LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 09-30-2017, 12:19 PM   #1
gratefulj
LQ Newbie
 
Registered: Sep 2017
Posts: 2

Rep: Reputation: Disabled
Postfix server cannot send


Hi All,

My first post. I inherited a postfix server which I have cobbled along. Last week, it got hacked and was sending tons of spam. I somehow fixed that by editing my main.cf file and introducing a transport file. The server hosts 5 domains and uses round cube for webmail (hosted directly on the server). One of the domains is virtual-it just forwards the emails to a gmail account. All users of the 4 real domains use the server to receive email, but send via their ISPs. Accordingly the only outgoing emails this server needs to send are from the webmail or redirected to the one virtual domain. Something I did has broken this-no outgoing emails are being sent. Can anyone see what I did? I have attached my main.cf file, transport file, and a log snippet. I know that the log snippet shows the messages being delivered, but they are not.

Thank you all for your help
Jeff


---------- main.cf ----------
# See /usr/share/postfix/main.cf.dist for a commented, more complete version

# Debian specific: Specifying a file name will cause the first
# line of that file to be used as the name. The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

readme_directory = /usr/share/doc/postfix

# 091417-Added to prevent all outgoing email by Jeff
#default_transport = error: This server sends mail only locally.

# TLS parameters
smtpd_tls_cert_file = /etc/ssl/certs/iRedMail_CA.pem
smtpd_tls_key_file = /etc/ssl/private/iRedMail.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.

myhostname = mail.creativecomputing.com
alias_maps = hash:/etc/postfix/aliases
alias_database = hash:/etc/postfix/aliases
myorigin = mail.creativecomputing.com
mydestination = $myhostname, localhost, localhost.localdomain, localhost.$myhostname
relayhost =
mynetworks = 127.0.0.0/8 50.251.31.0/24
mailbox_size_limit = 1572864000
recipient_delimiter = +
inet_interfaces = all
html_directory = /usr/share/doc/postfix/html
mydomain = creativecomputing.com
mail_name = iRedMail
mail_version = 0.5.1
relay_domains = $mydestination, proxy:ldap:/etc/postfix/ldap_relay_domains.cf
mailman_destination_recipient_limit = 1
mynetworks_style = host
smtpd_data_restrictions = reject_unauth_pipelining
smtpd_reject_unlisted_recipient = yes
smtpd_sender_restrictions = permit_mynetworks, permit_sasl_authenticated, check_sender_access hash:/etc/postfix/sender_access, reject_unknown_sender_domain
smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated,reject_unauth_destination
delay_warning_time = 0h
policy_time_limit = 3600
maximal_queue_lifetime = 1d
bounce_queue_lifetime = 1d
proxy_read_maps = $canonical_maps $lmtp_generic_maps $local_recipient_maps $mydestination $mynetworks $recipient_bcc_maps $recipient_canonical_maps $relay_domains $relay_recipient_maps $relocated_maps $sender_bcc_maps $sender_canonical_maps $smtp_generic_maps $smtpd_sender_login_maps $transport_maps $virtual_alias_domains $virtual_alias_maps $virtual_mailbox_domains $virtual_mailbox_maps

#jeff 11/23/13
smtpd_delay_reject = yes

strict_rfc821_envelopes=yes
smtpd_helo_required = yes
invalid_hostname_reject_code = 554
multi_recipient_bounce_reject_code = 554
non_fqdn_reject_code = 554
relay_domains_reject_code = 554
unknown_address_reject_code = 554
unknown_client_reject_code = 554
unknown_hostname_reject_code = 554
unknown_local_recipient_reject_code = 554
unknown_relay_recipient_reject_code = 554
unknown_sender_reject_code = 554
unknown_virtual_alias_reject_code = 554
unknown_virtual_mailbox_reject_code = 554
unverified_recipient_reject_code = 554
unverified_sender_reject_code = 554

#smtpd_helo_restrictions = permit_mynetworks,permit_sasl_authenticated, check_helo_access pcre:/etc/postfix/helo_access.pcre, reject_invalid_helo_hostname, reject_non_fqdn_helo_hostname

