Hi, I'm a new user of postfix. my case is a little bit particular: my company have rent a server at an ISP. this machine is located at a datacenter of this ISP, in which we have installed RHEL 5 and postfix. the ISP had opened all necessary port: SMTP, POP3, IMAP, WWW... here below the postconf of the server: ------------------------------ alias_database = hash:/etc/postfix/aliases alias_maps = hash:/etc/aliases command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix debug_peer_level = 2 html_directory = no inet_interfaces = all mail_owner = postfix mail_spool_directory = /var/spool/mail mailbox_command = /usr/bin/procmail -a "$EXTENSION" mailq_path = /usr/bin/mailq manpage_directory = /usr/local/man mydestination = $myhostname, localhost.$mydomain,$mydomain ,localhost mydomain = mydomain.com myhostname = hostname.mydomain.com mynetworks = <A onclick="return ShowLinkWarning()" href="http://168.100.189.0/28,127.0.0.0/8,0.0.0.0/32" target=_blank rel=nofollow>168.100.189.0/28,127.0.0.0/8,0 .0.0.0/32 myorigin = $mydomain newaliases_path = /usr/bin/newaliases queue_directory = /var/spool/postfix readme_directory = no sample_directory = /etc/postfix sendmail_path = /usr/sbin/sendmail setgid_group = postdrop unknown_local_recipient_reject _code = 450 ------------------------------ --- My problem is tha I can send emails to outside but I cannot receive emails from outside: I get the error: Technical details of permanent failure: TEMP_FAILURE: The recipient server did not accept our requests to connect. Learn more at http://mail.google.com/support /bin/answer.py? answer=7720 [mail.mydomain.com. (10): Connection refused] the ISP says that there is no problem in his side. is there any thing that I can check/change in my configuration? Thank at advance for your help. Regards, Aziz __________________________________________________ |
aziz knina pisze: <http://mydomain.com/>
> myhostname = hostname.mydomain.com <http://hostname.mydomain.com/> > mynetworks = 168.100.189.0/28,127.0.0.0/8,0 .0.0.0/32 > <http://168.100.189.0/28,127.0.0.0/8,0.0.0.0/32> ^^^^ 0 .0.0.0/32 ? Delete it. > TEMP_FAILURE: The recipient server did not accept our requests to > connect. Learn more at http://mail.google.com/support /bin/answer.py > <http://mail.google.com/support/bin/answer.py>? > answer=7720 > [mail.mydomain.com <http://mail.mydomain.com/>. (10): Connection refused] This says nothing. Send portion of your logfile with errors on trying to receive message. P. |
In reply to this post by aziz knina-2
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512 aziz knina wrote: | is there any thing that I can check/change in my configuration? Get the MX records for the domain, then try connecting to port 25 on them. Also, verify that the IP address[es] they resolve to are the correct IP addresses. Also, "mail.mydomain.com" and "hostname.mydomain.com" should be the same. Is not easy to help with a problem when all useful details have been removed... - -- Arturo "Buanzo" Busleiman Reliable inter-continental Mail Relay Service - Ask me! Independent Security Consultant - SANS - OISSG http://www.buanzo.com.ar/pro/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFIGGIEAlpOsGhXcE0RCld3AJ4n7on9UfrgMy2RqCLGtGjPphm5ywCggwzm eJpN+GdgZ/ONrX9QVqIf3Hs= =Ummh -----END PGP SIGNATURE----- |
In reply to this post by aziz knina-2
aziz knina wrote:
> Hi, > > I'm a new user of postfix. > my case is a little bit particular: my company have rent a server at > an ISP. > this machine is located at a datacenter of this ISP, in which we have > installed RHEL 5 and postfix. > > My problem is tha I can send emails to outside but I cannot receive > emails from outside: I get the error: > Technical details of permanent failure: > > TEMP_FAILURE: The recipient server did not accept our requests to > connect. Learn more at http://mail.google.com/support /bin/answer.py > <http://mail.google.com/support/bin/answer.py>? > answer=7720 > [mail.mydomain.com <http://mail.mydomain.com/>. (10): Connection refused] > > the ISP says that there is no problem in his side. > > is there any thing that I can check/change in my configuration? Post the lines from /var/log/maillog that show the connection being rejected. Without the log, it's difficult to help. Terry |
On Wed, 2008-04-30 at 09:16 -0400, Terry Carmen wrote:
> aziz knina wrote: > > Hi, > > > > I'm a new user of postfix. > > my case is a little bit particular: my company have rent a server at > > an ISP. > > this machine is located at a datacenter of this ISP, in which we have > > installed RHEL 5 and postfix. > > > > My problem is tha I can send emails to outside but I cannot receive > > emails from outside: I get the error: > > Technical details of permanent failure: > > > > TEMP_FAILURE: The recipient server did not accept our requests to > > connect. Learn more at http://mail.google.com/support /bin/answer.py > > <http://mail.google.com/support/bin/answer.py>? > > answer=7720 > > [mail.mydomain.com <http://mail.mydomain.com/>. (10): Connection refused] > > > > the ISP says that there is no problem in his side. > > > > is there any thing that I can check/change in my configuration? > > Post the lines from /var/log/maillog that show the connection being > rejected. > > Without the log, it's difficult to help. > If the connecting mx gets a "connection refused", how could there be anything about it in the postfix logs? Could postfix even do something like that (I mean refuse without providing a reason)? Aziz, are you sure your port 25 is world-reachable? Did you try telnet-ing to it from the outside? Andrea |
> If the connecting mx gets a "connection refused", how could there be > anything about it in the postfix logs? Could postfix even do something > like that (I mean refuse without providing a reason)? > > Aziz, are you sure your port 25 is world-reachable? Did you try > telnet-ing to it from the outside? > Cite from google help (given in rejected mail bounce): 'The recipient server did not accept our requests...' This error message indicates that we've attempted to make a connection with your recipient's server but didn't receive a reply. Some possible causes include the following: * The other domain doesn't have up-to-date MX records or is otherwise misconfigured. * The other domain is blacklisting or graylisting messages from Gmail. * The other domain is experiencing temporary networking problems. I still believe that aziz knina should check logs. P. |
In reply to this post by aziz knina-2
aziz knina wrote:
> Hi, > > I'm a new user of postfix. > my case is a little bit particular: my company have rent a server at > an ISP. > this machine is located at a datacenter of this ISP, in which we have > installed RHEL 5 and postfix. > > the ISP had opened all necessary port: SMTP, POP3, IMAP, WWW... > here below the postconf of the server: > ------------------------------ > alias_database = hash:/etc/postfix/aliases > alias_maps = hash:/etc/aliases > command_directory = /usr/sbin > config_directory = /etc/postfix > daemon_directory = /usr/libexec/postfix > debug_peer_level = 2 > html_directory = no > inet_interfaces = all > mail_owner = postfix > mail_spool_directory = /var/spool/mail > mailbox_command = /usr/bin/procmail -a "$EXTENSION" > mailq_path = /usr/bin/mailq > manpage_directory = /usr/local/man > mydestination = $myhostname, localhost.$mydomain,$mydomain ,localhost > mydomain = mydomain.com <http://mydomain.com/> > myhostname = hostname.mydomain.com <http://hostname.mydomain.com/> Hopefully these are set to the domain you are accepting mail for. > mynetworks = 168.100.189.0/28,127.0.0.0/8,0 .0.0.0/32 > <http://168.100.189.0/28,127.0.0.0/8,0.0.0.0/32> > myorigin = $mydomain > newaliases_path = /usr/bin/newaliases > queue_directory = /var/spool/postfix > readme_directory = no > sample_directory = /etc/postfix > sendmail_path = /usr/sbin/sendmail > setgid_group = postdrop > unknown_local_recipient_reject _code = 450 > ------------------------------ --- > > My problem is tha I can send emails to outside but I cannot receive > emails from outside: I get the error: > Technical details of permanent failure: > > TEMP_FAILURE: The recipient server did not accept our requests to > connect. Learn more at http://mail.google.com/support /bin/answer.py > <http://mail.google.com/support/bin/answer.py>? > answer=7720 > [mail.mydomain.com <http://mail.mydomain.com/>. (10): Connection refused] > > the ISP says that there is no problem in his side. > > is there any thing that I can check/change in my configuration? > > Thank at advance for your help. > > Regards, > Aziz > > _________________________________________________ > telnet $yourmailserver 25 Then send a message. or nmap -v -p 25 -P0 -sS $yourmailserver Is port 25 open? |
In reply to this post by aziz knina-2
aziz knina wrote:
> Hi, > > I'm a new user of postfix. > my case is a little bit particular: my company have rent a server at > an ISP. > this machine is located at a datacenter of this ISP, in which we have > installed RHEL 5 and postfix. > > the ISP had opened all necessary port: SMTP, POP3, IMAP, WWW... > here below the postconf of the server: > ------------------------------ > alias_database = hash:/etc/postfix/aliases > alias_maps = hash:/etc/aliases > command_directory = /usr/sbin > config_directory = /etc/postfix > daemon_directory = /usr/libexec/postfix > debug_peer_level = 2 > html_directory = no > inet_interfaces = all > mail_owner = postfix > mail_spool_directory = /var/spool/mail > mailbox_command = /usr/bin/procmail -a "$EXTENSION" > mailq_path = /usr/bin/mailq > manpage_directory = /usr/local/man > mydestination = $myhostname, localhost.