Lots of Post Fix Issues

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
11 messages Options
Reply | Threaded
Open this post in threaded view
|

Lots of Post Fix Issues

hagensieker
First of all let me say I'm brand new to this and maybe actually have this but have a million questions.

I am running Linux Mint 17
I have installed postfix and dovecot
my hostname is mail.hagensieker.com
Locally everything seems fine.  I can telnet to 25 and connect and read local mail from user to user.
From postfix I can send an email to the outside world from john@mail.hagensieker.com

When I reply from another computer I never get a bounce back email but I've no idea where these emails are going to. They aren't going to user john on this linux box.

I cannot telnet (i.e. telnet IPADDRESS 25).
I uncommented the line in main.cf regarding submission which I understand unblocks 587
Here what happens when I log into telnet localhost 587


I get a subsequent authentication not enabled message.

I'm happy to post any file in order to get some help.  I'm pretty sure my ISP is blocking port 25 so I'm going to have to have postfix receive on some other port.

Any and all help appreciated and please be gentle.....first time mail server guy here.
Reply | Threaded
Open this post in threaded view
|

Re: Lots of Post Fix Issues

Edgar Pettijohn
Are your ports open?
http://www.portchecktool.com/

On 08/11/2014 08:02 PM, hagensieker wrote:

> First of all let me say I'm brand new to this and maybe actually have this
> but have a million questions.
>
> I am running Linux Mint 17
> I have installed postfix and dovecot
> my hostname is mail.hagensieker.com
> Locally everything seems fine.  I can telnet to 25 and connect and read
> local mail from user to user.
> From postfix I can send an email to the outside world from
> [hidden email]
>
> When I reply from another computer I never get a bounce back email but I've
> no idea where these emails are going to. They aren't going to user john on
> this linux box.
>
> I cannot telnet (i.e. telnet IPADDRESS 25).
> I uncommented the line in main.cf regarding submission which I understand
> unblocks 587
> Here what happens when I log into telnet localhost 587
> <http://postfix.1071664.n5.nabble.com/file/n69856/Screenshot_2014-08-12_09.png>
>
> I get a subsequent authentication not enabled message.
>
> I'm happy to post any file in order to get some help.  I'm pretty sure my
> ISP is blocking port 25 so I'm going to have to have postfix receive on some
> other port.
>
> Any and all help appreciated and please be gentle.....first time mail server
> guy here.
>
>
>
> --
> View this message in context: http://postfix.1071664.n5.nabble.com/Lots-of-Post-Fix-Issues-tp69856.html
> Sent from the Postfix Users mailing list archive at Nabble.com.

Reply | Threaded
Open this post in threaded view
|

Re: Lots of Post Fix Issues

hagensieker
I'll check that when I get home.  Thanks.  I do believe it is a port issue because I can send but not receive.
Reply | Threaded
Open this post in threaded view
|

Re: Lots of Post Fix Issues

hagensieker
In reply to this post by Edgar Pettijohn
It shows my ports 25, 143, 587 open.

I can do sendmail someemailaddress.com  and it sends outside.  The config that Thunderbird found is only working outbound.  Still not inbound.  Again I think it is a port.  The test says 25 is working however when I switch to an outside network and go (telnet IP ADDRESS 25) is does nothing.  Or it is my config.

Here is my main.cf

# See /usr/share/postfix/main.cf.dist for a commented, more complete version


# Debian specific:  Specifying a file name will cause the first
# line of that file to be used as the name.  The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

readme_directory = no

# TLS parameters
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.

smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
myhostname = mail.hagensieker.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = mail.hagensieker.com, localhost.hagensieker.com, , localhost
relayhost = [smtpout.secureserver.net]:3535
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl/sasl_passwd
smtp_sasl_security_options = noanonymous




Reply | Threaded
Open this post in threaded view
|

Re: Lots of Post Fix Issues

hagensieker
And here is /var/log/mail.log

One of these is a successful send and the other I believe the failed inbound

Aug 12 14:07:16 mail postfix/smtpd[6849]: connect from localhost[127.0.0.1]
Aug 12 14:07:16 mail postfix/smtpd[6849]: 9ACDA440C86: client=localhost[127.0.0.1]
Aug 12 14:07:16 mail postfix/cleanup[6853]: 9ACDA440C86: message-id=<53E9A104.90209@mail.hagensieker.com>
Aug 12 14:07:16 mail postfix/qmgr[25940]: 9ACDA440C86: from=<john@mail.hagensieker.com>, size=2239, nrcpt=1 (queue active)
Aug 12 14:07:16 mail postfix/smtpd[6849]: disconnect from localhost[127.0.0.1]
Aug 12 14:07:16 mail dovecot: imap-login: Login: user=<john>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=6860, TLS, session=<Oz4ypWcALwB/AAAB>
Aug 12 14:07:28 mail dovecot: imap-login: Login: user=<john>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=6882, TLS, session=<RnXfpWcAMgB/AAAB>
Aug 12 14:07:28 mail postfix/smtp[6854]: 9ACDA440C86: to=<hagensieker@mac.com>, relay=smtpout.secureserver.net[173.201.192.229]:3535, delay=12, delays=0.02/0.01/1.4/11, dsn=2.0.0, status=sent (250 dh7H1o00a0ywFQc01 mail accepted for delivery)
Aug 12 14:07:28 mail postfix/qmgr[25940]: 9ACDA440C86: removed
Aug 12 14:08:08 mail dovecot: imap(john): Error: file_dotlock_create(/var/mail/john) failed: Permission denied (euid=1000(john) egid=1000(john) missing +w perm: /var/mail, we're not in group 8(mail), dir owned by 0:8 mode=0775) (set mail_privileged_group=mail)
Reply | Threaded
Open this post in threaded view
|

Re: Lots of Post Fix Issues

hagensieker
And here is dovecot.conf


## Dovecot configuration file

# If you're in a hurry, see http://wiki2.dovecot.org/QuickConfiguration

# "doveconf -n" command gives a clean output of the changed settings. Use it
# instead of copy&pasting files when posting to the Dovecot mailing list.

# '#' character and everything after it is treated as comments. Extra spaces
# and tabs are ignored. If you want to use either of these explicitly, put the
# value inside quotes, eg.: key = "# char and trailing whitespace  "

# Most (but not all) settings can be overridden by different protocols and/or
# source/destination IPs by placing the settings inside sections, for example:
# protocol imap { }, local 127.0.0.1 { }, remote 10.0.0.0/8 { }

# Default values are shown for each setting, it's not required to uncomment
# those. These are exceptions to this though: No sections (e.g. namespace {})
# or plugin settings are added by default, they're listed only as examples.
# Paths are also just examples with the real defaults being based on configure
# options. The paths listed here are for configure --prefix=/usr
# --sysconfdir=/etc --localstatedir=/var

# Enable installed protocols
!include_try /usr/share/dovecot/protocols.d/*.protocol

# A comma separated list of IPs or hosts where to listen in for connections.
# "*" listens in all IPv4 interfaces, "::" listens in all IPv6 interfaces.
# If you want to specify non-default ports or anything more complex,
# edit conf.d/master.conf.
#listen = *, ::

# Base directory where to store runtime data.
#base_dir = /var/run/dovecot/

# Name of this instance. In multi-instance setup doveadm and other commands
# can use -i <instance_name> to select which instance is used (an alternative
# to -c <config_path>). The instance name is also added to Dovecot processes
# in ps output.
#instance_name = dovecot

# Greeting message for clients.
#login_greeting = Dovecot ready.

# Space separated list of trusted network ranges. Connections from these
# IPs are allowed to override their IP addresses and ports (for logging and
# for authentication checks). disable_plaintext_auth is also ignored for
# these networks. Typically you'd specify your IMAP proxy servers here.
#login_trusted_networks =

# Space separated list of login access check sockets (e.g. tcpwrap)
#login_access_sockets =

# With proxy_maybe=yes if proxy destination matches any of these IPs, don't do
# proxying. This isn't necessary normally, but may be useful if the destination
# IP is e.g. a load balancer's IP.
#auth_proxy_self =

# Show more verbose process titles (in ps). Currently shows user name and
# IP address. Useful for seeing who are actually using the IMAP processes
# (eg. shared mailboxes or if same uid is used for multiple accounts).
#verbose_proctitle = no

# Should all processes be killed when Dovecot master process shuts down.
# Setting this to "no" means that Dovecot can be upgraded without
# forcing existing client connections to close (although that could also be
# a problem if the upgrade is e.g. because of a security fix).
#shutdown_clients = yes

# If non-zero, run mail commands via this many connections to doveadm server,
# instead of running them directly in the same process.
#doveadm_worker_count = 0
# UNIX socket or host:port used for connecting to doveadm server
#doveadm_socket_path = doveadm-server

# Space separated list of environment variables that are preserved on Dovecot
# startup and passed down to all of its child processes. You can also give
# key=value pairs to always set specific settings.
#import_environment = TZ

##
## Dictionary server settings
##

# Dictionary can be used to store key=value lists. This is used by several
# plugins. The dictionary can be accessed either directly or though a
# dictionary server. The following dict block maps dictionary names to URIs
# when the server is used. These can then be referenced using URIs in format
# "proxy::<name>".

