Postfix/DK-Filter rejecting automated Webmin E-Mail messages to external email account

Acorp · August 24, 2009, 3:05am

Hello All,

I am having a problem that is probably not a Webmin issue, but I’m not sure how to work around it. It manifests itself in many different ways, but essentially what is happening is that Webmin’s automated emails (in this particular example an email sent on Virtualmin scheduled backup failure to an external email account) is being rejected by my domainkeys filter (DK-Filter) before it even leaves my server via postfix because (I think) Webmin is sending as hostname.domain.com instead of domain.com as the sending address. Ironically, I receive the bounce message that the original message failed to send, but not the original webmin message.

Webmin sends its email as: trystan.acorp.net, but postfix/DK-filter kicks it out with the following messages:


Aug 23 05:00:52 trystan dk-filter[1582]: 4D6DA88E75: syntax error: missing or empty domain name in sender
Aug 23 05:00:52 trystan postfix/cleanup[8645]: 4D6DA88E75: milter-reject: END-OF-MESSAGE from localhost[127.0.0.1]: 5.7.1 Command rejected; from= to=
Aug 23 05:00:52 trystan spamd[16703]: prefork: child states: II
Aug 23 05:00:52 trystan postfix/cleanup[8645]: 4D6DA88E75: to=, orig_to=, relay=none, delay=7.4, delays=7.4/0/0/0,$
Aug 23 05:00:52 trystan postfix/cleanup[8677]: 5827088EBD: message id=<20090823100052.5827088EBD@trystan.acorp.net>
Aug 23 05:00:52 trystan postfix/qmgr[24814]: 5827088EBD: from=<>, size=2507, nrcpt=1 (queue active)
Aug 23 05:00:52 trystan postfix/bounce[8676]: 4D6DA88E75: sender non-delivery notification: 5827088EBD
Aug 23 05:00:52 trystan postfix/cleanup[8645]: 5FAB088DEC: message-id=<20090823100052.5827088EBD@trystan.acorp.net>
Aug 23 05:00:52 trystan postfix/qmgr[24814]: 5FAB088DEC: from=<>, size=2642, nrcpt=1 (queue active)
Aug 23 05:00:52 trystan postfix/local[8678]: 5827088EBD: to=, relay=local, delay=0.07, delays=0.02/0.01/0/0.05, dsn=2.0.0, status=se$
Aug 23 05:00:52 trystan postfix/qmgr[24814]: 5827088EBD: removed

Any help is appreciated, thanks!

Acorp

www.acorp.net

Acorp · August 24, 2009, 3:10am

If it helps, this is the postfix side of things (reported in the bounce message):


Reporting-MTA: dns; trystan.acorp.net
X-Postfix-Queue-ID: 0B3A188E12
X-Postfix-Sender: rfc822; root@trystan.acorp.net
Arrival-Date: Sun, 23 Aug 2009 09:00:51 -0500 (CDT)
Final-Recipient: rfc822; acorp@trystan.acorp.net

Original-Recipient: rfc822; external@extdomain.com

Action: failed

Status: 5.7.1

Diagnostic-Code: X-Postfix; Command rejected

TIA,

Acorp

www.acorp.net

Eric · August 24, 2009, 3:21am

Hmm, what does this command show:

postconf -n

Also, you may want to go into System Settings -> Module Config -> Defaults upon user and server creation, and set the “From: address for email sent by Virtualmin” field to the address you want it to use.

-Eric

Acorp · August 24, 2009, 7:20pm

postconf -n:


address_verify_map = btree:/var/spool/postfix/verify
alias_maps = hash:/etc/aliases
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
debug_peer_level = 2
default_destination_concurrency_limit = 20
disable_vrfy_command = yes
home_mailbox = Maildir/
html_directory = no
inet_interfaces = all
local_destination_concurrency_limit = 2
mail_owner = postfix
mail_spool_directory = /var/spool/mail
mailbox_command = /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME
mailbox_size_limit = 0
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
message_size_limit = 0
mydestination = $myhostname, localhost.$mydomain, localhost, trystan.acorp.net
newaliases_path = /usr/bin/newaliases.postfix
non_smtpd_milters = unix:/var/run/spamass.sock inet:7357 unix:/var/run/dk-milter/dk.sock unix:/var/run/dkim-milter/dkim.sock
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES
relayhost = mail.mchsi.com
sample_directory = /usr/share/doc/postfix-2.3.3/samples
sender_bcc_maps = hash:/etc/postfix/bcc
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
show_user_unknown_table_name = no
smtp_generic_maps = hash:/etc/postfix/generic
smtp_tls_CAfile = /etc/pki/CA/CACert-Class3.crt
smtp_tls_cert_file = /etc/pki/server/server-certificate.crt
smtp_tls_key_file = /etc/pki/server/private/server-privatekey.pem
smtp_tls_note_starttls_offer = yes
smtp_tls_session_cache_database = btree:/var/spool/postfix/smtp_tls_cache
smtp_use_tls = yes
smtpd_client_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_rbl_client zen.spamhaus.org,reject_rbl_client combined.njabl.org,reject_rbl_client bl.spamcop.net
smtpd_data_restrictions = reject_unauth_pipelining
smtpd_delay_reject = yes
smtpd_error_sleep_time = 5s
smtpd_hard_error_limit = 5
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks,permit_sasl_authenticated,permit
smtpd_milters = unix:/var/run/spamass.sock inet:7357 unix:/var/run/dk-milter/dk.sock unix:/var/run/dkim-milter/dkim.sock
smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,        reject_unauth_destination,reject_unauth_pipelining,check_recipient_access hash:/etc/postfix/access,reject_unknown_recipient_domain,reject_unlisted_recipient,        reject_non_fqdn_recipient check_policy_service unix:/var/spool/postfix/postgrey/socket
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_sender_restrictions = permit_sasl_authenticated,permit_mynetworks,        reject_non_fqdn_sender,reject_unknown_sender_domain,check_sender_access hash:/etc/postfix/access,check_policy_service unix:postgrey/socket,check_policy_service unix:private/spfpolicy,permit
smtpd_soft_error_limit = 3
smtpd_tls_CAfile = /etc/pki/CA/CACert-Class3.crt
smtpd_tls_cert_file = /etc/pki/server/server-certificate.crt
smtpd_tls_key_file = /etc/pki/server/private/server-privatekey.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_database = btree:/var/spool/postfix/smtpd_tls_cache
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom
unknown_local_recipient_reject_code = 550
unverified_recipient_reject_code = 550
unverified_sender_reject_code = 550
virtual_alias_maps = hash:/etc/postfix/virtual

I’ve set the “From” address as suggested…is this “retroactive” for servers that have already been created? If not, where would I change that?

Thanks for the suggestions.

Acorp

www.acorp.net

Eric · August 24, 2009, 7:23pm

Okay, it doesn’t look like “myhostname” is set, you may also want to try setting it just to be sure.

As far as setting the “From” address – yeah, Virtualmin should consult that each time an email is sent, I believe.

-Eric

Acorp · August 24, 2009, 7:25pm

Must be retroactive, that worked. Now a new problem…I’ll post a new topic though so as not to confuse things.

Thanks for your help!

Acorp

www.acorp.net