[Dovecot] Rejected mails
I'm getting closer, now with SMTP permitted to whole of Internet to connect to my SMTP/postfix server & for my postfix server to connect out to public Internet on tcp 25 as well.
I send emails from permitted domain's SMTP servers with "Receipt Acknowledgemt" & the ack returned said it was delivered but somehow there's no mail in the mailbox & using the site below to test, it gave Rejected :
http://legacy.zoneedit.com/whois.html
OK, connected to gate1.mds.com.sg... < 220 gate1.mds.com.sg ESMTP
HELO edit.dnsvr.com < 250 gate1.mds.com.sg MAIL FROM:sender_id@mds.com.sg < 250 sender sender_id@mds.com.sg ok RCPT TO:recipient_id@myportaltech.com < 550 #5.1.0 Address rejected.
The recipient_id is basically a Linux OS id in my SMTP server. Would this work or I'll need to have virtual domain ids ?
=================== latest maillog ======================
Feb 21 16:36:34 hostname postfix/smtpd[1372]: input attribute value: 0
Feb 21 16:36:34 hostname postfix/smtpd[1372]: private/rewrite socket:
wanted attribute: transport
Feb 21 16:36:34 hostname postfix/smtpd[1372]: input attribute name: transport
Feb 21 16:36:34 hostname postfix/smtpd[1372]: input attribute value: relay
Feb 21 16:36:34 hostname postfix/smtpd[1372]: private/rewrite socket:
wanted attribute: nexthop
Feb 21 16:36:34 hostname postfix/smtpd[1372]: input attribute name: nexthop
Feb 21 16:36:34 hostname postfix/smtpd[1372]: input attribute value:
myportaltech.com
Feb 21 16:36:34 hostname postfix/smtpd[1372]: private/rewrite socket:
wanted attribute: recipient
Feb 21 16:36:34 hostname postfix/smtpd[1372]: input attribute name: recipient
Feb 21 16:36:34 hostname postfix/smtpd[1372]: input attribute value:
root@myportaltech.com
Feb 21 16:36:34 hostname postfix/smtpd[1372]: private/rewrite socket:
wanted attribute: flags
Feb 21 16:36:34 hostname postfix/smtpd[1372]: input attribute name: flags
Feb 21 16:36:34 hostname postfix/smtpd[1372]: input attribute value: 2048
Feb 21 16:36:34 hostname postfix/smtpd[1372]: private/rewrite socket:
wanted attribute: (list terminator)
Feb 21 16:36:34 hostname postfix/smtpd[1372]: input attribute name: (end)
Feb 21 16:36:34 hostname postfix/smtpd[1372]: resolve_clnt: ' -> root@myportaltech.com' -> transp=relay' host=myportaltech.com'
rcpt=`root@myportaltech.com' flags= class=relay
Feb 21 16:36:34 hostname postfix/smtpd[1372]: ctable_locate: install
entry key root@myportaltech.com
Feb 21 16:36:34 hostname postfix/smtpd[1372]: extract_addr: in:
root@myportaltech.com, result: root@myportaltech.com
Feb 21 16:36:34 hostname postfix/smtpd[1372]: >>> START Recipient
address RESTRICTIONS <<<
Feb 21 16:36:34 hostname postfix/smtpd[1372]: generic_checks:
name=reject_invalid_hostname
Feb 21 16:36:34 hostname postfix/smtpd[1372]: reject_invalid_hostname:
gate1.mds.com.sg
Feb 21 16:36:34 hostname postfix/smtpd[1372]: generic_checks:
name=reject_invalid_hostname status=0
Feb 21 16:36:34 hostname postfix/smtpd[1372]: generic_checks:
name=reject_unauth_pipelining
Feb 21 16:36:34 hostname postfix/smtpd[1372]: reject_unauth_pipelining: RCPT
Feb 21 16:36:34 hostname postfix/smtpd[1372]: generic_checks:
name=reject_unauth_pipelining status=0
Feb 21 16:36:34 hostname postfix/smtpd[1372]: generic_checks:
name=permit_mynetworks
Feb 21 16:36:34 hostname postfix/smtpd[1372]: permit_mynetworks:
gate1.mds.com.sg 203.126.130.157
Feb 21 16:36:34 hostname postfix/smtpd[1372]: match_hostname:
gate1.mds.com.sg ~? 172.18.20.0/24
Feb 21 16:36:34 hostname postfix/smtpd[1372]: match_hostaddr:
203.126.130.157 ~? 172.18.20.0/24
