Not receiving emails

Discussion in 'Installation/Configuration' started by Gray Consulting, Dec 13, 2017.

  1. Gray Consulting

    Gray Consulting New Member HowtoForge Supporter

    Installing a new server using https://www.howtoforge.com/tutorial/perfect-server-ubuntu-with-nginx-and-ispconfig-3/
    We are running version 3.1dev of ISPConfig, on AWS LAMP platform - ubuntu 16.04, apache2, mysql. Postfix, Dovecot, and Roundcube for webmail. Set up as a vhost single-server - multiple domains running on one AWS instance. Web and mail servers on the same instance. Amavis & Clam AV have been disabled. We use ‘ns1.gcjaguar.net’ as hostname; DNS points to our AWS Elastic IP. We are testing with specific domain mail.cfgray.com; root DNS points to ns1.gcjaguar.net.
    Outbound emails are working; we can send from remote client (Thunderbird) and webmail (Roundcube), with no errors, and destination mailbox receives the email. Internal emails also work (queued via telnet, or Roundcube), and show up in roundcube inbox.

    Inbound remote messages, however, never show up in virtual mailboxes. We can see them in the physical queue (postqueue -p), but sender receives temporary bounce messages (‘could not deliver’).

    All the pertinent data we could think of is below. Any assistance or guidance you can provide would be much appreciated.
    Postqueue -p reports:
    ======================================
    - connect to 127.0.0.1[127.0.0.1]:10024: Connection refused or connect to 127.0.0.1[127.0.0.1]:10026: Connection refused
    This log snippet is what we believe is at the root of the problem (“user=<>” seems suspect):
    Dec 13 20:55:02 ip-172-31-25-207 dovecot: auth: Debug: auth client connected (pid=12403)
    Dec 13 20:55:02 ip-172-31-25-207 dovecot: pop3-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=127.0.0.1, lip=127.0.0.1, secured, session=<+Ekz+z5gmKR/AAAB>
    Dec 13 20:55:02 ip-172-31-25-207 dovecot: auth: Debug: auth client connected (pid=12404)
    Dec 13 20:55:02 ip-172-31-25-207 dovecot: imap-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=127.0.0.1, lip=127.0.0.1, secured, session=<u5Iz+z5gyuJ/AAAB>
    Dec 13 20:55:02 ip-172-31-25-207 postfix/smtpd[12402]: connect from localhost[127.0.0.1]
    Dec 13 20:55:02 ip-172-31-25-207 dovecot: auth: Debug: auth client connected (pid=0)
    Dec 13 20:55:02 ip-172-31-25-207 postfix/smtpd[12402]: lost connection after CONNECT from localhost[127.0.0.1]
    Dec 13 20:55:02 ip-172-31-25-207 postfix/smtpd[12402]: disconnect from localhost[127.0.0.1] commands=0/0


    Configuration Data is below (truncated for space….)
    ======================================
    Main.cf
    ======================================
    #myorigin = /etc/mailname
    smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
    biff = no
    append_dot_mydomain = no
    #delay_warning_time = 4h

    # TLS parameters
    smtpd_tls_cert_file = /etc/postfix/smtpd.cert
    smtpd_tls_key_file = /etc/postfix/smtpd.key
    smtpd_use_tls = yes
    smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
    smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
    smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
    myhostname = ns1.gcjaguar.net
    alias_maps = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
    alias_database = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
    myorigin = /etc/mailname
    mydestination = ns1.gcjaguar.net, mail.gcjaguar.net, mail.cfgray.com, localhost, localhost.localdomain
    relayhost =
    mynetworks = 127.0.0.0/8 [::1]/128
    mailbox_size_limit = 0
    recipient_delimiter = +
    inet_interfaces = all
    inet_protocols = all
    html_directory = /usr/share/doc/postfix/html
    virtual_alias_domains =
    virtual_alias_maps = hash:/var/lib/mailman/data/virtual-mailman, proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, proxy:mysql:/etc/postfix/mysql-virtual_email2email.cf
    virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
    virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
    virtual_mailbox_base = /var/vmail
    virtual_uid_maps = mysql:/etc/postfix/mysql-virtual_uids.cf
    virtual_gid_maps = mysql:/etc/postfix/mysql-virtual_gids.cf
    sender_bcc_maps = proxy:mysql:/etc/postfix/mysql-virtual_outgoing_bcc.cf
    smtpd_sasl_auth_enable = yes
    broken_sasl_auth_clients = yes
    smtpd_sasl_authenticated_header = yes
    smtpd_restriction_classes = greylisting
    greylisting = check_policy_service inet:127.0.0.1:10023
    smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_rbl_client zen.spamhaus.org, check_recipient_access mysql:/etc/postfix/mysql-virtual_recipient.cf, check_recipient_access mysql:/etc/postfix/mysql-virtual_policy_greylist.cf
    smtpd_tls_security_level = may
    transport_maps = hash:/var/lib/mailman/data/transport-mailman, proxy:mysql:/etc/postfix/mysql-virtual_transports.cf
    relay_domains = mysql:/etc/postfix/mysql-virtual_relaydomains.cf
    relay_recipient_maps = mysql:/etc/postfix/mysql-virtual_relayrecipientmaps.cf
    smtpd_sender_login_maps = proxy:mysql:/etc/postfix/mysql-virtual_sender_login_maps.cf
    proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $sender_bcc_maps $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $smtpd_sender_login_maps
    smtpd_helo_required = yes
    smtpd_helo_restrictions = permit_sasl_authenticated, permit_mynetworks, check_helo_access regexp:/etc/postfix/helo_access, reject_invalid_hostname, reject_non_fqdn_hostname, reject_invalid_helo_hostname, reject_unknown_helo_hostname, check_helo_access regexp:/etc/postfix/blacklist_helo
    smtpd_sender_restrictions = check_sender_access regexp:/etc/postfix/tag_as_originating.re , permit_mynetworks, permit_sasl_authenticated, check_sender_access mysql:/etc/postfix/mysql-virtual_sender.cf, check_sender_access regexp:/etc/postfix/tag_as_foreign.re
    smtpd_client_restrictions = check_client_access mysql:/etc/postfix/mysql-virtual_client.cf
    smtpd_client_message_rate_limit = 100
    maildrop_destination_concurrency_limit = 1
    maildrop_destination_recipient_limit = 1
    virtual_transport = dovecot
    header_checks = regexp:/etc/postfix/header_checks
    mime_header_checks = regexp:/etc/postfix/mime_header_checks
    nested_header_checks = regexp:/etc/postfix/nested_header_checks
    body_checks = regexp:/etc/postfix/body_checks
    owner_request_special = no
    smtp_tls_security_level = may
    smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
    smtpd_tls_protocols = !SSLv2,!SSLv3
    smtp_tls_protocols = !SSLv2,!SSLv3
    smtpd_tls_exclude_ciphers = RC4, aNULL
    smtp_tls_exclude_ciphers = RC4, aNULL
    dovecot_destination_recipient_limit = 1
    smtpd_sasl_type = dovecot
    smtpd_sasl_path = private/auth
    # content_filter = amavis:[127.0.0.1]:10024
    # receive_override_options = no_address_mappings
    message_size_limit = 0
     
  2. florian030

    florian030 ISPConfig Developer ISPConfig Developer

    if you disable the content_filter, you must remove the tag_as* from smtpd_sender_restrictions, too. Personally, i won't run a mail-server without amavis / spamassassin.
     
  3. Gray Consulting

    Gray Consulting New Member HowtoForge Supporter

    Thanks that worked and email started flowing.
    However when I go back and start clamav and amavis and add the tag_as* back in I go back to getting - (connect to 127.0.0.1[127.0.0.1]:10024: Connection refused) - for inbound email.
    Thanks again.
     
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    The error means that amavis is not started. Start amavis, if it does not start, then check the mail log to see why it fails.
     
  5. Gray Consulting

    Gray Consulting New Member HowtoForge Supporter

    When I run sudo service amavis status
    I get the following:
    amavis.service - LSB: Starts amavisd-new mailfilter
    Loaded: loaded (/etc/init.d/amavis; bad; vendor preset: enabled)
    Active: active (exited) since Fri 2017-12-15 15:50:25 UTC; 3h 20min ago

    I am reading that as it has been running for over 3 hours. during that time it my test emails have failed with error connect to 127.0.0.1[127.0.0.1]:10024: Connection refused.
    Am I reading that wrong?

    Thanks
     
  6. till

    till Super Moderator Staff Member ISPConfig Developer

    Amavis refuses connections, so it's not working properly. Restart amavis.
     
