English | Vietnamese
 

banner

[Rule] Rules  [Home] Main Forum  [Portal] Portal  
[Members] Member Listing  [Statistics] Statistics  [Search] Search  [Reading Room] Reading Room 
[Register] Register   [Login] Loginhttp  | https  ]
 
Forum Index Thảo luận hệ điều hành *nix Lỗi khi phân quyền thư mục chứa mailbox trong postfix  XML
  [Question]   Lỗi khi phân quyền thư mục chứa mailbox trong postfix 13/07/2012 16:39:31 (+0700) | #1 | 266707
tphau
Member
[Minus]    0    [Plus]
Joined: 09/07/2012 22:42:15
Messages: 6
Offline
[Profile] [PM]
Xin chào,
Em có build 1 server Centos : Postfix - PostfixAdmin - Dovecot - MySQL.
Em gặp rắc rối ở phân quyền thư mục chứa mailbox.
Nội dung file dovecot.conf:
Code:
protocols = imap imaps pop3 pop3s 
...
mail_location = maildir:/home/virtual/%d/%n
...


Nội dung file main.cf:
Code:
....
virtual_mailbox_base = /home/virtual
....


Em tiến hành permission cho thư mục "virtual"
# chown –R postfix:postfix /home/virtual
# chmod –R 700 /home/virtual

Lỗi xảy ra khi tạo Domain và add Mailbox trong PostfixAdmin:
Nội dung file maillog
Code:
- mail postfix/virtual[13921]: warning: maildir access problem for UID/GID=125/125: create maildir file /home/virtual/domain02/user1/tmp/1342127514.P13921.mail.maillocal.com: Permission denied
- mail postfix/virtual[13921]: warning: perhaps you need to create the maildirs in advance
- mail postfix/virtual[13921]: 2534685BD9C: to=<user1@domain02.com>, relay=virtual, delay=0.11, delays=0.05/0.01/0/0.05, dsn=4.2.0, status=deferred (maildir delivery failed: create maildir file /home/virtual/domain02/user1/tmp/1342127514.P13921.mail.maillocal.com: Permission denied)


Em mong được giúp đỡ vấn đề này.
Cám ơn.
[Up] [Print Copy]
  [Question]   Lỗi khi phân quyền thư mục chứa mailbox trong postfix 13/07/2012 16:48:08 (+0700) | #2 | 266708
[Avatar]
 conmale
Administrator
Joined: 07/05/2004 23:43:15
Messages: 9353
Location: down under
Offline
[Profile] [PM]
Thư mục /home/virtual/domain02/ cần được account nào làm chủ?
What bringing us together is stronger than what pulling us apart.
[Up] [Print Copy]
  [Question]   Lỗi khi phân quyền thư mục chứa mailbox trong postfix 13/07/2012 16:59:55 (+0700) | #3 | 266711
tphau
Member
[Minus]    0    [Plus]
Joined: 09/07/2012 22:42:15
Messages: 6
Offline
[Profile] [PM]
Em edit thêm nội dung file dovecot.conf
Code:
mail_location = maildir:/home/virtual/%d/%n 
first_valid_uid = 125 
last_valid_uid = 125 
first_valid_gid = 125 
last_valid_gid = 125


# ls -la /home/virtual
Code:
drwx------ 5     125     125 4096 Jun 29 04:26 domain2


#cat /etc/passwd | grep postfix
Code:
postfix : x :89:89::/var/spool/postfix:/sbin/nologin


1 dòng lỗi từ trong maillog:
Code:
warning: maildir access problem for UID/GID=125/125


Em nghĩ lỗi phát sinh từ uid/gid em quy định trong dovecot.conf.
Nhưng trình em còn hạn chế - 1 số options em chưa hiểu rõ hết được.
[Up] [Print Copy]
  [Question]   Lỗi khi phân quyền thư mục chứa mailbox trong postfix 17/07/2012 13:39:48 (+0700) | #4 | 266934
[Avatar]
 quanta
Moderator
Joined: 28/07/2006 14:44:21
Messages: 7265
Location: $ locate `whoami`
Offline
[Profile] [PM]
UID/GID 125 là của user nào vậy? Bạn tham khảo thêm 2 parameters: `virtual_uid_maps` và `virtual_gid_maps` nhé.
Let's build on a great foundation!
[Up] [Print Copy]
  [Question]   Lỗi khi phân quyền thư mục chứa mailbox trong postfix 17/07/2012 15:37:57 (+0700) | #5 | 266956
tmlinhkct
Member
[Minus]    0    [Plus]
Joined: 06/06/2012 02:55:48
Messages: 11
Offline
[Profile] [PM]
tại sao bạn lại chmod /home/virtual sang postfix:postfix để làm gì....
theo như trên thì bạn nên :

tạo 1 user virtual: useradd virtual -u 125 -g 125 (tạo user virtual có UID/GID=125/125)
trong main.cf : home_mailbox = Maildir/
trong dovecot.conf: mail_location = maildir:/home/virtual/%d/%n/Maildir

