Problems with Postfix accepting outside mail.
 

CentOS 5.6 fresh install of Virtualmin for web hosting virtual sites. You can email out just find. You can also use a pop3/IMAP client and the server can accept email. If you telnet to port 25, you can send email to. But if you just open up a new email using gmail for example and send an email to a valid receipt on the server. It never appears and so far nothing even has come back. I have made sure in postfix that it is listening on all interfaces and that $mydestination is set. Any ideas why it isn't accepting email from external sources? My ISP isn't blocking, iptables is disabled. When using pingability.com it says

Error There was a problem while talking with the mail server. Got 'ConnectException: Connection refused' You can telnet to is like I said and send email to a user on the server that way.

I work for an ISP and we just blocked port 25 due to machines being exploited with trojans/viruses and they turn into spambots.

You may want to double check to be sure.

You are running Postfix/dovecot correct?

www.mxtoolbox.com
has tools to check as well

Do you have mx records for your domain, if not you need to setup MX records (mail exchanger) if it is your server in bind. Once set up you should be able to issue the commands like dig.

dig mx yourdomain.com

;; ANSWER SECTION:
youdomain.com 1800 IN MX 10 name.yourmailserver.com

nslookup -q=mx yourdomain.com

yourdomain mail exchanger = 10 name.yourmailserver.com

10 is the weight if you are just running your 1 server you only need one entry

if you need help with a zone file I can assist with bind.

do you have your dns setup?

can you telnet name.yourmailserver.com 25
helo servername.com
ect..

telnet name.yourmailserver.com 143 (imap)

01 login username password
02 list
03 select inbox
04 logout

Yes I have my own servers. They are setup in a Slave Cluster.

what are your results from www.mxtoolbox.com ?

does it give back the correct responses?

also there is a diag tab as well

post the results

thanks

220 host3.xxx.xxx.xxx.xxx.net ESMTP Postfix

OK - xxx.xxx.xxx.xxx resolves to host3.xxx.xxx.xxx.xxx.net
OK - Reverse DNS matches SMTP Banner
0 seconds - Good on Connection time
Not an open relay.
0.234 seconds - Good on Transaction time

Session Transcript:
HELO please-read-policy.mxtoolbox.com
250 host3.xxx.xxx.xxx.xx.net [16 ms]
MAIL FROM: <supertool@mxtoolbox.com>
250 2.1.0 Ok [31 ms]
RCPT TO: <test@example.com>
554 5.7.1 <test@example.com>: Relay access denied [16 ms]
QUIT
221 2.0.0 Bye [31 ms]
dns lookup ns lookup mx lookup whois lookup

Reported by mxtoolbox.com on Friday, May 20, 2011 at 9:18:34 PM (GMT-5) (History)

It must be somewhere else.

That looks perfect to me, dns/rnds response time is great.

Not an open-relay all great.


What do your logs say, open up a console and send some test emails to google/yahoo and other domains.

I would be curious to see the transaction leaving the server.

Your isp is not blocking 25, going out from your server or do you have a static ip?

Do you have wireshark installed on your server, it may not be a bad idea to see the traffic.

If you have X windows installed, you can install gnome-wireshark for the graphical frontend.

Log in with -X @ server

It sends out email great from all the virtual sites. Now I haven't used wireshark before. I will have to check and see what that is. The logs aren't giving me any others either. This is a new release of the virtualmin GPL. I wonder if there is something going on in the packages. I can telnet in send and email send ehlo There is got to be something that must be right in my face that I am not seeing.

I would recommend install the yum -y groupinstall "X Window System" and then running and installing wireshark & gnome-wireshark.

It will bring the tool and click on interface and it will show all of the traffic.

Tons of options, but this will help shed some light I think.

Wireshark has saved a lot of time at work on things that were blamed on a 'server' and it was related to a network problem.

awsome thanks. I installed it on my windows machine and I see. Very nice. You could do some damage with this too. Thanks for the help. I will post what I find. I searched hours before I posted about it. A lot of folks asking on virtualmins site without answers.

Before going that route have you tried checking the logs on your mail server while trying to send a mail? You should do something like:

And then go to some external account (Yahoo, Gmail, etc.) and try to send a mail to yourself. You should see new log entries flow in letting you know a remote server connected with mail for some user. You will then either see a delivery message or a failure message, either way it will help track down the problem. If you see no log entries at all that means something is blocking SMTP traffic before it hits your server, but since you were able to test externally and the results matched your expected domain that is not likely to be an issue.

Checking the logs as ComputerErik suggests will tell you the next steps to take. If it says that your messages are getting delivered, but you are not seeing them appear you need to investigate the delivery means. Postfix has a pretty complex delivery system, governed by the daemons in master.cf. It supports both mailbox and maildir formats, along with delivery to shell account holders and virtual users. It's default behavior is to deliver to account holders in the their account mailbox, in which case mail would probably not (unless you specifically told it to look there) appear in your POP/IMAP system.

When I monitor it, It would look like it is a firewall issue. But, when doing an external test tools, they look great. I think I a going to relax a little blaming it on the server. I am going to end up have the configuration so messed up it will be relaying email the BFE then I will be up crude creek lol. Just a joke. Although this is a high end ISP and they have repeatedly said they are not block port 25 something in NAT must being dropping it possibly in the modem. I need to try and monitor the modem's wan port to see traffic or whats going on there. Unfortunately my gateway doesn't have SNMP capabilities which I can't imagine why it doesn't. I will report back on my findings.

I would be curious to know what you find, diagnosing email is complicated and with email it is always something.

I sure will. I am keeping notes as to what I am doing. I am thinking about just doing to obvious and re-install all the packages and see what happens.