HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials
Page 1 of 2 1 2
Show 40 post(s) from this thread on one page

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Installation/Configuration (http://www.howtoforge.com/forums/forumdisplay.php?f=27)
-   -   PHP Mail Not Working (http://www.howtoforge.com/forums/showthread.php?t=56564)

3DPeruna 15th March 2012 18:07
PHP Mail Not Working
 
I've got (2) ISPConfig 3 servers. Server A hosts most domains and all emails. Server B hosts 1 domain, but no email. Server A has a direct IP address, Server B is behind a NAT.

I would like to set it up so Server B can send mail (via SMTP) through Server A.

Right now, I'm getting the following on Server B when I try to send mail through Server A: SMTP Error: Could not connect to SMTP host. Neither servers logs show anything (including running tail -f /var/log/syslog on both servers and watching what happens when I hit "send").

Thoughts

pititis 15th March 2012 18:58
Can you send email from A to B?

Some isp block port 25 to prevent spam from infected computers or spamers.

Try to check your firewall/iptables configuration and try to connect manually to anothers mail servers(from B) with:

Code:
telnet mailservername 25

3DPeruna 15th March 2012 20:30
Thanks... it does appear port 25 is blocked. However, our ISP itself doesn't block any of our ports (I've had this conversation with them in the past).

Also, both servers are connected to the same router, with nothing in the hardware firewall. If the firewall isn't on the router, where else might I look?

FYI: using http://network-tools.com/ I get a connection (that's rejected because relaying isn't allowed)

falko 16th March 2012 15:40
What are the outputs of
Code:
netstat -tap
and
Code:
iptables -L
on server A? Are there any errors in your mail logs (on both servers)?

3DPeruna 16th March 2012 16:54
Still pulling my hair out!
 
Server A:

