no smtp for some users

[salfd]

OK - I have this smtp issue - I've searched and searched - I have seen very similar issues from others - but I don't see any solutions. Here it is

New Server - hardware not the issue - I am the ISP. It's my network. I have 7 websites and 170 individual users.

It's running Gentoo - with Courier Imap - Postfix - amavis-new - spamassassin 3.2.1 - clamav - and RoundCube webmail.
It was configured from How to's from Gentoo.org.
Spamassassin plugins seem to be working - DCC - Pyzor - Razor.
Headers tell me mail is being scanned by amavis and clamav.
All telnet tests are OK.
Don't know what else to offer but.....

1) This server also hosts a few websites also on my mail system. Everything is on this one machine.

2) everyone can send and receive mail via the web - roundcube

3) Most of my clients use a client like Outlook Express - Eudora - and Thunderbird.

4) My Office Mgr. uses Outlook Exp - she sends mail - it goes through her Outbox - a copy sits in Sent - the recipient NEVER gets it.
She set up her account on a friends home machine using my incoming and smtp server - it works OK.

5) Many of my users call in saying they get their mail but no-one ever gets mail they send - no-one reports getting an error. Yet - other uses have no issue with sending.

6) Everyone can use WEB mail ok.

7) The server has been up for 6 months now - when it first went up - I had no problems - at least no-one called with complaints.
All my problems seemed to have started all at once - about a month ago soon after a townwide power failure - but my systems were on UPS.

I watch the mail logs - I am not an expert - but nothing pops out to me and says - here is the problem.

I found this one line in the amavisd.conf file that was commented out. # @bypass_spam_checks_maps = ( [ "!.$mydomain", "." ] );
I saw this in a forum who suggested to uncomment that line which I did - Amavis may be stopping SMTP outbound. BUT - when this line is uncommented we get HAMMERED with spam and complaints start pouring in.

I just do not know where else to look or even what to look FOR!

I'd be happy to send my configuration files to the forum if need be.

H E L P

[ianw1974]

You could use:

[salfd]

Ianw - Thank you for the quick response -- I tried to run suggested command # cat /var/log/maillog | grep -i noqueue | grep -i block got access denied so I modified it to this
#cat /var/log/messages | grep -i noqueue | grep -i block that ran - guess my logs are in different place - anyway I did get this output...

Oct 9 06:07:18 mailhost postfix/smtpd[13401]: NOQUEUE: reject: RCPT from 208-117-17-108.block5.gvtc.com[208.117.17.108]: 550 5.1.1 <ideaspres@idexp.com>: Recipient address rejected: User unknown in virtual mailbox table; from=<jardins@keynet.com.br> to=<ideaspres@idexp.com> proto=ESMTP helo=<208-117-17-108.block5.gvtc.com>
Oct 9 07:18:11 mailhost postfix/smtpd[21455]: NOQUEUE: reject: RCPT from unknown[90.150.229.220]: 504 5.5.2 <1-d51b816ed5d54>: Helo command rejected: need fully-qualified hostname; from=<xov@blockandco.com> to=<ng144@bytheshore.com> proto=ESMTP helo=<1-d51b816ed5d54>
Oct 9 07:30:47 mailhost postfix/smtpd[22214]: NOQUEUE: reject: RCPT from unknown[85.112.55.222]: 504 5.5.2 <boss>: Helo command rejected: need fully-qualified hostname; from=<dwtowerblocksm@towerblocks.de> to=<szakal@bytheshore.com> proto=ESMTP helo=<boss>
Oct 9 07:30:47 mailhost postfix/smtpd[22214]: NOQUEUE: reject: RCPT from unknown[85.112.55.222]: 504 5.5.2 <boss>: Helo command rejected: need fully-qualified hostname; from=<dwtowerblocksm@towerblocks.de> to=<briellesec@bytheshore.com> proto=ESMTP helo=<boss>
Oct 9 08:13:01 mailhost postfix/smtpd[26074]: NOQUEUE: reject: RCPT from unknown[77.37.193.160]: 504 5.5.2 <16f50364a585409>: Helo command rejected: need fully-qualified hostname; from=<mxroj@blockmaker.com> to=<curtisfamily@bytheshore.com> proto=ESMTP helo=<16f50364a585409>


Got line after line of this NOQUEUE - OK looks like may be onto something but - I don't know what or how to fix it. It sure does look like a block. Any ideas on a fix?? I admit - I am having trouble understanding Postfix Log files.

