HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (
-   Installation/Configuration (
-   -   Postfix SMTP Problem (

drub4n 29th August 2009 19:11

Postfix SMTP Problem
I've installed following the perfect tutorial.
Everything is fine now except this : I cannot have the smtp running well

with netstat, I got :


tcp        0      0    *              LISTEN      18719/master
postconf -n give :

alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
body_checks = regexp:/etc/postfix/body_checks
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
content_filter = amavis:[]:10024
header_checks = regexp:/etc/postfix/header_checks
html_directory = /usr/share/doc/postfix/html
inet_interfaces = all
mailbox_size_limit = 0
message_size_limit = 0
mime_header_checks = regexp:/etc/postfix/mime_header_checks
mydestination =, localhost, localhost.localdomain
myhostname =
mynetworks = [::1]/128
myorigin = /etc/mailname
nested_header_checks = regexp:/etc/postfix/nested_header_checks
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps
readme_directory = /usr/share/doc/postfix
receive_override_options = no_address_mappings
recipient_delimiter = +
relay_domains = mysql:/etc/postfix/
relayhost =
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
smtpd_client_restrictions = check_client_access mysql:/etc/postfix/
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, check_recipient_access mysql:/etc/postfix/, reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sender_restrictions = check_sender_access mysql:/etc/postfix/
smtpd_tls_cert_file = /etc/postfix/smtpd.cert
smtpd_tls_key_file = /etc/postfix/smtpd.key
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
transport_maps = proxy:mysql:/etc/postfix/
virtual_alias_domains =
virtual_alias_maps = proxy:mysql:/etc/postfix/, mysql:/etc/postfix/
virtual_gid_maps = static:5000
virtual_mailbox_base = /var/vmail
virtual_mailbox_domains = proxy:mysql:/etc/postfix/
virtual_mailbox_maps = proxy:mysql:/etc/postfix/
virtual_transport = maildrop
virtual_uid_maps = static:5000

nmap on localhost give :

Not shown: 1702 closed ports
21/tcp  open  ftp
22/tcp  open  ssh
25/tcp  open  smtp
53/tcp  open  domain
80/tcp  open  http
110/tcp  open  pop3
111/tcp  open  rpcbind
143/tcp  open  imap
443/tcp  open  https
993/tcp  open  imaps
995/tcp  open  pop3s
3306/tcp open  mysql
8080/tcp open  http-proxy

nmap from internet give


Not shown: 989 filtered ports
20/tcp    closed ftp-data
21/tcp    open  ftp
22/tcp    open  ssh
53/tcp    open  domain
80/tcp    open  http
110/tcp  open  pop3
143/tcp  open  imap
443/tcp  open  https
3306/tcp  open  mysql
8080/tcp  open  http-proxy
10000/tcp closed snet-sensor-mgmt

telnet localhost 25

Connected to localhost.localdomain.
Escape character is '^]'.
220 ESMTP Postfix (Debian/GNU)

and freeze

Any idea ? I really don't see the problem and need to be able to access smtp server through the internet



_X_ 29th August 2009 19:49

possible problems:

myhostname =

shouldn't be :

myhostname =

mydestination =, localhost, localhost.localdomain

shouldn't be something like:

mydestination = /etc/postfix/local-host-names - you didn't gave info on what tutorial did you use so check that according to your tutorial

drub4n 29th August 2009 20:00

I'm using the tutorial
The Perfect Server - Debian Lenny (Debian 5.0) [ISPConfig 3]

and there is no postfix configuration part

I change to myhostname =
but I don't know what to put on my_destination

_X_ 29th August 2009 20:17

here is the point where postfix is installed:

9 Install Postfix, Courier, Saslauthd, MySQL, phpMyAdmin, rkhunter, binutils

System mail name: <--

should be something like or just

same should go here:

vi /etc/courier/imapd.cnf

vi /etc/courier/pop3d.cnf

unfortunately i have different server configuration and cannot help you any further.

also same or should be used in ISPConfig install

Full qualified hostname (FQDN) of the server, eg server1.domain.tld []:

if there are some errors in logs you can post them so we can locate a problem.

if you used everywhere instead of or maybe you should change back to
myhostname =

drub4n 30th August 2009 00:58

thx _X_ for your tips

I replace everything with
regenerate key.
Imap and pop with SSL are ok
but I still cannot connect to smtp ... will continue investigation ...

