LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 05-20-2006, 03:36 PM   #1
pdeman2
Member
 
Registered: Jul 2005
Location: Maine, USA
Distribution: OpenSUSE, Gentoo, Fedora, Ubuntu, Mandriva, others
Posts: 413

Rep: Reputation: 30
Mail server can no longer send mail.


I've been using Postfix as the MTA on my server for quite a while. I've never had a problem with it. I have it configured with Usermin so that I can use the web gui to read and send emails. I haven't changed anything in an configuration files since I last had it working. The server will still receive emails sent to it, but it can no longer send emails anywhere else.

What's going on here and how do I fix it?

Thanks.
 
Old 05-20-2006, 04:30 PM   #2
Xolo
Member
 
Registered: Jul 2004
Location: The Netherlands
Distribution: Mandrake, Knoppix, Coyote Linux, RedHat
Posts: 354
Blog Entries: 3

Rep: Reputation: 31
Check with your Internet provider to see if they have blocked/filtered the common SMTP ports. This is common (but misguided) practise amongst Internet providers to eliminate the possibility of people setting up spam relays on their network.
 
Old 05-20-2006, 09:51 PM   #3
pdeman2
Member
 
Registered: Jul 2005
Location: Maine, USA
Distribution: OpenSUSE, Gentoo, Fedora, Ubuntu, Mandriva, others
Posts: 413

Original Poster
Rep: Reputation: 30
That's what my first thought was, but I was really hoping that wouldn't be the case. I guess I'll have to contact my ISP.
 
Old 05-21-2006, 03:07 AM   #4
Xolo
Member
 
Registered: Jul 2004
Location: The Netherlands
Distribution: Mandrake, Knoppix, Coyote Linux, RedHat
Posts: 354
Blog Entries: 3

Rep: Reputation: 31
What I forgot to mention last night was you can also try testing for blockades yourself, by using Shields Up from GRC.com, also a nice tool for checking your own firewall.
But the only surefire way to determine blocked ports on the ISP side is by contacting them really, because if they use stealthing techniques it's pretty confusing to determine a true blockade without solid evidence.
My ISP filters all SMTP traffic, the only way I am able to send any mail is solely through their mailserver. Very inconveniant for accounts that won't accept foreign relays.

Last edited by Xolo; 05-21-2006 at 03:09 AM.
 
Old 05-21-2006, 10:13 AM   #5
pdeman2
Member
 
Registered: Jul 2005
Location: Maine, USA
Distribution: OpenSUSE, Gentoo, Fedora, Ubuntu, Mandriva, others
Posts: 413

Original Poster
Rep: Reputation: 30
I did a scan for port 25 with the link you provided and it said it was open.
 
Old 05-21-2006, 01:47 PM   #6
Xolo
Member
 
Registered: Jul 2004
Location: The Netherlands
Distribution: Mandrake, Knoppix, Coyote Linux, RedHat
Posts: 354
Blog Entries: 3

Rep: Reputation: 31
Alright, then we'll have to check more locally. Have you found any error messages in your postfix/system logs? Have you checked the postfix configuration files for any recent changes you haven't made yourself? (perhaps an automatic package/security update messed up your configuration?)
 
Old 05-21-2006, 06:23 PM   #7
pdeman2
Member
 
Registered: Jul 2005
Location: Maine, USA
Distribution: OpenSUSE, Gentoo, Fedora, Ubuntu, Mandriva, others
Posts: 413

Original Poster
Rep: Reputation: 30
In my maillog, I have a lot of:
Code:
May 21 04:05:27 localhost postfix/smtp[24339]: 6777871011E: to=<root@localhost.localdomain>, relay=none, delay=344654, status=deferred (Host or domain name not f
ound. Name service error for name=localhost.localdomain type=MX: Host not found, try again)
And then there was a:
Code:
May 21 10:42:07 localhost postfix/smtpd[13585]: connect from unknown[219.91.93.108]
May 21 10:42:10 localhost postfix/smtpd[13585]: NOQUEUE: reject: RCPT from unknown[219.91.93.108]: 554 <uu1553@so-net.net.tw>: Relay access denied; from=<asjdkfe
ghghw@msa.hinet.net> to=<uu1553@so-net.net.tw> proto=SMTP helo=<24.198.61.114>
May 21 10:42:11 localhost postfix/smtpd[13585]: lost connection after RCPT from unknown[219.91.93.108]
May 21 10:42:11 localhost postfix/smtpd[13585]: disconnect from unknown[219.91.93.108]
I've never looked at any mail logs before (I'm a newbie to mail stuff), so I really don't know what those mean.
 