Feb 21 16:36:34 hostname postfix/smtpd[1372]: match_hostname:
gate1.mds.com.sg ~? 127.0.0.0/8
Feb 21 16:36:34 hostname postfix/smtpd[1372]: match_hostaddr:
203.126.130.157 ~? 127.0.0.0/8
Feb 21 16:36:34 hostname postfix/smtpd[1372]: match_hostname:
gate1.mds.com.sg ~? 202.6.163.0/24
Feb 21 16:36:34 hostname postfix/smtpd[1372]: match_hostaddr:
203.126.130.157 ~? 202.6.163.0/24
Feb 21 16:36:34 hostname postfix/smtpd[1372]: match_list_match:
gate1.mds.com.sg: no match
Feb 21 16:36:34 hostname postfix/smtpd[1372]: match_list_match:
203.126.130.157: no match
Feb 21 16:36:34 hostname postfix/smtpd[1372]: generic_checks:
name=permit_mynetworks status=0
Feb 21 16:36:34 hostname postfix/smtpd[1372]: generic_checks:
name=permit_sasl_authenticated
Feb 21 16:36:34 hostname postfix/smtpd[1372]: generic_checks:
name=permit_sasl_authenticated status=0
Feb 21 16:36:34 hostname postfix/smtpd[1372]: generic_checks:
name=reject_unauth_destination
Feb 21 16:36:34 hostname postfix/smtpd[1372]:
reject_unauth_destination: root@myportaltech.com
Feb 21 16:36:34 hostname postfix/smtpd[1372]: permit_auth_destination:
root@myportaltech.com
Feb 21 16:36:34 hostname postfix/smtpd[1372]: ctable_locate: leave
existing entry key root@myportaltech.com
Feb 21 16:36:34 hostname postfix/smtpd[1372]: generic_checks:
name=reject_unauth_destination status=0
Feb 21 16:36:34 hostname postfix/smtpd[1372]: generic_checks:
name=check_client_access
Feb 21 16:36:34 hostname postfix/smtpd[1372]: check_namadr_access:
name gate1.mds.com.sg addr 203.126.130.157
Feb 21 16:36:34 hostname postfix/smtpd[1372]: check_domain_access:
gate1.mds.com.sg
Feb 21 16:36:34 hostname postfix/smtpd[1372]: check_table_result:
hash:/etc/postfix/rbl_override OK gate1.mds.com.sg
Feb 21 16:36:34 hostname postfix/smtpd[1372]: generic_checks:
name=check_client_access status=1
Feb 21 16:36:34 hostname postfix/smtpd[1372]: >>> CHECKING RECIPIENT MAPS <<<
Feb 21 16:36:34 hostname postfix/smtpd[1372]: ctable_locate: leave
existing entry key root@myportaltech.com
Feb 21 16:36:34 hostname postfix/smtpd[1372]: maps_find:
recipient_canonical_maps: root@myportaltech.com: not found
Feb 21 16:36:34 hostname postfix/smtpd[1372]: maps_find:
recipient_canonical_maps: root: not found
Feb 21 16:36:34 hostname postfix/smtpd[1372]: maps_find:
recipient_canonical_maps: @myportaltech.com: not found
Feb 21 16:36:34 hostname postfix/smtpd[1372]: mail_addr_find:
root@myportaltech.com -> (not found)
Feb 21 16:36:34 hostname postfix/smtpd[1372]: maps_find:
canonical_maps: root@myportaltech.com: not found
Feb 21 16:36:34 hostname postfix/smtpd[1372]: maps_find:
canonical_maps: root: not found
Feb 21 16:36:34 hostname postfix/smtpd[1372]: maps_find:
canonical_maps: @myportaltech.com: not found
Feb 21 16:36:34 hostname postfix/smtpd[1372]: mail_addr_find:
root@myportaltech.com -> (not found)
Feb 21 16:36:34 hostname postfix/smtpd[1372]: maps_find:
virtual_alias_maps: root@myportaltech.com: not found
Feb 21 16:36:34 hostname postfix/smtpd[1372]: maps_find:
virtual_alias_maps: root: not found
Feb 21 16:36:34 hostname postfix/smtpd[1372]: maps_find:
virtual_alias_maps: @myportaltech.com: not found
Feb 21 16:36:34 hostname postfix/smtpd[1372]: mail_addr_find:
root@myportaltech.com -> (not found)
Feb 21 16:36:34 hostname postfix/smtpd[1372]: >
gate1.mds.com.sg[203.126.130.157]: 250 2.1.5 Ok
Feb 21 16:36:34 hostname postfix/smtpd[1372]: watchdog_pat: 0x80babe8
Feb 21 16:36:34 hostname postfix/smtpd[1372]: <
gate1.mds.com.sg[203.126.130.157]: DATA
Feb 21 16:36:34 hostname postfix/smtpd[1372]: >
