Okay, so here's the problem. I'm running Suse 9.1 with Postfix as my SMTP server. I can send email through it using a webmail interface, which connects to the SMTP server locally. But when trying to use an email client remotely, it refuses the connection. I have gone through the logs and can't seem to put my finger on the what the problem is. Here is a copy from one of the users logs, and a copy of the postfix.cf file.

mail:/ # postconf -n
alias_maps = hash:/etc/aliases
canonical_maps = hash:/etc/postfix/canonical
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/lib/postfix
debug_peer_level = 2
defer_transports =
disable_dns_lookups = no
mail_spool_directory = /var/mail
mailbox_command =
mailbox_size_limit = 50000000
mailbox_transport =
mailq_path = /usr/bin/mailq
manpage_directory = /usr/share/man
masquerade_classes = envelope_sender, header_sender, header_recipient
masquerade_domains =
masquerade_exceptions = root
message_size_limit = 10004800
mydestination = mail.telcowiring.com, telcowiring.com, flyingdogstudios.com, sonshineauto.com, craig-co.com, mail.safps.com, safps.com, daycoheating.com, mail.daycoheating.com
myhostname = mail.telcowiring.com
mynetworks = 127.0.0.0/8, 64.184.156.0/24, 66.119.205.0/24, 64.146.249.0/24, 64.184.132.0/24, 192.168.222.0/24, 192.168.2.0/24
newaliases_path = /usr/bin/newaliases
readme_directory = /usr/share/doc/packages/postfix/README_FILES
relocated_maps = hash:/etc/postfix/relocated
sample_directory = /usr/share/doc/packages/postfix/samples
sender_canonical_maps = hash:/etc/postfix/sender_canonical
sendmail_path = /usr/sbin/sendmail
setgid_group = maildrop
smtp_sasl_auth_enable = no
smtp_use_tls = no
smtpd_client_restrictions = permit_mynetworks
smtpd_helo_required = no
smtpd_helo_restrictions =
smtpd_recipient_restrictions = permit_mynetworks,reject_unauth_destination
smtpd_sasl_auth_enable = no
smtpd_sender_restrictions = hash:/etc/postfix/access
smtpd_use_tls = no
strict_rfc821_envelopes = no
transport_maps = hash:/etc/postfix/transport
unknown_local_recipient_reject_code = 450


