Postfix Cannot Send/Receive Mail To/From Specific Address

Discussion in 'ISPConfig 3 Priority Support' started by nvidian, May 28, 2015.

  1. nvidian

    nvidian Member

    Hi, I cannot send or receive mail to/from specific address.
    Lets say I have:
    domain1.tld
    domain2.tld

    Servers: DNS Server, Web Serrver, Mail Serrver

    They both hosted on the same DNS Server and Web Server. For email: domain1.tld hosted at Mail Server, but domain2.tld hosted outside (Rackspace mail). All domains can send & receive mail from Google & Yahoo, but cannot send/received between them.

    I checked mail.log why it said "relay=dovecot" without IP information, isn't it means that mail only sent to localhost ?
    This is mail.log when I send mail to my gmail:
     
  2. Croydon

    Croydon ISPConfig Developer ISPConfig Developer

  3. nvidian

    nvidian Member

    @Croydon I'm sorry the '[email protected]' it should be named '[email protected]' and the email is hosted outside (Rackspace mail).
    The log said 'status=sent (delivered via dovecot service)' but mail never arrived at rackspace mail box. On the contrary, mail sent from rackspace also never arrived on my ispconfig mail box. Why the log said it delivered to local when the [email protected] mailbox is hosted outside (rackspace) ?

    UPDATE: The mail finally arrived after more than 12 hours. What causing this delay ? postgrey ? I also whitelisted '[email protected]' on Global Filters >> Postfix Whitelist.

    I just retry to send mail from both side now. Mail from rackspace now arrived in 2 minutes. Mail from my ispconfig still hasn't arrived.
    Is this normal in very low mail box usage (almost no mail traffic) ?
     
    Last edited: May 29, 2015
  4. Croydon

    Croydon ISPConfig Developer ISPConfig Developer

    Have you checked, if you have accidently defined the domain2.tld in maildomains in ISPConfig? If yes, the server tries to deliver locally as with setting a mail domain you tell the server that he shall be the target for those mail.
     
  5. nvidian

    nvidian Member

    Yes, thanks @Croydon . After checking my mail server it turns out that my mail server still has that domain2.tld even I had removed it from my master server. I think it solved the mail sending problem, now I can send mail to domain2.tld.

    I'm worried if it has syncing issue between my master server and mail server. So for testing, I added a new mail domain from master server, then use Tools >> Resync . I login to mail server, check it had not been synced. I have to wait almost 10 minutes before it finally synced.
    Then I add a new mail box from master server , use resync, and check mail server, still not sync. Now after more than 15 minutes, it still hasnt synced yet and it still hasnt synced after ~10 minutes more before I submited this post.

    FYI:
    1. I already add ip and hostname to /etc/hosts on both servers. On maister server I add 'IP_ADDRESS mx.mailserver.tld mx' and on mail server I added 'IP_ADDRESS master.server.tld master'.
    2. Latency between master server and mail server is around ~180ms.
    How speed up sync between servers ?
     
  6. Croydon

    Croydon ISPConfig Developer ISPConfig Developer

    It doesn't seem to me that this is a speed issue. Maybe there is something wrong with the ispconfig installation on the slave server. Have you checked enabling the debug mode and running the ispconfig server cron job by hand?
     
  7. nvidian

    nvidian Member

    I tried to run '/usr/local/ispconfig/server/server.sh 2>&1 > /dev/null | while read line; do echo `/bin/date` "$line" >> /var/log/ispconfig/cron.log; done' and it never stop so I check syslog.

    Code:
    # tail /var/log/syslog
    May 29 22:38:11 mx1 kernel: [ 4677.968086] Firewall: *TCP_OUT Blocked* IN= OUT=eth0 SRC=mail_server_ip DST=master_server_ip LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=30870 DF PROTO=TCP SPT=44829 DPT=3306 WINDOW=29200 RES=0x00 SYN URGP=0 UID=0 GID=0
    May 29 22:38:13 mx1 kernel: [ 4679.972064] Firewall: *TCP_OUT Blocked* IN= OUT=eth0 SRC=mail_server_ip DST=master_server_ip LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=30871 DF PROTO=TCP SPT=44829 DPT=3306 WINDOW=29200 RES=0x00 SYN URGP=0 UID=0 GID=0
    May 29 22:38:15 mx1 kernel: [ 4682.018699] Firewall: *TCP_OUT Blocked* IN= OUT=eth0 SRC=mail_server_ip DST=master_server_ip LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=8924 DF PROTO=TCP SPT=44830 DPT=3306 WINDOW=29200 RES=0x00 SYN URGP=0 UID=0 GID=0
    May 29 22:38:17 mx1 kernel: [ 4683.904096] Firewall: *TCP_OUT Blocked* IN= OUT=eth0 SRC=mail_server_ip DST=master_server_ip LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=36375 DF PROTO=TCP SPT=44834 DPT=3306 WINDOW=29200 RES=0x00 SYN URGP=0 UID=0 GID=0
    May 29 22:38:19 mx1 kernel: [ 4686.000550] Firewall: *TCP_OUT Blocked* IN= OUT=eth0 SRC=mail_server_ip DST=master_server_ip LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=39089 DF PROTO=TCP SPT=44836 DPT=3306 WINDOW=29200 RES=0x00 SYN URGP=0 UID=0 GID=0
    May 29 22:38:21 mx1 kernel: [ 4687.940434] Firewall: *TCP_OUT Blocked* IN= OUT=eth0 SRC=mail_server_ip DST=master_server_ip LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=64060 DF PROTO=TCP SPT=44838 DPT=3306 WINDOW=29200 RES=0x00 SYN URGP=0 UID=0 GID=0
    May 29 22:38:23 mx1 kernel: [ 4690.031092] Firewall: *TCP_OUT Blocked* IN= OUT=eth0 SRC=mail_server_ip DST=master_server_ip LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=11270 DF PROTO=TCP SPT=44840 DPT=3306 WINDOW=29200 RES=0x00 SYN URGP=0 UID=0 GID=0
    May 29 22:38:25 mx1 kernel: [ 4691.996081] Firewall: *TCP_OUT Blocked* IN= OUT=eth0 SRC=mail_server_ip DST=master_server_ip LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=30873 DF PROTO=TCP SPT=44829 DPT=3306 WINDOW=29200 RES=0x00 SYN URGP=0 UID=0 GID=0
    May 29 22:38:27 mx1 kernel: [ 4694.076147] Firewall: *TCP_OUT Blocked* IN= OUT=eth0 SRC=mail_server_ip DST=master_server_ip LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=8472 DF PROTO=TCP SPT=44837 DPT=3306 WINDOW=29200 RES=0x00 SYN URGP=0 UID=0 GID=0
    May 29 22:38:29 mx1 kernel: [ 4695.934083] Firewall: *TCP_OUT Blocked* IN= OUT=eth0 SRC=mail_server_ip  DST=master_server_ip  LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=45438 DF PROTO=TCP SPT=44841 DPT=3306 WINDOW=29200 RES=0x00 SYN URGP=0 UID=0 GID=0
    
    Thanks a lot @Croydon , is it correct that port 3306 has been blocked by CSF firewall ?
    For security purpose, should I only enable TCP_OUT or both (TCP IN & OUT) ?

    Thank you
     
  8. Croydon

    Croydon ISPConfig Developer ISPConfig Developer

    You should enable in and out or at least allow incoming traffic on established connections.
     
  9. nvidian

    nvidian Member

    Thanks @Croydon , now server sync works normally
     

Share This Page