gate1.mds.com.sg[203.126.130.157]: 354 End data with <CR><LF>.<CR><LF>
Feb 21 16:36:34 hostname postfix/cleanup[1379]: 8B35C200060:
message-id=B4D798BD8BA6A140B26EF75C1012558D17536A@SGMBX02.mds.corp.int-ads
Feb 21 16:36:34 hostname postfix/qmgr[802]: 8B35C200060:
from=prvs=0266a3f4f=pitong@mds.com.sg, size=1895, nrcpt=2 (queue
active)
Feb 21 16:36:34 hostname postfix/smtpd[1372]: public/cleanup socket:
wanted attribute: status
Feb 21 16:36:34 hostname postfix/smtpd[1372]: input attribute name: status
Feb 21 16:36:34 hostname postfix/smtpd[1372]: input attribute value: 0
Feb 21 16:36:34 hostname postfix/smtpd[1372]: public/cleanup socket:
wanted attribute: reason
Feb 21 16:36:34 hostname postfix/smtpd[1372]: input attribute name: reason
Feb 21 16:36:34 hostname postfix/smtpd[1372]: input attribute value: (end)
Feb 21 16:36:34 hostname postfix/smtpd[1372]: public/cleanup socket:
wanted attribute: (list terminator)
Feb 21 16:36:34 hostname postfix/smtpd[1372]: input attribute name: (end)
Feb 21 16:36:34 hostname postfix/smtpd[1372]: >
gate1.mds.com.sg[203.126.130.157]: 250 2.0.0 Ok: queued as 8B35C200060
Feb 21 16:36:34 hostname postfix/smtpd[1372]: watchdog_pat: 0x80babe8
Feb 21 16:36:39 hostname postfix/smtpd[1372]: <
gate1.mds.com.sg[203.126.130.157]: QUIT
Feb 21 16:36:39 hostname postfix/smtpd[1372]: >
gate1.mds.com.sg[203.126.130.157]: 221 2.0.0 Bye
Feb 21 16:36:39 hostname postfix/smtpd[1372]: match_hostname:
gate1.mds.com.sg ~? 172.18.20.0/24
Feb 21 16:36:39 hostname postfix/smtpd[1372]: match_hostaddr:
203.126.130.157 ~? 172.18.20.0/24
Feb 21 16:36:39 hostname postfix/smtpd[1372]: match_hostname:
gate1.mds.com.sg ~? 127.0.0.0/8
Feb 21 16:36:39 hostname postfix/smtpd[1372]: match_hostaddr:
203.126.130.157 ~? 127.0.0.0/8
Feb 21 16:36:39 hostname postfix/smtpd[1372]: match_hostname:
gate1.mds.com.sg ~? 202.6.163.0/24
Feb 21 16:36:39 hostname postfix/smtpd[1372]: match_hostaddr:
203.126.130.157 ~? 202.6.163.0/24
Feb 21 16:36:39 hostname postfix/smtpd[1372]: match_list_match:
gate1.mds.com.sg: no match
Feb 21 16:36:39 hostname postfix/smtpd[1372]: match_list_match:
203.126.130.157: no match
Feb 21 16:36:39 hostname postfix/smtpd[1372]: send attr request = disconnect
Feb 21 16:36:39 hostname postfix/smtpd[1372]: send attr ident =
smtp:203.126.130.157
Feb 21 16:36:39 hostname postfix/smtpd[1372]: private/anvil: wanted
attribute: status
Feb 21 16:36:39 hostname postfix/smtpd[1372]: input attribute name: status
Feb 21 16:36:39 hostname postfix/smtpd[1372]: input attribute value: 0
Feb 21 16:36:39 hostname postfix/smtpd[1372]: private/anvil: wanted
attribute: (list terminator)
Feb 21 16:36:39 hostname postfix/smtpd[1372]: input attribute name: (end)
Feb 21 16:36:39 hostname postfix/smtpd[1372]: disconnect from
gate1.mds.com.sg[203.126.130.157]
Feb 21 16:37:04 hostname postfix/smtp[1381]: connect to
smtp.myportaltech.com[202.6.163.31]:25: Connection timed out
Feb 21 16:37:04 hostname postfix/smtp[1381]: 8B35C200060:
to=pitong@myportaltech.com, relay=none, delay=30,
delays=0.1/0.01/30/0, dsn=4.4.1, status=deferred (connect to
smtp.myportaltech.com[202.6.163.31]:25: Connection timed out)
Feb 21 16:37:04 hostname postfix/smtp[1381]: 8B35C200060:
to=root@myportaltech.com, relay=none, delay=30,
delays=0.1/0.01/30/0, dsn=4.4.1, status=deferred (connect to
smtp.myportaltech.com[202.6.163.31]:25: Connection timed out)
root@hostname:/var/log [root@hostname log]#