Old 05-22-2006, 02:41 PM   #8
Xolo
Member
 
Registered: Jul 2004
Location: The Netherlands
Distribution: Mandrake, Knoppix, Coyote Linux, RedHat
Posts: 354
Blog Entries: 3

Rep: Reputation: 31
Quote:
Originally Posted by pdeman2
In my maillog, I have a lot of:
Code:
May 21 04:05:27 localhost postfix/smtp[24339]: 6777871011E: to=<root@localhost.localdomain>, relay=none, delay=344654, status=deferred (Host or domain name not found. Name service error for name=localhost.localdomain type=MX: Host not found, try again)
Your server is telling you it can't find the host it wants to connect to because of an error in name resolution (DNS). So you might want to check this bit of your server configuration, and perhaps your /etc/hosts file for correctness. Is this server on a dynamic IP or a static IP?
No other quirky behaviour other than not being able to send mail outwards?



Quote:
Originally Posted by pdeman2
And then there was a:
Code:
May 21 10:42:07 localhost postfix/smtpd[13585]: connect from unknown[219.91.93.108]
May 21 10:42:10 localhost postfix/smtpd[13585]: NOQUEUE: reject: RCPT from unknown[219.91.93.108]: 554 <uu1553@so-net.net.tw>: Relay access denied; from=<asjdkfe
ghghw@msa.hinet.net> to=<uu1553@so-net.net.tw> proto=SMTP helo=<24.198.61.114>
May 21 10:42:11 localhost postfix/smtpd[13585]: lost connection after RCPT from unknown[219.91.93.108]
May 21 10:42:11 localhost postfix/smtpd[13585]: disconnect from unknown[219.91.93.108]
I've never looked at any mail logs before (I'm a newbie to mail stuff), so I really don't know what those mean.
I'll outline this bit of the log for you:
Code:
May 21 10:42:07 localhost postfix/smtpd[13585]: connect from unknown[219.91.93.108]
A machine known by IP address 219.91.93.108 is attempting to connect to your Postfix server's SMTP Daemon.

Code:
May 21 10:42:10 localhost postfix/smtpd[13585]: NOQUEUE: reject: RCPT from unknown[219.91.93.108]: 554 <uu1553@so-net.net.tw>: Relay access denied; from=<asjdkfe
ghghw@msa.hinet.net> to=<uu1553@so-net.net.tw> proto=SMTP helo=<24.198.61.114>
The foreign host, 219.91.93.108, is rejected by the SMTP Daemon from sending mail because your Postfix configuration denies mail relaying from foreign hosts (foreign meaning those anywhere else than localhost or those host IP addresses specifically allowed in the allow list).
The error occurred right after the HELO request on the SMTP protocol. The foreign host attempted to HELO, which is the very first beginning of an email, with 24.198.61.114. Typically the address after HELO is your server's address, but in case it's not it was spoofed by the machine that attempted to HELO your server. Right after HELO comes the MAIL FROM command, which you see in your log as 'from=<asjdkfeghghw@msa.hinet.net>', in this case it looks like a falsified address.
Just after MAIL FROM, comes RCPT TO, which you see in your log as 'to=<uu1553@so-net.net.tw>'. Right after all that, the foreign host should send the DATA command after receiving an 250 OK message from your server, but:

Code:
May 21 10:42:11 localhost postfix/smtpd[13585]: lost connection after RCPT from unknown[219.91.93.108]
The connection to the SMTP Daemon was lost after the RCPT TO command from the foreign host. after receiving the error message (Relay access denied) from your server. Since the connection to the SMTP Daemon was cut here, no message DATA was ever received from the foreign host.

Code:
May 21 10:42:11 localhost postfix/smtpd[13585]: disconnect from unknown[219.91.93.108]
The foreign host has disconnected completely from your server.

It looks to me like your server successfully rejected a spam message from being sent.
 
Old 05-22-2006, 03:19 PM   #9
pdeman2
Member
 
Registered: Jul 2005
Location: Maine, USA
Distribution: OpenSUSE, Gentoo, Fedora, Ubuntu, Mandriva, others
Posts: 413

Original Poster
Rep: Reputation: 30
Well, this is all interesting. Just after I posted those log lines, I realized that I am having a DNS issue. You said that it looked like my mail server successfully rejected spam, but I've noticed that it seems to be more than that.

At the time I first posted this thread, I could receive mail, but not send it. Now it appears I can not receive mail either. I tried to send an email to myself from another account and it did not get through, however, I have multiple domains to this server, so I tried another domain, the other domain worked perfectly.

I can't figure out what my DNS issue is, but I would imagine that I can't send mail because of this DNS issue, and I can't receive mail because of something with the DNS entry of that domain??

Thanks for the help so far, Xolo.
 
Old 05-22-2006, 04:52 PM   #10
Xolo
Member
 
Registered: Jul 2004
Location: The Netherlands
Distribution: Mandrake, Knoppix, Coyote Linux, RedHat
Posts: 354
Blog Entries: 3

Rep: Reputation: 31
You're welcome.
If you want to pinpoint your DNS problem you could start by making a small note for yourself and find out which domains are broken and write that down. Then the next step i'd take is verify the configuration for each domain, such as the IP address that is associated with each domain. Check if the hosts that belong to the IP addresses are in fact reachable from your server, if not try a different machine to make sure it's not just your server that can't reach them.
From there, you have two choices:
1. You'll have to find out why a host is unreachable if it can't be reached from two different machines.
2. You'll have to figure out why a reachable host can't be connected to from your server.

1 might be tricky if you don't have access to the host itself, but contacting it's owner might be helpful when possible.
2 could be a wild goose chase, but since this is a DNS issue i'd start with the simplest of your own machine which is your /etc/hosts file. It's where your machine stores some simple entries with pairs of IP/hostnames for localhost and possibly others. Second, if you have something running like Bind (a DNS server package) or TmDNS for example, check the logs for those services as they might contain information about the nonresponsive hosts, and possibly some clues as to what has changed lately to mute your Postfix server.
Is it possible at all for the hosts of the domain names to have changed their configuration lately like switching servers or altering DNS/MX entries om their side?
 
Old 05-23-2006, 02:24 PM   #11
pdeman2
Member
 
Registered: Jul 2005
Location: Maine, USA
Distribution: OpenSUSE, Gentoo, Fedora, Ubuntu, Mandriva, others
Posts: 413

Original Poster
Rep: Reputation: 30
I think I just figured out why no one can send me emails. I just did a dig <domain> IN MX and it gave me a sub domain that I don't use. I changed the DNS entry, but I can't test it for a while.
 
Old 05-23-2006, 02:38 PM   #12
Xolo
Member
 
Registered: Jul 2004
Location: The Netherlands
Distribution: Mandrake, Knoppix, Coyote Linux, RedHat
Posts: 354
Blog Entries: 3

Rep: Reputation: 31
Aight, keep us posted good luck
 
Old 05-23-2006, 07:05 PM   #13
pdeman2
Member
 
Registered: Jul 2005
Location: Maine, USA
Distribution: OpenSUSE, Gentoo, Fedora, Ubuntu, Mandriva, others
Posts: 413

Original Poster
Rep: Reputation: 30
Ok, it looks like I don't understand DNS systems at all. Basically, all my sub domains work fine with my mail server (except for sending still), but the domain itself will not work.

I can use user@host.domain.tld, but I can't figure out how to configure everything so that I can mail to user@domain.tld. Is it something I have to configure with Postfix, or my DNS record, or what?

Until probably a couple hours after pointing my new domain to my server, I was able to email user@domain.tld, why doesn't it work now?
 
Old 05-25-2006, 08:30 AM   #14
pdeman2
Member
 
Registered: Jul 2005
Location: Maine, USA
Distribution: OpenSUSE, Gentoo, Fedora, Ubuntu, Mandriva, others
Posts: 413

Original Poster
Rep: Reputation: 30
Ok, I'm now able to receive email. It was actually something stupid on my part. I'm still having DNS issues that are preventing me from sending mail though.
 
Old 05-26-2006, 10:15 AM   #15
pdeman2
Member
 
Registered: Jul 2005
Location: Maine, USA
Distribution: OpenSUSE, Gentoo, Fedora, Ubuntu, Mandriva, others
Posts: 413

Original Poster
Rep: Reputation: 30
I've been trying to change the network configuration through Webmin so that it is using a different name server, but it doesn't seem to want to change. Right now it's pointing to a router that the server is behind, I want it to point to a different name server, but it just reverts the configuration right after I restart the NICs.

EDIT: I just edited /sbin/dhclient-script so that it would use the right name server, but it still didn't help.

Last edited by pdeman2; 05-26-2006 at 10:41 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Unable to send mail to some mail servers due smtp greetings malformed atotomex Linux - Networking 6 12-20-2005 04:38 PM
No longer have hostname after upgrading to Core 3... can't send mail JeffCT Fedora 7 05-12-2005 08:31 AM
Server does'nt send mail until shutdown and LAN can't send or receive. Wolfy Linux - Networking 0 08-02-2004 07:31 PM
I can't send mail by using local mail server hus Linux - Software 0 05-10-2004 02:18 PM
i can send mail, i can't get mail from server Finlay Linux - Networking 3 03-19-2003 04:06 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 01:04 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration