LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
LinkBack Search this Thread
Old 03-30-2009, 07:36 PM   #1
RealMadrid2727
LQ Newbie
 
Registered: May 2005
Location: Madrid, ES
Posts: 7

Rep: Reputation: 0
Getting a Postfix mail server working properly on Ubuntu


Hi everyone.

I'm relatively new to Linux with some experience in UNIX (Darwin/OS X and Solaris) and I'm trying to get a mail server running on Ubuntu 8.04 to send out emails from my web apps. Right now my focus is on actually SENDING mail, I'll worry about receiving properly when that matters to me.

These apps in question (Rails apps) were on Solaris before, hosted on Joyent, and mail seemed to just work out of the box. Since I've never actually set up a mail server, I looked for a good guide and found one here:

https://help.ubuntu.com/8.04/serverguide/C/postfix.html

I followed it down to the letter, obviously only changing things like IP and domain names.

Doing checks with http://www.mxtoolbox.com/ shows there are no issues, I have MX setup, RDNS, etc.

The problem is I can't get any mail sent out. This is a quick snippet of the mail.info logs found in /var/log

Code:
Mar 30 10:21:31 vn1111 postfix/smtp[28169]: connect to iname-com.mr.outblaze.com[208.36.123.59]:25: Connection timed out
Mar 30 10:21:31 vn1111 postfix/smtp[28167]: connect to c.mx.mail.yahoo.com[216.39.53.2]:25: Connection timed out
Mar 30 10:21:31 vn1111 postfix/smtp[28165]: connect to e.mx.mail.yahoo.com[216.39.53.1]:25: Connection timed out
Mar 30 10:22:01 vn1111 postfix/smtp[28164]: connect to mx3.hotmail.com[65.54.245.72]:25: Connection timed out
Mar 30 10:22:01 vn1111 postfix/smtp[28169]: connect to iname-com.mr.outblaze.com[208.36.123.55]:25: Connection timed out
Lots of those, different domains, etc. If I do a telnet like the guide says and everything checks out fine. I can also send an email to root@mydomain.com and receive that message, so I really don't think it's Postfix failing, it seems to be "fine."

This is on a dedicated server, not a home thing with an ISP that likes to block/filter SMTP ports so that's not the culprit..

Anyone have any ideas? Thanks in advance, I've been Googling for hours.
 
Old 03-31-2009, 10:28 AM   #2
archangel_617b
Member
 
Registered: Sep 2003
Location: GMT -08:00
Distribution: Ubuntu, RHEL/CentOS, Fedora
Posts: 234

Rep: Reputation: 42
Can you maybe just tcpdump a test and see if it looks sane? Something like "tcpdump port 25" and then try sending another email.

- Arch
 
Old 03-31-2009, 11:20 AM   #3
RealMadrid2727
LQ Newbie
 
Registered: May 2005
Location: Madrid, ES
Posts: 7

Original Poster
Rep: Reputation: 0
Short sample of the output form tcpdump:

Code:
12:18:44.940379 IP vn1111.fireboxhosting.com.49115 > mail.hotmail.com.smtp: S 329455344:329455344(0) win 5840 <mss 1460,sackOK,timestamp 48015 0,nop,wscale 7>
12:18:44.947880 IP vn1111.fireboxhosting.com.39653 > de.mx.aol.com.smtp: S 323782023:323782023(0) win 5840 <mss 1460,sackOK,timestamp 48016 0,nop,wscale 7>
12:18:44.959030 IP vn1111.fireboxhosting.com.43204 > smtp-mx005.me.com.smtp: S 323207988:323207988(0) win 5840 <mss 1460,sackOK,timestamp 48017 0,nop,wscale 7>
12:18:45.030393 IP vn1111.fireboxhosting.com.44700 > mta-v14.mail.vip.re4.yahoo.com.smtp: S 331984661:331984661(0) win 5840 <mss 1460,sackOK,timestamp 48024 0,nop,wscale 7>
12:18:45.060389 IP vn1111.fireboxhosting.com.44287 > mta-v8.mail.vip.mud.yahoo.com.smtp: S 328104472:328104472(0) win 5840 <mss 1460,sackOK,timestamp 48027 0,nop,wscale 7>
12:18:45.060404 IP vn1111.fireboxhosting.com.46771 > mta-v1.mail.vip.ac4.yahoo.com.smtp: S 325889141:325889141(0) win 5840 <mss 1460,sackOK,timestamp 48027 0,nop,wscale 7>
Looks sane, no?
 
