Solved

Recipient address rejected: User unknown in virtual mailbox, but don't host the email only the site

Posted on 2011-09-29
25
1,579 Views
Last Modified: 2012-05-12
I am helping my church with an issue regarding email.

They host there own email but there site is at a different company.. the problem is that when they send an email to the server there website is hosted on it gets this error

Recipient address rejected: User unknown in virtual mailbox

When the hosting company sends an email to them, they get the same error, the church can send anywhere else in the world and so can the hosting company

Its almost like the hosting companies server (which I have access to) is claiming that they are the authoritative DNS, so when they try to send to the church, since the email is local it looks at the local rule and rejects it, but the servers MX rules go to the church and just the A record goes to the site.... Again, I have access to all parties but have no idea how to fix this :(

P.S. the server uses postfix with Plesk if that helps and the church host their email on an exchange server.
0
Comment
Question by:Greg Alexander
  • 14
  • 11
25 Comments
 
LVL 21

Expert Comment

by:Papertrip
ID: 36816277
Configuration issue in postfix.  It appears you are using virtual mailboxes, but haven't populated the virtual_mailbox_maps.

http://www.postfix.org/VIRTUAL_README.html
0
 
LVL 18

Author Comment

by:Greg Alexander
ID: 36816291
Even if every other domain on their servers emails work fine?
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36816325
virtual_mailbox_maps and/or virtual_alias_maps work on a user and/or domain level, so yes.

http://www.postfix.org/VIRTUAL_README.html#virtual_mailbox
http://www.postfix.org/postconf.5.html#virtual_alias_maps
http://www.postfix.org/virtual.5.html

10 /etc/postfix/vmailbox:
11     info@example.com    example.com/info
12     sales@example.com   example.com/sales/
13     # Comment out the entry below to implement a catch-all.
14     # @example.com      example.com/catchall
15     ...virtual mailboxes for more domains...
16
17 /etc/postfix/virtual:
18     postmaster@example.com postmaster
0
 
LVL 18

Author Comment

by:Greg Alexander
ID: 36816502
One last thing before i get into this... this would tell postfix that the hosting company does not host the email right>
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36816645
Virtual mailboxes basically accomplish 2 things -- you don't need to create system accounts for mail users, and you can dictate which users get mail at which domains.  So, unless you specifically say that a user has a virtual mailbox at a certain domain, you will get that exact error you are receiving.

By default, without using virtual mailboxes or aliases, all users would need a local system account and would receive mail from all domains.

I would guess that if you dug into your configs, you will see some sort of address mapping being done, either with virtual_mailbox_maps or virtual_alias_maps.
0
 
LVL 18

Author Comment

by:Greg Alexander
ID: 36816652
the problem seems like the server thinks it is hosting the email because it is giving the error message, when it should look past its own rules and treat incoming mail and outgoing as remote email instead of local... I understand the postfix issue, but postfix is not working because the email is hosted somewhere else, I need to configure postfix to realize this and not sure if its in the DNS or a setting that is stuck in postfix regarding this domean..... I am thinking because when a domain is setup in plesk, it automatically sets the MX record to assume it is going to host the email, however once the server DNS setting point somewhere else, you would think that postfix would listen... that make sense?
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36816706
I think I know what you are saying in that last reply.

Do you mean that mail coming from the internet to your domain is going to the hosting company's postfix server, but you want it to be delivered directly to the churches exchange server?

Check the MX records for your domain at http://mxtoolbox.com/
Make sure the records are pointing only to your Exchange server and not to the hosting companies postfix server.
0
 
LVL 18

Author Comment

by:Greg Alexander
ID: 36816911

Yes! you got it, now

I checked the DNS on the server and all MX records are going to the churches exchange and the A record is going to the  postfix, one thing I should mentioned but should not change anything but the primary DNS is on a third party (dnsmadeeasy.com) so i wonder if I should change the mx records to go there? because they currently are pointing to the same place that the dnsmadeasy shows... I also tried removing all records except the A and found that did not work :)
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36816938
Yes! you got it, now
Good :)  Your wording was a bit confusing, but all good.

Don't change anything just yet.  If you could provide me with the domain name in question, I can tell you if it's setup properly, and how to fix it if it is not.
0
 
LVL 18

Author Comment

by:Greg Alexander
ID: 36817001
sorry, should have said yes you understand my poorly worded question now lol

church domain brandnewchurch.com

hosting company is 97.74.196.211
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36817078
[root@broken postfix]# dig mx brandnewchurch.com +short
5 mail.global.frontbridge.com.
10 mail.brandnewchurch.com.
20 mx1.dnsmadeeasy.com.
30 mx2.dnsmadeeasy.com.
40 mx3.dnsmadeeasy.com.

Open in new window


Yeah that is not right :p

If your Exchange server is mail.brandnewchurch.com, and is properly setup, then that is the only MX record that should be there for your domain.

[root@broken ~]# telnet mail.brandnewchurch.com 25
Trying 166.102.6.234...
telnet: connect to address 166.102.6.234: Connection timed out

Open in new window


That is another problem, mail.brandnewchurch.com is not listening on port 25.
0
 
LVL 18

Author Comment

by:Greg Alexander
ID: 36817278
albeit wrong, those are somehow working :( because that is the DNS that is setup on dnsmadeeasy, here is the dns for this domain on the hostind companies server

 DNS
0
Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

 
LVL 18

Author Comment

by:Greg Alexander
ID: 36817285
the 166.102.6.211 is the churches exchange server there
0
 
LVL 18

Author Comment

by:Greg Alexander
ID: 36817299
should mail.brandnewchurch have a cname record too on the server?
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36817348
All I have to say in reply to your latest posts is exactly what my last answer was.  Regardless of what you see in that screenshot, the servers I pasted is what is being shown to the Internet.

If you want mail for brandnewchurch.com to come directly to mail.brandnewchurch.com, then that is the only MX record that should be listed for your domain.  However, as I mentioned, your Exchange server is not listening on port 25 (or 465 for SMTP over SSL), so even if your MX records were correct you would still not be able to receive mail.  I should mention that it is possible that Exchange is only accepting connections from certain IP's (like an upstream mail relay), but that has not been brought up yet so I have to assume you aren't doing that.

Why did you add the MX records of dnsmadeeasy.com for your domain?  Are they relaying mails to you?  What is mail.global.frontbridge.com ?
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36817358
should mail.brandnewchurch have a cname record too on the server?
No.
0
 
LVL 18

Author Comment

by:Greg Alexander
ID: 36817412
I see what you are saying and don't really understand how mail is working.... you can send all day long from any email address on this earth to brandnewchurch.com and it would work, except! that you can not send email from brandnewchurch.com to 97.74.196.211 or from 97.74.196.211 to brandnewchurch.com.. I do not know what  mail.global.frontbridge.com is, I am checking on that now
0
 
LVL 18

Author Comment

by:Greg Alexander
ID: 36817456
Why did you add the MX records of dnsmadeeasy.com for your domain?

I added the MX record, thinking the server was thinking it was the primary DNS and thus telling it instead of going internally, to go to where the mail is hosted.... just in desperation lol
0
 
LVL 18

Author Comment

by:Greg Alexander
ID: 36817657
mail.global.frontbridge.com is the exchange server online with microsoft that they use... they dont use a local exchange server anymore... that makes me wonder why mail.brandnewchurch.com is ping at the old exchange server address for the church
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36817692
Then remove all the MX records for brandnewchurch.com except for mail.global.frontbridge.com

[root@broken ~]# telnet mail.global.frontbridge.com 25
Trying 65.55.88.22...
Connected to mail.global.frontbridge.com.
Escape character is '^]'.
220 TX2EHSMHS028.bigfish.com Microsoft ESMTP MAIL Service ready at Thu, 29 Sep 2011 19:54:59 +0000

Open in new window

0
 
LVL 18

Author Comment

by:Greg Alexander
ID: 36817839
I did that and it still does not work..

When the host sends to the church
 Recipient address rejected: User unknown in virtual mailbox table. Please check the message recipient

An error occurred while sending mail. The mail server responded:  5.1.1
 <XXXXX@brandnewchurch.com>: Recipient address rejected: User unknown in virtual mailbox table.
 Please check the message recipient XXXXX@brandnewchurch.com and try again.

Open in new window


When the church sends to the host ( daysixfellowship is a domain that is hosted by the same company that hosts the church) below is what we get




Diagnostic information for administrators:
Generating server: bigfish.com
bryan@daysixfellowship.com
ip-97-74-196-211.ip.secureserver.net #<ip-97-74-196-211.ip.secureserver.net #5.0.0 smtp;554 mail server permanently rejected message> #SMTP#
Original message headers:

