Setting up mail server on Ubuntu 8.04

elorc
elorc used Ask the Experts™
on
I've never set up a mail server from scratch on a Linux environment, so I followed the guide at http://flurdy.com/docs/postfix/. I only did the basic section (for now) to test it, and then I figured I'd go ahead with testing the rest of it.

It's not working, though. From the server, I connect via telnet to port 25 and do the following (my input is bold):

[localusr@godsofdestruction:~]$ telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 ip-68-178-255-52.ip.secureserver.net ESMTP Sendmail 8.14.2/8.14.2/Debian-2build1; Mon, 5 Jul 2010 16:19:44 -0700; (No UCE/UBE) logging access from: localhost(OK)-localhost [127.0.0.1]
EHLO mail.godsofdestruction.org
250-ip-68-178-255-52.ip.secureserver.net Hello localhost [127.0.0.1], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-EXPN
250-VERB
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-AUTH DIGEST-MD5 CRAM-MD5
250-DELIVERBY
250 HELP
MAIL FROM: frank@testsite.com
250 2.1.0 frank@testsite.com... Sender ok
RCPT TO: frank@godsofdestruction.org
250 2.1.5 frank@godsofdestruction.org... Recipient ok
DATA
354 Enter mail, end with "." on a line by itself
This is some random test message.
.

421 4.3.0 collect: Cannot write ./dfo65NJiJG030265 (bfcommit, uid=0, gid=151): No such file or directory
Connection closed by foreign host.

I don't understand what this means or where I'm supposed to look. I had assumed maybe it was something with the Postfix data and queue folders. I didn't explicitly set them in the configuration file, so they're using the default Postfix folders which are:

data_directory = /var/lib/postfix
queue_directory = /var/spool/postfix

I checked them out and their ownership is set to postfix:postfix.

Next, I checked out /var/log/mail.log and I'm seeing these:

[localusr@godsofdestruction:~]$ sudo tail -f /var/log/mail.log
Jul  5 16:27:10 ip-68-178-255-52 postfix/postdrop[30249]: warning: mail_queue_enter: create file maildrop/161533.30249: Permission denied

This is on Ubuntu 8.04. Any ideas?
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®

Commented:
Run postfix check - - this should spit out a warning for you regarding invalid permissions. Once you see who doesn't have permissions you can:

Stop Postfix and all its processes
chgrp -R group /var/spool/postfix/public
chgrp -R group /var/spool/postfix/maildrop
run postfix check again and see if the error goes away
Restart postfix and test

Your group and folders may be different. Give that a shot.

Author

Commented:
Ok, I ran postfix check and got this:

postsuper: fatal: scan_dir_push: open directory defer: Permission denied

I'm not sure what that is/means, though.  I don't see scan_dir_push in my Postfix configuration, nor do I see anything like that in postconf's output.

Commented:
I think this is related to permissions on the spool directories. Set the owner/group on the postfix directory:

Stop postfix
chown -R postfix.postfix /var/spool/postfix/public
chown -R postfix.postfix /var/spool/postfix/maildrop
Reload postfix
Acronis in Gartner 2019 MQ for datacenter backup

It is an honor to be featured in Gartner 2019 Magic Quadrant for Datacenter Backup and Recovery Solutions. Gartner’s MQ sets a high standard and earning a place on their grid is a great affirmation that Acronis is delivering on our mission to protect all data, apps, and systems.

Commented:
You may even need to set the owner/group up a level:

chown -R postfix.postfix /var/spool/postfix

That will cover all of the folders. Then run the postfix check and post the output.

Author

Commented:
Hmm. After I made those changes, postfix check returns this:

postfix/postfix-script: warning: not owned by root: /var/spool/postfix
postfix/postfix-script: warning: not owned by group postdrop: /var/spool/postfix/public
postfix/postfix-script: warning: not owned by group postdrop: /var/spool/postfix/maildrop
postfix/postfix-script: warning: not owned by root: /var/spool/postfix/etc
postfix/postfix-script: warning: not owned by root: /var/spool/postfix/lib
postfix/postfix-script: warning: not owned by root: /var/spool/postfix/usr
postfix/postfix-script: warning: not owned by root: /var/spool/postfix/usr/lib
postfix/postfix-script: warning: not owned by root: /var/spool/postfix/usr/lib/zoneinfo
postfix/postfix-script: warning: not owned by root: /var/spool/postfix/usr/lib/sasl2

Author

Commented:
It still gives the same error, too:

421 4.3.0 collect: Cannot write ./dfo661joJV030852 (bfcommit, uid=0, gid=151): No such file or directory

Commented:
Looks like root has everything except the two.

chown -R root.root /var/spool/postfix
set everything to root ownership

chown -R root.postdrop /var/spool/postfix/public
chown -R root.postdrop /var/spool/postfix/maildrop
set group postdrop on the two

