Postfix not accepting remote connections

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
24 messages Options
12
Reply | Threaded
Open this post in threaded view
|

Postfix not accepting remote connections

Sam Flint
my postfix will not accept remote connections, but it will accept local.

postconf -n:
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
home_mailbox = Maildir/
inet_interfaces = all
inet_protocols = ipv4, ipv6
message_size_limit = 30720000
mydestination = $myhostname, localhost, localhost.localdomain
mydomain = flintfam.org
myhostname = mail.flintfam.org
mynetworks = all
myorigin = $mydomain
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virt                                                                                        ual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipien                                                                                        t_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonica                                                                                        l_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps
relay_domains = .com .org .net .info $mydestination
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, rej                                                                                        ect_unauth_destination, permit
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_path = private/auth
smtpd_sasl_type = dovecot
smtpd_tls_cert_file = /etc/pki/dovecot/certs/dovecot.pem
smtpd_tls_key_file = /etc/pki/dovecot/private/dovecot.pem
smtpd_use_tls = yes
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, mysq                                                                                        l:/etc/postfix/mysql-virtual_email2email.cf
virtual_gid_maps = static:5000
virtual_mailbox_base = /home/vmail
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
virtual_transport = dovecot
virtual_uid_maps = static:5000

Log entry:
none.

Sam
Reply | Threaded
Open this post in threaded view
|

Re: Postfix not accepting remote connections

Simon Brereton-3


On 19 Jul 2013 23:28, "Sam Flint" <[hidden email]> wrote:
>
> my postfix will not accept remote connections, but it will accept local.
>
> postconf -n:
> broken_sasl_auth_clients = yes
> config_directory = /etc/postfix
> home_mailbox = Maildir/
> inet_interfaces = all
> inet_protocols = ipv4, ipv6
> message_size_limit = 30720000
> mydestination = $myhostname, localhost, localhost.localdomain
> mydomain = flintfam.org
> myhostname = mail.flintfam.org
> mynetworks = all
> myorigin = $mydomain
> proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virt                                                                                        ual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipien                                                                                        t_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonica                                                                                        l_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps
> relay_domains = .com .org .net .info $mydestination
> smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, rej                                                                                        ect_unauth_destination, permit

So, you permit your networks, and if that condition is satisfied, you permit if sasl authenticated, and if that's satisfied you reject non-local domains.

Do you see the issue?

Simon

> smtpd_sasl_auth_enable = yes
> smtpd_sasl_authenticated_header = yes
> smtpd_sasl_path = private/auth
> smtpd_sasl_type = dovecot
> smtpd_tls_cert_file = /etc/pki/dovecot/certs/dovecot.pem
> smtpd_tls_key_file = /etc/pki/dovecot/private/dovecot.pem
> smtpd_use_tls = yes
> virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, mysq                                                                                        l:/etc/postfix/mysql-virtual_email2email.cf
> virtual_gid_maps = static:5000
> virtual_mailbox_base = /home/vmail
> virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
> virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
> virtual_transport = dovecot
> virtual_uid_maps = static:5000
>
> Log entry:
> none.
>
> Sam
>
> --
> Sam Flint
> flintfam.org/~swflint

Reply | Threaded
Open this post in threaded view
|

Re: Postfix not accepting remote connections

Sam Flint
I see, but it does nothing.

Sam


On Fri, Jul 19, 2013 at 4:32 PM, Simon B <[hidden email]> wrote:


On 19 Jul 2013 23:28, "Sam Flint" <[hidden email]> wrote:
>
> my postfix will not accept remote connections, but it will accept local.
>
> postconf -n:
> broken_sasl_auth_clients = yes
> config_directory = /etc/postfix
> home_mailbox = Maildir/
> inet_interfaces = all
> inet_protocols = ipv4, ipv6
> message_size_limit = 30720000
> mydestination = $myhostname, localhost, localhost.localdomain
> mydomain = flintfam.org
> myhostname = mail.flintfam.org
> mynetworks = all
> myorigin = $mydomain
> proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virt                                                                                        ual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipien                                                                                        t_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonica                                                                                        l_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps
> relay_domains = .com .org .net .info $mydestination
> smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, rej                                                                                        ect_unauth_destination, permit

So, you permit your networks, and if that condition is satisfied, you permit if sasl authenticated, and if that's satisfied you reject non-local domains.

Do you see the issue?

Simon

> smtpd_sasl_auth_enable = yes
> smtpd_sasl_authenticated_header = yes
> smtpd_sasl_path = private/auth
> smtpd_sasl_type = dovecot
> smtpd_tls_cert_file = /etc/pki/dovecot/certs/dovecot.pem
> smtpd_tls_key_file = /etc/pki/dovecot/private/dovecot.pem
> smtpd_use_tls = yes
> virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, mysq                                                                                        l:/etc/postfix/mysql-virtual_email2email.cf
> virtual_gid_maps = static:5000
> virtual_mailbox_base = /home/vmail
> virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
> virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
> virtual_transport = dovecot
> virtual_uid_maps = static:5000
>
> Log entry:
> none.
>
> Sam
>
> --
> Sam Flint
> flintfam.org/~swflint




--
Sam Flint
flintfam.org/~swflint
Reply | Threaded
Open this post in threaded view
|

Re: Postfix not accepting remote connections

Noel Jones-2
In reply to this post by Sam Flint
On 7/19/2013 4:26 PM, Sam Flint wrote:
> my postfix will not accept remote connections, but it will accept local.

Some linux distros configure postfix to only listen on localhost,
forcing you to edit master.cf to listen remotely.

Look for a line in msater.cf something like:
127.0.0.1:smtp inet  n  -  n  -  -  smtpd

and take out the 127.0.0.1: part so the line starts with "smtp inet"
smtp inet  n  -  n  -  -  smtpd

Then do a "postfix stop ; postfix start"


  -- Noel Jones



>
> postconf -n:
> broken_sasl_auth_clients = yes
> config_directory = /etc/postfix
> home_mailbox = Maildir/
> inet_interfaces = all
> inet_protocols = ipv4, ipv6
> message_size_limit = 30720000
> mydestination = $myhostname, localhost, localhost.localdomain
> mydomain = flintfam.org <http://flintfam.org>
> myhostname = mail.flintfam.org <http://mail.flintfam.org>
> mynetworks = all
> myorigin = $mydomain
> proxy_read_maps = $local_recipient_maps $mydestination
> $virtual_alias_maps
> $virt                                                                                      
> ual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains
> $relay_recipien                                                                                      
> t_maps $relay_domains $canonical_maps $sender_canonical_maps
> $recipient_canonica                                                                                      
> l_maps $relocated_maps $transport_maps $mynetworks
> $virtual_mailbox_limit_maps
> relay_domains = .com .org .net .info $mydestination
> smtpd_recipient_restrictions = permit_mynetworks,
> permit_sasl_authenticated,
> rej                                                                                      
> ect_unauth_destination, permit
> smtpd_sasl_auth_enable = yes
> smtpd_sasl_authenticated_header = yes
> smtpd_sasl_path = private/auth
> smtpd_sasl_type = dovecot
> smtpd_tls_cert_file = /etc/pki/dovecot/certs/dovecot.pem
> smtpd_tls_key_file = /etc/pki/dovecot/private/dovecot.pem
> smtpd_use_tls = yes
> virtual_alias_maps =
> proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf
> <http://mysql-virtual_forwardings.cf>,
> mysq                                                                                      
> l:/etc/postfix/mysql-virtual_email2email.cf
> <http://mysql-virtual_email2email.cf>
> virtual_gid_maps = static:5000
> virtual_mailbox_base = /home/vmail
> virtual_mailbox_domains =
> proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
> <http://mysql-virtual_domains.cf>
> virtual_mailbox_maps =
> proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
> <http://mysql-virtual_mailboxes.cf>
> virtual_transport = dovecot
> virtual_uid_maps = static:5000
>
> Log entry:
> none.
>
> Sam
>
> --
> Sam Flint
> flintfam.org/~swflint <http://flintfam.org/~swflint>

Reply | Threaded
Open this post in threaded view
|

Re: Postfix not accepting remote connections

Sam Flint
it's already like that



On Fri, Jul 19, 2013 at 4:42 PM, Noel Jones <[hidden email]> wrote:
On 7/19/2013 4:26 PM, Sam Flint wrote:
> my postfix will not accept remote connections, but it will accept local.

Some linux distros configure postfix to only listen on localhost,
forcing you to edit master.cf to listen remotely.

Look for a line in msater.cf something like:
127.0.0.1:smtp inet  n  -  n  -  -  smtpd

and take out the 127.0.0.1: part so the line starts with "smtp inet"
smtp inet  n  -  n  -  -  smtpd

Then do a "postfix stop ; postfix start"


