[Mailman-Users] non-delivery to virtual domain
Mark Sapiro
mark at msapiro.net
Mon Nov 1 06:22:52 CET 2010
On 10/31/10 4:56 PM, David Newman wrote:
> On 10/31/10 9:09 AM, Mark Sapiro wrote:
>>
>> What exactly does the Postfix log (maillog) say about the delivery to
>> one of these addresses?
>
>
> maillog says status is "sent" to all list subscribers. The test list,
> called "s", has one subscriber in domain1.tld on this server (who got
> the initial welcome to this list message from Mailman but not any
> messages) and one subscriber in another domain somewhere else (who gets
> all messages.
>
> Again, postfix tells the maillog that a message sent to the list address
> is "status=sent" to both subscribers.
And what is the rest of the information in those log messages, i.e. the
remainder of the sent= and the relay= for example. Please post the
entire log line.
>>
>>
>>> I've followed the setup instructions here, doing section 6.1.2 before
>>> 6.1.1 (given the link about doing virtual stuff first):
>>>
>>> http://mailman.sourceforge.net/mailman-install/postfix-virtual.html
>>> http://mailman.sourceforge.net/mailman-install/postfix-integration.html
>>
>>
>> This normally only affects delivery TO a list in a virtual domain. If
>> done properly, it should not affect delivery to any non-list address
>> in the virtual domains.
>
> Sorry if I was unclear. Mail delivery to and from non-list addresses in
> virtual domains on this server works fine. The only messages that are
> not being delivered are those to a subscriber in domain1.tld on this
> server. (I haven't yet tried subscribing anyone in domain2.tld or
> domain3.tld.)
You were clear. I was only trying to say that those Postfix
configurations only affect mail TO mailman. They don't affect the issue
you are asking about.
>>> I've pasted the config files below.
>>>
>>> Thanks in advance for clues on getting Mailman to deliver to virtual
>>> addresses on this server.
>>
>>
>> This is almost certainly a Postfix issue rather than a Mailman issue.
>> If there is nothing in Mailman's smtp-failure log, Mailman has
>> delivered the message whith the local virtual recipients included to
>> Postfix and Postfix has accepted it.
>>
>> See additional comments inline below.
>>
>>
>>> server hostname:
>>> mail.domain1.tld
>>>
>>> virtual domains:
>>> domain1.tld # (not its real name!)
>>> domain2.tld
>>> domain3.tld
>
> Just to clarify: domain1.tld is not virtual, in the sense that the
> server's canonical hostname is mail.domain1.tld. However, addresses
> defined in this domain are virtual -- these users do not have local
> accounts on this server. Again, non-list mail to and from these users
> works as expected.
>
>
>>>
>>> -----
>>>
>> >from /etc/postfix/main.cf:
>>>
>>> ..
>>>
>>> myhostname = mail.domain1.tld
>>> mydomain = domain1.tld
>>> mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
>>>
>>> ..
>>>
>>> alias_maps = hash:/etc/mail/aliases, hash:/usr/local/mailman/data/aliases
>>>
>>> virtual_alias_maps =
>>> proxy:mysql:/etc/postfix/sql/forwardings.cf
>>> proxy:mysql:/etc/postfix/sql/email2email.cf
>>> hash:/usr/local/mailman/data/domain1-tld
>>> hash:/usr/local/mailman/data/virtual-mailman
>>
>>
>> Full output from "postconf -n" might help.
>
> Here you go:
>
> alias_database = hash:/etc/mail/aliases
> alias_maps = hash:/etc/mail/aliases, hash:/usr/local/mailman/data/aliases
> command_directory = /usr/local/sbin
> config_directory = /etc/postfix
> daemon_directory = /usr/local/libexec/postfix
> header_checks = pcre:/etc/postfix/header_checks.pcre
> mail_owner = _postfix
> mailq_path = /usr/local/sbin/mailq
> manpage_directory = /usr/local/man
> message_size_limit = 27962027
> milter_connect_macros = j {daemon_name} v _
> milter_default_action = tempfail
> milter_header_checks = pcre:/etc/postfix/milter_header_checks
> mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
> mydomain = domain1.tld
> myhostname = mail.domain1.tld
> mynetworks = 127.0.0.0/8
> newaliases_path = /usr/bin/newaliases
> proxy_read_maps = proxy:mysql:/etc/postfix/sql/routing.cf
> proxy:mysql:/etc/postfix/sql/domains.cf
> proxy:mysql:/etc/postfix/sql/mailboxes.cf
> proxy:mysql:/etc/postfix/sql/user.cf
> proxy:mysql:/etc/postfix/sql/group.cf
> proxy:mysql:/etc/postfix/sql/forwardings.cf
> proxy:mysql:/etc/postfix/sql/email2email.cf proxy:unix:passwd.byname
> unix:passwd.byname
> queue_directory = /var/spool/postfix
> readme_directory = /usr/local/share/doc/postfix/readme
> recipient_delimiter = +
> relay_domains = proxy:mysql:/etc/postfix/sql/routing.cf
> sample_directory = /etc/postfix
> sendmail_path = /usr/local/sbin/sendmail
> setgid_group = _postdrop
> smtp_tls_cert_file = /etc/ssl/server.crt
> smtp_tls_key_file = /etc/ssl/private/server.key
> smtp_tls_security_level = may
> smtpd_delay_reject = yes
> smtpd_helo_required = yes
> smtpd_milters = unix:/tmp/clamav-milter.sock
> smtpd_recipient_restrictions = permit_mynetworks,
> permit_sasl_authenticated, reject_unauth_destination,
> reject_unauth_pipelining, reject_invalid_hostname,
> reject_unknown_sender_domain, reject_unknown_recipient_domain,
> reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_rbl_client
> zen.spamhaus.org
> smtpd_sasl_auth_enable = yes
> smtpd_sasl_local_domain =
> smtpd_sasl_security_options = noanonymous
> smtpd_tls_auth_only = yes
> smtpd_tls_cert_file = /etc/ssl/server.crt
> smtpd_tls_key_file = /etc/ssl/private/server.key
> smtpd_tls_received_header = yes
> smtpd_tls_security_level = may
> smtpd_use_tls = yes
> strict_rfc821_envelopes = yes
> transport_maps = proxy:mysql:/etc/postfix/sql/routing.cf
> unknown_local_recipient_reject_code = 550
> virtual_alias_domains =
Here you want
virtual_alias_domains = domain2.tld, domain3.tld
> virtual_alias_maps = proxy:mysql:/etc/postfix/sql/forwardings.cf
> proxy:mysql:/etc/postfix/sql/email2email.cf
> hash:/usr/local/mailman/data/domain1.tld
and remove the above which may possibly fix your problem.
> hash:/usr/local/mailman/data/virtual-mailman
> virtual_gid_maps = proxy:mysql:/etc/postfix/sql/group.cf
> virtual_mailbox_domains = proxy:mysql:/etc/postfix/sql/domains.cf
> virtual_mailbox_maps = proxy:mysql:/etc/postfix/sql/mailboxes.cf
> virtual_minimum_uid = 1000
> virtual_transport = dovecot
> virtual_uid_maps = proxy:mysql:/etc/postfix/sql/user.cf
>
>
>>
>>
>>> -----
>>>
>> >from /usr/local/mailman/Mailman/mm_cfg.py:
>>>
>>> MTA = 'Postfix'
>>> MAILMAN_SITE_LIST = 'mailman'
>>> DEFAULT_EMAIL_HOST = 'domain1.tld'
>>> DEFAULT_URL_HOST = 'mail.domain1.tld'
>>> DEFAULT_URL_PATTERN = 'https://%s/mailman/'
>>> PUBLIC_ARCHIVE_URL = 'https://%(hostname)s/pipermail/%(listname)s'
>>> IMAGE_LOGOS = '/icons/'
>>> POSTFIX_ALIAS_CMD = '/usr/local/sbin/postalias'
>>> POSTFIX_MAP_CMD = '/usr/local/sbin/postmap'
>>> POSTFIX_STYLE_VIRTUAL_DOMAINS = [ 'domain2.tld', 'domain3.tld' ]
>>> # Clear the Defaults.py VIRTUAL_HOSTS entry
>>> VIRTUAL_HOSTS.clear()
>>> add_virtualhost('DEFAULT_EMAIL_HOST', 'DEFAULT_URL_HOST')
>>
>>
>> The above is backwards. It should be
>>
>> add_virtualhost('DEFAULT_URL_HOST', 'DEFAULT_EMAIL_HOST')
>>
>>
>>> add_virtualhost('domain2.tld', 'domain2.tld')
>>> add_virtualhost('domain3.tld', 'domain3.tld')
>>
>>
>> However, nothing here affects delivery of mail FROM mailman.