Feb 19 15:44:24 mail imapd[14007]: Login user=kipp host=localhost [127.0.0.1]
Feb 19 15:44:24 mail imapd[14007]: Logout user=kipp host=localhost [127.0.0.1]
Feb 19 15:54:09 mail imapd[14463]: Authenticated user=kipp host=[64.146.249.50]
Feb 19 15:55:12 mail postfix/qmgr[14765]: 0AE9C1F4FF: skipped, still being delivered
Feb 19 15:55:12 mail postfix/qmgr[14765]: 18B8D26150: skipped, still being delivered
Feb 19 15:55:12 mail postfix/qmgr[14765]: 4A7AB26151: skipped, still being delivered
Feb 19 15:55:12 mail postfix/qmgr[14765]: 4D99426152: skipped, still being delivered
Feb 19 15:55:12 mail postfix/qmgr[14765]: 7229426153: skipped, still being delivered
Feb 19 15:55:12 mail postfix/qmgr[14765]: D99DB2614E: skipped, still being delivered
Feb 19 15:55:40 mail postfix/smtpd[14855]: connect from skippernight.com[209.51.181.132]
Feb 19 15:55:40 mail postfix/smtpd[14855]: AF87826140: client=skippernight.com[209.51.181.132]
Feb 19 15:55:40 mail postfix/cleanup[14879]: AF87826140: message-id=<1434062974.1171929163536.excwscqgdw.czdztsusesu@skippernight.com.3238670>
Feb 19 15:55:41 mail postfix/qmgr[14846]: AF87826140: from=<excwscqgdw.czdztsusesu@skippernight.com>, size=6198, nrcpt=1 (queue active)
Feb 19 15:55:41 mail amavis[14284]: (14284-09) ESMTP::10024 /var/spool/amavis/amavis-20070219T155225-14284: <excwscqgdw.czdztsusesu@skippernight.com> -> <jcl-59@telcowiring.com> Received: SIZE=6198 from mail.telcowiring.com ([127.0.0.1]) by localhost (mail [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 14284-09 for <jcl-59@telcowiring.com>; Mon, 19 Feb 2007 15:55:41 -0800 (PST)
Feb 19 15:55:41 mail amavis[14284]: (14284-09) Checking: <excwscqgdw.czdztsusesu@skippernight.com> -> <jcl-59@telcowiring.com>
Feb 19 15:55:41 mail amavis[14284]: (14284-09) FWD via SMTP: [127.0.0.1]:10025 <excwscqgdw.czdztsusesu@skippernight.com> -> <jcl-59@telcowiring.com>
Feb 19 15:55:41 mail postfix/cleanup[14879]: CE6BF26141: message-id=<1434062974.1171929163536.excwscqgdw.czdztsusesu@skippernight.com.3238670>
Feb 19 15:55:41 mail postfix/qmgr[14846]: CE6BF26141: from=<excwscqgdw.czdztsusesu@skippernight.com>, size=6637, nrcpt=1 (queue active)
Feb 19 15:55:41 mail amavis[14284]: (14284-09) Passed, <excwscqgdw.czdztsusesu@skippernight.com> -> <jcl-59@telcowiring.com>, Message-ID: <1434062974.1171929163536.excwscqgdw.czdztsusesu@skippernight.com.3238670>, Hits: 2.178
Feb 19 15:55:46 mail postfix/smtpd[14855]: disconnect from skippernight.com[209.51.181.132]
Feb 19 15:56:00 mail postfix/qmgr[14846]: 4A75425FEB: from=<kipp_hudson@hotmail.com>, size=1274, nrcpt=1 (queue active)
Feb 19 15:56:00 mail amavis[14319]: (14319-10) ESMTP::10024 /var/spool/amavis/amavis-20070219T155236-14319: <kipp_hudson@hotmail.com> -> <kipp@telcowiring.com> Received: SIZE=1274 from mail.telcowiring.com ([127.0.0.1]) by localhost (mail [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 14319-10 for <kipp@telcowiring.com>; Mon, 19 Feb 2007 15:56:00 -0800 (PST)
Feb 19 15:56:00 mail amavis[14319]: (14319-10) Checking: <kipp_hudson@hotmail.com> -> <kipp@telcowiring.com>
Feb 19 15:56:00 mail amavis[14319]: (14319-10) FWD via SMTP: [127.0.0.1]:10025 <kipp_hudson@hotmail.com> -> <kipp@telcowiring.com>
Feb 19 15:56:01 mail postfix/qmgr[14846]: EFB6A260B7: from=<kipp_hudson@hotmail.com>, size=1707, nrcpt=1 (queue active)
Feb 19 15:56:01 mail amavis[14319]: (14319-10) Passed, <kipp_hudson@hotmail.com> -> <kipp@telcowiring.com>, Message-ID: <BAY130-F150BABE952016FF7FEBE3E998A0@phx.gbl>, Hits: -2.076
Feb 19 15:56:01 mail postfix/smtp[14898]: 4A75425FEB: to=<kipp@telcowiring.com>, relay=localhost[127.0.0.1], delay=1, status=sent (250 2.6.0 Ok, id=14319-10, from MTA: 250 Ok: queued as EFB6A260B7)
Feb 19 15:56:01 mail postfix/local[14866]: EFB6A260B7: to=<kipp@telcowiring.com>, relay=local, delay=1, status=sent (delivered to mailbox)
Feb 19 15:56:03 mail postfix/qmgr[14963]: 58E8B25EED: skipped, still being delivered
Feb 19 16:01:56 mail imapd[15663]: Login user=kipp host=localhost [127.0.0.1]
Feb 19 16:01:56 mail imapd[15663]: Logout user=kipp host=localhost [127.0.0.1]
Feb 19 16:01:58 mail imapd[15664]: Login user=kipp host=localhost [127.0.0.1]
Feb 19 16:01:58 mail imapd[14463]: Killed (lost mailbox lock) user=kipp host=[64.146.249.50]
Feb 19 16:01:59 mail imapd[15664]: Logout user=kipp host=localhost [127.0.0.1]
Feb 19 16:04:09 mail imapd[15701]: Authenticated user=kipp host=[64.146.249.50]
Feb 19 16:14:10 mail imapd[16606]: Authenticated user=kipp host=[64.146.249.50]
Feb 19 16:14:10 mail imapd[15701]: Killed (lost mailbox lock) user=kipp host=[64.146.249.50]
Feb 19 16:22:01 mail imapd[17531]: Login user=kipp host=localhost [127.0.0.1]
Feb 19 16:22:01 mail imapd[17531]: Logout user=kipp host=localhost [127.0.0.1]
Feb 19 16:22:01 mail imapd[17532]: Login user=kipp host=localhost [127.0.0.1]
Feb 19 16:22:01 mail imapd[17532]: Logout user=kipp host=localhost [127.0.0.1]
Feb 19 16:22:01 mail imapd[17533]: Login user=kipp host=localhost [127.0.0.1]
Feb 19 16:22:01 mail imapd[17533]: Logout user=kipp host=localhost [127.0.0.1]

I must be overlooking where the remote SMTP connection from kipp@telco... is happening. If it's not there, that means the remote client is not actually connecting to the server. The IMAP lines do not count, of course, since that's not SMTP.

