Posts Tagged postfix

Virtual Hosting Hosting for the new sysadmin – Apache – Postfix

Posted by on Wednesday, 23 June, 2010

We have some users who own servers who dont want to fork out for automated systems like Plesk or Virtualmin, but don’t really want to deal with adding domains and email addresses all the time (and sometimes get lost)

I decided today after one such user emailed us to add another 3 domains and bunch of email addresses to write something simple to help him out, and thought I would share them with you.

I put the following in a plain text file in /root/adddomain.sh

#!/bin/bash
if [ ! $1 ];then
        echo "Usage: $0 domainname.com"
        exit 0
fi
 
echo Adding the virtualhost to apache
cat >/tmp/httpd.tmp < < EOF
 
<VirtualHost *:80>
DocumentRoot /var/www/CHANGEME/html
ServerName CHANGEME
ServerAlias www.CHANGEME
<directory "/var/www/CHANGEME">
allow from all
Options +Indexes
</directory>
 
 
EOF
cat /tmp/httpd.tmp | sed s/CHANGEME/$1/g >> /etc/httpd/conf/httpd.conf
 
echo Making the directory at /var/www/$1
mkdir -p /var/www/$1/html
 
echo reloading apache
/etc/init.d/httpd reload
 
echo Adding domain to mail
echo $1 /etc/postfix/virtual_domain # this was his postfix virtual domain name list

Then run

chmod +x adddomain.sh

Now I can add domains like this very easily

[root@hostname ~]# ./adddomain.sh
Usage: ./adddomain.sh domainname.com
[root@hostname ~]# ./adddomain.sh domain.co.nz
Adding the virtualhost to apache
Making the directory at /var/www/domain.co.nz
reloading apache
Reloading httpd:                                           [  OK  ]
Adding domain to mail
[root@hostname ~]#

Please note: do not add the ‘www’ part onto the domain name. That is done in the script itself where required.

Since he had set up virtual hosting in postfix, i then created another text file at /root/addmailuser.sh – this was so he could add email addresses easily and quickly. The contents were

#!/bin/bash
 
if [ ! $2 ]; then
        echo "Usage: $0 [username|destination] emailaddress"
        exit 0
fi
 
if [ -z $(echo $1 | grep @) ];then
        echo Looks like a username to me, adding the user
        adduser -s /sbin/nologin $1
        passwd $1
else
        echo Looks like a redirect off site, adding it as such
fi
 
echo Adding the email address
echo $2  $1 >> /etc/postfix/virtual
 
echo Running postmap
postmap /etc/postfix/virtual
 
echo Reloading postfix
/etc/init.d/postfix restart

Again i run the chmod on it

chmod +x addmailuser.sh

This is how I can use it

[root@hostname ~]# ./addmailuser.sh
Usage: ./addmailuser.sh [username|destination] emailaddress 
[root@hostname ~]# ./addmailuser.sh julie.domain julie@domain.co.nz
Looks like a username to me, adding the user
Changing password for user julie.domain.
New UNIX password:
BAD PASSWORD: it is too short
Retype new UNIX password:
passwd: all authentication tokens updated successfully.
Adding the email address
Running postmap
Reloading postfix
Shutting down postfix:                                     [  OK  ]
Starting postfix:                                          [  OK  ]
[root@hostname ~]#

Or I can use it to create an off site alias

[root@hostname ~]# ./addmailuser.sh james.someguy@gmail.com james@domain.co.nz
Looks like a redirect offsite, adding it as such
Adding the email address
Running postmap
Reloading postfix
Shutting down postfix:                                     [  OK  ]
Starting postfix:                                          [  OK  ]
[root@hostname ~]#

These were designed/written for Centos/RedHat based systems, let me know if you want it for Debian/Ubuntu based ones. Also, strictly speaking, things don’t need to be restarted, but it doesn’t hurt and is a good way of testing things work ok.
There is no error checking in either of these scripts, feel free to contribute patches/fixes 🙂


postfixadmin – mysql – errors

Posted by on Thursday, 5 November, 2009

A lot of people use postfixadmin, it means email users are in the database, its easy to use, easy to admin. However the setup can be a little tricky for those not used to it.

If you want to have a go doing it yourself, there is a great tutorial here http://rimuhosting.com/knowledgebase/linux/mail/postfixadmin

Today however we had the most exasperating problem trying to get postfix to connect to the database however on one particular VPS. 2 of us sat for over an hour trying to figure out why all the credentials worked fine, but postfix still couldnt connect.