Author

Commented:
Ok, I did that, but I'm still getting the scan_dir_push error when I run postfix check and the original error when I try to test via telnet. :(

postsuper: fatal: scan_dir_push: open directory defer: Permission denied


Commented:
I still think it smells of permissions. This command will set permissions based on the parameters in the main.cf file:

postfix -c /path/to/config set-permissions

Author

Commented:
Interesting... so I ran the command:

     sudo postfix -c /etc/postfix set-permissions

The result I received:

     chown: cannot access `/usr/lib/postfix/dict_cdb.so': No such file or directory


I went into the /usr/lib/postfix folder and these are the files I see:

-rwxr-xr-x  1 root root 9.8K 2008-09-09 16:55 anvil
-rwxr-xr-x  1 root root  35K 2008-09-09 16:55 bounce
-rwxr-xr-x  1 root root  84K 2008-09-09 16:55 cleanup
-rw-r--r--  1 root root  11K 2008-09-09 16:55 dict_mysql.so
-rw-r--r--  1 root root 6.0K 2008-09-09 16:55 dict_tcp.so
-rwxr-xr-x  1 root root 5.0K 2008-09-09 16:55 discard
-rwxr-xr-x  1 root root 5.2K 2008-09-09 16:55 error
-rwxr-xr-x  1 root root  13K 2008-09-09 16:55 flush
lrwxrwxrwx  1 root root    4 2010-07-05 11:57 lmtp -> smtp
-rwxr-xr-x  1 root root  47K 2008-09-09 16:55 local
-rwxr-xr-x  1 root root  28K 2008-09-09 16:55 master
-rwxr-xr-x  1 root root  43K 2008-09-09 16:55 oqmgr
-rwxr-xr-x  1 root root 8.9K 2008-09-09 16:55 pickup
-rwxr-xr-x  1 root root  15K 2008-09-09 16:55 pipe
-rwxr-xr-x  1 root root 8.9K 2008-09-09 16:55 proxymap
-rwxr-xr-x  1 root root  49K 2008-09-09 16:55 qmgr
-rwxr-xr-x  1 root root  17K 2008-09-09 16:55 qmqpd
-rwxr-xr-x  1 root root 8.3K 2008-09-09 16:55 scache
-rwxr-xr-x  1 root root 9.1K 2008-09-09 16:55 showq
-rwxr-xr-x  1 root root  75K 2008-09-09 16:55 smtp
-rwxr-xr-x  1 root root 151K 2008-09-09 16:55 smtpd
-rwxr-xr-x  1 root root 6.1K 2008-09-09 16:55 spawn
-rwxr-xr-x  1 root root  13K 2008-09-09 16:55 tlsmgr
-rwxr-xr-x  1 root root  19K 2008-09-09 16:55 trivial-rewrite
-rwxr-xr-x  1 root root 8.5K 2008-09-09 16:55 verify
-rwxr-xr-x  1 root root  14K 2008-09-09 16:55 virtual

Author

Commented:
Interesting, I did a tail /var/log/mail.log and got this today:

Jul  6 07:00:31 ip-68-178-255-52 postfix[3567]: fatal: open /etc/postfix/main.cf/main.cf: Not a directory
Jul  7 05:45:40 ip-68-178-255-52 postfix/master[9470]: fatal: bind 0.0.0.0 port 25: Address already in use
Jul  7 05:46:13 ip-68-178-255-52 sm-mta[9473]: o67CjilN009473: SYSERR(root): collect: Cannot write ./dfo67CjilN009473 (bfcommit, uid=0, gid=151): No such file or directory
Jul  7 05:46:13 ip-68-178-255-52 sm-mta[9473]: o67CjilN009473: from=frank@testsite.com, size=17, class=0, nrcpts=1, proto=ESMTP, daemon=MTA-v4, relay=localhost [127.0.0.1]

Commented:
Sorry elorc - I got pulled out of town for a client and just returned today. I am beginning to think there were some inherent problems at install that were the root cause of the underlying problems. Mostly permissions issues but it seems like there may be a bit more to it. Given that this is a testing system for you and not production it may be better to start again rather than continue to invest time troubleshooting these pesky little issues. I recommend that you take a look at this article: http://www.howtoforge.com/virtual-users-domains-postfix-courier-mysql-squirrelmail-ubuntu-10.04 - it's a comprehensive step-by-step to get a Postfix mail server on Ubuntu. This particular article is based on 10.04 - if you prefer to stay at 8.04 I'm sure there is another there (HowToForge). Then again, if you just want to keep hammering away at this one I guess we can do that too...

Author

Commented:
Unfortunately, as far as I know, I'm stuck on 8.04. I'd rather use the latest and greatest, but this particular client insists on doing business with GoDaddy (I have no idea why because they're horrible and I've tried to explain this to him) and as far as I can tell, they offer no newer version on their dedicated hosting plans.

