Ubuntu, postfix, dovecot mail server cannot configure with Outlook or Thunderbird mail client

I have successfully configured my email server with digital-ocean ubuntu 18.04 LEMP droplet and everything work fine so far. I can send & receive email and also successfully configured with round-cube webmail client. I used Mailgun as an SMTP relay.

But when I tried to connect to a mailbox in my mail server through outlook or Thunderbird, it keep on saying that the client failed to find the settings for the account. I tried to do the configuration manually and still giving me the same error.

Any help or suggestion would be appreciable.

Output of postconf -n

alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases append_dot_mydomain = no biff = no compatibility_level = 2 dovecot_destination_recipient_limit = 1 inet_interfaces = all inet_protocols = all mailbox_size_limit = 0 mydestination = mail.myservername.com, localhost.localdomain, localhost myhostname = myservername.com mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 readme_directory = no recipient_delimiter = + relayhost = [smtp.mailgun.org]:587 smtp_sasl_auth_enable = yes smtp_sasl_password_maps = static:postmaster@mail.myservername.com:999999999-000000000000-9999999 smtp_sasl_security_options = noanonymous smtp_tls_note_starttls_offer = yes smtp_tls_security_level = may smtp_tls_session_cache_database = btree:$  {data_directory}/smtp_scache smtpd_banner = $  myhostname ESMTP $  mail_name (Ubuntu) smtpd_recipient_restrictions = permit_sasl_authenticated permit_mynetworks reject_unauth_destination smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key smtpd_tls_security_level = may smtpd_tls_session_cache_database = btree:$  {data_directory}/smtpd_scache smtpd_use_tls = yes virtual_mailbox_domains = myservername.com virtual_transport = dovecot 

Output of dovecot -n

mail_location = maildir:/var/mail/vmail/%d/%n/Maildir mail_privileged_group = mail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext namespace inbox {   inbox = yes   location =   mailbox Drafts {     special_use = \Drafts   }   mailbox Junk {     special_use = \Junk   }   mailbox Sent {     special_use = \Sent   }   mailbox "Sent Messages" {     special_use = \Sent   }   mailbox Trash {     special_use = \Trash   }   prefix = } passdb {   args = /etc/dovecot/dovecot-sql.conf.ext   driver = sql } plugin {   sieve = file:~/sieve;active=~/.dovecot.sieve } protocols = " imap sieve" service auth {   unix_listener /var/spool/postfix/private/auth {     group = postfix     mode = 0660     user = postfix   }   unix_listener auth-userdb {     mode = 0666     user = vmail   }   user = dovecot } service imap-login {   inet_listener imap {     port = 143   } } service imap {   process_limit = 1024 } ssl_cert = </etc/dovecot/private/dovecot.pem ssl_client_ca_dir = /etc/ssl/certs ssl_key =  # hidden, use -P to show it userdb {   args = uid=vmail gid=vmail home=/var/mail/vmail/%d/%n   driver = static } protocol lda {   mail_plugins = " sieve" } 

sudo nmap your-server-ip gives following output :

PORT    STATE  SERVICE 22/tcp  open   ssh 80/tcp  open   http 443/tcp closed https 587/tcp open   submission 

Dovecot Configuration: rewriting / key→value lookup for variables; aliasing the domain

I’d like to configure Dovecot in a way so that it dispatches userdb/passwd lookups into domain specific locations, where the domain itself may have several aliases, but all of them direct to the same location.

The Dovecot wiki gives a simple, trivial example

Multiple passwd files

You can use all the variables in the passwd-file filenames, for example:

passdb {   driver = passwd-file   # Each domain has a separate passwd-file:   args = /etc/auth/%d/passwd } 

However this does not take care of the domain aliasing that may take place. For example a company might have the domains example.com and example.org, and would like to alias them to all work with the same file /site/example/mail/passwd.

Assuming the above example, it would require to rewrite the %d variable through some alias lookup or to first alias the domain, before moving on to look up the user and authenticating.

Now I do understand that Dovecot doesn’t treat the domain part in any special way, so I could users just have configure their MUAs using the joint domain alias. However this doesn’t deal with domain aliasing on delivery.

Ideally I could insert some lookup to rewrite the domain part early on, to be used for delivery and authentication. However I don’t see how to do that without crude hacks.

Set Up And Configure Postfix E-Mail Server with Dovecot On Ubuntu 16.04

Set Up And Configure Postfix E-Mail Server with Dovecot

With this tutorial, we assume that you have already installed Postfix, an open-source mail transfer agent. After that, we install and configure Dovecot, an open source IMAP and POP3 email server for Linux/UNIX-like systems.

Finally, we shall install SquirrelMail, a mail user interface, to show that Postfix and Dovecot really work.

What We Are Going To Cover

  • How to install Apache and PHP 7.3
  • Install Postfix mail server
  • Installing Dovecot as a mail client
  • Install and configure SquirrelMail
  • Annuling errors in SquirrelMail installation
  • Creating a user which will send and receive mail
  • Send mail from SquirrelMail

Prerequisites

We use Ubuntu 16.04:

  • Starting with a clean VPS with
  • At least 512Mb of RAM and
  • 15Gb of free disk space.
  • You will need root user access and
  • DNS records for your domain must be already in place, especially PTR and MX.
  • In this post we assume that you have worked through “How To Install And Configure Postfix“, and that you have Postfix up and running as instructed.

We start from scratch and install all that we need to finish up with a running SquirrelMail.