dict {
 #quota = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext
 #expire = sqlite:/etc/dovecot/dovecot-dict-sql.conf.ext
}

# Most of the actual configuration gets included below. The filenames are
# first sorted by their ASCII value and parsed in that order. The 00-prefixes
# in filenames are intended to make it easier to understand the ordering.
!include conf.d/*.conf

# A config file can also tried to be included without giving an error if
# it's not found:
!include_try local.conf
Reply | Threaded
Open this post in threaded view
|

Re: Lots of Post Fix Issues

hagensieker
And finally I think I've stumbled on to something that may be the culprit.  DNS.

Again be gentle with me here because I'm in unchartered waters here.

I own two domains

hagensieker.com (GoDaddy)
hagensieker.org  (NameCheap)

My computer hostname is set to mail.hagensieker.com (Is this a problem?)

When I do an dig MX mail.hagensieker.com it fails.  No servers could be reached.

My main.cf file uses the relay host for GoDaddy.  Do I need this relay host?  Can I just make everything hagensieker.org without a relay host?  Or can I somehow or another resolve this inability to receive mail with the way I have things set?

Terribly confused at this point?
Reply | Threaded
Open this post in threaded view
|

Re: Lots of Post Fix Issues

Victoriano Giralt-2
On 08/12/2014 08:08 AM, hagensieker wrote:

> Terribly confused at this point?

Yes. I recommend that you get the excellent "The Postfix book"[1] by
Ralf and Patrick before getting in the world of e-mail and Postfix. Once
you read it cover to cover and understand the concepts, everything will
become crystal clear to you.

[1]http://www.postfix-book.com/

--
Victoriano Giralt                             Central ICT Services
Systems Manager                               University of Malaga
+34952131415                                  SPAIN
==================================================================
Note: signature.asc is the electronic signature of present message
A: Yes.
> Q: Are you sure ?
>> A: Because it reverses the logical flow of conversation.
>>> Q: Why is top posting annoying in email ?


signature.asc (246 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Lots of Post Fix Issues

hagensieker
Ok I am learning.  Here is what i did.  I changed my hostname and /etc/hosts file to reflect hagensieker.org

Then I changed all the appropriate entries in main.cf.

Then changed the host relayhost to the NameCheap relay host.  Then restarted postfix

Then went to Thunderbird on my Linux box and created an account.

It finds an smtp of mail.hagensieker.org and an IMAP server on Port 143 also with mail.hagensieker.org

I can send and receive in both directions.  I think I got it and just didn't understand the DNS thing. I was trying to point to a DNS that wasn't there.

I'm pretty happy about this.  Now I have to figure out how to add some other accounts.
Reply | Threaded
Open this post in threaded view
|

Re: Lots of Post Fix Issues

lists@rhsoft.net
In reply to this post by hagensieker


Am 12.08.2014 um 08:08 schrieb hagensieker:
> And finally I think I've stumbled on to something that may be
> the culprit. DNS.

surely, the outside world needs to deliver to your machine
your MX pints to secureserver.net

> Again be gentle with me here because I'm in unchartered waters here.
>
> I own two domains
>
> hagensieker.com (GoDaddy)
> hagensieker.org  (NameCheap)
>
> My computer hostname is set to mail.hagensieker.com (Is this a problem?)
>
> When I do an dig MX mail.hagensieker.com it fails.  No servers could be
> reached

why would you do this for the hostname instead the domain?
@hagensieker.com != @mail.hagensieker.com

BTW: why 2 CNAMES wrapped around "mail.hagensieker.com"

;; ANSWER SECTION:
hagensieker.com.        3600    IN      MX      0 smtp.secureserver.net.
hagensieker.com.        3600    IN      MX      10 mailstore1.secureserver.net.

;; ANSWER SECTION:
mail.hagensieker.com.   3549    IN      CNAME   pop.secureserver.net.
pop.secureserver.net.   3549    IN      CNAME   pop.where.secureserver.net.
pop.where.secureserver.net. 300 IN      A       72.167.218.192
Reply | Threaded
Open this post in threaded view
|

Re: Lots of Post Fix Issues

Stephen Satchell
In reply to this post by hagensieker
On 08/11/2014 10:17 PM, hagensieker wrote:
> And here is dovecot.conf

How about "/sbin/iptbles -vnL | egrep '((DROP)|(REJECT))" ?

Or, if you are running a mostly-closed firewall configuration, the
output of "/sbin/iptables -vnL | egrep '((:25)|(:143)|(:587))" ?