ISPConfig 3 has stopped receiving external e-mails

HI everyone,

I have a problem with ISPConfig 3. It has been working fine for the last 4 months and then suddenly stopped receiving external e-mails. I can send with no problem, but can't receive. I have searched this forum and googled but can't find a way to fix this problem.

Here is the output of netstat -tap:

[root@server1 postfix]# netstat -tap
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 localhost.localdomain:10024 *:* LISTEN 2539/amavisd (maste
tcp 0 0 localhost.localdomain:10025 *:* LISTEN 1708/master
tcp 0 0 *:mysql *:* LISTEN 1549/mysqld
tcp 0 0 localhost.local:dyna-access *:* LISTEN 1461/clamd
tcp 0 0 *:ndmp *:* LISTEN 1935/perl
tcp 0 0 server1.example.com:domain *:* LISTEN 1578/mydns
tcp 0 0 localhost.localdomai:domain *:* LISTEN 1578/mydns
tcp 0 0 *:smtp *:* LISTEN 1708/master
tcp 0 0 localhost.lo:x11-ssh-offset *:* LISTEN 5062/0
tcp 56 0 localhost.localdomain:49281 localhost.localdomain:10025 CLOSE_WAIT 2541/amavisd (ch2-a
tcp 0 0 *:imaps *:* LISTEN 1638/couriertcpd
tcp 0 0 *op3s *:* LISTEN 1650/couriertcpd
tcp 0 0 *op3 *:* LISTEN 1644/couriertcpd
tcp 0 0 *:imap *:* LISTEN 1631/couriertcpd
tcp 0 0 *:webcache *:* LISTEN 1725/httpd
tcp 0 0 *:http *:* LISTEN 1725/httpd
tcp 0 0 *:tproxy *:* LISTEN 1725/httpd
tcp 0 0 localhost6.localdoma:domain *:* LISTEN 1578/mydns
tcp 0 0 *:ssh *:* LISTEN 1399/sshd
tcp 0 0 localhost6.l:x11-ssh-offset *:* LISTEN 5062/0
tcp 0 0 *:https *:* LISTEN 1725/httpd
tcp 0 148 server1.example.com:ssh ::ffff:192.168.0.200:62673 ESTABLISHED 5062/0


Here is my maillog:

Nov 28 04:02:48 server1 postfix/smtpd[17888]: connect from unknown[127.0.0.1]
Nov 28 04:02:48 server1 postfix/trivial-rewrite[17644]: warning: do not list domain server1.example.com in BOTH mydestination and virtual_mailbox_domains
Nov 28 09:02:48 server1 postfix/smtpd[17888]: 5BD9218154: client=unknown[127.0.0.1]
Nov 28 04:02:48 server1 postfix/cleanup[17651]: 5BD9218154: message-id=<[email protected]>
Nov 28 04:02:48 server1 postfix/qmgr[1718]: 5BD9218154: from=<[email protected]>, size=14873, nrcpt=1 (queue active)
Nov 28 04:02:48 server1 postfix/trivial-rewrite[17644]: warning: do not list domain server1.example.com in BOTH mydestination and virtual_mailbox_domains
Nov 28 04:02:48 server1 amavis[2542]: (02542-03) Passed CLEAN, MYNETS LOCAL [127.0.0.1] [127.0.0.1] <[email protected]> -> <[email protected]>, Message-ID: <[email protected]>, mail_id: O59+a8Rj1pQh, Hits: -2.899, size: 14412, queued_as: 5BD9218154, 22623 ms
Nov 28 04:02:48 server1 postfix/smtp[17652]: F0E1418070: to=<[email protected]>, relay=127.0.0.1[127.0.0.1]:10024, delay=23, delays=0.15/0.05/0.01/23, dsn=2.0.0, status=sent (250 2.0.0 Ok, id=02542-03, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 5BD9218154)
Nov 28 04:02:48 server1 postfix/qmgr[1718]: F0E1418070: removed
Nov 28 09:02:48 server1 postfix/smtpd[17888]: disconnect from unknown[127.0.0.1]
Nov 28 04:02:48 server1 postfix/local[17890]: 5BD9218154: to=<[email protected]>, relay=local, delay=0.51, delays=0.31/0.09/0/0.11, dsn=2.0.0, status=sent (delivered to mailbox)
Nov 28 04:02:48 server1 postfix/qmgr[1718]: 5BD9218154: removed
Nov 28 04:05:02 server1 postfix/smtpd[27014]: connect from localhost.localdomain[127.0.0.1]
Nov 28 04:05:02 server1 postfix/smtpd[27014]: lost connection after CONNECT from localhost.localdomain[127.0.0.1]
Nov 28 04:05:02 server1 postfix/smtpd[27014]: disconnect from localhost.localdomain[127.0.0.1]
Nov 28 04:05:02 server1 pop3d: Connection, ip=[::ffff:127.0.0.1]
Nov 28 04:05:02 server1 pop3d: Disconnected, ip=[::ffff:127.0.0.1]
Nov 28 04:05:02 server1 imapd: Connection, ip=[::ffff:127.0.0.1]
Nov 28 04:05:02 server1 imapd: Disconnected, ip=[::ffff:127.0.0.1], time=0
Nov 28 04:10:03 server1 postfix/smtpd[13433]: connect from localhost.localdomain[127.0.0.1]
Nov 28 04:10:03 server1 postfix/smtpd[13433]: lost connection after CONNECT from localhost.localdomain[127.0.0.1]
Nov 28 04:10:03 server1 postfix/smtpd[13433]: disconnect from localhost.localdomain[127.0.0.1]
Nov 28 04:10:03 server1 pop3d: Connection, ip=[::ffff:127.0.0.1]
Nov 28 04:10:03 server1 pop3d: Disconnected, ip=[::ffff:127.0.0.1]
Nov 28 04:10:03 server1 imapd: Connection, ip=[::ffff:127.0.0.1]
Nov 28 04:10:03 server1 imapd: Disconnected, ip=[::ffff:127.0.0.1], time=0
Nov 28 04:15:03 server1 postfix/smtpd[669]: connect from localhost.localdomain[127.0.0.1]
Nov 28 04:15:03 server1 postfix/smtpd[669]: lost connection after CONNECT from localhost.localdomain[127.0.0.1]
Nov 28 04:15:03 server1 postfix/smtpd[669]: disconnect from localhost.localdomain[127.0.0.1]
Nov 28 04:15:03 server1 pop3d: Connection, ip=[::ffff:127.0.0.1]
Nov 28 04:15:03 server1 pop3d: Disconnected, ip=[::ffff:127.0.0.1]
Nov 28 04:15:03 server1 imapd: Connection, ip=[::ffff:127.0.0.1]
Nov 28 04:15:03 server1 imapd: Disconnected, ip=[::ffff:127.0.0.1], time=0
Nov 28 04:20:03 server1 postfix/smtpd[20528]: connect from localhost.localdomain[127.0.0.1]
Nov 28 04:20:03 server1 postfix/smtpd[20528]: lost connection after CONNECT from localhost.localdomain[127.0.0.1]
Nov 28 04:20:03 server1 postfix/smtpd[20528]: disconnect from localhost.localdomain[127.0.0.1]


And my main.cf:

# Global Postfix configuration file.
#
queue_directory = /var/spool/postfix
#
command_directory = /usr/sbin
#
daemon_directory = /usr/libexec/postfix

#
mail_owner = postfix

#inet_interfaces = all
#inet_interfaces = $myhostname
#inet_interfaces = $myhostname, localhost
inet_interfaces = all

#
unknown_local_recipient_reject_code = 550
#
debug_peer_level = 2

#
debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
xxgdb $daemon_directory/$process_name $process_id & sleep 5

#
sendmail_path = /usr/sbin/sendmail.postfix

#
newaliases_path = /usr/bin/newaliases.postfix

#
mailq_path = /usr/bin/mailq.postfix

#
setgid_group = postdrop

#
html_directory = no

#
manpage_directory = /usr/share/man

#
sample_directory = /usr/share/doc/postfix-2.3.3/samples

#
readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES
myhostname = server1.example.com
mynetworks = 127.0.0.0/8 [::1]/128
virtual_alias_domains =
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, mysql:/etc/postfix/mysql-virtual_email2email.cf
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
virtual_mailbox_base = /var/vmail
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_sasl_authenticated_header = yes
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, check_recipient_access mysql:/etc/postfix/mysql-virtual_recipient.cf, reject_unauth_destination
smtpd_use_tls = yes
smtpd_tls_security_level = may
smtpd_tls_cert_file = /etc/postfix/smtpd.cert
smtpd_tls_key_file = /etc/postfix/smtpd.key
transport_maps = proxy:mysql:/etc/postfix/mysql-virtual_transports.cf
relay_domains = mysql:/etc/postfix/mysql-virtual_relaydomains.cf
relay_recipient_maps = mysql:/etc/postfix/mysql-virtual_relayrecipientmaps.cf
virtual_create_maildirsize = yes
virtual_maildir_extended = yes
virtual_mailbox_limit_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailbox_limit_maps.cf
virtual_mailbox_limit_override = yes
virtual_maildir_limit_message = "The user you are trying to reach is over quota."
virtual_overquota_bounce = yes
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps
smtpd_sender_restrictions = check_sender_access mysql:/etc/postfix/mysql-virtual_sender.cf
smtpd_client_restrictions = check_client_access mysql:/etc/postfix/mysql-virtual_client.cf
maildrop_destination_concurrency_limit = 1
maildrop_destination_recipient_limit = 1
virtual_transport = maildrop
header_checks = regexp:/etc/postfix/header_checks
mime_header_checks = regexp:/etc/postfix/mime_header_checks
nested_header_checks = regexp:/etc/postfix/nested_header_checks
body_checks = regexp:/etc/postfix/body_checks
content_filter = amavis:[127.0.0.1]:10024
receive_override_options = no_address_mappings
relayhost = outbound.mailhop.org:2525
mailbox_size_limit = 0
message_size_limit = 0
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options =
virtual_maps = hash:/etc/postfix/virtusertable

For some reason, I don't think it is a problem with ISPConfig, but not really sure what happened.

Any suggestions?

Thanks

zog

 

Hi till,

To my knowledge, I am not using server1.example.com as a virtual domain, however, I did as you suggested and changed mydestination from server1.example.com to server2.example.com.

Still not working.

Also, as I stated in my first post, this server was working fine for about 4 months, with no changes to configuration before suddenly stopping to receive inbound e-mails.

Any other suggestion?

Thanks

zog

 

Hi till,

Just an update.

First, here is the failure notice from hotmail:

Reporting-MTA: dns;bay0-omc1-s17.bay0.hotmail.com
Received-From-MTA: dns;BAY157-W1
Arrival-Date: Fri, 26 Nov 2010 13:20:22 -0800

Final-Recipient: rfc822;[email protected]
Action: failed
Status: 4.4.7

Also, going through my log files, I did notice a problem with ntpd:
Nov 27 18:55:06 server1 ntpd[1449]: sendto(208.38.65.35) (fd=20): Invalid argument
Nov 27 18:55:12 server1 ntpd[1449]: sendto(207.171.7.152) (fd=20): Invalid argument
Nov 27 18:55:43 server1 ntpd[1449]: sendto(66.96.99.10) (fd=20): Invalid argument
Nov 27 18:56:10 server1 ntpd[1449]: sendto(208.38.65.35) (fd=20): Invalid argument
Nov 27 18:56:16 server1 ntpd[1449]: sendto(207.171.7.152) (fd=20): Invalid argument
Nov 27 18:56:47 server1 ntpd[1449]: sendto(66.96.99.10) (fd=20): Invalid argument
Nov 27 18:57:16 server1 ntpd[1449]: sendto(208.38.65.35) (fd=20): Invalid argument
Nov 27 18:57:20 server1 ntpd[1449]: sendto(207.171.7.152) (fd=20): Invalid argument
Nov 27 18:57:50 server1 ntpd[1449]: sendto(66.96.99.10) (fd=20): Invalid argument
Nov 27 18:58:21 server1 ntpd[1449]: sendto(208.38.65.35) (fd=20): Invalid argument
Nov 27 18:58:25 server1 ntpd[1449]: sendto(207.171.7.152) (fd=20): Invalid argument
Nov 27 18:58:56 server1 ntpd[1449]: sendto(66.96.99.10) (fd=20): Invalid argument

This seems to have started around the same time that I stopped receiving emails. Not sure if it is related to my problem, but I think I have fixed it with this;

http://www.ntp.org/ntpfaq/NTP-s-config.htm

I also found these entries in my log files:


STARTTLS=client, relay=[127.0.0.1], field=cn_issuer, status=failed to extract
CN: 19 Time(s)

and:

--------------------- courier mail services Begin ------------------------


**Unmatched Entries**
authdaemond - 3 Times
Installation complete: authmysql - 2 Times
stopping authdaemond children - 1 Time



---------------------- courier mail services End -------------------------

Have'nt seen this error before, so I am not sure why it's there, (google, I know).

Still looking for more errors, will post as I find them.

Thanks

zog

 

Please make sure that the MX record points to the correct server. You can check that by running

Code:

dig mx yourdomain.com

 

Hi falco,

This is what I got with dig;

[root@server1 ~]# dig mx xxx.com

; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 <<>> mx xxx.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40286
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;xxx.com. IN MX

;; ANSWER SECTION:
xxx.com. 15 IN MX 10 xxx.com.

;; Query time: 67 msec
;; SERVER: 192.168.0.1#53(192.168.0.1)
;; WHEN: Mon Nov 29 11:20:55 2010
;; MSG SIZE rcvd: 44


Does this look good to you?

Thanks

zog

 

Another thing that I am noticing is that there are no error or rejection notices in my system logs.

Is there a way to check if my firewall has suddenly started to block inbound e-mails? I can send and receive locally, ([email protected] can receive messages from [email protected] but not from [email protected], [email protected], [email protected], etc.)

 

Hi falco,

I did another dig and found something interesting:

[admin@hydra ~]$ dig mx xxx.com

; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 <<>> mx xxx.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12950
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;xxx.com. IN MX

;; ANSWER SECTION:
xxx.com. 15 IN MX 10 xxx.com.

;; Query time: 88 msec
;; SERVER: 192.168.0.1#53(192.168.0.1)
;; WHEN: Mon Nov 29 19:37:52 2010
;; MSG SIZE rcvd: 44


That all looks good. However, when I do a dig mx mail, I get the following:

[admin@hydra ~]$ dig mx mail.xxx.com

; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 <<>> mx mail.xxx.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 46187
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;mail.xxx.com. IN MX

;; AUTHORITY SECTION:
xxx.com. 10800 IN SOA dnsr02.dns2go.com. admin.dns2go.com. 20090693 30 60 86400 15

;; Query time: 49 msec
;; SERVER: 192.168.0.1#53(192.168.0.1)
;; WHEN: Mon Nov 29 19:38:02 2010
;; MSG SIZE rcvd: 89

Isn't there supposed to be an "ANSWER" section?

I have rechecked the dns data in the ISPConfig control panel, and everything seems OK.

Any suggestions?

Thanks

zog

 

Does xxx.com point to the correct server? You can check that with

Code:

dig xxx.com

An MX record for mail.xxx.com is needed only if you want to receive emails for user@mail.xxx.com.