Step 1: Install Apache

First, update your package manager’s cache:

sudo apt update -y 

Install the Apache web server:

sudo apt install apache2 -y 

Enable its service to make it run on every system boot:

sudo systemctl enable apache2 

Finally, start it:

sudo systemctl start apache2 

To verify that Apache was installed successfully, access it from your local browser by navigating to http://YOUR_DOMAIN/. If that does not work, try adding :80 in the end, like this:

http://YOUR_DOMAIN:80 

You should see a welcome page for Apache, which means that you now have Apache running.

CakePHP Installation Apache is running

Step 2: Install PHP 7.3

First, install the prerequisite packages:

sudo apt install software-properties-common python-software-properties 

Then, add the ondrej PPA:

sudo add-apt-repository -y ppa:ondrej/php 

and update your sources by running:

sudo apt update 

Install PHP 7.3 using the following command:

sudo apt install php7.3 php7.3-cli php7.3-common 

Step 3: Install PHP Extensions

These are the usual extensions that many programs expect to be there:

  • session support, the Standard PHP Library (SPL) extension, hash, ctype, and JSON support
  • mbstring, zip, gd. openssl, libxml, curl

Install them:

sudo apt install php7.3-curl php7.3-gd php7.3-json  php7.3-mbstring php7.3-intl php7.3-mysql php7.3-xml php7.3-zip 

Restart Apache to activate:

sudo systemctl restart apache2 

Step 4: Install Postfix Mail Server

We have gone over installation of Postfix in some length in article “How To Install And Configure Postfix“. Here we only repeat the commands:

sudo apt-get install postfix 

Select Internet site, and enter FQDN site name, for instance, aleksasavic.com. Next restart Postfix:

sudo service postfix restart 

Step 5: Install Dovecot

Postfix is the mail server while Dovecot is a mail delivery agent (MDA). They cooperate as Dovecot delivers the emails from/to Postfix.

Dovecot is a secure IMAP server. It silently indexes email messages in the background, and will replace most other IMAP clients. Besides Postfix, it works with Exim as well, and will even offer workarounds for some bugs present in other IMAP and POP3 clients

For the basic installation of Dovecot, only two commands are needed:

sudo apt-get install dovecot-imapd dovecot-pop3d sudo service dovecot restart 

Step 6: Install SquirrelMail

SquirrelMail is a standards-based webmail package written in PHP. It includes built-in pure PHP support for the IMAP and SMTP protocols, and all pages render in HTML 4.0 (with no JavaScript required) for maximum compatibility across browsers. It has few requirements and is easy to configure and install. SquirrelMail also supports MIME, address books, and folder manipulation.

Here is how to install it:

sudo apt-get install squirrelmail sudo squirrelmail-configure 

Step 7: Configuring SquirellMail

Now we need to configure SquirrelMail, through a special command:

sudo squirrelmail-configure 

We are met with a series of textual menus.

Enter 2 for server settings and another menu:

Now select 1 to change domain name to your domain name.

To go back, enter R and press Enter on the keyboard.

Next to change is option 4 for General Options.

We go after option “Allow server-side sorting”; enter “11” and change it from “false” to “true” by entering “y”. Press Enter on the keyboard, and enter the “S” key to save the configuration file.

Finally, Q to quit.

Now we copy squirrel configuration files to apache:

sudo cp /etc/squirrelmail/apache.conf /etc/apache2/sites-available/squirrelmail.conf sudo a2ensite squirrelmail.conf && sudo service apache2 reload 

Restart Apache to activate:

sudo systemctl restart apache2 

We have installed Postfix, Dovecot, and SquirrelMail. Now we should be able to see SquirrelMail in action, by navigating to

aleksasavic.com/squirrelmail 

in the browser.

Step 8: Create Email User

Let us now define a user which will have access to the mail:

sudo useradd squser sudo passwd squser sudo mkdir -p /var/www/html/squser 

We also have to state permissions for the aquser:

sudo chown -R squser:squser /var/www/html/squser 

Login into your mail again. If there are directories without permissions, execute these commands:

sudo chmod 777 /var/mail sudo chmod 777 /var/www sudo chmod 777 /home 

Step 9: Resolving Errors

If there are errors, have a look at errors log:

sudo nano /var/log/mail.err 

and find what the complaint is about. In this case:

mkdir(/home/squser/mail) failed: Permission denied ( euid=1002(squser) egid=1002(squser) missing +w perm: /home, 

so we need to give writing permission to folder /home:

sudo chmod 777 /home 

Execute command

/etc/init.d/postfix reload 

to activate the changes we have just created. Restart Postfix:

sudo service postfix restart

Step 10: Encrypt Mail with Standard TLS

Email started out as sending plain text from sender to recipient. That is not safe, so the messages should be encrypted — protected while in transfer. Only the intended recipient should be able to read them.

We shall now protect the transfer with standard protocol STARTTLS:

sudo postconf -e 'smtptlssecuritylevel = may' sudo postconf -e 'smtpdtlssecuritylevel = may' sudo postconf -e 'smtptlsnotestarttlsoffer = yes' sudo service postfix restart 

Step 11: Send Email From SquirrelMail

Let us return to the browser, we should enter user name and password. User name is the name of the user that we created, such as squser and password to enter is its password from Ubuntu.


Enter SquirrelMail. If everything goes well, we shall see good old SquirrelMail on the screen. You should be able to send messages immediately, while to receive them, you would have to set up an MX parameter at your registrar’s site. You might also need to configure Postfix a bit more, which is out of scope of this article.

