Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to
LinuxQuestions.org , a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free.
Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please
contact us . If you need to reset your password,
click here .
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a
virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month.
Click here for more info.
09-26-2010, 10:07 PM
#31
Member
Registered: Sep 2010
Location: Philippines
Distribution: Centos
Posts: 63
Original Poster
Rep:
Hi,
The firewall we're running is pfsense.
09-26-2010, 10:08 PM
#32
Member
Registered: Sep 2010
Location: Philippines
Distribution: Centos
Posts: 63
Original Poster
Rep:
Hi,
The firewall we're running is PFSENSE.
09-26-2010, 11:12 PM
#33
Senior Member
Registered: Feb 2008
Location: Pune - India
Distribution: RHEL/Ubuntu/Debian/Fedora/Centos/K3OS
Posts: 1,159
Rep:
Hi,
Please check if port 25,110 and 143 are open.
09-26-2010, 11:13 PM
#34
Senior Member
Registered: Feb 2008
Location: Pune - India
Distribution: RHEL/Ubuntu/Debian/Fedora/Centos/K3OS
Posts: 1,159
Rep:
09-26-2010, 11:43 PM
#35
Member
Registered: Sep 2010
Location: Philippines
Distribution: Centos
Posts: 63
Original Poster
Rep:
Hi,
How will I check if those ports are open? The ports 110 and 25 are in the Firewall:NAT:Port Forward and in Firewall:Rules.
Thanks.
Last edited by willcastle; 09-26-2010 at 11:52 PM .
09-27-2010, 12:52 AM
#36
Member
Registered: Sep 2010
Location: Philippines
Distribution: Centos
Posts: 63
Original Poster
Rep:
Hi,
I get this notice when testing emails.
lost connection with
domain.ph[222.127.x.x] while receiving the initial server greeting
09-27-2010, 01:07 AM
#37
Member
Registered: Sep 2010
Location: Philippines
Distribution: Centos
Posts: 63
Original Poster
Rep:
Code:
#alias_database = hash:/etc/postfix/aliases
#alias_maps = $alias_database
allow_mail_to_commands = alias,forward
allow_mail_to_files = alias,forward
allow_min_user = no
allow_percent_hack = yes
allow_untrusted_routing = no
always_bcc =
append_at_myorigin = yes
append_dot_mydomain = yes
best_mx_transport =
biff = no
bounce_notice_recipient = postmaster
bounce_size_limit = 50000
canonical_maps =
command_directory = /usr/sbin
command_expansion_filter = 1234567890!@%-_=+:,./abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ
command_time_limit = 1000
daemon_directory = /usr/libexec/postfix
daemon_timeout = 18000
default_database_type = hash
default_delivery_slot_cost = 10
default_delivery_slot_discount = 50
default_delivery_slot_loan = 5
default_destination_concurrency_limit = 10
default_destination_recipient_limit = 50
default_extra_recipient_limit = 1000
default_minimum_delivery_slots = 3
default_privs = nobody
default_process_limit = 150
default_recipient_limit = 10000
default_transport = smtp
default_verp_delimiters = +=
defer_transports =
delay_notice_recipient = postmaster
delay_warning_time = 2
deliver_lock_attempts = 5
deliver_lock_delay = 1
disable_dns_lookups = no
disable_verp_bounces = no
disable_vrfy_command = yes
dont_remove = 0
double_bounce_sender = double-bounce
duplicate_filter_limit = 1000
empty_address_recipient = MAILER-DAEMON
error_notice_recipient = postmaster
expand_owner_alias = no
export_environment = TZ
extract_recipient_limit = 10240
fallback_relay =
fallback_transport =
#fast_flush_domains = $relay_domains
fast_flush_purge_time = 7d
fast_flush_refresh_time = 12h
fault_injection_code = 0
fork_attempts = 5
fork_delay = 1
forward_expansion_filter = 1234567890!@%-_=+:,./abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ
forward_path = $home/.forward${recipient_delimiter}${extension},$home/.forward
hopcount_limit = 50
ignore_mx_lookup_error = no
import_environment = MAIL_CONFIG MAIL_DEBUG TZ XAUTHORITY DISPLAY
in_flow_delay = 1s
inet_interfaces = all
