Concept configuration of Postfix with Smarthosts

I’m new here and I have just successfully installed Kopano Core and Webapp. So fare im happy with it but now I need to configure everything.

Now I need postfix and probably fetchmail. Those are not included in Kopano correct?
I heard that fetchmail had/has some security issues?

Base information
I have currently some Domains Mailprovider for example:

mail.testdomain.ch
mail.gmx.ch

I always send via those provider my e-mails and from them they go out and go to the reciever.

Idea:

  1. I create my user in Kopano
  2. I install fetchmail
  3. I create a local fetchmail account and pull all the mails via this user into the Kopano database (with reference to the user I created in step 1)
  4. I install postfix
  5. I configure postfix that I relay via different domains to different provider/smarthosts with different logins

End result:
My goal ist to have a single user where I can sign in (Webapp, Deskapp, Z-Push Iphone) and have all E-Mails in one account. I can send via Smartphone from the main E-Mail adress e-mails. I can send via Deskapp and via Webapp from all of my different E-Mail Accounts.

Is something possible and could someone help me to configure that?

@hispeed

My fetchmail configuration in Ubuntu 16.04 for Kopano, which does what you want:

Fetchmail

apt install fetchmail
in /etc/kopano/server.cfg => local_admin_users ⇒ add the fetchmail user to this line
systemctl restart kopano-server
nano /etc/passwd ⇒ change the shell for user fetchmail to /bin/bash
su - fetchmail
pwd
nano fetchmail-accounts

#.fetchmailrc
set postmaster "your-admin-postmaster-account@domain.tld"
# set no bouncemail
set no softbounce
# accounts
poll pop.srv.de proto pop3 user "mylogin" pass "mypass" options ssl smtpaddress localhost forcecr mda "/usr/bin/zarafa-dagent -s the-local-kopano-user-id"

chmod 0700 fetchmail-accounts
fetchmail -f fetchmail-accounts
crontab -e
*/3 * * * * /usr/bin/fetchmail -f /var/lib/fetchmail/fetchmail-accounts -s

Cron error messages will to fetchmail@your-hostname ⇒ this account should exist, or use the MAILTO= line in crontab for another email
exit (exit shell for user fetchmail)

Check if everything works:
journalctl -u cron -f
you can also watch dagent.log, but you have to turn the log level up to info to really see what happens!

Regaring sending out messages via your provider SMTP server: Postfix has the “smtp_sender_dependent_authentication” functionality for this, which I’m also actively using. Works fine. To have user-selectable sender addresses I think you need to add all those users in Kopano and then give your main account send-as rights as far as I know… Which is a bit annoying.

Hi Gerald,

This sounds very interesting. I’m already on your way to do it like you did it. Thanks for your help.

I’m right now working on “nano fetchmail-accounts” . What is the postmaster admin account? The master account I want to use in the end in Z-Push?

Right now I’m getting the error: fetchmail: MDA error while fetching from XXXXXXXXX

I’m looking into it right now… hopefully I find something out. Crontab is not configured yet.

EDIT:

fetchmail@svgwma-kopa-02:~$ nano fetchmail-accounts
fetchmail@svgwma-kopa-02:~$ fetchmail -f fetchmail-accounts
2 messages for webXXXX at webXXX.login-XX.hoststar.ch.
sh: 1: /usr/bin/zarafa-dagent: not found
reading message webXXXX@webXXX.login-XX.hoststar.ch:1 of 2 (1279 header octets) (180320 body octets)fetchmail: error writing message text
fetchmail: MDA error while fetching from webXXX@webXXX.login-XX.hoststar.ch
fetchmail: Query status=6 (IOERR)

Hmm I don’t have zarafa installed…?!?

EDIT 2:
The problem is this line in the fetchmail accounts config:

poll pop.srv.de proto pop3 user “mylogin” pass “mypass” options ssl smtpaddress localhost forcecr mda “/usr/bin/zarafa-dagent -s the-local-kopano-user-id

Thanks for any help!

EDIT 3:
Do I have to use your " " or not? Where do I find the Local-Kopano-User-id?

Hi, does anyone else can help? I tried different things out. But I don’t know houw should I move forward. I could search a tutorial which explains fetchmail but there are the config files different.

@hispeed said in Concept configuration of Postfix with Smarthosts:

Hi, does anyone else can help? I tried different things out. But I don’t know houw should I move forward. I could search a tutorial which explains fetchmail but there are the config files different.

you just have to replace zarafa-dagent with kopano-dagent

Hi Felix (Master-of-support ;D),

That was one of the changes I already tried. Unfortunately no luck until now.
Where is dagent.log ? Wheren can I activate the log?