The logs had the following error messages

Nov 5 01:12:40 hostname postfix/trivial-rewrite[8740]: warning: connect to mysql server localhost: Can’t connect to local MySQL server through socket ‘/var/run/mysqld/mysqld.sock’ (40)
Nov 5 01:12:40 hostname postfix/trivial-rewrite[8740]: fatal: mysql:/etc/postfix/mysql_virtual_alias_maps.cf(0,lock|fold_fix): table lookup problem
Nov 5 01:12:40 hostname postfix/trivial-rewrite[8741]: warning: connect to mysql server localhost: Can’t connect to local MySQL server through socket ‘/var/run/mysqld/mysqld.sock’ (40)
Nov 5 01:12:40 hostname postfix/trivial-rewrite[8741]: fatal: mysql:/etc/postfix/mysql_virtual_alias_maps.cf(0,lock|fold_fix): table lookup problem
Nov 5 01:12:41 hostname postfix/smtpd[8657]: warning: problem talking to service rewrite: Success
Nov 5 01:12:41 hostname postfix/smtpd[8491]: warning: problem talking to service rewrite: Connection reset by peer
Nov 5 01:12:41 hostname postfix/master[8481]: warning: process /usr/lib/postfix/trivial-rewrite pid 8740 exit status 1
Nov 5 01:12:41 hostname postfix/master[8481]: warning: /usr/lib/postfix/trivial-rewrite: bad command startup — throttling
Nov 5 01:12:41 hostname postfix/smtpd[8685]: warning: problem talking to service rewrite: Success
Nov 5 01:12:41 hostname postfix/master[8481]: warning: process /usr/lib/postfix/trivial-rewrite pid 8741 exit status 1

So clearly it was a case of not being able to connect to the MySQL server, but why? the user was fine, the host was fine, everything was checked, and rechecked. Finally I saw an email which touched on postfix being in a chroot, which meant it was unable to access the mysql.sock file (i had already checked permissions on this multiple times by now).

To make a long story short, this is a Debian based box, and the fix is to change the mysql socket to a place that the mail could access it.

/etc/init.d/mysql stop
cd /etc/mysql
mkdir backup # always
cp *.cnf backup/ # backup everything
sed -i s@/var/run/mysqld/@/var/spool/postfix/var/run/mysqld/@g my.cnf # this edits the file inline
sed -i s@/var/run/mysqld/@/var/spool/postfix/var/run/mysqld/@g debian.cnf #changing the socket location
mkdir /var/spool/postfix/var/run/mysqld/
chown mysql /var/spool/postfix/var/run/mysqld/
/etc/init.d/mysql start

This changed the mysql sock into a directory so that they postfix was able to access it, enabling all mail to run freely.


Postgrey HOWTO for Centos and Debian based Linux – Postfix Greylisting

Posted by on Wednesday, 6 May, 2009

Greylisting is a great invention to minimize a huge pile of spam. Any SMTP server thats incorrectly configured or mail sent from infected desktop machines just tries the first time, gets bounced, and never tries again.

Legitimate email comes through fine, however the downside is it can take a few minutes more than the usual. Considering how much Spam greylisting prevents its worth it for a lot of people.

The quick and dirty of the install is.

For debian based distros (Ubuntu etc included)

apt-get install postgrey

For Redhat/Centos based distros you will need to add the DAG/rpmforge repos into your lists and then

yum install postgrey

Next you need to enable it to listen on a port. In debian edit the file /etc/defaults/postgrey and add-in/edit the line

POSTGREY_OPTS="--inet=127.0.0.1:60000 --delay=60"

For Redhat based releases you need to CREATE /etc/sysconfig/postgrey and add in the following line

OPTIONS="--inet=127.0.0.1:60000 --delay=60"

Now restart the postgrey daemon with

/etc/init.d/postgrey restart

If you do a netstat you can see its now listening on localhost port 60000 (unless you buggered something up of course)

Now you need to edit the /etc/postfix/main.cf
search for the line that has smtpd_recipient_restrictions and add to it

check_policy_service inet:127.0.0.1:60000

And average config will look something like this

smtpd_recipient_restrictions =
reject_unknown_recipient_domain,
permit_mynetworks,
check_policy_service inet:127.0.0.1:60000
permit

Now reload the postfix with /etc/init.d/postfix reload
Now all you need to do is check the logs with tail -f /var/log/maillog and hope you got it all going right.