What To Do Next

SquirrelMail is a mature application and its development has stopped five years ago. You can still run it in production environment and it won’t fail you. You may also want to install another email client such as RoundCube, which is much harder to install but is well maintained and more powerful compared to SquirrelMail.

Dusko Savic is a technical writer and Flutter programmer.

duskosavic.com

The post Set Up And Configure Postfix E-Mail Server with Dovecot On Ubuntu 16.04 appeared first on Low End Box.

How to apply Postfix aliases before handing off to Dovecot via LMTP? [on hold]

I’ll try to be as brief as I can explaining this.

I have a CentOS 7 server configured with Postfix, mail_version = 2.10.1, and Dovecot, version 2.2.36 (1f10bfa63).

I recently configured dovecot to process Sieve filtering rules, with the following configuration change in dovecot.conf:

protocols = imap pop3 lmtp 

As well as in 10-master.conf:

service lmtp {   unix_listener /var/spool/postfix/private/dovecot-lmtp {     group = postfix     mode = 0600     user = postfix   }    client_limit = 0 } 

And in Postfix, the line

local_transport = lmtp:unix:private/dovecot-lmtp 

was added.

This all works as intended, but I’m getting constant notifications that emails for root are in the deferred queue, as Dovecot is rejecting them. root itself should never be the end recipient of an email. As well, various other “fake” (valid addresses w/o user accounts) accounts are present in /etc/aliases, but Dovecot is responding saying they don’t exist.

The problem seems to be that, with this configuration, Postfix is sending local mail messages (that is to say, all of them) to Dovecot’s LMTP socket before it does any alias translation. root emails getting stalled are a symptom, but the underlying problem seems to be that Postfix is giving the original recipient’s name to the LMTP RCPT TO, and causing issues.

What’s the appropriate way to apply the alias table before delivery elsewhere?

If I am using dovecot for submission, should I reject all emails sent through postfix?

I have configured dovecot submission service on port 587, with the relay being the postfix server. They are on two different ip addresses/machines.

The only way I want email to be sent, is through port 587, meaning dovecot will handle it and relay it to postfix. I do not want people or anything connecting to port 25 to create new emails and send them to anybody. Everything has to go through dovecot, and therefore all mails are authenticated against a SASL/mysql database.

Does this mean in postfix, I should set:

smtpd_sender_restrictions = reject

Therefore any sender is immediately rejected without any processing at all, or would this prevent dovecot from also sending?

Ubuntu 16.04 + Postfix + Dovecot => Send ok, but not Receiving

I’m using Ubuntu 16.04, and installed iredadmin.

Postfix + Dovecot are running, but I cant receive e-mails, just send.

/var/log/mail.log (LOGS)

Mar 19 13:08:51 construlista postfix/smtpd[17128]: >>> CHECKING RECIPIENT MAPS <<< Mar 19 13:08:51 construlista postfix/smtpd[17128]: ctable_locate: leave existing entry key fernando@construlista.com.br Mar 19 13:08:51 construlista postfix/smtpd[17128]: maps_find: recipient_canonical_maps: fernando@construlista.com.br: not found Mar 19 13:08:51 construlista postfix/smtpd[17128]: maps_find: recipient_canonical_maps: fernando: not found Mar 19 13:08:51 construlista postfix/smtpd[17128]: maps_find: recipient_canonical_maps: @construlista.com.br: not found Mar 19 13:08:51 construlista postfix/smtpd[17128]: mail_addr_find: fernando@construlista.com.br -> (not found) Mar 19 13:08:51 construlista postfix/smtpd[17128]: maps_find: canonical_maps: fernando@construlista.com.br: not found Mar 19 13:08:51 construlista postfix/smtpd[17128]: maps_find: canonical_maps: fernando: not found Mar 19 13:08:51 construlista postfix/smtpd[17128]: maps_find: canonical_maps: @construlista.com.br: not found Mar 19 13:08:51 construlista postfix/smtpd[17128]: mail_addr_find: fernando@construlista.com.br -> (not found) Mar 19 13:08:51 construlista postfix/smtpd[17128]: send attr request = lookup Mar 19 13:08:51 construlista postfix/smtpd[17128]: send attr table = mysql:/etc/postfix/mysql/virtual_alias_maps.cf Mar 19 13:08:51 construlista postfix/smtpd[17128]: send attr flags = 524352 Mar 19 13:08:51 construlista postfix/smtpd[17128]: send attr key = fernando@construlista.com.br Mar 19 13:08:51 construlista postfix/smtpd[17128]: private/proxymap socket: wanted attribute: status Mar 19 13:08:51 construlista postfix/smtpd[17128]: input attribute name: status Mar 19 13:08:51 construlista postfix/smtpd[17128]: input attribute value: 0 Mar 19 13:08:51 construlista postfix/smtpd[17128]: private/proxymap socket: wanted attribute: value Mar 19 13:08:51 construlista postfix/smtpd[17128]: input attribute name: value Mar 19 13:08:51 construlista postfix/smtpd[17128]: input attribute value: fernando@construlista.com.br Mar 19 13:08:51 construlista postfix/smtpd[17128]: private/proxymap socket: wanted attribute: (list terminator) Mar 19 13:08:51 construlista postfix/smtpd[17128]: input attribute name: (end) Mar 19 13:08:51 construlista postfix/smtpd[17128]: dict_proxy_lookup: table=mysql:/etc/postfix/mysql/virtual_alias_maps.cf flags=lock|utf8_request key=fernando@construlista.com.br -> status=0 result=fernando@construlista.com.br Mar 19 13:08:51 construlista postfix/smtpd[17128]: maps_find: virtual_alias_maps: proxy:mysql:/etc/postfix/mysql/virtual_alias_maps.cf(0,lock|fold_fix|utf8_request): fernando@construlista.com.br = fernando@construlista.com.br Mar 19 13:08:51 construlista postfix/smtpd[17128]: mail_addr_find: fernando@construlista.com.br -> fernando@construlista.com.br Mar 19 13:08:51 construlista postfix/smtpd[17128]: before input_transp_cleanup: cleanup flags = enable_header_body_filter enable_automatic_bcc enable_address_mapping enable_milters Mar 19 13:08:51 construlista postfix/smtpd[17128]: after input_transp_cleanup: cleanup flags = enable_header_body_filter enable_automatic_bcc enable_address_mapping Mar 19 13:08:51 construlista postfix/smtpd[17128]: name_mask: sendmail Mar 19 13:08:51 construlista postfix/smtpd[17128]: name_mask: verify Mar 19 13:08:51 construlista postfix/smtpd[17128]: connect to subsystem public/cleanup Mar 19 13:08:51 construlista postfix/smtpd[17128]: public/cleanup socket: wanted attribute: queue_id Mar 19 13:08:51 construlista postfix/smtpd[17128]: input attribute name: queue_id Mar 19 13:08:51 construlista postfix/smtpd[17128]: input attribute value: F0D43E0611 Mar 19 13:08:51 construlista postfix/smtpd[17128]: public/cleanup socket: wanted attribute: (list terminator) Mar 19 13:08:51 construlista postfix/smtpd[17128]: input attribute name: (end) Mar 19 13:08:51 construlista postfix/smtpd[17128]: send attr flags = 178 Mar 19 13:08:51 construlista postfix/smtpd[17128]: F0D43E0611: client=mail-ua1-f47.google.com[209.85.222.47] Mar 19 13:08:51 construlista postfix/smtpd[17128]: > mail-ua1-f47.google.com[209.85.222.47]: 250 2.1.5 Ok Mar 19 13:08:51 construlista postfix/smtpd[17128]: < mail-ua1-f47.google.com[209.85.222.47]: DATA Mar 19 13:08:51 construlista postfix/smtpd[17128]: >>> START Data command RESTRICTIONS <<< Mar 19 13:08:51 construlista postfix/smtpd[17128]: generic_checks: name=reject_unauth_pipelining Mar 19 13:08:51 construlista postfix/smtpd[17128]: reject_unauth_pipelining: DATA Mar 19 13:08:51 construlista postfix/smtpd[17128]: generic_checks: name=reject_unauth_pipelining status=0 Mar 19 13:08:51 construlista postfix/smtpd[17128]: >>> END Data command RESTRICTIONS <<< Mar 19 13:08:51 construlista postfix/smtpd[17128]: > mail-ua1-f47.google.com[209.85.222.47]: 354 End data with <CR><LF>.