My SMTP is not working

Hello to everyone.

I have many problems with my smtp postfix, i trying to send email but is like not working smtp and not listening at any port.

I trying to connect by telnet to port 25 but it stand by waiting all time.

I have a basic installation the ubuntu server (9.04) and ispconfig 3.

It is very weird because the pop3 server is working fine, and imap and webmail too.

I dont understund nothing... this situation drive me crazy all time.

Could anybody help me?

Thank you very much.

This is my netstat

root@virt175:/var/log# netstat -ntpl
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN 873/pure-ftpd (SERV
tcp 0 0 94.23.87.214:53 0.0.0.0:* LISTEN 762/mydns
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 762/mydns
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 481/sshd
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 10687/master
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 1704/apache2
tcp 0 0 127.0.0.1:10025 0.0.0.0:* LISTEN 10687/master
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN 563/mysqld
tcp 0 0 127.0.0.1:783 0.0.0.0:* LISTEN 695/spamd.pid
tcp 0 0 0.0.0.0:8080 0.0.0.0:* LISTEN 1704/apache2
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 1704/apache2
tcp6 0 0 :::21 :::* LISTEN 873/pure-ftpd (SERV
tcp6 0 0 ::1:53 :::* LISTEN 762/mydns
tcp6 0 0 :::22 :::* LISTEN 481/sshd
tcp6 0 0 :::993 :::* LISTEN 728/couriertcpd
tcp6 0 0 :::995 :::* LISTEN 750/couriertcpd
tcp6 0 0 :::110 :::* LISTEN 736/couriertcpd
tcp6 0 0 :::143 :::* LISTEN 714/couriertcpd

My main.cf
# Debian specific: Specifying a file name will cause the first
# line of that file to be used as the name. The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

readme_directory = /usr/share/doc/postfix

# TLS parameters
smtpd_tls_cert_file = /etc/postfix/smtpd.cert
smtpd_tls_key_file = /etc/postfix/smtpd.key
smtpd_use_tls = yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.

myhostname = ispconfig.unelink.net
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = ispconfig.unelink.net, localhost, localhost.localdomain
relayhost =
mynetworks = 127.0.0.0/8
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
html_directory = /usr/share/doc/postfix/html
virtual_alias_domains =
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, mysql:/etc/postfix/mysql-virtual_email2email.cf
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
virtual_mailbox_base = /var/vmail
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_sasl_authenticated_header = yes
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, check_recipient_access mysql:/etc/postfix/mysql-virtual_recipient.cf, reject_unauth_destination
smtpd_tls_security_level = may
transport_maps = proxy:mysql:/etc/postfix/mysql-virtual_transports.cf
relay_domains = mysql:/etc/postfix/mysql-virtual_relaydomains.cf
virtual_create_maildirsize = yes
virtual_maildir_extended = yes
virtual_mailbox_limit_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailbox_limit_maps.cf
virtual_mailbox_limit_override = yes
virtual_maildir_limit_message = "The user you are trying to reach is over quota."
virtual_overquota_bounce = yes
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps
smtpd_sender_restrictions = check_sender_access mysql:/etc/postfix/mysql-virtual_sender.cf
smtpd_client_restrictions = check_client_access mysql:/etc/postfix/mysql-virtual_client.cf
maildrop_destination_concurrency_limit = 1
maildrop_destination_recipient_limit = 1
virtual_transport = maildrop
header_checks = regexp:/etc/postfix/header_checks
mime_header_checks = regexp:/etc/postfix/mime_header_checks
nested_header_checks = regexp:/etc/postfix/nested_header_checks
body_checks = regexp:/etc/postfix/body_checks
#content_filter = amavis:[127.0.0.1]:10024
receive_override_options = no_address_mappings
message_size_limit = 0

 

Any errors in your mail log?

 

hello Falko,

Not, no errors in mail.log. There is not nothing is like not exist the service ??

This is all in the mail.log about smtp

Feb 7 19:50:01 virt175 postfix/smtpd[22914]: connect from localhost.localdomain[127.0.0.1]
Feb 7 19:50:01 virt175 postfix/smtpd[22914]: lost connection after CONNECT from localhost.localdomain[127.0.0.1]
Feb 7 19:50:01 virt175 postfix/smtpd[22914]: disconnect from localhost.localdomain[127.0.0.1]

 

Hi falko...

