I followed this wheezy howto to setup my Debian Wheezy server. I made an alteration in also installing apache2 and configuring nginx to reverse proxy php pages to apache2 and that works great. I created an SSL certificate from startssl and followed this guide in setting up my cert. My ISPConfig panel now uses the signed cert so I'm assuming it was installed correctly. I created an email is ISPConfig and when I setup the email on my Android Galaxy S2x, I used IMAP, typed in my server address and chose TLS (accept all certs) and it passed the incoming server settings just fine. I chose the same for "outgoing" settings and get this message "Unable to connect to email server to verify your account information. No response from server". Code: Mxtoolbox reports: Connecting to 199.217.118.33 10/31/2013 3:50:41 PM Connection attempt #1 - Unable to connect after 15 seconds. [15.02 sec] 10/31/2013 3:51:01 PM Connection attempt #2 - Unable to connect after 15 seconds. [15.03 sec] MXTB-PWS3v2 35054ms maillog reports Code: Oct 31 15:40:33 topaz postfix/master[22549]: daemon started -- version 2.9.6, configuration /etc/postfix Oct 31 15:45:01 topaz dovecot: imap-login: Disconnected (disconnected before greeting, waited 0 secs): user=<>, rip=127.0.0.1, lip=127.0.0.1, secured, session=</hEQhg/qQgB/AAAB> Oct 31 15:45:01 topaz dovecot: pop3-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=127.0.0.1, lip=127.0.0.1, secured, session=<308Qhg/q8AB/AAAB> Oct 31 15:45:01 topaz postfix/smtpd[22652]: connect from localhost[127.0.0.1] Oct 31 15:45:01 topaz postfix/smtpd[22652]: lost connection after CONNECT from localhost[127.0.0.1] Oct 31 15:45:01 topaz postfix/smtpd[22652]: disconnect from localhost[127.0.0.1] Oct 31 15:45:01 topaz postfix/pickup[22550]: C71A250813D8: uid=0 from=<root> Oct 31 15:45:01 topaz postfix/cleanup[22682]: C71A250813D8: message-id=<[email protected]> Oct 31 15:45:01 topaz postfix/qmgr[22551]: C71A250813D8: from=<root@***.us.unmetered.com>, size=653, nrcpt=1 (queue active) Oct 31 15:45:02 topaz dovecot: imap([email protected]): Disconnected: IMAP session state is inconsistent, please relogin. in=97 out=872 /etc/dovecot/dovecot.conf (partial): Code: listen = *,[::] protocols = imap pop3 auth_mechanisms = plain login disable_plaintext_auth = no log_timestamp = "%Y-%m-%d %H:%M:%S " mail_privileged_group = vmail ssl_cert = </etc/postfix/smtpd.cert ssl_key = </etc/postfix/smtpd.key ## must be re-added after an ISPConfig update!!! ssl_ca = < /usr/local/ispconfig/interface/ssl/startssl.chain.class1.server.crt /etc/postfix/main.cf (partial): Code: # TLS parameters smtpd_tls_cert_file = /etc/postfix/smtpd.cert smtpd_tls_key_file = /etc/postfix/smtpd.key smtpd_use_tls = yes smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache hostname: Code: topaz:/etc/postfix# hostname topaz topaz:/etc/postfix# hostname -f topaz.bordereastcreative.com telnet: Code: topaz:/etc/postfix# telnet localhost 25 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. 220 topaz.bordereastcreative.com ESMTP Postfix C:\Users\andrew>telnet topaz.bordereastcreative.com 25 Connecting To topaz.bordereastcreative.com...Could not open connection to the ho st, on port 25: Connect failed C:\Users\andrew>telnet topaz.bordereastcreative.com 587 Connecting To topaz.bordereastcreative.com...Could not open connection to the ho st, on port 587: Connect failed Code: topaz:/etc/postfix# iptables -nL | grep 587 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:587 PAROLE tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:587 Not sure what else to try. Suggestions greatly appreciated.
If I'm not wrong, the outcome of hostname and hostname -f must be exactly the same, in your case both should be "topaz.bordereastcreative.com" without quotes. Check the settings in /etc/hosts
I thought that only the -f option need the FQDN. I modified it to have both, did a reboot to ensure it was picked up but still unable to connect via SMTP. I have a feeling the port is blocked at some level as I can't telnet to it, but can't figure out where its being blocked.
May you try to change the SMTP Port to Port 26. Some ISP's blocking Port 25 if not used with their own SMTP Server.
My ISP is most certainly blocking port 25 but I'm using port 587 (TLS) and disconnected my phone from my home wifi as I know my cell phone provider doesn't block port 25. Trying port 587 on my laptop doesn't work either, as I thought maybe its just my phone being crazy.
FYI, google just sent a delivery status: Code: Technical details of temporary failure: The recipient server did not accept our requests to connect. Learn more at http://support.google.com/mail/bin/answer.py?answer=7720 [(10) topaz.bordereastcreative.com. [199.217.118.33]:25: Connection refused] [(100) mail.haikuofmine.com. [199.217.118.33]:25: Connection refused] Is it possible a firewall besides iptables is blocking the ports?
Could be a firewall problem. Did in your install Bastille running? Check in ISPConfig CP under the System Tab System -->Firewall. Look that the ports your need are set correctly, if not add them. You could also stop the Bastille Firewall using: Code: /etc/init.d/bastille-firewall stop If you use any other firewall, also inside your Modem/Router you'll have to check that settings as well.
Please use English language only. If you're not capable of that, translate using Google Translate http://translate.google.com/ Thanks.
I stopped bastille, with no luck, I may need to check if the hostname is properly set in all places though, if any setting got just topaz instead of topaz.domainname.com I might have an issue there. I'll check that later and report.
I stopped bastille and tried ufw, then stopped that too but still cannot telnet to 587 at all. I can telnet to 22, 110 but not any of the smtp ports, 25, 587,465,443. I'm at a loss as to what this could be.
This is weird. What else could be blocking this? Going to check with service provider to see if a hardware firewall is in place somewhere. Code: topaz:/home/agrothe# telnet topaz.bordereastcreative.com 587 Trying 199.217.118.33... telnet: Unable to connect to remote host: Connection refused topaz:/home/agrothe# telnet localhost 587 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. 220 topaz.bordereastcreative.com ESMTP Postfix
Take a look at this picture: I checked some of your ports for e-mail, you see the result. If connection is refused, didn't mean that the port is closed in your system, could be just in that computer using the IP tested. That seems to be in your case. check other, various ports from which you know they're not used or blocked(closed). Try to set your SMTP to one of that port and adjust the software in server accordingly and than try mail again. Sign up to http://my-addr.com/ it's free and have some useful tools, like the port check. Hope that helps you to solve the problem.
I had run some more test on your IP, if that is the used IP of your server, and found that nearly all port's are prohibit for to be used on that server. That clearly show's that the server on that IP is heavy protected by some hard- or software device. That's what you've to overcome. If that server is in your office/home, check with to set your server on DMZ for testing. That have to be done in Modem/Router, where 1 LAN IP is open for to be set to DMZ and will bypass therefore all limits of security in Modem/Router. DMZ stands for De Militarized Zone or Not ANY Protection. Only use that settings for testing!! If the server is located in an Data Center as Dedicated or even (Shared) Hosting Server, you have to contact your service provider. Same applies if your Server is running on VPS! Good luck.
This is a dedicated box at a hosting center. The hosting support confirmed no firewall outside of the box and ran this: Code: Not shown: 981 closed ports PORT STATE SERVICE 21/tcp open ftp 22/tcp open ssh 53/tcp open domain 80/tcp open http 110/tcp open pop3 143/tcp open imap 993/tcp open imaps 995/tcp open pop3s 8000/tcp open http-alt 8080/tcp open http-proxy 8081/tcp open blackice-icecap Read data files from: /usr/share/nmap Nmap done: 1 IP address (1 host up) scanned in 1.54 seconds Apparently the ports are "not open" but I thought setting up postfix/dovecot would open them.
Wondering if the mynetworks parameter needs adjusting? Code: alias_maps = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases alias_database = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases myorigin = /etc/mailname mydestination = topaz.bordereastcreative.com, localhost, localhost.localdomain relayhost = mynetworks = 127.0.0.0/8 [::1]/128 mailbox_size_limit = 0 recipient_delimiter = + inet_interfaces = 127.0.0.1 default_transport = error relay_transport = error
fixed by adding IP address here: Code: inet_interfaces = 66.66.66.66,127.0.0.1 and by commenting these lines: Code: #default_transport = error #relay_transport = error Now off to fix the spam issue, but thats another question
Regarding your open port list you didn't have: Port 25 = SMTP Port 465 = SMTPS Port 587 = SMTPS Port 3306 = MySQL (both tcp and UDP) Port 53 - DNS (UDP) Those are ports which need to be open all times too (SMTP/SMTPS one of them). Your first concern should be to get all needed Ports open for working!