<CR><LF> Mar 19 13:08:51 construlista postfix/smtpd[17128]: >>> START End-of-data RESTRICTIONS <<< Mar 19 13:08:51 construlista postfix/smtpd[17128]: generic_checks: name=check_policy_service Mar 19 13:08:51 construlista postfix/smtpd[17128]: send attr request = smtpd_access_policy Mar 19 13:08:51 construlista postfix/smtpd[17128]: send attr protocol_state = END-OF-MESSAGE Mar 19 13:08:51 construlista postfix/smtpd[17128]: send attr protocol_name = ESMTP Mar 19 13:08:51 construlista postfix/smtpd[17128]: send attr client_address = 209.85.222.47 Mar 19 13:08:51 construlista postfix/smtpd[17128]: send attr client_name = mail-ua1-f47.google.com Mar 19 13:08:51 construlista postfix/smtpd[17128]: send attr client_port = 37563 Mar 19 13:08:51 construlista postfix/smtpd[17128]: send attr reverse_client_name = mail-ua1-f47.google.com Mar 19 13:08:51 construlista postfix/smtpd[17128]: send attr helo_name = mail-ua1-f47.google.com Mar 19 13:08:51 construlista postfix/smtpd[17128]: send attr sender = fernandoofj@gmail.com Mar 19 13:08:51 construlista postfix/smtpd[17128]: send attr recipient = fernando@construlista.com.br Mar 19 13:08:51 construlista postfix/smtpd[17128]: send attr recipient_count = 1 Mar 19 13:08:51 construlista postfix/smtpd[17128]: send attr queue_id = F0D43E0611 Mar 19 13:08:51 construlista postfix/smtpd[17128]: send attr instance = 42e8.5c90e9e2.e5ba4.0 Mar 19 13:08:51 construlista postfix/smtpd[17128]: send attr size = 3774 Mar 19 13:08:51 construlista postfix/smtpd[17128]: send attr etrn_domain = Mar 19 13:08:51 construlista postfix/smtpd[17128]: send attr stress = Mar 19 13:08:51 construlista postfix/smtpd[17128]: send attr sasl_method = Mar 19 13:08:51 construlista postfix/smtpd[17128]: send attr sasl_username = Mar 19 13:08:51 construlista postfix/smtpd[17128]: send attr sasl_sender = Mar 19 13:08:51 construlista postfix/smtpd[17128]: send attr ccert_subject = Mar 19 13:08:51 construlista postfix/smtpd[17128]: send attr ccert_issuer = Mar 19 13:08:51 construlista postfix/smtpd[17128]: send attr ccert_fingerprint = Mar 19 13:08:51 construlista postfix/smtpd[17128]: send attr ccert_pubkey_fingerprint = Mar 19 13:08:51 construlista postfix/smtpd[17128]: send attr encryption_protocol = TLSv1.2 Mar 19 13:08:51 construlista postfix/smtpd[17128]: send attr encryption_cipher = ECDHE-RSA-AES128-GCM-SHA256 Mar 19 13:08:51 construlista postfix/smtpd[17128]: send attr encryption_keysize = 128 Mar 19 13:08:51 construlista postfix/smtpd[17128]: send attr policy_context = Mar 19 13:08:51 construlista postfix/smtpd[17128]: 127.0.0.1:7777: wanted attribute: action Mar 19 13:08:51 construlista postfix/smtpd[17128]: input attribute name: action Mar 19 13:08:51 construlista postfix/smtpd[17128]: input attribute value: DUNNO Mar 19 13:08:51 construlista postfix/smtpd[17128]: 127.0.0.1:7777: wanted attribute: (list terminator) Mar 19 13:08:51 construlista postfix/smtpd[17128]: input attribute name: (end) Mar 19 13:08:51 construlista postfix/smtpd[17128]: check_table_result: inet:127.0.0.1:7777 DUNNO policy query Mar 19 13:08:51 construlista postfix/smtpd[17128]: generic_checks: name=check_policy_service status=0 Mar 19 13:08:51 construlista postfix/smtpd[17128]: >>> END End-of-data RESTRICTIONS <<< Mar 19 13:08:51 construlista postfix/cleanup[17133]: F0D43E0611: message-id=<CAOMs5R6Vo5iWq53JkPG54Cc0diz=ctC1=OjW-CJ=aPE+QKVuwQ@mail.gmail.com> Mar 19 13:08:51 construlista postfix/smtpd[17128]: public/cleanup socket: wanted attribute: status Mar 19 13:08:51 construlista postfix/smtpd[17128]: input attribute name: status Mar 19 13:08:51 construlista postfix/smtpd[17128]: input attribute value: 0 Mar 19 13:08:51 construlista postfix/smtpd[17128]: public/cleanup socket: wanted attribute: reason Mar 19 13:08:51 construlista postfix/smtpd[17128]: input attribute name: reason Mar 19 13:08:51 construlista postfix/smtpd[17128]: input attribute value: (end) Mar 19 13:08:51 construlista postfix/smtpd[17128]: public/cleanup socket: wanted attribute: (list terminator) Mar 19 13:08:51 construlista postfix/smtpd[17128]: input attribute name: (end) Mar 19 13:08:51 construlista postfix/smtpd[17128]: > mail-ua1-f47.google.com[209.85.222.47]: 250 2.0.0 Ok: queued as F0D43E0611 Mar 19 13:08:51 construlista postfix/qmgr[16807]: F0D43E0611: from=<fernandoofj@gmail.com>, size=3993, nrcpt=1 (queue active) Mar 19 13:08:51 construlista postfix/smtpd[17128]: < mail-ua1-f47.google.com[209.85.222.47]: QUIT Mar 19 13:08:51 construlista postfix/smtpd[17128]: > mail-ua1-f47.google.com[209.85.222.47]: 221 2.0.0 Bye Mar 19 13:08:51 construlista postfix/smtpd[17128]: match_hostname: smtpd_client_event_limit_exceptions: mail-ua1-f47.google.com ~? 