# postconf -n alias_database = hash:/etc/postfix/aliases alias_maps = hash:/etc/postfix/aliases bounce_size_limit = 65536 command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix data_directory = /var/lib/postfix debug_peer_level = 2 debug_peer_list = ncs.com.sg default_privs = nobody header_size_limit = 32768 html_directory = /usr/share/doc/postfix-2.5.6-documentation/html inet_interfaces = all mail_owner = postfix mail_spool_directory = /pop3/spool/mail mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man message_size_limit = 51200000 mydomain = portalcity-tech.com myhostname = nspplss2 mynetworks = 172.18.20.0/24, 127.0.0.0/8, 202.6.163.0/24 # the 172.18.20.0 is the private subnet of my postfix server & 202.6.163.0 is the public subnet myorigin = $mydomain newaliases_path = /usr/bin/newaliases.postfix queue_directory = /pop3/spool/postfix readme_directory = /usr/share/doc/postfix-2.5.6-documentation/readme relay_domains = portalcity-tech.com sample_directory = /etc/postfix sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop smtpd_banner = $myhostname ESMTP POSTFIX smtpd_recipient_limit = 500 smtpd_recipient_restrictions = reject_invalid_hostname, reject_unauth_pipelining, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, check_client_access hash:/etc/postfix/rbl_override, reject_rbl_client multi.uribl.com, reject_rbl_client dsn.rfc-ignorant.org, reject_rbl_client dul.dnsbl.sorbs.net, reject_rbl_client list.dsbl.org, reject_rbl_client sbl-xbl.spamhaus.org, reject_rbl_client bl.spamcop.net, reject_rbl_client dnsbl.sorbs.net, reject_rbl_client cbl.abuseat.org, reject_rbl_client ix.dnsbl.manitu.net, reject_rbl_client combined.rbl.msrbl.net, reject_rbl_client rabl.nuclearelephant.com, permit smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = noanonymous smtpd_timeout = 360 soft_bounce = no unknown_local_recipient_reject_code = 550
+++++++++++++ older version of postfinger +++++++++++++++ # ./postfinger.sh --nowarn postfinger - postfix configuration on Thu Feb 17 10:12:16 SGT 2011 version: 1.30 --System Parameters-- mail_version = 2.5.6 hostname = xxxxxxxx uname = Linux xxxxxxxx 2.6.12.6-xen0 #1 Tue Jan 31 16:03:21 GMT 2006 i686 i686 i386 GNU/Linux --Packaging information-- looks like this postfix comes from RPM package: postfix-2.5.6-1.rhel4 --main.cf non-default parameters-- alias_database = hash:/etc/postfix/aliases alias_maps = hash:/etc/postfix/aliases html_directory = /usr/share/doc/postfix-2.5.6-documentation/html mailq_path = /usr/bin/mailq.postfix mail_spool_directory = /pop3/spool/mail manpage_directory = /usr/share/man mydomain = portalcity-tech.com myhostname = smtp.portalcity-tech.com myorigin = $mydomain newaliases_path = /usr/bin/newaliases.postfix queue_directory = /pop3/spool/postfix readme_directory = /usr/share/doc/postfix-2.5.6-documentation/readme sendmail_path = /usr/sbin/sendmail.postfix smtpd_sasl_auth_enable = yes
On 2011-02-21 7:33 AM, sunhux G wrote:
=================== latest maillog ====================== Feb 21 16:36:34 hostname postfix/smtpd[1372]: input attribute value: 0 Feb 21 16:36:34 hostname postfix/smtpd[1372]: private/rewrite socket: wanted attribute: transport Feb 21 16:36:34 hostname postfix/smtpd[1372]: input attribute name: transport Feb 21 16:36:34 hostname postfix/smtpd[1372]: input attribute value: relay Feb 21 16:36:34 hostname postfix/smtpd[1372]: private/rewrite socket: wanted attribute: nexthop
Please disable verbose logging and resend log excerpts... and never enable it unless asked to do so by an expert. Verbose logging makes reading the logs a thousand times more difficult and rarely is necessary to identify a problem...
