Trouble sending email to myself on new server i am building

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

Trouble sending email to myself on new server i am building

Fazzina, Angelo

Hi,

Ready to pull my hair out here….i have a server running 2.6 and everything works fine.

Trying to build new server with postfix 2.10.1

I have my postconf –n and postfix logs of my test email.   This data is from the new 2.10.1 box.

Do you need anything else ?

 

Oct  2 14:23:43 mta5 postfix/smtpd[13106]: connect from angelo.uits.uconn.edu[137.99.80.129]

Oct  2 14:23:43 mta5 postfix/smtpd[13106]: 6359630038E5: client=angelo.uits.uconn.edu[137.99.80.129]

Oct  2 14:23:43 mta5 postfix/cleanup[13111]: 6359630038E5: warning: header Subject: test with T-bird from angelo.uits.uconn.edu[137.99.80.129]; from=<[hidden email]> to=<[hidden email]> proto=ESMTP helo=<[137.99.80.129]>

Oct  2 14:23:43 mta5 postfix/cleanup[13111]: 6359630038E5: message-id=<[hidden email]>

Oct  2 14:23:43 mta5 postfix/qmgr[13103]: 6359630038E5: from=<[hidden email]>, size=648, nrcpt=1 (queue active)

Oct  2 14:23:43 mta5 postfix/smtpd[13106]: disconnect from angelo.uits.uconn.edu[137.99.80.129]

Oct  2 14:24:13 mta5 postfix/smtp[13114]: connect to uconn-mail-onmicrosoft-com.mail.protection.outlook.com[216.32.180.170]:25: Connection timed out

Oct  2 14:24:43 mta5 postfix/smtp[13114]: connect to uconn-mail-onmicrosoft-com.mail.protection.outlook.com[207.46.163.106]:25: Connection timed out

Oct  2 14:24:43 mta5 postfix/smtp[13114]: 6359630038E5: to=<[hidden email]>, orig_to=<[hidden email]>, relay=none, delay=60, delays=0.03/0.02/60/0, dsn=4.4.1, status=deferred (connect to uconn-mail-onmicrosoft-com.mail.protection.outlook.com[207.46.163.106]:25: Connection timed out)

 

 

 

 

 

[root@mta5 ~]# postconf -n

alias_database = hash:/etc/aliases

alias_maps = hash:/etc/aliases

anvil_rate_time_unit = 60s

anvil_status_update_time = 600s

append_dot_mydomain = no

biff = no

canonical_maps = regexp:/etc/postfix/maps/voip

command_directory = /usr/sbin

config_directory = /etc/postfix

daemon_directory = /usr/libexec/postfix

data_directory = /var/lib/postfix

debug_peer_level = 2

debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5

header_checks = regexp:/etc/postfix/header_checks

html_directory = no

inet_interfaces = all

inet_protocols = ipv4

mail_owner = postfix

mailbox_size_limit = 0

mailq_path = /usr/bin/mailq.postfix

manpage_directory = /usr/share/man

message_size_limit = 31457280

mydestination = $myhostname, localhost.$mydomain, localhost

myhostname = mta5.uits.uconn.edu

mynetworks = /etc/postfix/files/mynetwork

newaliases_path = /usr/bin/newaliases.postfix

queue_directory = /var/spool/postfix

readme_directory = /usr/share/doc/postfix-2.10.1/README_FILES

recipient_delimiter = +

sample_directory = /usr/share/doc/postfix-2.10.1/samples

sendmail_path = /usr/sbin/sendmail.postfix

setgid_group = postdrop

slowaol_destination_concurrency_limit = 2

slowaol_destination_rate_delay = 30s

slowaol_destination_recipient_limit = 10

slowhot_destination_concurrency_limit = 2

slowhot_destination_rate_delay = 10s

slowhot_destination_recipient_limit = 10

smtpd_banner = $myhostname ESMTP $mail_name ($mail_version)

smtpd_client_connection_rate_limit = 500

smtpd_client_event_limit_exceptions = ${smtpd_client_connection_limit_exceptions:$mynetworks}

smtpd_client_message_rate_limit = 500

smtpd_client_new_tls_session_rate_limit = 500

smtpd_client_recipient_rate_limit = 500

smtpd_client_restrictions = check_client_access hash:/etc/postfix/maps/block_ip, permit

smtpd_recipient_restrictions = check_recipient_access hash:/etc/postfix/maps/block_to, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination

smtpd_tls_exclude_ciphers = IDEA-CBC-SHA, DES-CBC3-SHA, EDH-RSA-DES-CBC3-SHA, RC4, aNULL

smtpd_tls_mandatory_protocols = !SSLv3, !SSLv2

transport_maps = hash:/etc/postfix/maps/transport

unknown_local_recipient_reject_code = 550

virtual_alias_domains = access.ced.uconn.edu appmail.uconn.edu eri.uconn.edu finearts.sfa.uconn.edu law.uconn.edu math.uconn.edu ropercenter.uconn.edu studentorgs.uconn.edu students.law.uconn.edu testexchange.uconn.edu uconn.edu

virtual_alias_maps = hash:/etc/postfix/virtual mysql:/etc/postfix/files/mysql_pn.cf regexp:/etc/postfix/maps/googlegroups regexp:/etc/postfix/maps/subaddressing

 

-ANGELO FAZZINA

 

UITS Service Manager:

Spam and Virus Prevention

Mass Mailing

G Suite/Gmail

 

[hidden email]

University of Connecticut,  UITS, SSG, Server Systems

860-486-9075

 

Reply | Threaded
Open this post in threaded view
|

Re: Trouble sending email to myself on new server i am building

Noel Jones-2
[Please use plain text next time. Thanks]

On 10/2/2017 1:31 PM, Fazzina, Angelo wrote:
>
> Oct  2 14:24:43 mta5 postfix/smtp[13114]: connect to
> uconn-mail-onmicrosoft-com.mail.protection.outlook.com[207.46.163.106]:25:
> Connection timed out

"connection timed out" almost always means some sort of network
error outside of postfix, such as a firewall problem.




  -- Noel Jones
Reply | Threaded
Open this post in threaded view
|

Re: Trouble sending email to myself on new server i am building

Viktor Dukhovni
In reply to this post by Fazzina, Angelo
On Mon, Oct 02, 2017 at 06:31:07PM +0000, Fazzina, Angelo wrote:

> smtpd[13106]: 6359630038E5: client=angelo.uits.uconn.edu[137.99.80.129]
> cleanup[13111]: 6359630038E5: message-id=<[hidden email]>
> qmgr[13103]: 6359630038E5: from=<[hidden email]>, size=648, nrcpt=1 (queue active)
> smtp[13114]: connect to uconn-mail-onmicrosoft-com.mail.protection.outlook.com[216.32.180.170]:25: Connection timed out
> smtp[13114]: connect to uconn-mail-onmicrosoft-com.mail.protection.outlook.com[207.46.163.106]:25: Connection timed out
> smtp[13114]: 6359630038E5: to=<[hidden email]>, orig_to=<[hidden email]>, relay=none, delay=60, delays=0.03/0.02/60/0, dsn=4.4.1, status=deferred (connect to uconn-mail-onmicrosoft-com.mail.protection.outlook.com[207.46.163.106]:25: Connection timed out)

Something in your configuration rewrites the recipient address from
the "orig_to" address to the "to" address. The MX host for the
nexthop domain is then:

    uconn.mail.onmicrosoft.com. MX 10 uconn-mail-onmicrosoft-com.mail.protection.outlook.com.

with addresses (subject to dynamic load-balancing):

    uconn-mail-onmicrosoft-com.mail.protection.outlook.com. 10 IN A 216.32.180.170
    uconn-mail-onmicrosoft-com.mail.protection.outlook.com. 10 IN A 216.32.181.170

It seems your new server is blocked from connecting to these.
That'd be some sort of networking issue, unrelated to Postfix.

> virtual_alias_domains =
> access.ced.uconn.edu,
> appmail.uconn.edu,
> eri.uconn.edu,
> finearts.sfa.uconn.edu,
> law.uconn.edu,
> math.uconn.edu,
> ropercenter.uconn.edu,
> studentorgs.uconn.edu,
> students.law.uconn.edu,
> testexchange.uconn.edu,
> uconn.edu
> virtual_alias_maps =
> hash:/etc/postfix/virtual,
> mysql:/etc/postfix/files/mysql_pn.cf,
> regexp:/etc/postfix/maps/googlegroups,
> regexp:/etc/postfix/maps/subaddressing

Given that "uconn.edu" is a virtual alias domain, the rewrite looks
normal and intended.  So tackle the networking issue.

--
        Viktor.
Reply | Threaded
Open this post in threaded view
|

RE: Trouble sending email to myself on new server i am building

Fazzina, Angelo
In reply to this post by Noel Jones-2
Hi, sorry if I posted in non-plain text format, did not know that was an issue. Will watch for it next time.

I have gone through 2 guys in security/networking department today and was able to finally prove it was firewall and not my postfix config being "wrong".

I even turned off SELinux and iptables...

Hopefully by Wednesday I can send email.   Issue closed for now, thanks.


-ANGELO FAZZINA

UITS Service Manager:
Spam and Virus Prevention
Mass Mailing
G Suite/Gmail

[hidden email]
University of Connecticut,  UITS, SSG, Server Systems
860-486-9075


-----Original Message-----
From: [hidden email] [mailto:[hidden email]] On Behalf Of Noel Jones
Sent: Monday, October 2, 2017 3:54 PM
To: [hidden email]
Subject: Re: Trouble sending email to myself on new server i am building

[Please use plain text next time. Thanks]

On 10/2/2017 1:31 PM, Fazzina, Angelo wrote:
>
> Oct  2 14:24:43 mta5 postfix/smtp[13114]: connect to
> uconn-mail-onmicrosoft-com.mail.protection.outlook.com[207.46.163.106]:25:
> Connection timed out

"connection timed out" almost always means some sort of network
error outside of postfix, such as a firewall problem.




  -- Noel Jones
Reply | Threaded
Open this post in threaded view
|

RE: Trouble sending email to myself on new server i am building

Miles Fidelman
In reply to this post by Fazzina, Angelo
New server, new IP address, same domain name?

Could be that you're dealing with DNS transition delays.  Check the TTLs on your domain records!

-------- Original message --------
From: "Fazzina, Angelo" <[hidden email]>
Date: 10/2/17 1:24 PM (GMT-07:00)
Subject: RE: Trouble sending email to myself on new server i am building

Hi, sorry if I posted in non-plain text format, did not know that was an issue. Will watch for it next time.

I have gone through 2 guys in security/networking department today and was able to finally prove it was firewall and not my postfix config being "wrong".

I even turned off SELinux and iptables...

Hopefully by Wednesday I can send email.   Issue closed for now, thanks.


-ANGELO FAZZINA

UITS Service Manager:
Spam and Virus Prevention
Mass Mailing
G Suite/Gmail

[hidden email]
University of Connecticut,  UITS, SSG, Server Systems
860-486-9075


-----Original Message-----
From: [hidden email] [mailto:[hidden email]] On Behalf Of Noel Jones
Sent: Monday, October 2, 2017 3:54 PM
To: [hidden email]
Subject: Re: Trouble sending email to myself on new server i am building

[Please use plain text next time. Thanks]

On 10/2/2017 1:31 PM, Fazzina, Angelo wrote:
>
> Oct  2 14:24:43 mta5 postfix/smtp[13114]: connect to
> uconn-mail-onmicrosoft-com.mail.protection.outlook.com[207.46.163.106]:25:
> Connection timed out

"connection timed out" almost always means some sort of network
error outside of postfix, such as a firewall problem.




  -- Noel Jones