I have just built a new postifx open relay server to allow my ISP clients to send emails. During testing of the SMPT protocol, I can managed to send emails to my localhost however, I can't send emails to other external mail server.

Below is a test to a yahoo account.

Aug 7 15:03:55 mx2 postfix/smtp[4050]: connect to g.mx.mail.yahoo.com[98.137.54.238]: Connection refused (port 25)
Aug 7 15:03:55 mx2 postfix/smtp[4050]: F084EC8D76: to=<ellyu4@yahoo.com>, relay=none, delay=8.5, delays=1.2/0.05/7.3/0, dsn=4.4.1, status=deferred (connect to g.mx.mail.yahoo.com[98.137.54.238]: Connection refused)


My postfix configuration is:

alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
debug_peer_level = 2
html_directory = no
inet_interfaces = all
mail_owner = postfix
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
mydestination = $myhostname, localhost.$mydomain, localhost
mydomain = zain.co.tz
myhostname = mx2.zain.co.tz
mynetworks = 10.0.0.0/8, 127.0.0.0/8, 41.221.50.0/24
newaliases_path = /usr/bin/newaliases.postfix
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES
sample_directory = /usr/share/doc/postfix-2.3.3/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
unknown_local_recipient_reject_code = 550

MASTER.CF

#
# Postfix master process configuration file. For details on the format
# of the file, see the master(5) manual page (command: "man 5 master").
#
# ==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
# ==========================================================================
#smtp inet n - n - - smtpd -v
0.0.0.0:smtp inet n - n - - smtpd
#submission inet n - n - - smtpd
# -o smtpd_enforce_tls=yes
# -o smtpd_sasl_auth_enable=yes
# -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#smtps inet n - n - - smtpd
# -o smtpd_tls_wrappermode=yes
# -o smtpd_sasl_auth_enable=yes
# -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#628 inet n - n - - qmqpd
pickup fifo n - n 60 1 pickup
cleanup unix n - n - 0 cleanup
qmgr fifo n - n 300 1 qmgr
#qmgr fifo n - n 300 1 oqmgr
tlsmgr unix - - n 1000? 1 tlsmgr
rewrite unix - - n - - trivial-rewrite
bounce unix - - n - 0 bounce
defer unix - - n - 0 bounce
trace unix - - n - 0 bounce
verify unix - - n - 1 verify
flush unix n - n 1000? 0 flush
proxymap unix - - n - - proxymap
smtp unix - - n - - smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
relay unix - - n - - smtp
-o fallback_relay=
# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq unix n - n - - showq
error unix - - n - - error
discard unix - - n - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
anvil unix - - n - 1 anvil
scache unix - - n - 1 scache
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# Many of the following services use the Postfix pipe(8) delivery
# agent. See the pipe(8) man page for information about ${recipient}
# and other message envelope options.
# ====================================================================
#
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
#
# The Cyrus deliver program has changed incompatibly, multiple times.
#
old-cyrus unix - n n - - pipe
flags=R user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -m ${extension} ${user}
# Cyrus 2.1.5 (Amos Gouaux)
# Also specify in main.cf: cyrus_destination_recipient_limit=1
cyrus unix - n n - - pipe
user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -r ${sender} -m ${extension} ${user}
#
# See the Postfix UUCP_README file for configuration details.
#
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
#
# Other external delivery methods.
#
ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient

PLEASE ASSIST.

As I see the host g.mx.mail.yahoo.com has blocked port 25.
From where you get this host g.mx.mail.yahoo.com? I do not known Postfix, but I think for outgoing mail is smtp.mail.yahoo.com:465

Yahoo is pretty touchy about who they will allow email from. Are you running your mail server from a dynamic IP (the public IP from your provider)? If so, yahoo will block you. You will also want to create an SPF record, assuming you have a static IP and verify that you are not on any black lists. It is also possible that their system was simply down at the time as connection refused can indicate a closed port.

A couple of things you can try: 1 - tell postfix to relay through your ISP. Your ISP may require authentication, which postfix can do, but it takes more work. 2 - try sending to something other that yahoo. Hotmail, for example is a little more forgiving, but will probably put your post into the junk folder so look there.

Hi,

Actually get this error to any domain i try to send emails too.

I'm building this SMTP server to allow customers to send emails via it and also relay. Hence, it acting has an ISP server.

below are additional logs when i tried to send several tests to another domains.

Aug 7 19:47:32 mx2 postfix/smtpd[4923]: 618F4C8D88: client=unknown[23.221.50.251]
Aug 7 19:47:33 mx2 postfix/cleanup[4925]: 618F4C8D88: message-id=<8E6724B9F4CB4DBCAFA8E41946B5543B@zain.co.tz>
Aug 7 19:47:33 mx2 postfix/qmgr[4515]: 618F4C8D88: from=<elly@zain.co.tz>, size=2057, nrcpt=1 (queue active)
Aug 7 19:47:33 mx2 postfix/smtpd[4923]: disconnect from unknown[23.221.50.251]
Aug 7 19:47:36 mx2 postfix/smtp[4926]: connect to mx2.hotmail.com[65.54.188.94]: Connection refused (port 25)
Aug 7 19:47:36 mx2 postfix/smtp[4926]: connect to mx2.hotmail.com[65.55.92.152]: Connection refused (port 25)
Aug 7 19:47:36 mx2 postfix/smtp[4926]: connect to mx4.hotmail.com[65.55.92.184]: Connection refused (port 25)
Aug 7 19:47:36 mx2 postfix/smtp[4926]: connect to mx4.hotmail.com[65.55.92.152]: Connection refused (port 25)
Aug 7 19:47:36 mx2 postfix/smtp[4926]: connect to mx3.hotmail.com[65.54.188.110]: Connection refused (port 25)
Aug 7 19:47:36 mx2 postfix/smtp[4926]: 618F4C8D88: to=<eliufoo@hotmail.com>, relay=none, delay=4.3, delays=0.97/0.05/3.3/0, dsn=4.4.1, status=deferred (connect to mx3.hotmail.com[65.54.188.110]: Connection refused)
Aug 7 19:51:54 mx2 postfix/smtpd[4935]: connect from unknown[23.221.50.251]
Aug 7 19:51:55 mx2 postfix/smtpd[4935]: 3C0A1C8D8A: client=unknown[23.221.50.251]
Aug 7 19:51:55 mx2 postfix/cleanup[4937]: 3C0A1C8D8A: message-id=<61017B2950B84A359DF212859E7FEF7C@zain.co.tz>
Aug 7 19:51:55 mx2 postfix/qmgr[4515]: 3C0A1C8D8A: from=<elly@zain.co.tz>, size=2073, nrcpt=1 (queue active)
Aug 7 19:51:56 mx2 postfix/smtp[4938]: connect to mail.tz.zain.com[196.46.122.33]: Connection refused (port 25)
Aug 7 19:51:56 mx2 postfix/smtp[4938]: 3C0A1C8D8A: to=<eliufoo.mahinda@tz.zain.com>, relay=none, delay=1, delays=0.98/0.05/0.01/0, dsn=4.4.1, status=deferred (connect to mail.tz.zain.com[196.46.122.33]: Connection refused)
Aug 7 19:51:56 mx2 postfix/smtpd[4935]: disconnect from unknown[23.221.50.251]
Aug 7 19:59:50 mx2 postfix/qmgr[4515]: C2C31C8D6A: from=<elly@zain.co.tz>, size=1396, nrcpt=1 (queue active)
Aug 7 19:59:50 mx2 postfix/smtp[4952]: connect to mail.tz.zain.com[196.46.122.33]: Connection refused (port 25)
Aug 7 19:59:50 mx2 postfix/smtp[4952]: C2C31C8D6A: to=<eliufoo.mahinda@tz.zain.com>, relay=none, delay=21104, delays=21104/0.05/0.01/0, dsn=4.4.1, status=deferred (connect to mail.tz.zain.com[196.46.122.33]: Connection refused)
Aug 7 20:00:45 mx2 postfix/smtpd[4956]: connect from unknown[23.221.50.251]
Aug 7 20:00:46 mx2 postfix/smtpd[4956]: AEB81C8D8C: client=unknown[23.221.50.251]
Aug 7 20:00:47 mx2 postfix/cleanup[4958]: AEB81C8D8C: message-id=<EA6D1A5E9D2D4F11BF219C87C299AA61@zain.co.tz>
Aug 7 20:00:47 mx2 postfix/qmgr[4515]: AEB81C8D8C: from=<elly@zain.co.tz>, size=1350, nrcpt=1 (queue active)
Aug 7 20:00:47 mx2 postfix/smtp[4952]: connect to mail.6telecoms.co.tz[41.77.226.3]: Connection refused (port 25)
Aug 7 20:00:47 mx2 postfix/smtp[4952]: connect to mx2.6telecoms.co.tz[41.77.226.4]: Connection refused (port 25)
Aug 7 20:00:47 mx2 postfix/smtp[4952]: AEB81C8D8C: to=<cp@push.co.tz>, relay=none, delay=1.1, delays=1/0.01/0.02/0, dsn=4.4.1, status=deferred (connect to mx2.6telecoms.co.tz[41.77.226.4]: Connection refused)
Aug 7 20:00:47 mx2 postfix/smtpd[4956]: disconnect from unknown[23.221.50.251]

managed to resolve this problem.


I had an internal firewall blocking outgoing connection for port 25 but incoming was working. Was getting the following connection earlier.

telnet 74.6.140.64 25 --> yahoo server
Trying 74.6.140.64...
telnet: connect to address 74.6.140.64: Connection refused
telnet: Unable to connect to remote host: Connection refused

Made some changes on my firewall and this is what I get.

telnet 74.6.140.64 25
Trying 74.6.140.64...
Connected to mta-v2.mail.vip.sk1.yahoo.com (74.6.140.64).
Escape character is '^]'.
220 mta1157.mail.sk1.yahoo.com ESMTP YSmtp service ready

tail -f /var/log/maillog

Aug 8 04:32:39 localhost sendmail[11174]: o781W18j011174: from=elly@tz.zain.com, size=27, class=0, nrcpts=1, msgid=<201008080132.o781W18j011174@risqie_dev01.risqie.com>, proto=SMTP, daemon=MTA, relay=risqie_dev01.risqie.com [127.0.0.1]
Aug 8 04:32:46 localhost sendmail[11176]: o781W18j011174: to=ellyu4@yahoo.com, delay=00:00:18, xdelay=00:00:07, mailer=esmtp, pri=120027, relay=mta.am0.yahoodns.net. [74.6.140.64], dsn=2.0.0, stat=Sent (ok dirdel)

Thanks for the assistance guys.