with ISPConfig, Postfix, and Courier, mail does not send or receive

Discussion in 'Server Operation' started by karazy-k, Apr 11, 2009.

  1. karazy-k

    karazy-k New Member

    Hello,

    Thank you in advance for your help. I have recently followed Falko's perfect setup for a Debian box running ISPConfig. The install went smoothly (a great help btw) and I am hosting several sites already! However I cannot figure out how to get mail working for the websites' users.

    I have installed the roundcube package using ISPConfig's update utility. That seems to work fine. As I understand it, roundcube is only a visual interface to postfix and courier and would not be responsible for mail difficulties per se. I can login using any user name and password I create in the ISPConfig site manager. I can navigate all the menus in roundcube fine, but cannot send or receive email at all.

    If I send an email, roundcube splashes a notice saying it sent successfully, but it never reaches its destination. Any email sent to the address results in an error 550, the recipient is not accepted.

    Fishing around these forums I have found many threads dealing with this issue, as it appears to be a common one. I could not find a solution on my own however, so I hope someone on this forum can guide me through it.

    The most indepth trouble shooting I've done is running 'tail -f /var/log/mail.log'. I see that I login and logout of the imapd server almost every minute. No other information is displayed when I try to send or receive a mail.

    As an aside, I am using Putty to connect to my server and do not know how to copy information displayed in that window into another to share, e.g. to share netstat -tap results. Does anyone know a way to do this?

    -K
     
  2. karazy-k

    karazy-k New Member

    I began going through the perfect setup for ISPConfig 2 on Debian by Falko. I followed the instruction line for line again for Postfix installation. Then, at the end, to test it was all working, Falko says enter "telnet localhost 25". I do and I do not get results that match what I should get. Here is what I get.

    I guess I am missing 250-STARTTLS and 250-AUTH LOGIN PLAIN

    What does this mean?
     
  3. falko

    falko Super Moderator Howtoforge Staff Moderator HowtoForge Supporter ISPConfig Developer

    You can simply mark text in PuTTy, and it's in your clipboard.

    What's in /etc/postfix/main.cf?
     
  4. karazy-k

    karazy-k New Member

    Here is what I find in /etc/postfix/main.cf

    Code:
    [SIZE="2"]
    # Debian specific:  Specifying a file name will cause the first
    # line of that file to be used as the name.  The Debian default
    # is /etc/mailname.
    #myorigin = /etc/mailname
    
    smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
    biff = no
    
    # appending .domain is the MUA's job.
    append_dot_mydomain = no
    
    # Uncomment the next line to generate "delayed mail" warnings
    #delay_warning_time = 4h
    
    readme_directory = no
    
    # TLS parameters
    smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
    smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
    smtpd_use_tls = yes
    smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
    smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
    
    # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
    # information on enabling SSL in the smtp client.
    
    myhostname = kyleserver1.kylekarhohs.me
    alias_maps = hash:/etc/aliases
    alias_database = hash:/etc/aliases
    myorigin = /etc/mailname
    #mydestination = kyleserver1.kylekarhohs.me, localhost.kylekarhohs.me, localhost.localdomain, localhost
    relayhost =
    mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
    mailbox_command = procmail -a "$EXTENSION"
    mailbox_size_limit = 0
    recipient_delimiter = +
    inet_interfaces = all
    inet_protocols = all
    smtpd_sasl_local_domain =
    smtpd_sasl_auth_enable = yes
    smtpd_sasl_security_options = noanonymous
    broken_sasl_auth_clients = yes
    smtpd_sasl_authenticated_header = yes
    smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
    smtpd_tls_auth_only = no
    smtp_use_tls = yes
    smtp_tls_note_starttls_offer = yes
    smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
    smtpd_tls_loglevel = 1
    smtpd_tls_received_header = yes
    smtpd_tls_session_cache_timeout = 3600s
    tls_random_source = dev:/dev/urandom
    
    virtual_maps = hash:/etc/postfix/virtusertable
    
    mydestination = kyleserver1.kylekarhohs.me, localhost.kylekarhohs.me,localhost.localdomain,localhost
    
    [/SIZE]
    
    Thanks. -K
     
  5. falko

    falko Super Moderator Howtoforge Staff Moderator HowtoForge Supporter ISPConfig Developer

    Please run
    Code:
    postconf -e 'mydestination = /etc/postfix/local-host-names'
    /etc/init.d/postfix restart
    What does telnet show then?
     
