Not receiving email

Discussion in 'General' started by Abinash Kumar, Jul 23, 2021.

  1. Abinash Kumar

    Abinash Kumar New Member

    Can anyone help me please, We have ISPConfig latest Version in debian version 8, We are using MS Outlook as my default email to send and receive email. Everything is working fine, but we can't receiving email from our some customer. Can anyone help me please.
     
    abintipl likes this.
  2. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    ISPConfig latest version does not support old Debian 8 version.
    As for the e-mail receiving problem, look at mail log to see if if those e-mails arrive at your server and if they do arrive, what happens to them.
     
    abintipl and Abinash Kumar like this.
  3. Abinash Kumar

    Abinash Kumar New Member

    Hello,

    Thank you for the reply.

    My set up is working fine for past over an year, I can send and receive emails EXCEPT FROM 2 customers. All other clients can send / receive
    Your guidance to resolve this issue will be appreciated !
    My server mail que looks as under;
    I have also logged in your server with root user & have also followed tutorial given on this link www. faqforge.com/linux/server/manage-the-postfix-mail-queue-with-postsuper-postqueue-und-mailq/

    postqueue -p
    Output looks like this

    [email protected]:~# postqueue -p
    -Queue ID- --Size-- ----Arrival Time---- -Sender/Recipient-------
    D0BEF701AE8 23388 Mon Jul 19 22:35:42 MAILER-DAEMON
    (connect to mail.kikiwu.shop[xxx.xxx.xx.xxx]:25: Connection refused)
    xy @your.com

    232E97028C2 9151293 Wed Jul 21 11:52:25 xx @example.com
    (host us2.mx3.mailhostbox.com[xxx.xxx.xx.xxx] said: 454-4.7.1 xy @your.com: Relay access denied 454 4.7.1 Please see http:// support.mailhostbox.com/email-administrators-guide-error-codes/ for explanation of the problem. (in reply to RCPT TO command))
    xyz @your.com
    (host us2.mx3.mailhostbox.com[xxx.xxx.xx.xxx] said: 454-4.7.1 xy @your.com: Relay access denied 454 4.7.1 Please see http:// support.mailhostbox.com/email-administrators-guide-error-codes/ for explanation of the problem. (in reply to RCPT TO command))
    Xyz @your.com

    -- 8959 Kbytes in 2 Requests.
    [email protected]:~#

    Mail log in ISPCONFIG looks like below;