initial_destination_concurrency = 5
invalid_hostname_reject_code = 501
ipc_idle = 100
ipc_timeout = 3600
line_length_limit = 2048
lmtp_cache_connection = yes
lmtp_connect_timeout = 0
lmtp_data_done_timeout = 600
lmtp_data_init_timeout = 120
lmtp_data_xfer_timeout = 180
lmtp_lhlo_timeout = 300
lmtp_mail_timeout = 300
lmtp_quit_timeout = 300
lmtp_rcpt_timeout = 300
lmtp_rset_timeout = 300
#lmtp_sasl_auth_enable = no
#lmtp_sasl_password_maps =
#lmtp_sasl_security_options = noplaintext, noanonymous
lmtp_skip_quit_response = no
lmtp_tcp_port = 24
local_command_shell =
local_destination_concurrency_limit = 2
mail_version = postfix-2.5.1
maps_rbl_domains = rbl.maps.vix.com
maps_rbl_reject_code = 554
max_idle = 100
max_use = 100
maximal_backoff_time = 4000
maximal_queue_lifetime = 2
myhostname =mail.domain.ph
mydomain = domain.ph
mynetworks = 192.168.101.0/24, 192.168.201.0/24, 127.0.0.0/8, 222.127.x.x/29
mynetworks_style = subnet
myorigin = $myhostname
mydestination = $myhostname, localhost.$mydomain
#mydestination = /etc/postfix/local-host-names
#mail_spool_directory = /var/spool/mail
#home_mailbox = Mailbox
non_fqdn_reject_code = 504
notify_classes = policy,resource,software,protocol,delay,bounce
owner_request_special = yes
parent_domain_matches_subdomains = debug_peer_list,fast_flush_domains,mynetworks,permit_mx_backup_networks,qmqpd_authorized_clients,relay_domains,smtpd_access_maps
qmgr_fudge_factor = 100
qmgr_message_active_limit = 1000
qmgr_message_recipient_limit = 10000
qmgr_message_recipient_minimum = 10
qmgr_site_hog_factor = 100
qmqpd_authorized_clients =
qmqpd_error_delay = 5s
qmqpd_timeout = 300s
service_throttle_time = 60
smtp_always_send_ehlo = no
smtp_bind_address =
smtp_break_lines = yes
smtp_connect_timeout = 0
smtp_data_done_timeout = 600
smtp_data_init_timeout = 120
smtp_data_xfer_timeout = 180
smtp_helo_timeout = 300
smtp_mail_timeout = 300
smtp_never_send_ehlo = no
smtp_pix_workaround_delay_time = 10s
smtp_pix_workaround_threshold_time = 500s
smtp_quit_timeout = 300
smtp_randomize_addresses = yes
smtp_rcpt_timeout = 300
smtp_skip_4xx_greeting = no
smtp_skip_5xx_greeting = yes
smtp_skip_quit_response = yes
smtpd_banner = $myhostname ESMTP zugzug!
smtpd_delay_reject = yes
smtpd_error_sleep_time = 5
smtpd_etrn_restrictions =
smtpd_hard_error_limit = 100
smtpd_helo_required = yes
smtpd_helo_restrictions =
smtpd_junk_command_limit = 1000
smtpd_noop_commands =
smtpd_recipient_limit = 1000
smtpd_restriction_classes =
smtpd_recipient_restrictions = reject_non_fqdn_sender,reject_non_fqdn_recipient,permit_mynetworks,reject_unknown_sender_domain,reject_unknown_recipient_domain,reject_rbl_client zen.spamhaus.org,reject_unauth_destination,reject_rbl_client opm.blitzed.org,reject_rbl_client list.dsbl.org,reject_rbl_client bl.spamcop.net,reject_rbl_client sbl-xbl.spamhaus.org,reject_rhsbl_client blackhole.securitysage.com,reject_rhsbl_sender blackhole.securitysage.com,reject_rbl_client relays.ordb.org,reject_rbl_client blackholes.easynet.nl,reject_rbl_client cbl.abuseat.org,reject_rbl_client proxies.blackholes.wirehub.net,reject_rbl_client sbl.spamhaus.org,reject_rbl_client opm.blitzed.org,reject_rbl_client dnsbl.njabl.org,reject_rbl_client multihop.dsbl.org
smtpd_sender_login_maps =
smtpd_soft_error_limit = 10
smtpd_timeout = 300
soft_bounce = no
stale_lock_time = 500
strict_rfc821_envelopes = yes
sun_mailtool_compatibility = no
swap_bangpath = yes
syslog_facility = mail
syslog_name = postfix
unknown_address_reject_code = 450
unknown_client_reject_code = 450
unknown_hostname_reject_code = 450
verp_delimiter_filter = -=+