I'll uninstall everything and try it again from scratch. I may not be able to get to it for a day or two but I'll let you know how it turns out.

Thanks for all of your help so far, I really appreciate it. :)

Commented:
While I'm not GoDaddy's biggest fan either - I do understand the version. Most providers do not migrate to the latest OS for quite some time - they wait until the platform is as stable as it can be before moving customers over. I will see if I can find you a comprehensive U 8.04 mail server setup.

Commented:
Here are two articles that have detailed step-by-steps for setting up Ubuntu 8.04 with Postfix (and many other apps).

http://howtoforge.com/perfect-server-ubuntu8.04-lts

http://howtoforge.com/virtual-users-domains-postfix-courier-mysql-squirrelmail-ubuntu8.04

Take a look at both of them and read them through start to finish. Choose the one that best matches what you're trying to accomplish. Also note that you don't have to install every feature or app - you can pick and choose the components you need. I have had good luck building base servers using these how to's and then customizing for my shop after the fact.

Good luck and let me know how it shakes out.

Author

Commented:
Hey, thanks for all of your help so far. :)  I've been using the second guide you sent, virtual users etc. I'm on page 3, step 9 toward the bottom. After I restart postfix it tells me to do a netstat to verify that Postfix master is listening on port 25. It's not, though. It says sendmail, not master:

tcp        0      0 localhost:smtp          *:*                     LISTEN      4747/sendmail: MTA:

I'm assuming that's not correct... should I apt-get remove sendmail?

Commented:
Before removing sendmail make sure postfix runs correctly:

sudo /etc/init.d/sendmail stop
sudo /etc/init.d/postfix start
netstat -tap

If postfix is now the MTA listening on 25 continue through testing. You can disable sendmail (or remove it) at the end.

Author

Commented:
Uhhh so this is interesting... I stopped sendmail, and it said it stopped successfully:

 * Stopping Mail Transport Agent (MTA) sendmail                          [ OK ]

I started Postfix, and it started successfully. I then ran netstat -tap and it still showed sendmail listening on port 25. So I stopped sendmail again, ran ps and found:

root      4747  0.0  0.0   8256  1868 ?        Ss   Jun18   0:49 sendmail: MTA: accepting connections


wtf?

Anyway, I killed process 4747 and restarted postfix. Now on netstat I see:

tcp        0      0 *:smtp                  *:*                     LISTEN      16014/master


On ps:

amavis    8225  0.0  1.1  31596 24352 ?        Ss   Jul11   0:00 amavisd (master)
root     16014  0.0  0.0   5396  1744 ?        Ss   15:55   0:00 /usr/lib/postfix/master


No sign of sendmail anymore. That's weird that it didn't stop the process on it's own, though, isn't it?

Author

Commented:
Oh and other good news, if I telnet to localhost 25 and try to put together an email, it queues it successfully but it doesn't seem to go through:

Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 sc-dedicated.godsofdestruction.org ESMTP Postfix (Ubuntu)
ehlo sc-dedicated.godsofdestruction.org
250-sc-dedicated.godsofdestruction.org
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
mail from: frank@godsofdestruction.org
250 2.1.0 Ok
rcpt to: myaccount@gmail.com
250 2.1.5 Ok
data
354 End data with <CR><LF>.<CR><LF>
why hello there
.
250 2.0.0 Ok: queued as 4D41D69447C
quit


From /var/log/mail.log:

Jul 12 15:58:32 ip-68-178-255-52 postfix/smtp[16108]: connect to alt1.gmail-smtp-in.l.google.com[74.125.95.27]:25: No route to host
Jul 12 15:58:35 ip-68-178-255-52 postfix/smtp[16108]: connect to alt2.gmail-smtp-in.l.google.com[74.125.65.27]:25: No route to host
Jul 12 15:58:38 ip-68-178-255-52 postfix/smtp[16108]: connect to alt3.gmail-smtp-in.l.google.com[74.125.91.27]:25: No route to host
Jul 12 15:58:41 ip-68-178-255-52 postfix/smtp[16108]: connect to alt4.gmail-smtp-in.l.google.com[74.125.113.27]:25: No route to host
Jul 12 15:58:41 ip-68-178-255-52 postfix/smtp[16108]: ADFCD69447D: to=<myaccount@gmail.com>, relay=none, delay=33, delays=0.03/0.01/33/0, dsn=4.4.1, status=deferred (connect to alt4.gmail-smtp-in.l.google.com[74.125.113.27]:25: No route to host)


Ok, so I ran nslookup, set type to mx and queried gmail.com. I got those mail servers back. I then tried to nslookup gmail-smtp-in.l.google.com, and it came back as 74.125.53.27. I can ping it successfully:

PING gmail-smtp-in.l.google.com (74.125.53.27) 56(84) bytes of data.
64 bytes from pw-in-f27.1e100.net (74.125.53.27): icmp_seq=1 ttl=52 time=63.2 ms
(etc, etc...)