tức là bạn đang tạo 1 user mà trong thư mục home của nó chứa mailbox. sau đó bạn cấu hình để postfix và dovecot móc vào mailbox thông qua user này.
[Up] [Print Copy]
  [Question]   Lỗi khi phân quyền thư mục chứa mailbox trong postfix 18/07/2012 13:32:19 (+0700) | #6 | 267039
tphau
Member
[Minus]    0    [Plus]
Joined: 09/07/2012 22:42:15
Messages: 6
Offline
[Profile] [PM]
Cám ơn quanta & tmlinhkct đã quan tâm. Mình đã giải quyết được vấn đề trên.
Server mình hiện giờ có thể gửi & nhận mail trong local ổn rồi.
Hí hửng gửi mail ra ngoài đến 1 domain khác, yahoo hoặc gmail lại phát hiện lỗi.
Note: Server mình build tạm cho cỡ 20 user sử dụng với IP tĩnh VNPT (IP ở công ty).
- Đây là log khi gửi cho 1 domain khác:

Code:
mail postfix/smtp[4805]: certificate verification failed for mail.exdomain.com: num=18:self signed certificate
mail postfix/smtp[4805]: certificate verification failed for mail.exdomain.com: num=10:certificate has expired
mail postfix/smtp[4805]: certificate verification failed for mail.exdomain.com:certificate has expired
mail postfix/smtp[4805]: certificate verification failed for mail.exdomain.com:certificate has expired
mail postfix/smtp[4805]: ADC0685BD9A: to=<hautp@exdomain.com>, relay=mail.exdomain.com[118.69.199.233]:25, delay=0.9, delays=0.05/0.04/0.42/0.39, dsn=2.0.0, status=sent (250 OK id=1SrK0W-0008RY-UG)
mail postfix/qmgr[4786]: ADC0685BD9A: removed


- Phát hiện IP trong Spamhaus's list khi gửi cho yahoo mail:

Code:
mail postfix/smtp[4827]: 4DAFC85BD9A: host mta6.am0.yahoodns.net[209.191.88.254] refused to talk to me: 553 Mail from 14.161.4.44 not allowed - 5.7.1 [BL21] Connections not accepted from IP addresses on Spamhaus PBL; see http://postmaster.yahoo.com/errors/550-bl21.html [550]
mail postfix/smtp[4827]: 4DAFC85BD9A: host mta7.am0.yahoodns.net[66.94.237.139] refused to talk to me: 553 5.7.1 [BL21] Connections will not be accepted from 14.161.4.44, because the ip is in Spamhaus's list; see http://postmaster.yahoo.com/550-bl23.html
mail postfix/smtp[4827]: 4DAFC85BD9A: host mta6.am0.yahoodns.net[67.195.103.232] refused to talk to me: 553 5.7.1 [BL21] Connections will not be accepted from 14.161.4.44, because the ip is in Spamhaus's list; see http://postmaster.yahoo.com/550-bl23.html
mail postfix/smtp[4827]: 4DAFC85BD9A: host mta7.am0.yahoodns.net[66.94.236.34] refused to talk to me: 553 5.7.1 [BL21] Connections will not be accepted from 14.161.4.44, because the ip is in Spamhaus's list; see http://postmaster.yahoo.com/550-bl23.html
mail postfix/smtp[4827]: 4DAFC85BD9A: to=<exmail@yahoo.com>, relay=mta6.am0.yahoodns.net[66.196.118.33]:25, delay=7.5, delays=0.05/0.01/4.5/2.9, dsn=2.0.0, status=sent (250 ok dirdel)


- Và khi gửi cho gmail:

Code:
mail postfix/smtp[4848]: certificate verification failed for gmail-smtp-in-v4v6.l.google.com: num=20:unable to get local issuer certificate
mail postfix/smtp[4848]: certificate verification failed for gmail-smtp-in-v4v6.l.google.com: num=27:certificate not trusted
mail postfix/smtp[4848]: 7EBA285BD9A: to=<exmail@gmail.com>, relay=gmail-smtp-in-v4v6.l.google.com[173.194.79.26]:25, delay=5.9, delays=0.06/0.01/3.4/2.4, dsn=5.7.1, status=bounced (host gmail-smtp-in-v4v6.l.google.com[173.194.79.26] said: 550-5.7.1 [14.161.4.44] The IP you're using to send mail is not authorized to 550-5.7.1 send email directly to our servers. Please use the SMTP relay at your 550-5.7.1 service provider instead. Learn more at 550 5.7.1 http://support.google.com/mail/bin/answer.py?answer=10336 km8si3030829pbc.94 (in reply to end of DATA command))


Nội dung file config của dovecot.conf:

