| View previous topic :: View next topic |
| Author |
Message |
pomaranca
Tux's lil' helper
Joined: 26 Mar 2006
Posts: 87
Location: ljubljana
|
 Posted: Sun Aug 19, 2007 1:48 pm Post subject: receiving mail with postfix problem |
 |
|
I have installed postfix. Now i can send mail to anywhere from console using mutt. But i can only receive mail if it is sent from my server. If i send it from somewhere outside, for example from gmail, i don't receive it.
I am behind a firewall, but i have port 25 open. I am using dyndns services and they have mx record for my domain by default.
I have also set this in main.cf:
| Code: |
inet_interfaces = all
mydestination = $myhostname, localhost.$mydomain, localhost
|
I don't know what i have misconfigured, please help. Thanx |
|
| Back to top |
|
 |
steveb
Advocate
Joined: 18 Sep 2002
Posts: 4564
|
| Posted: Sun Aug 19, 2007 3:09 pm Post subject: |
|
|
Zdravo 
Please post the output of:
// Steve |
|
| Back to top |
|
|
pomaranca
Tux's lil' helper
Joined: 26 Mar 2006
Posts: 87
Location: ljubljana
|
| Posted: Sun Aug 19, 2007 4:50 pm Post subject: |
|
|
Pozdravljen 
Output of postconf -n:
| Code: |
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/lib/postfix
debug_peer_level = 2
default_destination_concurrency_limit = 10
home_mailbox = .maildir/
html_directory = /usr/share/doc/postfix-2.3.6/html
inet_interfaces = all
local_destination_concurrency_limit = 2
mail_owner = postfix
mailq_path = /usr/bin/mailq
manpage_directory = /usr/share/man
mydestination = $myhostname, localhost.$mydomain, localhost
mydomain = mine.nu
myhostname = xxx.mine.nu
mynetworks = xxx.xxx.xxx.xxx/24, 127.0.0.0/8
newaliases_path = /usr/bin/newaliases
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.3.6/readme
sample_directory = /etc/postfix
sendmail_path = /usr/sbin/sendmail
setgid_group = postdrop
unknown_local_recipient_reject_code = 550
|
|
|
| Back to top |
|
|
overkll
Veteran
Joined: 21 Sep 2004
Posts: 1249
Location: Austin, Texas
|
| Posted: Sun Aug 19, 2007 5:07 pm Post subject: |
|
|
I think this is your issue:
| Code: | mydomain = mine.nu
myhostname = xxx.mine.nu |
Since mine.nu is owned by dyndns.org, your domain needs to be the hostname you created there. For example, if you registered abc.mine.nu, your domain should be "abc.mine.nu" and not "mine.nu". Both mydomain and myhostname can be the same in this instance. Had a similar configuration once with a "mine.nu" account. Try changing it to:
| Code: | mydomain=xxx.mine.nu
myhostname=$mydomain |
You may also want to change the helo.
| Code: | | smtpd_banner=$mydomain |
|
|
| Back to top |
|
|
pomaranca
Tux's lil' helper
Joined: 26 Mar 2006
Posts: 87
Location: ljubljana
|
| Posted: Sun Aug 19, 2007 5:52 pm Post subject: |
|
|
Thanks, i changed it, but it is still not working.
My postconf -n now looks like this:
| Code: |
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/lib/postfix
debug_peer_level = 2
default_destination_concurrency_limit = 10
home_mailbox = .maildir/
html_directory = /usr/share/doc/postfix-2.3.6/html
inet_interfaces = all
local_destination_concurrency_limit = 2
mail_owner = postfix
mailq_path = /usr/bin/mailq
manpage_directory = /usr/share/man
mydestination = $myhostname, localhost.$mydomain, localhost
mydomain = xxx.mine.nu
myhostname = $mydomain
mynetworks = xxx.xxx.xxx.xxx/24, 127.0.0.0/8
newaliases_path = /usr/bin/newaliases
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.3.6/readme
sample_directory = /etc/postfix
sendmail_path = /usr/sbin/sendmail
setgid_group = postdrop
smtpd_banner = $mydomain
unknown_local_recipient_reject_code = 550
|
Would i get any message of unsuccessful delivery if ports were blocked by my ISP?
I tried to check it with telnet from another computer:
I get no response whatever i write after.
Is smtp the default protocol used by postfix for receiving mail? |
|
| Back to top |
|
|
overkll
Veteran
Joined: 21 Sep 2004
Posts: 1249
Location: Austin, Texas
|
| Posted: Sun Aug 19, 2007 5:59 pm Post subject: |
|
|
This may sound stupid, but did you start postfix?
| Code: | | /etc/init.d/postfix start |
Yes, postfix should be listening on port 25.
| Code: | | netstat -anA inet | grep 25 |
Also check your logs - /var/log/mail.log, syslog, messages - depending on what syslogger you are using. |
|
| Back to top |
|
|
pomaranca
Tux's lil' helper
Joined: 26 Mar 2006
Posts: 87
Location: ljubljana
|
| Posted: Sun Aug 19, 2007 7:08 pm Post subject: |
|
|
| Code: |
~ # /etc/init.d/postfix status
* status: started
|
I restarted it twice after changing main.cf
| Code: |
~ # netstat -anA inet | grep 25
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN
|
It obviously is listening on the port 25.
I use syslog-ng, nothing special in messages.
Maybe port 25 is blocked by my ISP. |
|
| Back to top |
|
|
overkll
Veteran
Joined: 21 Sep 2004
Posts: 1249
Location: Austin, Texas
|
| Posted: Sun Aug 19, 2007 7:16 pm Post subject: |
|
|
| Quote: | | Maybe port 25 is blocked by my ISP. |
Perhaps port 25 is being blocked by your isp. Some ISP's do that.