Received: from mail40-ch1-R.bigfish.com (216.32.181.169) by
 CH1EHSOBE018.bigfish.com (10.43.70.68) with Microsoft SMTP Server id
 14.1.225.22; Tue, 27 Sep 2011 14:30:29 +0000
Received: from mail40-ch1 (localhost.localdomain [127.0.0.1])	by
 mail40-ch1-R.bigfish.com (Postfix) with ESMTP id 0637C6C829B	for
 <bryan@daysixfellowship.com>; Tue, 27 Sep 2011 14:30:29 +0000 (UTC)
X-SpamScore: -5
X-BigFish: VPS-5(zz14e0Mc85fhzz1202hzz8275bhz31h2a8h668h839h)
X-Forefront-Antispam-Report: CIP:65.55.171.153;KIP:(null);UIP:(null);IPVD:NLI;H:VA3DIAHUB008.RED001.local;RD:smtp801.microsoftonline.com;EFVD:NLI
X-FB-SS: 13,
Received-SPF: softfail (mail40-ch1: transitioning domain of brandnewchurch.com does not designate 65.55.171.153 as permitted sender) client-ip=65.55.171.153; envelope-from=tammy.satterwhite@brandnewchurch.com; helo=VA3DIAHUB008.RED001.local ;RED001.local ;
Received: from mail40-ch1 (localhost.localdomain [127.0.0.1]) by mail40-ch1 (MessageSwitch) id 1317133828758166_23057; Tue, 27 Sep 2011 14:30:28 +0000 (UTC)
Received: from CH1EHSMHS006.bigfish.com (snatpool1.int.messaging.microsoft.com
 [10.43.68.241])	by mail40-ch1.bigfish.com (Postfix) with ESMTP id
 A90F91A08050	for <bryan@daysixfellowship.com>; Tue, 27 Sep 2011 14:30:28
 +0000 (UTC)
Received: from VA3DIAHUB008.RED001.local (65.55.171.153) by
 CH1EHSMHS006.bigfish.com (10.43.70.6) with Microsoft SMTP Server (TLS) id
 14.1.225.22; Tue, 27 Sep 2011 14:30:25 +0000
Received: from VA3DIAXVS1B1.RED001.local ([10.16.20.62]) by
 VA3DIAHUB008.RED001.local ([10.32.16.179]) with mapi; Tue, 27 Sep 2011
 07:29:57 -0700
From: Tammy Satterwhite <tammy.satterwhite@brandnewchurch.com>
To: Kameron Richter <kameron.richter@brandnewchurch.com>, Bryan Belding
	<bryan@daysixfellowship.com>
CC: Bruce Medley <bruce.medley@brandnewchurch.com>
Date: Tue, 27 Sep 2011 07:29:53 -0700
Subject: Sat night Day 6
Thread-Topic: Sat night Day 6
Thread-Index: Acx9Ie4l06DallDrTHeb00FXcQFu7w==
Message-ID: <CAA74811.12AC6%tammy.satterwhite@brandnewchurch.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.10.0.110310
acceptlanguage: en-US
Content-Type: multipart/alternative;
	boundary="_000_CAA7481112AC6tammysatterwhitebrandnewchurchcom_"
MIME-Version: 1.0
Return-Path: tammy.satterwhite@brandnewchurch.com
X-OriginatorOrg: brandnewchurch.com

Open in new window

0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36817997
What are you referring to when you say "host"?  Do you mean the server that is hosting only your website?

From your earlier reply:
except! that you can not send email from brandnewchurch.com to 97.74.196.211 or from 97.74.196.211 to brandnewchurch.com
 The first part of that problem goes back to the whole virtual mailbox stuff, the 2nd part of that is because postfix on 97.74.196.211 thinks it is the final destination for brandnewchurch.com.  Any testing you are doing for this should not be done on 97.74.169.211, send mails from an external address to brandnewchurch.com instead.

However, from what I can see by reading the headers, it seems that something on the hosted Exchange server is configured to send mails for brandnewchurch.com to 97.74.196.211.

I'm starting to think this was just some confusion in the initial setup of the hosted Exchange server and/or the configuration of it as it pertains to brandnewchurch.com.

Basically we need to get that postfix server completely out of this mail flow.

Also your SPF record isn't going to work with your current setup -- but that should be asked in a separate question once this is resolved IMO.
0
 
LVL 18

Author Comment

by:Greg Alexander
ID: 36818051
What are you referring to when you say "host"?  Do you mean the server that is hosting only your website?

Yes

the 2nd part of that is because postfix on 97.74.196.211 thinks it is the final destination for brandnewchurch.com

Open in new window


Yes, I need to fix that problem , how do I get postfix out of the flow of things?
0
 
LVL 21

Accepted Solution

by:
Papertrip earned 500 total points
ID: 36818340
No that is not the problem.  Ignore doing any testing to/from 97.74.196.211.

You need to find out why the hosted Exchange server is sending mails to that IP for brandnewchurch.com.  From the headers, it looks like you are generating mails from inside the hosted Exchange, sending to a domain that should have local mailboxes according to what you said before (that the hosted Exchange is the correct destination for brandnewchurch.com mails), and then Exchange has a setting someplace to forward it to 97.74.196.211.

Where that setting is in Exchange I do not know off hand.
0
 
LVL 18

Author Comment

by:Greg Alexander
ID: 36818405
I will look through it :)
0

Featured Post

Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

I. Introduction There's an interesting discussion going on now in an Experts Exchange Group — Attachments with no extension (http://www.experts-exchange.com/discussions/210281/Attachments-with-no-extension.html). This reminded me of questions tha…
It’s 2016. Password authentication should be dead — or at least close to dying. But, unfortunately, it has not traversed Quagga stage yet. Using password authentication is like laundering hotel guest linens with a washboard — it’s Passé.
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now