Need help with setting up a Catch-All-account (getmail MultidropPOP3Retriever)

NethServer Version: v7.3
Module: Email, POP3 Connector

My aim is to set up an internal E-Mail server:

  • Sending of E-Mails is done via a Smarthost.
  • Receiving of E-Mails should be done via a catch-all account. This is a requirement and can’t be discussed away. Reason is (amongst others) that E-Mail accounts should not be aministrated and maintained twice.

Things I’ve done so far:

  • Installed NethServer with accounts provider Samba Active Directory with domain xyz.intern, host name is zeus
  • Created new E-Mail domain xyz.de (deliver locally)
  • Deleted E-Mail domain xyz.intern (because this confuses the users, having E-Mail addresses, that can’t be reached from outside and even can’t send E-Mails because of limitation in the Smarthost)
  • Configured Smarthost
  • Added users via RSAT-Tools, E-Mail-addresses are username@xyz.de

Internal E-Mail is working:
user.one@xyz.de can send to user.tow@xyz.de and vice versae, E-Mails can be sent to the outside world.

Now I want to configure a catch-all-account as seen in this post:

So I configured the POP3 connector for using the catch-all-account at pop.1und1.de.

Mail address = *@xyz.de
Protocol = POP3 with SSL
Server address = smtp.1und1.de
Username = *@xyz.de
Password = ****
Deliver messages to = administrator@xyz.de
Check this account every = 5 minutes

I’ve overriden the following two sections (as seen in the quoted post) in the resulting file in /var/lib/getmail/*@xyz.de.cfg

[retriever]
type = MultidropPOP3SSLRetriever
server = pop.1und1.de
username = *@xyz.de
password = **********
envelope_recipient = envelope-to:1

[destination]
type = MDA_external
path = /usr/libexec/dovecot/dovecot-lda
arguments = ("-e","-d","%(recipient)")
user = vmail
group = vmail

(I know this is overriden each time there is a nethserver-getmail-update, but to keep that post simple: that’s a later issue)

And: it’s all working fine! E-Mails from outside to user.one@xyz.de and user.two@xyz.de are delivered. Mail aliases are working. Perfect!

But I have one problem: I want to catch all E-Mails. Even the E-Mail with (in NethServer) not defined E-Mail adresses and deliver them (e.g.) to an info@xyz.de account. But E-Mails with unknown account/user are not delivered, an error is sent to the root account:

Subject: Cron <root@zeus> /usr/bin/flock -n -E 0 
/var/lib/getmail/*@xyz.de.cfg -c "/usr/bin/getmail 
--getmaildir /var/lib/getmail/ --rcfile 
/var/lib/getmail/*@xyz.de.cfg --quiet"
Date: 2017-02-13 20:29
From: "(Cron Daemon)" <root@zeus.xyz.intern>
To: root@zeusxyz.intern

Delivery error (command dovecot-lda 11566 error (67, ))

I tried to check the “Accept unknown recipients” in the E-Mail domain xyz.de and set info@xyz.de as receiver, but this did not work.
And I can’t see any settings for getmail or dovcot lda to deliver E-Mail with unknown account/user to an default account.

Has anyone an idea how to get this working?

1 Like

You may try using postfix as a destination:

[destination]
type = MDA_external
path = /usr/sbin/sendmail
arguments = ("-t", "%(recipient)")

Thank you for your answer, @filippo_carletti. I configured this as you suggested, but now all E-Mails are delivered to the address configured at domain settings (“Accept unknown recipients”).
Maybe this happens because there are no accounts listed in the file /etc/postfix/virtual

#
# 10postmaster
#
postmaster@xyz.de          postmaster
postmaster@xyz.intern      postmaster

#
# 20accounts -- ensure local delivery for our accounts
#



#
# 20pseudonyms
#

# fully qualified aliases (address@domain)
info@xyz.de                user.one@xyz.de

# generic aliases expansion (address@)

#
# 30unknown_recipients_mailbox -- catch-all mailboxes for unknown recipients
#
@xyz.de                              catchall@xyz.de
@xyz.intern                         catchall@xyz.de

I had a look at the accounts database (db accounts show) and there are no users shown, though I have created three users (and there is also an admin and administrator user).
There are only pseudonyms and shares (ibay), this is the output:

info@xyz.de=pseudonym
    Access=public
    Account=user.one@xyz.de
    Description=
programs=ibay
    AclRead=
    AclWrite=
    Description=Company programs
    GroupAccess=rw
    OtherAccess=
    OwningGroup=domain users@xyz.intern
    SmbAuditStatus=enabled
    SmbGuestAccessType=none
    SmbRecycleBinStatus=disabled
    SmbShareBrowseable=enabled
share=ibay
    AclRead=
    AclWrite=
    Description=Company share
    GroupAccess=rw
    OtherAccess=r
    OwningGroup=domain users@xyz.intern
    SmbAuditStatus=enabled
    SmbGuestAccessType=rw
    SmbRecycleBinStatus=disabled
    SmbShareBrowseable=enabled

Shouldn’t there be users and groups, too? Otherwise the accounts-template
/etc/e-smith/templates/etc/postfix/virtual/20accounts
makes no sense when iterating over items of type “user” in accountsDB.
Seems very odd to me… :confused:

Found some information on the missing user information in accountsDB in this post:

But why is the script
/etc/e-smith/templates/etc/postfix/virtual/20accounts
still using this (no more existent) functionality?

