# [solved] Posfix width multiple domains

## elmar283

I have installed a mailserver width multiple domains. I used the documentation on http://www.gentoo.org/doc/en/virt-mail-howto.xml.

No not all mail is delivered to my mailboxes. It is only from some domains (e.g. dds.nl). I do not get any error, the smtp server at that domains simply are not able to find my mailserver.

I have three domains on my server. One the FQDN and two are virtual. 

The server is connected width my modem. The modem forwards everything to this server (firewall is on the server width iptables, but that is outside this discussion). My internet hoster is XS4ALL. There my ipaddress is binded width my FQDN domain:

```

ottere1@xs8:~$ ping -c 3 mail.elmarotter.eu

PING mail.elmarotter.eu (83.161.154.53) 56(84) bytes of data.

64 bytes from mail.elmarotter.eu (83.161.154.53): icmp_req=1 ttl=62 time=5.80 ms

64 bytes from mail.elmarotter.eu (83.161.154.53): icmp_req=2 ttl=62 time=7.00 ms

64 bytes from mail.elmarotter.eu (83.161.154.53): icmp_req=3 ttl=62 time=5.31 ms

--- mail.elmarotter.eu ping statistics ---

3 packets transmitted, 3 received, 0% packet loss, time 2001ms

rtt min/avg/max/mdev = 5.319/6.043/7.007/0.709 ms

```

So no problem there.

The domains are hosted at http://your-webhost.nl. At the config panel there I changed the DNS settings:

```

FQDN:

* A (Internet adres) 83.161.154.53 

elmarotter.eu. TXT (text record) v=spf1 ip4:83.161.154.53 a mx ~all

elmarotter.eu. NS (name server) ns3.your-webhost.nl.

elmarotter.eu. MX (mail server) mail.elmarotter.eu.

elmarotter.eu. A (Internet adres) 83.161.154.53

elmarotter.eu. NS (name server) ns4.your-webhost.nl.

ftp A (Internet adres) 83.161.154.53

mail.elmarotter.eu. A (Internet adres)83.161.154.53

pop A (Internet adres) 83.161.154.53

smtp A (Internet adres) 83.161.154.53

www A (Internet adres) 83.161.154.53
```

Virtual 1:

```

*  A (Internet adres) 83.161.154.53

elmarotter.nl. A (Internet adres) 83.161.154.53

ftp A (Internet adres) 83.161.154.53

pop A (Internet adres) 83.161.154.53

smtp A (Internet adres) 83.161.154.53

www A (Internet adres) 83.161.154.53

elmarotter.nl. MX (mail server) mail.elmarotter.eu.

mail.elmarotter.nl. MX (mail server) mail.elmarotter.eu.

elmarotter.nl. NS (name server) ns3.your-webhost.nl.

elmarotter.nl. NS (name server) ns4.your-webhost.nl.

elmarotter.nl. TXT (text record) v=spf1 ip4:83.161.154.53 a mx ~all

```

Virtual 2:

```

*  A (Internet adres) 83.161.154.53

dwarsleeuwarden.nl.  NS (name server) ns1.your-webhost.nl

dwarsleeuwarden.nl. A (Internet adres) 83.161.154.53

dwarsleeuwarden.nl. TXT (text record) v=spf1 ip4:83.161.154.53 a mx ~all

dwarsleeuwarden.nl. MX (mail server) mail.elmarotter.eu.

dwarsleeuwarden.nl. NS (name server) ns2.your-webhost.nl

ftp A (Internet adres) 83.161.154.53

pop A (Internet adres) 83.161.154.53

smtp A (Internet adres) 83.161.154.53

www A (Internet adres) 83.161.154.53

```

Question one is wether there is an error in this configuration? I don't fink the problem is with the postfix configuration because mail only fails from some domains / mailhosters.

