Hi,

got this in var/log/mail:

Jan 11 16:16:43 www postfix/smtpd[11550]: connect from mail.gmx.net[213.165.64.21]
Jan 11 16:16:43 www postfix/smtpd[11550]: warning: support for restriction "check_relay_domains" will be removed from Postfix; use "reject_unauth_destination" instead
Jan 11 16:16:43 www postfix/smtpd[11550]: 637801E148: client=mail.gmx.net[213.165.64.21]
Jan 11 16:16:43 www postfix/cleanup[11553]: 637801E148: message-id=<16151.1136988890@www12.gmx.net>
Jan 11 16:16:43 www postfix/qmgr[4467]: 637801E148: from=<sendingclient@gmx.net>, size=886, nrcpt=1 (queue active)
Jan 11 16:16:43 www postfix/qmgr[4467]: 637801E148: to=<web4_test@mail.mydomain.tld>, orig_to=<web4_test@mydomain.tld>, relay=none, delay=0, status=deferred (delivery temporarily suspended: connect to mydomain.tld[x.x.x.x]: Connection refused)
Jan 11 16:16:43 www postfix/smtpd[11550]: disconnect from mail.gmx.net[213.165.64.21]

regards,
dumb-medic

Does the website for www.mydomain.tld has an co-domain mydomain.tld where the host field is empty? If not, create the co-domain.

Is mydomain.tld in the file /etc/postfix/local-host-names ?

hi till,

yep, mydomain.tld is a co-domain without <host> on ip 192.168.x.x

cat of /etc/postfix/local-host-names (exactly, only fqdn changed)

###################################
#
# ISPConfig local-host-names Configuration File
# Version 1.0
#
###################################
localhost
www.mydomain.tld
localhost.www.mydomain.tld
localhost.mydomain.tld
www.myseconddomain.tld
mydomain.tld
#### MAKE MANUAL ENTRIES BELOW THIS LINE!

for info:
mydomain.tld is bound to a fw which is masq. to 192.168..x.x
but telnet mydomain.tld 25 (or www.mydomain.tld or mail.mydomain.tld) always get through, but i don't think that here's soemthing wrong, i would not be able to send mails if so.

please have a look at this:
zonefile:
$TTL 86400
@ IN SOA ns.somedomain.tld. admin.mydomain.tld. (
2006011001 ; serial, todays date + todays serial #
28800 ; refresh, seconds
7200 ; retry, seconds
604800 ; expire, seconds
86400 ) ; minimum, seconds
;
NS ns.somedomain.tld. ; Inet Address of name server 1
NS mydomain.tld. ; Inet Address of name server 2
;

mail MX 10 mydomain.tld.

mydomain.tld. A x.x.x.x
mydomain.tld A x.x.x.x
mail A x.x.x.x
www A x.x.x.x

;;;; MAKE MANUAL ENTRIES BELOW THIS LINE! ;;;;

wondering why "mydomain.tld" is listed twice, only difference is the dot after the first listed mydomain.tld
could be the problem?
i've had problems setting up dns (zonefiles werde edited manually), but i thought it was fixed because of 100% functionality...

regards,
dumb-medic

Do dig mydomain.tld and dig MX mydomain.tld show the correct values?

looks ok to me:
# dig mydomain.at
; <<>> DiG 9.2.4 <<>> mydomain.at
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 30748
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;mydomain.at. IN A

;; ANSWER SECTION:
mydomain.tld. 86400 IN A 212.69.161.236

;; AUTHORITY SECTION:dig mydomain.at
mydomain.tld. 86400 IN NS ns.sonedomain.tld.
mydomain.tld. 86400 IN NS mydomain.tld.

;; ADDITIONAL SECTION:
ns.sonedomain.tld. 86400 IN A x.x.x.x
mydomain.tld. 86400 IN A x.x.x.x

;; Query time: 15 msec
;; SERVER: x.x.x.x#53(x.x.x.x)
;; WHEN: Wed Jan 11 21:29:40 2006
;; MSG SIZE rcvd: 121


# dig mx mydomain.tld
; <<>> DiG 9.2.4 <<>> mx mydomain.tld
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 32964
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;mydomain.tld. IN MX

;; AUTHORITY SECTION:
mydomain.tld. 86400 IN SOA ns.somedomain.tld. admin.mydomain.tld. 2006011001 28800 7200 604800 86400

;; Query time: 15 msec
;; SERVER: 216.200.116.12#53(216.200.116.12)
;; WHEN: Wed Jan 11 21:39:21 2006
;; MSG SIZE rcvd: 87

regards,
dumb-medic

take tld as at ;-)

Looks ok, however you should consider creating an MX record for your domain.

