Can't receive external mail anymore - Ubuntu 8.10, ISPconfig, postfix, etc...

[malou]

Hi everybody,


I have my server who's been up and running for more than a years without problem. But since a couple of weeks, no more external email can reach my server as it used to. It worked for more than a years and now it's not working anymore. I have this email who was sent by an external address march 28, but since, no more external mail.

I've search this forum and googled for the last 5 days. I tried many different solutions, none of them worked. I checked all Postfix settings, check every log, every DNS solution possible, I even setup a temp server with virtualbox, no external email ends-up in my inbox...

Internal email, sent either by php Mail function or by roundcube to an address on my server work. But if I tried with hotmail or an other external mail service, no email can reach my server...


My ISP always blocked port 25 from the beggening, I know that. But this didn't stopped me from receiving my emails in the past. The only thing that changed since it stopped working are:

- I install java on my server for some testing and remove it after the test.
- I change some port in my router port forward. But then again, I just checked and everyting ok on this side...


I tried every solutions I know and it's getting me crazy, so now I ask for your help...


Thanks in advance!



Infos:
I'am running Ubuntu Server 8.10 with ISPconfig 2.2.24

Domains:
- hmweb.ca (I change a couple of DNS setting for this one, but it seems ok...)
- iduff.ca (this one is like it used to be when everything was working)


Postfix main.cf

Code:

alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
home_mailbox = Maildir/
inet_interfaces = all
inet_protocols = all
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
mydestination = /etc/postfix/local-host-names
myhostname = hmweb.ca
mynetworks = 127.0.0.0/8
myorigin = /etc/mailname
readme_directory = no
recipient_delimiter = +
relayhost = smtp1.sympatico.ca
smtp_tls_note_starttls_offer = yes
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtp_use_tls = yes
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_local_domain = 
smtpd_sasl_security_options = noanonymous
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_auth_only = no
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom

- relayhost needed because of blocked port 25...

Postfix master.cf

Code:

#
# Postfix master process configuration file.  For details on the format
# of the file, see the master(5) manual page (command: "man 5 master").
#
# Do not forget to execute "postfix reload" after editing this file.
#
# ==========================================================================
# service type  private unpriv  chroot  wakeup  maxproc command + args
#               (yes)   (yes)   (yes)   (never) (100)
# ==========================================================================
smtp      inet  n       -       -       -       -       smtpd
#submission inet n       -       -       -       -       smtpd
#  -o smtpd_tls_security_level=encrypt
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#  -o milter_macro_daemon_name=ORIGINATING
#smtps     inet  n       -       -       -       -       smtpd
#  -o smtpd_tls_wrappermode=yes
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#  -o milter_macro_daemon_name=ORIGINATING
#628      inet  n       -       -       -       -       qmqpd
pickup    fifo  n       -       -       60      1       pickup
cleanup   unix  n       -       -       -       0       cleanup
qmgr      fifo  n       -       n       300     1       qmgr
#qmgr     fifo  n       -       -       300     1       oqmgr
tlsmgr    unix  -       -       -       1000?   1       tlsmgr
rewrite   unix  -       -       -       -       -       trivial-rewrite
bounce    unix  -       -       -       -       0       bounce
defer     unix  -       -       -       -       0       bounce
trace     unix  -       -       -       -       0       bounce
verify    unix  -       -       -       -       1       verify
flush     unix  n       -       -       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
proxywrite unix -       -       n       -       1       proxymap
smtp      unix  -       -       -       -       -       smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
relay     unix  -       -       -       -       -       smtp
        -o smtp_fallback_relay=
#       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq     unix  n       -       -       -       -       showq
error     unix  -       -       -       -       -       error
retry     unix  -       -       -       -       -       error
discard   unix  -       -       -       -       -       discard
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       -       -       -       lmtp
anvil     unix  -       -       -       -       1       anvil
scache    unix  -       -       -       -       1       scache
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# Many of the following services use the Postfix pipe(8) delivery
# agent.  See the pipe(8) man page for information about ${recipient}
# and other message envelope options.
# ====================================================================
#
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
maildrop  unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
#
# See the Postfix UUCP_README file for configuration details.
#
uucp      unix  -       n       n       -       -       pipe
  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
#
# Other external delivery methods.
#
ifmail    unix  -       n       n       -       -       pipe
  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp     unix  -       n       n       -       -       pipe
  flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix  -       n       n       -       2       pipe
  flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman   unix  -       n       n       -       -       pipe
  flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
  ${nexthop} ${user}

There nothing about incoming (external) email in mail.log

Router IP: 192.168.2.1
Server internal IP: 192.168.2.21
External IP: 76.68.155.140 (then again, it can change since I'm stuck with dynamic IP)

Telnet:

Code:

Trying 192.168.2.21...
Connected to hmweb.ca.
Escape character is '^]'.
220 hmweb.ca ESMTP Postfix (Ubuntu)
ehlo localhost
250-hmweb.ca
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
quit
221 2.0.0 Bye
Connection closed by foreign host.

what else... test email adress if you want:
admin<at>hmweb.ca
admin<at>iduff.ca


Returned error from hotmail server...

Quote:

This is an automatically generated Delivery Status Notification.

Unable to deliver message to the following recipients, due to being unable to connect successfully to the destination mail server.

admin@hmweb.ca

P.S.: Sorry for my english, I usualy speek French....

[malou]

I made another test this morning with a different email address and I received this warning:

Code:

--- Session Transcript ---
 Tue 2009-04-14 12:51:39: Parsing message <xxxxxxxxxxxxxxxxxx\pd35002439848.msg>
 Tue 2009-04-14 12:51:39: *  From: xxx@yyy.ca
 Tue 2009-04-14 12:51:39: *  To: admin@hmweb.ca
 Tue 2009-04-14 12:51:39: *  Subject: test email =?iso-8859-1?Q?c=E9gep?=
 Tue 2009-04-14 12:51:39: *  Message-ID: <WorldClient-F200904141149.AA49523444@yyy.ca>
 Tue 2009-04-14 12:51:39: Attempting SMTP connection to [hmweb.ca]
 Tue 2009-04-14 12:51:39: Resolving MX records for [hmweb.ca] (DNS Server: 10.201.1.3)...
 Tue 2009-04-14 12:51:39: *  P=010 S=000 D=hmweb.ca TTL=(30) MX=[smtp.hmweb.ca] {76.68.155.140}
 Tue 2009-04-14 12:51:39: *  P=020 S=001 D=hmweb.ca TTL=(30) MX=[mail.iduff.ca] {76.68.155.140}
 Tue 2009-04-14 12:51:39: Attempting SMTP connection to [76.68.155.140:25]
 Tue 2009-04-14 12:51:39: Waiting for socket connection...
 Tue 2009-04-14 12:52:00: *  Winsock Error 10060 The connection timed out.
 Tue 2009-04-14 12:52:00: Attempting SMTP connection to [76.68.155.140:25]
 Tue 2009-04-14 12:52:00: *  76.68.155.140 in connection failure cache for up to 5 minutes due to previous connection failure(s)
 Tue 2009-04-14 12:52:00: This message is 62 minutes old; it has 0 minutes left in this queue
 Tue 2009-04-14 12:52:00: Remote queue lifetime exceeded; message placed in retry queue
--- End Transcript ---

(I changed the sender email address for privacy)


I knew my ISP is blocking outgoing port 25 because in outlook or Apple Mail I have to use their SMTP server to send mail, but could they decide to block incoming trafic on port 25? It's very strange...

I'll double check everything, but any advice would be welcome!


thanks,
Malou


P.s.: My router port mapping:

Code:

Custom Configuration	UDP	110	192.168.2.21	
	
	
Custom Configuration	TCP	3306	192.168.2.21	
	
	
Custom Configuration	UDP	465	192.168.2.21	
	
	
HTTP	TCP	80 - 81	192.168.2.21	
	
	
FTP	TCP	FTP / 21	192.168.2.21	
	
	
Custom Configuration	TCP	110	192.168.2.21	
	
	
Custom Configuration	UDP	3306	192.168.2.21	
	
	
Custom Configuration	TCP	443	192.168.2.21	
	
	
Custom Configuration	TCP	995	192.168.2.21	
	
	
Custom Configuration	TCP	8080	192.168.2.21	
	
	
Custom Configuration	UDP	8080	192.168.2.21	
	
	
SMTP	TCP	SMTP / 25	192.168.2.21	
	
	
Custom Configuration	UDP	SMTP / 25	192.168.2.21	
	
	
Custom Configuration	TCP	22	192.168.2.21	
	
	
Custom Configuration	UDP	22	192.168.2.21	
	
	
Custom Configuration	UDP	995	192.168.2.21	
	
	
Custom Configuration	TCP	465	192.168.2.21	
	
	
Custom Configuration	TCP	143	192.168.2.21	
	
	
Custom Configuration	UDP	143	192.168.2.21

192.168.2.21 is my server IP and port 25 point to my server....

[falko]

If your provider is blocking port 25, then this is the problem.

[malou]

That's what I think is appening.

But on the other hand, enverything was working fine until last month. I knew they block outgoing (me ->internet) port 25 because I always had to use their smtp server to send email. But blocking incoming trafic (internet -> me), that must be new... Unless it's me who screw up something...



Anyway, thanks. I'll see how I can deal with them now...