hi guys,

Got a problem with my postfix install.

I used Falcos superb guide on my last centos 4 serer and it worked sweetly. But I am not having the same luck this time with a new server!!

basically, I can recieve and send emails internally.
i can send emails externally.
but I cannot recieve any mails from outside to my email accounts on the server.

I am scratching my head big time and seeking help or guidance before I go insane!

The DNS mx record is set to mail.mydomain.co.uk

Maillog is not showing errors for incoming mails, its just not showing anything!!

I have attached some results from a few commands, the netstat -tap results have me a bit puzzled as there are a lot of things 'holiding'.. not sure if this is right!?

Also, the results for my

telnet localhost 25

After you have established the connection to your Postfix mail server type

ehlo localhost

If you see the lines

250-STARTTLS

and

250-AUTH PLAIN LOGIN

everything is fine.

[root@server1 ssl]# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 server1.example.com ESMTP Postfix
ehlo localhost
250-server1.example.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
quit
221 2.0.0 Bye
Connection closed by foreign host.
[root@server1 ssl]#


differ slightly as they are

220 mail.mydomain.co.uk ESMTP Postfix
ehlo localhost
250-mail.mydomain.co.uk
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH CRAM-MD5 PLAIN DIGEST-MD5 LOGIN GSSAPI
250-AUTH=CRAM-MD5 PLAIN DIGEST-MD5 LOGIN GSSAPI
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN

Virtual.db is all updated

Also, I keep getting an email from root for a cron job saying

Reporting-MTA: dns; mail.mydomain.co.uk
X-Postfix-Queue-ID: DD291170286
X-Postfix-Sender: rfc822; office@domaina.com
Arrival-Date: Wed, 9 Sep 2009 18:53:00 -0400 (EDT)

Final-Recipient: rfc822; domaina@server1.mydomain.co.uk
Original-Recipient: rfc822;domaina@server1.mydomain.co.uk
Action: failed
Status: 5.4.6
Diagnostic-Code: X-Postfix; mail for server1.mydomain.co.uk loops back to
myself

:mad:


All help appreciated.. :cool:

Please add server1.mydomain.co.uk to the mydestination line in /etc/postfix/main.cf and restart Postfix.

Thanks Falko

I have done this

alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
debug_peer_level = 2
home_mailbox = Maildir/
html_directory = no
inet_interfaces = all
local_recipient_maps =
mail_owner = postfix
mailbox_command =
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
mydestination = server1.mydomain.co.uk
mydomain = mydomain.co.uk
myhostname = mail.mydomain.co.uk
mynetworks = 127.0.0.0/8 81.149.233.167 80.229.165.202
myorigin = $myhostname
newaliases_path = /usr/bin/newaliases.postfix
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.2.10/README_FILES
relay_domains = $mydestination 11.123.123.123
sample_directory = /usr/share/doc/postfix-2.2.10/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtp_generic_maps = hash:/etc/postfix/generic
smtp_tls_note_starttls_offer = yes
smtp_use_tls = yes
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_security_options = noanonymous
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_auth_only = no
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom
unknown_local_recipient_reject_code = 550
virtual_alias_maps = hash:/etc/postfix/virtual


but it has not made any diference :(

No errors showing in the maillog :/

One thing I have thought of...

The server was allocated with 5 IP addresses.

Only one of them is fine. (the main one listed in hosts file)

The other two I have added in my DNS provider as (subdomain) records dont seem to be working as expected though.

using nslookup the mail sub domain resolves correctly though :/

This test on the mailserver

http://mxtoolbox.com/SuperTool.aspx?action=smtp%3amail.bimmerforums.co. uk

Gives this

A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond 64.191.90.246:25

i added the mail.mydomain.co.uk to hosts with the corresponding IP to see if it helped. it hasnt!

and heres a snippet from the latest part of the maillog. I noticed that the cypher verification failed.....? the log is full of this,(the fail) and I only just noticed....

Sep 11 12:33:51 server1 sendmail[10558]: n8BGXp5a010558: from=apache, size=878, class=0, nrcpts=1, msgid=<20090911163351.058138aa5574@www.mydomain.co.uk>, relay=apache@localhost
Sep 11 12:33:51 server1 postfix/smtpd[10422]: connect from localhost.localdomain[127.0.0.1]
Sep 11 12:33:51 server1 postfix/smtpd[10422]: setting up TLS connection from localhost.localdomain[127.0.0.1]
Sep 11 12:33:51 server1 postfix/smtpd[10422]: TLS connection established from localhost.localdomain[127.0.0.1]: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)
Sep 11 12:33:51 server1 sendmail[10558]: STARTTLS=client, relay=[127.0.0.1], version=TLSv1/SSLv3, verify=FAIL, cipher=DHE-RSA-AES256-SHA, bits=256/256
Sep 11 12:33:51 server1 postfix/smtpd[10422]: D94BF1702D8: client=localhost.localdomain[127.0.0.1], sasl_sender=apache@server1.mydomain.co.uk
Sep 11 12:33:52 server1 postfix/cleanup[10423]: D94BF1702D8: message-id=<20090911163351.058138aa5574@www.mydomain.co.uk>
Sep 11 12:33:52 server1 postfix/qmgr[3283]: D94BF1702D8: from=<apache@server1.mydomain.co.uk>, size=1363, nrcpt=1 (queue active)
Sep 11 12:33:52 server1 sendmail[10558]: n8BGXp5a010558: to=richard.snowden@rsadvertising.com, ctladdr=apache (48/48), delay=00:00:01, xdelay=00:00:01, mailer=relay, pri=30878, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (Ok: queued as D94BF1702D8)
Sep 11 12:33:52 server1 postfix/smtpd[10422]: disconnect from localhost.localdomain[127.0.0.1]
Sep 11 12:33:52 server1 postfix/smtp[10382]: D94BF1702D8: to=<richard.snowden@rsadvertising.com>, relay=mx1.e-knowasp.com[193.27.212.149]:25, delay=0.78, delays=0.21/0/0.26/0.32, dsn=2.0.0, status=sent (250 Ok: queued as 4F2C016DAE94)
Sep 11 12:33:52 server1 postfix/qmgr[3283]: D94BF1702D8: removed

What did the mydestination line look like before you changed it?

I originally had it set to

mydestination = /etc/postfix/local-host-names

which is what worked perfectly on my last centos/postfix server.

:confused:

Then add server1.mydomain.co.uk at the end of /etc/postfix/local-host-names and use mydestination = /etc/postfix/local-host-names in your main.cf.

Then add server1.mydomain.co.uk at the end of /etc/postfix/local-host-names and use mydestination = /etc/postfix/local-host-names in your main.cf.

it is already Falco :/
Im thinking of removing and re installing postfix...!!

Do you still get this error?
Diagnostic-Code: X-Postfix; mail for server1.mydomain.co.uk loops back to
myself

Do you still get this error?

Update!!
Thanks for your help falko :cool:

It is now working. I wasnt getting that error and it seems it wasnt the postfix config that was the problem.....----->>>>> :eek:

The problem I pinpointed was after doing an SMTP mailserver check online, which said the subdomain wasnt responding, it also wouldnt reply to a ping.

The server provider gives 5 IP addresses with it, and I was using a seperate one for my main site (the first one allocated/main one), and another for the mail server.(as I had it on my last server)

Even though the Ip is listed in hosts file (centos5) it is not working and when I changed the subdomain dns to point to the primary IP it is all working (email etc)

Going to need some further digging I think :confused::)