But to be complete my main.cf file:

```
elmarotter@masterserver ~ $ cat /etc/postfix/main.cf

queue_directory = /var/spool/postfix

command_directory = /usr/sbin

daemon_directory = //usr/libexec/postfix

data_directory = /var/lib/postfix

mail_owner = postfix

myhostname = mail.elmarotter.eu

mydomain = elmarotter.eu

myorigin = elmarotter.eu

inet_interfaces = all

mydestination = mail.elmarotter.eu, localhost.elmarotter.eu, elmarotter.eu

unknown_local_recipient_reject_code = 450

mynetworks = 192.168.0.0/24, 192.168.178.0/24, 127.0.0.0/8

home_mailbox = .maildir/

local_destination_concurrency_limit = 2

default_destination_concurrency_limit = 20

debug_peer_level = 2

debugger_command =

    PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin

    ddd $daemon_directory/$process_name $process_id & sleep 5

sendmail_path = /usr/sbin/sendmail

newaliases_path = /usr/bin/newaliases

mailq_path = /usr/bin/mailq

setgid_group = postdrop

html_directory = no

manpage_directory = /usr/share/man

sample_directory = /etc/postfix

readme_directory = no

home_mailbox = .maildir/

smtpd_sasl_auth_enable = yes

smtpd_sasl_security_options = noanonymous

broken_sasl_auth_clients = yes

smtpd_sasl_local_domain =

smtpd_recipient_restrictions =

  permit_sasl_authenticated,

  permit_mynetworks,

  reject_unauth_destination

smtp_use_tls = yes

smtp_tls_note_starttls_offer = yes

smtpd_use_tls = yes

#smtpd_tls_auth_only = yes

smtpd_tls_key_file = /etc/postfix/newkey.pem

smtpd_tls_cert_file = /etc/postfix/newcert.pem

smtpd_tls_CAfile = /etc/postfix/cacert.pem

smtpd_tls_loglevel = 3

smtpd_tls_received_header = yes

smtpd_tls_session_cache_timeout = 3600s

tls_random_source = dev:/dev/urandom

# na hier is nieuw, als mijn mailboxen niet meer werken haal ik de tekst hieronder weg

# Beging nieuwe tekst ->

alias_maps = mysql:/etc/postfix/mysql-aliases.cf

relocated_maps = mysql:/etc/postfix/mysql-relocated.cf

local_transport = local

local_recipient_maps = $alias_maps $virtual_mailbox_maps unix:passwd.byname

virtual_transport = virtual

virtual_mailbox_domains = dwarsleeuwarden.nl, elmarotter.nl

virtual_minimum_uid = 1000

virtual_gid_maps = static:1003

virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-maps.cf

virtual_alias_maps = mysql:/etc/postfix/mysql-virtual.cf

virtual_uid_maps = static:1003

virtual_mailbox_base = /

#virtual_mailbox_limit =

owner_request_special = no

recipient_delimiter = +

#alias_maps  = mysql:/etc/postfix/mysql-aliases.cf

#  hash:/usr/local/mailman/data/aliases,

#  mysql:/etc/postfix/mysql-aliases.cf

#virtual_alias_maps =

 # hash:/usr/local/mailman/data/virtual-mailman,

 # mysql:/etc/postfix/mysql-virtual.cf

#mailfitering starst here: Dus als de boel zo niet meer goed werkt dan hetgeen hieronder eerst in de prullenbak mieteren ;)

biff = no

empty_address_recipient = MAILER-DAEMON

queue_minfree = 120000000

content_filter = smtp-amavis:[127.0.0.1]:10024

#Equivalently when using lmtp:

#content_filter = lmtp-amavis:[127.0.0.1]:10024

# TRANSPORT MAP

# 

# Insert text from sample-transport.cf if you need explicit routing.

#transport_maps = hash:/etc/postfix/transport

#relay_domains = $transport_maps

#mailbox_command = /usr/bin/procmail -a "elmarotter.eu"

#mailbox_command = /usr/bin/procmail -a "elmarotter.nl"

#mailbox_command = /usr/bin/procmail

```

Last edited by elmar283 on Sat Dec 01, 2012 12:16 pm; edited 2 times in total

----------

## cach0rr0

a few quick things

-your DNS setup looks perfectly fine

-for longer config files, is best to strip comments. Many ways to do this, I usually just do something like egrep -v '^(\#|$)' /etc/postfix/main.cf

-your relay_domains setting does not make sense. You have referenced $transport_maps, but then $transport_maps is not defined anywhere. 