[ianw1974]

OK, well looking at your log file I notice the most common problem is:

"need fully-qualified hostname"

which means what is happening is postfix, is actually wanting the machine that is connecting and sending the email to have a fully-qualified domain name. Most home computers, or computers outside of a domain setup don't actually have fully-qualified domain names (unless they were specifically configured). And so, because of this the emails are being rejected. Chances are, somewhere in your postfix main.cf config file you have:

[salfd]

OK - I took out that "reject....." restarted postfix - I seem to still have the issue.

I included a portion of the logs and my main.cf configuration. I do see some other "Reject....." lines in the file but I am hesitant to modify it - I just don't know enough about what postfix is doing - Can you please take another look - maybe there is something your more knowing eyes can spot. Thank you



Oct 13 11:59:42 mailhost postfix/smtpd[2795]: NOQUEUE: reject: RCPT from 62-12-236-176.pool.cyberlink.ch[62.12.236.176]: 550 5.1.1 <victoria@bytheshore.com>: Recipient address rejected: User unknown in virtual mailbox table; from=<ekblock@ubalt.edu> to=<victoria@bytheshore.com> proto=ESMTP helo=<62-12-236-176.pool.cyberlink.ch>
Oct 13 12:20:32 mailhost postfix/smtpd[8447]: NOQUEUE: reject: RCPT from ppp91-78-91-203.pppoe.mtu-net.ru[91.78.91.203]: 504 5.5.2 <u76t19x4h6lhr26>: Helo command rejected: need fully-qualified hostname; from=<dfkurhetlg@blockdesk.com> to=<sfe@bytheshore.com> proto=ESMTP helo=<u76t19x4h6lhr26>
Oct 13 12:20:32 mailhost postfix/smtpd[8447]: NOQUEUE: reject: RCPT from ppp91-78-91-203.pppoe.mtu-net.ru[91.78.91.203]: 504 5.5.2 <u76t19x4h6lhr26>: Helo command rejected: need fully-qualified hostname; from=<dfkurhetlg@blockdesk.com> to=<rodeo@bytheshore.com> proto=ESMTP helo=<u76t19x4h6lhr26>
Oct 13 13:21:04 mailhost postfix/smtpd[13581]: NOQUEUE: reject: RCPT from host-200-52-112-190.block.alestra.net.mx[200.52.112.190]: 550 5.1.1 <bfrey@bytheshore.com>: Recipient address rejected: User unknown in virtual mailbox table; from=<ittbreeding@cockcroft.ca> to=<bfrey@bytheshore.com> proto=ESMTP helo=<host-200-52-112-190.block.alestra.net.mx>

mailhost ~ # cd /etc/postfix
mailhost postfix # ls
cacert.pem mysql-aliases.cf mysql-virtual.cf newcert.pem newreq.pem.out post-install
main.cf mysql-relocated.cf mysql-virtual-gid.cf newkey.pem postfix-files prng_exch
master.cf mysql-transport.cf mysql-virtual-maps.cf newreq.pem postfix-script saslpass
mailhost postfix # cat main.cf
queue_directory = /var/spool/postfix

command_directory = /usr/sbin

daemon_directory = /usr/lib/postfix

mail_owner = postfix

myhostname = mailhost.bytheshore.com

mydomain = mailhost.bytheshore.com

mynetworks = 208.240.193.0/24, 127.0.0.0/8

inet_interfaces = all

mydestination = $myhostname, $mydomain

unknown_local_recipient_reject_code = 550

debug_peer_level = 2

debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
xxgdb $daemon_directory/$process_name $process_id & sleep 5

sendmail_path = /usr/sbin/sendmail

newaliases_path = /usr/bin/newaliases

mailq_path = /usr/bin/mailq

setgid_group = postdrop

html_directory = no

manpage_directory = /usr/share/man

sample_directory = /etc/postfix

readme_directory = /usr/share/doc/postfix-2.1.5-r1/readme

default_destination_concurrency_limit = 20

alias_database = hash:/etc/mail/aliases

local_destination_concurrency_limit = 2

alias_maps = hash:/etc/mail/aliases

home_mailbox = .maildir/

content_filter = smtp-amavis:[127.0.0.1]:10024

message_size_limit = 20480000

biff = no

#SMTPD Configurations
smtpd_sasl_auth_enable = yes
smtpd_sasl2_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_sasl_local_domain = $mydomain

smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination,reject_invalid_hostname,reject_non_fqdn_sender,reject_unknown_sender_domain,reject_non_fqdn_recipient,reject_unknown_recipient_domain,reject_unauth_pipelining

#smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination,reject_non_fqdn_hostname

disable_vrfy_command=yes

smtpd_use_tls = yes
smtp_use_tls = yes
smtpd_tls_auth_only = no
smtp_tls_note_starttls_offer = yes
smtpd_tls_key_file = /etc/postfix/newreq.pem
smtpd_tls_cert_file = /etc/postfix/newcert.pem
smtpd_tls_CAfile = /etc/postfix/cacert.pem
smtpd_tls_loglevel = 3
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom

local_transport = local
local_recipient_maps = $alias_maps $virtaul_mailbox_maps unix:passwd.byname

virtual_transport = virtual
virtual_mailbox_domains = bytheshore.com, idexp.com, seagirtboro.com, danskin-agency.com, jackson-insurance.com, orthoinstitute.com, tjcp.com, cartonlawfirm.com
virtual_minimum_uid = 1001
virtual_gid_maps = static:1001
virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-maps.cf
virtual_alias_maps = mysql:/etc/postfix/mysql-virtual.cf
virtual_uid_maps = static:1001
virtual_mailbox_base = /
#virtual_mailbox_limit =

[ianw1974]

To me it looks like there is a helo restriction that is dropping it. This is what I have:

[salfd]

OK - I tried your suggestion and added the smtpd helo and sender lines - I restarted postfix. I waited abount 15 minutes to run the logs - sorry but looks like no effect at all. Still getting the same output...

Oct 13 11:13:02 mailhost postfix/smtpd[32314]: NOQUEUE: reject: RCPT from host-200-52-112-190.block.alestra.net.mx[200.52.112.190]: 550 5.1.1 <aaronw@bytheshore.com>: Recipient address rejected: User unknown in virtual mailbox table; from=<lhfappropriate@davebarrow.com> to=<aaronw@bytheshore.com> proto=ESMTP helo=<host-200-52-112-190.block.alestra.net.mx>
Oct 13 11:33:21 mailhost postfix/smtpd[2794]: NOQUEUE: reject: RCPT from unknown[190.176.213.134]: 504 5.5.2 <gonzalez-7f5knz>: Helo command rejected: need fully-qualified hostname; from=<qovem@block.elcom.ru> to=<jon@bytheshore.com> proto=ESMTP helo=<gonzalez-7f5knz>
Oct 13 11:59:42 mailhost postfix/smtpd[2795]: NOQUEUE: reject: RCPT from 62-12-236-176.pool.cyberlink.ch[62.12.236.176]: 550 5.1.1 <victoria@bytheshore.com>: Recipient address rejected: User unknown in virtual mailbox table; from=<ekblock@ubalt.edu> to=<victoria@bytheshore.com> proto=ESMTP helo=<62-12-236-176.pool.cyberlink.ch>
Oct 13 12:20:32 mailhost postfix/smtpd[8447]: NOQUEUE: reject: RCPT from ppp91-78-91-203.pppoe.mtu-net.ru[91.78.91.203]: 504 5.5.2 <u76t19x4h6lhr26>: Helo command rejected: need fully-qualified hostname; from=<dfkurhetlg@blockdesk.com> to=<sfe@bytheshore.com> proto=ESMTP helo=<u76t19x4h6lhr26>
Oct 13 12:20:32 mailhost postfix/smtpd[8447]: NOQUEUE: reject: RCPT from ppp91-78-91-203.pppoe.mtu-net.ru[91.78.91.203]: 504 5.5.2 <u76t19x4h6lhr26>: Helo command rejected: need fully-qualified hostname; from=<dfkurhetlg@blockdesk.com> to=<rodeo@bytheshore.com> proto=ESMTP helo=<u76t19x4h6lhr26>

My server does have a fully qualified host name ( is it MY Server that it's got a problem with ?) - but here may be possible issue I just don't know..

When I run hostname -f I get this mailhost I then run postconf -e 'myhostname = mailhost.bytheshore.com' even though that IS the name in postfix main.cf

Do you see a problem there ??

[ianw1974]

Normally, from the command line, when you do hostname and hostname -f, it should be able to display the hostname as well as the fqdn. For me, mine shows, something like: