I need help. Pleases help me. my postfix sending mails to internet
and locally but it is not receiving mails from internet. While nmap
I can see all the ports from same network. But if i do namp from
other network(internetconnected machine) it is not showing 25,110,143 ports. I am using Fedora 10 and has no firewall and selinux tured on.
I have a dynamic DSL connection made it as static through dyndns. I send a mail from gmail to my mail server they are saying that Technical details of temporary failure:The recipient server did not accept our requests to connect. Learn more at http://mail.google.com/support/bin/a...py?answer=7720..
pleases please help me i am hopeless.

postconf -n shows the following output

[root@mail]# postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
html_directory = no
inet_interfaces = all
inet_protocols = all
mail_owner = postfix
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
mydomain = mydomain.in
myhostname = mail.mydomain.in
mynetworks_style = class
newaliases_path = /usr/bin/newaliases.postfix
proxy_interfaces = 192.168.1.1
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.5.5/README_FILES
sample_directory = /usr/share/doc/postfix-2.5.5/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtpd_banner = $myhostname ESMTP $mail_name
smtpd_recipient_restrictions = permit_sasl_authenticated, check_relay_domains
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_security_options = noanonymous
unknown_local_recipient_reject_code = 550

Does your provider block port 25?
Are the MX records setup properly?

Thx n advance.
My isp is not blocking any ports for the dynamic ips.
i registerd my dynamic ip with dyndns, to that address (I registred in
the name hostnae.selfip.com) i pointed a subdomain mai.myorg.in
and in mx record i added mail.myorg.in.

i think some thing in my main.cf/master.cf is not allowing me to show my ports to the internet. Pls help me

If you have a dynamic ip then would not it change every time you logoff and login again?
This could make the MX entry in the DNS void.

What is the output from
If you use a router, make sure the ports are forwarded also.

Ports smtp,pop3,imap are forwarded in the dsl modem
ya i did dig command the out put is

; <<>> DiG 9.5.1b2-RedHat-9.5.1-0.8.b2.fc10 <<>> mail.gracelabs.in MX
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 17377
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 5, ADDITIONAL: 5

;; QUESTION SECTION:
;mail.gracelabs.in. IN MX

;; ANSWER SECTION:
mail.gracelabs.in.28800 IN CNAME gracemail.selfip.com.
gracemail.selfip.com. 60 IN MX 10 gracelabs.in.

;; AUTHORITY SECTION:
selfip.com. 45751 IN NS ns5.dyndns.org.
selfip.com. 45751 IN NS ns4.dyndns.org.
selfip.com. 45751 IN NS ns1.dyndns.org.
selfip.com. 45751 IN NS ns2.dyndns.org.
selfip.com. 45751 IN NS ns3.dyndns.org.

;; ADDITIONAL SECTION:
gracelabs.in. 2591 IN A 202.71.129.6
ns3.dyndns.org. 33605 IN A 208.78.69.75
ns5.dyndns.org. 78684 IN A 203.62.195.75
ns1.dyndns.org. 6 IN A 204.13.248.75
ns4.dyndns.org. 82637 IN A 91.198.22.75

;; Query time: 358 msec
;; SERVER: 192.168.1.1#53(192.168.1.1)
;; WHEN: Thu Jun 25 17:10:10 2009
;; MSG SIZE rcvd: 265

The telnet to port 25 put as follows

[root@mail febin]# telnet 127.0.0.1 25
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
220 mail.gracelabs.in ESMTP Postfix

my local network ip is 192.168.1.2 from that also i telneted to port 25 output as follows

telnet 192.168.1.2 25
Trying 192.168.1.2...
Connected to 192.168.1.2.
Escape character is '^]'.
220 mail.gracelabs.in ESMTP Postfix

I can connect to address mail.gracelabs.in port 110 but not 25.

Could you post output of netstat -tlpn please?

Also I was wondering if you could play around with parameter proxy_interfaces in your main.cf - you now listed your internal IP address and from what I read in http://www.postfix.org/postconf.5.html#proxy_interfaces you are supposed to specify the "outside" address e.g. mail.gracelabs.in

HTH,
Robert

i did netstat -tlpn and i got the following output. Also i changed the value of proxy_interface = mail.gracelabs.in and the postfix is reloaded. Still connection is getting refused on port 25.

Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:59393 0.0.0.0:* LISTEN 1455/rpc.statd
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 1440/rpcbind
tcp 0 0 0.0.0.0:10000 0.0.0.0:* LISTEN 2024/perl
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1764/sshd
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 2002/cupsd
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 1881/master
tcp 0 0 :::111 :::* LISTEN 1440/rpcbind
tcp 0 0 :::80 :::* LISTEN 1932/httpd
tcp 0 0 :::22 :::* LISTEN 1764/sshd
tcp 0 0 :::25 :::* LISTEN 1881/master
tcp 0 0 :::443 :::* LISTEN 1932/httpd

Also on "dig mail.gracelabs.in MX" i am getting the following response

mail.gracelabs.in. 28737 IN CNAME gracemail.selfip.com.
gracemail.selfip.com. 60 IN MX 10 gracelabs.in.

Kindly check if there is a problem with the MX pointing here?

This is correct.

Maybe you could try to stop postfix and bind something else on port 25 and try to connect to that from the outside. You would see if it's a postfix problem or you were wrong with your assumption that your ISP is not blocking any ports.

Robert

Thanks man. You are right. i changed httpd port to 25 in /etc/httpd/conf/httpd.conf(Liste 80 imade it to 25). i restarted the httpd service.
i did telnet to the port 25. still connection refusing. I think it is better to change the port from my side to some 587. For that i will change the master.cf line

smtp inet n - n - - smtpd



to



587 inet n - n - - smtpd

is it ok? Apart from this anything i need to change. please help me.

Just a question,
Can you sent mail using your port 25 (not via smart host) ?
Because most SMTP servers don't except connections from a dynamic IP

However,
The IP from your mailserver seems to be 122.167.130.245

But a portscan shows:

As R0b0 said, you could try to bind the webserver to port 25
But since port 25 shows as filtered, I think it is blocked by the provider, or your firewall

From the nmap page:


You also need to setup a backup MX, in case your server goes down.

Yeah - it will fix your first problem - people will be able to connect to your postfix.

But then you'll have another problem - people will still try to connect to port 25 to send you e-mail because that's the standard port for the SMTP protocol.

You will still be able to use it in your Outlook/Thunderbird when you manually set the port number in the SMTP settings.

But given you set up an MX DNS record, I assume you want this to handle e-mail from external mail servers. But if it really is the case that you are unable to accept connections to port 25, I don't think this is going to work.

Sorry.

I talk to my isp, they are still saying ports are not blocked. I decided to go ahead with a static ip. Please Let me know your Suggessions. Once again thx to repo and r0b0.