HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Server Operation (http://www.howtoforge.com/forums/forumdisplay.php?f=5)
-   -   Can't receive external mail anymore - Ubuntu 8.10, ISPconfig, postfix, etc... (http://www.howtoforge.com/forums/showthread.php?t=33653)

malou 14th April 2009 06:58

Can't receive external mail anymore - Ubuntu 8.10, ISPconfig, postfix, etc...
 
Hi everybody,


I have my server who's been up and running for more than a years without problem. But since a couple of weeks, no more external email can reach my server as it used to. It worked for more than a years and now it's not working anymore. I have this email who was sent by an external address march 28, but since, no more external mail.

I've search this forum and googled for the last 5 days. I tried many different solutions, none of them worked. I checked all Postfix settings, check every log, every DNS solution possible, I even setup a temp server with virtualbox, no external email ends-up in my inbox...

Internal email, sent either by php Mail function or by roundcube to an address on my server work. But if I tried with hotmail or an other external mail service, no email can reach my server...


My ISP always blocked port 25 from the beggening, I know that. But this didn't stopped me from receiving my emails in the past. The only thing that changed since it stopped working are:

- I install java on my server for some testing and remove it after the test.
- I change some port in my router port forward. But then again, I just checked and everyting ok on this side...


I tried every solutions I know and it's getting me crazy, so now I ask for your help...


Thanks in advance!



Infos:
I'am running Ubuntu Server 8.10 with ISPconfig 2.2.24

Domains:
- hmweb.ca (I change a couple of DNS setting for this one, but it seems ok...)
- iduff.ca (this one is like it used to be when everything was working)


Postfix main.cf
Code:

alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
home_mailbox = Maildir/
inet_interfaces = all
inet_protocols = all
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
mydestination = /etc/postfix/local-host-names
myhostname = hmweb.ca
mynetworks = 127.0.0.0/8
myorigin = /etc/mailname
readme_directory = no
recipient_delimiter = +
relayhost = smtp1.sympatico.ca
smtp_tls_note_starttls_offer = yes
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtp_use_tls = yes
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_auth_only = no
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom

- relayhost needed because of blocked port 25...

Postfix master.cf
Code:

#
# Postfix master process configuration file.  For details on the format
# of the file, see the master(5) manual page (command: "man 5 master").
#
# Do not forget to execute "postfix reload" after editing this file.
#
# ==========================================================================
# service type  private unpriv  chroot  wakeup  maxproc command + args
#              (yes)  (yes)  (yes)  (never) (100)
# ==========================================================================
smtp      inet  n      -      -      -      -      smtpd
#submission inet n      -      -      -      -      smtpd
#  -o smtpd_tls_security_level=encrypt
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#  -o milter_macro_daemon_name=ORIGINATING
#smtps    inet  n      -      -      -      -      smtpd
#  -o smtpd_tls_wrappermode=yes
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#  -o milter_macro_daemon_name=ORIGINATING
#628      inet  n      -      -      -      -      qmqpd
pickup    fifo  n      -      -      60      1      pickup
cleanup  unix  n      -      -      -      0      cleanup
qmgr      fifo  n      -      n      300    1      qmgr
#qmgr    fifo  n      -      -      300    1      oqmgr
tlsmgr    unix  -      -      -      1000?  1      tlsmgr
rewrite  unix  -      -      -      -      -      trivial-rewrite
bounce    unix  -      -      -      -      0      bounce
defer    unix  -      -      -      -      0      bounce
trace    unix  -      -      -      -      0      bounce
verify    unix  -      -      -      -      1      verify
flush    unix  n      -      -      1000?  0      flush
proxymap  unix  -      -      n      -      -      proxymap
proxywrite unix -      -      n      -      1      proxymap
smtp      unix  -      -      -      -      -      smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
relay    unix  -      -      -      -      -      smtp
        -o smtp_fallback_relay=
#      -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq    unix  n      -      -      -      -      showq
error    unix  -      -      -      -      -      error
retry    unix  -      -      -      -      -      error
discard  unix  -      -      -      -      -      discard
local    unix  -      n      n      -      -      local
virtual  unix  -      n      n      -      -      virtual
lmtp      unix  -      -      -      -      -      lmtp
anvil    unix  -      -      -      -      1      anvil
scache    unix  -      -      -      -      1      scache
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# Many of the following services use the Postfix pipe(8) delivery
# agent.  See the pipe(8) man page for information about ${recipient}
# and other message envelope options.
# ====================================================================
#
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
maildrop  unix  -      n      n      -      -      pipe
  flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
#
# See the Postfix UUCP_README file for configuration details.
#
uucp      unix  -      n      n      -      -      pipe
  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
#
# Other external delivery methods.
#
ifmail    unix  -      n      n      -      -      pipe
  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp    unix  -      n      n      -      -      pipe
  flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix  -      n      n      -      2      pipe
  flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman  unix  -      n      n      -      -      pipe
  flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
  ${nexthop} ${user}


There nothing about incoming (external) email in mail.log

Router IP: 192.168.2.1
Server internal IP: 192.168.2.21
External IP: 76.68.155.140 (then again, it can change since I'm stuck with dynamic IP)

Telnet:
Code:

Trying 192.168.2.21...
Connected to hmweb.ca.
Escape character is '^]'.
220 hmweb.ca ESMTP Postfix (Ubuntu)
ehlo localhost
250-hmweb.ca
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
quit
221 2.0.0 Bye
Connection closed by foreign host.


what else... test email adress if you want:
admin<at>hmweb.ca
admin<at>iduff.ca


Returned error from hotmail server...
Quote:

This is an automatically generated Delivery Status Notification.

