Postfix newbie questions

Hi,

I am really new to postfix but I am sure one can answer my questions:

1.
I have several domains on my server (virtual domains) and I want to setup
mail accounts for each of this domains.
So, what I did was adding

1 /etc/postfix/main.cf:
2 virtual_alias_domains = adomain.de bdomain.de
3 virtual_alias_maps = hash:/etc/postfix/virtual
4
5 /etc/postfix/virtual:
6 info@adomain.de user1
7 info@bdomain.de user2

I executed the postmap commands to make these changes active and reloaded
postfix with postfix reload.
I added the users user1 and user2 to a newly created group poponly where
users have no home folder or bin access.
I have also enabled SASL.

Sending mails already works from within Outlook after authentification, but
fetching mails not.
Since, when I sent a mail from outlook to e.g. info@adomain.de (which should
then be fetched by user1) I get:

The original message was received at Sun, 13 Jun 2004 12:08:11 +0200
from fmomail02.dlan.cinetic.de [172.20.1.46]

----- The following addresses had permanent fatal errors -----
info@adomain.de
(reason: 554 <info@adomain.de>: Recipient address rejected: Relay access
denied)

----- Transcript of session follows -----
.... while talking to mail.aserver.de.:
>>> RCPT To:<info@adomain.de>
<<< 554 <info@adomain.de>: Recipient address rejected: Relay access denied
554 5.0.0 Service unavailable

Any explaination for this ?


2.
Do i really have to create Linux accounts for users ?
This here http://www.postfix.org/VIRTUAL_READM...irtual_mailbox sounds
as if it would also be possible to get things working without Linux user
accounts, but I could not get this working ?!?


3.
I have enabled SASL

smtpd_sasl_local_domain = $myhostname
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks,
check_relay_domains

Is this secure in the sense of preventing my mailserver to be used by
spammers ?
Have I forgotten anything ?
Any comments on what could be done better ?


Thanks a lot !

maybe you need mydestination = adomain.de

"Alexander Schmidt" <nospam@web.de> wrote in message
news:2j2qdgFsbgvgU1@uni-berlin.de...
> Hi,
>
> I am really new to postfix but I am sure one can answer my questions:
>
> 1.
> I have several domains on my server (virtual domains) and I want to setup
> mail accounts for each of this domains.
> So, what I did was adding
>
> 1 /etc/postfix/main.cf:
> 2 virtual_alias_domains = adomain.de bdomain.de
> 3 virtual_alias_maps = hash:/etc/postfix/virtual
> 4
> 5 /etc/postfix/virtual:
> 6 info@adomain.de user1
> 7 info@bdomain.de user2
>
> I executed the postmap commands to make these changes active and reloaded
> postfix with postfix reload.
> I added the users user1 and user2 to a newly created group poponly where
> users have no home folder or bin access.
> I have also enabled SASL.
>
> Sending mails already works from within Outlook after authentification,
> but
> fetching mails not.
> Since, when I sent a mail from outlook to e.g. info@adomain.de (which
> should
> then be fetched by user1) I get:
>
> The original message was received at Sun, 13 Jun 2004 12:08:11 +0200
> from fmomail02.dlan.cinetic.de [172.20.1.46]
>
> ----- The following addresses had permanent fatal errors -----
> info@adomain.de
> (reason: 554 <info@adomain.de>: Recipient address rejected: Relay access
> denied)
>
> ----- Transcript of session follows -----
> ... while talking to mail.aserver.de.:
>>>> RCPT To:<info@adomain.de>
> <<< 554 <info@adomain.de>: Recipient address rejected: Relay access denied
> 554 5.0.0 Service unavailable
>
> Any explaination for this ?
>
>
> 2.
> Do i really have to create Linux accounts for users ?
> This here http://www.postfix.org/VIRTUAL_READM...irtual_mailbox
> sounds
> as if it would also be possible to get things working without Linux user
> accounts, but I could not get this working ?!?
>
>
> 3.
> I have enabled SASL
>
> smtpd_sasl_local_domain = $myhostname
> smtpd_sasl_auth_enable = yes
> smtpd_sasl_security_options = noanonymous
> broken_sasl_auth_clients = yes
> smtpd_recipient_restrictions = permit_sasl_authenticated,
> permit_mynetworks,
> check_relay_domains
>
> Is this secure in the sense of preventing my mailserver to be used by
> spammers ?
> Have I forgotten anything ?
> Any comments on what could be done better ?
>
>
> Thanks a lot !
>
>
>
>

As far as I know (see postfix.org docu on virtual hosts) one should NEVER
add a virtual domain
to the mydestination parameter in main.cf, right ?