>>
>
> OK
>
>>
>>> -----
>>>
>>> /usr/local/mailman/data/aliases
>>>
>>>
>>> # The ultimate loop stopper address
>>> mailman-loop: /usr/local/mailman/data/owner-bounces.mbox
>>>
>>> # STANZA START: mailman
>>> # CREATED: Sat Oct 30 11:23:37 2010
>>> mailman: "|/usr/local/mailman/mail/mailman post mailman"
>>> mailman-admin: "|/usr/local/mailman/mail/mailman admin mailman"
>>> mailman-bounces: "|/usr/local/mailman/mail/mailman bounces mailman"
>>> mailman-confirm: "|/usr/local/mailman/mail/mailman confirm mailman"
>>> mailman-join: "|/usr/local/mailman/mail/mailman join mailman"
>>> mailman-leave: "|/usr/local/mailman/mail/mailman leave mailman"
>>> mailman-owner: "|/usr/local/mailman/mail/mailman owner mailman"
>>> mailman-request: "|/usr/local/mailman/mail/mailman request mailman"
>>> mailman-subscribe: "|/usr/local/mailman/mail/mailman subscribe mailman"
>>> mailman-unsubscribe: "|/usr/local/mailman/mail/mailman unsubscribe mailman"
>>> # STANZA END: mailman
>>>
>>> # STANZA START: s
>>> # CREATED: Sat Oct 30 11:35:12 2010
>>> s: "|/usr/local/mailman/mail/mailman post s"
>>> s-admin: "|/usr/local/mailman/mail/mailman admin s"
>>> s-bounces: "|/usr/local/mailman/mail/mailman bounces s"
>>> s-confirm: "|/usr/local/mailman/mail/mailman confirm s"
>>> s-join: "|/usr/local/mailman/mail/mailman join s"
>>> s-leave: "|/usr/local/mailman/mail/mailman leave s"
>>> s-owner: "|/usr/local/mailman/mail/mailman owner s"
>>> s-request: "|/usr/local/mailman/mail/mailman request s"
>>> s-subscribe: "|/usr/local/mailman/mail/mailman subscribe s"
>>> s-unsubscribe: "|/usr/local/mailman/mail/mailman unsubscribe s"
>>> # STANZA END: s
>>
>>
>> Likewise, the aliases above only affect delivery TO the mailman and s
>> lists.
>
> OK
>
>>
>>
>>> -----
>>>
>>> /usr/local/etc/mailman/data/domain1-tld:
>>>
>>> domain1.tld IGNORE
>>> @domain1.tld @mail.domain1.tld
>>
>>
>> This file and its reference in virtual_alias_maps is conflicting as
>> this says domain1.tld is a virtual alias domain and its presence in
>> mydestination says it's not. Also, this is obsolete in Postfix. The
>> current method of specifying to postfix that a domain is a virtual
>> alias domain is to list it in virtual_alias_domains in main.cf.
>
> This came from section 6.1.2 of the Mailman docs on integration with
> postfix. This, along with the part at the top of section 6.1.1 saying to
> do this stuff first, is perhaps the most confusing part of the Mailman
> docs. If this method is obsolete in Postfix, it's time to revise these
> docs (and as a sometime tech writer I volunteer to help once I
> understand this).
>
> Just double-checking: I think you're saying to treat domain1.tld as a
> virtual alias domain. True?
No. I'm saying domain1.tld is not currently treated as a virtual domain
in Postfix except for the above file and its reference in
virtual_alias_maps. I think both the ile and the reference should be
removed.
> If so I think the changes to do this would be:
>
> 1. in main.cf, delete the myhostname and mydomain lines ((not sure these
> are strictly needed given that postfix gets these anyway from
> gethostbyname() ))
>
> 2. in main.cf, remove $mydomain from $mydestination
I think you should leave the above as is.
> 3. in main.cf, delete '/usr/local/etc/mailman/data/domain1-tld' from
> virtual_alias_maps
As I said above, I think you should do this.
>>
>>
>>> -----
>>>
>>> /usr/local/mailman/data/virtual-mailman:
>>>
>>> # LOOP ADDRESSES START
>>> mailman-loop at domain1.tld mailman-loop
>>> # LOOP ADDRESSES END
>>>
>>> # STANZA START: s
>>> # CREATED: Sat Oct 30 11:35:12 2010
>>> s at domain1.tld s
>>> s-admin at domain1.tld s-admin
>>> s-bounces at domain1.tld s-bounces
>>> s-confirm at domain1.tld s-confirm
>>> s-join at domain1.tld s-join
>>> s-leave at domain1.tld s-leave
>>> s-owner at domain1.tld s-owner
>>> s-request at domain1.tld s-request
>>> s-subscribe at domain1.tld s-subscribe
>>> s-unsubscribe at domain1.tld s-unsubscribe
>>> # STANZA END: s
>>
>>
>> And this virtual mapping only affects delivery to the s at domain1.tld
>> list and it's associated admin addresses, but since domain1.tld is not
>> in POSTFIX_STYLE_VIRTUAL_DOMAINS (which is correct because it is in
>> main.cf mydestination which makes it a postfix local domain), why is
>> this list in virtual-mailman at all.
>
> Clearly I'm confused as to whether domain1.tld should or should not be
> defined as a virtual domain. The Mailman docs on postfix integration say
> no, but I think you're saying to treat it as a virtual domain.
No, I'm saying it's not a virtual domain and should not be treated as such.
I'm also asking how the above virtual-mailman got created with entries
for s*@domain1.tld when domain1.tld is not in
POSTFIX_STYLE_VIRTUAL_DOMAINS in the first place?
Also, it appears you are taking
<http://mailman.sourceforge.net/mailman-install/postfix-virtual.html>
much too literally. That section describes a complicated situation which
is not typically encountered in practice. And yes, it should probably be
heavily revised.
--
Mark Sapiro <mark at msapiro.net> The highway is for gamblers,
San Francisco Bay Area, California Better use your sense - B. Dylan
More information about the Mailman-Users
mailing list