Postfix "Connection timed out" error when trying to send

Discussion in 'Server Operation' started by mfdeck, Jan 31, 2008.

  1. mfdeck

    mfdeck New Member

    Have postfix running on Fedora 8 with ISPConfig... able to receive mail, but, not send it out. Can send locally, however. When trying to send externally I get "Connection timed out (port 25)" error in the log. I haven't been able to find much about this error anywhere... any ideas?

    Also, when trying to send from Outlook mail client, I get a 554 5.7.1: Relay access denied... when sending from local webmail client, it says it sends fine, but, it gets deferred after a "Connection timed out" error in the log.

    main.cf file is setup exactly like the "Perfect Server" setup for Fedora 8 & local-host-names are correct.

    thanks!
     
  2. topdog

    topdog HowtoForge Supporter

    First you are getting relaying denied because your network is not in "mynetworks" as for outbound email it seems like you cannot make connections outside to port 25. Test that you can connect to mail servers on the internet using this command
    Code:
    telnet a.mx.mail.yahoo.com 25
    
     
  3. mfdeck

    mfdeck New Member

    No such luck... I am on a godaddy dedicated server... and from what I'm reading, they require a relayhost, which I believe is smtp.secureserver.net, but, this doesn't help, either.

    Code:
    Trying 209.191.118.103...
    telnet: connect to address 209.191.118.103: Connection timed out
    Thanks!
     
  4. topdog

    topdog HowtoForge Supporter

    Then you need to setup postfix to use that as a smarthost
    Code:
    relayhost =  smtp.secureserver.net
    
    but just test with telnet as well and see if you can connect to it on port 25 if not then your data center is blocking port 25 speak to them.
     
  5. mfdeck

    mfdeck New Member

    some success...

    GoDaddy's relay server is k2smtpout.secureserver.net so, I set...

    Code:
    relayhost = k2smtpout.secureserver.net
    am able to connect to this host with telnet then restarted postfix and now it does have some capacity to send, although quite slow, but at least its sending...

    but, I am still getting this error... I think it has to do with mynetworks setting:

    Code:
    NOQUEUE: reject: RCPT from...: 554 5.7.1: Relay access denied.
    my local IPs are 10.0.0.1-255 and I have mynetworks set to:

    Code:
    mynetworks = 127.0.0.0/8, 10.0.0.0/8
     
    Last edited: Jan 31, 2008
  6. topdog

    topdog HowtoForge Supporter

    If the server is is at godaddys where is the 10.0.0.0/8 network ? Because your server at godaddy will not see your connection as coming from that range as it is not routable and will reject it

    Have you tried sending the mail from the server itself ?
     
  7. mfdeck

    mfdeck New Member

    the local IPs on my server are 10.0.0.1, 10.0.0.2 and 10.0.0.3 on eth0

    My public IPs are received by a hardware firewall then forwarded to the server on the above IPs. I'm not sure if 10.0.0.0/8 is the right configuration or not. If not, any idea what I need to put here?

    Mail can be sent directly from the server to external email addresses and also using the webmail app, just not from an external mail client.
     
  8. topdog

    topdog HowtoForge Supporter

    So are you getting relay denied when you are at home or else where ?

    If so then just use smtp authentication and you will be able to relay.
     
  9. mfdeck

    mfdeck New Member

    I've had that set the whole time... still the same problem... tried it from different mail clients and from different connections...
     
  10. topdog

    topdog HowtoForge Supporter

    Are you being prompted for a password ?
     
  11. mfdeck

    mfdeck New Member

    Nope, not being asked for a password.
     
  12. topdog

    topdog HowtoForge Supporter

    That means you are not using smtp authentication
     
  13. mfdeck

    mfdeck New Member

    Isn't this setup when I installed Postfix with SMTP-AUTH and TLS? I setup exactly how the tutorial described and have checked the configuration... is there something I have missed? Maybe something not in the walkthrough? This is my postfix/main.cf file...

    Code:
    queue_directory = /var/spool/postfix
    command_directory = /usr/sbin
    daemon_directory = /usr/libexec/postfix
    mail_owner = postfix
    inet_interfaces = all
    unknown_local_recipient_reject_code = 550
    alias_maps = hash:/etc/aliases
    alias_database = hash:/etc/aliases
    debug_peer_level = 2
    debugger_command =
             PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
             xxgdb $daemon_directory/$process_name $process_id & sleep 5
    sendmail_path = /usr/sbin/sendmail.postfix
    newaliases_path = /usr/bin/newaliases.postfix
    mailq_path = /usr/bin/mailq.postfix
    setgid_group = postdrop
    html_directory = no
    manpage_directory = /usr/share/man
    sample_directory = /usr/share/doc/postfix-2.3.6/samples
    readme_directory = /usr/share/doc/postfix-2.3.6/README_FILES
    smtpd_sasl_local_domain =
    smtpd_sasl_auth_enable = yes
    smtpd_sasl_security_options = noanonymous
    broken_sasl_auth_clients = yes
    smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
    mynetworks = 127.0.0.0/8
    smtpd_tls_auth_only = no
    smtp_use_tls = yes
    smtpd_use_tls = yes
    smtp_tls_note_starttls_offer = yes
    smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
    smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
    smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
    smtpd_tls_loglevel = 1
    smtpd_tls_received_header = yes
    smtpd_tls_session_cache_timeout = 3600s
    tls_random_source = dev:/dev/urandom
    smtpd_sasl_authenticated_header = yes
    myhostname = ds1.txtur.net
    home_mailbox = Maildir/
    mailbox_command =
    relayhost = k2smtpdout.secureserver.net
    virtual_maps = hash:/etc/postfix/virtusertables
    mydestination = /etc/postfix/local-host-names
     
  14. topdog

    topdog HowtoForge Supporter

    What i mean is that your client is not using it, your server does support it but you need to configure your client to use that.
     
  15. mfdeck

    mfdeck New Member

    The client is sending that information, but, still getting "Relay access denied." error... any thoughts??
     
  16. falko

    falko Super Moderator

    What email client do you use?
     
  17. mfdeck

    mfdeck New Member

    Hi Falko... I have tried from Outlook, Gmail, and Thunderbird... i've tried at home, from the office, and from wifi connections. Get the same error. Here is the error from the maillog.

    Code:
    Feb 18 09:50:00 ip-72-167-54-126 postfix/smtpd[19857]: connect from oh-71-55-53-195.dhcp.embarqhsd.net[71.55.53.195]
    Feb 18 09:50:01 ip-72-167-54-126 postfix/smtpd[19857]: NOQUEUE: reject: RCPT from oh-71-55-53-195.dhcp.embarqhsd.net[71.55.53.195]: 554 5.7.1 <josh_deck@domain.tld>: Relay access denied; from=<support@domain.tld> to=<josh_deck@domain.tld> proto=SMTP helo=<jdeck99>
    Feb 18 09:50:04 ip-72-167-54-126 postfix/smtpd[19857]: disconnect from oh-71-55-53-195.dhcp.embarqhsd.net[71.55.53.195]
     
  18. mfdeck

    mfdeck New Member

    I am considering that it is a problem with how GoDaddy handles relays... but, I'm not sure... I have the same setup on another server and it works fine (not hosted with GoDaddy). Here is my main.cf file (comments removed):

    Code:
    queue_directory = /var/spool/postfix
    command_directory = /usr/sbin
    daemon_directory = /usr/libexec/postfix
    mail_owner = postfix
    inet_interfaces = all
    unknown_local_recipient_reject_code = 550
    alias_maps = hash:/etc/aliases
    alias_database = hash:/etc/aliases
    debug_peer_level = 2
    
    debugger_command =
    	 PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
    	 xxgdb $daemon_directory/$process_name $process_id & sleep 5
    
    sendmail_path = /usr/sbin/sendmail.postfix
    newaliases_path = /usr/bin/newaliases.postfix
    mailq_path = /usr/bin/mailq.postfix
    setgid_group = postdrop
    html_directory = no
    manpage_directory = /usr/share/man
    sample_directory = /usr/share/doc/postfix-2.4.5/samples
    readme_directory = /usr/share/doc/postfix-2.4.5/README_FILES
    smtpd_sasl_local_domain = 
    smtpd_sasl_auth_enable = yes
    smtpd_sasl_security_options = noanonymous
    broken_sasl_auth_clients = yes
    smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
    mynetworks = 127.0.0.0/8, 10.0.0.0/24
    smtpd_tls_auth_only = no
    smtp_use_tls = yes
    smtpd_use_tls = yes
    smtp_tls_note_starttls_offer = yes
    smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
    smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
    smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
    smtpd_tls_loglevel = 1
    smtpd_tls_received_header = yes
    smtpd_tls_session_cache_timeout = 3600s
    tls_random_source = dev:/dev/urandom
    smtpd_sasl_authenticated_header = yes
    
    relayhost = k2smtpout.secureserver.net
    
    virtual_maps = hash:/etc/postfix/virtusertable
    
    mydestination = /etc/postfix/local-host-names
     
  19. falko

    falko Super Moderator

  20. mfdeck

    mfdeck New Member

    Tried that... still nothing... GoDaddy support says that a username / password is not needed to relay through the server, it should know that the dedicated server I am on is part of their network and let it through. GoDaddy support isn't much help as I'm not running an approve control panel.

    Still the same error...

    Code:
    Feb 20 13:38:01 ip-72-167-54-126 postfix/smtpd[4808]: connect from oh-71-55-53-195.dhcp.embarqhsd.net[71.55.53.195]
    Feb 20 13:38:02 ip-72-167-54-126 postfix/smtpd[4808]: NOQUEUE: reject: RCPT from oh-71-55-53-195.dhcp.embarqhsd.net[71.55.53.195]: 554 5.7.1 <email1@domain.tld>: Relay access denied; from=<email2@domain.tld> to=<email1@domain.tld> proto=SMTP helo=<jdeck99>
    Feb 20 13:38:06 ip-72-167-54-126 postfix/smtpd[4808]: disconnect from oh-71-55-53-195.dhcp.embarqhsd.net[71.55.53.195]
     

Share This Page