GMail/local delivery issue

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

GMail/local delivery issue

Tony Yarusso-2
I have a slightly unusual problem where mail is going to the wrong
place depending on where it originates.  Here's the setup we have:

Our local network:
A web server (running Drupal), that has postfix configured to send all
mail out through a smarthost (the next machine).  (Firewall has 25
open ONLY to that machine.)
A mail server (running postfix), which I want to be only doing
outgoing stuff, not accepting (although earlier we thought it might
end up doing both).  I've posted it's configuration at
http://pastebin.ca/1059341.
(Both of these are running Ubuntu 8.04)

Outside:
Google Apps for your Domain is set up for the same domain as the web
server is serving http for.  Currently the only thing we're using it
for is mail, and have made the necessary changes to our DNS records
for this as documented in the Google Apps instructions.

Observed behavior:
Random person sends mail to [hidden email] - works as expected,
delivering to the GMail inbox.
If Drupal server is configured to send mail to
[hidden email] - works as expected.  Mail is sent
through the mail server, then forwarded out to the general internet.
However, if the Drupal server is configured to send mail to
[hidden email], that message gets delivered to the local Unix
account on the second internal server, and does NOT go out to GMail.
I have an account there, so it is delivered successfully, and I can
read it with the 'mail' command.
If the Drupal server is trying to send mail to
[hidden email], that message is attempted to be delivered to
a local account on the mail server, which doesn't exist for that
username, so delivery fails.  He does however have a mail account - on
GMail.

Desired behavior:
Mail to ourdomain.org should always be delivered to the GMail mail
servers, regardless of origin.

Ultimate question:
How do I make our mail server keep sending the mail out to the ether,
where it will then be correctly processed, rather than accepting (or
trying to accept) the mail itself?

--
Tony Yarusso
http://tonyyarusso.com/
Reply | Threaded
Open this post in threaded view
|

Re: GMail/local delivery issue

mouss-2
Tony Yarusso wrote:

> I have a slightly unusual problem where mail is going to the wrong
> place depending on where it originates.  Here's the setup we have:
>
> Our local network:
> A web server (running Drupal), that has postfix configured to send all
> mail out through a smarthost (the next machine).  (Firewall has 25
> open ONLY to that machine.)
> A mail server (running postfix), which I want to be only doing
> outgoing stuff, not accepting (although earlier we thought it might
> end up doing both).  I've posted it's configuration at
> http://pastebin.ca/1059341.
>  

Blank page from here. please post the config inline instead of asking us
to visit the world wild web.

> (Both of these are running Ubuntu 8.04)
>
> Outside:
> Google Apps for your Domain is set up for the same domain as the web
> server is serving http for.  Currently the only thing we're using it
> for is mail, and have made the necessary changes to our DNS records
> for this as documented in the Google Apps instructions.
>
> Observed behavior:
> Random person sends mail to [hidden email] - works as expected,
> delivering to the GMail inbox.
> If Drupal server is configured to send mail to
> [hidden email] - works as expected.  Mail is sent
> through the mail server, then forwarded out to the general internet.
> However, if the Drupal server is configured to send mail to
> [hidden email], that message gets delivered to the local Unix
> account on the second internal server, and does NOT go out to GMail.
> I have an account there, so it is delivered successfully, and I can
> read it with the 'mail' command.
> If the Drupal server is trying to send mail to
> [hidden email], that message is attempted to be delivered to
> a local account on the mail server, which doesn't exist for that
> username, so delivery fails.  He does however have a mail account - on
> GMail.
>
> Desired behavior:
> Mail to ourdomain.org should always be delivered to the GMail mail
> servers, regardless of origin.
>  

if ourdomain.example has its MX set to a remote server (gmail or other),
just do not list it in mydestination, ... etc.

If in doubt, try brute force^W^W transport_maps
ourdomain.example      smtp:[smtp.remote.server]


> Ultimate question:
> How do I make our mail server keep sending the mail out to the ether,
> where it will then be correctly processed, rather than accepting (or
> trying to accept) the mail itself?
>
>  

Reply | Threaded
Open this post in threaded view
|

Re: GMail/local delivery issue

Tony Yarusso-2
On Mon, Jun 30, 2008 at 2:53 PM, mouss <[hidden email]> wrote:
> Blank page from here. please post the config inline instead of asking us to
> visit the world wild web.

As you wish - I'm used to another group preferring pastebins.  See the below.

> if ourdomain.example has its MX set to a remote server (gmail or other),
> just do not list it in mydestination, ... etc.

I see the mydestination line - off to try that.

Configuration details:

tony@cistlx50-5:/etc/postfix$ cat main.cf
# See /usr/share/postfix/main.cf.dist for a commented, more complete version


# Debian specific:  Specifying a file name will cause the first
# line of that file to be used as the name.  The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

# TLS parameters
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache

# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.

myhostname = cistlx50-5
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = spcompsci.org, cistlx50-5, localhost.localdomain,
localhost, virtualnorthstar.org
relayhost =
mynetworks = 199.17.224.0/24
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 51200000
recipient_delimiter = +
inet_interfaces = all
home_mailbox = Maildir/
inet_protocols = all



--------------------------------------------------------------------------------------------------------------------


#
# Postfix master process configuration file.  For details on the format
# of the file, see the master(5) manual page (command: "man 5 master").
#
# ==========================================================================
# service type  private unpriv  chroot  wakeup  maxproc command + args
#               (yes)   (yes)   (yes)   (never) (100)
# ==========================================================================
smtp      inet  n       -       -       -       -       smtpd
#submission inet n       -       -       -       -       smtpd
#  -o smtpd_enforce_tls=yes
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#smtps     inet  n       -       -       -       -       smtpd
#  -o smtpd_tls_wrappermode=yes
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#628      inet  n       -       -       -       -       qmqpd
pickup    fifo  n       -       -       60      1       pickup
cleanup   unix  n       -       -       -       0       cleanup
qmgr      fifo  n       -       n       300     1       qmgr
#qmgr     fifo  n       -       -       300     1       oqmgr
tlsmgr    unix  -       -       -       1000?   1       tlsmgr
rewrite   unix  -       -       -       -       -       trivial-rewrite
bounce    unix  -       -       -       -       0       bounce
defer     unix  -       -       -       -       0       bounce
trace     unix  -       -       -       -       0       bounce
verify    unix  -       -       -       -       1       verify
flush     unix  n       -       -       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
smtp      unix  -       -       -       -       -       smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
relay     unix  -       -       -       -       -       smtp
        -o smtp_fallback_relay=
#       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq     unix  n       -       -       -       -       showq
error     unix  -       -       -       -       -       error
retry     unix  -       -       -       -       -       error
discard   unix  -       -       -       -       -       discard
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       -       -       -       lmtp
anvil     unix  -       -       -       -       1       anvil
scache    unix  -       -       -       -       1       scache
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# Many of the following services use the Postfix pipe(8) delivery
# agent.  See the pipe(8) man page for information about ${recipient}
# and other message envelope options.
# ====================================================================
#
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
maildrop  unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
#
# See the Postfix UUCP_README file for configuration details.
#
uucp      unix  -       n       n       -       -       pipe
  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
#
# Other external delivery methods.
#
ifmail    unix  -       n       n       -       -       pipe
  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp     unix  -       n       n       -       -       pipe
  flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix  -       n       n       -       2       pipe
  flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store
${nexthop} ${user} ${extension}
mailman   unix  -       n       n       -       -       pipe
  flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
  ${nexthop} ${user}


--
Tony Yarusso
http://tonyyarusso.com/
Reply | Threaded
Open this post in threaded view
|

Re: GMail/local delivery issue

Scott Kitterman-4
On Monday 30 June 2008 15:59, Tony Yarusso wrote:
> On Mon, Jun 30, 2008 at 2:53 PM, mouss <[hidden email]> wrote:
> > Blank page from here. please post the config inline instead of asking us
> > to visit the world wild web.
>
> As you wish - I'm used to another group preferring pastebins.  See the
> below.

Also postconf -n is better than the full main.cf.

> > if ourdomain.example has its MX set to a remote server (gmail or other),
> > just do not list it in mydestination, ... etc.
>
> I see the mydestination line - off to try that.

> mydestination = spcompsci.org, cistlx50-5, localhost.localdomain,

Right.  If ourdomain.example is spcompsci.org then don't tell postfix you want
the mail delivered locally.

Scott K