How can this script be altered to work the way it is intended?
Should I post this as a bug?

I understand the need to remove it, as you did, for the reasons you explained!

However, deleting the domain record corresponding to the machine FQDN produces a broken mail server configuration. I consider it a bug. We should decide how to fix the mail server configuration when it happens, or prevent to delete that specific domain record.

I would not apply @filippo_carletti’s proposal: dovecot-lda is safe, and avoid bounces.

I’m going to answer in the other thread!

Thank you @davidep for clarification!
So - when going back to dovecot-lda - do you have any other idea to solve my problem?
Why is the domain setting “Accept unknown recipients” ignored in this scenario?

You should re-create the xyz.internal domain record!

Anyway, I’d like to fix the Postfix configuration to support this situation. Let’s call “xyz.internal” the “primary” domain. If the “primary” domain record has been removed, our Postifx config templates should still define it as virtual domain, otherwise any other domain cannot resolve user mailbox names! Moreover, we could list the “primary” domain as “internal”, so that it cannot receive messages from the internet.

1 Like

I’d like to open a new topic on this, in order to collect as many scenarios as possibile and take the right way
What do you think @uliversal?

1 Like

Ok, thank you @davidep, I will try it promptly and report the result.
To be specific I will do the following:

  1. switch back path and arguments in [destination] section in getmail config back to dovecot-lda
  2. re-create the mail domain xyz.intern
  3. turn on “Accept unknown recipients” in both (?) mail domains and set an existing user E-Mail as target

@alefattorini: excellent, I think I still will have some more requests and ideas… :slight_smile:

3 Likes

Ciao @davidep, I just configured it as described in the post above (back to dovecot-lda, re-created xyz.intern, deliver locally with “accept unknown recipients” to “test@xyz.intern” for both mail domains).

This is the output of /var/log/maillog for an external E-Mail sent to an existing user (sepp.huber@xyz.de). All fine.

Feb 15 19:26:03 zeus dovecot: lda(sepp.huber@xyz.de): sieve: msgid=<e3ce5ef9-b7fc-0907-d439-56c7c75b2fe9@xxxxxx.de>: stored mail into mailbox 'INBOX'
Feb 15 19:26:03 zeus getmail: msg 1/1 (5731 bytes) msgid 0M8SlT-1cRbrd0631-00wFS7 from <info@xxxxxx.de> to <sepp.huber@xyz.de> delivered to MDA_external command dovecot-lda (), deleted

And this is the output of the same log for an external E-Mail sent to a non-existing user (user.not.existing@xyz.de). The E-Mail is not delivered. Same situation as in the opening post. :frowning:

Feb 15 19:24:02 zeus getmail: Delivery error (command dovecot-lda 3762 error (67, ))
Feb 15 19:24:02 zeus getmail: msg 1/1 (3609 bytes) msgid 0M9ZXC-1cXDXz2wUJ-00CwfH from <info@xxxxxx.de> to <user.not.existing@xyz.de>
Feb 15 19:24:02 zeus postfix/pickup[3662]: ECF23401268C3: uid=0 from=<root>
Feb 15 19:24:02 zeus postfix/cleanup[3766]: ECF23401268C3: message-id=<20170215182402.ECF23401268C3@zeus.xyz.intern>
Feb 15 19:24:03 zeus postfix/qmgr[3663]: ECF23401268C3: from=<root@zeus.xyz.intern>, size=943, nrcpt=1 (queue active)
Feb 15 19:24:03 zeus dovecot: lmtp(3771): Connect from local
Feb 15 19:24:03 zeus dovecot: lmtp(3771, root@zeus.xyz.intern): /lcdA8OcpFi7DgAA4kELwg: sieve: msgid=<20170215182402.ECF23401268C3@zeus.xyz.intern>: stored mail into mailbox 'INBOX'
Feb 15 19:24:03 zeus postfix/lmtp[3770]: ECF23401268C3: to=<root@zeus.xyz.intern>, orig_to=<root>, relay=zeus.xyz.intern[/var/run/dovecot/lmtp], delay=0.36, delays=0.24/0/0.01/0.11, dsn=2.0.0, status=sent (250 2.0.0 <root@zeus.xyz.intern> /lcdA8OcpFi7DgAA4kELwg Saved)
Feb 15 19:24:03 zeus dovecot: lmtp(3771): Disconnect from local: Successful quit
Feb 15 19:24:03 zeus postfix/qmgr[3663]: ECF23401268C3: removed

But now, additionally, all my mail sent internally to an existing user (using sendmail or dovecot client) is also sent to the account defined in the “accept unknown recipients”. :sob:
This is the mail log:

Feb 15 20:06:18 zeus postfix/pickup[3662]: 55D18401268C3: uid=0 from=<root>
Feb 15 20:06:18 zeus postfix/cleanup[5179]: 55D18401268C3: message-id=<20170215190618.55D18401268C3@zeus.xyz.intern>
Feb 15 20:06:18 zeus postfix/qmgr[3663]: 55D18401268C3: from=<root@zeus.xyz.intern>, size=878, nrcpt=1 (queue active)
Feb 15 20:06:18 zeus dovecot: lmtp(5182): Connect from local
Feb 15 20:06:18 zeus dovecot: lmtp(5182, test@xyz.intern): 0zf1FqqmpFg+FAAA4kELwg: sieve: msgid=<20170215190618.55D18401268C3@zeus.xyz.intern>: stored mail into mailbox 'INBOX'
Feb 15 20:06:18 zeus postfix/lmtp[5181]: 55D18401268C3: to=<test@xyz.intern>, orig_to=<sepp.huber@xyz.de>, relay=zeus.xyz.intern[/var/run/dovecot/lmtp], delay=0.23, delays=0.11/0/0/0.12, dsn=2.0.0, status=sent (250 2.0.0 <test@xyz.intern> 0zf1FqqmpFg+FAAA4kELwg Saved)
Feb 15 20:06:18 zeus dovecot: lmtp(5182): Disconnect from local: Successful quit
Feb 15 20:06:18 zeus postfix/qmgr[3663]: 55D18401268C3: removed

I totally don’t know how to continue…

[edit: just garbled the external E-Mail address in the log files extract, don’t want to be a target for junk mails]

1 Like

Okay, now I got to a solution that works:

If I

  1. add all configured mail accounts to the 20accounts section of /etc/postfix/virtual and do a postmap /etc/postfix/virtual as described here (this should no more be necessary when the corresponding bug is fixed);

  2. use sendmail instead of dovecot-lda in the getmail configuration as suggested by @filippo_carletti, see second post.

then all works as desired: E-Mail from the internet to existent users is delivered to their accounts and E-Mail to non-existent users is delivered to the account defined in “Accept unknown recipients”. :grinning:

Thank you @filippo_carletti and @davidep for your support! :trophy:

Davide, can you please explain your concerns with Filippos suggestion to use sendmail?

1 Like

My concerns are about bounces. I can be wrong of course, I know Filippo worked on getmail. IIRC one of the reasons to replace fetchmail with getmail was getmail allows a direct delivery with dovecot-lda. This architecture does not produce mail bounces. I prefer it.

Did you try to apply only the first fix? I still believe it could be enough!

1 Like

Yes, at first I tried with the initial dovecot-lda configuration. But with the same result as inn the first post: the E-mail stays in the mailbox of the Pop3 server and an error message is sent to the root account. Same log entries.

1 Like

Ok, I guess the recipient addresses in the catchall mailbox need to be mapped to NethServer mailboxes. I.e. catchall cannot work with additional domains, by now…

Well thanks again for your help and patience! We could now think of implementing an enhancement :wink:

Hi @uliversal,
I want to do something similar to you, so I have been spending quite some time googling and reading; I haven’t started the implementation yet.
Take a look at this link:
https://wiki.z-hub.io/display/K4U/Setting+up+Univention+to+allow+multiple+e-mail+addresses+per+user
I think that this does the trick… have a good week.

2 Likes

Hello @dcoelho, thank you for your reply and the suggestion!
I install NethServer as the internal company server for a friend. And he’s not very familiar with IT, but it’s my asking that he can do tasks as backup or creating/editing/deleting users himself.
So I want to keep the configuration of NethServer as simple and stupid as it can be. And if the catch-all account can be (nearly) done with NethServer standard tools and configuration (and avoid command line configuration), then this will be my favorite.
I think after the “always deliver to Accept unknown recipients” bug (see above) is fixed the catch-all should nearly work out box.

This is now fully supported by the testing package:


It should now be fixed by the same testing package:

Please give it a try! You can install the RPM from nethserver-testing repository:

yum --enablerepo=nethserver-testing update nethserver-mail-server-1.10.8-1.5.g8683219.ns7.noarch
1 Like