You're not being blocked by your own firewall are you? Have you tried a simple port scan from a web-based service like Shields-Up at www.grc.com ?
You want me to try to connect to your server from my end? IM me. |
|
| Back to top |
|
|
pomaranca
Tux's lil' helper
Joined: 26 Mar 2006
Posts: 87
Location: ljubljana
|
| Posted: Sun Aug 19, 2007 8:03 pm Post subject: |
|
|
This is on my mail server:
| Code: |
~ # netstat -anA inet | grep 25
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN
|
| Code: |
~ # cat /etc/shorewall/rules
ACCEPT net fw tcp 25
ACCEPT net fw udp 25
|
This port scanning has been done from another computer:
| Code: |
~ # nmap xxx.mine.nu
Starting Nmap 4.20 ( http://insecure.org ) at 2007-08-19 21:51 CEST
Interesting ports on x.x.x.x:
Not shown: 1690 filtered ports
PORT STATE SERVICE
21/tcp open ftp
22/tcp open ssh
80/tcp open http
113/tcp closed auth
443/tcp open https
3306/tcp closed mysql
5001/tcp closed commplex-link
|
I guess it really is blocked  |
|
| Back to top |
|
|
overkll
Veteran
Joined: 21 Sep 2004
Posts: 1249
Location: Austin, Texas
|
| Posted: Sun Aug 19, 2007 9:52 pm Post subject: |
|
|
| Too bad. Kind of weird that they block smtp and not http or https. If you briefly shutdown shorewall and scan the host, are the results the same? |
|
| Back to top |
|
|
steveb
Advocate
Joined: 18 Sep 2002
Posts: 4564
|
| Posted: Sun Aug 19, 2007 11:19 pm Post subject: |
|
|
Could you try to set those settings in ShoreWall and restart ShoreWall and look if it works? | Code: | SMTP/ACCEPT loc fw
SMTP/ACCEPT net fw
SMTP/ACCEPT fw net
SMTP/ACCEPT fw loc
SMTPS/ACCEPT loc fw
SMTPS/ACCEPT net fw
SMTPS/ACCEPT fw net
SMTPS/ACCEPT fw loc |
// SteveB |
|
| Back to top |
|
|
overkll
Veteran
Joined: 21 Sep 2004
Posts: 1249
Location: Austin, Texas
|
| Posted: Sun Aug 19, 2007 11:21 pm Post subject: |
|
|
I responded you your PM, but the message just sits in my private mail outbox 
I scanned the ip you gave me, only for port 25
-sS = stealth scan
-P0 = dont ping
-p25 = port 25
| Code: | nmap -sS -P0 -p25 ip.ad.dr.ess
Starting Nmap 4.20 ( http://insecure.org ) at 2007-08-19 16:56 CDT
Interesting ports on ip.ad.dr.ess:
PORT STATE SERVICE
25/tcp filtered smtp
Nmap finished: 1 IP address (1 host up) scanned in 13.367 seconds |
maybe your firewall is the culprit? |
|
| Back to top |
|
|
pomaranca
Tux's lil' helper
Joined: 26 Mar 2006
Posts: 87
Location: ljubljana
|
| Posted: Mon Aug 20, 2007 8:05 am Post subject: |
|
|
overkll i got your PM response
I tried both of your suggestions. First i used SMTP and SMTPS rules macros and opened ports for all ways and then i stopped shorewall service for some time while nmapping from another computer. For both cases i got the same nmap output:
| Code: |
nmap -sS -P0 -p25 xxx.mine.nu
Starting Nmap 4.20 ( http://insecure.org ) at 2007-08-19 16:56 CDT
Interesting ports on x.x.x.x:
PORT STATE SERVICE
25/tcp filtered smtp
|
So my ISP is obviously blocking port 25.
The funny thing is that i have another server (older machine, slower connection) with another ISP. But this ISP is blocking connections via port 25 in direction from me to internet (they say it's because of increased virus activities on this port), so i can't send mails. Maybe i should have one mail server on both machines, one for receiving and one for sending mails.
But is there any chance to use differend ports for receiving mail than port number 25? |
|
| Back to top |
|
|
overkll
Veteran
Joined: 21 Sep 2004
Posts: 1249
Location: Austin, Texas
|
| Posted: Mon Aug 20, 2007 2:04 pm Post subject: |
|
|
Too bad. 
For smtp server to server communication, you need port 25. It is possible to configure postfix to listen on a different port, but how will the other mail servers know that?
Most ISPs will allow you to relay outgoing mail off of their smtp server(s). In postfix there are several ways to set that up, depending on your needs. The most basic way to do that is with the generic relay setting, "relayhost=". Then all outgoing mail would be forwarded to the relayhost, then it would be sent via the relayhost to the final destination.
If you know someone who is sucessfully running a mail server, they could receive the incoming mail for your domain. You could use your server to collect the messages for your domain from that server with ETRN I believe. I've never done that, but I seen in mentioned in the postfix docs. They would need to be registered in DNS as your MX host. |
|
| Back to top |
|
|
pomaranca
Tux's lil' helper
Joined: 26 Mar 2006
Posts: 87
Location: ljubljana
|
| Posted: Tue Aug 21, 2007 2:21 pm Post subject: |
|
|
I tried to set relayhost to my ISP's smtp, but it didn't work. Anyway my second ISP is going to unblock port 25 in direction from me if i change to a static IP, i guess that's what i'll have to do that to have a working mail server.
Thanks for your help. |
|
| Back to top |
|
|
overkll
Veteran
Joined: 21 Sep 2004
Posts: 1249
Location: Austin, Texas
|
| Posted: Tue Aug 21, 2007 2:28 pm Post subject: |
|
|
| No problem. Good luck. |
|
| Back to top |
|
|
|
Networking & Security