Please post the output of netstat -tap Also, what's the value of inet_interfaces in /etc/postfix/main.cf?

netstat -tap
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 *:mysql *:* LISTEN 3643/mysqld
tcp 0 0 *:netbios-ssn *:* LISTEN 3974/smbd
tcp 0 0 *:5901 *:* LISTEN 4212/xinetd
tcp 0 0 *:sunrpc *:* LISTEN 3419/portmap
tcp 0 0 *:hosts2-ns *:* LISTEN 4306/ispconfig_http
tcp 0 0 *:ftp *:* LISTEN 4586/proftpd: (acce
tcp 0 0 192.168.x.x:domain *:* LISTEN 4525/named
tcp 0 0 www.mydomain.a:domain *:* LISTEN 4525/named
tcp 0 0 localhost:domain *:* LISTEN 4525/named
tcp 0 0 *:ipp *:* LISTEN 3917/cupsd
tcp 0 0 *:smtp *:* LISTEN 18602/master
tcp 0 0 localhost:953 *:* LISTEN 4525/named
tcp 0 0 localhost:6010 *:* LISTEN 27991/3
tcp 0 0 *:microsoft-ds *:* LISTEN 3974/smbd
tcp 0 0 *:imaps *:* LISTEN 3741/couriertcpd
tcp 0 0 *:pop3s *:* LISTEN 3701/couriertcpd
tcp 0 0 *:pop3 *:* LISTEN 3697/couriertcpd
tcp 0 0 *:imap *:* LISTEN 3747/couriertcpd
tcp 0 0 *:www-http *:* LISTEN 4378/httpd2-prefork
tcp 0 0 *:ssh *:* LISTEN 3605/sshd
tcp 0 0 *:smtp *:* LISTEN 18602/master
tcp 0 0 localhost:953 *:* LISTEN 4525/named
tcp 0 0 localhost:6010 *:* LISTEN 27991/3
tcp 0 0 *:https *:* LISTEN 4378/httpd2-prefork
tcp 48 0 www.mydomain.tld:ssh 192.168.x.x:1046 ESTABLISHED 27991/3

Also, what's the value of inet_interfaces in /etc/postfix/main.cf?
inet_interfaces = all

complete file (skipped comments):

queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/lib/postfix
mail_owner = postfix
unknown_local_recipient_reject_code = 550
debug_peer_level = 2
debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
xxgdb $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/sbin/sendmail
newaliases_path = /usr/bin/newaliases
mailq_path = /usr/bin/mailq
setgid_group = maildrop
html_directory = /usr/share/doc/packages/postfix/html
manpage_directory = /usr/share/man
sample_directory = /usr/share/doc/packages/postfix/samples
readme_directory = /usr/share/doc/packages/postfix/README_FILES
biff = no
mail_spool_directory = /var/mail
canonical_maps = hash:/etc/postfix/canonical
#virtual_maps = hash:/etc/postfix/virtual
relocated_maps = hash:/etc/postfix/relocated
transport_maps = hash:/etc/postfix/transport
sender_canonical_maps = hash:/etc/postfix/sender_canonical
masquerade_exceptions = root
masquerade_classes = envelope_sender, header_sender, header_recipient
myhostname = mail.$mydomain
program_directory = /usr/lib/postfix
inet_interfaces = all
masquerade_domains =
#mydestination = $myhostname, localhost.$mydomain
defer_transports =
disable_dns_lookups = no
relayhost =
mailbox_command =
mailbox_transport =
smtpd_sender_restrictions = hash:/etc/postfix/access
smtpd_client_restrictions =
smtpd_helo_required = no
smtpd_helo_restrictions =
strict_rfc821_envelopes = no
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,check_ relay_domains
smtp_sasl_auth_enable = no
smtpd_sasl_auth_enable = yes
smtpd_use_tls = yes
smtp_use_tls = yes
alias_maps = hash:/etc/aliases
mailbox_size_limit = 0
message_size_limit = 10240000
mydomain = mydomain.at
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_tls_auth_only = no
smtp_tls_note_starttls_offer = yes
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
home_mailbox = Maildir/
virtual_maps = hash:/etc/postfix/virtusertable
mydestination = /etc/postfix/local-host-names

regards,
dumb-medic

found out that on my ispconfig-machine a nslookup of mydomain.tld points to the official internet-ip,
this cannot be right i think, my firewall masquerades all traffic coming from the internet
to my lan-ip 192.168.x.x

if postfix tries to connect to mydomain.tld it is obviously connecting to my firewall.
to proof this i've captured via tethereal while sending a mail to mydomain.tld, and i am right:
Capturing on eth0 (ispconfig-machine)
0.000000 192.168.x.x -> x.x.x.x TCP 53916 > smtp [SYN] Seq=0 Ack=0 Win=5840 Len=0 MSS=1460 TSV=98438570 TSER=0 WS=2
0.000191 x.x.x.x -> 192.168.x.x TCP smtp > 53916 [RST, ACK] Seq=0 Ack=0 Win=0 Len=0

192.168.x.x is the ispconfig-machine.
x.x.x.x is my official ip, bound to the firewall.

i am slightly confused why postfix don't know that mydomain.tld == localhost?

regards,
dumb-medic

Did you forward port 25 from your router to your server?
Maybe your router isn't able to loop bak into its own local network...

i am slightly confused why postfix don't know that mydomain.tld == localhost?
Postfix does DNS lookups.

thx falko, fixed that fw-mistake: enabling masquerading on the internal interface of my FW now allows postfix to connect, but i cannot receive mail anyway.

mail sent from internet:
/var/log/mail (192.168.x.x = internal interface of the fw):
Jan 13 02:45:30 www postfix/smtpd[1333]: 63F80F95B: client=unknown[192.168.x.x]
Jan 13 02:45:30 www postfix/cleanup[1336]: 63F80F95B: message-id=<30852.1137113010@www68.gmx.net>
Jan 13 02:45:30 www postfix/qmgr[1264]: 63F80F95B: from=<sendingclient@gmx.at>, size=1137, nrcpt=1 (queue active)
Jan 13 02:45:31 www postfix/local[1337]: 63F80F95B: to=<web4_test@mail.mydomain.tld>, orig_to=<web4_test@mydomain.tld>, relay=local, delay=1, status=sent (delivered to command: /usr/bin/procmail -f-)
Jan 13 02:45:31 www postfix/qmgr[1264]: 63F80F95B: removed

mail sent from ispconfig-user to itself:
Jan 13 03:02:41 www postfix/smtpd[1667]: E2CD1F966: client=localhost[127.0.0.1]
Jan 13 03:02:41 www postfix/cleanup[1670]: E2CD1F966: message-id=<20060113020241.E2CD1F966@mail.mydomain.tld>
Jan 13 03:02:41 www postfix/qmgr[1264]: E2CD1F966: from=<web4_test@mydomain.tld>, size=972, nrcpt=1 (queue active)
Jan 13 03:02:43 www postfix/local[1671]: E2CD1F966: to=<web4_test@mail.mydomain.tld>, orig_to=<web4_test@www.mydomain.tld>, relay=local, delay=2, status=sent (delivered to command: /usr/bin/procmail -f-)
Jan 13 03:02:43 www postfix/qmgr[1264]: E2CD1F966: removed

"nrcpt=1" means the recipient is unknown to postfix?

regards,
dumb-medic

Jan 13 02:45:31 www postfix/local[1337]: 63F80F95B: to=<web4_test@mail.mydomain.tld>, orig_to=<web4_test@mydomain.tld>, relay=local, delay=1, status=sent (delivered to command: /usr/bin/procmail -f-)

Jan 13 03:02:43 www postfix/local[1671]: E2CD1F966: to=<web4_test@mail.mydomain.tld>, orig_to=<web4_test@www.mydomain.tld>, relay=local, delay=2, status=sent (delivered to command: /usr/bin/procmail -f-)

Both emails have been sent without problems. I guess you've disabled Maildir in ISPConfig. You must enable Maildir because you're using Courier-POP3 and Courier-IMAP.

strike!

You have 216 messages, 216 unread in the folder Inbox

unbelievable.

thanks falko, thanks till, hat's off.

thanks ispconfig for beeing one of the most awesome experience i've made through all my it-years.

regards,
dumb-medic