Old 03-31-2009, 11:54 AM   #4
archangel_617b
Member
 
Registered: Sep 2003
Location: GMT -08:00
Distribution: Ubuntu, RHEL/CentOS, Fedora
Posts: 234

Rep: Reputation: 42
Quote:
Originally Posted by RealMadrid2727 View Post
Short sample of the output form tcpdump:

Code:
12:18:44.940379 IP vn1111.fireboxhosting.com.49115 > mail.hotmail.com.smtp: S 329455344:329455344(0) win 5840 <mss 1460,sackOK,timestamp 48015 0,nop,wscale 7>
12:18:44.947880 IP vn1111.fireboxhosting.com.39653 > de.mx.aol.com.smtp: S 323782023:323782023(0) win 5840 <mss 1460,sackOK,timestamp 48016 0,nop,wscale 7>
12:18:44.959030 IP vn1111.fireboxhosting.com.43204 > smtp-mx005.me.com.smtp: S 323207988:323207988(0) win 5840 <mss 1460,sackOK,timestamp 48017 0,nop,wscale 7>
12:18:45.030393 IP vn1111.fireboxhosting.com.44700 > mta-v14.mail.vip.re4.yahoo.com.smtp: S 331984661:331984661(0) win 5840 <mss 1460,sackOK,timestamp 48024 0,nop,wscale 7>
12:18:45.060389 IP vn1111.fireboxhosting.com.44287 > mta-v8.mail.vip.mud.yahoo.com.smtp: S 328104472:328104472(0) win 5840 <mss 1460,sackOK,timestamp 48027 0,nop,wscale 7>
12:18:45.060404 IP vn1111.fireboxhosting.com.46771 > mta-v1.mail.vip.ac4.yahoo.com.smtp: S 325889141:325889141(0) win 5840 <mss 1460,sackOK,timestamp 48027 0,nop,wscale 7>
Looks sane, no?
You're not getting a SYNACK back so you're not even establishing a TCP connection to those hosts, much less an SMTP connection. This looks like a network layer issue. You said you can do a telnet session with these hosts though, right? Can you tcpdump a telnet session and we can compare it with what you captured with postfix?

- Arch
 
Old 03-31-2009, 12:23 PM   #5
RealMadrid2727
LQ Newbie
 
Registered: May 2005
Location: Madrid, ES
Posts: 7

Original Poster
Rep: Reputation: 0
Hmm, I can't telnet to any of those from the server in question. I can do it from my local computer though, but not from the server with the problem. Also I did the tcpdump again with the -v option real fast:

Code:
# tcpdump port 25 -v
tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
13:20:47.879133 IP (tos 0x0, ttl 64, id 46572, offset 0, flags [DF], proto TCP (6), length 60) vn1111.fireboxhosting.com.36569 > wa-in-f27.google.com.smtp: S, cksum 0x34c1 (correct), 3049247675:3049247675(0) win 5840 <mss 1460,sackOK,timestamp 420309 0,nop,wscale 7>
13:20:47.886638 IP (tos 0x0, ttl 64, id 25648, offset 0, flags [DF], proto TCP (6), length 60) vn1111.fireboxhosting.com.36570 > wa-in-f27.google.com.smtp: S, cksum 0x056a (correct), 3058958972:3058958972(0) win 5840 <mss 1460,sackOK,timestamp 420310 0,nop,wscale 7>
13:20:59.879133 IP (tos 0x0, ttl 64, id 46573, offset 0, flags [DF], proto TCP (6), length 60) vn1111.fireboxhosting.com.36569 > wa-in-f27.google.com.smtp: S, cksum 0x3011 (correct), 3049247675:3049247675(0) win 5840 <mss 1460,sackOK,timestamp 421509 0,nop,wscale 7>
13:20:59.886637 IP (tos 0x0, ttl 64, id 25649, offset 0, flags [DF], proto TCP (6), length 60) vn1111.fireboxhosting.com.36570 > wa-in-f27.google.com.smtp: S, cksum 0x00ba (correct), 3058958972:3058958972(0) win 5840 <mss 1460,sackOK,timestamp 421510 0,nop,wscale 7>
^C
4 packets captured
4 packets received by filter
0 packets dropped by kernel
Since I can't telnet to those and that seems to be the problem, do you know what the solution is? I'm really hoping it's a "oh that's easy! Just type X command and you're good to go!"

