Ubuntu 11.10-nginx mail send-receive problem

Discussion in 'Installation/Configuration' started by tbctr, Dec 29, 2011.

  1. cbj4074

    cbj4074 HowtoForge Supporter

    Okay, I see your point here: your server is able to send mail without issue via SquirrelMail.

    Unfortunately, I don't know enough about SquirrelMail to know what method, exactly, it uses to do so. It would seem that it uses a method that differs from standard SMTP, as evidenced by the fact that sending mail via SquirrelMail functions as expected. Maybe SquirrelMail uses some PHP method to send mail that bypasses Postfix altogether, hence no problems.

    I don't know why you are receiving a 404 during that process, but that issue seems to be unrelated.

    You didn't answer my question. Have you tried sending mail to recipients at domains other than live.com?

    The reason I ask is that all of the failures in your log (at least within the sample that you provided) are @live.com, using the mail delivery server mx1.hotmail.com. It is possible that live.com / hotmail.com is blocking these connections from your server.

    Also, based on this post of yours ( http://www.howtoforge.com/forums/showpost.php?p=270463&postcount=2 ), as Till said, either:

    a.) the ports in question are closed on your server, or
    b.) the services are not running on the ports that you think they are, or
    c.) connections to the ports are being blocked by a firewall.

    I realize that you are convinced that this is not the case, but logic dictates as much.

    What happens when you issue the following command from your server's terminal:

    Code:
    traceroute mx1.hotmail.com
    
    ?
     
    Last edited: Jan 3, 2012
  2. tbctr

    tbctr Member

    Code:
    root@sunucu:~# traceroute mx1.hotmail.com
    traceroute to mx1.hotmail.com (65.54.188.72), 30 hops max, 60 byte packets
     1  192.168.2.1 (192.168.2.1)  0.541 ms  1.183 ms  1.400 ms
     2  dsl88-249-3073.ttnet.net.tr (88.249.12.1)  8.763 ms  10.367 ms  11.843 ms
     3  81.212.78.137 (81.212.78.137)  15.065 ms  15.261 ms  17.452 ms
     4  81.212.204.150 (81.212.204.150)  18.718 ms  20.899 ms  22.349 ms
     5  static.turktelekom.com.tr (212.156.103.66)  114.032 ms  114.136 ms  115.438                                               ms
     6  static.turktelekom.com.tr (212.156.103.46)  116.917 ms  94.889 ms  95.019 ms
     7  ge-2-3-0-0.lts-64cb-1b.ntwk.msn.net (207.46.42.118)  99.753 ms ge-3-0-0-0.lt                                              s-64cb-1a.ntwk.msn.net (207.46.42.171)  101.491 ms ge-2-3-0-0.lts-64cb-1b.ntwk.m                                              sn.net (207.46.42.118)  102.906 ms
     8  ge-3-0-0-0.nyc-64cb-1a.ntwk.msn.net (207.46.43.44)  176.102 ms  177.739 ms                                                178.200 ms
     9  xe-6-0-3-0.bay-16c-1a.ntwk.msn.net (207.46.40.10)  246.728 ms ge-7-0-0-0.nyc                                              -64cb-1a.ntwk.msn.net (207.46.47.20)  177.925 ms  180.404 ms
    10  * xe-1-0-0-0.sn1-96cb-1a.ntwk.msn.net (207.46.43.80)  199.589 ms *
    11  xe-7-0-1-0.bay-16c-1b.ntwk.msn.net (207.46.43.116)  257.163 ms  257.249 ms *
    12  * * *
    13  * * *
    14  * * *
    15  * * *
    16  * * *
    17  * * *
    18  * * *
    19  * * *
    20  * * *
    21  * * *
    22  * * *
    23  * * *
    24  * * *
    25  * * *
    26  * * *
    27  * * *
    28  * * *
    29  * * *
    30  * * *
    root@sunucu:~#
    
    
    25 port now open I wrote above.
    mxtoolbox port scan result:
    Code:
    
     	21	ftp	Success	206 ms
     	22	ssh	Success	203 ms
     	25	smtp	Success	204 ms
     	53	dns	Success	205 ms
     	80	http	Success	207 ms
     	110	pop3	Success	208 ms
     	143	imap	Success	210 ms
     	3306	my sql	Success	208 ms
     	8080	webcache	Success	209 ms
    
     
  3. cbj4074

    cbj4074 HowtoForge Supporter

    Please answer this question:

    Also, what is the result of the following command:

    Code:
    telnet mx1.hotmail.com 25
    
    I get:

    Code:
    root@localhost:~# telnet mx1.hotmail.com 25
    Trying 65.54.188.126...
    Connected to mx1.hotmail.com.
    Escape character is '^]'.
    220 BAY0-MC4-F37.Bay0.hotmail.com Sending unsolicited commercial or bulk e-mail to Microsoft's computer network is prohibited. Other restrictions are found at http://privacy.microsoft.com/en-us/anti-spam.mspx. Tue, 3 Jan 2012 11:49:50 -0800
    Connection closed by foreign host.
    
    Is the result the same for you?
     
  4. tbctr

    tbctr Member

    Code:
    root@sunucu:~# telnet mx1.hotmail.com 25
    Trying 65.55.37.104...
    Connected to mx1.hotmail.com.
    Escape character is '^]'.
    220 COL0-MC3-F5.Col0.hotmail.com Sending unsolicited commercial or bulk e-mail to Microsoft's computer network is prohibited. Other restrictions are found at http://privacy.microsoft.com/en-us/anti-spam.mspx. Tue, 3 Jan 2012 12:21:35 -0800
    
    
    on**@**pc.com send mail outlook and error :
    SMTP, Port: 25, Yuva Hatası: 10060, Hata numarası: 0x800CCC0E
     
  5. cbj4074

    cbj4074 HowtoForge Supporter

    This result seems to indicate that Hotmail / live.com is not blocking connections from your server. That is good.

    I am sure you have searched for the error message that you posted, "SMTP, Port: 25, Yuva Hatası: 10060, Hata numarası: 0x800CCC0E", which almost certainly indicates that your ISP is tampering with traffic on port 25.

    Edit /etc/postfix/main.cf and ensure that the TLS-related parameters looks similar to this:

    Code:
    # TLS parameters
    smtpd_tls_cert_file = /etc/postfix/smtpd.cert
    smtpd_tls_key_file = /etc/postfix/smtpd.key
    # This directive is deprecated in favor of the below.
    #smtpd_use_tls = yes
    smtpd_tls_security_level = may
    smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
    smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
    smtpd_tls_loglevel = 0
    smtpd_tls_received_header = yes
    smtpd_tls_session_cache_timeout = 3600s
    tls_random_source = dev:/dev/urandom
    
    Next, edit /etc/postfix/master.cf and ensure that the services section of the file has the same lines as below un-commented; this enables email users to send and receive email over SSL:

    Code:
    # ==========================================================================
    # service type  private unpriv  chroot  wakeup  maxproc command + args
    #               (yes)   (yes)   (yes)   (never) (100)
    # ==========================================================================
    smtp      inet  n       -       -       -       -       smtpd
    submission inet n       -       -       -       -       smtpd
    #  -o smtpd_tls_security_level=encrypt
      -o smtpd_sasl_auth_enable=yes
      -o smtpd_client_restrictions=permit_sasl_authenticated,reject
      -o milter_macro_daemon_name=ORIGINATING
    smtps     inet  n       -       -       -       -       smtpd
      -o smtpd_tls_wrappermode=yes
      -o smtpd_sasl_auth_enable=yes
    
    Don't forget to restart Postfix:

    Code:
    service postfix restart
    
    Clients who wish to use STARTTLS should use the standard ports for POP3 (110), IMAP (143), and SMTP (25). Clients who wish to use SSL/TLS should use port 995 for POP3, port 993 for IMAP, and port 465 for SMTP.

    Please try sending mail over port 465, with SSL enabled in your mail client, after making the above changes.
     
    Last edited: Jan 3, 2012
  6. tbctr

    tbctr Member

    no change :( . smtp error
     
  7. cbj4074

    cbj4074 HowtoForge Supporter

    I think this info, from your very first post, says it all:

    Code:
    Dec 29 21:00:01 sunucu postfix/smtpd[11642]: connect from localhost.localdomain[127.0.0.1]
    Dec 29 21:00:01 sunucu postfix/smtpd[11642]: lost connection after CONNECT from localhost.localdomain[127.0.0.1]
    Dec 29 21:00:01 sunucu postfix/smtpd[11642]: disconnect from localhost.localdomain[127.0.0.1]
    Dec 29 21:00:20 sunucu postfix/qmgr[2395]: 433CEC2523: from=, size=1194, nrcpt=1 (queue active)
    Dec 29 21:00:50 sunucu postfix/smtp[11665]: connect to mx2.hotmail.com[65.55.92.136]:25: Connection timed out
    Dec 29 21:01:20 sunucu postfix/smtp[11665]: connect to mx4.hotmail.com[65.55.92.168]:25: Connection timed out
    Dec 29 21:01:50 sunucu postfix/smtp[11665]: connect to mx3.hotmail.com[65.55.92.136]:25: Connection timed out
    Dec 29 21:02:20 sunucu postfix/smtp[11665]: connect to mx4.hotmail.com[65.55.92.184]:25: Connection timed out
    Dec 29 21:02:50 sunucu postfix/smtp[11665]: connect to mx4.hotmail.com[65.55.37.104]:25: Connection timed out
    Dec 29 21:02:50 sunucu postfix/smtp[11665]: 433CEC2523: to=, relay=none, delay=15089, delays=14939/0.02/150/0, dsn=4.4.1, status=deferred (connect to mx4.hotmail.com[65.55.37.104]:25: Connection timed out)
    
    Any networking experts who can weigh-in here? How could the OP be getting these messages but at the same time be able to telnet to the host in question on port 25?

    Code:
    root@sunucu:~# telnet mx1.hotmail.com 25
    Trying 65.55.37.104...
    Connected to mx1.hotmail.com.
    Escape character is '^]'.
    220 COL0-MC3-F5.Col0.hotmail.com Sending unsolicited commercial or bulk e-mail to Microsoft's computer network is prohibited. Other restrictions are found at http://privacy.microsoft.com/en-us/anti-spam.mspx. Tue, 3 Jan 2012 12:21:35 -0800
    
    ? :confused:
     
  8. falko

    falko Super Moderator

    Looks like a blacklist issue. Please check at http://www.mxtoolbox.com/blacklists.aspx
     
  9. tbctr

    tbctr Member

    cbj4074
    my first post during 25 port closed. Then talked my isp and open port 25.
     
  10. cbj4074

    cbj4074 HowtoForge Supporter

    Thanks for your insights, Falko. I realize that you already made this suggestion once in this thread, and it's time for the OP to post his hostname or IP address if he expects further responses, as we have no means by which to confirm his assertion that his IP is not blacklisted absent that information.

    Just to confirm, the blacklist check is made after the connection to the recipient's mail server is established, which would explain why he can telnet to the Hotmail MX server but cannot send mail to it. Correct?
     
    Last edited: Jan 4, 2012
  11. cbj4074

    cbj4074 HowtoForge Supporter

    The issue is not port 25 on your server (it is indeed open, as evidenced by your mxtoolbox port scan).

    The problem is that Hotmail is refusing to accept mail from your server.
     
  12. tbctr

    tbctr Member

    fistly many thanks falko and cbj4074. My ip is not blacklisted. Previously server was debian 6 no problem mail send or receive(There was no problem with ports) . After install Ubuntu nginx. After that it was problem.
    I want to try these:
    I want to change the smtp port.
    Squirrelmail smtp port change 587 after SMTP-Server: Offline.
    Is there a need to change any other setting?
     
  13. cbj4074

    cbj4074 HowtoForge Supporter

    I don't see how changing the SMTP port on your server is going to change anything.

    Please try sending an email message to me, and I'll tell you what happens on my end, as I control the destination server and can examine the mail logs. My address is ben[nospam@please]indietorrent.org.

    If you insist on changing the SMTP port, perhaps see this thread:

    http://www.howtoforge.com/forums/showthread.php?t=19828
     
  14. tbctr

    tbctr Member

    As I mentioned problem outlook smtp error. Outlok mail receive no problem. Send problem.

    Squirrelmail send mail no problem. Pressing send button- mail send but 404 Not Found page. It does not matter, but I want to fix.
     
  15. cbj4074

    cbj4074 HowtoForge Supporter

    I understand that this problem is a problem with sending. That is exactly why I requested that you try sending mail to my domain -- so I can help you debug by seeing what happens when your mail is sent to my server.

    The problem is not with Outlook, and it is not with Postfix. We have eliminated those two items as possible causes. The only possible cause is the receiving server.

    Absolutely. I understand your desire to fix this problem, as it is not normal.

    Please check your Apache access.log for SquirrelMail to see which resource is being requested when the 404 error occurs.

    I don't use SquirrelMail (I use Roundcube, which seems by far superior), so I will be of limited help in that regard.
     
  16. tbctr

    tbctr Member

    I installed Centos 6.2-nginx to another computer and not a problem. Outlook smtp works. Now I'm doing the actual server setup. Also seems CentOS faster and stable. Thank you for your help.
     

Share This Page