  6. karazy-k

    karazy-k New Member

    Here are the new results from telnet
    Code:
    [SIZE="2"]
    ehlo localhost
    250-kyleserver1.kylekarhohs.me Hello localhost [127.0.0.1], pleased to meet you
    250-ENHANCEDSTATUSCODES
    250-PIPELINING
    250-EXPN
    250-VERB
    250-8BITMIME
    250-SIZE
    250-DSN
    250-ETRN
    250-AUTH DIGEST-MD5 CRAM-MD5
    250-DELIVERBY
    250 HELP
    quit
    221 2.0.0 kyleserver1.kylekarhohs.me closing connection
    Connection closed by foreign host.
    
    [/SIZE]
    I also confirmed that the /etc/postfix/main.cf file had been edited properly, it had. Thank you for your assistance. Your advice is still helpful, for looking at /etc/postfix/local-host-names I found

    Code:
    [SIZE="2"]
    ###################################
    #
    # ISPConfig local-host-names Configuration File
    #         Version 1.0
    #
    ###################################
    localhost
    kyleserver1.kylekarhohs.me
    localhost.kyleserver1.kylekarhohs.me
    localhost.kylekarhohs.me
    localhost.localdomain
    www.melonquark.net
    www.kylekarhohs.me
    www.kaylagbmfoundation.org
    melonquark.net
    kylekarhohs.me
    kitchenriot.net
    kaylagbmfoundation.org
    mail.kylekarhohs.me
    #### MAKE MANUAL ENTRIES BELOW THIS LINE! ####
    
    [/SIZE]
    I recognize these as the domains I am hosting. It would appear ISPConfig writes to this file automatically. Nothing is entered below the manual entries comment. Thank you for all your help to this point, but it appears there are still issues. I hope you can assist further.

    -K
     
    Last edited: Apr 13, 2009
  7. falko

    falko Super Moderator Howtoforge Staff Moderator HowtoForge Supporter ISPConfig Developer

    What's the output of
    Code:
    netstat -tap
    ? I tend to think that maybe Sendmail is running instead of Postfix...
     
  8. karazy-k

    karazy-k New Member

    Hey Falko,

    I think your intuition is right. Here is what my 'netstat -tap' shows

    Code:
    [SIZE="2"]
    Active Internet connections (servers and established)
    Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
    tcp        0      0 localhost:10024         *:*                     LISTEN      25614/amavisd (mast
    tcp        0      0 *:mysql                 *:*                     LISTEN      26675/mysqld
    tcp        0      0 localhost:submission    *:*                     LISTEN      23295/sendmail: MTA
    tcp        0      0 *:sunrpc                *:*                     LISTEN      1630/portmap
    tcp        0      0 *:81                    *:*                     LISTEN      14119/ispconfig_htt
    tcp        0      0 *:52372                 *:*                     LISTEN      1641/rpc.statd
    tcp        0      0 kyleserver1.kyle:domain *:*                     LISTEN      14707/named
    tcp        0      0 localhost:domain        *:*                     LISTEN      14707/named
    tcp        0      0 *:ssh                   *:*                     LISTEN      2842/sshd
    tcp        0      0 localhost:953           *:*                     LISTEN      14707/named
    tcp        0      0 localhost:smtp          *:*                     LISTEN      23295/sendmail: MTA
    tcp        0     52 kyleserver1.kylekar:ssh 192.168.2.24:51877      ESTABLISHED 31122/sshd: kyle [p
    tcp6       0      0 [::]:imaps              [::]:*                  LISTEN      9371/couriertcpd
    tcp6       0      0 [::]:pop3s              [::]:*                  LISTEN      9388/couriertcpd
    tcp6       0      0 [::]:pop3               [::]:*                  LISTEN      9201/couriertcpd
    tcp6       0      0 [::]:imap2              [::]:*                  LISTEN      9282/couriertcpd
    tcp6       0      0 [::]:www                [::]:*                  LISTEN      10279/apache2
    tcp6       0      0 [::]:ftp                [::]:*                  LISTEN      27541/proftpd: (acc
    tcp6       0      0 [::]:ssh                [::]:*                  LISTEN      2842/sshd
    tcp6       0      0 localhost:953           [::]:*                  LISTEN      14707/named
    tcp6       0      0 [::]:https              [::]:*                  LISTEN      10279/apache2
    tcp6       0     58 kyleserver1.kylekar:ftp mail.dezandis.com:51594 ESTABLISHED 31522/proftpd: (acc
    tcp6       0      0 kyleserver1.kylekar:www 18925023069.user.:60928 ESTABLISHED 32733/apache2
    
    [/SIZE]
    No where does it list Postfix running, and it does list sendmail. What is the difference between Postfix and sendmail? What does this table of information list? What is 'netstat -tap' showing us? What is the difference between LISTEN and ESTABLISHED? I've never heard of mail.dezandis.com, but I'm connected to it? I went there and it just says "Apache is working". Is this an attack on my server?

    Thanks for your help Falko. Would you be able to tell me how I remove sendmail and replace it with Postfix?

    -K
     
  9. falko

    falko Super Moderator Howtoforge Staff Moderator HowtoForge Supporter ISPConfig Developer

    Please run
    Code:
    /etc/init.d/sendmail stop
    /etc/init.d/postfix start
    Afterwards, the telnet output should be ok.

    Which distribution are you using?

    Postfix and Sendmail are both MTAs, but Postfix is much easier to configure.

    To learn more about netstat, take a look at
    Code:
    man netstat
     
  10. karazy-k

    karazy-k New Member

    Thank you Falko. Your advice was spot on. I shutdown sendmail and fired up postfix. My telnet results are now as expected.
    Code:
    [SIZE="2"]220 kyleserver1.kylekarhohs.me ESMTP Postfix (Debian/GNU)
    ehlo localhost
    250-kyleserver1.kylekarhohs.me
    250-PIPELINING
    250-SIZE 10240000
    250-VRFY
    250-ETRN
    250-STARTTLS
    250-AUTH PLAIN LOGIN
    250-AUTH=PLAIN LOGIN
    250-ENHANCEDSTATUSCODES
    250-8BITMIME
    250 DSN
    quit
    221 2.0.0 Bye
    Connection closed by foreign host.
    [/SIZE]
    However, my situation is still not completely resolved. I am able to send mail from within my RoundCube interface, but whenever I send an email to the address I get a 550 error.

    I looked at the log, /var/log/mail.log, and found several things.

    First, ClamAV kept recording that it was out of date. I saw the new ISPConfig updated ClamAV, so I went ahead and updated ISPConfig to version 2.2.32. My linux distro is Debian 5.0.1. Looking back in the log, ClamAV now confirms it is up to date.

    Second, I do not know if this is normal, but my log is full of entries like this:
    Code:
    [SIZE="2"]
    Apr 15 12:52:18 kyleserver1 imapd: LOGIN, user=username, ip=[::ffff:127.0.0.1], port=[47962], protocol=IMAP
    Apr 15 12:52:18 kyleserver1 imapd: LOGOUT, user=username, ip=[::ffff:127.0.0.1], headers=0, body=0, rcvd=10, sent=83, time=0
    Apr 15 12:53:18 kyleserver1 imapd: Connection, ip=[::ffff:127.0.0.1]
    Apr 15 12:53:18 kyleserver1 imapd: LOGIN, user=username, ip=[::ffff:127.0.0.1], port=[47963], protocol=IMAP
    Apr 15 12:53:18 kyleserver1 imapd: LOGOUT, user=username, ip=[::ffff:127.0.0.1], headers=0, body=0, rcvd=31, sent=335, time=0[/SIZE]
    90% of my log seems to be filled with the LOGIN-LOGOUT statements every minute. All that changes is the port number. Should there be one specific port number assigned to the mail?

    Third, when I send an email from roundcube I can find the entry in the log that documents this action. However, there is no documentation of receiving an incoming message when I try to send an email to the account. It seems that whatever I am sending never makes it to the mail server. My mail log is becoming rather lengthy, too, is there a way to keep it short?

    Thanks for your continued assistance Falko. Head way is being made, but might you know the cause of my latest quandry?

    -K
     
    Last edited: Apr 15, 2009
  11. falko

    falko Super Moderator Howtoforge Staff Moderator HowtoForge Supporter ISPConfig Developer

    Please check if the MX records of your domains are pointing to the correct server:
    Code:
    dig mx yourdomain.com
     
  12. karazy-k

    karazy-k New Member

    So dig is a command built to query information about Domain Name Systems and the Mail eXchange record holds the information a sending agent (e.g. gmail) needs to deliver an email to the right location?

    Here is my mx record for kylekarhohs.me
    Code:
    [SIZE="2"]
    ; <<>> DiG 9.5.1-P1 <<>> mx kylekarhohs.me
    ;; global options:  printcmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 56931
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
    
    ;; QUESTION SECTION:
    ;kylekarhohs.me.                        IN      MX
    
    ;; ANSWER SECTION:
    kylekarhohs.me.         3600    IN      MX      0 smtp.secureserver.net.
    kylekarhohs.me.         3600    IN      MX      10 mailstore1.secureserver.net.
    
    ;; ADDITIONAL SECTION:
    mailstore1.secureserver.net. 1154 IN    A       64.202.166.11
    
    ;; Query time: 147 msec
    ;; SERVER: 192.168.2.1#53(192.168.2.1)
    ;; WHEN: Thu Apr 16 23:32:51 2009
    ;; MSG SIZE  rcvd: 112
    [/SIZE]
    In an effort to pinpoint the useful information I used the same command on a fake domain name, i.e. not hosted on my server, and got this

    Code:
    [SIZE="2"]
    ; <<>> DiG 9.5.1-P1 <<>> mx noodles.com
    ;; global options:  printcmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 23004
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
    
    ;; QUESTION SECTION:
    ;noodles.com.                   IN      MX
    
    ;; ANSWER SECTION:
    noodles.com.            900     IN      MX      10 tm.noodles.com.
    
    ;; Query time: 63 msec
    ;; SERVER: 192.168.2.1#53(192.168.2.1)
    ;; WHEN: Thu Apr 16 23:34:26 2009
    ;; MSG SIZE  rcvd: 48
    
    [/SIZE]
    I wonder what the numbers 900, 1154, and 3600 mean. I recognize 192.168.2.1 to be the local IP of my router, not my server. I do not recognize any of the secureserver.net domains, nor the 64.202.166.11.

    I tried to go to 64.202.166.11 in my browser, but only found a broken link. When I tried to go to secureserver.net I got a page saying "This site is not currently available."

    Perhaps this information is all wrong and causing my problems. The mail server is in my box as I understand it. Do I have to configure the mx records to point to my mail server?

    I am stuck again. Thank you for your continued help Falko.

    -K
     
  13. falko

    falko Super Moderator Howtoforge Staff Moderator HowtoForge Supporter ISPConfig Developer

    Yes. Currently the preferred mailserver for your domain is smtp.secureserver.net (which I guess is not your server).
     
  14. karazy-k

    karazy-k New Member

    Falko, you are an all-star. I did not understand the MX records are closely related to the domain name system. I went to my domain manager and changed the MX records for the domains I am hosting.

    This has brought me one step closer to having a fully functioning mail server within ISPConfig. I am now able to send emails to my domains and the transaction is recorded within the mail log.

    However, even though whatever I send shows up in the inbox of RoundCube, I cannot read it. Where the email should be displayed is a message saying, "The website cannot display the page." Is there a folder within the server that holds the emails where I can verify the content is there. I'm thinking this could be a RoundCube problem.

    Does anyone know why that might be?

    I also cannot seem to get ISPConfig to forward to other email addresses. I add the email address to be forwarded to in the advanced settings of a user, but this does not seem to work. Can this be set up on the server directly without using the ISPConfig GUI?

    Thank you very much,
    -K
     
    Last edited: Apr 20, 2009
  15. falko

    falko Super Moderator Howtoforge Staff Moderator HowtoForge Supporter ISPConfig Developer

    Have you tried a normal email client such as Outlook or Tunderbird? If it works there, then it's most likely a RoundCube problem.

    ISPConfig 2 or 3?
    Do you see any errors in the mail log when you send an email to account for which you've set up forwards?
     
  16. the1matrix1

    the1matrix1 New Member

    Mr. Falko

    I really don't know how to thank u... Very huge thanks for your help as this helped me also.

    at last just if i can help you in any thing just let me know.

    and also thanks for Mr. karazy-k

    your The1Matrix1
     

Share This Page