netstat -tap

Code:
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address          Foreign Address        State      PID/Program name
tcp        0      0 localhost.localdo:10024 *:*                    LISTEN      1113/amavisd (maste
tcp        0      0 localhost.localdo:10025 *:*                    LISTEN      10998/master
tcp        0      0 *:mysql                *:*                    LISTEN      1061/mysqld
tcp        0      0 *:submission            *:*                    LISTEN      10998/master
tcp        0      0 *:http-alt              *:*                    LISTEN      11464/apache2
tcp        0      0 *:www                  *:*                    LISTEN      11464/apache2
tcp        0      0 XX-XXX-XXX-XXX.b:domain *:*                    LISTEN      2740/named
tcp        0      0 thisismydomain:domain *:*                    LISTEN      2740/named
tcp        0      0 localhost.locald:domain *:*                    LISTEN      2740/named
tcp        0      0 *:ftp                  *:*                    LISTEN      1934/pure-ftpd (SER
tcp        0      0 *:ssh                  *:*                    LISTEN      937/sshd
tcp        0      0 *:smtp                  *:*                    LISTEN      10998/master
tcp        0      0 localhost.localdoma:953 *:*                    LISTEN      2740/named
tcp        0      0 *:https                *:*                    LISTEN      11464/apache2
tcp        0      0 localhost.localdo:mysql localhost.localdo:50214 ESTABLISHED 1061/mysqld
tcp        0    248 thisismydomain.c:ssh 69-168-254-123.br:55688 ESTABLISHED 17411/sshd: ohdweb
tcp        0      0 localhost.localdo:50216 localhost.localdo:mysql ESTABLISHED 11489/smtpd
tcp        0      0 localhost.localdo:50213 localhost.localdo:mysql ESTABLISHED 13573/trivial-rewri
tcp        0      0 localhost.localdo:mysql localhost.localdo:50216 ESTABLISHED 1061/mysqld
tcp        0      0 localhost.localdo:mysql localhost.localdo:50213 ESTABLISHED 1061/mysqld
tcp        0      0 localhost.localdo:50204 localhost.localdo:mysql ESTABLISHED 13630/amavisd (ch1-
tcp        0      0 localhost.localdo:50215 localhost.localdo:mysql ESTABLISHED 11489/smtpd
tcp        0      0 localhost.localdo:50218 localhost.localdo:mysql ESTABLISHED 13574/proxymap
tcp        0      0 localhost.localdo:mysql localhost.localdo:50217 ESTABLISHED 1061/mysqld
tcp        0      0 thisismydomain.:smtp static.227.227.47:47934 TIME_WAIT  -
tcp        0      0 localhost.localdo:50221 localhost.localdo:mysql ESTABLISHED 13574/proxymap
tcp        0      0 localhost.localdo:10025 localhost.localdo:59219 TIME_WAIT  -
tcp        0      0 localhost.localdo:mysql localhost.localdo:50212 ESTABLISHED 1061/mysqld
tcp        0      0 localhost.localdo:59204 localhost.localdo:10025 ESTABLISHED 13630/amavisd (ch1-
tcp        0      0 localhost.localdo:49970 localhost.localdo:mysql TIME_WAIT  -
tcp        0      0 localhost.localdo:mysql localhost.localdo:50218 ESTABLISHED 1061/mysqld
tcp        0      0 localhost.localdo:mysql localhost.localdo:50221 ESTABLISHED 1061/mysqld
tcp        0      0 localhost.localdo:mysql localhost.localdo:50215 ESTABLISHED 1061/mysqld
tcp        0      0 localhost.localdo:10025 localhost.localdo:59204 ESTABLISHED 13654/smtpd
tcp        0      0 thisismydomain.:smtp 42.113.172.235:50138    TIME_WAIT  -
tcp        0      0 localhost.localdo:50214 localhost.localdo:mysql ESTABLISHED 13574/proxymap
tcp        0      0 localhost.localdo:50212 localhost.localdo:mysql ESTABLISHED 13574/proxymap
tcp        0      0 localhost.localdo:mysql localhost.localdo:50204 ESTABLISHED 1061/mysqld
tcp        0      0 localhost.localdo:50217 localhost.localdo:mysql ESTABLISHED 13574/proxymap
tcp6      0      0 [::]:imaps              [::]:*                  LISTEN      1752/couriertcpd
tcp6      0      0 [::]:pop3s              [::]:*                  LISTEN      1818/couriertcpd
tcp6      0      0 [::]:pop3              [::]:*                  LISTEN      1782/couriertcpd
tcp6      0      0 [::]:imap2              [::]:*                  LISTEN      1711/couriertcpd
tcp6      0      0 [::]:domain            [::]:*                  LISTEN      2740/named
tcp6      0      0 [::]:ftp                [::]:*                  LISTEN      1934/pure-ftpd (SER
tcp6      0      0 [::]:ssh                [::]:*                  LISTEN      937/sshd
tcp6      0      0 ip6-localhost:953      [::]:*                  LISTEN      2740/named
tcp6      0      0 thisismydomain.:pop3 69-168-254-123.br:58708 TIME_WAIT  -
tcp6      0      0 thisismydomain:imap2 69-168-254-123.br:49616 ESTABLISHED 8828/couriertls
tcp6      0      0 thisismydomain:imap2 69-168-254-123.br:49610 ESTABLISHED 8824/couriertls
tcp6      0      0 thisismydomain:imap2 69-168-254-123.br:49611 ESTABLISHED 8808/imapd
tcp6      0      0 thisismydomain:imap2 69-168-254-123.br:49615 ESTABLISHED 8829/couriertls
tcp6      0      0 thisismydomain:imap2 69-168-254-123.br:49617 ESTABLISHED 8813/imapd
tcp6      0      0 thisismydomain:imap2 69-168-254-123.br:53905 ESTABLISHED 4950/couriertls
tcp6      0      0 thisismydomain:imap2 69-168-254-123.br:49597 ESTABLISHED 8815/couriertls
tcp6      0      0 thisismydomain:imap2 69-168-254-123.br:65311 ESTABLISHED 5303/imapd
tcp6      0      0 thisismydomain:imap2 69-168-254-123.br:49595 ESTABLISHED 8817/couriertls
tcp6      0      0 thisismydomain:imap2 69-168-254-123.br:49603 ESTABLISHED 8825/couriertls
tcp6      0      0 thisismydomain:imap2 69-168-254-123.br:49612 ESTABLISHED 8819/couriertls
tcp6      0      0 thisismydomain.:pop3 69-168-254-123.br:58723 TIME_WAIT  -
iptables -L

Code:
Chain INPUT (policy ACCEPT)
target    prot opt source              destination
fail2ban-ssh  tcp  --  anywhere            anywhere            multiport dports ssh
fail2ban-courierimaps  tcp  --  anywhere            anywhere            multiport dports imaps
fail2ban-courierpop3  tcp  --  anywhere            anywhere            multiport dports pop3
fail2ban-courierimap  tcp  --  anywhere            anywhere            multiport dports imap2
fail2ban-pure-ftpd  tcp  --  anywhere            anywhere            multiport dports ftp,ftp-data,ftps,ftps-data