I am having a bit same error. i am able to

telnet localhost 25

but i am unable to telnet 172.26.24.6 25 (172.26.24.6 is my Server IP)


and got such logs "did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA"

Feb 8 11:15:02 isp1 imapd: Disconnected, ip=[::ffff:127.0.0.1], time=0
Feb 8 11:15:02 isp1 pop3d: Connection, ip=[::ffff:127.0.0.1]
Feb 8 11:15:02 isp1 pop3d: Disconnected, ip=[::ffff:127.0.0.1]
Feb 8 11:20:01 isp1 pop3d: Connection, ip=[::ffff:127.0.0.1]
Feb 8 11:20:01 isp1 pop3d: Disconnected, ip=[::ffff:127.0.0.1]
Feb 8 11:20:01 isp1 imapd: Connection, ip=[::ffff:127.0.0.1]
Feb 8 11:20:01 isp1 imapd: Disconnected, ip=[::ffff:127.0.0.1], time=0
Feb 8 11:20:01 isp1 sendmail[787]: o186K11h000787: localhost.localdomain [127.0.0.1] did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA
Feb 8 11:25:01 isp1 sendmail[994]: o186P1wn000994: localhost.localdomain [127.0.0.1] did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA
Feb 8 11:25:01 isp1 pop3d: Connection, ip=[::ffff:127.0.0.1]
Feb 8 11:25:01 isp1 pop3d: Disconnected, ip=[::ffff:127.0.0.1]
Feb 8 11:25:01 isp1 imapd: Connection, ip=[::ffff:127.0.0.1]
Feb 8 11:25:01 isp1 imapd: Disconnected, ip=[::ffff:127.0.0.1], time=0
Feb 8 11:30:01 isp1 sendmail[1202]: o186U1Nj001202: localhost.localdomain [127.0.0.1] did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA
Feb 8 11:30:01 isp1 pop3d: Connection, ip=[::ffff:127.0.0.1]
Feb 8 11:30:01 isp1 pop3d: Disconnected, ip=[::ffff:127.0.0.1]
Feb 8 11:30:01 isp1 imapd: Connection, ip=[::ffff:127.0.0.1]
Feb 8 11:30:01 isp1 imapd: Disconnected, ip=[::ffff:127.0.0.1], time=0
Feb 8 11:35:01 isp1 imapd: Connection, ip=[::ffff:127.0.0.1]
Feb 8 11:35:01 isp1 imapd: Disconnected, ip=[::ffff:127.0.0.1], time=0
Feb 8 11:35:01 isp1 pop3d: Connection, ip=[::ffff:127.0.0.1]
Feb 8 11:35:01 isp1 pop3d: Disconnected, ip=[::ffff:127.0.0.1]
Feb 8 11:35:01 isp1 sendmail[1409]: o186Z1lq001409: localhost.localdomain [127.0.0.1] did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA
Feb 8 11:40:01 isp1 sendmail[1616]: o186e16X001616: localhost.localdomain [127.0.0.1] did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA
Feb 8 11:40:01 isp1 imapd: Connection, ip=[::ffff:127.0.0.1]
Feb 8 11:40:01 isp1 imapd: Disconnected, ip=[::ffff:127.0.0.1], time=0
Feb 8 11:40:01 isp1 pop3d: Connection, ip=[::ffff:127.0.0.1]
Feb 8 11:40:01 isp1 pop3d: Disconnected, ip=[::ffff:127.0.0.1]
Feb 8 11:45:01 isp1 imapd: Connection, ip=[::ffff:127.0.0.1]
Feb 8 11:45:01 isp1 imapd: Disconnected, ip=[::ffff:127.0.0.1], time=0
Feb 8 11:45:01 isp1 pop3d: Connection, ip=[::ffff:127.0.0.1]
Feb 8 11:45:01 isp1 pop3d: Disconnected, ip=[::ffff:127.0.0.1]

 

[root@isp1 ~]# netstat -tap
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 localhost.localdomain:2208 *:* LISTEN 2928/hpiod
tcp 0 0 *:vce *:* LISTEN 4179/ricci
tcp 0 0 localhost.localdomain:smux *:* LISTEN 2944/snmpd
tcp 0 0 *:5801 *:* LISTEN 31660/Xvnc
tcp 0 0 *:mysql *:* LISTEN 3086/mysqld
tcp 0 0 *:5803 *:* LISTEN 31821/Xvnc
tcp 0 0 *:5901 *:* LISTEN 31660/Xvnc
tcp 0 0 localhost.localdomain:5902 *:* LISTEN 3302/Xvnc
tcp 0 0 localhost.local:dyna-access *:* LISTEN 3002/clamd
tcp 0 0 *:5903 *:* LISTEN 31821/Xvnc
tcp 0 0 *:sunrpc *:* LISTEN 2649/portmap
tcp 0 0 *:ndmp *:* LISTEN 4212/perl
tcp 0 0 *:752 *:* LISTEN 2690/rpc.statd
tcp 0 0 *:6001 *:* LISTEN 31660/Xvnc
tcp 0 0 *:6003 *:* LISTEN 31821/Xvnc
tcp 0 0 *:16851 *:* LISTEN 4104/modclusterd
tcp 0 0 192.168.122.1:domain *:* LISTEN 3557/dnsmasq
tcp 0 0 *:ftp *:* LISTEN 3201/pure-ftpd (SER
tcp 0 0 isp1.wateen.com:domain *:* LISTEN 3111/mydns
tcp 0 0 localhost.localdomai:domain *:* LISTEN 3111/mydns
tcp 0 0 localhost.localdomain:ipp *:* LISTEN 2966/cupsd
tcp 0 0 localhost.localdomain:smtp *:* LISTEN 31650/sendmail: acc
tcp 0 0 localhost.localdomain:2207 *:* LISTEN 2933/python
tcp 0 0 *:imaps *:* LISTEN 3132/couriertcpd
tcp 0 0 *op3s *:* LISTEN 3144/couriertcpd
tcp 0 0 *op3 *:* LISTEN 3138/couriertcpd
tcp 0 0 *:imap *:* LISTEN 3125/couriertcpd
tcp 0 0 *:webcache *:* LISTEN 3190/httpd
tcp 0 0 *:http *:* LISTEN 3190/httpd
tcp 0 0 *:6001 *:* LISTEN 31660/Xvnc
tcp 0 0 *:6003 *:* LISTEN 31821/Xvnc
tcp 0 0 *:sd *:* LISTEN 2989/acronisagent
tcp 0 0 *:ftp *:* LISTEN 3201/pure-ftpd (SER
tcp 0 0 localhost6.localdoma:domain *:* LISTEN 3111/mydns
tcp 0 0 *:ssh *:* LISTEN 2957/sshd
tcp 0 0 *:https *:* LISTEN 3190/httpd
tcp 0 0 isp1.testserver1.com:ssh ::ffff:172.29.3.161:a15 ESTABLISHED 4554/2
tcp 0 0 isp1.testserver1:ssh ::ffff:172.29.3.161:lv-auth ESTABLISHED 28780/1


i tried "service iptables stop" also, but again there was a same message

C:\>telnet 172.26.24.6 25
Connecting To 172.26.24.6...Could not open connection to the host, on port 25: Connect failed

on the same side port 110 is working fine.


Please help....

 

Can you post the output of

Code:

netstat -tap

?

 

i cant send email

Hello to everybody.

Here my netstat -tap

root@virt175:~# netstat -tap
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 *:ftp *:* LISTEN 873/pure-ftpd (SERV
tcp 0 0 virt175.unelink.:domain *:* LISTEN 762/mydns
tcp 0 0 localhost.locald:domain *:* LISTEN 762/mydns
tcp 0 0 *:ssh *:* LISTEN 481/sshd
tcp 0 0 *:smtp *:* LISTEN 11878/master
tcp 0 0 *:https *:* LISTEN 1704/apache2
tcp 0 0 localhost.localdo:10025 *:* LISTEN 11878/master
tcp 0 0 *:mysql *:* LISTEN 563/mysqld
tcp 0 0 localhost.localdo:spamd *:* LISTEN 695/spamd.pid
tcp 0 0 *:http-alt *:* LISTEN 1704/apache2
tcp 0 0 *:www *:* LISTEN 1704/apache2
tcp 0 248 virt175.unelink.net:ssh 175.Red-88-8-232.:14524 ESTABLISHED 7795/0
tcp6 0 0 [::]:ftp [::]:* LISTEN 873/pure-ftpd (SERV
tcp6 0 0 ::1%134631480:domain [::]:* LISTEN 762/mydns
tcp6 0 0 [::]:ssh [::]:* LISTEN 481/sshd
tcp6 0 0 [::]:imaps [::]:* LISTEN 728/couriertcpd
tcp6 0 0 [::]op3s [::]:* LISTEN 750/couriertcpd
tcp6 0 0 [::]op3 [::]:* LISTEN 736/couriertcpd
tcp6 0 0 [::]:imap2 [::]:* LISTEN 714/couriertcpd

 

In my case, I have no problems telnetting into localhost 25, but cannot externally.

