Need help troubleshooting...
Need help troubleshooting
- Home
- Control Panel
- Community Forum
- Services
- Email Service
- Need help troubleshooting
- Community Forum
- Need help troubleshooting
Topic: Need help troubleshooting
Sorry for the long post...So I have setup my home email server following the instructions provided at https://workaround.org/ispmail/jessie and everything as far as I can tell was done correctly. I can login to my local roundcube apache interface as user@domain. However I cannot send or receive email. I can send from root to user@domain using sendmail but that doesn't do me any good. I checked my logs (var/log/mail.log) and see the same message whether I am using store\forward or smtp relay dynu service.store/forward:Aug 21 20:20:09 mail postfix/smtp[1458]: connect to smtp.dynu.com[207.38.69.195]:2525: Connection timed outAug 21 20:20:09 mail postfix/smtp[1458]: E012F2314E: to=<external@domain.net>, relay=none, delay=30, delays=0.1/0.04/30/0, dsn=4.4.1, status=deferred (connect to smtp.dynu.com[207.38.69.195]:2525: Connection timed out)smtp relay:Aug 21 23:51:23 mail postfix/smtp[2983]: connect to relay.dynu.com[199.233.237.19]:587: Connection timed outAug 21 23:51:23 mail postfix/smtp[2983]: 9987923384: to=<external@domain.net>, relay=none, delay=922, delays=892/0.05/30/0, dsn=4.4.1, status=deferred (connect to relay.dynu.com[199.233.237.19]:587: Connection timed out)All ports are open and forwarded correctly from my router.main.cf==================# See /usr/share/postfix/main.cf.dist for a commented, more complete version# Debian specific: Specifying a file name will cause the first# line of that file to be used as the name. The Debian default# is /etc/mailname.#myorigin = /etc/mailnamesmtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)biff = no# appending .domain is the MUA's job.append_dot_mydomain = no# Uncomment the next line to generate "delayed mail" warnings#delay_warning_time = 4hreadme_directory = no# TLS parameterssmtpd_tls_cert_file = /etc/ssl/certs/mailserver.pem <---self signed certsmtpd_tls_key_file = /etc/ssl/private/mailserver.pem <---self signed certsmtpd_use_tls=yessmtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scachesmtp_tls_session_cache_database = btree:${data_directory}/smtp_scache# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for# information on enabling SSL in the smtp client.smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destinationmyhostname = host.domain.usalias_maps = hash:/etc/aliasesalias_database = hash:/etc/aliasesmyorigin = /etc/mailnamemydestination = byteknight.us, mail.byteknight.us, localhost.byteknight.us, localhostrelayhost = relay.dynu.com:587 <<<<<------This gets changed to smtp.dynu.com:2525 and vice/versamynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 mailbox_command = procmail -a "$EXTENSION"mailbox_size_limit = 0recipient_delimiter = +inet_interfaces = allsmtpd_tls_mandatory_protocols = !SSLv2,!SSLv3virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual-mailbox-domains.cfvirtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-mailbox-maps.cfvirtual_alias_maps = mysql:/etc/postfix/mysql-virtual-alias-maps.cfvirtual_transport = lmtp:unix:private/dovecot-lmtpsmtpd_sasl_type = dovecotsmtpd_sasl_path = private/authsmtpd_sasl_auth_enable = yessmtpd_tls_security_level = maysmtpd_tls_auth_only = yessmtp_sasl_security_options = noanonymoussmtp_sasl_password_maps = hash:/etc/postfix/sasl_passwdsmtp_use_tls = yessmtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt==================Tried telnet and get this:# telnet 207.38.69.195 2525Trying 207.38.69.195...# telnet 199.233.237.19 587Trying 199.233.237.19...I'm pulling my hair out trying to figure out how to simply use a home email server without paying the ISP ungodly amounts of money for a static IP to unblock port 25...did not expect this to be so difficult. Any ideas or links that may help me get this working? Thanks!
Reply with quote | Report
Thanks for the reply and link to postfix smtp relay, I'm sure I'll refer to it. https://www.dynu.com/Resources/Tutorials/EmailServices/EmailServerSetup/How-to-configure-postfix-with-SMTP-relayThe telnet commands failing got me thinking; I'm pretty security conscious and have very strict settings on my firewall. As a test I temporarily turned it off and re-tried the telnet commands and got the following:# telnet relay.dynu.com 587Trying 199.233.237.19...telnet: Unable to connect to remote host: Connection refused# telnet smtp.dynu.com 2525Trying 207.38.69.195...telnet: Unable to connect to remote host: Connection refused# telnet smtp.gmail.com 587Trying 74.125.206.108...Trying 74.125.206.109...Trying 2a00:1450:400c:c04::6d...telnet: Unable to connect to remote host: Network is unreachableThe last one seemed (at least to me to be a DNS issue, but...# nslookup smtp.gmail.comServer: 8.26.56.26Address: 8.26.56.26#53Non-authoritative answer:smtp.gmail.com canonical name = gmail-smtp-msa.l.google.com.Name: gmail-smtp-msa.l.google.comAddress: 74.125.206.108Name: gmail-smtp-msa.l.google.comAddress: 74.125.206.109I looked at my firewall a little closer and noticed I allowed 23 (telnet) out but not in, changed that and added 2525 TCP in and out, same thing. Allowed all undefined ports in and out, effectively making a firewall moot and same thing. What am I missing here?Weird thing is when I make a change to the firewall and it is applying the changes I go back to the shell and telnet works. After, same problem. Ok, I think I can safely assume the problem is on my router/firewall somewhere...Is there a port or protocol I need to add/modify on my firewall anyone with more smarts than me can quickly identify?
Reply with quote | Report
Author | Topic: Need help troubleshooting |
---|---|
Byte Knight LLC Joined: 8/17/2017 |
Need help troubleshooting Monday, August 21, 2017 11:24 PM
Sorry for the long post...So I have setup my home email server following the instructions provided at https://workaround.org/ispmail/jessie and everything as far as I can tell was done correctly. I can login to my local roundcube apache interface as user@domain. However I cannot send or receive email. I can send from root to user@domain using sendmail but that doesn't do me any good. I checked my logs (var/log/mail.log) and see the same message whether I am using store\forward or smtp relay dynu service.store/forward:Aug 21 20:20:09 mail postfix/smtp[1458]: connect to smtp.dynu.com[207.38.69.195]:2525: Connection timed outAug 21 20:20:09 mail postfix/smtp[1458]: E012F2314E: to=<external@domain.net>, relay=none, delay=30, delays=0.1/0.04/30/0, dsn=4.4.1, status=deferred (connect to smtp.dynu.com[207.38.69.195]:2525: Connection timed out)smtp relay:Aug 21 23:51:23 mail postfix/smtp[2983]: connect to relay.dynu.com[199.233.237.19]:587: Connection timed outAug 21 23:51:23 mail postfix/smtp[2983]: 9987923384: to=<external@domain.net>, relay=none, delay=922, delays=892/0.05/30/0, dsn=4.4.1, status=deferred (connect to relay.dynu.com[199.233.237.19]:587: Connection timed out)All ports are open and forwarded correctly from my router.main.cf==================# See /usr/share/postfix/main.cf.dist for a commented, more complete version# Debian specific: Specifying a file name will cause the first# line of that file to be used as the name. The Debian default# is /etc/mailname.#myorigin = /etc/mailnamesmtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)biff = no# appending .domain is the MUA's job.append_dot_mydomain = no# Uncomment the next line to generate "delayed mail" warnings#delay_warning_time = 4hreadme_directory = no# TLS parameterssmtpd_tls_cert_file = /etc/ssl/certs/mailserver.pem <---self signed certsmtpd_tls_key_file = /etc/ssl/private/mailserver.pem <---self signed certsmtpd_use_tls=yessmtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scachesmtp_tls_session_cache_database = btree:${data_directory}/smtp_scache# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for# information on enabling SSL in the smtp client.smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destinationmyhostname = host.domain.usalias_maps = hash:/etc/aliasesalias_database = hash:/etc/aliasesmyorigin = /etc/mailnamemydestination = byteknight.us, mail.byteknight.us, localhost.byteknight.us, localhostrelayhost = relay.dynu.com:587 <<<<<------This gets changed to smtp.dynu.com:2525 and vice/versamynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 mailbox_command = procmail -a "$EXTENSION"mailbox_size_limit = 0recipient_delimiter = +inet_interfaces = allsmtpd_tls_mandatory_protocols = !SSLv2,!SSLv3virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual-mailbox-domains.cfvirtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-mailbox-maps.cfvirtual_alias_maps = mysql:/etc/postfix/mysql-virtual-alias-maps.cfvirtual_transport = lmtp:unix:private/dovecot-lmtpsmtpd_sasl_type = dovecotsmtpd_sasl_path = private/authsmtpd_sasl_auth_enable = yessmtpd_tls_security_level = maysmtpd_tls_auth_only = yessmtp_sasl_security_options = noanonymoussmtp_sasl_password_maps = hash:/etc/postfix/sasl_passwdsmtp_use_tls = yessmtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt==================Tried telnet and get this:# telnet 207.38.69.195 2525Trying 207.38.69.195...# telnet 199.233.237.19 587Trying 199.233.237.19...I'm pulling my hair out trying to figure out how to simply use a home email server without paying the ISP ungodly amounts of money for a static IP to unblock port 25...did not expect this to be so difficult. Any ideas or links that may help me get this working? Thanks!
|
byteknight Joined: 8/17/2017 |
Need help troubleshooting Tuesday, August 22, 2017 6:22 PM
Thanks for the reply and link to postfix smtp relay, I'm sure I'll refer to it. https://www.dynu.com/Resources/Tutorials/EmailServices/EmailServerSetup/How-to-configure-postfix-with-SMTP-relayThe telnet commands failing got me thinking; I'm pretty security conscious and have very strict settings on my firewall. As a test I temporarily turned it off and re-tried the telnet commands and got the following:# telnet relay.dynu.com 587Trying 199.233.237.19...telnet: Unable to connect to remote host: Connection refused# telnet smtp.dynu.com 2525Trying 207.38.69.195...telnet: Unable to connect to remote host: Connection refused# telnet smtp.gmail.com 587Trying 74.125.206.108...Trying 74.125.206.109...Trying 2a00:1450:400c:c04::6d...telnet: Unable to connect to remote host: Network is unreachableThe last one seemed (at least to me to be a DNS issue, but...# nslookup smtp.gmail.comServer: 8.26.56.26Address: 8.26.56.26#53Non-authoritative answer:smtp.gmail.com canonical name = gmail-smtp-msa.l.google.com.Name: gmail-smtp-msa.l.google.comAddress: 74.125.206.108Name: gmail-smtp-msa.l.google.comAddress: 74.125.206.109I looked at my firewall a little closer and noticed I allowed 23 (telnet) out but not in, changed that and added 2525 TCP in and out, same thing. Allowed all undefined ports in and out, effectively making a firewall moot and same thing. What am I missing here?Weird thing is when I make a change to the firewall and it is applying the changes I go back to the shell and telnet works. After, same problem. Ok, I think I can safely assume the problem is on my router/firewall somewhere...Is there a port or protocol I need to add/modify on my firewall anyone with more smarts than me can quickly identify?
|
It is currently Tuesday, December 3, 2024 10:46 AM US Mountain Standard Time
Tuesday, December 3, 2024 10:46 AM