I've installed following the perfect tutorial.
Everything is fine now except this : I cannot have the smtp running well

with netstat, I got :


tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 18719/master

postconf -n give :
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
body_checks = regexp:/etc/postfix/body_checks
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
content_filter = amavis:[127.0.0.1]:10024
header_checks = regexp:/etc/postfix/header_checks
html_directory = /usr/share/doc/postfix/html
inet_interfaces = all
mailbox_size_limit = 0
message_size_limit = 0
mime_header_checks = regexp:/etc/postfix/mime_header_checks
mydestination = mail.mydomain.net, localhost, localhost.localdomain
myhostname = mail.mydomain.net
mynetworks = 127.0.0.0/8 [::1]/128
myorigin = /etc/mailname
nested_header_checks = regexp:/etc/postfix/nested_header_checks
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps
readme_directory = /usr/share/doc/postfix
receive_override_options = no_address_mappings
recipient_delimiter = +
relay_domains = mysql:/etc/postfix/mysql-virtual_relaydomains.cf
relayhost =
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
smtpd_client_restrictions = check_client_access mysql:/etc/postfix/mysql-virtual_client.cf
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, check_recipient_access mysql:/etc/postfix/mysql-virtual_recipient.cf, reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sender_restrictions = check_sender_access mysql:/etc/postfix/mysql-virtual_sender.cf
smtpd_tls_cert_file = /etc/postfix/smtpd.cert
smtpd_tls_key_file = /etc/postfix/smtpd.key
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
transport_maps = proxy:mysql:/etc/postfix/mysql-virtual_transports.cf
virtual_alias_domains =
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, mysql:/etc/postfix/mysql-virtual_email2email.cf
virtual_gid_maps = static:5000
virtual_mailbox_base = /var/vmail
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
virtual_transport = maildrop
virtual_uid_maps = static:5000



nmap mydomain.net on localhost give :
Not shown: 1702 closed ports
PORT STATE SERVICE
21/tcp open ftp
22/tcp open ssh
25/tcp open smtp
53/tcp open domain
80/tcp open http
110/tcp open pop3
111/tcp open rpcbind
143/tcp open imap
443/tcp open https
993/tcp open imaps
995/tcp open pop3s
3306/tcp open mysql
8080/tcp open http-proxy

nmap mydomain.net from internet give

Not shown: 989 filtered ports
PORT STATE SERVICE
20/tcp closed ftp-data
21/tcp open ftp
22/tcp open ssh
53/tcp open domain
80/tcp open http
110/tcp open pop3
143/tcp open imap
443/tcp open https
3306/tcp open mysql
8080/tcp open http-proxy
10000/tcp closed snet-sensor-mgmt



telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.localdomain.
Escape character is '^]'.
220 mail.mydomain.net ESMTP Postfix (Debian/GNU) and freeze

Any idea ? I really don't see the problem and need to be able to access smtp server through the internet

thx

-drub4n

possible problems:

***
myhostname = mail.mydomain.net

shouldn't be :

myhostname = mydomain.net

***
mydestination = mail.mydomain.net, localhost, localhost.localdomain

shouldn't be something like:

mydestination = /etc/postfix/local-host-names - you didn't gave info on what tutorial did you use so check that according to your tutorial

I'm using the tutorial
The Perfect Server - Debian Lenny (Debian 5.0) [ISPConfig 3] (http://www.howtoforge.com/perfect-server-debian-lenny-ispconfig3-p3)

and there is no postfix configuration part

I change to myhostname = mydomain.net
but I don't know what to put on my_destination

here is the point where postfix is installed:

http://www.howtoforge.com/perfect-server-debian-lenny-ispconfig3-p3

9 Install Postfix, Courier, Saslauthd, MySQL, phpMyAdmin, rkhunter, binutils

System mail name: <-- server1.example.com

should be something like server1.mydomain.net or just mydomain.net

same should go here:

vi /etc/courier/imapd.cnf
[...]
CN=server1.example.com
[...]