Any other ideas ?

"Sean Joseph" <admin@divisionweb.net> wrote in message
news:3QZyc.2583$nY.39098@news20.bellglobal.com...
> maybe you need mydestination = adomain.de
>
> "Alexander Schmidt" <nospam@web.de> wrote in message
> news:2j2qdgFsbgvgU1@uni-berlin.de...
> > Hi,
> >
> > I am really new to postfix but I am sure one can answer my questions:
> >
> > 1.
> > I have several domains on my server (virtual domains) and I want to
setup
> > mail accounts for each of this domains.
> > So, what I did was adding
> >
> > 1 /etc/postfix/main.cf:
> > 2 virtual_alias_domains = adomain.de bdomain.de
> > 3 virtual_alias_maps = hash:/etc/postfix/virtual
> > 4
> > 5 /etc/postfix/virtual:
> > 6 info@adomain.de user1
> > 7 info@bdomain.de user2
> >
> > I executed the postmap commands to make these changes active and
reloaded
> > postfix with postfix reload.
> > I added the users user1 and user2 to a newly created group poponly where
> > users have no home folder or bin access.
> > I have also enabled SASL.
> >
> > Sending mails already works from within Outlook after authentification,
> > but
> > fetching mails not.
> > Since, when I sent a mail from outlook to e.g. info@adomain.de (which
> > should
> > then be fetched by user1) I get:
> >
> > The original message was received at Sun, 13 Jun 2004 12:08:11 +0200
> > from fmomail02.dlan.cinetic.de [172.20.1.46]
> >
> > ----- The following addresses had permanent fatal errors -----
> > info@adomain.de
> > (reason: 554 <info@adomain.de>: Recipient address rejected: Relay access
> > denied)
> >
> > ----- Transcript of session follows -----
> > ... while talking to mail.aserver.de.:
> >>>> RCPT To:<info@adomain.de>
> > <<< 554 <info@adomain.de>: Recipient address rejected: Relay access
denied
> > 554 5.0.0 Service unavailable
> >
> > Any explaination for this ?
> >
> >
> > 2.
> > Do i really have to create Linux accounts for users ?
> > This here http://www.postfix.org/VIRTUAL_READM...irtual_mailbox
> > sounds
> > as if it would also be possible to get things working without Linux user
> > accounts, but I could not get this working ?!?
> >
> >
> > 3.
> > I have enabled SASL
> >
> > smtpd_sasl_local_domain = $myhostname
> > smtpd_sasl_auth_enable = yes
> > smtpd_sasl_security_options = noanonymous
> > broken_sasl_auth_clients = yes
> > smtpd_recipient_restrictions = permit_sasl_authenticated,
> > permit_mynetworks,
> > check_relay_domains
> >
> > Is this secure in the sense of preventing my mailserver to be used by
> > spammers ?
> > Have I forgotten anything ?
> > Any comments on what could be done better ?
> >
> >
> > Thanks a lot !
> >
> >
> >
> >
>
>

try this

5 /etc/postfix/virtual:
5a adomain.de needed-here
5b bdomain.de needed-here
6 info@adomain.de user1
7 info@bdomain.de user2

postmap /etc/postfix/virtual | postfix reload


5a and 5b should be in your virtual file , needed-here can be anything ,like
domain description or something.


hope this helps

"Alexander Schmidt" <nospam@web.de> wrote in message
news:2j39e6Fs4ppiU1@uni-berlin.de...
> As far as I know (see postfix.org docu on virtual hosts) one should NEVER
> add a virtual domain
> to the mydestination parameter in main.cf, right ?
>
> Any other ideas ?
>
> "Sean Joseph" <admin@divisionweb.net> wrote in message
> news:3QZyc.2583$nY.39098@news20.bellglobal.com...
>> maybe you need mydestination = adomain.de
>>
>> "Alexander Schmidt" <nospam@web.de> wrote in message
>> news:2j2qdgFsbgvgU1@uni-berlin.de...
>> > Hi,
>> >
>> > I am really new to postfix but I am sure one can answer my questions:
>> >
>> > 1.
>> > I have several domains on my server (virtual domains) and I want to
> setup
>> > mail accounts for each of this domains.
>> > So, what I did was adding
>> >
>> > 1 /etc/postfix/main.cf:
>> > 2 virtual_alias_domains = adomain.de bdomain.de
>> > 3 virtual_alias_maps = hash:/etc/postfix/virtual
>> > 4
>> > 5 /etc/postfix/virtual:
>> > 6 info@adomain.de user1
>> > 7 info@bdomain.de user2
>> >
>> > I executed the postmap commands to make these changes active and
> reloaded
>> > postfix with postfix reload.
>> > I added the users user1 and user2 to a newly created group poponly
>> > where
>> > users have no home folder or bin access.
>> > I have also enabled SASL.
>> >
>> > Sending mails already works from within Outlook after authentification,
>> > but
>> > fetching mails not.
>> > Since, when I sent a mail from outlook to e.g. info@adomain.de (which
>> > should
>> > then be fetched by user1) I get:
>> >
>> > The original message was received at Sun, 13 Jun 2004 12:08:11 +0200
>> > from fmomail02.dlan.cinetic.de [172.20.1.46]
>> >
>> > ----- The following addresses had permanent fatal errors -----
>> > info@adomain.de
>> > (reason: 554 <info@adomain.de>: Recipient address rejected: Relay
>> > access
>> > denied)
>> >
>> > ----- Transcript of session follows -----
>> > ... while talking to mail.aserver.de.:
>> >>>> RCPT To:<info@adomain.de>
>> > <<< 554 <info@adomain.de>: Recipient address rejected: Relay access
> denied
>> > 554 5.0.0 Service unavailable
>> >
>> > Any explaination for this ?
>> >
>> >
>> > 2.
>> > Do i really have to create Linux accounts for users ?
>> > This here http://www.postfix.org/VIRTUAL_READM...irtual_mailbox
>> > sounds
>> > as if it would also be possible to get things working without Linux
>> > user
>> > accounts, but I could not get this working ?!?
>> >
>> >
>> > 3.
>> > I have enabled SASL
>> >
>> > smtpd_sasl_local_domain = $myhostname
>> > smtpd_sasl_auth_enable = yes
>> > smtpd_sasl_security_options = noanonymous
>> > broken_sasl_auth_clients = yes
>> > smtpd_recipient_restrictions = permit_sasl_authenticated,
>> > permit_mynetworks,
>> > check_relay_domains
>> >
>> > Is this secure in the sense of preventing my mailserver to be used by
>> > spammers ?
>> > Have I forgotten anything ?
>> > Any comments on what could be done better ?
>> >
>> >
>> > Thanks a lot !
>> >
>> >
>> >
>> >
>>
>>
>
>

"Sean Joseph" <admin@divisionweb.net> wrote in message
news:J2%yc.2673$nY.52558@news20.bellglobal.com...
>
> try this
>
> 5 /etc/postfix/virtual:
> 5a adomain.de needed-here
> 5b bdomain.de needed-here
> 6 info@adomain.de user1
> 7 info@bdomain.de user2
>
> postmap /etc/postfix/virtual | postfix reload
>
>
> 5a and 5b should be in your virtual file , needed-here can be anything
,like
> domain description or something.
>
>
> hope this helps

I already have it like that and it does not work...

Hi Alexander,

yes, you're on the right way.

I see you're german, so maybe take a look at the great gentoo
virtual-mailhosting-howto.

I'll give you the url of the german doc index page:
http://www.gentoo.org/doc/de/index.xml#doc_chap4
You don't need to run gentoo to take great advantage of the howto.
For sure there's more for your interests!!!
I'm not one of the authors of the howto, but one of them told me the last
days, that they still work on it and it'll go even more in detail and will
be enhanced in the near future.

About the question about virtual domains as mailhosts: Where should be the
problem when all routing is correctly set? - A virual domain just
represents a computer belonging to a network. That it is virtual is just
known by the server, which doesn't really route to the virtual domain but
representing data as it was coming from that real domain.

Just take care of your virtual routing and naming your mydomain and
everything should work fine. - No problem here.

Have some nice day,
don't make the same mistake that I make:
do outside as much as possible and enjoy the nice weather ;-))

yours Henri