127.0.0.1 Mar 19 13:08:51 construlista postfix/smtpd[17128]: match_hostaddr: smtpd_client_event_limit_exceptions: 209.85.222.47 ~? 127.0.0.1 Mar 19 13:08:51 construlista postfix/smtpd[17128]: match_list_match: mail-ua1-f47.google.com: no match Mar 19 13:08:51 construlista postfix/smtpd[17128]: match_list_match: 209.85.222.47: no match Mar 19 13:08:51 construlista postfix/smtpd[17128]: send attr request = disconnect Mar 19 13:08:51 construlista postfix/smtpd[17128]: send attr ident = smtp:209.85.222.47 Mar 19 13:08:51 construlista postfix/smtpd[17128]: private/anvil: wanted attribute: status Mar 19 13:08:51 construlista postfix/smtpd[17128]: input attribute name: status Mar 19 13:08:51 construlista postfix/smtpd[17128]: input attribute value: 0 Mar 19 13:08:51 construlista postfix/smtpd[17128]: private/anvil: wanted attribute: (list terminator) Mar 19 13:08:51 construlista postfix/smtpd[17128]: input attribute name: (end) Mar 19 13:08:51 construlista postfix/smtpd[17128]: disconnect from mail-ua1-f47.google.com[209.85.222.47] ehlo=2 starttls=1 mail=1 rcpt=1 data=1 quit=1 commands=7 Mar 19 13:08:51 construlista postfix/smtpd[17128]: master_notify: status 1 Mar 19 13:08:51 construlista postfix/smtpd[17128]: connection closed Mar 19 13:08:51 construlista postfix/10025/smtpd[17312]: connect from localhost.localdomain[127.0.0.1] Mar 19 13:08:51 construlista postfix/10025/smtpd[17312]: D0C27E0612: client=localhost.localdomain[127.0.0.1] Mar 19 13:08:51 construlista postfix/cleanup[17133]: D0C27E0612: message-id=<CAOMs5R6Vo5iWq53JkPG54Cc0diz=ctC1=OjW-CJ=aPE+QKVuwQ@mail.gmail.com> Mar 19 13:08:51 construlista postfix/10025/smtpd[17312]: disconnect from localhost.localdomain[127.0.0.1] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5 Mar 19 13:08:51 construlista postfix/qmgr[16807]: D0C27E0612: from=<fernandoofj@gmail.com>, size=4607, nrcpt=1 (queue active) Mar 19 13:08:51 construlista amavis[777]: (00777-02) Passed CLEAN {RelayedInbound}, [209.85.222.47]:37563 [209.85.222.47] <fernandoofj@gmail.com> -> <fernando@construlista.com.br>, Queue-ID: F0D43E0611, Message-ID: <CAOMs5R6Vo5iWq53JkPG54Cc0diz=ctC1=OjW-CJ=aPE+QKVuwQ@mail.gmail.com>, mail_id: cEVMAl9_ElRd, Hits: 0.86, size: 3993, queued_as: D0C27E0612, dkim_sd=20161025:gmail.com, 805 ms, Tests: [DKIM_SIGNED=0.1,DKIM_VALID=-0.1,DKIM_VALID_AU=-0.1,DKIM_VALID_EF=-0.1,FREEMAIL_FROM=0.001,HTML_IMAGE_ONLY_16=1.048,HTML_MESSAGE=0.001,SPF_PASS=-0.001,T_REMOTE_IMAGE=0.01,URIBL_BLOCKED=0.001] Mar 19 13:08:51 construlista postfix/amavis/smtp[17139]: F0D43E0611: to=<fernando@construlista.com.br>, relay=127.0.0.1[127.0.0.1]:10024, delay=0.97, delays=0.15/0/0.01/0.81, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as D0C27E0612) Mar 19 13:08:51 construlista postfix/qmgr[16807]: F0D43E0611: removed Mar 19 13:08:51 construlista postfix/pipe[17313]: D0C27E0612: to=<fernando@construlista.com.br>, relay=dovecot, delay=0.13, delays=0.02/0.03/0/0.08, dsn=4.3.0, status=deferred (temporary failure) Mar 19 13:08:55 construlista postfix/smtpd[17128]: auto_clnt_close: disconnect private/tlsmgr stream Mar 19 13:08:55 construlista postfix/smtpd[17128]: rewrite stream disconnect Mar 19 13:08:55 construlista postfix/smtpd[17128]: proxymap stream disconnect Mar 19 13:10:20 construlista postfix/qmgr[16807]: 5461DE060E: from=<fernandoofj@gmail.com>, size=5401, nrcpt=1 (queue active) Mar 19 13:10:20 construlista postfix/qmgr[16807]: 6C0AFE060D: from=<fernandoofj@gmail.com>, size=4579, nrcpt=1 (queue active) Mar 19 13:10:20 construlista postfix/pipe[17313]: 5461DE060E: to=<fernando@construlista.com.br>, relay=dovecot, delay=468, delays=468/0.04/0/0.17, dsn=4.3.0, status=deferred (temporary failure) Mar 19 13:10:20 construlista postfix/pipe[17639]: 6C0AFE060D: to=<fernando@construlista.com.br>, relay=dovecot, delay=506, delays=506/0.03/0/0.19, dsn=4.3.0, status=deferred (temporary failure) 