#jeff 11/23/13-commented out above, added below
smtpd_helo_restrictions = permit_mynetworks,permit_sasl_authenticated, reject_non_fqdn_helo_hostname, reject_invalid_helo_hostname, check_helo_access pcre:/etc/postfix/helo_access.pcre

queue_run_delay = 300s
minimal_backoff_time = 300s
maximal_backoff_time = 4000s
enable_original_recipient = no
disable_vrfy_command = yes
home_mailbox = Maildir/
allow_min_user = no
message_size_limit = 209715200
virtual_mailbox_limit_override = yes
virtual_overquota_bounce = yes
virtual_mailbox_limit_message = Sorry, the user\'s maildir has overdrawn the disk quota, please notify the user and try again later.
virtual_minimum_uid = 1002
virtual_uid_maps = static:1002
virtual_gid_maps = static:1002
virtual_mailbox_base = /var/vmail/vmail01
header_checks = pcre:/etc/postfix/header_checks.pcre
transport_maps = hash:/etc/postfix/transport, proxy:ldap:/etc/postfix/ldap_transport_maps_user.cf, proxy:ldap:/etc/postfix/ldap_transport_maps_domain.cf
virtual_alias_maps = proxy:ldap:/etc/postfix/ldap_virtual_alias_maps.cf, proxy:ldap:/etc/postfix/ldap_virtual_group_maps.cf
virtual_mailbox_domains = proxy:ldap:/etc/postfix/ldap_virtual_mailbox_domains.cf
virtual_mailbox_maps = proxy:ldap:/etc/postfix/ldap_virtual_mailbox_maps.cf
sender_bcc_maps = proxy:ldap:/etc/postfix/ldap_sender_bcc_maps_domain.cf, proxy:ldap:/etc/postfix/ldap_sender_bcc_maps_user.cf
recipient_bcc_maps = proxy:ldap:/etc/postfix/ldap_recipient_bcc_maps_domain.cf, proxy:ldap:/etc/postfix/ldap_recipient_bcc_maps_user.cf
relay_recipient_maps = hash:/etc/postfix/relay_recipients, proxy:ldap:/etc/postfix/ldap_virtual_mailbox_maps.cf
smtpd_sender_login_maps = proxy:ldap:/etc/postfix/ldap_sender_login_maps.cf
smtpd_reject_unlisted_sender = yes
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_sasl_authenticated_header = no
smtpd_recipient_restrictions = check_sender_access hash:/etc/postfix/sender_access,
check_recipient_access hash:/etc/postfix/recipient_domains,
check_client_access hash:/etc/postfix/rbl_override,
reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unlisted_recipient, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination,
warn_if_reject, check_policy_service inet:127.0.0.1:10031, reject_unauth_pipelining,
reject_rbl_client zen.spamhaus.org,
reject_rbl_client bl.spamcop.net,
reject_rbl_client dul.dnsbl.sorbs.net,
reject_rbl_client list.dsbl.org,
reject_rbl_client dnsbl.sorbs.net,
reject_rbl_client cbl.abuseat.org

# check_sender_access hash:/etc/postfix/sender_access added above by Jeff, 11/13/13

#smtpd_recipient_restrictions = reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_non_fqdn_sender, reject_non_fqdn_recipient, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_non_fqdn_helo_hostname, reject_invalid_helo_hostname, check_policy_service inet:127.0.0.1:10031
smtpd_tls_security_level = may
smtpd_enforce_tls = no
smtpd_tls_loglevel = 0
tls_random_source = dev:/dev/urandom
tls_daemon_random_source = dev:/dev/urandom
#
# Uncomment the following line to enable policyd sender throttle.
#
#smtpd_end_of_data_restrictions = check_policy_service inet:127.0.0.1:10032
mailbox_command = /usr/lib/dovecot/deliver
virtual_transport = dovecot
dovecot_destination_recipient_limit = 1
smtpd_sasl_type = dovecot
smtpd_sasl_path = dovecot-auth
content_filter = smtp-amavis:[127.0.0.1]:10024
smtpd_client_restrictions = sleep 5, check_client_access hash:/etc/postfix/sender_access
---------- end main.cf -----------