I got something strange,
If I desactivate my firewall, I can see port 25 on nmap but filtered and still cannot access to it

any idea ?

till 30th August 2009 12:00

Your original file was absolutley fine. Please undo the changes that _X_ suggested in #2 as he has mixed up ispconfig 2 and ispconfig 3.

Please use something like or as hostname but not as this will cause a conflicht with the virtual domains otherwise.

Please post the output of

netstat -tap

and check your mail log for errors. Also contact your provider and ask them if they block port 25.

_X_ 30th August 2009 12:52

ISPConfig 3? ups ... didn't realize ... totally overlooked that info ... sry m8 :o

drub4n 30th August 2009 13:52

don't worry _X_

was not a big change and I keep it to, no more in my file

netstat - tap :


Connexions Internet actives (serveurs et établies)
Proto Recv-Q Send-Q Adresse locale          Adresse distante        Etat        PID/Program name
tcp        0      0 *:imaps                *:*                    LISTEN      27676/couriertcpd
tcp        0      0 *:pop3s                *:*                    LISTEN      30198/couriertcpd
tcp        0      0 localhost.localdo:10024 *:*                    LISTEN      12552/amavisd (mast
tcp        0      0 localhost.localdo:10025 *:*                    LISTEN      30739/master
tcp        0      0 *:mysql                *:*                    LISTEN      18377/mysqld
tcp        0      0 localhost.localdoma:940 *:*                    LISTEN      16028/famd
tcp        0      0 *:pop3                  *:*                    LISTEN      13206/couriertcpd
tcp        0      0 localhost.localdo:spamd *:*                    LISTEN      15023/
tcp        0      0 *:imap2                *:*                    LISTEN      13176/couriertcpd
tcp        0      0 *:sunrpc                *:*                    LISTEN      15852/portmap
tcp        0      0 *:http-alt              *:*                    LISTEN      11343/apache2
tcp        0      0 *:www                  *:*                    LISTEN      11343/apache2
tcp        0      0 *:ftp                  *:*                    LISTEN      27741/pure-ftpd (SE
tcp        0      0 ks37560.kimsufi.:domain *:*                    LISTEN      23912/mydns
tcp        0      0 localhost.locald:domain *:*                    LISTEN      23912/mydns
tcp        0      0 *:ssh                  *:*                    LISTEN      2606/sshd
tcp        0      0 *:smtp                  *:*                    LISTEN      30739/master
tcp        0      0 *:https                *:*                    LISTEN      11343/apache2

server is listening on port 25
with the fw on, I can't do anything on port 25 from remote computer
with the fw off, nmap say the port 25 is filtered
I use basic fw settings for under ISPconfig3 administration console wich are

TCP open ports : 20,21,22,25,53,80,110,143,443,3306,8080,10000
UDP open ports : 53,3306

Really disapointed with this issue ...

till 31st August 2009 12:23

Please set the firewall to off, wait a minute and then run:

iptables -L

and post the output.

drub4n 31st August 2009 12:52

iptables -L


Chain INPUT (policy ACCEPT)
target    prot opt source              destination

Chain FORWARD (policy ACCEPT)
target    prot opt source              destination

Chain OUTPUT (policy ACCEPT)
target    prot opt source              destination

Chain fail2ban-ssh (0 references)
target    prot opt source              destination
RETURN    all  --  anywhere            anywhere



All times are GMT +2. The time now is 13:46.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.