  7. Gray Consulting

    Gray Consulting New Member HowtoForge Supporter

  8. Sulaiman TDH

    Sulaiman TDH New Member

    Hello,
    Am having the same issues, mail can be sent from our webmail and using other mail client but we can not receive mail sent from another user. We don't know where the cause is from.
     
  9. Sulaiman TDH

    Sulaiman TDH New Member

    We installed an opencart website on the server and we also noticed that mail can not be sent from the opencart website. If a user creates an account we get error message to send mail and if order are placed we get error to deliver order mail. An most times MySQL shutdowns after order and have to restart manually for it to work.

    Recently server.domain.tld:8080 stop working when accessing isp config and it started after purchasing the domain name.
     
  10. Sulaiman TDH

    Sulaiman TDH New Member

    Is there any help I can get, I will be posting the full Main cf files and the postqueue -p output am a newbie at this and I followed one of the tutorials to do set it up.
    Thanks
     
  11. Sulaiman TDH

    Sulaiman TDH New Member

    --------------------------------------
    postqueue -p REPORT::
    --------------------------------------
    -Queue ID- --Size-- ----Arrival Time---- -Sender/Recipient-------
    41A7E45FD8 1476 Sun Jan 12 23:45:56 [email protected]tld
    (connect to alt2.gmail-smtp-in.l.google.com[2a00:1450:400b:c03::1a]:25: Connection timed out) [email protected]

    BE88F46029 10191 Sun Jan 12 22:35:54 [email protected]ld
    (connect to alt2.gmail-smtp-in.l.google.com[209.85.203.27]:25: Connection timed out) [email protected]

    653EE45F8E 1269 Wed Jan 8 12:08:38 [email protected]ld
    (connect to alt2.gmail-smtp-in.l.google.com[209.85.203.26]:25: Connection timed out) [email protected]com

    6F54E46034 1724 Sun Jan 12 22:30:15 [email protected]
    (connect to alt2.gmail-smtp-in.l.google.com[2a00:1450:400b:c03::1b]:25: Connection timed out) [email protected]

    2948243489 1542 Sun Jan 12 22:31:46 [email protected]
    (connect to alt2.gmail-smtp-in.l.google.com[2a00:1450:400b:c03::1b]:25: Connection timed out) [email protected]

    ------------------------------------------------------
    Main.cf FILE CONTENT
    ------------------------------------------------------

    # See /usr/share/postfix/main.cf.dist for a commented, more complete version
    # is /etc/mailname.
    #myorigin = /etc/mailname

    smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
    biff = no
    # appending .domain is the MUA's job.
    append_dot_mydomain = no
    # Uncomment the next line to generate "delayed mail" warnings
    #delay_warning_time = 4h

    readme_directory = /usr/share/doc/postfix

    # See http://www.postfix.org/COMPATIBILITY_README.html -- default to 2 on
    # fresh installs.
    compatibility_level = 2

    # TLS parameters
    smtpd_tls_cert_file = /etc/postfix/smtpd.cert
    smtpd_tls_key_file = /etc/postfix/smtpd.key
    smtpd_use_tls = yes
    smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
    smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

    # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
    # information on enabling SSL in the smtp client.

    smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
    myhostname = tdhserver.toopasty.com
    alias_maps = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
    alias_database = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
    myorigin = /etc/mailname
    mydestination = server.domain.tld, localhost, localhost.localdomain
    relayhost =
    mynetworks = 127.0.0.0/8 [::1]/128
    mailbox_size_limit = 0
    recipient_delimiter = +
    inet_interfaces = all
    inet_protocols = all
    html_directory = /usr/share/doc/postfix/html
    virtual_alias_domains =
    virtual_alias_maps = hash:/var/lib/mailman/data/virtual-mailman, proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, proxy:mysql:/etc/postfix/mysql-virtual_email2em$
    virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
    virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
    virtual_mailbox_base = /var/vmail
    virtual_uid_maps = mysql:/etc/postfix/mysql-virtual_uids.cf
    virtual_gid_maps = mysql:/etc/postfix/mysql-virtual_gids.cf
    sender_bcc_maps = proxy:mysql:/etc/postfix/mysql-virtual_outgoing_bcc.cf
    smtpd_sasl_auth_enable = yes
    broken_sasl_auth_clients = yes
    smtpd_sasl_authenticated_header = yes
    smtpd_restriction_classes = greylisting
    greylisting = check_policy_service inet:127.0.0.1:10023
    smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_rbl_client zen.spamhaus.org, check_recipient_access mysq$
    smtpd_tls_security_level = may
    transport_maps = hash:/var/lib/mailman/data/transport-mailman, proxy:mysql:/etc/postfix/mysql-virtual_transports.cf
    relay_domains = mysql:/etc/postfix/mysql-virtual_relaydomains.cf
    relay_recipient_maps = mysql:/etc/postfix/mysql-virtual_relayrecipientmaps.cf
    smtpd_sender_login_maps = proxy:mysql:/etc/postfix/mysql-virtual_sender_login_maps.cf
    proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $sender_bcc_maps $virtual_mailbox_maps $virtual_mailbox_domains $rela$
    smtpd_helo_required = yes
    smtpd_helo_restrictions = permit_sasl_authenticated, permit_mynetworks, check_helo_access regexp:/etc/postfix/helo_access, reject_invalid_hostname, reject_non_fqdn_hos$
    smtpd_sender_restrictions = check_sender_access regexp:/etc/postfix/tag_as_originating.re , permit_mynetworks, permit_sasl_authenticated, check_sender_access mysql:/et$
    smtpd_client_restrictions = check_client_access mysql:/etc/postfix/mysql-virtual_client.cf
    smtpd_client_message_rate_limit = 100
    maildrop_destination_concurrency_limit = 1
    maildrop_destination_recipient_limit = 1
    virtual_transport = dovecot
    header_checks = regexp:/etc/postfix/header_checks
    mime_header_checks = regexp:/etc/postfix/mime_header_checks
    nested_header_checks = regexp:/etc/postfix/nested_header_checks
    body_checks = regexp:/etc/postfix/body_checks
    owner_request_special = no
    smtp_tls_security_level = may
    smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
    smtpd_tls_protocols = !SSLv2,!SSLv3
    smtp_tls_protocols = !SSLv2,!SSLv3
    smtpd_tls_exclude_ciphers = RC4, aNULL
    smtp_tls_exclude_ciphers = RC4, aNULL
    dovecot_destination_recipient_limit = 1
    smtpd_sasl_type = dovecot
    smtpd_sasl_path = private/auth
    content_filter = amavis:[127.0.0.1]:10024
    receive_override_options = no_address_mappings
    message_size_limit = 0


    Another issues is that we hosted an opencart website on the server no mail can be sent to customers on both registration and order purchase.
    And the worst problem is that anytime a customer places an order and the system is unable to send mail via the website MySQL service stops on the server and we will have to manually restart the service again.
    --------------------------------------
    Opencart Mail Settings:::
    Mail Engine: Mail/SMTP (We have tried both Mail and SMTP and it did not work)
    Mail Parameters:
    SMTP Hostname: ssl://server.domain.tld
    SMTP Username: [email protected]
    SMTP Password: Mail Password
    SMTP Port: 456
    SMTP Timeout: 5


    NOTE:: We use Linode (as our server)
    Tutorial we followed was:::https://www.howtoforge.com/tutorial...l-pureftpd-bind-postfix-doveot-and-ispconfig/

    Also I can not access ISPconfig panel from server.domain.tld, it only be accessed through server IP address and it started immediately after purchasing the domain.tld name as I did not purchase before using it before.

    Thank You
     
    Last edited: Jan 27, 2020
  12. till

    till Super Moderator Staff Member ISPConfig Developer

    According to your log file, outgoing connections on port 25 are blocked, this is most likely not an install issue on your system. Contact your internet service provider that provides the connection for this server and ask them to open port 25 outgoing.
     
  13. Sulaiman TDH

    Sulaiman TDH New Member

    Does that mean the issue is with Linode?
     
  14. Sulaiman TDH

    Sulaiman TDH New Member

    Thank you very much I just find out that Linode blocks ports 25, 465, and 587 by default starting 5 November, 2019 in an effort to fight mail spamming. So I will contact them now to enable the port back up for me.

    Thank You
     
  15. Sulaiman TDH

    Sulaiman TDH New Member

    Hello,
    Port 25 has been unblocked but I still do not receive mail.
     

Share This Page