    Jul 23 11:27:45 server postfix/lmtp[6439]: EAB8A702E2E: to=xx @example.com, relay=server.example.com[private/dovecot-lmtp], delay=0.06, delays=0.01/0.02/0.02/0.01, dsn=2.0.0, status=sent (250 2.0.0 xx @example.com yJGL+mA0GQAA/lzhbA Saved)
    Jul 23 11:27:45 server dovecot: lmtp(6452): Disconnect from local: Successful quit
    Jul 23 11:27:46 server postfix/smtp[6450]: EAB8A702E2E: to=yy @your.com, relay=mx01.your.com[xxx.xx.xx.xx]:25, delay=1.7, delays=0.01/0.05/1.1/0.61, dsn=2.0.0, status=sent (250 ok: Message 40897201 accepted)
    Jul 23 11:27:46 server postfix/qmgr[31911]: EAB8A702E2E: removed
    Jul 23 11:27:56 server dovecot: pop3-login: Login: user= xy @example.com, method=PLAIN, rip=xxx.xxx.xx.xxx, lip=1xx.2xx.2xx.1xx, mpid=6455, session=<1g7UfHQVvf6UXN>
    Jul 23 11:27:57 server dovecot: pop3(xy @example.com): Disconnected: Logged out top=0/0, retr=0/0, del=0/431, size=192482749
    Jul 23 11:27:59 server dovecot: pop3-login: Login: user=xx @example.com, method=PLAIN, rip=xxx.xxx.xx.xxx, lip=1xx.2xx.2xx.1xx, mpid=6457, session=</zTzBHxF7f6UXN>
    Jul 23 11:27:59 server dovecot: pop3(xx @example.com): Disconnected: Logged out top=0/0, retr=1/11242, del=0/229, size=68859049
    Jul 23 11:28:06 server postfix/smtp[6445]: D0A702DFE: to=l.v @your.com, relay=mx01.your.com[10x.xx.xx.xx]:25, delay=26, delays=0.09/0.02/1.2/25, dsn=2.0.0, status=sent (250 ok: Message 40897173 accepted)
    Jul 23 11:28:06 server postfix/qmgr[31911]: D0A9E702DFE: removed
    Jul 23 11:28:12 server postfix/smtpd[6314]: warning: hostname abts-north-dynamic-xxx.xx.xxx.xxx. telbroad.xxx does not resolve to address xxx.xxx.xx.xxx: Name or service not known
    Jul 23 11:28:12 server postfix/smtpd[6314]: connect from unknown[xxx.xxx.xx.xxx]
    Jul 23 11:28:13 server postfix/smtpd[6314]: NOQUEUE: filter: RCPT from unknown[xxx.xxx.xx.xxx]: xx @example.com: Sender address triggers FILTER lmtp:[127.0.0.1]:10026; from= xx @example.com to= xy @example.com proto=ESMTP helo=<DESKTOPRAE5MLE>
    Jul 23 11:28:13 server postfix/smtpd[6314]: 3E6F0702D3E: client=unknown[xxx.xxx.xx.xxx], sasl_method=LOGIN, sasl_username= xx @example.com
    Jul 23 11:28:13 server postfix/smtpd[6314]: 3E6F0702D3E: filter: RCPT from unknown[xxx.xxx.xx.xxx]: xx @example.com: Sender address triggers FILTER lmtp:[127.0.0.1]:10026; from= xx @example.com to= ab @your.com proto=ESMTP helo=<DESKTOPRAE5MLE>
    Jul 23 11:28:13 server postfix/smtpd[6314]: 3E6F0702D3E: filter: RCPT from unknown[xxx.xxx.xx.xxx]: xx @example.com: Sender address triggers FILTER lmtp:[127.0.0.1]:10026; from= xx @example.com to= bb @example.com proto=ESMTP helo=<DESKTOPRAE5MLE>
    Jul 23 11:28:14 server postfix/smtpd[6314]: 3E6F0702D3E: filter: RCPT from unknown[xxx.xxx.xx.xxx]: xx @example.com: Sender address triggers FILTER lmtp:[127.0.0.1]:10026; from= xx @example.com to= abc @your.com proto=ESMTP helo=<DESKTOPRAE5MLE>
    Jul 23 11:28:15 server postfix/cleanup[5632]: 3E6F0702D3E: message-id=065d01d77fa5$0fbf5dd0$2f3e1970$ @example.com
    Jul 23 11:28:15 server postfix/qmgr[31911]: 3E6F0702D3E: from= xx @example.com, size=5121, nrcpt=4 (queue active)
    Jul 23 11:28:15 server postfix/smtpd[6443]: connect from localhost.localdomain[127.0.0.1]
    Jul 23 11:28:15 server postfix/smtpd[6443]: 6A37B702DF4: client=localhost.localdomain[127.0.0.1]
    Jul 23 11:28:15 server postfix/cleanup[6444]: 6A37B702DF4: message-id= 065d01d77fa5$0fbf5dd0$2f3e1970$ @example.com
    Jul 23 11:28:15 server postfix/qmgr[31911]: 6A37B702DF4: from= xx @example.com, size=6227, nrcpt=4 (queue active)
    Jul 23 11:28:15 server postfix/smtpd[6443]: disconnect from localhost.localdomain[127.0.0.1] ehlo=1 mail=1 rcpt=4 data=1 quit=1 commands=8
    Jul 23 11:28:15 server amavis[2981]: (02981-17) Passed CLEAN {RelayedInternal,RelayedOutbound}, ORIGINATING LOCAL [127.0.0.1] [xxx.xxx.xx.xxx] xx @example.com -> abc @your.com,xy @example.com,bb @example.com, Message-ID: 065d01d77fa5$0fbf5dd0$2f3e1970$ @example.com, mail_id: sRbJ4DZbqO_y, Hits: -0.926, size: 5121, queued_as: 6A37B702DF4, dkim_new=default:example.com, 426 ms
    Jul 23 11:28:15 server postfix/lmtp[6451]: 3E6F0702D3E: to= abc @your.com, relay=127.0.0.1[127.0.0.1]:10026, delay=2.5, delays=2/0/0.01/0.42, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10027): 250 2.0.0 Ok: queued as 6A37B702DF4)
    Jul 23 11:28:15 server postfix/lmtp[6451]: 3E6F0702D3E: to= dbe @your.com, relay=127.0.0.1[127.0.0.1]:10026, delay=2.5, delays=2/0/0.01/0.42, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10027): 250 2.0.0 Ok: queued as 6A37B702DF4)
    Jul 23 11:28:15 server postfix/lmtp[6451]: 3E6F0702D3E: to= xy @example.com, relay=127.0.0.1[127.0.0.1]:10026, delay=2.5, delays=2/0/0.01/0.42, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10027): 250 2.0.0 Ok: queued as 6A37B702DF4)
    Jul 23 11:28:15 server postfix/lmtp[6451]: 3E6F0702D3E: to= abc @example.com, relay=127.0.0.1[127.0.0.1]:10026, delay=2.5, delays=2/0/0.01/0.42, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10027): 250 2.0.0 Ok: queued as 6A37B702DF4)
    Jul 23 11:28:15 server dovecot: lmtp(6452): Connect from local
    Jul 23 11:28:15 server postfix/qmgr[31911]: 3E6F0702D3E: removed
     
