Not receiving emails

Discussion in 'Installation/Configuration' started by Gray Consulting, Dec 13, 2017.

  1. Gray Consulting

    Gray Consulting New Member

    Installing a new server using
    We are running version 3.1dev of ISPConfig, on AWS LAMP platform - ubuntu 16.04, apache2, mysql. Postfix, Dovecot, and Roundcube for webmail. Set up as a vhost single-server - multiple domains running on one AWS instance. Web and mail servers on the same instance. Amavis & Clam AV have been disabled. We use ‘’ as hostname; DNS points to our AWS Elastic IP. We are testing with specific domain; root DNS points to
    Outbound emails are working; we can send from remote client (Thunderbird) and webmail (Roundcube), with no errors, and destination mailbox receives the email. Internal emails also work (queued via telnet, or Roundcube), and show up in roundcube inbox.

    Inbound remote messages, however, never show up in virtual mailboxes. We can see them in the physical queue (postqueue -p), but sender receives temporary bounce messages (‘could not deliver’).

    All the pertinent data we could think of is below. Any assistance or guidance you can provide would be much appreciated.
    Postqueue -p reports:
    - connect to[]:10024: Connection refused or connect to[]:10026: Connection refused
    This log snippet is what we believe is at the root of the problem (“user=<>” seems suspect):
    Dec 13 20:55:02 ip-172-31-25-207 dovecot: auth: Debug: auth client connected (pid=12403)
    Dec 13 20:55:02 ip-172-31-25-207 dovecot: pop3-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=, lip=, secured, session=<+Ekz+z5gmKR/AAAB>
    Dec 13 20:55:02 ip-172-31-25-207 dovecot: auth: Debug: auth client connected (pid=12404)
    Dec 13 20:55:02 ip-172-31-25-207 dovecot: imap-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=, lip=, secured, session=<u5Iz+z5gyuJ/AAAB>
    Dec 13 20:55:02 ip-172-31-25-207 postfix/smtpd[12402]: connect from localhost[]
    Dec 13 20:55:02 ip-172-31-25-207 dovecot: auth: Debug: auth client connected (pid=0)
    Dec 13 20:55:02 ip-172-31-25-207 postfix/smtpd[12402]: lost connection after CONNECT from localhost[]
    Dec 13 20:55:02 ip-172-31-25-207 postfix/smtpd[12402]: disconnect from localhost[] commands=0/0

    Configuration Data is below (truncated for space….)
    #myorigin = /etc/mailname
    smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
    biff = no
    append_dot_mydomain = no
    #delay_warning_time = 4h

    # TLS parameters
    smtpd_tls_cert_file = /etc/postfix/smtpd.cert
    smtpd_tls_key_file = /etc/postfix/smtpd.key
    smtpd_use_tls = yes
    smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
    smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
    smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
    myhostname =
    alias_maps = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
    alias_database = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
    myorigin = /etc/mailname
    mydestination =,,, localhost, localhost.localdomain
    relayhost =
    mynetworks = [::1]/128
    mailbox_size_limit = 0
    recipient_delimiter = +
    inet_interfaces = all
    inet_protocols = all
    html_directory = /usr/share/doc/postfix/html
    virtual_alias_domains =
    virtual_alias_maps = hash:/var/lib/mailman/data/virtual-mailman, proxy:mysql:/etc/postfix/, proxy:mysql:/etc/postfix/
    virtual_mailbox_domains = proxy:mysql:/etc/postfix/
    virtual_mailbox_maps = proxy:mysql:/etc/postfix/
    virtual_mailbox_base = /var/vmail
    virtual_uid_maps = mysql:/etc/postfix/
    virtual_gid_maps = mysql:/etc/postfix/
    sender_bcc_maps = proxy:mysql:/etc/postfix/
    smtpd_sasl_auth_enable = yes
    broken_sasl_auth_clients = yes
    smtpd_sasl_authenticated_header = yes
    smtpd_restriction_classes = greylisting
    greylisting = check_policy_service inet:
    smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_rbl_client, check_recipient_access mysql:/etc/postfix/, check_recipient_access mysql:/etc/postfix/
    smtpd_tls_security_level = may
    transport_maps = hash:/var/lib/mailman/data/transport-mailman, proxy:mysql:/etc/postfix/
    relay_domains = mysql:/etc/postfix/
    relay_recipient_maps = mysql:/etc/postfix/
    smtpd_sender_login_maps = proxy:mysql:/etc/postfix/
    proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $sender_bcc_maps $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $smtpd_sender_login_maps
    smtpd_helo_required = yes
    smtpd_helo_restrictions = permit_sasl_authenticated, permit_mynetworks, check_helo_access regexp:/etc/postfix/helo_access, reject_invalid_hostname, reject_non_fqdn_hostname, reject_invalid_helo_hostname, reject_unknown_helo_hostname, check_helo_access regexp:/etc/postfix/blacklist_helo
    smtpd_sender_restrictions = check_sender_access regexp:/etc/postfix/ , permit_mynetworks, permit_sasl_authenticated, check_sender_access mysql:/etc/postfix/, check_sender_access regexp:/etc/postfix/
    smtpd_client_restrictions = check_client_access mysql:/etc/postfix/
    smtpd_client_message_rate_limit = 100
    maildrop_destination_concurrency_limit = 1
    maildrop_destination_recipient_limit = 1
    virtual_transport = dovecot
    header_checks = regexp:/etc/postfix/header_checks
    mime_header_checks = regexp:/etc/postfix/mime_header_checks
    nested_header_checks = regexp:/etc/postfix/nested_header_checks
    body_checks = regexp:/etc/postfix/body_checks
    owner_request_special = no
    smtp_tls_security_level = may
    smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
    smtpd_tls_protocols = !SSLv2,!SSLv3
    smtp_tls_protocols = !SSLv2,!SSLv3
    smtpd_tls_exclude_ciphers = RC4, aNULL
    smtp_tls_exclude_ciphers = RC4, aNULL
    dovecot_destination_recipient_limit = 1
    smtpd_sasl_type = dovecot
    smtpd_sasl_path = private/auth
    # content_filter = amavis:[]:10024
    # receive_override_options = no_address_mappings
    message_size_limit = 0
  2. florian030

    florian030 ISPConfig Developer ISPConfig Developer

    if you disable the content_filter, you must remove the tag_as* from smtpd_sender_restrictions, too. Personally, i won't run a mail-server without amavis / spamassassin.
  3. Gray Consulting

    Gray Consulting New Member

    Thanks that worked and email started flowing.
    However when I go back and start clamav and amavis and add the tag_as* back in I go back to getting - (connect to[]:10024: Connection refused) - for inbound email.
    Thanks again.
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    The error means that amavis is not started. Start amavis, if it does not start, then check the mail log to see why it fails.
  5. Gray Consulting

    Gray Consulting New Member

    When I run sudo service amavis status
    I get the following:
    amavis.service - LSB: Starts amavisd-new mailfilter
    Loaded: loaded (/etc/init.d/amavis; bad; vendor preset: enabled)
    Active: active (exited) since Fri 2017-12-15 15:50:25 UTC; 3h 20min ago

    I am reading that as it has been running for over 3 hours. during that time it my test emails have failed with error connect to[]:10024: Connection refused.
    Am I reading that wrong?

  6. till

    till Super Moderator Staff Member ISPConfig Developer

    Amavis refuses connections, so it's not working properly. Restart amavis.
  7. Gray Consulting

    Gray Consulting New Member

Share This Page