Sending email with postfix, relay host, STARTTLS problem? Hi, I have setup a (ISP config) server following the steps in http://howtoforge.org/perfect-server-ubuntu-9.04-ispconfig-3 I want to send email using my isp providers smtp server (smtp.live.com). I have edited /etc/postfix/main.cf and added/changed relayhost = smtp.live.com smtp_sasl_auth_enable = yes smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd When trying to send email I get this in mail.log Aug 25 16:56:15 isp1 postfix/smtp[10711]: B3423E220A: to=<[email protected]>, relay=smtp.live.com[65.55.172.254]:25, delay=0.67, delays=0.03/0.09/0.44/0.12, dsn=5.7.0, status=bounced (host smtp.live.com[65.55.172.254] said: 530 5.7.0 Must issue a STARTTLS command first (in reply to MAIL FROM command)) Aug 25 16:56:15 isp1 postfix/cleanup[10690]: 8ACA7E2220: message-id=<[email protected]> Anyone knowing the steps to get this working with the ISPConfig 3 setup? Thanks, totte
Here is the output; Code: tk@isp1:~$ telnet localhost 25 Trying ::1... Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. 220 isp1.monkisoft.com ESMTP Postfix (Ubuntu) ehlo localhost 250-isp1.monkisoft.com 250-PIPELINING 250-SIZE 250-VRFY 250-ETRN 250-STARTTLS 250-AUTH PLAIN LOGIN 250-AUTH=PLAIN LOGIN 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN I guess the PLAIN LOGIN is a problem? Here is my main.cf: Code: smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) biff = no # appending .domain is the MUA's job. append_dot_mydomain = no # Uncomment the next line to generate "delayed mail" warnings #delay_warning_time = 4h readme_directory = /usr/share/doc/postfix # TLS parameters smtpd_tls_cert_file = /etc/postfix/smtpd.cert smtpd_tls_key_file = /etc/postfix/smtpd.key smtpd_use_tls = yes smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for # information on enabling SSL in the smtp client. myhostname = isp1.monkisoft.com alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases myorigin = /etc/mailname mydestination = isp1.monkisoft.com, localhost, localhost.localdomain relayhost = [smtp.live.com] mynetworks = 127.0.0.0/8 [::1]/128 10.11.1.127 mailbox_size_limit = 0 recipient_delimiter = + inet_interfaces = all html_directory = /usr/share/doc/postfix/html virtual_alias_domains = virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, mysql:/etc/postfix/mysql-virtual_email2email.cf virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf virtual_mailbox_base = /var/vmail virtual_uid_maps = static:5000 virtual_gid_maps = static:5000 smtpd_sasl_auth_enable = yes broken_sasl_auth_clients = yes smtpd_sasl_authenticated_header = yes smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, check_recipient_access mysql:/etc/postfix/mysql-virtual_recipient.cf, reject_unauth_destination smtpd_tls_security_level = may transport_maps = proxy:mysql:/etc/postfix/mysql-virtual_transports.cf relay_domains = mysql:/etc/postfix/mysql-virtual_relaydomains.cf virtual_create_maildirsize = yes virtual_maildir_extended = yes virtual_mailbox_limit_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailbox_limit_maps.cf virtual_mailbox_limit_override = yes virtual_maildir_limit_message = "The user you are trying to reach is over quota." virtual_overquota_bounce = yes proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canon smtpd_sender_restrictions = check_sender_access mysql:/etc/postfix/mysql-virtual_sender.cf smtpd_client_restrictions = check_client_access mysql:/etc/postfix/mysql-virtual_client.cf maildrop_destination_concurrency_limit = 1 maildrop_destination_recipient_limit = 1 virtual_transport = maildrop header_checks = regexp:/etc/postfix/header_checks mime_header_checks = regexp:/etc/postfix/mime_header_checks nested_header_checks = regexp:/etc/postfix/nested_header_checks body_checks = regexp:/etc/postfix/body_checks content_filter = amavis:[127.0.0.1]:10024 receive_override_options = no_address_mappings message_size_limit = 0 smtp_sasl_auth_enable = yes smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd smtp_sasl_security_options = smtpd_tls_auth_only = no
I got it working! Here is what I changed. In the main.cf, shown above, changed/added the following lines #changed from no to yes (may not matter for sending mail?) smtpd_tls_auth_only = yes #Added this line smtp_tls_security_level = may I also found a problem in my sasl passwd file: [smtp.live.com] 'useraccountname:my password' However, I still have the following problems. If I send an email from a ssh shell, the email from address is 'myloginname'@isp1.example.com. I can't figure out where isp1.example.com comes from. If I send email using squirrel mail from an account created with ispconfig(3), the email "from" domain is correct. Also, in the mail.log file, I get this "warning" for each mail that is relayed: Aug 27 10:30:58 isp1 postfix/smtp[26534]: certificate verification failed for smtp.live.com[65.55.172.254]:25: untrusted issuer /C=US/O=GTE Corporation/OU=GTE CyberTrust Solutions, Inc./CN=GTE CyberTrust Global Root Not sure how to get rid of that, not sure if I want since mail sending does work now. Anyone knows where to set example.com to my correct domain? Thanks, totte
You must always set the correct sender address in your email client (Outlook, Thunderbird, webmail, on the command line, etc.). What command did you use to send the email? Did you take a look at its man page to find out how to set the sender address?
Thanks Falko, There is no problem with Thunderbird or Outlook, they both send email fine. It is from a command prompt, on the actual hosting machine, using the mail command, i.e. tk@isp1:~$ echo "Hello" | mail -s"a subject" ToSomeEmailAddress The hostname is isp1.monkisoft.com and my username is tk. In the received mail on the other end, the from address is [email protected], not isp1.monkisoft.com. Any help is appreciated, totte
Thanks for suggestion, but I do suspect the the mail "from address" domain is taken from /etc/mailname which contains isp1.example.com at the moment. Can I just edit it with vi, or do I need to reconfigure something. Can I change it from within ISPConfig 3? Thanks, totte
If the sender address is the only issue you're having, I'd not change the name of the mailserver - you might get yourself into trouble. No.
Hi changeed the name isp1.example.com in the file /etc/mailname to isp1.monkisoft.com, which is the correct domain. Now, all outgoing emails have correct from address. Thanks, totte
Problem with from address See I have used gmail smtp i.e. smtp.gmail.com and then I used sasl_passwd file to store smtp.gmail.com usernameassword now in from address of all sent emails I get the username that is mentioned as above in sasl_passwd file I want to change it because if I don't change it all my three different users have same from address in all the emails sent. can any body please suggest any ideas on resolving this problem
Well, this just got the thinbg working. Of course, after adding the relay data on ISPConfig server config area. Best regards!