Most likely it's a port 25 blocking issue with the remote ISP since many (most?) major ISPs allow port 25 only to their own servers to mitigate spambots. I had this problem, too, which is why it's familiar. Test it with some sort of port scanner, perhaps.

Solutions include having the remote client send through the ISPs servers, or using the submission port (487) for smtp connections. I opted for the former, but the option of using the submission port looks like a good choice.

There's always the possibility of the problem being firewall related, but default configs seem to leave the port 25 hole open. Anyway, it looks like hotmail and others can connect.

The postfix-users mailing list can provide a wealth of information and help.

One thing that I did not mention that I should have, now that I think about it, is that we get a lot of remote connection attempts from the outside. We have a handful of subnets that are allowed to connect, but when they attempt to, the server doesn't even respond (as you saw from the log). However, everyone else from the outside can establish a connection, but because they aren't on the access list, they are rejected. Here's a post of the logs which shows all of the connection attempts.

Feb 19 17:03:26 mail postfix/smtpd[19002]: connect from 216-154-19-229.dsl.look.ca[216.154.19.229]
Feb 19 17:03:26 mail postfix/smtpd[19002]: lost connection after CONNECT from 216-154-19-229.dsl.look.ca[216.154.19.229]
Feb 19 17:03:26 mail postfix/smtpd[19002]: disconnect from 216-154-19-229.dsl.look.ca[216.154.19.229]
Feb 19 17:03:26 mail postfix/smtpd[19002]: connect from unknown[194.38.150.192]
Feb 19 17:03:26 mail postfix/smtpd[19002]: lost connection after CONNECT from unknown[194.38.150.192]
Feb 19 17:03:26 mail postfix/smtpd[19002]: disconnect from unknown[194.38.150.192]
Feb 19 17:03:26 mail postfix/smtpd[19002]: warning: smtpd_peer_init: 165.252.39.2: hostname 165-252-39-2.lakecountypartners.com verification failed: Name or service not known
Feb 19 17:03:26 mail postfix/smtpd[19002]: connect from unknown[165.252.39.2]
Feb 19 17:03:26 mail postfix/smtpd[19002]: NOQUEUE: reject: RCPT from unknown[165.252.39.2]: 450 <fortelcowiringnav@telcowiring.com>: Recipient address rejected: User unknown in local recipient table; from=<> to=<fortelcowiringnav@telcowiring.com> proto=ESMTP helo=<lcp-dc-ex1.LCP.LOCAL>
Feb 19 17:03:26 mail postfix/smtpd[19002]: disconnect from unknown[165.252.39.2]
Feb 19 17:03:27 mail postfix/smtpd[19002]: connect from 201-213-13-137.net.prima.net.ar[201.213.13.137]
Feb 19 17:03:27 mail postfix/smtpd[19002]: lost connection after CONNECT from 201-213-13-137.net.prima.net.ar[201.213.13.137]
Feb 19 17:03:27 mail postfix/smtpd[19002]: disconnect from 201-213-13-137.net.prima.net.ar[201.213.13.137]
Feb 19 17:03:27 mail postfix/smtpd[19002]: connect from 107.63-199-71.atginternet.com[63.199.71.107]
Feb 19 17:03:27 mail postfix/smtpd[19002]: NOQUEUE: reject: RCPT from 107.63-199-71.atginternet.com[63.199.71.107]: 450 <fortelcowiringnav@telcowiring.com>: Recipient address rejected: User unknown in local recipient table; from=<> to=<fortelcowiringnav@telcowiring.com> proto=ESMTP helo=<Primary01.appraisals.local>
Feb 19 17:03:27 mail postfix/smtpd[19002]: disconnect from 107.63-199-71.atginternet.com[63.199.71.107]
Feb 19 17:03:27 mail postfix/smtpd[19002]: connect from unknown[194.38.150.192]
Feb 19 17:03:27 mail postfix/smtpd[19002]: lost connection after CONNECT from unknown[194.38.150.192]
Feb 19 17:03:27 mail postfix/smtpd[19002]: disconnect from unknown[194.38.150.192]
Feb 19 17:03:28 mail postfix/smtpd[19002]: connect from eth15379.sa.adsl.internode.on.net[150.101.73.18]
Feb 19 17:03:28 mail postfix/smtpd[19002]: NOQUEUE: reject: RCPT from eth15379.sa.adsl.internode.on.net[150.101.73.18]: 450 <fortelcowiringnav@telcowiring.com>: Recipient address rejected: User unknown in local recipient table; from=<> to=<fortelcowiringnav@telcowiring.com> proto=ESMTP helo=<mmadex01.Micromet.local>
Feb 19 17:03:28 mail postfix/smtpd[18869]: connect from imf02aec.mail.bellsouth.net[205.152.59.50]
Feb 19 17:03:29 mail postfix/smtpd[19002]: disconnect from eth15379.sa.adsl.internode.on.net[150.101.73.18]
Feb 19 17:03:29 mail postfix/smtpd[19002]: connect from mail1.stis.net[63.209.149.27]
Feb 19 17:03:30 mail postfix/smtpd[19002]: NOQUEUE: reject: RCPT from mail1.stis.net[63.209.149.27]: 450 <fortelcowiringnav@telcowiring.com>: Recipient address rejected: User unknown in local recipient table; from=<> to=<fortelcowiringnav@telcowiring.com> proto=ESMTP helo=<mail1.stis.net>
Feb 19 17:03:30 mail postfix/smtpd[19002]: disconnect from mail1.stis.net[63.209.149.27]
Feb 19 17:03:30 mail postfix/smtpd[19002]: connect from mp-avgate1.mpsv.cz[80.95.254.27]
Feb 19 17:03:30 mail postfix/smtpd[19002]: lost connection after CONNECT from mp-avgate1.mpsv.cz[80.95.254.27]
Feb 19 17:03:30 mail postfix/smtpd[19002]: disconnect from mp-avgate1.mpsv.cz[80.95.254.27]
Feb 19 17:03:30 mail postfix/smtpd[19002]: connect from mail.oos-hosting.net[62.219.19.49]
Feb 19 17:03:31 mail postfix/smtpd[19002]: NOQUEUE: reject: RCPT from mail.oos-hosting.net[62.219.19.49]: 450 <fortelcowiringnav@telcowiring.com>: Recipient address rejected: User unknown in local recipient table; from=<> to=<fortelcowiringnav@telcowiring.com> proto=SMTP helo=<mail.oos-hosting.net>
Feb 19 17:03:31 mail postfix/smtpd[19002]: disconnect from mail.oos-hosting.net[62.219.19.49]
Feb 19 17:03:32 mail postfix/smtpd[19002]: connect from hoefnix.telenet-ops.be[195.130.132.54]
Feb 19 17:03:32 mail postfix/smtpd[19002]: NOQUEUE: reject: RCPT from hoefnix.telenet-ops.be[195.130.132.54]: 450 <fortelcowiringnav@telcowiring.com>: Recipient address rejected: User unknown in local recipient table; from=<> to=<fortelcowiringnav@telcowiring.com> proto=ESMTP helo=<hoefnix.telenet-ops.be>
Feb 19 17:03:32 mail postfix/smtpd[19002]: disconnect from hoefnix.telenet-ops.be[195.130.132.54]
Feb 19 17:03:33 mail postfix/smtpd[19002]: connect from mta2.service.potterybarn.com[207.13.196.159]
Feb 19 17:03:33 mail postfix/smtpd[19002]: disconnect from mta2.service.potterybarn.com[207.13.196.159]
Feb 19 17:03:33 mail postfix/smtpd[19002]: connect from dts1.dt.easylink.com[165.251.64.20]
Feb 19 17:03:40 mail postfix/smtpd[19002]: NOQUEUE: reject: RCPT from dts1.dt.easylink.com[165.251.64.20]: 450 <fortelcowiringnav@telcowiring.com>: Recipient address rejected: User unknown in local recipient table; from=<> to=<fortelcowiringnav@telcowiring.com> proto=ESMTP helo=<ohs1.oh.easylink.com>
Feb 19 17:03:43 mail ipop3d[19006]: pop3 service init from 64.146.249.51
Feb 19 17:03:43 mail ipop3d[19006]: Login user=jfrancis host=[64.146.249.51] nmsgs=2/2

That's what I was getting at before. If there's no connection attempt from your remote user in the postfix logs, then that connection never happened, so Postfix isn't at fault.

Thanks for the replies Toes, I figured out what the problem was. Postfix was getting connections, in fact, way too many of them. I had to raise the limit of processes that postfix and the smtp services could make above what they were set at. This fixed the problem. Thank you for taking the time to reply to my posts Toes!

How odd. Glad you figured it out.

By the way, you may want to implement some extra restrictions so that you keep as much garbage out of the queue as possible and keep yourself from being a backscatter source. I used this as a starting point and have customized from there.

And again, I'd recommend the postfix-users mailing list. There are many helpful people there... and some not-so-helpful... but good info there.