Postfix main.cf

# -------------------- # INSTALL-TIME CONFIGURATION INFORMATION # # location of the Postfix queue. Default is /var/spool/postfix. queue_directory = /var/spool/postfix  # location of all postXXX commands. Default is /usr/sbin. command_directory = /usr/sbin  # location of all Postfix daemon programs (i.e. programs listed in the # master.cf file). This directory must be owned by root. # Default is /usr/libexec/postfix daemon_directory = /usr/lib/postfix/sbin  # location of Postfix-writable data files (caches, random numbers). # This directory must be owned by the mail_owner account (see below). # Default is /var/lib/postfix. data_directory = /var/lib/postfix  # owner of the Postfix queue and of most Postfix daemon processes. # Specify the name of a user account THAT DOES NOT SHARE ITS USER OR GROUP ID # WITH OTHER ACCOUNTS AND THAT OWNS NO OTHER FILES OR PROCESSES ON THE SYSTEM. # In particular, don't specify nobody or daemon. PLEASE USE A DEDICATED USER. # Default is postfix. mail_owner = postfix  # The following parameters are used when installing a new Postfix version. # # sendmail_path: The full pathname of the Postfix sendmail command. # This is the Sendmail-compatible mail posting interface. # sendmail_path = /usr/sbin/sendmail  # newaliases_path: The full pathname of the Postfix newaliases command. # This is the Sendmail-compatible command to build alias databases. # newaliases_path = /usr/bin/newaliases  # full pathname of the Postfix mailq command.  This is the Sendmail-compatible # mail queue listing command. mailq_path = /usr/bin/mailq  # group for mail submission and queue management commands. # This must be a group name with a numerical group ID that is not shared with # other accounts, not even with the Postfix account. setgid_group = postdrop  # external command that is executed when a Postfix daemon program is run with # the -D option. # # Use "command .. & sleep 5" so that the debugger can attach before # the process marches on. If you use an X-based debugger, be sure to # set up your XAUTHORITY environment variable before starting Postfix. # debugger_command =     PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin     ddd $  daemon_directory/$  process_name $  process_id & sleep 5  debug_peer_level = 2  # -------------------- # CUSTOM SETTINGS #  # SMTP server response code when recipient or domain not found. unknown_local_recipient_reject_code = 550  # Do not notify local user. biff = no  # Disable the rewriting of "site!user" into "user@site". swap_bangpath = no  # Disable the rewriting of the form "user%domain" to "user@domain". allow_percent_hack = no  # Allow recipient address start with '-'. allow_min_user = no  # Disable the SMTP VRFY command. This stops some techniques used to # harvest email addresses. disable_vrfy_command = yes  # Enable both IPv4 and/or IPv6: ipv4, ipv6, all. inet_protocols = all  # Enable all network interfaces. inet_interfaces = all  # # TLS settings. # # SSL key, certificate, CA # smtpd_tls_key_file = /etc/ssl/private/iRedMail.key smtpd_tls_cert_file = /etc/ssl/certs/iRedMail.crt smtpd_tls_CAfile = /etc/ssl/certs/iRedMail.crt  # # Disable SSLv2, SSLv3 # smtpd_tls_protocols = !SSLv2 !SSLv3 smtpd_tls_mandatory_protocols = !SSLv2 !SSLv3 smtp_tls_protocols = !SSLv2 !SSLv3 smtp_tls_mandatory_protocols = !SSLv2 !SSLv3 lmtp_tls_protocols = !SSLv2 !SSLv3 lmtp_tls_mandatory_protocols = !SSLv2 !SSLv3  # # Fix 'The Logjam Attack'. # smtpd_tls_exclude_ciphers = aNULL, eNULL, EXPORT, DES, RC4, MD5, PSK, aECDH, EDH-DSS-DES-CBC3-SHA, EDH-RSA-DES-CDC3-SHA, KRB5-DE5, CBC3-SHA smtpd_tls_dh512_param_file = /etc/ssl/dh512_param.pem smtpd_tls_dh1024_param_file = /etc/ssl/dh2048_param.pem  tls_random_source = dev:/dev/urandom  # Log only a summary message on TLS handshake completion — no logging of client # certificate trust-chain verification errors if client certificate # verification is not required. With Postfix 2.8 and earlier, log the summary # message, peer certificate summary information and unconditionally log # trust-chain verification errors. smtp_tls_loglevel = 1 smtpd_tls_loglevel = 1  # Opportunistic TLS: announce STARTTLS support to remote SMTP clients, but do # not require that clients use TLS encryption. smtpd_tls_security_level = may  # Produce `Received:` message headers that include information about the # protocol and cipher used, as well as the remote SMTP client CommonName and # client certificate issuer CommonName. # This is disabled by default, as the information may be modified in transit # through other mail servers. Only information that was recorded by the final # destination can be trusted. #smtpd_tls_received_header = yes  # Opportunistic TLS, used when Postfix sends email to remote SMTP server. # Use TLS if this is supported by the remote SMTP server, otherwise use # plaintext. # References: #   - http://www.postfix.org/TLS_README.html#client_tls_may #   - http://www.postfix.org/postconf.5.html#smtp_tls_security_level smtp_tls_security_level = may  # Use the same CA file as smtpd. smtp_tls_CAfile = $  smtpd_tls_CAfile smtp_tls_note_starttls_offer = yes  # Enable long, non-repeating, queue IDs (queue file names). # The benefit of non-repeating names is simpler logfile analysis and easier # queue migration (there is no need to run "postsuper" to change queue file # names that don't match their message file inode number). #enable_long_queue_ids = yes  # Reject unlisted sender and recipient smtpd_reject_unlisted_recipient = yes smtpd_reject_unlisted_sender = yes  # Header and body checks with PCRE table header_checks = pcre:/etc/postfix/header_checks body_checks = pcre:/etc/postfix/body_checks.pcre  # A mechanism to transform commands from remote SMTP clients. # This is a last-resort tool to work around client commands that break # interoperability with the Postfix