The hostname that it shows is weird. I can't telnet to it on port 25, though:

Trying 74.125.53.27...
telnet: Unable to connect to remote host: No route to host

Commented:
My first thought is DNS - make sure you have an MX record for the new server - google may be bouncing it because it can't find an MX (and/or PTR) for that mail server. You should try sending to another email account (non-google) to test; yahoo or hotmail.

Author

Commented:
Well I can telnet to 74.125.113.27 (one of the Google mail servers) from my home computer, but not the server I'm working on. I did a little searching on it and it's been suggested to other people experiencing this that their host/ISP could be blocking port 25 outbound. I guess maybe GoDaddy is doing something to block it?

Author

Commented:
It turns out that GoDaddy does block port 25 outbound, so I have to use their relay. Bleh, oh well.

This mail configuration is really frustrating. Since I now know what the deal is with SMTP, I tried to send a user I created an email from my other mail account. So from my webmail account (through a different, working mail system) I tried to email frank@godsofdestruction.org. Instead of going through, I get an email bounced back from the hosting company that my working email is on:

The original message was received at Tue, 13 Jul 2010 19:02:59 -0400
from webmail@localhost

----- The following addresses had permanent fatal errors -----
frank@godsofdestruction.org
(reason: 550 5.1.1 <frank@godsofdestruction.org>... User unknown)
(expanded from: frank@godsofdestruction.org)

----- Transcript of session follows -----
... while talking to localhost:
>>> RCPT To:<frank@godsofdestruction.org>
<<< 550 5.1.1 <frank@godsofdestruction.org>... User unknown
550 5.1.1 frank@godsofdestruction.org... User unknown



That makes no sense. If I  check the table in MySQL:

mysql> select * from users;
+-----------------------------+---------------+----------+
| email                       | password      | quota    |
+-----------------------------+---------------+----------+
| frank@godsofdestruction.org | (encrypted PW) | 10485760 |
+-----------------------------+---------------+----------+
1 row in set (0.00 sec)

Author

Commented:
Hmm, and when I try to log into SquirrelMail...

ERROR:
ERROR: Connection dropped by IMAP server.
 
 

When I run ps and grep for lines containing imap:

root      5992  0.0  0.0   1904   504 ?        S    Jul11   0:00 /usr/sbin/courierlogger -pid=/var/run/courier/imapd.pid -start -name=imapd /usr/sbin/couriertcpd -address=0 -maxprocs=40 -maxperip=20 -nodnslookup -noidentlookup 143 /usr/lib/courier/courier/imaplogin /usr/bin/imapd Maildir
root      5993  0.0  0.0   2008   608 ?        S    Jul11   0:00 /usr/sbin/couriertcpd -address=0 -maxprocs=40 -maxperip=20 -nodnslookup -noidentlookup 143 /usr/lib/courier/courier/imaplogin /usr/bin/imapd Maildir
root      6015  0.0  0.0   1904   500 ?        S    Jul11   0:00 /usr/sbin/courierlogger -pid=/var/run/courier/imapd-ssl.pid -start -name=imapd-ssl /usr/sbin/couriertcpd -address=0 -maxprocs=40 -maxperip=20 -nodnslookup -noidentlookup 993 /usr/bin/couriertls -server -tcpd /usr/lib/courier/courier/imaplogin /usr/bin/imapd Maildir
root      6016  0.0  0.0   2008   604 ?        S    Jul11   0:00 /usr/sbin/couriertcpd -address=0 -maxprocs=40 -maxperip=20 -nodnslookup -noidentlookup 993 /usr/bin/couriertls -server -tcpd /usr/lib/courier/courier/imaplogin /usr/bin/imapd Maildir
Commented:
Seems I wasn't getting EE emails for a couple days and didn't know you commented - thought maybe you had it whipped. In any case, it may be time again to engage the hosting company and make sure that your server is configured correctly and that the relay server is actually passing the messages along. I can't tell from the message headers if your server or the relay server bounced the email.

Author

Commented:
I had them revert the server to its fresh state. I'm not sure if it's messed up because the host's initial configuration of the machine, or from my previous attempt to install mail (which I am pretty sure I removed/undid, but I'll give this a shot anyway).

I haven't started configuring it again, but I'm hoping to get to it tomorrow. In any case, I appreciate your help so far and will mark this as closed. I'll post here again if I run into any other trouble. :)

Author

Commented:
Actually one last thing. lol. Telling postfix to use GoDaddy's relay... I would just add that to the transport table as:

INSERT INTO transport (domain, transport) VALUES ('godsofdestruction.org', 'smtp:smtpout.godaddy.com');    

Is that all I have to do?

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial