On Fri, Jan 20, 2023 at 03:25:39PM +0100, Matteo Cazzador <mat...@netlite.it>
wrote:
> Hi, this is the postconf -n (i'm using virtualmin with virtual domain)
>
> *# postconf*
>
> alias_database = hash:/etc/aliases
> alias_maps = hash:/etc/aliases
> allow_percent_hack = no
> append_dot_mydomain = no
> biff = no
> broken_sasl_auth_clients = yes
> compatibility_level = 2
> header_checks = pcre:/etc/postfix/header_checks.pcre
> home_mailbox = Maildir/
> inet_interfaces = all
> inet_protocols = all
> mailbox_command = /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME
> mailbox_size_limit = 0
> message_size_limit = 30720000
> milter_default_action = accept
> milter_protocol = 3
> mydestination = $myhostname, virtualmin.domain.it , localhost
> myhostname = virtualmin.domain.it
> mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
> myorigin = /etc/mailname
> non_smtpd_milters =
> unix:/var/run/milter-greylist/milter-greylist.sock,local:/var/spool/postfix/var/run/milter-greylist/milter-greylist.sock
Not relevant, but: The above line performs greylisting on
locally originating mail. I don't think that's usually done.
Greylisting is usually for mail that arrives over the network.
That's handled by the smtpd_milters below.
> readme_directory = no
> recipient_delimiter = +
> sender_bcc_maps = hash:/etc/postfix/bcc
> sender_dependent_default_transport_maps = hash:/etc/postfix/sender_relay
> smtp_dns_support_level = dnssec
> smtp_host_lookup = dns
> smtp_tls_loglevel = 0
> smtp_tls_mandatory_ciphers = medium
> smtp_tls_policy_maps = hash:/etc/postfix/tls_policy
> smtp_tls_security_level = may
> smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
> smtp_use_tls = yes
> smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
> smtpd_milters =
> unix:/var/run/milter-greylist/milter-greylist.sock,local:/var/spool/postfix/var/run/milter-greylist/milter-greylist.sock
> smtpd_recipient_restrictions = check_recipient_access
> regexp:/etc/postfix/pcre_reject, permit_mynetworks,
> permit_sasl_authenticated, reject_unauth_destination, check_policy_service,
> inet:127.0.0.1:10023 check_policy_service inet:127.0.0.1:10023
> smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated
> defer_unauth_destination
> smtpd_sasl_auth_enable = yes
> smtpd_sender_restrictions = check_sender_access
> regexp:/etc/postfix/pcre_reject, permit_sasl_authenticated
> smtpd_tls_CAfile = /etc/postfix/postfix.ca.pem
> smtpd_tls_auth_only = no
> smtpd_tls_cert_file = /etc/postfix/postfix.cert.pem
> smtpd_tls_key_file = /etc/postfix/postfix.key.pem
> smtpd_tls_mandatory_ciphers = medium
> smtpd_tls_mandatory_protocols = !SSLv2,!SSLv3,!TLSv1,!TLSv1.1
> smtpd_tls_protocols = !SSLv2,!SSLv3,!TLSv1,!TLSv1.1
> smtpd_tls_received_header = yes
> smtpd_tls_security_level = may
> smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
> smtpd_tls_session_cache_timeout = 3600s
> smtpd_use_tls = yes
> tls_medium_cipherlist =
> ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHA
> CHA20_POLY1305_SHA256
> tls_preempt_cipherlist = yes
> tls_random_source = dev:/dev/urandom
> tls_server_sni_maps = hash:/etc/postfix/vmail_ssl.map
> transport_maps = hash:/etc/postfix/transport
> virtual_alias_maps = hash:/etc/postfix/virtual
>
> *# Transport (*/etc/postfix/transport*)
> *
>
> "domainname" relay:[oldhost IP] (i try smtp:[] too)
>
>
> domainname is the domain i refer.
>
> Thanks
If the double quote characters are really in the
transport file, remove them.
But I think the real problem is that you haven't
specified anywhere what domains the server will accept
for relaying. By default, the server will accept mail
for itself (i.e., $mydestination).
If you want it to accept mail for any other domains, you
need to specify them in one of these parameters:
relay_domains
virtual_alias_domains
virtual_mailbox_domains
See the postconf(5) manual entry for details. I suspect
that adding this might help:
relay_domains = domainname
with "domainname" replaced by the actual domain.
You can remove it when you later change the postfix
configuration on the second server to handle domainname
as a virtual domain (unless I've misunderstood your
intentions).
I'd recommend reading:
http://www.postfix.org/VIRTUAL_README.html
http://www.postfix.org/ADDRESS_CLASS_README.html
http://www.postfix.org/SMTPD_ACCESS_README.html
cheers,
raf
> Il 17/01/2023 03:02, raf ha scritto:
> > On Fri, Jan 13, 2023 at 02:25:06PM +0100, Matteo
> > Cazzador<mat...@netlite.it> wrote:
> >
> > > Hi, i 've question, i need to migrate a virtual domain from 2 server
> > > (with
> > > postfix).
> > >
> > > On the new server i define mail users and domain but it'isnt in production
> > > now dns record defined.
> > >
> > > On the same new soerver i've other virtual domain.
> > >
> > > I want that , for a few days, if one user of other domain hosted on the
> > > same
> > > new server send an email to the new migrate domain it will be relayed to
> > > the
> > > orld server and not locally delivered.
> > >
> > > I try with transport without success.
> > >
> > > Can someone plese help me?
> > >
> > > Thanks
> > Perhaps it would be best to show what you tried by sending the
> > output of "postconf -n" and your transport table on the new host.
> > Someone might be able to see what's wrong with it.
> >
> > cheers,
> > raf
