I am using Webmin/Virtualmin with Dovecot and Sendmail. I can send and receive mail from the primary user for each domain, but can only send mail from additional users for each domain. Any ideas? There is nothing in the /var/log/maillog. The emails bounce back to the sender with a user unknown error.
Are you sure? I so, your DNS or something else is bogus. Even a failed attempt to send or retrieve mail will produce log entries.
Also, why are you using sendmail if you aren’t an expert at managing sendmail? Posfix is the default and what we’re much more likely to be willing and able to help you with.
`Preformatted text At your suggestion, I removed Sendmail and configured Postfix and Dovecot according to a step by step online tutorial that includes SASL. After that, I was able to get Postfix to resume logging my editing and restarting rsyslog. I can send from all mailboxes but can't receive at any of them. When I send from an external email address, it bounces back with this error message:
<david.davidg@us.us> (expanded from <david@davidgmedia.com>): Host or domain
name not found. Name service error for name=us.us type=A: Host not found
Diagnostic-Code: X-Postfix; Host or domain name not found. Name service error
for name=us.us type=A: Host not found
The maillog file that shows these actions: (Sorry, I don't see an attachment option).
Jun 11 09:49:04 localhost sendmail[14168]: 05BGn34g014168: from=davidg@davidgmedia.com, size=472, class=0, nrcpts=1, msgid=<1591894143.14136@davidgmedia.com>, relay=root@localhost
Jun 11 09:49:04 localhost postfix/smtpd[14184]: warning: cannot get RSA certificate from file /etc/pki/dovecot/certs/dovecot.pem: disabling TLS support
Jun 11 09:49:04 localhost postfix/smtpd[14184]: warning: TLS library problem: 14184:error:0200100D:system library:fopen:Permission denied:bss_file.c:402:fopen('/etc/pki/dovecot/certs/dovecot.pem','r'):
Jun 11 09:49:04 localhost postfix/smtpd[14184]: warning: TLS library problem: 14184:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:404:
Jun 11 09:49:04 localhost postfix/smtpd[14184]: warning: TLS library problem: 14184:error:140DC002:SSL routines:SSL_CTX_use_certificate_chain_file:system lib:ssl_rsa.c:701:
Jun 11 09:49:04 localhost postfix/smtpd[14184]: connect from localhost[127.0.0.1]
Jun 11 09:49:04 localhost postfix/smtpd[14184]: 8244C2430: client=localhost[127.0.0.1]
Jun 11 09:49:04 localhost postfix/cleanup[14189]: 8244C2430: message-id=<1591894143.14136@davidgmedia.com>
Jun 11 09:49:04 localhost sendmail[14168]: 05BGn34g014168: to=david@garlock.us, ctladdr=davidg@davidgmedia.com (0/0), delay=00:00:01, xdelay=00:00:00, mailer=relay, pri=30472, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (Ok: queued as 8244C2430)
Jun 11 09:49:04 localhost postfix/qmgr[11358]: 8244C2430: from=<davidg@davidgmedia.com>, size=815, nrcpt=1 (queue active)
Jun 11 09:49:05 localhost postfix/smtpd[14184]: disconnect from localhost[127.0.0.1]
Jun 11 09:49:05 localhost postfix/smtp[14201]: 8244C2430: to=<david@garlock.us>, relay=mx00.1and1.com[74.208.5.3]:25, delay=0.7, delays=0.27/0.03/0.18/0.22, dsn=2.0.0, status=sent (250 Requested mail action okay, completed: id=1MDhEZ-1jbQJS1gV5-00AlzB)
Jun 11 09:49:05 localhost postfix/qmgr[11358]: 8244C2430: removed
Jun 11 09:49:25 localhost postfix/smtpd[14184]: connect from mout.perfora.net[74.208.4.194]
Jun 11 09:49:25 localhost postfix/smtpd[14184]: 4BC992430: client=mout.perfora.net[74.208.4.194]
Jun 11 09:49:25 localhost postfix/cleanup[14189]: 4BC992430: message-id=<a52b8c5b-1858-a154-78fe-407974dc2a87@garlock.us>
Jun 11 09:49:25 localhost postfix/qmgr[11358]: 4BC992430: from=<david@garlock.us>, size=2269, nrcpt=1 (queue active)
Jun 11 09:49:25 localhost postfix/smtpd[14184]: disconnect from mout.perfora.net[74.208.4.194]
Jun 11 09:49:25 localhost postfix/smtp[14201]: 4BC992430: to=<davidg@us.us>, orig_to=<davidg@davidgmedia.com>, relay=none, delay=0.28, delays=0.17/0/0.12/0, dsn=5.4.4, status=bounced (Host or domain name not found. Name service error for name=us.us type=A: Host not found)
Jun 11 09:49:25 localhost postfix/cleanup[14189]: A2ED65716: message-id=<20200611164925.A2ED65716@davidgmedia.us>
Jun 11 09:49:25 localhost postfix/qmgr[11358]: A2ED65716: from=<>, size=4165, nrcpt=1 (queue active)
Jun 11 09:49:25 localhost postfix/bounce[14500]: 4BC992430: sender non-delivery notification: A2ED65716
Jun 11 09:49:25 localhost postfix/qmgr[11358]: 4BC992430: removed
Jun 11 09:49:26 localhost postfix/smtp[14201]: A2ED65716: to=<david@garlock.us>, relay=mx00.1and1.com[74.208.5.3]:25, delay=0.36, delays=0.04/0/0.09/0.23, dsn=2.0.0, status=sent (250 Requested mail action okay, completed: id=1MfZ0m-1jGzOQ0mK0-00g2eM)
Jun 11 09:49:26 localhost postfix/qmgr[11358]: A2ED65716: removed
Thank you very much for looking at this. So far, I have found Webmin/Virtualmin a great alternative to WHM/CPanel and I hope that I can get this worked out.
DavidGIt’d probably be smartest to start from a fresh OS install and use our install.sh. It sets everything up in the way we’re accustomed to (and that we know works well for most people most of the time).
But, if I had to guess what you’re problem is, I’d check:
- System hostname. Is it FQDN? Is it right? Does it resolve? Does a reverse lookup work for your IP? (PTR doesn’t have to be the same as your server name, but it does need to resolve back to the right IP.)
- Did you set
myoriginormydomainin Postfix? That was a mistake. Don’t do that. It doesn’t do what you think it does. - Is your virtual map file reasonable? (
/etc/postfix/virtual. Virtualmin normally manages this file, but if your configuration isn’t right it might not be doing the right things.)
Thank you very much for your very prompt response. --
1. Yes, hostname returns davidgmedia.us
2. No, these lines are commented out in postfix.conf:
#myorigin = $myhostname
#myorigin = $mydomain
3. In postfix/virtual, the email addresses map to the user name. Is this correct?
A couple of questions:
In the bounce back error message:
<david.davidg@us.us> (expanded from <david@davidgmedia.com>): Host or domain
name not found. Name service error for name=us.us type=A: Host not found
Diagnostic-Code: X-Postfix; Host or domain name not found. Name service error
for name=us.us type=A: Host not found
It seems to be looking for a non-existent domain (us.us). What does "expanded from" mean? Why is it looking for us.us? Is this part of the Postfix or Dovecot config?
Thanks!“Expanded from” is talking about what the virtual map does. It should convert from the virtual domain address to a local address on the server itself. For some reason, Postfix thinks us.us is the local server name. So…something is misconfigured somewhere in either DNS, /etc/hosts, or your postfix config (often the options I mentioned above).
Is davidgmedia.us a domain that is also hosted on the server in Virtualmin? If so, don’t do that. It confuses Postfix to have virtual map entries for the name Postfix thinks is “this server”. Though I think the errors there would be “mail loops back to myself” or something.
OK – Perhaps I should start over. Where would I find the preferred installation procedure for a fresh Centos 7 install? Thanks for all your help.
OK – Perhaps I should start over. Where would I find the preferred installation procedure for a fresh Centos 7 install?
Yeah, if this is a new server, there’s no reason to make your life harder by doing everything manually. You really need to be an expert (at everything) to do that successfully, and even then it’s a huge waste of time.
I’m curious how you got led astray? What led you to doing a manual installation in the first place? Our Download link on the Virtualmin home page takes you to the instructions for installing it. I don’t know how to make it more obvious.
Hi Joe:
First, I searched for alternatives to WHM/cPanel and found Webmin. I may have followed the installation process from a third party site and then installed Virtualmin. When I start over, what should I be aware of? I assume I should leave all module settings as is and create one virtual server for one domain and make sure all is well before moving on.
Thanks for all your help.
David
I successfully installed from the script. However, I get an error message that it can’t establish a connection, even while ignoring the security message. At first, I thought it was a firewalld problem, but it didn’t help to stop the service. Would there be a problem with running Certbot from Putty at this point?
I should probably mention that I was able to login and the left side display is there, but doesn’t go further.
OK – I was able to proceed with Firefox, so I am moving forward
It starts with a self-signed certificate. You will have to accept it to login. That does not indicate any problems, it’s unavoidable until you have some way to validate certificates (so either you’re hosting a domain or have working DNS)…you can generate certificates with Let’s Encrypt later to make that warning go away.
The connection error only showed up with Chrome. I have finished the configuration. It appears that BIND has been configured. I assume this means that I can remove the DNS management at the VPS host.
Can I also assume that it is better to run Let’s Encrypt from inside rather than Certbot from Putty as root.
You should read up on DNS glue records. But, yes, Virtualmin can manage your DNS assuming you set up the appropriate glue records at your registrar. (I’ve written about it here: http://inthebox.webmin.com/dns-for-web-hosting-glue-records )
Let Virtualmin manage your Let’s Encrypt certs unless you have special requirements. It uses certbot if available.
Hi Joe:
OK – I had a problem with that before. When I would request a cert for an additional domain, it would appear to replace the first one for the server host, rather than serve as a cert for the domain. I want to thank you for all your help. I really appreciate it. On the fresh install, all is well so far. I am having trouble getting set up in Thunderbird. Should the user be username only, username.example, username@example.com? Should the server settings be mail.serverdomain, mail.maildomain, serverdomain only, maildomain only? Should it be different for SMTP? I assume ports should be 143 and 587, right? Authentication? I am sorry if I am asking too many questions. I tried a bunch of combinations and nothing tested out.
David