname = maildb
                                    > query = SELECT * FROM domains WHERE domain='%s' AND enabled = 1

                                    Tim
                                  • Viktor Dukhovni
                                    ... Inattention to detail! ... Because you re selecting all the columns. ... See above. The syntax you re using is obsolete. Use query = ... . -- Viktor.
                                    Message 17 of 18 , Mar 16, 2014
                                      On Sun, Mar 16, 2014 at 10:04:38PM -0400, bluethundr@... wrote:

                                      > > Better:
                                      > >
                                      > > query = SELECT domain FROM domains WHERE domain='%s' AND enabled = 10
                                      > >
                                      > > there is no need to select all the columns. (No idea what the
                                      > > significance of "enabled = 10" is, except that seemingly this is
                                      > > what the OP wants or perhaps it is the reason why no results are
                                      > > returned).
                                      >
                                      > Actually I should probably point out that the original syntax does work
                                      > better:

                                      Inattention to detail!

                                      > [root@mail:/etc/postfix] #postmap -q example.com
                                      > >mysql:/etc/postfix/mysql_domains.cf
                                      > >3,example.com,virtual:,1

                                      Because you're selecting all the columns.

                                      > Using this syntax:
                                      >
                                      > >user = mail
                                      > >password = secret
                                      > >hosts = 127.0.0.1
                                      > >dbname = maildb
                                      > >query = SELECT * FROM domains WHERE domain='%s' AND enabled = 1

                                      See above. The syntax you're using is obsolete. Use "query = ...".

                                      --
                                      Viktor.
                                    • bluethundr@...
                                      ... Unfortunately. :-( ... OK, you talked me into it! :-) I tried your suggested syntax in action with my setup. It works. I m keeping it. Appreciate the
                                      Message 18 of 18 , Mar 16, 2014
                                        On 2014-03-16 22:27, Viktor Dukhovni wrote:
                                        > On Sun, Mar 16, 2014 at 10:04:38PM -0400, bluethundr@...
                                        > wrote:
                                        >
                                        >> > Better:
                                        >> >
                                        >> > query = SELECT domain FROM domains WHERE domain='%s' AND enabled = 10
                                        >> >
                                        >> > there is no need to select all the columns. (No idea what the
                                        >> > significance of "enabled = 10" is, except that seemingly this is
                                        >> > what the OP wants or perhaps it is the reason why no results are
                                        >> > returned).
                                        >>
                                        >> Actually I should probably point out that the original syntax does
                                        >> work
                                        >> better:
                                        >
                                        > Inattention to detail!

                                        Unfortunately. :-(

                                        >
                                        >> [root@mail:/etc/postfix] #postmap -q example.com
                                        >> >mysql:/etc/postfix/mysql_domains.cf
                                        >> >3,example.com,virtual:,1
                                        >
                                        > Because you're selecting all the columns.
                                        >
                                        >> Using this syntax:
                                        >>
                                        >> >user = mail
                                        >> >password = secret
                                        >> >hosts = 127.0.0.1
                                        >> >dbname = maildb
                                        >> >query = SELECT * FROM domains WHERE domain='%s' AND enabled = 1
                                        >
                                        > See above. The syntax you're using is obsolete. Use "query = ...".

                                        OK, you talked me into it! :-) I tried your suggested syntax in action
                                        with my setup. It works. I'm keeping it. Appreciate the advice!

                                        Tim
                                      Your message has been successfully submitted and would be delivered to recipients shortly.