goto;
Erfahrenes Mitglied
Hallo zusammen,
ich habe vorgestern angefangen, mein postfix testweise auf ldap umzustellen.
Leider scheitert es daran, dass beim Empfang einer E-Mail der entsprechende Benutzer nicht gefunden werden konnte (User unknown in virtual alias table).
Via "postmap" erhalte ich Treffer, weshalb ich inzwischen nicht mehr weiß, was ich noch probieren soll.
Hier die relevanten Informationen:
- Passwörter wurde mit Platzhalter belegt
- Richtige Domain wurde mit Platzhalter belegt
- E-Mail-Adresse wurde mit Platzhalter belegt
/etc/postfix/main.cf
/etc/postfix/master.cf
/etc/postfix/ldap/virtual_group_maps.cf
/etc/postfix/ldap/virtual_mailbox_maps.cf
/etc/dovecot/dovecot-ldap.conf.ext
Wenn ich die ldap-Files mit postmap teste, erhalte ich Ergebnisse:
Sobald ich aber eine E-Mail an die Adresse schicke, tauchen folgende Logs auf
Ich weiß leider nicht, wo ich noch nach dem Fehler suchen soll.
Hat jemand von Euch eine Idee?
Vielen Dank!
goto;
ich habe vorgestern angefangen, mein postfix testweise auf ldap umzustellen.
Leider scheitert es daran, dass beim Empfang einer E-Mail der entsprechende Benutzer nicht gefunden werden konnte (User unknown in virtual alias table).
Via "postmap" erhalte ich Treffer, weshalb ich inzwischen nicht mehr weiß, was ich noch probieren soll.
Hier die relevanten Informationen:
- Passwörter wurde mit Platzhalter belegt
- Richtige Domain wurde mit Platzhalter belegt
- E-Mail-Adresse wurde mit Platzhalter belegt
/etc/postfix/main.cf
Code:
smtpd_banner = $myhostname
biff = no
inet_protocols = ipv4
append_dot_mydomain = no
readme_directory = /usr/share/doc/postfix
ssl = required
ssl_cert = </etc/letsencrypt/live/domain/fullchain.pem
ssl_key = </etc/letsencrypt/live/domain/privkey.pem
#smtpd_tls_cert_file = /etc/ssl/mail.crt
smtpd_tls_cert_file = /etc/letsencrypt/live/domain/fullchain.pem
#smtpd_tls_key_file = /etc/ssl/mail.key
smtpd_tls_key_file = /etc/letsencrypt/live/domain/privkey.pem
smtpd_tls_security_level=may
#smtp_tls_cert_file = /etc/ssl/mail.crt
smtp_tls_cert_file = /etc/letsencrypt/live/domain/fullchain.pem
#smtp_tls_key_file = /etc/ssl/mail.key
smtp_tls_key_file = /etc/letsencrypt/live/domain/privkey.pem
smtp_tls_security_level=may
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_tls_auth_only = yes
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
smtpd_tls_mandatory_ciphers=high
tls_high_cipherlist=EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA
smtpd_tls_eecdh_grade = strong
myhostname = mail.meinedomain.de
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = localhost
#mydestination = mail.$mydomain, $myhostname, localhost, localhost.localdomain
mydestination = localhost, localhost.localdomain
mydomain = meinedomain.de
relayhost =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
disable_vrfy_command = yes
smtpd_helo_required = yes
smtpd_sasl_type=dovecot
smtpd_sasl_path=private/auth_dovecot
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
broken_sasl_auth_clients = yes
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $smtpd_sender_login_maps
smtpd_sender_restrictions = reject_authenticated_sender_login_mismatch,
reject_unknown_sender_domain,
permit_sasl_authenticated
smtpd_recipient_restrictions = permit_sasl_authenticated,
permit_mynetworks,
reject_rbl_client zen.spamhaus.org,
reject_unauth_destination,
reject_unknown_reverse_client_hostname,
smtpd_data_restrictions =
reject_unauth_pipelining,
permit
virtual_mailbox_base = /var/vmail/
virtual_alias_domains = $mydomain
virtual_minimum_uid = 104
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
virtual_transport = dovecot
html_directory = /usr/share/doc/postfix/html
sender_bcc_maps =
recipient_bcc_maps =
relay_domains =
relay_recipient_maps =
smtpd_sasl_local_domain = meinedomain.de
virtual_mailbox_domains =
smtpd_sender_login_maps = ldap:/etc/postfix/ldap/sender_login_maps.cf
virtual_mailbox_maps = ldap:/etc/postfix/ldap/virtual_mailbox_maps.cf
virtual_alias_maps = ldap:/etc/postfix/ldap/virtual_group_maps.cf
dovecot_destination_recipient_limit=1
/etc/postfix/master.cf
Code:
smtp inet n - - - - smtpd
submission inet n - - - - smtpd
-o smtpd_enforce_tls=yes
-o smtpd_tls_security_level=encrypt
-o tls_preempt_cipherlist=yes
pickup fifo n - - 60 1 pickup
cleanup unix n - - - 0 cleanup
qmgr fifo n - n 300 1 qmgr
tlsmgr unix - - - 1000? 1 tlsmgr
rewrite unix - - - - - trivial-rewrite
bounce unix - - - - 0 bounce
defer unix - - - - 0 bounce
trace unix - - - - 0 bounce
verify unix - - - - 1 verify
flush unix n - - 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - - - - smtp
relay unix - - - - - smtp
showq unix n - - - - showq