If you have a router connected make sure you have port 25 forwarded to your Servers internal IP.

If you already have that setup or don;t have a router, then your ISP is blocking port 25, as they are in my case

I have to use the 'relayhost' option in the ISP Server config. Just put your ISP's outgoing mail server there.

 

Ok, my domain it is in virtualserver but they say me that all ports it is not blocked.

When i had my server with router adsl all worked fine, but Telefonica in Spain wants more money for statics IP (16€ per month) and this is same a robbish (atrack without pistol xDDD).

I dont understund nothing

Thank you... may be Till or Falko could help us because they are very experts.

 

What's the output of

Code:

iptables -L

?

 

Last login: Tue Feb 9 12:38:26 2010 from 172.29.3.161
[root@isp1 ~]# iptables -L
Chain INPUT (policy DROP)
target prot opt source destination
fail2ban-SSH tcp -- anywhere anywhere tcp dpt:ssh
DROP tcp -- anywhere 127.0.0.0/8
ACCEPT all -- anywhere anywhere state RELATED,ESTAB LISHED
ACCEPT all -- anywhere anywhere
DROP all -- BASE-ADDRESS.MCAST.NET/4 anywhere
PUB_IN all -- anywhere anywhere
PUB_IN all -- anywhere anywhere
PUB_IN all -- anywhere anywhere
PUB_IN all -- anywhere anywhere
DROP all -- anywhere anywhere

Chain FORWARD (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere state RELATED,ESTAB LISHED
DROP all -- anywhere anywhere

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
PUB_OUT all -- anywhere anywhere
PUB_OUT all -- anywhere anywhere
PUB_OUT all -- anywhere anywhere
PUB_OUT all -- anywhere anywhere

Chain INT_IN (0 references)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere
DROP all -- anywhere anywhere

Chain INT_OUT (0 references)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere
ACCEPT all -- anywhere anywhere

Chain PAROLE (12 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere

Chain PUB_IN (4 references)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere icmp destination-un reachable
ACCEPT icmp -- anywhere anywhere icmp echo-reply
ACCEPT icmp -- anywhere anywhere icmp time-exceeded
ACCEPT icmp -- anywhere anywhere icmp echo-request
PAROLE tcp -- anywhere anywhere tcp dpt:ftp-data
PAROLE tcp -- anywhere anywhere tcp dpt:ftp
PAROLE tcp -- anywhere anywhere tcp dpt:ssh
PAROLE tcp -- anywhere anywhere tcp dpt:smtp
PAROLE tcp -- anywhere anywhere tcp dpt:domain
PAROLE tcp -- anywhere anywhere tcp dpt:http
PAROLE tcp -- anywhere anywhere tcp dptop3
PAROLE tcp -- anywhere anywhere tcp dpt:imap
PAROLE tcp -- anywhere anywhere tcp dpt:https
PAROLE tcp -- anywhere anywhere tcp dpt:mysql
PAROLE tcp -- anywhere anywhere tcp dpt:webcache
PAROLE tcp -- anywhere anywhere tcp dpt:ndmp
ACCEPT udp -- anywhere anywhere udp dpt:domain
ACCEPT udp -- anywhere anywhere udp dpt:mysql
DROP icmp -- anywhere anywhere
DROP all -- anywhere anywhere

Chain PUB_OUT (4 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere

Chain fail2ban-SSH (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere
[root@isp1 ~]#

 

Can you switch off the firewall for testing purposes? Does it work then?

 

Yes, i have tested, service iptables stop....

it again remain same.

 

Hello Falko,

This is my iptables

root@virt175:/# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Chain fail2ban-ssh (0 references)
target prot opt source destination
RETURN all -- anywhere anywhere


Thanks a lot

 

Your port may be blocked at ISP level. Not unusual at all.

Try this:

Code:

iptables -t nat -I PREROUTING -p tcp --dport 587 -j REDIRECT --to-ports 25

Then try smtp via port 587.

Port 587 is like a new standard port by now.

Edit:
You need to have iptables running of course.

 

Wauuu Nike, you are a magician xDDD thank you very much.

If you know so many nights i had been fighting against server for this problem...

Thank you thank you thank you.

 

No problem!