Chain FORWARD (policy ACCEPT)
target    prot opt source              destination

Chain OUTPUT (policy ACCEPT)
target    prot opt source              destination

Chain fail2ban-courierimap (1 references)
target    prot opt source              destination
RETURN    all  --  anywhere            anywhere

Chain fail2ban-courierimaps (1 references)
target    prot opt source              destination
RETURN    all  --  anywhere            anywhere

Chain fail2ban-courierpop3 (1 references)
target    prot opt source              destination
RETURN    all  --  anywhere            anywhere

Chain fail2ban-courierpop3s (0 references)
target    prot opt source              destination
RETURN    all  --  anywhere            anywhere

Chain fail2ban-pure-ftpd (1 references)
target    prot opt source              destination
RETURN    all  --  anywhere            anywhere

Chain fail2ban-sasl (0 references)
target    prot opt source              destination
RETURN    all  --  anywhere            anywhere

Chain fail2ban-ssh (1 references)
target    prot opt source              destination
RETURN    all  --  anywhere            anywhere
/etc/postfix/main.cf
Code:
# See /usr/share/postfix/main.cf.dist for a commented, more complete version


# Debian specific:  Specifying a file name will cause the first
# line of that file to be used as the name.  The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

readme_directory = /usr/share/doc/postfix

# TLS parameters
smtpd_tls_cert_file = /etc/postfix/smtpd.cert
smtpd_tls_key_file = /etc/postfix/smtpd.key
smtpd_use_tls = yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.

myhostname = thisismydomain.com
alias_maps = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
alias_database = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
myorigin = /etc/mailname
mydestination = thisismydomain.com, localhost, localhost.localdomain, $mydomains
relayhost =
mynetworks = 127.0.0.0/8 [::1]/128, XXX.XXX.XXX.XXX
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
html_directory = /usr/share/doc/postfix/html
virtual_alias_domains =
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, proxy:mysql:/etc/postfix/mysql-virtual_email2email.cf, hash:/var/lib/mailman/data/virtual-mailman
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
virtual_mailbox_base = /var/vmail
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_sasl_authenticated_header = yes
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
smtpd_tls_security_level = may
transport_maps = proxy:mysql:/etc/postfix/mysql-virtual_transports.cf
relay_domains = mysql:/etc/postfix/mysql-virtual_relaydomains.cf
relay_recipient_maps = mysql:/etc/postfix/mysql-virtual_relayrecipientmaps.cf
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_$
smtpd_sender_restrictions = check_sender_access mysql:/etc/postfix/mysql-virtual_sender.cf
smtpd_client_restrictions = check_client_access mysql:/etc/postfix/mysql-virtual_client.cf
smtpd_client_message_rate_limit = 100
maildrop_destination_concurrency_limit = 1
maildrop_destination_recipient_limit = 1
virtual_transport = maildrop
header_checks = regexp:/etc/postfix/header_checks
mime_header_checks = regexp:/etc/postfix/mime_header_checks
nested_header_checks = regexp:/etc/postfix/nested_header_checks
body_checks = regexp:/etc/postfix/body_checks
owner_request_special = no
content_filter = amavis:[127.0.0.1]:10024
receive_override_options = no_address_mappings
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
smtpd_tls_auth_only = no
smtp_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_CAfile = /usr/local/ispconfig/interface/ssl/startssl.chain.class1.server.crt
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
message_size_limit = 0
Just looking to get Server B to send through Server A...

Server B is behind a NAT on a Cisco router. All ports open, nothing blocked at the router level.

sjau 16th March 2012 19:40
if you can't get it to work directly, an alternate approach would be to setup a open between those two servers. Then you can route the email though the vpn tunnel hence it uses a different port.

Or you can use alternate ports for smtp... I usually do also free 2500 and 2525 or you could try the submission port (587)

kwickcut 16th March 2012 20:09
i assume that you are running this from your house, or work. i would check the outside ports to make sure they are open. i have heard that line before yes port 25 is open but the person that you are talking to knows nothing other then what is on the monitor in front of them.

to check your ports you can use this site

http://www.yougetsignal.com/tools/open-ports/

if port 25 is blocked you can use a relay service to send mail out on port 2525


this is how i have to do it sucks having to pay for a service but what are you going to do.

3DPeruna 16th March 2012 23:12
Thanks. Going to http://www.yougetsignal.com/tools/open-ports/ shows port 25 open at Server A.

When I send an email from Server B, though, I'm getting this:

Code:
Mar 16 17:00:21 myserver postfix/smtpd[26622]: connect from unknown[192.168.1.220]
Mar 16 17:00:21 myserver postfix/smtpd[26622]: DA35B1C014C6: client=unknown[192.168.1.220], sasl_method=PLAIN, sasl_username=web@mail.myserver.com
Mar 16 17:00:21 myserver postfix/cleanup[26624]: DA35B1C014C6: message-id=<4F63B7F4.2050900@mail.myserver.com>
Mar 16 17:00:21 myserver postfix/qmgr[13490]: DA35B1C014C6: from=<web@mail.myserver.com>, size=1227, nrcpt=1 (queue active)
Mar 16 17:00:22 myserver postfix/smtpd[26622]: disconnect from unknown[192.168.1.220]
Mar 16 17:00:28 myserver postfix/smtpd[26684]: connect from localhost.localdomain[127.0.0.1]
Mar 16 17:00:28 myserver postfix/smtpd[26684]: 3A0AB1C01543: client=localhost.localdomain[127.0.0.1]
Mar 16 17:00:28 myserver postfix/cleanup[26624]: 3A0AB1C01543: message-id=<4F63B7F4.2050900@mail.myserver.com>
Mar 16 17:00:28 myserver postfix/qmgr[13490]: 3A0AB1C01543: from=<web@mail.myserver.com>, size=1747, nrcpt=1 (queue active)
Mar 16 17:00:28 myserver postfix/smtpd[26684]: disconnect from localhost.localdomain[127.0.0.1]
Mar 16 17:00:28 myserver amavis[21490]: (21490-05) Passed CLEAN, LOCAL [192.168.1.220] [192.168.1.220] <web@mail.myserver.com> -> <myemail@servera.com>, Message-ID: <4F63B7F4.2050900@mail.myserver.com>, mail_id: 2Yyk4P8SpjER, Hits: -0.999, size: 1227, queued_as: 3A0AB1C01543, 6339 ms
Mar 16 17:00:28 myserver postfix/smtp[26681]: DA35B1C014C6: to=<myemail@servera.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=6.6, delays=0.22/0/0.01/6.3, dsn=2.0.0, status=sent (250 2.0.0 from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 3A0AB1C01543)
Mar 16 17:00:28 myserver postfix/qmgr[13490]: DA35B1C014C6: removed
Mar 16 17:00:28 myserver postfix/error[26704]: 3A0AB1C01543: to=<myemail@servera.com>, relay=none, delay=0.15, delays=0.08/0.01/0/0.06, dsn=4.4.1, status=deferred (delivery temporarily suspended: connect to mail.servera.com[69.168.254.122]:25: Connection timed out)
Maybe I should just go enjoy the weather which is abnormally, but fantastically warm, and come back to this Monday...

Lancelot28 19th March 2012 11:42
http://www.infoocean.info/avatar1.jpgCan you send email from A to B?

3DPeruna 19th March 2012 23:47
Ok... so this is what I've got.

A & B won't talk to each other, but I can send from out side (for instance Gmail) to A and B.

Here's the setup:

Cisco Router has a static IP of XXX.XXX.XXX.123
Server A is behind the Cisco router with a static IP XXX.XXX.XXX.122
Server B is behind the Cisco Router with a static IP 192.168.1.252, but NATed to XXX.XXX.XXX.124.

Web services work great on A & B. Email is just fine on A. Email is fine on B. Except B won't talk to A and vice versa.

I can't send mail to A or B. If I try to send from B to A, on server B I get:

Code:
Mar 19 17:31:39 serverB postfix/smtp[23088]: 340211C01594: to=<email@serverA.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=0.69, delays=0.14/0/0.01/0.54, dsn=2.0.0, status=sent (250 2.0.0 from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as B80CE1C0159E)
Also, nothing shows in the logs on Server A when sending from B to A.

When I send from A to B, on server A I get:

Code:
Mar 19 15:24:41 serverA postfix/smtpd[3997]: warning: XXX.XXX.XXX.123: hostname XXX-XXX-XXX-123.myisp.net verification failed: Name or service not known
Mar 19 15:24:41 serverA postfix/smtpd[3997]: connect from unknown[XXX.XXX.XXX.123]
Mar 19 15:24:41 serverA postfix/smtpd[3997]: BBAC71EA0047: client=unknown[XXX.XXX.XXX.123], sasl_method=PLAIN, sasl_username=email@serverA.com
Mar 19 15:24:41 serverA postfix/cleanup[4000]: BBAC71EA0047: message-id=<4F679609.9000706@serverA.com>
Mar 19 15:24:41 serverA postfix/qmgr[9943]: BBAC71EA0047: from=<email@serverA.com>, size=52240, nrcpt=1 (queue active)
Mar 19 15:24:41 serverA postfix/smtpd[3997]: disconnect from unknown[XXX.XXX.XXX.123]
Mar 19 15:24:42 serverA postfix/smtpd[4004]: connect from localhost.localdomain[127.0.0.1]
Mar 19 15:24:42 serverA postfix/smtpd[4004]: 35B071EA0AB7: client=localhost.localdomain[127.0.0.1]
Mar 19 15:24:42 serverA postfix/cleanup[4000]: 35B071EA0AB7: message-id=<4F679609.9000706@serverA.com>
Mar 19 15:24:42 serverA postfix/smtpd[4004]: disconnect from localhost.localdomain[127.0.0.1]
Mar 19 15:24:42 serverA postfix/qmgr[9943]: 35B071EA0AB7: from=<email@serverA.com>, size=52750, nrcpt=1 (queue active)
Mar 19 15:24:42 serverA amavis[5714]: (05714-11) Passed CLEAN, [XXX.XXX.XXX.123] [XXX.XXX.XXX.123] <email@serverA.com> -> <email@serverB.com>, Message-ID: <4F679609.9000706@serverA.com>, mail_id: QDiV7azwhtUI, Hits: -1.205, size: 52240, queued_as: 35B071EA0AB7, 429 ms
Mar 19 15:24:42 serverA postfix/smtp[4001]: BBAC71EA0047: to=<email@serverB.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=0.55, delays=0.12/0/0/0.43, dsn=2.0.0, status=sent (250 2.0.0 from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 35B071EA0AB7)
Mar 19 15:24:42 serverA postfix/qmgr[9943]: BBAC71EA0047: removed
Mar 19 15:24:42 serverA postfix/smtp[4026]: 35B071EA0AB7: to=<email@serverB.com>, relay=none, delay=0.14, delays=0.04/0/0.09/0, dsn=5.4.6, status=bounced (mail for serverB.com loops back to myself)
Mar 19 15:24:42 serverA postfix/cleanup[4000]: 60C611EA0C3B: message-id=<20120319202442.60C611EA0C3B@serverA.com>
Mar 19 15:24:42 serverA postfix/bounce[4027]: 35B071EA0AB7: sender non-delivery notification: 60C611EA0C3B
Mar 19 15:24:42 serverA postfix/qmgr[9943]: 60C611EA0C3B: from=<>, size=3247, nrcpt=1 (queue active)
Mar 19 15:24:42 serverA postfix/qmgr[9943]: 35B071EA0AB7: removed
Mar 19 15:24:42 serverA postfix/pipe[4007]: 60C611EA0C3B: to=<email@serverA.com>, relay=maildrop, delay=0.1, delays=0.03/0/0/0.07, dsn=2.0.0, status=sent (delivered via maildrop service)
Mar 19 15:24:42 serverA postfix/qmgr[9943]: 60C611EA0C3B: removed
and on Server B:

Code:
Mar 19 17:40:35 serverB postfix/smtp[24568]: B80CE1C0159E: to=<email@serverA.com>, relay=none, delay=535, delays=505/0.08/30/0, dsn=4.4.1, status=deferred (connect to serverA.com[XXX.XXX.XXX.122]:25: Connection timed out)
Mar 19 17:40:35 serverB postfix/smtp[24572]: connect to serverA.com[XXX.XXX.XXX.122]:25: Connection timed out
Originally, I was trying to get a web site on Server B to use SMTP to connect to Server A to send emails, but nothing was working. As an alternative, I created some accounts on Server B to send to the Server A accounts, but those weren't working, either.

There is something with how things are configured that keeps A and B from talking to each other on Port 25 (or 587)... but both can talk to the rest of the world.


All times are GMT +2. The time now is 08:03.
Page 1 of 2 1 2
Show 40 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2013, vBulletin Solutions, Inc.