SMTP server. Other uses involve fault # injection to test Postfix's handling of invalid commands. # Requires Postfix-2.7+. #smtpd_command_filter = pcre:/etc/postfix/command_filter.pcre  # HELO restriction smtpd_helo_required = yes smtpd_helo_restrictions =     permit_mynetworks     permit_sasl_authenticated     check_helo_access pcre:/etc/postfix/helo_access.pcre     reject_non_fqdn_helo_hostname     reject_unknown_helo_hostname  # Sender restrictions smtpd_sender_restrictions = #    reject_unknown_sender_domain     reject_non_fqdn_sender #    reject_unlisted_sender     permit_mynetworks     permit_sasl_authenticated     check_sender_access pcre:/etc/postfix/sender_access.pcre  # Recipient restrictions #smtpd_recipient_restrictions = #    reject_unknown_recipient_domain #    reject_non_fqdn_recipient #    reject_unlisted_recipient #    check_policy_service inet:127.0.0.1:7777 #    permit_mynetworks #    permit_sasl_authenticated #    reject_unauth_destination  smtpd_relay_restrictions = permit_mynetworks,          permit_sasl_authenticated,         reject_unauth_destination  # END-OF-MESSAGE restrictions smtpd_end_of_data_restrictions =     check_policy_service inet:127.0.0.1:7777  # Data restrictions smtpd_data_restrictions = reject_unauth_pipelining  proxy_read_maps = $  canonical_maps $  lmtp_generic_maps $  local_recipient_maps $  mydestination $  mynetworks $  recipient_bcc_maps $  recipient_canonical_maps $  relay_domains $  relay_recipient_maps $  relocated_maps $  sender_bcc_maps $  sender_canonical_maps $  smtp_generic_maps $  smtpd_sender_login_maps $  transport_maps $  virtual_alias_domains $  virtual_alias_maps $  virtual_mailbox_domains $  virtual_mailbox_maps $  smtpd_sender_restrictions $  sender_dependent_relayhost_maps  # Avoid duplicate recipient messages. Default is 'yes'. enable_original_recipient = no  # Virtual support. virtual_minimum_uid = 2000 virtual_uid_maps = static:2000 virtual_gid_maps = static:2000 virtual_mailbox_base = /var/vmail  # Do not set virtual_alias_domains. virtual_alias_domains =  # # Enable SASL authentication on port 25 and force TLS-encrypted SASL authentication. # WARNING: NOT RECOMMENDED to enable smtp auth on port 25, all end users should #          be forced to submit email through port 587 instead. # smtpd_sasl_auth_enable = yes #smtpd_sasl_security_options = noanonymous #smtpd_tls_auth_only = yes  # hostname myhostname = construlista.com.br myorigin = construlista.com.br mydomain = construlista.com.br  # trusted SMTP clients which are allowed to relay mail through Postfix. # # Note: additional IP addresses/networks listed in mynetworks should be listed #       in iRedAPD setting 'MYNETWORKS' (in `/opt/iredapd/settings.py`) too. #       for example: # #       MYNETWORKS = ['xx.xx.xx.xx', 'xx.xx.xx.0/24', ...] # mynetworks = 127.0.0.1  # Accepted local emails #mydestination = $  myhostname, localhost, localhost.localdomain, construlista.com.br, construlista.net.br, infinityenge.com, infinityenge.com.br #mydestination = localhost.$  mydomain, localhost, localhost.localdomain #working#mydestination = localhost.$  mydomain, localhost, $  mydomain mydestination = localhost, localhost.localdomain  alias_maps = hash:/etc/postfix/aliases alias_database = hash:/etc/postfix/aliases  # Default message_size_limit. message_size_limit = 15728640  # The set of characters that can separate a user name from its extension # (example: user+foo), or a .forward file name from its extension (example: # .forward+foo). # Postfix 2.11 and later supports multiple characters. recipient_delimiter = +  # The time after which the sender receives a copy of the message headers of # mail that is still queued. Default setting is disabled (0h) by Postfix. #delay_warning_time = 1h compatibility_level = 2 # # Lookup virtual mail accounts # transport_maps =     proxy:mysql:/etc/postfix/mysql/transport_maps_user.cf     proxy:mysql:/etc/postfix/mysql/transport_maps_domain.cf  sender_dependent_relayhost_maps =     proxy:mysql:/etc/postfix/mysql/sender_dependent_relayhost_maps.cf  # Lookup table with the SASL login names that own the sender (MAIL FROM) addresses. smtpd_sender_login_maps =     proxy:mysql:/etc/postfix/mysql/sender_login_maps.cf  virtual_mailbox_domains =     proxy:mysql:/etc/postfix/mysql/virtual_mailbox_domains.cf  relay_domains =     $  mydestination     proxy:mysql:/etc/postfix/mysql/relay_domains.cf  virtual_mailbox_maps =     proxy:mysql:/etc/postfix/mysql/virtual_mailbox_maps.cf  virtual_alias_maps =     proxy:mysql:/etc/postfix/mysql/virtual_alias_maps.cf     proxy:mysql:/etc/postfix/mysql/domain_alias_maps.cf     proxy:mysql:/etc/postfix/mysql/catchall_maps.cf     proxy:mysql:/etc/postfix/mysql/domain_alias_catchall_maps.cf  sender_bcc_maps =     proxy:mysql:/etc/postfix/mysql/sender_bcc_maps_user.cf     proxy:mysql:/etc/postfix/mysql/sender_bcc_maps_domain.cf  recipient_bcc_maps =     proxy:mysql:/etc/postfix/mysql/recipient_bcc_maps_user.cf     proxy:mysql:/etc/postfix/mysql/recipient_bcc_maps_domain.cf  # # Postscreen # postscreen_greet_action = enforce postscreen_blacklist_action = enforce postscreen_dnsbl_action = enforce postscreen_dnsbl_threshold = 2 postscreen_dnsbl_sites =     zen.spamhaus.org=127.0.0.[2..11]*3     b.barracudacentral.org=127.0.0.[2..11]*2  postscreen_dnsbl_reply_map = texthash:/etc/postfix/postscreen_dnsbl_reply postscreen_access_list = permit_mynetworks cidr:/etc/postfix/postscreen_access.cidr  # Require Postfix-2.11+ postscreen_dnsbl_whitelist_threshold = -2 # # Dovecot SASL support. # smtpd_sasl_type = dovecot smtpd_sasl_path = private/dovecot-auth virtual_transport = dovecot dovecot_destination_recipient_limit = 1  # # Amavisd + SpamAssassin + ClamAV # content_filter = smtp-amavis:[127.0.0.1]:10024  # Concurrency per recipient limit. smtp-amavis_destination_recipient_limit = 1