Postfix SMTP Problem

Discussion in 'Installation/Configuration' started by drub4n, Aug 29, 2009.

  1. drub4n

    drub4n New Member

    I've installed following the perfect tutorial.
    Everything is fine now except this : I cannot have the smtp running well

    with netstat, I got :

    tcp        0      0    *               LISTEN      18719/master
    postconf -n give :
    alias_database = hash:/etc/aliases
    alias_maps = hash:/etc/aliases
    append_dot_mydomain = no
    biff = no
    body_checks = regexp:/etc/postfix/body_checks
    broken_sasl_auth_clients = yes
    config_directory = /etc/postfix
    content_filter = amavis:[]:10024
    header_checks = regexp:/etc/postfix/header_checks
    html_directory = /usr/share/doc/postfix/html
    inet_interfaces = all
    mailbox_size_limit = 0
    message_size_limit = 0
    mime_header_checks = regexp:/etc/postfix/mime_header_checks
    mydestination =, localhost, localhost.localdomain
    myhostname =
    mynetworks = [::1]/128
    myorigin = /etc/mailname
    nested_header_checks = regexp:/etc/postfix/nested_header_checks
    proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps
    readme_directory = /usr/share/doc/postfix
    receive_override_options = no_address_mappings
    recipient_delimiter = +
    relay_domains = mysql:/etc/postfix/
    relayhost =
    smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
    smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
    smtpd_client_restrictions = check_client_access mysql:/etc/postfix/
    smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, check_recipient_access mysql:/etc/postfix/, reject_unauth_destination
    smtpd_sasl_auth_enable = yes
    smtpd_sasl_authenticated_header = yes
    smtpd_sender_restrictions = check_sender_access mysql:/etc/postfix/
    smtpd_tls_cert_file = /etc/postfix/smtpd.cert
    smtpd_tls_key_file = /etc/postfix/smtpd.key
    smtpd_tls_security_level = may
    smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
    smtpd_use_tls = yes
    transport_maps = proxy:mysql:/etc/postfix/
    virtual_alias_domains =
    virtual_alias_maps = proxy:mysql:/etc/postfix/, mysql:/etc/postfix/
    virtual_gid_maps = static:5000
    virtual_mailbox_base = /var/vmail
    virtual_mailbox_domains = proxy:mysql:/etc/postfix/
    virtual_mailbox_maps = proxy:mysql:/etc/postfix/
    virtual_transport = maildrop
    virtual_uid_maps = static:5000

    nmap on localhost give :
    Not shown: 1702 closed ports
    21/tcp   open  ftp
    22/tcp   open  ssh
    25/tcp   open  smtp
    53/tcp   open  domain
    80/tcp   open  http
    110/tcp  open  pop3
    111/tcp  open  rpcbind
    143/tcp  open  imap
    443/tcp  open  https
    993/tcp  open  imaps
    995/tcp  open  pop3s
    3306/tcp open  mysql
    8080/tcp open  http-proxy
    nmap from internet give

    Not shown: 989 filtered ports
    20/tcp    closed ftp-data
    21/tcp    open   ftp
    22/tcp    open   ssh
    53/tcp    open   domain
    80/tcp    open   http
    110/tcp   open   pop3
    143/tcp   open   imap
    443/tcp   open   https
    3306/tcp  open   mysql
    8080/tcp  open   http-proxy
    10000/tcp closed snet-sensor-mgmt

    telnet localhost 25
    Connected to localhost.localdomain.
    Escape character is '^]'.
    220 ESMTP Postfix (Debian/GNU)
    and freeze

    Any idea ? I really don't see the problem and need to be able to access smtp server through the internet


  2. _X_

    _X_ New Member

    possible problems:

    myhostname =

    shouldn't be :

    myhostname =

    mydestination =, localhost, localhost.localdomain

    shouldn't be something like:

    mydestination = /etc/postfix/local-host-names - you didn't gave info on what tutorial did you use so check that according to your tutorial
  3. drub4n

    drub4n New Member

  4. _X_

    _X_ New Member

    here is the point where postfix is installed:

    9 Install Postfix, Courier, Saslauthd, MySQL, phpMyAdmin, rkhunter, binutils

    System mail name: <--

    should be something like or just

    same should go here:

    vi /etc/courier/imapd.cnf

    vi /etc/courier/pop3d.cnf

    unfortunately i have different server configuration and cannot help you any further.

    also same or should be used in ISPConfig install

    Full qualified hostname (FQDN) of the server, eg server1.domain.tld []:

    if there are some errors in logs you can post them so we can locate a problem.

    if you used everywhere instead of or maybe you should change back to
    myhostname =
  5. drub4n

    drub4n New Member

    thx _X_ for your tips

    I replace everything with
    regenerate key.
    Imap and pop with SSL are ok
    but I still cannot connect to smtp ... will continue investigation ...

    I got something strange,
    If I desactivate my firewall, I can see port 25 on nmap but filtered and still cannot access to it

    any idea ?
    Last edited: Aug 30, 2009
  6. till

    till Super Moderator Staff Member ISPConfig Developer

    Your original file was absolutley fine. Please undo the changes that _X_ suggested in #2 as he has mixed up ispconfig 2 and ispconfig 3.

    Please use something like or as hostname but not as this will cause a conflicht with the virtual domains otherwise.

    Please post the output of

    netstat -tap

    and check your mail log for errors. Also contact your provider and ask them if they block port 25.
  7. _X_

    _X_ New Member

    ISPConfig 3? ups ... didn't realize ... totally overlooked that info ... sry m8 :eek:
  8. drub4n

    drub4n New Member

    don't worry _X_

    was not a big change and I keep it to, no more in my file

    netstat - tap :

    Connexions Internet actives (serveurs et établies)
    Proto Recv-Q Send-Q Adresse locale          Adresse distante        Etat        PID/Program name
    tcp        0      0 *:imaps                 *:*                     LISTEN      27676/couriertcpd
    tcp        0      0 *:pop3s                 *:*                     LISTEN      30198/couriertcpd
    tcp        0      0 localhost.localdo:10024 *:*                     LISTEN      12552/amavisd (mast
    tcp        0      0 localhost.localdo:10025 *:*                     LISTEN      30739/master
    tcp        0      0 *:mysql                 *:*                     LISTEN      18377/mysqld
    tcp        0      0 localhost.localdoma:940 *:*                     LISTEN      16028/famd
    tcp        0      0 *:pop3                  *:*                     LISTEN      13206/couriertcpd
    tcp        0      0 localhost.localdo:spamd *:*                     LISTEN      15023/
    tcp        0      0 *:imap2                 *:*                     LISTEN      13176/couriertcpd
    tcp        0      0 *:sunrpc                *:*                     LISTEN      15852/portmap
    tcp        0      0 *:http-alt              *:*                     LISTEN      11343/apache2
    tcp        0      0 *:www                   *:*                     LISTEN      11343/apache2
    tcp        0      0 *:ftp                   *:*                     LISTEN      27741/pure-ftpd (SE
    tcp        0      0 ks37560.kimsufi.:domain *:*                     LISTEN      23912/mydns
    tcp        0      0 localhost.locald:domain *:*                     LISTEN      23912/mydns
    tcp        0      0 *:ssh                   *:*                     LISTEN      2606/sshd
    tcp        0      0 *:smtp                  *:*                     LISTEN      30739/master
    tcp        0      0 *:https                 *:*                     LISTEN      11343/apache2
    server is listening on port 25
    with the fw on, I can't do anything on port 25 from remote computer
    with the fw off, nmap say the port 25 is filtered
    I use basic fw settings for under ISPconfig3 administration console wich are

    TCP open ports : 20,21,22,25,53,80,110,143,443,3306,8080,10000
    UDP open ports : 53,3306

    Really disapointed with this issue ...
  9. till

    till Super Moderator Staff Member ISPConfig Developer

    Please set the firewall to off, wait a minute and then run:

    iptables -L

    and post the output.
  10. drub4n

    drub4n New Member

    iptables -L

    Chain INPUT (policy ACCEPT)
    target     prot opt source               destination
    Chain FORWARD (policy ACCEPT)
    target     prot opt source               destination
    Chain OUTPUT (policy ACCEPT)
    target     prot opt source               destination
    Chain fail2ban-ssh (0 references)
    target     prot opt source               destination
    RETURN     all  --  anywhere             anywhere

    Last edited: Aug 31, 2009
  11. till

    till Super Moderator Staff Member ISPConfig Developer

    Mailserver is listening on all interfaces and no firewall is blocking a port, so your problem is outside of thsi server. The telnet command above is fine as well as it is not freezing, it just waits for your input.

    Either you run a external firewall that is blocking traffic or your access provider is blocking port 25.
  12. drub4n

    drub4n New Member

    ok thx till,

    I'll check this issue with my provider.


Share This Page