  -- Noel Jones



>
> postconf -n:
> broken_sasl_auth_clients = yes
> config_directory = /etc/postfix
> home_mailbox = Maildir/
> inet_interfaces = all
> inet_protocols = ipv4, ipv6
> message_size_limit = 30720000
> mydestination = $myhostname, localhost, localhost.localdomain
> mydomain = flintfam.org <http://flintfam.org>
> myhostname = mail.flintfam.org <http://mail.flintfam.org>
> mynetworks = all
> myorigin = $mydomain
> proxy_read_maps = $local_recipient_maps $mydestination
> $virtual_alias_maps
> $virt
> ual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains
> $relay_recipien
> t_maps $relay_domains $canonical_maps $sender_canonical_maps
> $recipient_canonica
> l_maps $relocated_maps $transport_maps $mynetworks
> $virtual_mailbox_limit_maps
> relay_domains = .com .org .net .info $mydestination
> smtpd_recipient_restrictions = permit_mynetworks,
> permit_sasl_authenticated,
> rej
> ect_unauth_destination, permit
> smtpd_sasl_auth_enable = yes
> smtpd_sasl_authenticated_header = yes
> smtpd_sasl_path = private/auth
> smtpd_sasl_type = dovecot
> smtpd_tls_cert_file = /etc/pki/dovecot/certs/dovecot.pem
> smtpd_tls_key_file = /etc/pki/dovecot/private/dovecot.pem
> smtpd_use_tls = yes
> virtual_alias_maps =
> proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf
> <http://mysql-virtual_forwardings.cf>,
> mysq
> l:/etc/postfix/mysql-virtual_email2email.cf
> <http://mysql-virtual_email2email.cf>
> virtual_gid_maps = static:5000
> virtual_mailbox_base = /home/vmail
> virtual_mailbox_domains =
> proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
> <http://mysql-virtual_domains.cf>
> virtual_mailbox_maps =
> proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
> <http://mysql-virtual_mailboxes.cf>
> virtual_transport = dovecot
> virtual_uid_maps = static:5000
>
> Log entry:
> none.
>
> Sam
>
> --
> Sam Flint
> flintfam.org/~swflint <http://flintfam.org/~swflint>




--
Sam Flint
flintfam.org/~swflint
Reply | Threaded
Open this post in threaded view
|

Re: Postfix not accepting remote connections

Noel Jones-2
In reply to this post by Simon Brereton-3

>> relay_domains = .com .org .net .info $mydestination

The above is very bad, change it to empty:

relay_domains =


>> smtpd_recipient_restrictions = permit_mynetworks,
> permit_sasl_authenticated,
> rej                                                                                      
> ect_unauth_destination, permit
>
> So, you permit your networks, and if that condition is satisfied,
> you permit if sasl authenticated, and if that's satisfied you reject
> non-local domains.
>
> Do you see the issue?

No issue with this entry, this is normal.  (well, the final "permit"
is unneeded, but won't hurt anything.)



  -- Noel Jones
Reply | Threaded
Open this post in threaded view
|

Re: Postfix not accepting remote connections

Simon Brereton-3
In reply to this post by Sam Flint


On 19 Jul 2013 23:39, "Sam Flint" <[hidden email]> wrote:
>
> I see, but it does nothing.
>

Don't top-post please.

Rob explained this perfectly in the archives..

http://postfix.1071664.n5.nabble.com/smtpd-recipient-restrictions-Best-Practices-td10171.html

> Sam
>
>
> On Fri, Jul 19, 2013 at 4:32 PM, Simon B <[hidden email]> wrote:
>>
>>
>> On 19 Jul 2013 23:28, "Sam Flint" <[hidden email]> wrote:
>> >
>> > my postfix will not accept remote connections, but it will accept local.
>> >
>> > postconf -n:
>> > broken_sasl_auth_clients = yes
>> > config_directory = /etc/postfix
>> > home_mailbox = Maildir/
>> > inet_interfaces = all
>> > inet_protocols = ipv4, ipv6
>> > message_size_limit = 30720000
>> > mydestination = $myhostname, localhost, localhost.localdomain
>> > mydomain = flintfam.org
>> > myhostname = mail.flintfam.org
>> > mynetworks = all
>> > myorigin = $mydomain
>> > proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virt                                                                                        ual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipien                                                                                        t_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonica                                                                                        l_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps
>> > relay_domains = .com .org .net .info $mydestination
>> > smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, rej                                                                                        ect_unauth_destination, permit
>>
>> So, you permit your networks, and if that condition is satisfied, you permit if sasl authenticated, and if that's satisfied you reject non-local domains.
>>
>> Do you see the issue?
>>
>> Simon
>>
>> > smtpd_sasl_auth_enable = yes
>> > smtpd_sasl_authenticated_header = yes
>> > smtpd_sasl_path = private/auth
>> > smtpd_sasl_type = dovecot
>> > smtpd_tls_cert_file = /etc/pki/dovecot/certs/dovecot.pem
>> > smtpd_tls_key_file = /etc/pki/dovecot/private/dovecot.pem
>> > smtpd_use_tls = yes
>> > virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, mysq                                                                                        l:/etc/postfix/mysql-virtual_email2email.cf
>> > virtual_gid_maps = static:5000
>> > virtual_mailbox_base = /home/vmail
>> > virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
>> > virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
>> > virtual_transport = dovecot
>> > virtual_uid_maps = static:5000
>> >
>> > Log entry:
>> > none.
>> >
>> > Sam
>> >
>> > --
>> > Sam Flint
>> > flintfam.org/~swflint
>
>
>
>
> --
> Sam Flint
> flintfam.org/~swflint

Reply | Threaded
Open this post in threaded view
|

Re: Postfix not accepting remote connections

Sam Flint
In reply to this post by Noel Jones-2
Still nothing


On Fri, Jul 19, 2013 at 4:46 PM, Noel Jones <[hidden email]> wrote:

>> relay_domains = .com .org .net .info $mydestination

The above is very bad, change it to empty:

relay_domains =


>> smtpd_recipient_restrictions = permit_mynetworks,
> permit_sasl_authenticated,
> rej
> ect_unauth_destination, permit
>
> So, you permit your networks, and if that condition is satisfied,
> you permit if sasl authenticated, and if that's satisfied you reject
> non-local domains.
>
> Do you see the issue?

No issue with this entry, this is normal.  (well, the final "permit"
is unneeded, but won't hurt anything.)



  -- Noel Jones



--
Sam Flint
flintfam.org/~swflint
Reply | Threaded
Open this post in threaded view
|

Re: Postfix not accepting remote connections

Noel Jones-2
In reply to this post by Sam Flint
On 7/19/2013 4:45 PM, Sam Flint wrote:
> it's already like that
>

stop top posting.


Sorry, my crystal ball is at the cleaners. Maybe start with
describing how you're testing.

Also note some ISPs block port 25 on "consumer" connections, making
running or testing a mail server impossible. You didn't mention what
kind of connection you have.

Also, master.cf contents, and netstat or lsof output showing what's
listening on port 25 might be helpful.



  -- Noel Jones
Reply | Threaded
Open this post in threaded view
|

Re: Postfix not accepting remote connections

Noel Jones-2
In reply to this post by Simon Brereton-3
On 7/19/2013 4:46 PM, Simon B wrote:

>
> On 19 Jul 2013 23:39, "Sam Flint" <[hidden email]
> <mailto:[hidden email]>> wrote:
>>
>> I see, but it does nothing.
>>
>
> Don't top-post please.
>
> Rob explained this perfectly in the archives..
>
> http://postfix.1071664.n5.nabble.com/smtpd-recipient-restrictions-Best-Practices-td10171.html

Simon,

You're solving the wrong problem.  The OP's postfix is not
accessible from outside. This has nothing to do with with
smtpd_recipient_restrictions.


  -- Noel Jones
Reply | Threaded
Open this post in threaded view
|

Re: Postfix not accepting remote connections

Sam Flint
In reply to this post by Noel Jones-2
I'm running on a linode, and I'm sorry.

Netstat:
Proto Recv-Q Send-Q Local Address               Foreign Address             State
tcp        0    232 flintfam.org:ssh            ip98-161-54-206.om.om:52460 ESTABLISHED
tcp        0      0 localhost:44273             localhost:mysql             TIME_WAIT
tcp        0      0 flintfam.org:http           89-145-108-208.as2901:47988 TIME_WAIT
tcp        0      0 flintfam.org:http           89-145-108-208.as2901:47975 TIME_WAIT
Active UNIX domain sockets (w/o servers)
Proto RefCnt Flags       Type       State         I-Node Path
unix  10     [ ]         DGRAM                    7440743 /dev/log
unix  2      [ ]         DGRAM                    415    @/org/kernel/udev/udevd
unix  3      [ ]         STREAM     CONNECTED     8377567
unix  2      [ ]         DGRAM                    8377484
unix  2      [ ]         DGRAM                    7451169
unix  3      [ ]         STREAM     CONNECTED     8377566
unix  3      [ ]         STREAM     CONNECTED     8377572
unix  3      [ ]         STREAM     CONNECTED     8377569
unix  3      [ ]         STREAM     CONNECTED     8377570
unix  3      [ ]         STREAM     CONNECTED     2424
unix  3      [ ]         STREAM     CONNECTED     2425
unix  2      [ ]         DGRAM                    7466181
unix  3      [ ]         STREAM     CONNECTED     1963   /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     2427
unix  3      [ ]         DGRAM                    419
unix  3      [ ]         DGRAM                    418
unix  3      [ ]         STREAM     CONNECTED     8377519
unix  3      [ ]         STREAM     CONNECTED     8377545
unix  3      [ ]         STREAM     CONNECTED     2600219
unix  3      [ ]         STREAM     CONNECTED     8377546
unix  2      [ ]         DGRAM                    2600213
unix  3      [ ]         STREAM     CONNECTED     8377518
unix  3      [ ]         STREAM     CONNECTED     8377548
unix  3      [ ]         STREAM     CONNECTED     8377524
unix  3      [ ]         STREAM     CONNECTED     8377542
unix  3      [ ]         STREAM     CONNECTED     8377521
unix  3      [ ]         STREAM     CONNECTED     8377543
unix  3      [ ]         STREAM     CONNECTED     8377522
unix  3      [ ]         STREAM     CONNECTED     2600220
unix  2      [ ]         DGRAM                    8367934
unix  3      [ ]         STREAM     CONNECTED     8377531
unix  3      [ ]         STREAM     CONNECTED     8377530
unix  3      [ ]         STREAM     CONNECTED     8377528
unix  3      [ ]         STREAM     CONNECTED     8377527
unix  3      [ ]         STREAM     CONNECTED     8377525
unix  3      [ ]         STREAM     CONNECTED     8377573
unix  3      [ ]         STREAM     CONNECTED     8377576
unix  3      [ ]         STREAM     CONNECTED     8377575
unix  2      [ ]         DGRAM                    8377284
unix  3      [ ]         STREAM     CONNECTED     8377551
unix  3      [ ]         STREAM     CONNECTED     8319
unix  3      [ ]         STREAM     CONNECTED     8377552
unix  3      [ ]         STREAM     CONNECTED     8377549
unix  2      [ ]         DGRAM                    8367964
unix  3      [ ]         STREAM     CONNECTED     8377555
unix  3      [ ]         STREAM     CONNECTED     8377505
unix  3      [ ]         STREAM     CONNECTED     8377554
unix  3      [ ]         STREAM     CONNECTED     8377563
unix  3      [ ]         STREAM     CONNECTED     8377564
unix  3      [ ]         STREAM     CONNECTED     8377561
unix  2      [ ]         DGRAM                    2602460
unix  3      [ ]         STREAM     CONNECTED     8377560
unix  3      [ ]         STREAM     CONNECTED     8377557
unix  2      [ ]         DGRAM                    2538
unix  3      [ ]         STREAM     CONNECTED     8377508
unix  3      [ ]         STREAM     CONNECTED     8377558
unix  2      [ ]         DGRAM                    908
unix  3      [ ]         STREAM     CONNECTED     8377516
unix  3      [ ]         STREAM     CONNECTED     8377536
unix  3      [ ]         STREAM     CONNECTED     8377515
unix  3      [ ]         STREAM     CONNECTED     8377533
unix  3      [ ]         STREAM     CONNECTED     8377534
unix  3      [ ]         STREAM     CONNECTED     8377513
unix  3      [ ]         STREAM     CONNECTED     2519   /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     8377539
unix  3      [ ]         STREAM     CONNECTED     8377512
unix  3      [ ]         STREAM     CONNECTED     8377540
unix  3      [ ]         STREAM     CONNECTED     8377511
unix  3      [ ]         STREAM     CONNECTED     8377537
unix  3      [ ]         STREAM     CONNECTED     8377510
unix  2      [ ]         DGRAM                    8370780
unix  3      [ ]         STREAM     CONNECTED     8365739
unix  3      [ ]         STREAM     CONNECTED     8377653 /var/run/dovecot/anvil-auth-penalty
unix  3      [ ]         STREAM     CONNECTED     8377507
unix  2      [ ]         DGRAM                    4939556
unix  3      [ ]         STREAM     CONNECTED     8377506
unix  2      [ ]         DGRAM                    6504
unix  2      [ ]         DGRAM                    8376675

master.cf:
#
# Postfix master process configuration file.  For details on the format
# of the file, see the master(5) manual page (command: "man 5 master").
#
# Do not forget to execute "postfix reload" after editing this file.
#
# ==========================================================================
# service type  private unpriv  chroot  wakeup  maxproc command + args
#               (yes)   (yes)   (yes)   (never) (100)
# ==========================================================================
smtp      inet  n       -       n       -       -       smtpd
#submission inet n       -       n       -       -       smtpd
#  -o smtpd_tls_security_level=encrypt
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#  -o milter_macro_daemon_name=ORIGINATING
#smtps     inet  n       -       n       -       -       smtpd
#  -o smtpd_tls_wrappermode=yes
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#  -o milter_macro_daemon_name=ORIGINATING
#628      inet  n       -       n       -       -       qmqpd
pickup    fifo  n       -       n       60      1       pickup
cleanup   unix  n       -       n       -       0       cleanup
qmgr      fifo  n       -       n       300     1       qmgr
#qmgr     fifo  n       -       n       300     1       oqmgr
tlsmgr    unix  -       -       n       1000?   1       tlsmgr
rewrite   unix  -       -       n       -       -       trivial-rewrite
bounce    unix  -       -       n       -       0       bounce
defer     unix  -       -       n       -       0       bounce
trace     unix  -       -       n       -       0       bounce
verify    unix  -       -       n       -       1       verify
flush     unix  n       -       n       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
proxywrite unix -       -       n       -       1       proxymap
smtp      unix  -       -       n       -       -       smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
relay     unix  -       -       n       -       -       smtp
        -o smtp_fallback_relay=
#       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq     unix  n       -       n       -       -       showq
error     unix  -       -       n       -       -       error
retry     unix  -       -       n       -       -       error
discard   unix  -       -       n       -       -       discard
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       n       -       -       lmtp
anvil     unix  -       -       n       -       1       anvil
scache    unix  -       -       n       -       1       scache
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# Many of the following services use the Postfix pipe(8) delivery
# agent.  See the pipe(8) man page for information about ${recipient}
# and other message envelope options.
# ====================================================================
#
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
#maildrop  unix  -       n       n       -       -       pipe
#  flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
#
# ====================================================================
#
# The Cyrus deliver program has changed incompatibly, multiple times.
#
#old-cyrus unix  -       n       n       -       -       pipe
#  flags=R user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -m ${extension} ${user}
#
# ====================================================================
#
# Cyrus 2.1.5 (Amos Gouaux)
# Also specify in main.cf: cyrus_destination_recipient_limit=1
#
#cyrus     unix  -       n       n       -       -       pipe
#  user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -r ${sender} -m ${extension} ${user}
#
# ====================================================================
#
# See the Postfix UUCP_README file for configuration details.
#
#uucp      unix  -       n       n       -       -       pipe
#  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
#
# ====================================================================
#
# Other external delivery methods.
#
#ifmail    unix  -       n       n       -       -       pipe
#  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
#
#bsmtp     unix  -       n       n       -       -       pipe
#  flags=Fq. user=bsmtp argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient
#
#scalemail-backend unix -       n       n       -       2       pipe
#  flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store
#  ${nexthop} ${user} ${extension}
#
#mailman   unix  -       n       n       -       -       pipe
#  flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
#  ${nexthop} ${user}
dovecot   unix  -       n       n       -       -       pipe
   flags=DRhu user=vmail:vmail argv=/usr/libexec/dovecot/deliver -d ${recipient} -f ${recipient}


Thanks.

Sam


On Fri, Jul 19, 2013 at 4:55 PM, Noel Jones <[hidden email]> wrote:
On 7/19/2013 4:45 PM, Sam Flint wrote:
> it's already like that
>

stop top posting.


Sorry, my crystal ball is at the cleaners. Maybe start with
describing how you're testing.

Also note some ISPs block port 25 on "consumer" connections, making
running or testing a mail server impossible. You didn't mention what
kind of connection you have.

Also, master.cf contents, and netstat or lsof output showing what's
listening on port 25 might be helpful.



  -- Noel Jones



--
Sam Flint
flintfam.org/~swflint
Reply | Threaded
Open this post in threaded view
|

Re: Postfix not accepting remote connections

Noel Jones-2
In reply to this post by Sam Flint
On 7/19/2013 4:53 PM, Sam Flint wrote:

> Still nothing
>
>
> On Fri, Jul 19, 2013 at 4:46 PM, Noel Jones <[hidden email]
> <mailto:[hidden email]>> wrote:
>
>
>     >> relay_domains = .com .org .net .info $mydestination
>
>     The above is very bad, change it to empty:
>
>     relay_domains =
>


Stop top posting.  And maybe more than one-line answers would get
you better help.


BTW, the above correction ("relay_domains =  ")is to keep you from
being an open relay, and was not expected to fix the apparent
problem of postfix not listening on outside interfaces.


  -- Noel Jones
Reply | Threaded
Open this post in threaded view
|

Re: Postfix not accepting remote connections

Sam Flint
Ok, well thanks.

I'm sorry, I will try.


On Fri, Jul 19, 2013 at 5:01 PM, Noel Jones <[hidden email]> wrote:
On 7/19/2013 4:53 PM, Sam Flint wrote:
> Still nothing
>
>
> On Fri, Jul 19, 2013 at 4:46 PM, Noel Jones <[hidden email]
> <mailto:[hidden email]>> wrote:
>
>
>     >> relay_domains = .com .org .net .info $mydestination
>
>     The above is very bad, change it to empty:
>
>     relay_domains =
>


Stop top posting.  And maybe more than one-line answers would get
you better help.


BTW, the above correction ("relay_domains =  ")is to keep you from
being an open relay, and was not expected to fix the apparent
problem of postfix not listening on outside interfaces.


  -- Noel Jones



--
Sam Flint
flintfam.org/~swflint
Reply | Threaded
Open this post in threaded view
|

Re: Postfix not accepting remote connections

Noel Jones-2
In reply to this post by Sam Flint
On 7/19/2013 4:58 PM, Sam Flint wrote:

> I'm running on a linode, and I'm sorry.
>
> Netstat:
> Proto Recv-Q Send-Q Local Address               Foreign
> Address             State
> tcp        0    232 flintfam.org:ssh          
> ip98-161-54-206.om.om:52460 <http://ip98-161-54-206.om.om:52460>
> ESTABLISHED
> tcp        0      0 localhost:44273            
> localhost:mysql             TIME_WAIT
> tcp        0      0 flintfam.org:http          
> 89-145-108-208.as2901:47988 TIME_WAIT
> tcp        0      0 flintfam.org:http          
> 89-145-108-208.as2901:47975 TIME_WAIT


Stop top posting. And plain-text only please -- the HTML makes
tables and logs impossible to read.

Doesn't look as if postfix is listening at all.  How are you testing
postfix?

Check the postfix log for errors.
http://www.postfix.org/DEBUG_README.html
http://www.postfix.org/DEBUG_README.html#logging



  -- Noel Jones
Reply | Threaded
Open this post in threaded view
|

Re: Postfix not accepting remote connections

Sam Flint
Sorry, Gmail.

I'm testing by attempting to connect with my android tablet


On Fri, Jul 19, 2013 at 5:08 PM, Noel Jones <[hidden email]> wrote:
On 7/19/2013 4:58 PM, Sam Flint wrote:
> I'm running on a linode, and I'm sorry.
>
> Netstat:
> Proto Recv-Q Send-Q Local Address               Foreign
> Address             State
> tcp        0    232 flintfam.org:ssh
> ip98-161-54-206.om.om:52460 <http://ip98-161-54-206.om.om:52460>
> ESTABLISHED
> tcp        0      0 localhost:44273
> localhost:mysql             TIME_WAIT
> tcp        0      0 flintfam.org:http
> 89-145-108-208.as2901:47988 TIME_WAIT
> tcp        0      0 flintfam.org:http
> 89-145-108-208.as2901:47975 TIME_WAIT


Stop top posting. And plain-text only please -- the HTML makes
tables and logs impossible to read.

Doesn't look as if postfix is listening at all.  How are you testing
postfix?

Check the postfix log for errors.
http://www.postfix.org/DEBUG_README.html
http://www.postfix.org/DEBUG_README.html#logging



  -- Noel Jones



--
Sam Flint
flintfam.org/~swflint
Reply | Threaded
Open this post in threaded view
|

Re: Postfix not accepting remote connections

Sam Flint
On Fri, Jul 19, 2013 at 5:11 PM, Sam Flint <[hidden email]> wrote:

> Sorry, Gmail.
>
> I'm testing by attempting to connect with my android tablet
>
>
> On Fri, Jul 19, 2013 at 5:08 PM, Noel Jones <[hidden email]> wrote:
>>
>> On 7/19/2013 4:58 PM, Sam Flint wrote:
>> > I'm running on a linode, and I'm sorry.
>> >
>> > Netstat:
>> > Proto Recv-Q Send-Q Local Address               Foreign
>> > Address             State
>> > tcp        0    232 flintfam.org:ssh
>> > ip98-161-54-206.om.om:52460 <http://ip98-161-54-206.om.om:52460>
>> > ESTABLISHED
>> > tcp        0      0 localhost:44273
>> > localhost:mysql             TIME_WAIT
>> > tcp        0      0 flintfam.org:http
>> > 89-145-108-208.as2901:47988 TIME_WAIT
>> > tcp        0      0 flintfam.org:http
>> > 89-145-108-208.as2901:47975 TIME_WAIT
>>
>>
>> Stop top posting. And plain-text only please -- the HTML makes
>> tables and logs impossible to read.
>>
>> Doesn't look as if postfix is listening at all.  How are you testing
>> postfix?
>>
>> Check the postfix log for errors.
>> http://www.postfix.org/DEBUG_README.html
>> http://www.postfix.org/DEBUG_README.html#logging
>>
>>
>>
>>   -- Noel Jones
>
>
>
>
> --
> Sam Flint
> flintfam.org/~swflint

Postfix is listening, I can still recieve email.

Sam

--
Sam Flint
flintfam.org/~swflint
Reply | Threaded
Open this post in threaded view
|

Re: Postfix not accepting remote connections

/dev/rob0
On Fri, Jul 19, 2013 at 05:51:20PM -0500, Sam Flint wrote:
> On Fri, Jul 19, 2013 at 5:11 PM, Sam Flint <[hidden email]> wrote:
> > On Fri, Jul 19, 2013 at 5:08 PM, Noel Jones <[hidden email]> wrote:
> >>
> >> On 7/19/2013 4:58 PM, Sam Flint wrote:
> >> > I'm running on a linode, and I'm sorry.
> >> >
> >> > Netstat:
snip

> >>
> >> Stop top posting. And plain-text only please -- the HTML makes
> >> tables and logs impossible to read.
> >>
> >> Doesn't look as if postfix is listening at all.  How are you
> >> testing postfix?
> >>
> > Sorry, Gmail.
> >
> > I'm testing by attempting to connect with my android tablet
> >
snip
> Postfix is listening, I can still recieve email.

$ telnet mail.flintfam.org 25
Trying 50.116.25.174...
Connected to mail.flintfam.org.
Escape character is '^]'.
220 mail.flintfam.org ESMTP Postfix
quit
221 2.0.0 Bye
Connection closed by foreign host.
$ telnet mail.flintfam.org 587
Trying 50.116.25.174...
telnet: connect to address 50.116.25.174: Connection refused

Port 25 is fine (or at least as far as I tested.) 587 is not. Perhaps
your ISP is blocking port 25 outbound from the android tablet?

> >
> >> Check the postfix log for errors.
> >> http://www.postfix.org/DEBUG_README.html
> >> http://www.postfix.org/DEBUG_README.html#logging
--
  http://rob0.nodns4.us/ -- system administration and consulting
  Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:
Reply | Threaded
Open this post in threaded view
|

Re: Postfix not accepting remote connections

Sam Flint
It shouldn't be...

On Fri, Jul 19, 2013 at 5:59 PM, /dev/rob0 <[hidden email]> wrote:

> On Fri, Jul 19, 2013 at 05:51:20PM -0500, Sam Flint wrote:
>> On Fri, Jul 19, 2013 at 5:11 PM, Sam Flint <[hidden email]> wrote:
>> > On Fri, Jul 19, 2013 at 5:08 PM, Noel Jones <[hidden email]> wrote:
>> >>
>> >> On 7/19/2013 4:58 PM, Sam Flint wrote:
>> >> > I'm running on a linode, and I'm sorry.
>> >> >
>> >> > Netstat:
> snip
>> >>
>> >> Stop top posting. And plain-text only please -- the HTML makes
>> >> tables and logs impossible to read.
>> >>
>> >> Doesn't look as if postfix is listening at all.  How are you
>> >> testing postfix?
>> >>
>> > Sorry, Gmail.
>> >
>> > I'm testing by attempting to connect with my android tablet
>> >
> snip
>> Postfix is listening, I can still recieve email.
>
> $ telnet mail.flintfam.org 25
> Trying 50.116.25.174...
> Connected to mail.flintfam.org.
> Escape character is '^]'.
> 220 mail.flintfam.org ESMTP Postfix
> quit
> 221 2.0.0 Bye
> Connection closed by foreign host.
> $ telnet mail.flintfam.org 587
> Trying 50.116.25.174...
> telnet: connect to address 50.116.25.174: Connection refused
>
> Port 25 is fine (or at least as far as I tested.) 587 is not. Perhaps
> your ISP is blocking port 25 outbound from the android tablet?
>
>> >
>> >> Check the postfix log for errors.
>> >> http://www.postfix.org/DEBUG_README.html
>> >> http://www.postfix.org/DEBUG_README.html#logging
> --
>   http://rob0.nodns4.us/ -- system administration and consulting
>   Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:



--
Sam Flint
flintfam.org/~swflint
Reply | Threaded
Open this post in threaded view
|

Re: Postfix not accepting remote connections

Wietse Venema
In reply to this post by Sam Flint
Sam Flint:
> Postfix is listening, I can still recieve email.

Hi. I wrote most of Postfix. What evidence do you have (SHOW POSTFIX
LOGGING) that Postfix is receiving mail for you?

        Wietse
Reply | Threaded
Open this post in threaded view
|

Re: Postfix not accepting remote connections

Sam Flint
In reply to this post by Sam Flint
On Fri, Jul 19, 2013 at 6:02 PM, Sam Flint <[hidden email]> wrote:

> It shouldn't be...
>
> On Fri, Jul 19, 2013 at 5:59 PM, /dev/rob0 <[hidden email]> wrote:
>> On Fri, Jul 19, 2013 at 05:51:20PM -0500, Sam Flint wrote:
>>> On Fri, Jul 19, 2013 at 5:11 PM, Sam Flint <[hidden email]> wrote:
>>> > On Fri, Jul 19, 2013 at 5:08 PM, Noel Jones <[hidden email]> wrote:
>>> >>
>>> >> On 7/19/2013 4:58 PM, Sam Flint wrote:
>>> >> > I'm running on a linode, and I'm sorry.
>>> >> >
>>> >> > Netstat:
>> snip
>>> >>
>>> >> Stop top posting. And plain-text only please -- the HTML makes
>>> >> tables and logs impossible to read.
>>> >>
>>> >> Doesn't look as if postfix is listening at all.  How are you
>>> >> testing postfix?
>>> >>
>>> > Sorry, Gmail.
>>> >
>>> > I'm testing by attempting to connect with my android tablet
>>> >
>> snip
>>> Postfix is listening, I can still recieve email.
>>
>> $ telnet mail.flintfam.org 25
>> Trying 50.116.25.174...
>> Connected to mail.flintfam.org.
>> Escape character is '^]'.
>> 220 mail.flintfam.org ESMTP Postfix
>> quit
>> 221 2.0.0 Bye
>> Connection closed by foreign host.
>> $ telnet mail.flintfam.org 587
>> Trying 50.116.25.174...
>> telnet: connect to address 50.116.25.174: Connection refused
>>
>> Port 25 is fine (or at least as far as I tested.) 587 is not. Perhaps
>> your ISP is blocking port 25 outbound from the android tablet?
>>
>>> >
>>> >> Check the postfix log for errors.
>>> >> http://www.postfix.org/DEBUG_README.html
>>> >> http://www.postfix.org/DEBUG_README.html#logging
>> --
>>   http://rob0.nodns4.us/ -- system administration and consulting
>>   Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:

What can I do to fix this on the server end? how can I run on both?

Sam


--
Sam Flint
flintfam.org/~swflint
12