Mail Issue (Virtual Hosting Howto With Virtualmin On CentOS 5.1)

[skybrush]

Greetings!

I'm running a dedicated server. Linux Distri.: CentOS release 5.3 (Final) - fresh installation.

I'm following TopDog's Guide Virtual Hosting Howto With Virtualmin On CentOS 5.1(http://www.howtoforge.com/virtual-ho...n-on-centos5.1).
Everything works so far but I'm having trouble setting up Postfix right.
Currently I'm using the sample config file. On trying to send an email via Telnet, I get the following error:

Code:

[root@QJH002 postfix]# telnet mydomain.de 25
Trying xx.75.244.195...
Connected to mydomain.de (xx.75.244.195).
Escape character is '^]'.
220 tds mail cluster
mail from: address@yahoo.de
503 5.5.1 Error: send HELO/EHLO first
helo me
250 QJH002.mydomain.de
mail from: address@yahoo.de
451 4.7.1 Service unavailable - try again later

Any ideas? I love Linux, but this Postfix thingy makes me insane.

main.cf

Code:

command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
mydomain = mydomain.de
myorigin = $mydomain
unknown_local_recipient_reject_code = 550
unverified_recipient_reject_code = 550
unverified_sender_reject_code = 550
mynetworks = 127.0.0.0/8
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
virtual_alias_maps = hash:/etc/postfix/virtual
canonical_maps = hash:/etc/postfix/canonical
sender_canonical_maps = hash:/etc/postfix/canonical
recipient_canonical_maps = hash:/etc/postfix/canonical
address_verify_map = btree:/var/spool/postfix/verify
smtpd_sender_restrictions = hash:/etc/postfix/sender_access
mail_spool_directory = /var/spool/mail
home_mailbox = Maildir/
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_use_tls = yes
smtpd_tls_key_file = /etc/pki/postfix/key.pem
smtpd_tls_cert_file = /etc/pki/postfix/server.pem
smtpd_tls_CAfile = /etc/pki/postfix/root.crt
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
smtpd_tls_session_cache_database = btree:/var/spool/postfix/smtpd_tls_cache
smtp_use_tls = yes
smtp_tls_key_file = /etc/pki/postfix/key.pem
smtp_tls_cert_file = /etc/pki/postfix/server.pem
smtp_tls_CAfile = /etc/pki/postfix/root.crt
smtp_tls_session_cache_database = btree:/var/spool/postfix/smtp_tls_cache
smtp_tls_note_starttls_offer = yes
smtpd_tls_auth_only = yes
tls_random_source = dev:/dev/urandom
smtpd_sasl_auth_enable = yes
debug_peer_level = 2
debugger_command =
	 PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
	 xxgdb $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/sbin/sendmail.postfix
newaliases_path = /usr/bin/newaliases.postfix
mailq_path = /usr/bin/mailq.postfix
setgid_group = postdrop
html_directory = no
manpage_directory = /usr/share/man
sample_directory = /usr/share/doc/postfix-2.3.3/samples
readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES
smtpd_banner = tds mail cluster
smtpd_helo_required = yes
disable_vrfy_command = yes
show_user_unknown_table_name = no
policy_time_limit = 3600
smtpd_milters = unix:/var/clamav/clmilter.socket unix:/var/run/spamass.sock
non_smtpd_milters = unix:/var/clamav/clmilter.socket unix:/var/run/spamass.sock
smtpd_error_sleep_time = 5s
smtpd_soft_error_limit = 10
smtpd_hard_error_limit = 20
smtpd_data_restrictions = reject_unauth_pipelining
smtpd_recipient_restrictions =
 	permit_mynetworks
	permit_sasl_authenticated
 	reject_unauth_destination
 	check_recipient_access hash:/etc/postfix/access
 	reject_unknown_recipient_domain
 	reject_unknown_sender_domain
 	#reject_unknown_hostname
 	#reject_unknown_client
 	reject_unverified_recipient
 	#reject_unverified_sender
 	reject_non_fqdn_recipient
 	reject_non_fqdn_sender
 	#reject_non_fqdn_hostname
 	reject_invalid_hostname
 	reject_rbl_client list.dsbl.org
 	reject_rbl_client zen.spamhaus.org
 	reject_rbl_client l1.spews.dnsbl.sorbs.net
 	reject_rbl_client combined.njabl.org
 	reject_rbl_client bl.spamcop.net
 	reject_rhsbl_sender dsn.rfc-ignorant.org
 	reject_rhsbl_sender bogusmx.rfc-ignorant.org
 	reject_rhsbl_sender rhsbl.sorbs.net
 	reject_rhsbl_client dsn.rfc-ignorant.org
 	reject_rhsbl_client bogusmx.rfc-ignorant.org
 	reject_rhsbl_client rhsbl.sorbs.net
 	check_policy_service unix:private/spfpolicy

[falko]

Have you tried this with an email client such as Thunderbird or Outlook?
Any errors in your mail log?

[skybrush]

Hi and thank you for replying.

POP3 seems to work. If I try to send an email via Thunderbird it's the same error 4.7.1 "Service unavailable - try again later."

[skybrush]

/var/log/maillog

Code:

Oct  1 19:01:19 QJH002 postfix/cleanup[6510]: warning: connect to Milterservice unix:/var/clamav/clmilter.socket: Connection refused
Oct  1 19:01:19 QJH002 postfix/cleanup[6510]: BE1A710A01D9: milter-reject: CONNECT from localhost[127.0.0.1]: 4.7.1 Service unavailable - try again in later; from=<root@mydomain.de>
Oct  1 19:01:19 QJH002 postfix/cleanup[6510]: BE1A710A01D9: milter-reject: CONNECT from localhost[127.0.0.1]: 4.7.1 Service unavailable - try again later; from=<root@mydomain.de>

[skybrush]

After commenting out the milters I get 5.7.1 Relay Access Denied if i try to mail to extern domains, or 5.1.1 Recipient address rejected: undeliverable address: User unknown.

[falko]

Did you enable "Server requires authentication" in your email client?

[skybrush]

Yes.

Quote:

Oct 2 16:14:37 QJH002 postfix/smtpd[4996]: warning: cannot get private key from file /etc/pki/postfix/key.pem$
Oct 2 16:14:37 QJH002 postfix/smtpd[4996]: warning: TLS library problem values match:x509_cmp.c:398:: 4996:$
Oct 2 16:14:37 QJH002 postfix/smtpd[4996]: cannot load RSA certificate and key data

Yay, wrong TLS cert - no problem. I gonna manage this soon enough as I can recieve emails from CAcerts.org. It won't verify my domain if I don't click the activation link which i will probably never get. Isn't it ironic? I already tried to load the default postfix-conf and put my domain in. Still "I can break rules too, goodbye" error - and no mails incoming.

I'm really stressed. I wanna set this mail server up for virtual domains. I'm no idiot but it makes me think I'm retarded. -.-

edit:
Ok, here we go. I followed this tut http://wiki.centos.org/HowTos/postfix . Mail recieved, domain verified. I gonna work this out, again, very meticulous. Stay tuned.

edit #2:
Thank you so much. I'm always happy, getting pushed into the right direction. So the main problem was a bad certificate. Now i got one from CAcert.org. Afterwards I scrolled up the mail user manager of virtualmin - and it seems that i always logged in with the wrong account infos. In the end it was just the false loginname. It wasn't mailman but mailman.mydomain.
Right now I'm having little issue with pop3, but don't worry friends ^^ - it worked, i make it work again.

The End
It works. THANK YOU!