-lastly, what is the actual error you are seeing? 

NB: that howto is somewhat old, and doesnt explain much, and i dont like it, so I made this one

----------

## elmar283

Thanks for your answer:

Yes, the transport maps can go. It is from: http://www.gentoo.org/doc/en/mailfilter-guide.xml. I did put that line out now.

I agree with you that the explanation is poor on the virtual mail guide. 

There is no error message on my log files. The mail does not come on my server. I think somewhere else something goes wrong on the origin of the mail.

This is the error mail I got from the mta on dds.nl:

I changed all @ tot (at).

```

This is the mail system at host rotring.dds.nl.

I'm sorry to have to inform you that your message could not

be delivered to one or more recipients. It's attached below.

For further assistance, please send mail to postmaster.

If you do so, please include this problem report. You can

delete your own text from the attached returned message.

                  The mail system

<elmar ( at) elmarotter.nl>: connect to mail.elmarotter.eu[83.161.154.53]:25:

   Connection timed out

<elmar (at) elmarotter.eu>: connect to mail.elmarotter.eu[83.161.154.53]:25:

   Connection timed out

Reporting-MTA: dns; rotring.dds.nl

X-Postfix-Queue-ID: EFE2E59063

X-Postfix-Sender: rfc822; ottere (at)dds.nl

Arrival-Date: Wed, 28 Nov 2012 17:21:17 +0100 (CET)

Final-Recipient: rfc822; elmar@elmarotter.nl

Original-Recipient: rfc822;elmar (at) elmarotter.nl

Action: failed

Status: 4.4.1

Diagnostic-Code: X-Postfix; connect to mail.elmarotter.eu[83.161.154.53]:25:

   Connection timed out

Final-Recipient: rfc822; elmar (at) elmarotter.eu

Original-Recipient: rfc822;elmar (at) elmarotter.eu

Action: failed

Status: 4.4.1

Diagnostic-Code: X-Postfix; connect to mail.elmarotter.eu[83.161.154.53]:25:

   Connection timed out

Van: Elmar Otter <ottere (at) dds.nl>

Onderwerp: test4

Datum: 28 november 2012 17:21:10 GMT+01:00

Aan: elmar (at) elmarotter.eu, elmar (at) elmarotter.nl

```

And thanks for your guide. (And if you know any good mailman guide. The mailman explenation from the virtual mail guide does not work for me.)

----------

## cach0rr0

 *elmar283 wrote:*   

>  I think somewhere else something goes wrong on the origin of the mail.
> 
> 

 

I'm inclined to agree, namely because of this

```

connect to mail.elmarotter.eu[83.161.154.53]:25: 

   Connection timed out 

```

the sending MTA attempted to connect to 83.161.154.53 on port 25

83.161.154.53 did not immediately RST the connection, it simply didn't respond

*if* there is an issue on your system, i would think it would be either a)a firewall, or b)your mail system hanging trying to look something up (DNS lookup taking forever?)

'B' is not as likely

'A' may be a possibility

one thing that will help you immensely for troubleshooting both this, and just in general, if you happen to use syslog-ng, emerge it with the 'hardened' USE flag set; all this does, is separate log files out, and in the case of postfix you have a nice clean /var/log/mail.* that is dedicated just to the mail facility. You could make custom syslog filters for this I guess, but when I can just emerge with a USE flag set, this seems easier

Anyway, reason i bring that up, my next step to make sure it was not the fault of my server, is to tail -f on /var/log/mail.log, send a test message, see if there is a connection attempt. Changing debug_peer_level will give you more information.

...but i still dont think this is an issue with your system. I think it is the sending MTA.

----------

## elmar283

I solved the problem. I blocked the ip-address 85.17.178.138 with: iptables -I INPUT -s 85.17.178.138 -j DROP.

Thank you for your input and guide page. I'm going to read the guide to get a better grip on my mailserver.[/code]

----------