Unable to deliver message to the following recipients, due to being unable to connect successfully to the destination mail server.

admin@hmweb.ca
P.S.: Sorry for my english, I usualy speek French....

malou 14th April 2009 20:23

I made another test this morning with a different email address and I received this warning:

Code:

--- Session Transcript ---
 Tue 2009-04-14 12:51:39: Parsing message <xxxxxxxxxxxxxxxxxx\pd35002439848.msg>
 Tue 2009-04-14 12:51:39: *  From: xxx@yyy.ca
 Tue 2009-04-14 12:51:39: *  To: admin@hmweb.ca
 Tue 2009-04-14 12:51:39: *  Subject: test email =?iso-8859-1?Q?c=E9gep?=
 Tue 2009-04-14 12:51:39: *  Message-ID: <WorldClient-F200904141149.AA49523444@yyy.ca>
 Tue 2009-04-14 12:51:39: Attempting SMTP connection to [hmweb.ca]
 Tue 2009-04-14 12:51:39: Resolving MX records for [hmweb.ca] (DNS Server: 10.201.1.3)...
 Tue 2009-04-14 12:51:39: *  P=010 S=000 D=hmweb.ca TTL=(30) MX=[smtp.hmweb.ca] {76.68.155.140}
 Tue 2009-04-14 12:51:39: *  P=020 S=001 D=hmweb.ca TTL=(30) MX=[mail.iduff.ca] {76.68.155.140}
 Tue 2009-04-14 12:51:39: Attempting SMTP connection to [76.68.155.140:25]
 Tue 2009-04-14 12:51:39: Waiting for socket connection...
 Tue 2009-04-14 12:52:00: *  Winsock Error 10060 The connection timed out.
 Tue 2009-04-14 12:52:00: Attempting SMTP connection to [76.68.155.140:25]
 Tue 2009-04-14 12:52:00: *  76.68.155.140 in connection failure cache for up to 5 minutes due to previous connection failure(s)
 Tue 2009-04-14 12:52:00: This message is 62 minutes old; it has 0 minutes left in this queue
 Tue 2009-04-14 12:52:00: Remote queue lifetime exceeded; message placed in retry queue
--- End Transcript ---

(I changed the sender email address for privacy)


I knew my ISP is blocking outgoing port 25 because in outlook or Apple Mail I have to use their SMTP server to send mail, but could they decide to block incoming trafic on port 25? It's very strange...

I'll double check everything, but any advice would be welcome!


thanks,
Malou


P.s.: My router port mapping:

Code:

Custom Configuration        UDP        110        192.168.2.21       
       
       
Custom Configuration        TCP        3306        192.168.2.21       
       
       
Custom Configuration        UDP        465        192.168.2.21       
       
       
HTTP        TCP        80 - 81        192.168.2.21       
       
       
FTP        TCP        FTP / 21        192.168.2.21       
       
       
Custom Configuration        TCP        110        192.168.2.21       
       
       
Custom Configuration        UDP        3306        192.168.2.21       
       
       
Custom Configuration        TCP        443        192.168.2.21       
       
       
Custom Configuration        TCP        995        192.168.2.21       
       
       
Custom Configuration        TCP        8080        192.168.2.21       
       
       
Custom Configuration        UDP        8080        192.168.2.21       
       
       
SMTP        TCP        SMTP / 25        192.168.2.21       
       
       
Custom Configuration        UDP        SMTP / 25        192.168.2.21       
       
       
Custom Configuration        TCP        22        192.168.2.21       
       
       
Custom Configuration        UDP        22        192.168.2.21       
       
       
Custom Configuration        UDP        995        192.168.2.21       
       
       
Custom Configuration        TCP        465        192.168.2.21       
       
       
Custom Configuration        TCP        143        192.168.2.21       
       
       
Custom Configuration        UDP        143        192.168.2.21

192.168.2.21 is my server IP and port 25 point to my server....

falko 15th April 2009 13:26

If your provider is blocking port 25, then this is the problem.

malou 15th April 2009 17:13

That's what I think is appening.

But on the other hand, enverything was working fine until last month. I knew they block outgoing (me ->internet) port 25 because I always had to use their smtp server to send email. But blocking incoming trafic (internet -> me), that must be new... Unless it's me who screw up something...



Anyway, thanks. I'll see how I can deal with them now...


All times are GMT +2. The time now is 06:14.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.