$mydomain,$mydomain ,localhost > mydomain = mydomain.com > what is "mydomain.com"? if you did not hide your domain, people here could connect and give you much information... > myhostname = hostname.mydomain.com > mynetworks = 168.100.189.0/28,127.0.0.0/8,0 .0.0.0/32 > replace this with mynetworks = 127.0.0.1/32 until you have read the docs. note that docs may contain examples that you shouldn't copy verbatim. > [snip] > ------------------------------ --- > > My problem is tha I can send emails to outside but I cannot receive > emails from outside: I get the error: > Technical details of permanent failure: > > TEMP_FAILURE: The recipient server did not accept our requests to > connect. Learn more at http://mail.google.com/support /bin/answer.py? > answer=7720 > [mail.mydomain.com. (10): Connection refused] > Is postfix listening on the external IP? (use netstat, lsof, ... to see that)? If postfix is listening, then it's probably a firewall that is blocking access. it may be iptables running on the same machine. > the ISP says that there is no problem in his side. > > is there any thing that I can check/change in my configuration? > > Thank at advance for your help. > > Regards, > Aziz > > > __________________________________________________ > Do You Yahoo!? > En finir avec le spam? Yahoo! Mail vous offre la meilleure protection possible contre les messages non sollicités > http://mail.yahoo.fr Yahoo! Mail > |
Once again. Logfile sent on Apr 30th says:
Apr 27 04:02:03 dedie53 postfix/local[836]: 6EEE69580F: to=<[hidden email]>, orig_to=<root>, relay=local, delay=0.47, delays=0.38/0.03/0/0.05, dsn=5.2.0, status=bounced (can't create user output file. Command output: procmail: Couldn't create "/var/mail/nobody" ) So my guess is that /var/mail directory has wrong permission. Until this is fixed we shouldn't speculate what else is wrong. P. |
Paweł Leśniak wrote:
> Once again. Logfile sent on Apr 30th says: > > Apr 27 04:02:03 dedie53 postfix/local[836]: 6EEE69580F: > to=<[hidden email]>, orig_to=<root>, relay=local, delay=0.47, > delays=0.38/0.03/0/0.05, dsn=5.2.0, status=bounced (can't create user > output file. Command output: procmail: Couldn't create > "/var/mail/nobody" ) > > So my guess is that /var/mail directory has wrong permission. Until > this is fixed we shouldn't speculate what else is wrong. This is a problem that must be fixed, but this doesn't explain "connection refused" and the fact that he can send mail. Incidentally, I get a timeout: $ telnet 81.192.52.65 25 Trying 81.192.52.65... telnet: connect to address 81.192.52.65: Operation timed out telnet: Unable to connect to remote host so procmail is not reached. |
> > This is a problem that must be fixed, but this doesn't explain > "connection refused" and the fact that he can send mail. As long as this is not corrected, we can't say this doesn't explain sth. Connection refused can happen if server is overloaded. And this can happen when server produces lots of email (from cron jobs for example) which can't be delivered. You think of really complicated problems (I can see from your previous posts you are good with solving them). Here is a problem sent by user who has some problems with doing really not so complicated checks. That was pointed out by someone before. > Incidentally, I get a timeout: > > $ telnet 81.192.52.65 25 > Trying 81.192.52.65... > telnet: connect to address 81.192.52.65: Operation timed out > telnet: Unable to connect to remote host > > so procmail is not reached. OK You are absolutely right about procmail. But You can't say that postfix is not running or port is blocked on firewall, because we know nothing about state of this server. Maybe it's overloaded. Maybe it's down for some reason. We just have no information about it right now. I'd rather correct obvious errors, as long as we see ones, before thinking of other possible problems. P. |
* Paweł Leśniak <[hidden email]> [2008-05-03 23:10:27 +0200]:
[...] >> $ telnet 81.192.52.65 25 >> Trying 81.192.52.65... >> telnet: connect to address 81.192.52.65: Operation timed out >> telnet: Unable to connect to remote host >> >> so procmail is not reached. > OK You are absolutely right about procmail. But You can't say that postfix > is not running or port is blocked on firewall, because we know nothing > about state of this server. Maybe it's overloaded. Maybe it's down for some > reason. We just have no information about it right now. I'd rather correct > obvious errors, as long as we see ones, before thinking of other possible > problems. Actually, we *do* have about the system. Port 25 is unreachable from the outside. You need to figure out why that is and fix it. -- Sahil Tandon <[hidden email]> |
> Actually, we *do* have about the system. Port 25 is unreachable from the > outside. You need to figure out why that is and fix it. > Actually *we* do not. Aziz Knina can have any knowledge about it, because it's his thread. You are saying port 25 is unreachable. And others? Do You know whether machine is up right now? P. |
* Paweł Leśniak <[hidden email]> [2008-05-04 10:28:07 +0200]:
>> Actually, we *do* have about the system. Port 25 is unreachable from the >> outside. You need to figure out why that is and fix it. >> > Actually *we* do not. Aziz Knina can have any knowledge about it, because > it's his thread. > You are saying port 25 is unreachable. And others? Do You know whether > machine is up right now? I did not speculate on other ports; I said port 25 is unreachable from the outside, the latter defined as at least the machines from which mouss and I tried to access said port. This is fact. -- Sahil Tandon <[hidden email]> |
Free forum by Nabble | Edit this page |