vi /etc/courier/pop3d.cnf
[...]
CN=server1.example.com
[...]

unfortunately i have different server configuration and cannot help you any further.

also same server1.mydomain.net or mydomain.net should be used in ISPConfig install

Full qualified hostname (FQDN) of the server, eg server1.domain.tld [server1.example.com]:

if there are some errors in logs you can post them so we can locate a problem.

if you used mail.mydomain.net everywhere instead of server1.mydomain.net or mydomain.net maybe you should change back to
myhostname = mail.mydomain.net

thx _X_ for your tips

I replace everything with myserver.myhosting.com
regenerate key.
Imap and pop with SSL are ok
but I still cannot connect to smtp ... will continue investigation ...

I got something strange,
If I desactivate my firewall, I can see port 25 on nmap but filtered and still cannot access to it

any idea ?

Your original main.cf file was absolutley fine. Please undo the changes that _X_ suggested in #2 as he has mixed up ispconfig 2 and ispconfig 3.

Please use something like mail.mydomain.net or server1.mydomain.net as hostname but not mydomain.net as this will cause a conflicht with the virtual domains otherwise.

Please post the output of

netstat -tap

and check your mail log for errors. Also contact your provider and ask them if they block port 25.

ISPConfig 3? ups ... didn't realize ... totally overlooked that info ... sry m8 :o

don't worry _X_

was not a big change and I keep it to myserver.myhosting.com, no more mydomain.net in my main.cf file

netstat - tap :

Connexions Internet actives (serveurs et établies)
Proto Recv-Q Send-Q Adresse locale Adresse distante Etat PID/Program name
tcp 0 0 *:imaps *:* LISTEN 27676/couriertcpd
tcp 0 0 *:pop3s *:* LISTEN 30198/couriertcpd
tcp 0 0 localhost.localdo:10024 *:* LISTEN 12552/amavisd (mast
tcp 0 0 localhost.localdo:10025 *:* LISTEN 30739/master
tcp 0 0 *:mysql *:* LISTEN 18377/mysqld
tcp 0 0 localhost.localdoma:940 *:* LISTEN 16028/famd
tcp 0 0 *:pop3 *:* LISTEN 13206/couriertcpd
tcp 0 0 localhost.localdo:spamd *:* LISTEN 15023/spamd.pid
tcp 0 0 *:imap2 *:* LISTEN 13176/couriertcpd
tcp 0 0 *:sunrpc *:* LISTEN 15852/portmap
tcp 0 0 *:http-alt *:* LISTEN 11343/apache2
tcp 0 0 *:www *:* LISTEN 11343/apache2
tcp 0 0 *:ftp *:* LISTEN 27741/pure-ftpd (SE
tcp 0 0 ks37560.kimsufi.:domain *:* LISTEN 23912/mydns
tcp 0 0 localhost.locald:domain *:* LISTEN 23912/mydns
tcp 0 0 *:ssh *:* LISTEN 2606/sshd
tcp 0 0 *:smtp *:* LISTEN 30739/master
tcp 0 0 *:https *:* LISTEN 11343/apache2

server is listening on port 25
with the fw on, I can't do anything on port 25 from remote computer
with the fw off, nmap say the port 25 is filtered
I use basic fw settings for myserver.myhosting.com under ISPconfig3 administration console wich are

TCP open ports : 20,21,22,25,53,80,110,143,443,3306,8080,10000
UDP open ports : 53,3306

Really disapointed with this issue ...

Please set the firewall to off, wait a minute and then run:

iptables -L

and post the output.

iptables -L

Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Chain fail2ban-ssh (0 references)
target prot opt source destination
RETURN all -- anywhere anywhere


thx

-drub4n

Mailserver is listening on all interfaces and no firewall is blocking a port, so your problem is outside of thsi server. The telnet command above is fine as well as it is not freezing, it just waits for your input.

Either you run a external firewall that is blocking traffic or your access provider is blocking port 25.

ok thx till,

I'll check this issue with my provider.

-drub4n