Code:
protocols = imap imaps pop3 pop3s 
ssl_cert_file = /etc/ssl/dovecot/cert.pem 
ssl_key_file = /etc/ssl/dovecot/key.pem 
mail_location = maildir:/home/virtual/%d/%n
first_valid_uid = 125 
first_valid_gid = 125 
protocol imap { 
   mail_plugins = quota imap_quota 
} 
protocol pop3 { 
    mail_plugins = quota 
} 
protocol lda { 
    postmaster_address = postmaster @ hautp.co.cc 
} 
auth default { 
# passdb pam { 
# args = session=yes dovecot 
# } 
passdb sql { 
args = /etc/dovecot-sql.conf 
 } 
# userdb passwd { 
# args = blocking=yes 
# } 
userdb sql { 
args = /etc/dovecot-sql.conf 
} 
client { 
path = /var/spool/postfix/private/auth 
mode = 0660 
user = postfix 
group = postfix 
}


File config của postfix:
Code:
soft_bounce = no 
myhostname = mail.hautp.co.cc 
mydomain = hautp.co.cc 
mydestination = localhost.$mydomain, localhost 
relay_domains = proxy:mysql:/etc/postfix/mysql_relay_domains_maps.cf 
# SASL CONFIG 
broken_sasl_auth_clients = yes 
smtpd_sender_restrictions = permit_sasl_authenticated,  permit_mynetworks 
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_hostname, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unauth_destination, reject_unauth_pipelining, reject_invalid_hostname, reject_rbl_client list.dsbl.org, reject_rbl_client bl.spamcop.net, reject_rbl_client sbl-xbl.spamhaus.org 
smtpd_sasl_auth_enable = yes 
smtpd_sasl_authenticated_header = yes 
smtpd_sasl_local_domain = $myhostname 
smtpd_sasl_security_options = noanonymous 
smtpd_sasl_type = dovecot 
smtpd_sasl_path = private/auth 

# TLS CONFIG 
smtp_use_tls = yes 
smtpd_use_tls = yes 
smtp_tls_note_starttls_offer = yes 
mtpd_tls_key_file = /etc/postfix/smtpd.key
smtpd_tls_cert_file = /etc/postfix/smtpd.crt
smtpd_tls_CAfile = /etc/postfix/cacert.pem
smtpd_tls_loglevel = 0 
smtpd_tls_received_header = yes 
smtpd_tls_session_cache_timeout = 3600s 
tls_random_source = dev:/dev/urandom 

# MySQL Configuration 
virtual_alias_maps = proxy:mysql:/usr/local/etc/postfix/mysql_virtual_alias_maps.cf 
virtual_gid_maps = static:125 
virtual_mailbox_base = /home/virtual
virtual_mailbox_domains = proxy:mysql:/usr/local/etc/postfix/mysql_virtual_domains_maps.cf 
virtual_mailbox_limit = 51200000 
virtual_mailbox_maps = proxy:mysql:/usr/local/etc/postfix/mysql_virtual_mailbox_maps.cf 
virtual_minimum_uid = 125 
virtual_transport = virtual 
virtual_uid_maps = static:125 

# Additional for quota support 
virtual_create_maildirsize = yes 
virtual_mailbox_extended = yes 
virtual_mailbox_limit_maps = proxy:mysql:/etc/postfix/mysql_virtual_mailbox_limit_maps.cf 
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps 
virtual_mailbox_limit_override = yes 
virtual_maildir_limit_message = Sorry quota exceeded. 
virtual_overquota_bounce = yes


Note: Đã tiến hành gỡ IP khỏi list spamhaus.
Mình build con server này theo 1 tài liệu tìm được trên mạng.
Nội dung config có gì sai (hoặc thừa) mong anh/chị giúp đỡ mình.
Vật vã hơn cả tuần - ăn ngủ không yên - kiến thức ít ỏi đúng là gây khổ cho bản thân.
[Up] [Print Copy]
  [Question]   Lỗi khi phân quyền thư mục chứa mailbox trong postfix 18/07/2012 13:52:03 (+0700) | #7 | 267040
[Avatar]
 quanta
Moderator
Joined: 28/07/2006 14:44:21
Messages: 7265
Location: $ locate `whoami`
Offline
[Profile] [PM]
Bạn có thể bắt đầu từ đây:

mail postfix/smtp[4848]: 7EBA285BD9A: to=<exmail@gmail.com>, relay=gmail-smtp-in-v4v6.l.google.com[173.194.79.26]:25, delay=5.9, delays=0.06/0.01/3.4/2.4, dsn=5.7.1, status=bounced (host gmail-smtp-in-v4v6.l.google.com[173.194.79.26] said: 550-5.7.1 [14.161.4.44] The IP you're using to send mail is not authorized to 550-5.7.1 send email directly to our servers. Please use the SMTP relay at your 550-5.7.1 service provider instead. Learn more at 550 5.7.1 http://support.google.com/mail/bin/answer.py?answer=10336 km8si3030829pbc.94 (in reply to end of DATA command)) 
Let's build on a great foundation!
[Up] [Print Copy]
[digg] [delicious] [google] [yahoo] [technorati] [reddit] [stumbleupon]
Go to: 
 Users currently in here 
1 Anonymous

Powered by JForum - Extended by HVAOnline
 hvaonline.net  |  hvaforum.net  |  hvazone.net  |  hvanews.net  |  vnhacker.org
1999 - 2013 © v2012|0504|218|