--------- transport ----------
lists.pmug-nj.org mailman:
creativecomputing.com :
iteasy.us :
darsworld.com :
aamcoonline.com smtp:
itsvetted.com :
* discard
--------- end transport ---------

---------- log snippet ----------
Sep 30 12:51:46 mail postfix/smtpd[25905]: connect from localhost[127.0.0.1]
Sep 30 12:51:46 mail postfix/smtpd[25905]: E64537E015: client=localhost[127.0.0.1]
Sep 30 12:51:46 mail postfix/cleanup[25896]: E64537E015: message-id=<JM56qOS_Q5Kpiuh5KMr0og@ismtpd0003p1iad1.sendgrid.net>
Sep 30 12:51:47 mail postfix/smtpd[25905]: disconnect from localhost[127.0.0.1]
Sep 30 12:51:47 mail postfix/qmgr[25883]: E64537E015: from=<bounces+5595449-7b63-peter=aamcoonline.com@emails.bradsdeals.com>, size=151226, nrcpt=1 (queue active)
Sep 30 12:51:47 mail postfix/discard[25906]: E64537E015: to=<fiorentino.peter@gmail.com>, relay=none, delay=0.09, delays=0.08/0.01/0/0, dsn=2.0.0, status=sent (gmail.com)
Sep 30 12:51:47 mail postfix/qmgr[25883]: E64537E015: removed
Sep 30 12:51:47 mail amavis[24931]: (24931-18) Passed CLEAN, LOCAL [168.245.48.73] [34.230.38.123] <bounces+5595449-7b63-peter=aamcoonline.com@emails.bradsdeals.com> -> <fiorentino.peter@gmail.com>, Message-ID: <JM56qOS_Q5Kpiuh5KMr0og@ismtpd0003p1iad1.sendgrid.net>, mail_id: G2Aty-XyrwsM, Hits: -3.053, size: 150725, queued_as: E64537E015, dkim_id=@bradsdeals.com, 11428 ms
Sep 30 12:51:47 mail postfix/smtp[25897]: 0C5407E00C: to=<fiorentino.peter@gmail.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=17, delays=5.8/0.01/0.01/11, dsn=2.0.0, status=sent (250 2.0.0 Ok, id=24931-18, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as E64537E015)
--------------- end log snippet ----------
 
Old 10-09-2017, 07:42 AM   #2
TenTenths
Senior Member
 
Registered: Aug 2011
Location: Dublin
Distribution: Centos 5 / 6 / 7
Posts: 3,213

Rep: Reputation: 1400Reputation: 1400Reputation: 1400Reputation: 1400Reputation: 1400Reputation: 1400Reputation: 1400Reputation: 1400Reputation: 1400Reputation: 1400
Quote:
Originally Posted by gratefulj View Post
I know that the log snippet shows the messages being delivered, but they are not.
If your server was sending a LOT of spam then it's possible it's made it on to mail providers blacklists, so it's possible your mail is being delivered to gmail and then going to the users spam / junk-mail folder (as you're now a spammer) or being fully black-holed.
 
Old 10-17-2017, 08:14 AM   #3
gratefulj
LQ Newbie
 
Registered: Sep 2017
Posts: 2

Original Poster
Rep: Reputation: Disabled
NO, I have checked that. It's just not sending.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Postfix MX doesn't send to primary server danjde Linux - Server 0 08-28-2017 02:44 PM
local postfix server not able to send mails to other domain subramanyabs1984 Linux - Server 1 03-13-2009 05:27 AM
Postfix : mail cannot send to send outside ( can send/receive locally) bobbinsupport Linux - Networking 3 12-15-2007 10:40 PM
Using Postfix the send email via another smtp server - to anyone. scarstens Linux - Newbie 1 01-27-2004 03:31 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 06:44 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration