Opened 3 months ago

Closed 4 weeks ago

#14357 closed Bug/Something is broken (fixed)

Cannot receive e-mail at addresses

Reported by: Owned by:
Priority: High Component: Tech
Keywords: email, subdomain Cc: chris@…, david@…,
Sensitive: no


Currently we only have redirect addresses configured for

We receive this back:

This is the mail system at host

I'm sorry to have to inform you that your message could not be delivered to one or more recipients. It's attached below.

For further assistance, please send mail to postmaster.

If you do so, please include this problem report. You can delete your own text from the attached returned message.

abuse@…: host[] said: 550 5.1.1 abuse@…: Recipient address rejected: User unknown in virtual alias table (in reply to RCPT TO command)

Reporting-MTA: dns; X-Postfix-Queue-ID: 6EE4D5E9A X-Postfix-Sender: rfc822; ben@… Arrival-Date: Fri, 28 Dec 2018 16:16:39 -0500 (EST)

Final-Recipient: rfc822; abuse@… Original-Recipient: rfc822;abuse@… Action: failed Status: 5.1.1 Remote-MTA: dns; Diagnostic-Code: smtp; 550 5.1.1 abuse@…: Recipient address rejected: User unknown in virtual alias table

Right now is an optional subdomain under in May First's control panel. Not sure if that's part of the issue, but certainly we don't want to break anything that is doing currently in the process of getting e-mail addresses there able to work.

This is needed to move forward with #14184

Change History (15)

comment:1 Changed 3 months ago by

  • Cc added
  • Owner set to
  • Status changed from new to assigned

So first of all the double DNS listings for and probably has no bearing on this issue but I wanted to mention that internally in our puppet records the server hostname is morales and serve itself has its hostname set to morales which makes for a few minutes of confusion head scratching until I figure out where evo is every time. The relationship should be obvious but is easy to forget.

So when you set up the e-mail address aliases through the control those are added to postfix virtual alias maps for the hosting order server. For this happens automatically on mumia. But is set to deliver to (evo|morales) necessarily because your mailing list is there. But morales is not a mosh so I don't think the control panel can manipulate the postfix settings there. The cp probably shouldn't even let you attempt to create e-mail addresses for because of this. Copying jamie about that possible bug.

For now, the simplest workaround I can think of is manually adding the desired forwarding aliases yourself to postfix on morales. Check this section of the postfix guide.

comment:2 Changed 3 months ago by

Ahhhh, thank you. Was just coming back to note that was indeed working for Listserv addresses. That makes sense.

comment:3 Changed 3 months ago by

Thanks for the heads up. I think we should remove the dns entry entirely.

Unfortunately, the control panel is not smart enough to know whether an MX record is configured for a mosh or not so it isn't any easy fix to prevent that easy to make mistake. :(. I don't think i'll try to fix that but we should keep it in mind for the future control panel.

Given the integration between listserv and postfix on morales, I would advise against messing with those aliases if at all possible.

comment:4 Changed 3 months ago by

OK... well, I was already hesitant, now if *YOU* are hesitant...oh my!

The last suggestion we were given (in re: improving list serv deliverability), was to use the for everything coming from listserv, and apply DKIM/SPF/DMARC rules specifically at that level.

The existing tickets: (routing return path back to listserv for auto-deletes) and (DMARC - last comment specifically suggesting using the subdomain).

I wonder if it would be best to meet with/chat with you all quick to try hash out the best route to complete these few tickets. At the end of the day, we just want to make the Portside listserv work as well as possible.

comment:5 Changed 3 months ago by

  • Owner changed from to

We'll need jamie's input on those tickets.

comment:6 Changed 3 months ago by

I'm so sorry for sowing confusion by not considering the big picture when I responded!

I take back my original thoughts - I think we should create a alias for sending portside email. Perhaps just one that can live in /etc/aliases on morales - that forwards mail. Then, you can just use all the way through for sending the email, and you can then create a dmarc entry for

comment:7 Changed 3 months ago by

Hi Jamie,

I'm sorry to say that I am lost as to how to implement your suggestion. Could we possibly schedule some time with you to talk about this (big-picture and details)? I'm not against doing all we can ourselves, but it's beyond my personal understanding still.

Thanks, --Chris

comment:8 Changed 2 months ago by

No worries! And sorry for the slow response. Can this wait til next week? I'm leaving town tomorrow. Perhaps we could schedule a time next thurdsay afternoon - like 3:00 pm Eastern on January 16?

comment:9 Changed 2 months ago by

Hope you enjoy your time away.

Next Thu [note this is the 17th - I'm assuming the date rather than day is incorrect] at 3pm works for us. We can do Jitsi or Mumble - whatever you prefer.

Thank you!

comment:10 Changed 2 months ago by

Woops, yes I meant thursday, January 17 - let's plan for 3:00 pm at

comment:11 Changed 2 months ago by

I missed you! Maybe we can try to re-schedule? I can do wed or thu afternoon next week - same time.

comment:12 Changed 2 months ago by

Hello again - we're on for Thu @ 3p. Thank you.

(I did find there is an issue with my Calendar - the sync client is not pushing things from my primary system, which also seems to lose connection for the file sync client...research so far seems to indicate an attack throttling setting on recent Nextcloud version, but trying to get better logging)

comment:13 Changed 2 months ago by

Interesting that you have come across this now... I just spent several hours debugging a sync problem on my phone and came to a similar conclusion. When I switched from wifi to cell data is suddenly worked perfectly.

In any event... settled for 3:00 pm thu.

comment:14 Changed 2 months ago by

I don't mean to hijack this ticket but wanted to link to some new documentation I added on nextcloud on unbanning ips. If you ever get banned let us know and we can remove it!

comment:15 Changed 4 weeks ago by

  • Resolution set to fixed
  • Status changed from assigned to closed

We should be OK given the domains were not changed to

Reminder: evo == morales. It's fun to read of the initial headscratching when you can identify (have done the same).

Please login to add comments to this ticket.

Note: See TracTickets for help on using tickets.