#1
  1. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Dec 2009
    Posts
    125
    Rep Power
    27

    Postfix - queue server on NAT network


    Hi,

    OK guys, I was thrown into this problem so I'm hoping you guys can help me out.

    I need a queue server for two domains.the main domain domainYYY.org has a few mail servers on one network e.g. mail,mail1,mail2.domainYYY.org however, the fourth mail server is on a separate network. how can I setup postfix to a queue mail from domainYYY.org? MX for domainYYY.org exist for all mail servers and point to public IP addresses that map to the internal NAT IPs

    Also, the queue server needs to map/alias email to domainXXX.com to domainYYY.com. again it's MX records points to a public ip address.

    When I try to set things up with virtual_alias_domains = domainYYY.org and try to send mail from the queue server to an address user@domainYYY.org i get the error below. however mail to everywhere else works fine.

    Any insight or pointers would be GREATLY appreciated.

    Thanks,

    ======
    Sep 16 15:47:28 linux-505j postfix/trivial-rewrite[17071]: warning: database /etc/postfix/virtual.db is older than source file /etc/postfix/virtual
    Sep 16 15:47:28 linux-505j postfix/cleanup[16803]: ECD5B10CC50: message-id=<20100916224728.ECD5B10CC50@mail.domainXXX.com>
    Sep 16 15:47:28 linux-505j postfix/qmgr[16656]: ECD5B10CC50: from=<root@domainXXX.com>, size=450, nrcpt=1 (queue active)
    Sep 16 15:47:28 linux-505j postfix/error[16804]: ECD5B10CC50: to=<user@domainYYY.org>, relay=none, delay=0.04, delays=0.03/0/0/0, dsn=5.0.0, status=bounced (User unknown in virtual alias table)
    Sep 16 15:47:28 linux-505j postfix/cleanup[16803]: EFC0410CC5B: message-id=<20100916224728.EFC0410CC5B@mail.domainXXX.com>
    Sep 16 15:47:28 linux-505j postfix/bounce[16806]: ECD5B10CC50: sender non-delivery notification: EFC0410CC5B
    Sep 16 15:47:28 linux-505j postfix/qmgr[16656]: ECD5B10CC50: removed
    Sep 16 15:47:28 linux-505j postfix/qmgr[16656]: EFC0410CC5B: from=<>, size=2269, nrcpt=1 (queue active)
    Sep 16 15:47:28 linux-505j postfix/smtp[16907]: connect to domainXXX.com[192.168.102.205]:25: Connection refused
    Sep 16 15:47:28 linux-505j postfix/smtp[16907]: EFC0410CC5B: to=<root@domainXXX.com>, relay=none, delay=0.01, delays=0/0/0/0, dsn=4.4.1, status=deferred (connect to domainXXX.com[192.168.102.205]:25: Connection refused)


    ======

    -------
    alias_maps = hash:/etc/aliases
    biff = no
    canonical_maps = hash:/etc/postfix/canonical
    command_directory = /usr/sbin
    config_directory = /etc/postfix
    content_filter =
    daemon_directory = /usr/lib/postfix
    data_directory = /var/lib/postfix
    debug_peer_level = 2
    defer_transports =
    delay_warning_time = 1h
    disable_dns_lookups = no
    disable_mime_output_conversion = no
    home_mailbox = Maildir/
    html_directory = /usr/share/doc/packages/postfix-doc/html
    inet_interfaces = all
    inet_protocols = all
    mail_owner = postfix
    mail_spool_directory = /var/mail
    mailbox_command =
    mailbox_size_limit = 0
    mailbox_transport =
    mailq_path = /usr/bin/mailq
    manpage_directory = /usr/share/man
    masquerade_classes = envelope_sender, header_sender, header_recipient
    masquerade_domains =
    masquerade_exceptions = root
    message_size_limit = 0
    message_strip_characters = \0
    mydestination = $myhostname, localhost.$mydomain
    myhostname = mail.domainXXX.com
    mynetworks_style = subnet
    myorigin = domainXXX.com
    newaliases_path = /usr/bin/newaliases
    queue_directory = /var/spool/postfix
    readme_directory = /usr/share/doc/packages/postfix-doc/README_FILES
    relay_domains = $mydestination, hash:/etc/postfix/relay
    relayhost =
    relocated_maps = hash:/etc/postfix/relocated
    sample_directory = /usr/share/doc/packages/postfix-doc/samples
    sender_canonical_maps = hash:/etc/postfix/sender_canonical
    sendmail_path = /usr/sbin/sendmail
    setgid_group = maildrop
    smtp_sasl_auth_enable = no
    smtp_use_tls = no
    smtpd_client_restrictions =
    smtpd_helo_required = no
    smtpd_helo_restrictions =
    smtpd_recipient_restrictions = permit_mynetworks,reject_unauth_destination
    smtpd_sasl_auth_enable = no
    smtpd_sender_restrictions = hash:/etc/postfix/access
    smtpd_use_tls = no
    strict_8bitmime = no
    strict_rfc821_envelopes = no
    transport_maps = hash:/etc/postfix/transport
    unknown_local_recipient_reject_code = 550
    virtual_alias_domains = domainYYY.org, hash:/etc/postfix/virtual
    virtual_alias_maps = hash:/etc/postfix/virtual
    -------
  2. #2
  3. Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Oct 2003
    Location
    Minneapolis, MN
    Posts
    356
    Rep Power
    12
    First, it's sounding like you may have a problem with your virtual_alias_maps file in terms of it's format since you are getting the following error:

    Sep 16 15:47:28 linux-505j postfix/error[16804]: ECD5B10CC50: to=<user@domainYYY.org>, relay=none, delay=0.04, delays=0.03/0/0/0, dsn=5.0.0, status=bounced (User unknown in virtual alias table)

    I also noticed that you have the same file specified for your virtual_alias_maps and virtual_alias_domains. These are 2 different file formats. Your domains file should be something like this:
    Code:
    # the right hand side is actually ignored here so you can use
    # whatever you want, but I like "OK"
    domainXXX.com        OK
    domainYYY.com        OK
    and the virtual_alias_maps file should look like this:
    Code:
    # the left hand side is the user that should be mapped to 
    # the right hand side
    user@domainXXX.com        user@domainYYY.com
    user2@domainXXX.com        someotheruser@domainYYY.com
    As you can see, there is no way you should be using the same file for both specs.

    The second problem it sounds like you are running into has to do with domainYYY.com email going to the correct server, right? As in, you have issues where you are getting external addresses from DNS and it's supposed to go to an RFC1918 address or vice versa? This is an easy one to solve with postfix. You can just set up a transport map like the following:
    Code:
    # since domainYYY.com is the destination things are getting
    # mapped to, we'll set a transport map for that
    domainYYY.com        smtp:[internal-host.example.com]
    There are a lot of different things you can do with transport maps and I would suggest reading the man page for it (man 5 transport).

    I think that should at least get you started in getting everything straightened out.
    badger badger badger badger
    badger badger badger badger
    MUSHROOM MUSHROOM

IMN logo majestic logo threadwatch logo seochat tools logo