Topic: email rejected from dedicated affa v3 backup server

[SchulzStefan]

Based on SME 8.0 I installed affa v3. Backups are working fine. But any email from the affa server is rejected from the production server.

IP of the affa box: 192.168.1.15, server-only mode
IP of the production server: 192.168.1.10, server-only mode

delivery 103: failure: 192.168.1.10_does_not_like_recipient./Remote_host_said:_550_Relaying_denied_(#5.7.1)/Giving_up_on_192.168.1.10./

From the affa page :

Postfix Configuration

If no DNS A-Record has been set up for the FQHN, the receiving mail server may reject Affa messages. To avoid this, set the Envelope-From to the domain name.

sed --in-place=.BAK 's:[# \t]*myorigin[ \t]*=[ \t]*\$mydomain.*:myorigin=$mydomain:g' /etc/postfix/main.cf

I think, this will not work on SME.

Could anybody give me a hint, how to get email from the backup server?

[Stefano]

SME uses qmail..

can you give us some details about domain, hostname, and smtp configuration?

[SchulzStefan]

Domain: affaivb.local
Hostname: orion
SMTP: not yet configured

[Stefano]

configure the affa server to use the other as smtp server (create a user ad hoc)

[janet]

SchulzStefan

Domain: affaivb.local

It's never a good idea to use domain names like that ie xxxx.local, that is Windows parlance.
Use a valid (resolvable) domain name. It can be the same domain name as your production server.
Also configure the ISP's mail server details for smtp server (ie same as your production box).

[SchulzStefan]

@ Stefano and janet

Thank you for your help. I followed the advice Stefano gave me. Emails are beeing delivered now.

@ janet

In the past (until today) I set up all my servers for the primary domain always with something like "abc.local". Further then, I created one or more virtual domains with the name of real existing internet domains, like "xyz.de". Everything is working fine, I do not have problems with this configuration. Just out of curiosity (and of course I'm always in a learning mode) - is my configuration a mis-configuration? Would it be better to change it? And if so, is it just enough to rename the domain in the admin-panel? Or is it better to follow the rule - never touch a running system?

[janet]

SchulzStefan

I agree with Stefano's advice, but that's not the only way or answer.

In the past (until today) I set up all my servers for the primary domain always with something like "abc.local". Further then, I created one or more virtual domains with the name of real existing internet domains, like "xyz.de".

Well that "works" but you just encountered one of the reasons why using abc.local for the main domain name is not a good idea.
As I said before, far better to use a resolvable domain name, the server does pass those credentials to other servers & mail will not be rejected in that case.

...is my configuration a mis-configuration? Would it be better to change it? And if so, is it just enough to rename the domain in the admin-panel? Or is it better to follow the rule - never touch a running system?

It is generally safe to make changes to a SME server, providing tweaks have been done using custom templates or db commands, as these changes will be retained during a system reconfiguration & reboot. The main domain can safely be changed, a new self signed certificate will be created for the new domain name & other data & settings will be retained, including the virtual domain names.

Not necessarily a mis-configuration, but not necessarily "best practice".
AFAIK for the last 14 years, SME server developer advice has always been to use a resolvable domain name, & it can be the same domain name as your main site production server, particularly if the secondary server is behind that. It depends on your network & requirements, but there have been many problems reported in these forums over the years to do with servers having a main domain like abc.local.
The secondary servers server name should be different so each server can be identified.

I tend to use one of the hosted domains as the main domain name, & all other hosted domains are virtual domains, added in the server manager Domains panel, or create  a free (& resolvable) domain name as the main domain (which is not really used by anyone), & then add other "active" domains as virtual domains. It depends on your specific needs & server & network configuration etc.

[SchulzStefan]

janet,

thank you for pointing this out.

On the production server we are working with zarafa, mailarchiva, the bridge contrib and phpki. Therefore I'm not sure if I change the primary domain abc.local to xyz.de, will break the system. In this case I would have probably first to delete the xyz.de virtual domain, before I'm able to set this domain as primary domain. I'll check this out in a virtual box.

stefan

[guest22]

Stefan,

I know that Zarafa will complain at first regarding certificates, and you have to re-generate them, so please check that in your virtualbox. Most likely also the zarafa custom templates after that.

guest

[SchulzStefan]

RequestedDeletion,

thank you for that hint. I'll report.

stefan