--
Best regards,
Charles
In /etc/postfix/master.cf: smtp inet n - n - - smtpd -v
I just have to remove the "-v" & then restart postfix?
I'll only get to do it tomorrow as it's night time now.
Thanks Sun
When I login to take a look this morning, etc/postfix/master.cf already is non-verbose : smtp inet n - n - - smtpd
So whatever I sent previously from maillog is captured based on non-verbose.
Anything else I can provide? Should I reduce the debug_peer_level in main.cf from 2 to 1 ?
Sun
Sending outgoing emails from this dovecot/postfix server is Ok (ie emails received at destination) but incoming mails keep getting the logs below :
smtp.myportaltech.com[202.6.163.31]:25: Connection timed out Feb 21 16:37:04 hostname postfix/smtp[1381]: 8B35C200060: to=recipient_idg@myportaltech.com, relay=none, delay=30, delays=0.1/0.01/30/0, dsn=4.4.1, status=deferred (connect to smtp.myportaltech.com[202.6.163.31]:25: Connection timed out)
From this postfix server, if I tried doing "telnet 202.6.163.31 25" it won't respond. That is the public IP address.
If I issue "telnet private_IP_address 25" , it responds. My firewall colleague said it's not feasible to create a firewall rule from this server to its own external public address - is this a valid comment?
I'm not sure if this is the issue but I've also defined smtp.myportaltech.com in /etc/hosts to point to my server's private address but seems like smtp/postfix (or dovecot?) is still trying to connect to the external private address when it attempts to connect to smtp.myportaltech.com
Thanks Sun
Even if I'm inside the box itself & send emails to myself, it was not received too (despite that sending to external emails including gmail was Ok) :
# mailx -s "tst to localhost" myunixid@localhost < /etc/hosts
# mailx -s "tst to myportaltech" myunixid@myportaltech.com < /etc/hosts
# mailx -s "tst to hostname" myunixid@hostname < /etc/hosts
# mailx -s "tst to local private IP" myunixid@private_IP_addr < /etc/hosts
# su - myunixid $ mailq /var/spool/mqueue is empty Total requests: 0
On Tue, 22 Feb 2011 10:37:58 +0800 sunhux G sunhux@gmail.com articulated:
Sending outgoing emails from this dovecot/postfix server is Ok (ie emails received at destination) but incoming mails keep getting the logs below :
smtp.myportaltech.com[202.6.163.31]:25: Connection timed out Feb 21 16:37:04 hostname postfix/smtp[1381]: 8B35C200060: to=recipient_idg@myportaltech.com, relay=none, delay=30, delays=0.1/0.01/30/0, dsn=4.4.1, status=deferred (connect to smtp.myportaltech.com[202.6.163.31]:25: Connection timed out)
From this postfix server, if I tried doing "telnet 202.6.163.31 25" it won't respond. That is the public IP address.
If I issue "telnet private_IP_address 25" , it responds. My firewall colleague said it's not feasible to create a firewall rule from this server to its own external public address - is this a valid comment?
I'm not sure if this is the issue but I've also defined smtp.myportaltech.com in /etc/hosts to point to my server's private address but seems like smtp/postfix (or dovecot?) is still trying to connect to the external private address when it attempts to connect to smtp.myportaltech.com
You continue to post problems with mail delivery that do not appear to be dovecot related. You are also cross posting between the Postfix forum and this one.
From what I can gleam from your posts, you have tried to make some whole sale changes in the Postfix "main.cf" and now things are messed up. Replace your custom main.cf with the default on. Restart Postfix and see what transpires. Post the results on the Postfix forum where they belong. Do not modify the main.cf with any of your custom modifications until you have first tried it. You may also have to revert to the default master.cf also.
-- Jerry ✌ Dovecot.user@seibercom.net
Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header.
participants (3)
-
Charles Marcus
-
Jerry
-
sunhux G