# --------------------------------
# Deactivated, done in SpamAssasin
# --------------------------------
# reject_rhsbl_client blackhole.securitysage.com,
# reject_rhsbl_sender blackhole.securitysage.com,
# reject_rbl_client relays.ordb.org,
# reject_rbl_client proxies.blackholes.wirehub.net,
# reject_rbl_client bl.spamcop.net,
# reject_rbl_client sbl.spamhaus.org,
# reject_rbl_client opm.blitzed.org,
# reject_rbl_client dnsbl.njabl.org,
# reject_rbl_client list.dsbl.org,
# reject_rbl_client multihop.dsbl.org,
# --------------------------------
# Deactivated, done in SpamAssasin
# --------------------------------
# Check Message Header and Body
# body_checks = regexp:$config_directory/body_checks
# header_checks = regexp:$config_directory/header_checks
debug_peer_level = 2
debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
xxgdb = $daemon_directory/$process_name $process_id & sleep 5
disable_vrfy_command = yes
show_user_unknown_table_name = no
virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf
virtual_gid_maps = static:89
virtual_mailbox_base = /home/virtual
virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_mailbox_limit = 51200000
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_minimum_uid = 89
virtual_transport = virtual
virtual_uid_maps = static:89
# Additional for quota support
virtual_create_maildirsize = yes
virtual_mailbox_extended = yes
virtual_mailbox_limit_maps = mysql:/etc/postfix/mysql_virtual_mailbox_limit_maps.cf
virtual_mailbox_limit_override = yes
virtual_maildir_limit_message = Sorry, the user's maildir has overdrawn his diskspace quota, please try again later.
virtual_overquota_bounce = yes
relay_domains = mysql:/etc/postfix/mysql_relay_domains_maps.cf
# Additional for quota support
#virtual_create_maildirsize = yes
#virtual_mailbox_extended = yes
#virtual_mailbox_limit_maps = mysql:/etc/postfix/mysql_virtual_mailbox_limit_maps.cf
#virtual_mailbox_limit_override = yes
#virtual_maildir_limit_message = Sorry, the user's maildir has overdrawn his diskspace quota, please try again later.
#virtual_overquota_bounce = yes
#broken_sasl_auth_clients = yes
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
# reject_non_fqdn_hostname,
# reject_non_fqdn_sender,
# reject_non_fqdn_recipient,
reject_unauth_destination,
# reject_unauth_pipelining,
# reject_invalid_hostname,
# reject_rbl_client opm.blitzed.org,
# reject_rbl_client list.dsbl.org,
# reject_rbl_client bl.spamcop.net,
# reject_rbl_client sbl-xbl.spamhaus.org
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
#smtpd_sasl_security_options = noanonymous
readme_directory = no
sample_directory = /etc/postfix
sendmail_path = /usr/sbin/sendmail
html_directory = no
#setgid_group = postdrop
command_directory = /usr/sbin
manpage_directory = /usr/local/man
#daemon_directory = /usr/libexec/postfix
newaliases_path = /usr/bin/newaliases
#mailq_path = /usr/bin/mailq
#queue_directory = /var/spool/postfix
#mail_owner = postfix
data_directory = /var/lib/postfix
Hi,
Above is the main.cf config. Pls anyone can check the config and make some suggestions on what is wrong.
Thanks in advance.
Last edited by willcastle; 09-27-2010 at 02:33 AM .
09-27-2010, 01:59 AM
#38
Senior Member
Registered: Feb 2008
Location: Pune - India
Distribution: RHEL/Ubuntu/Debian/Fedora/Centos/K3OS
Posts: 1,159
Rep:
Hi,
I don't know what you are doing?
Can you re phrase the the problems you are facing?
These are the trouble shooting steps follow these and show us the output here ;please:
Code:
sudo netstat -a | grep smtp
Code:
netstat -a | grep pop
Code:
netstat -a | grep imap
Quote:
telnet yourmailserverdomain.com 25
EHLO yourmailserverdomain.com
MAIL FROM: <user1@yourmailserverdomain.com>
RCPT TO: <user2@yourmailserverdoamin.com>
DATA
Subject: Hello local-user
Hey local-user,
I just wanted to send some test mail to you :-)
.
And at last Learn how to use your pfsence firewall;we can help you solve problem you face configuring your firewall
Last edited by prayag_pjs; 09-27-2010 at 02:01 AM .
09-27-2010, 02:29 AM
#39
Member
Registered: Sep 2010
Location: Philippines
Distribution: Centos
Posts: 63
Original Poster
Rep:
Code:
netstat -a | grep smtp
tcp 0 0 *:smtp *:* LISTEN
unix 2 [ ACC ] STREAM LISTENING 8588 private/smtp
Code:
netstat -a | grep pop
tcp 0 0 * : pop3s *:* LISTEN
tcp 0 0 * : pop3 *:* LISTEN
Code:
netstat -a | grep imap
tcp 0 0 *:imaps *:* LISTEN
tcp 0 0 *:imap *:* LISTEN
Code:
iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Hi,
This is the output.
Last edited by willcastle; 09-27-2010 at 02:34 AM .
09-27-2010, 02:34 AM
#40
Senior Member
Registered: Feb 2008
Location: Pune - India
Distribution: RHEL/Ubuntu/Debian/Fedora/Centos/K3OS
Posts: 1,159
Rep:
Hi,
Where did you run this command and please do telnet also and let us know the output
09-27-2010, 02:59 AM
#41
Member
Registered: Sep 2010
Location: Philippines
Distribution: Centos
Posts: 63
Original Poster
Rep:
Code:
[root@porto ~]# telnet domain.ph 110
Trying 222.127.x.x...
telnet: connect to address 222.127.x.x: Connection timed out
telnet: Unable to connect to remote host: Connection timed out
Hi,
This is the output.
Last edited by willcastle; 09-27-2010 at 03:06 AM .
09-27-2010, 03:11 AM
#42
Member
Registered: Sep 2010
Location: Philippines
Distribution: Centos
Posts: 63
Original Poster
Rep:
Code:
[root@porto ~]# telnet 192.168.101.5 25
Trying 192.168.101.5...
Connected to porto.domain.ph (192.168.101.5).
Escape character is '^]'.
220 mail.domain.ph ESMTP zugzug!
Hi,
When I try to telnet with the LAN IP of the server it gives this output. But when I telnet the "domain.ph 25" the connection is failed.
What is the problem?
Thanks
09-27-2010, 04:08 AM
#43
Senior Member
Registered: Feb 2008
Location: Pune - India
Distribution: RHEL/Ubuntu/Debian/Fedora/Centos/K3OS
Posts: 1,159
Rep:
hi please try this and let us know
Code:
nslookup 192.168.101.5
and
09-27-2010, 04:09 AM
#44
Senior Member
Registered: Feb 2008
Location: Pune - India
Distribution: RHEL/Ubuntu/Debian/Fedora/Centos/K3OS
Posts: 1,159
Rep:
Try sending mails using:
Quote:
telnet yourmailserverdomain.com 25
EHLO yourmailserverdomain.com
MAIL FROM: <user1@yourmailserverdomain.com>
RCPT TO: <user2@yourmailserverdoamin.com>
DATA
Subject: Hello local-user
Hey local-user,
I just wanted to send some test mail to you :-)
.
09-27-2010, 04:34 AM
#45
Senior Member
Registered: Jul 2007
Distribution: Gentoo
Posts: 2,125
Quote:
When I try to telnet with the LAN IP of the server it gives this output. But when I telnet the "domain.ph 25" the connection is failed.
Note: I don't see that any passwords wound up in your logs, but you may want to change the password for w.castillo, just in case.
Going back over the last several posts, your logs are showing that your accounts and authentication are valid, this is good. From what I can tell, your configuration files look good. It does not appear that you have firewalls enabled or in the way, at least on your server as you can telnet it via the LAN. You have applications listening on the correct ports, which is good. Your problem appears to be an issue with port 25 being blocked externally to your server.
The good news is that I think once you get that resolved, things will work for you. I do have a couple of suggestions based on your output, but more on that later. You will want to do two things: 1 - contact your ISP and verify whether or not they deliberately block port 25. You may be able to get that bypassed. Otherwise you may need to find a way to work around by running your mail server on a non standard port. Two, use the traceroute and telnet utilities to see if you can locate the point, i.e. the switch, router, network, etc, where your connection on port 25 dies. Also double check make sure that you don't have any routers or other firewall devices or that if you do, that the ports (25, 110 at least) are open on it and forwarded to the LAN IP of your mailserver, 192.168.101.5.
You received a couple of warning messages about your postfix configuration files, *.cf, not being owned by root. This won't cause operational issues, but typically you want to make these files owned by root and only readable by others and / or the postfix user. This is a security measure to help prevent unauthorized access. It looks like you may also want to make a setting adjustment in Dovecot - see the warning message.
All times are GMT -5. The time now is 05:28 AM .
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know .
Latest Threads
LQ News