  4. Jesse Norell

    Jesse Norell ISPConfig Developer Staff Member ISPConfig Developer

    To clarify, you have 2 mail domains hosted on your server which cannot receive mail? Or they cannot send mail to you, which is another account hosted on the server? Or more specifically, what is the issue?

    It would be helpful if you could just paste log messages without obfuscating things, and explain what sender tries to send to what recipient when it fails; but if you are going to obfuscate the logs, as least say what obfuscated sender is sending to what obfuscated recipient. Eg. the above shows mail both from and to "example.com" and "your.com" - it's not clear / hard to guess what we're even looking at.
     
  5. Abinash Kumar

    Abinash Kumar New Member

    Hi,

    Thank you for the answers.

    In order to resolve this issue, I further looked in Mail Log & found the Email from a particular Domain not being received at our end ( This was the problem, I posted initially to create this thread)

    Senderdomain.com is the example name of the domain from which we do not receive emails
    receivercom is the example name of my SERVER domain to which have to receive emails

    Here is the mail log output, please guide me the steps to be modified in my server.

    Jul 27 09:36:01 server postfix/smtpd[18951]: NOQUEUE: reject: RCPT from abs7.senderdomain.com [2xx.xx.xxxx.xx]: 450 4.7.1 < abs7.senderdomain.com >: Helo command rejected: Host not found; [email protected] [email protected] proto=ESMTP helo=<abs7.senderdomain.com>

    Jul 27 09:36:01 server postfix/smtpd[18951]: disconnect from abs7.senderdomain.com [2xx.xx.xxx.xx] ehlo=2 starttls=1 mail=1 rcpt=0/3 quit=1 commands=5/8

    Thank you
     
  6. Th0m

    Th0m ISPConfig Developer Staff Member ISPConfig Developer

    I suspect this is a misconfiguration on the senders end.
     
  7. Abinash Kumar

    Abinash Kumar New Member

    Hi,

    That is what I thought, but customer is not willing to make any changes in his company email system

    Can I make any changes in the my server Main.cf by bypassing Helo handshaking to allow only this customer to send email to our company email server

    If yes, please guide with the steps to change in the Postfix main.cf

    Thank you for your help!
     
  8. Jesse Norell

    Jesse Norell ISPConfig Developer Staff Member ISPConfig Developer

    In the server config, under the Mail tab change the setting 'Reject unknown hostname', eg. to reject unknown client hostname.
     
    Abinash Kumar, abintipl and Th0m like this.
  9. Abinash Kumar

    Abinash Kumar New Member

    Dear Sir,

    Thank you so much for the instructions, it works now!

    Regards
     
  10. Abinash Kumar

    Abinash Kumar New Member

    Hi,
    Now my incoming email issue sorted out, to make my email server secure and upto date with the latest updates.
    I have few more questions ask after I checked mail log more carefully,

    Some lines in the log looks like
    Jul 28 07:37:29 server postfix/smtps/smtpd[10842]: warning: unknown[212.70.149.71]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
    Jul 28 07:37:34 server postfix/smtps/smtpd[10842]: lost connection after AUTH from unknown[212.70.149.71]
    Jul 28 07:37:34 server postfix/smtps/smtpd[10842]: disconnect from unknown[212.70.149.71] ehlo=1 auth=0/1 rset=1 commands=2/3
    Jul 28 07:35:54 server postfix/smtpd[10160]: warning: unknown[190.109.73.107]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
    Jul 28 07:35:54 server postfix/smtpd[10160]: lost connection after AUTH from unknown[190.109.73.107]
    Jul 28 07:35:54 server postfix/smtpd[10160]: disconnect from unknown[190.109.73.107] ehlo=1 auth=0/1 commands=1/2

    I checked not these IP location on https://www.ip2location.com/demo/190.109.73.107
    To me it looks someone attempting to connecting to our server.
    Can I block these IPs in Ispconfig panel so they cannot connect to my server.

    Please guide the steps to follow.

    Regards,
    Abinash
     
  11. till

    till Super Moderator Staff Member ISPConfig Developer

    These get blocked automatically by fail2ban after a few tries, so no need to manually block them. See fail2ban.log for details and to check if the tool works.
     
  12. Abinash Kumar

    Abinash Kumar New Member

    Sir,

    My fail2ban log working & looks like below,

    2021-07-28 09:19:44,417 fail2ban.filter [1069]: INFO [postfix-sasl] Found 78.128.113.98
    2021-07-28 09:19:50,334 fail2ban.filter [1069]: INFO [postfix-sasl] Found 212.70.149.71
    2021-07-28 09:19:51,004 fail2ban.actions [1069]: NOTICE [postfix-sasl] 212.70.149.71 already banned
    2021-07-28 09:19:58,210 fail2ban.filter [1069]: INFO [postfix-sasl] Found 78.128.113.67
    2021-07-28 09:20:01,828 fail2ban.actions [1069]: NOTICE [sshd] Unban 218.92.0.208
    2021-07-28 09:20:08,936 fail2ban.filter [1069]: INFO [sshd] Found 218.92.0.208
    2021-07-28 09:20:11,129 fail2ban.filter [1069]: INFO [sshd] Found 218.92.0.208
    2021-07-28 09:20:12,142 fail2ban.filter [1069]: INFO [sshd] Found 128.199.141.33
    2021-07-28 09:20:13,858 fail2ban.filter [1069]: INFO [sshd] Found 218.92.0.208
    2021-07-28 09:20:14,215 fail2ban.filter [1069]: INFO [sshd] Found 128.199.141.33
    2021-07-28 09:20:16,440 fail2ban.filter [1069]: INFO [sshd] Found 218.92.0.208
    2021-07-28 09:20:43,264 fail2ban.actions [1069]: NOTICE [sshd] Unban 157.230.83.80
    2021-07-28 09:21:03,648 fail2ban.filter [1069]: INFO [sshd] Found 103.255.121.136
    2021-07-28 09:21:03,848 fail2ban.filter [1069]: INFO [sshd] Found 179.43.156.231
    2021-07-28 09:21:03,853 fail2ban.filter [1069]: INFO [sshd] Found 179.43.156.231
    2021-07-28 09:21:04,537 fail2ban.actions [1069]: NOTICE [sshd] Ban 179.43.156.231
    2021-07-28 09:21:05,390 fail2ban.filter [1069]: INFO [sshd] Found 103.255.121.136
    2021-07-28 09:21:07,255 fail2ban.filter [1069]: INFO [sshd] Found 179.43.156.231
    2021-07-28 09:21:16,145 fail2ban.filter [1069]: INFO [sshd] Found 195.29.102.42
    2021-07-28 09:21:18,339 fail2ban.filter [1069]: INFO [sshd] Found 195.29.102.42
    2021-07-28 09:21:18,457 fail2ban.filter [1069]: INFO [postfix-sasl] Found 212.70.149.71
    2021-07-28 09:21:29,400 fail2ban.filter [1069]: INFO [sshd] Found 218.92.0.208
    2021-07-28 09:21:30,395 fail2ban.actions [1069]: NOTICE [sshd] Ban 218.92.0.208
    2021-07-28 09:21:31,379 fail2ban.filter [1069]: INFO [sshd] Found 218.92.0.208
    2021-07-28 09:21:34,189 fail2ban.filter [1069]: INFO [sshd] Found 218.92.0.208

    Thank you for your help!

    BR
     

Share This Page