error unix - - - - - error
retry unix - - - - - error
discard unix - - - - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - - - - lmtp
anvil unix - - - - 1 anvil
scache unix - - - - 1 scache
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix - n n - 2 pipe
flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman unix - n n - - pipe
flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
${nexthop} ${user}
dovecot unix - n n - - pipe
flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -d ${recipient}
/etc/postfix/ldap/virtual_group_maps.cf
Code:
server_host = ldap.jumpcloud.com
server_port = 389
version = 3
bind = yes
start_tls = no
bind_dn = uid=admin,ou=Users,o=5e6cee514bcc2234713c93f48,dc=jumpcloud,dc=com
bind_pw = meinPasswort
search_base = ou=Users,o=5e6cee514bcc2234713c93f48,dc=jumpcloud,dc=com
scope = sub
query_filter = (mail=%s*)
#query_filter = (&(objectClass=group)(mail=%s*))
leaf_result_attribute = mail
special_result_attribute = member
result_attribute= mail
debuglevel = 0
/etc/postfix/ldap/virtual_mailbox_maps.cf
Code:
server_host = ldap.jumpcloud.com
server_port = 389
version = 3
bind = yes
start_tls = no
bind_dn = uid=admin,ou=Users,o=5e6cee514bcc2234713c93f48,dc=jumpcloud,dc=com
bind_pw = meinPasswort
search_base = ou=Users,o=5e6cee514bcc2234713c93f48,dc=jumpcloud,dc=com
scope = sub
#query_filter = (&(mail=%s)(objectclass=person)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))
query_filter = (&(mail=%s*))
result_attribute= mail
result_format = %d/%u/Maildir/
debuglevel = 3
/etc/dovecot/dovecot-ldap.conf.ext
Code:
hosts = ldap.jumpcloud.com
dn = uid=admin,ou=Users,o=5e6cee514bcc2234713c93f48,dc=jumpcloud,dc=com
dnpass = meinPasswort
tls = no
auth_bind = yes
ldap_version = 3
base = o=5e6cee514bcc2234713c93f48,dc=jumpcloud,dc=com
scope = subtree
user_attrs = \
=quota_rule=*:bytes=%{ldap:quotaBytes}, \
=home=/var/vmail/%d/%{ldap:sAMAccountName}, \
=mail=maildir:/var/vmail/%d/%{ldap:sAMAccountName}/Maildir
#user_filter = (&(mail=%u)(objectClass=person)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))
user_filter = (mail=%s*)
pass_filter = (&(mail=%u)(objectClass=person)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))
iterate_attrs = mail=user
iterate_filter = (objectClass=person)
Wenn ich die ldap-Files mit postmap teste, erhalte ich Ergebnisse:
Code:
root@a2:/etc/postfix# postmap -q "max.mustermann@meinedomain.de" ldap:/etc/postfix/ldap/virtual_group_maps.cf
max.mustermann@meinedomain.de
Code:
root@a2:/etc/postfix# postmap -q "max.mustermann" ldap:/etc/postfix/ldap/virtual_group_maps.cf
max.mustermann@meinedomain.de
Sobald ich aber eine E-Mail an die Adresse schicke, tauchen folgende Logs auf
Code:
Mar 16 22:18:22 a2 dovecot: master: Dovecot v2.2.27 (c0f36b0) starting up for imap (core dumps disabled)
Mar 16 22:18:38 a2 postfix/smtpd[6082]: connect from mail-oln040092065092.outbound.protection.outlook.com[40.92.65.92]
Mar 16 22:18:39 a2 postfix/smtpd[6082]: CADB7B40E48: client=mail-oln040092065092.outbound.protection.outlook.com[40.92.65.92]
Mar 16 22:18:39 a2 postfix/cleanup[6087]: CADB7B40E48: message-id=<AM6PR06MB4708E1CA2617C4F998AC0F60CDF90@AM6PR06MB4708.eurprd06.prod.outlook.com>
Mar 16 22:18:39 a2 postfix/qmgr[5592]: CADB7B40E48: from=<eheherh@live.de>, size=4969, nrcpt=1 (queue active)
Mar 16 22:18:40 a2 postfix/error[6088]: CADB7B40E48: to=<max.mustermann@meinedomain.de>, relay=none, delay=0.26, delays=0.25/0.01/0/0.01, dsn=5.1.1, status=bounced (User unknown in virtual alias table)
Mar 16 22:18:40 a2 postfix/cleanup[6087]: 00658B410CE: message-id=<20200316211840.00658B410CE@mail.meinedomain.de>
Mar 16 22:18:40 a2 postfix/bounce[6089]: CADB7B40E48: sender non-delivery notification: 00658B410CE
Mar 16 22:18:40 a2 postfix/qmgr[5592]: 00658B410CE: from=<>, size=6810, nrcpt=1 (queue active)
Mar 16 22:18:40 a2 postfix/qmgr[5592]: CADB7B40E48: removed
Mar 16 22:18:40 a2 postfix/smtpd[6082]: disconnect from mail-oln040092065092.outbound.protection.outlook.com[40.92.65.92] ehlo=2 starttls=1 mail=1 rcpt=1 data=1 quit=1 commands=7
Mar 16 22:18:40 a2 postfix/smtp[6090]: 00658B410CE: to=<rterzerzerzerz@live.de>, relay=eur.olc.protection.outlook.com[104.47.8.33]:25, delay=0.48, delays=0.03/0.01/0.15/0.29, dsn=2.6.0, status=sent (250 2.6.0 <20200316211840.00658B410CE@mail.meinedomain.de> [InternalId=81647328311365, Hostname=AM5EUR03HT176.eop-EUR03.prod.protection.outlook.com] 13208 bytes in 0.211, 61.061 KB/sec Queued mail for delivery)
Mar 16 22:18:40 a2 postfix/qmgr[5592]: 00658B410CE: removed
Ich weiß leider nicht, wo ich noch nach dem Fehler suchen soll.
Hat jemand von Euch eine Idee?
Vielen Dank!
goto;