I have the old zarafa-fetchmail config in front of me.
It looks very close to this old config but I probably need that log to see what’s wrong.

“zarafa-fetchmail add zarafausername webXXXX XXXXXXXX webXXX.login-12.hoststar.ch imap 993 ssl”

@hispeed said in Concept configuration of Postfix with Smarthosts:

That was one of the changes I already tried.

Then you have to do a better job in describing what you already have tried, how your configuration looks at the moment and what errors you see/get?

@hispeed said in Concept configuration of Postfix with Smarthosts:

Where is dagent.log ? Wheren can I activate the log?

On modern system everything is logged to through systemd to journald. But if you prefer this you can still configure a logfile in the dagent.cfg.

@hispeed said in Concept configuration of Postfix with Smarthosts:

“zarafa-fetchmail add zarafausername webXXXX XXXXXXXX webXXX.login-12.hoststar.ch imap 993 ssl”

This does not look like a fetchmail configuration. imho it should look something like this: (this also makes use of the local mta to deliver mails to dagent, this is something i prefer over directly going to dagent)

poll pop.gmx.net bad-header accept proto pop3 user something@gmx.net pass my-password-at-gmx is local-email here nokeep fetchall ssl

In systemd i recieve:

Mai 22 20:45:42 svgwma-kopa-02 kopano-server[2089]: Starting kopano-server version 8.6.80 (pid 2089)
Mai 22 20:51:01 svgwma-kopa-02 su[2135]: Successful su for fetchmail by root
Mai 22 20:51:01 svgwma-kopa-02 su[2135]: + /dev/pts/0 root:fetchmail
Mai 22 20:51:01 svgwma-kopa-02 su[2135]: pam_unix(su:session): session opened for user fetchmail by kopano(uid=0)
Mai 22 20:51:01 svgwma-kopa-02 su[2135]: pam_systemd(su:session): Cannot create session: Already running in a session
Mai 22 20:51:06 svgwma-kopa-02 su[2135]: pam_unix(su:session): session closed for user fetchmail

I got now the following error when I use your line concerning fetchmail:

fetchmail: SMTP error: 550 5.1.1 <hispeed@localhost>: Recipient address rejected: User unknown in local recipient table
fetchmail: mail from MAILER-DAEMON@svgwma-kopa-02 bounced to XXXX@email.XXXXX.com
reading message webXXXX@webXXXX.login-XXXX.hoststar.ch:1 of 3 (1279 header octets) (180320 body octets) flushed
fetchmail: SMTP error: 550 5.1.1 <hispeed@localhost>: Recipient address rejected: User unknown in local recipient table
fetchmail: mail from MAILER-DAEMON@svgwma-kopa-02 bounced to XXXXX@email.XXXXXX.com
reading message webXXXX@webXXX.login-XXX.hoststar.ch:2 of 3 (1281 header octets) (180320 body octets) flushed
fetchmail: SMTP error: 550 5.1.1 <hispeed@localhost>: Recipient address rejected: User unknown in local recipient table
fetchmail: mail from MAILER-DAEMON@svgwma-kopa-02 bounced to XXXX@email.XXXXcom
reading message webXXX@webXXXX.ogin-XXX.hoststar.ch:3 of 3 (1268 header octets) (180258 body octets) flushed

The mails were just test mail so i don’t care. You wrote: “Local-Email here” What you mean? I have created a user which is called hispeed in Kopano. Do you mean this user or this users e-mail <- What would be e-mail of a local Kopano user?

@hispeed said in Concept configuration of Postfix with Smarthosts:

You wrote: “Local-Email here” What you mean? I have created a user which is called hispeed in Kopano. Do you mean this user or this users e-mail <- What would be e-mail of a local Kopano user?

Yes the mail you’ve given in your fetchmail configuration is not recognized by your postfix and therefore bounces.
I really to mean an email address, else postfix won’t be able to deliver.
The email of a Kopano user is whatever you specified as an email when you created the user.

Now it says it’s flushed thru fetchmail but because postfix is not yet configured I don’t get into Kopano.

This is my postfix config file running the system on Synology and Zarafa4H. Can I use that? I have marked with ** two lines. There are the files which Zarafa uses for connecting the different accounts. I probably have to change that to Kopano somehow?

reject_unknown_helo_hostname
smtpd_client_restrictions = permit_mynetworks
smtpd_recipient_restrictions = permit_mynetworks reject_invalid_hostname reject_unauth_destination reject_unknown_recipient_domain
delay_warning_time = 4h
unknown_local_recipient_reject_code = 450
maximal_queue_lifetime = 7d
minimal_backoff_time = 1000s
maximal_backoff_time = 8000s
smtpd_recipient_limit = 16
smtpd_soft_error_limit = 3
smtpd_hard_error_limit = 12

# relayhosting from provider when running dynamic IP; now we need sasl_auth
#relayhost = smtp.example.com
smtp_sasl_auth_enable = yes
**smtp_sasl_password_maps = hash:/etc/zarafa/postfix/sasl_passwd**
**sender_dependent_relayhost_maps = hash:/etc/zarafa/postfix/sender_relay**
smtp_sasl_security_options = noanonymous
smtp_sender_dependent_authentication = yes
smtp_use_tls = yes
smtp_tls_enforce_peername = no
smtpd_tls_security_level = may

The above Postfix configuration does not look complete. I’d rather recommend to use the distribution default and then add one of the examples from the documentation. these can be found at https://kb.kopano.io/display/WIKI/Postfix and https://documentation.kopano.io/kopanocore_administrator_manual/configure_kc_components.html#kc-postfix-integration

It could be that this is not the whole configuration. I really don’t get it. One of the reason I want to go away from Synology because I really don’t know how that works at the moment and I hope I understand it more if I do it on a own system.

At the moment my config I have on pastebin: https://pastebin.com/rzmybzd2
Since I have changed the postfix config I recieve that error:
Something is now wrong: fetchmail: SMTP error: 451 4.3.0 XXXX@XXXXX.ch: Temporary lookup failure -> reading message webXXXX@webXXXXX.login-12.hoststar.ch:1 of 1 (5926 header octets) not flushed |

@hispeed said in Concept configuration of Postfix with Smarthosts:

Since I have changed the postfix config I recieve that error:

so you combined your postfix configuration with the above from synology and now get these errors? Debugging postfix problems is always easier with the full error message from the mail.log and the main.cf (or the output of postfonf -n )

Yes that’s right I combined that but I’m not sure if this is the actual config from the Synology which is running. I have the Docker setup from Zarafa4H. Do you know where the config is which is actually running for the Docker setup?

Mail.log:

May 25 15:52:19 svgwma-kopa-02 postfix/postfix-script[18371]: starting the Postfix mail system
May 25 15:52:19 svgwma-kopa-02 postfix/master[18373]: daemon started -- version 3.3.0, configuration /etc/postfix
May 25 15:52:24 svgwma-kopa-02 postfix/smtpd[18415]: connect from localhost6.localdomain6[::1]
May 25 15:52:24 svgwma-kopa-02 postfix/trivial-rewrite[18418]: error: open database /etc/kopano/postfix/sender_relay.db: No such file or directory
May 25 15:52:24 svgwma-kopa-02 postfix/trivial-rewrite[18418]: warning: hash:/etc/kopano/postfix/sender_relay is unavailable. open database /etc/kopano/postfix/s$
May 25 15:52:24 svgwma-kopa-02 postfix/trivial-rewrite[18418]: warning: hash:/etc/kopano/postfix/sender_relay lookup error for ""<>""
May 25 15:52:24 svgwma-kopa-02 postfix/trivial-rewrite[18418]: warning: sender_dependent_relayhost_maps lookup failure
May 25 15:52:24 svgwma-kopa-02 postfix/trivial-rewrite[18418]: warning: hash:/etc/kopano/postfix/sender_relay is unavailable. open database /etc/kopano/postfix/s$
May 25 15:52:24 svgwma-kopa-02 postfix/trivial-rewrite[18418]: warning: hash:/etc/kopano/postfix/sender_relay lookup error for "XXXXX@hotmail.com"
May 25 15:52:24 svgwma-kopa-02 postfix/trivial-rewrite[18418]: warning: sender_dependent_relayhost_maps lookup failure
May 25 15:52:24 svgwma-kopa-02 postfix/smtpd[18415]: NOQUEUE: reject: RCPT from localhost6.localdomain6[::1]: 451 4.3.0 <XXXX@XXXXXX.ch>: Temporary look$
May 25 15:52:24 svgwma-kopa-02 postfix/trivial-rewrite[18418]: warning: hash:/etc/kopano/postfix/sender_relay is unavailable. open database /etc/kopano/postfix/s$
May 25 15:52:24 svgwma-kopa-02 postfix/trivial-rewrite[18418]: warning: hash:/etc/kopano/postfix/sender_relay lookup error for ""<>""