Author Topic: Need help. all mail deferred  (Read 11078 times)

0 Members and 1 Guest are viewing this topic.

Offline
***
Re: Need help. all mail deferred
« Reply #15 on: January 03, 2022, 11:15:44 PM »
(...)
This info seems to be incorrect. I have two other bugs relating to the domain folders inside the vmail folder having vmail:mail ownership instead of user:mail. So, they shouldnt be chowned vmail:mail

What are the bugs..?!?!

http://forum.centos-webpanel.com/index.php?topic=11668.msg39929#msg39929
Bug #203 and #204

Offline
***
Re: Need help. all mail deferred
« Reply #16 on: January 05, 2022, 03:48:21 PM »
Below is my main.cf file for postfix.
I am using stream 8, postfix 3.4.8, cwp pro.

There seems to be all kinds of code that is commented out that should not be.  Can you look at this please?

Code: [Select]
compatibility_level = 2

#soft_bounce = no

queue_directory = /var/spool/postfix

command_directory = /usr/sbin

daemon_directory = /usr/libexec/postfix

data_directory = /var/lib/postfix

mail_owner = postfix


#default_privs = nobody


#myhostname = host.domain.tld
#myhostname = virtual.domain.tld

#mydomain = domain.tld

#myorigin = $myhostname
#myorigin = $mydomain


#inet_interfaces = all
#inet_interfaces = $myhostname
#inet_interfaces = $myhostname, localhost

#proxy_interfaces =
#proxy_interfaces = 1.2.3.4

# See also below, section "REJECTING MAIL FOR UNKNOWN LOCAL USERS".
#
#mydestination = $myhostname, localhost.$mydomain, localhost
#mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
#mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain,
# mail.$mydomain, www.$mydomain, ftp.$mydomain


#
#local_recipient_maps = unix:passwd.byname $alias_maps
#local_recipient_maps = proxy:unix:passwd.byname $alias_maps
#local_recipient_maps =

unknown_local_recipient_reject_code = 550

#mynetworks_style = class
#mynetworks_style = subnet
#mynetworks_style = host

#mynetworks = 168.100.189.0/28, 127.0.0.0/8
#mynetworks = $config_directory/mynetworks
#mynetworks = hash:/etc/postfix/network_table

#relay_domains = $mydestination


#relayhost = $mydomain
#relayhost = [gateway.my.domain]
#relayhost = [mailserver.isp.tld]
#relayhost = uucphost
#relayhost = [an.ip.add.ress]


#relay_recipient_maps = hash:/etc/postfix/relay_recipients

#in_flow_delay = 1s

# ADDRESS REDIRECTION (VIRTUAL DOMAIN)
#

# "USER HAS MOVED" BOUNCE MESSAGES
#
#alias_maps = dbm:/etc/aliases
#alias_maps = hash:/etc/aliases
#alias_maps = hash:/etc/aliases, nis:mail.aliases
#alias_maps = netinfo:/aliases

#alias_database = dbm:/etc/aliases
#alias_database = dbm:/etc/mail/aliases
#alias_database = hash:/etc/aliases
#alias_database = hash:/etc/aliases, hash:/opt/majordomo/aliases

#recipient_delimiter = +

# DELIVERY TO MAILBOX

#home_mailbox = Mailbox
#home_mailbox = Maildir/
 
#mail_spool_directory = /var/mail
#mail_spool_directory = /var/spool/mail

#mailbox_command = /some/where/procmail
#mailbox_command = /some/where/procmail -a "$EXTENSION"

# Cyrus IMAP over LMTP. Specify ``lmtpunix      cmd="lmtpd"
# listen="/var/imap/socket/lmtp" prefork=0'' in cyrus.conf.
#mailbox_transport = lmtp:unix:/var/imap/socket/lmtp
#
# Cyrus IMAP via command line. Uncomment the "cyrus...pipe" and
# subsequent line in master.cf.
#mailbox_transport = cyrus

# The fallback_transport specifies the optional transport in master.cf
# to use for recipients that are not found in the UNIX passwd database.
# This parameter has precedence over the luser_relay parameter.
#
# Specify a string of the form transport:nexthop, where transport is
# the name of a mail delivery transport defined in master.cf.  The
# :nexthop part is optional. For more details see the sample transport
# configuration file.
#
# NOTE: if you use this feature for accounts not in the UNIX password
# file, then you must update the "local_recipient_maps" setting in
# the main.cf file, otherwise the SMTP server will reject mail for   
# non-UNIX accounts with "User unknown in local recipient table".
#
#fallback_transport = lmtp:unix:/file/name
#fallback_transport = cyrus
#fallback_transport =

# The luser_relay parameter specifies an optional destination address
# for unknown recipients.  By default, mail for unknown@$mydestination,
# unknown@[$inet_interfaces] or unknown@[$proxy_interfaces] is returned
# as undeliverable.
#
# The following expansions are done on luser_relay: $user (recipient
# username), $shell (recipient shell), $home (recipient home directory),
# $recipient (full recipient address), $extension (recipient address
# extension), $domain (recipient domain), $local (entire recipient
# localpart), $recipient_delimiter. Specify ${name?value} or
# ${name:value} to expand value only when $name does (does not) exist.
#
# luser_relay works only for the default Postfix local delivery agent.
#
# NOTE: if you use this feature for accounts not in the UNIX password
# file, then you must specify "local_recipient_maps =" (i.e. empty) in
# the main.cf file, otherwise the SMTP server will reject mail for   
# non-UNIX accounts with "User unknown in local recipient table".
#
#luser_relay = $user@other.host
#luser_relay = $local@other.host
#luser_relay = admin+$local
 
# JUNK MAIL CONTROLS
#
# The controls listed here are only a very small subset. The file
# SMTPD_ACCESS_README provides an overview.

# The header_checks parameter specifies an optional table with patterns
# that each logical message header is matched against, including
# headers that span multiple physical lines.
#
# By default, these patterns also apply to MIME headers and to the
# headers of attached messages. With older Postfix versions, MIME and
# attached message headers were treated as body text.
#
# For details, see "man header_checks".
#
#header_checks = regexp:/etc/postfix/header_checks

# FAST ETRN SERVICE
#
# Postfix maintains per-destination logfiles with information about
# deferred mail, so that mail can be flushed quickly with the SMTP
# "ETRN domain.tld" command, or by executing "sendmail -qRdomain.tld".
# See the ETRN_README document for a detailed description.
#
# The fast_flush_domains parameter controls what destinations are
# eligible for this service. By default, they are all domains that
# this server is willing to relay mail to.
#
#fast_flush_domains = $relay_domains

# SHOW SOFTWARE VERSION OR NOT
#
# The smtpd_banner parameter specifies the text that follows the 220
# code in the SMTP server's greeting banner. Some people like to see
# the mail version advertised. By default, Postfix shows no version.
#
# You MUST specify $myhostname at the start of the text. That is an
# RFC requirement. Postfix itself does not care.
#
#smtpd_banner = $myhostname ESMTP $mail_name
#smtpd_banner = $myhostname ESMTP $mail_name ($mail_version)

# PARALLEL DELIVERY TO THE SAME DESTINATION
#
# How many parallel deliveries to the same user or domain? With local
# delivery, it does not make sense to do massively parallel delivery
# to the same user, because mailbox updates must happen sequentially,
# and expensive pipelines in .forward files can cause disasters when
# too many are run at the same time. With SMTP deliveries, 10
# simultaneous connections to the same domain could be sufficient to
# raise eyebrows.
#
# Each message delivery transport has its XXX_destination_concurrency_limit
# parameter.  The default is $default_destination_concurrency_limit for
# most delivery transports. For the local delivery agent the default is 2.

#local_destination_concurrency_limit = 2
#default_destination_concurrency_limit = 20

# DEBUGGING CONTROL
#
# The debug_peer_level parameter specifies the increment in verbose
# logging level when an SMTP client or server host name or address
# matches a pattern in the debug_peer_list parameter.
#
debug_peer_level = 2

# The debug_peer_list parameter specifies an optional list of domain
# or network patterns, /file/name patterns or type:name tables. When
# an SMTP client or server host name or address matches a pattern,
# increase the verbose logging level by the amount specified in the
# debug_peer_level parameter.
#
#debug_peer_list = 127.0.0.1
#debug_peer_list = some.domain

# The debugger_command specifies the external command that is executed
# when a Postfix daemon program is run with the -D option.
#
# Use "command .. & sleep 5" so that the debugger can attach before
# the process marches on. If you use an X-based debugger, be sure to
# set up your XAUTHORITY environment variable before starting Postfix.
#
debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
ddd $daemon_directory/$process_name $process_id & sleep 5

# If you can't use X, use this to capture the call stack when a
# daemon crashes. The result is in a file in the configuration
# directory, and is named after the process name and the process ID.
#
# debugger_command =
# PATH=/bin:/usr/bin:/usr/local/bin; export PATH; (echo cont;
# echo where) | gdb $daemon_directory/$process_name $process_id 2>&1
# >$config_directory/$process_name.$process_id.log & sleep 5
#
# Another possibility is to run gdb under a detached screen session.
# To attach to the screen session, su root and run "screen -r
# <id_string>" where <id_string> uniquely matches one of the detached
# sessions (from "screen -list").
#
# debugger_command =
# PATH=/bin:/usr/bin:/sbin:/usr/sbin; export PATH; screen
# -dmS $process_name gdb $daemon_directory/$process_name
# $process_id & sleep 1

# INSTALL-TIME CONFIGURATION INFORMATION
#
# The following parameters are used when installing a new Postfix version.
#
# sendmail_path: The full pathname of the Postfix sendmail command.
# This is the Sendmail-compatible mail posting interface.
#
sendmail_path =

# newaliases_path: The full pathname of the Postfix newaliases command.
# This is the Sendmail-compatible command to build alias databases.
#
newaliases_path =

# mailq_path: The full pathname of the Postfix mailq command.  This
# is the Sendmail-compatible mail queue listing command.
#
mailq_path =

# setgid_group: The group for mail submission and queue management
# commands.  This must be a group name with a numerical group ID that
# is not shared with other accounts, not even with the Postfix account.
#
setgid_group =

# html_directory: The location of the Postfix HTML documentation.
#
html_directory =

# manpage_directory: The location of the Postfix on-line manual pages.
#
manpage_directory =

# sample_directory: The location of the Postfix sample configuration files.
# This parameter is obsolete as of Postfix 2.1.
#
sample_directory =

# readme_directory: The location of the Postfix README files.
#
readme_directory =
inet_protocols = ipv4
« Last Edit: January 05, 2022, 03:49:59 PM by Namaste »
Listen to everything Pixelpadre says.

Offline
***
Re: Need help. all mail deferred
« Reply #17 on: January 06, 2022, 12:24:56 AM »
(...)
http://forum.centos-webpanel.com/index.php?topic=11668.msg39929#msg39929
Bug #203 and #204

I think I should keep my position: the user:group must be "vmail:mail".
This is the original configuration of CWP.
By the way, you can have a custom configuration.

What you have in "service auth {" group section in /etc/dovecot.dovecot.conf file?
« Last Edit: January 06, 2022, 12:30:15 AM by Netino »

Offline
***
Re: Need help. all mail deferred
« Reply #18 on: January 06, 2022, 11:53:09 AM »
(...)
http://forum.centos-webpanel.com/index.php?topic=11668.msg39929#msg39929
Bug #203 and #204

I think I should keep my position: the user:group must be "vmail:mail".
This is the original configuration of CWP.
By the way, you can have a custom configuration.

What you have in "service auth {" group section in /etc/dovecot.dovecot.conf file?

Code: [Select]
service auth {
unix_listener auth-userdb {
mode = 0660
user = vmail
group = mail
}

# Postfix smtp-auth
unix_listener /var/spool/postfix/private/auth {
mode = 0660
user = postfix
group = postfix
}
}
Listen to everything Pixelpadre says.

Offline
***
Re: Need help. all mail deferred
« Reply #19 on: January 06, 2022, 11:54:21 AM »
Im going back to centos 7 and damn glad I didnt destroy it.

Stream and cwp do not play well together.   Email is AFU.
Listen to everything Pixelpadre says.

Offline
***
Re: Need help. all mail deferred
« Reply #20 on: January 06, 2022, 12:07:32 PM »
I have Centos 8 Stream with delayed repos. I have a fully functioning email system with optimized settings to enforce TLS on sending, recommending TLS on receiving, a custom spamassassin setup (without AMaViS, I dont have a lot of RAM), integrated DMARC service, and a functioning and upgraded Roundcube with the appropriate TLS setup (which has some bugs that I've fixed, which I believe is the fault of PHP 7.2 that is being forced on Roundcube folder).

The OS itself is not the reason. I have also a test server with Centos 8 Stream. It too has no problems with the email system.

Offline
***
Re: Need help. all mail deferred
« Reply #21 on: January 06, 2022, 12:14:50 PM »
(...)
http://forum.centos-webpanel.com/index.php?topic=11668.msg39929#msg39929
Bug #203 and #204

I think I should keep my position: the user:group must be "vmail:mail".
This is the original configuration of CWP.
By the way, you can have a custom configuration.

What you have in "service auth {" group section in /etc/dovecot.dovecot.conf file?

The test server that I have, which has no custom configuration of the email system, has also the same bugs with the vmail folder ownership.

Here's my auth
Code: [Select]
service auth {
unix_listener auth-userdb {
mode = 0660
user = vmail
group = mail
}

It's not certain that the auth module has anything to do with the UserCP Email module not being able to create a mailbox inside the vmail folder when it has vmail:mail ownership.
Either the Email module is configured to work with user:mail, or it is misconfigured and it is supposed to work with vmail:mail. Either way, the Email module code is encrypted with IonCube, like every other module..., and I can't inspect the code myself...

Edit: or it could be that users are not added to the mail group? This too is the same behavior on the test server
« Last Edit: January 06, 2022, 12:27:30 PM by iraqiboy90 »

Offline
***
Re: Need help. all mail deferred
« Reply #22 on: January 06, 2022, 09:27:32 PM »
(...)
Code: [Select]
service auth {
unix_listener auth-userdb {
mode = 0660
user = vmail
group = mail
}

# Postfix smtp-auth
unix_listener /var/spool/postfix/private/auth {
mode = 0660
user = postfix
group = postfix
}
}

The user:group of your configuration is correct.
Try to change it to "mode = 0666" just to test, and check if works.

Offline
***
Re: Need help. all mail deferred
« Reply #23 on: January 06, 2022, 09:45:26 PM »
(...)
The test server that I have, which has no custom configuration of the email system, has also the same bugs with the vmail folder ownership.

Here's my auth
Code: [Select]
service auth {
unix_listener auth-userdb {
mode = 0660
user = vmail
group = mail
}

It's not certain that the auth module has anything to do with the UserCP Email module not being able to create a mailbox inside the vmail folder when it has vmail:mail ownership.

I completely disagree: Depends on the user you are running dovecot.
In my case, dovecot is running as user 'vmail'.
If yours is default installation, yours should be running in "vmail:mail" ownership.
So all users can be created in folders with "vmail:mail" ownership.

I think too your configuration should be identical to that of Namaste, like follows:
Code: [Select]
service auth {
unix_listener auth-userdb {
mode = 0660
user = vmail
group = mail
}

# Postfix smtp-auth
unix_listener /var/spool/postfix/private/auth {
mode = 0660
user = postfix
group = postfix
}
}

Quote
Either the Email module is configured to work with user:mail, or it is misconfigured and it is supposed to work with vmail:mail. Either way, the Email module code is encrypted with IonCube, like every other module..., and I can't inspect the code myself...
As said, is not needed to change ownership of your files if you are running dovecot as 'vmail' user.
Check what user you are running dovecot in your server.
This can be the source of the problem.

Quote
Edit: or it could be that users are not added to the mail group? This too is the same behavior on the test server

No. In my case, mail group is:
Code: [Select]
mail:x:12:postfix,vacation,opendkim,dovecotIt's the default since from CWP installation.

Offline
***
Re: Need help. all mail deferred
« Reply #24 on: January 06, 2022, 11:42:49 PM »
Below is my main.cf file for postfix.
I am using stream 8, postfix 3.4.8, cwp pro.

There seems to be all kinds of code that is commented out that should not be.  Can you look at this please?




my bad.  cut and pasted main.cf.proto :-[
Listen to everything Pixelpadre says.