But we all know it's never that easy :-P
 
Old 03-31-2009, 01:01 PM   #6
archangel_617b
Member
 
Registered: Sep 2003
Location: GMT -08:00
Distribution: Ubuntu, RHEL/CentOS, Fedora
Posts: 234

Rep: Reputation: 42
Quote:
Originally Posted by RealMadrid2727 View Post
But we all know it's never that easy :-P
Ain't that the truth :P

Okay, so you've got some network layer problem. Either network connectivity or a firewall.

Test network connectivity for that system. I am guessing you're connecting to this system remotely so it should be okay. But can you please confirm? Ping the default gateway for that system, the DNS servers, and some random host Online (the OpenDNS servers are usually good for me: 208.67.222.222 and 208.67.220.220).

Assuming that's fine, I think we can assume this is a firewall problem. Check that host's firewall first:

Code:
iptables -L -v
If that looks okay, I think it's probably your hosts or their service provider that is giving you grief so it's probably best at that point to raise the issue with them.

You can try generating smtp packets to see just which hop is dropping them with a utility like "hping". It's been a few years since I've had to use that though.

- Arch
 
Old 03-31-2009, 01:10 PM   #7
RealMadrid2727
LQ Newbie
 
Registered: May 2005
Location: Madrid, ES
Posts: 7

Original Poster
Rep: Reputation: 0
Thanks for the reply, archangel.

A few things:

I'm doing all of this from a Mac connected to the same network as the machine in question (in the datacenter) so I don't think it's something inherently wrong with the network, just with my abilities to pull this off without a hitch. The Mac itself (which I'm using to connect via SSH to the Ubuntu server) can do it all fine, I can send out test emails from there.

Here's the IPTables output:

Code:
# iptables -L -v
Chain INPUT (policy ACCEPT 86083 packets, 7967K bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain OUTPUT (policy ACCEPT 133K packets, 170M bytes)
 pkts bytes target     prot opt in     out     source               destination
Pings are fine, connecting to the machine via SSH remotely is fine, I can telnet localhost 25 and ehlo fine.

Last edited by RealMadrid2727; 03-31-2009 at 01:11 PM.
 
Old 03-31-2009, 03:16 PM   #8
archangel_617b
Member
 
Registered: Sep 2003
Location: GMT -08:00
Distribution: Ubuntu, RHEL/CentOS, Fedora
Posts: 234

Rep: Reputation: 42
All looks and sounds sane to me. This is usually a trivial setup. What about trying to connect to other mail systems? Try Google and a couple others, maybe it is just a coincidence the three networks you've tried aren't working for you ...

Other than that, not too sure. This is normally a pretty trivial setup...

- Arch
 
Old 03-31-2009, 03:46 PM   #9
RealMadrid2727
LQ Newbie
 
Registered: May 2005
Location: Madrid, ES
Posts: 7

Original Poster
Rep: Reputation: 0
Tried using Sendmail and Citadel instead of Postfix, just for posterity.

Fail.

It's definitely the fact that I can't connect to anything via port 25, no idea why. No other ideas?
 
Old 03-31-2009, 05:57 PM   #10
archangel_617b
Member
 
Registered: Sep 2003
Location: GMT -08:00
Distribution: Ubuntu, RHEL/CentOS, Fedora
Posts: 234

Rep: Reputation: 42
Quote:
Originally Posted by RealMadrid2727 View Post
Tried using Sendmail and Citadel instead of Postfix, just for posterity.

Fail.

It's definitely the fact that I can't connect to anything via port 25, no idea why. No other ideas?
Well, you can try using hping to see how far port 25 packets go. Or you can try setting up another mail server within the same network and see if the two systems can exchange mail.

- Arch
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Postfix,Open web mail Mail Server Hostname /FQDN Porblem farrukhndm Linux - Server 7 02-18-2009 06:35 PM
Ubuntu server with postfix. My mail goes to Spam in Gmail and Yahoo Mail. Ideeas? bob808 Linux - Server 4 02-07-2009 04:11 PM
LXer: Debian Mail Server Setup with Postfix + Dovecot + SASL + Squirrel Mail LXer Syndicated Linux News 0 03-12-2008 10:50 PM
My Mail Server - Ubuntu + Postfix and more.. TechMansoor Linux - Software 1 12-19-2006 05:45 PM
Postfix mail server not accepting incoming mail from the external interface rexmundi Linux - Networking 7 12-22-2003 03:41 PM


All times are GMT -5. The time now is 02:47 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration