I'm very new to servers and ispconfig. But I've managed to install ISPConfig on dedicated server, create websites and install wordpress. But I only have 2 issues, one of them is the e-mail. I've investigated different guides, but not all are clear to me. So, I've managed to add a domain and create an e-mail. Now, I want to add that mail to my outlook, but I fail. So I need your help on this... So I've entered all the data, the e-mail, password, for the incoming / outgoing server I've added server.domain.tld (this is fqdn of my server, the one that i've chose before installing ispconfig). Incoming port 993, security SSL/TLS, Outgoing port 578, StartTLS. But it alwyas fails to connect. The issue could be also that this adress server.domain.tld is not accesible via browser, because to access the ispconfig i have to use IP:8080. The domain is registered and the IP in all records on the site where I've got my domain. The wordpress site on domain.tld which I've deployed before is working fine. So yeah, I don't know what am I missing, could you maybe advise how to get my email working and maybe access ispconfig through server.domain.tld url. Thanks in advance, really appreciate any help.
Ports, websites usually run on port 80,443. If your Wordpress is accessible, this part seems to be fine. Your Nameserver has set the servers IP for the domain.tld A/AAAA records. If your FQDN of the server is setup in a similar way using the same server IP and A/AAArecords for that domain your issue should be fixed and you can access ispconfig using domain.tld:8080
Ah indeed, it works... with domain.tld:8080 ... my domain is for example md1.com But yeah, it still does not make sense for me... what is the point of that server.md1.com which I've created. If I cannot access it through browser with this address... And how do I make my e-mail work on outlook
You created it, so you should know why you did it; ISPConfig does not create a website for the system hostname by default and such a website is normally not needed. Different services on a server have different ports, the port of ISPConfig is 8080, that#s why you add 8080 on the URL if you want to access ISPConfig. See: https://www.howtoforge.com/ispconfig-email-account/
Yes, I've created it, because I followed a guide, as I said I'm new to this and I'm getting a hang of it step by step. And now I'm stuck on e-mailing, it does not work. I think, it has to do something with fqdn of the server. So before I've installed ISPConfig I had to choose hostname, and I've chose server.mycompany.com. Now to use e-mail and to configure outlook, according to the guide, I have to choose for incoming / outgoing server the hostname, so in my case this is server.mycompany.com. So ofcourse it fails, because server.mycompany.com is not known, and I don't know how to redirect it to mail, how it exactly works, that is why my question here. I supposer when i should do ping server.mycompany.com, i should be pinging my server, but that is not the case. How do i forward this in nginx ?
Your issue is neither related to redirecting something nor to Nginx. You must add a DNS A-Record for server.mycompany.com pointing to the IP address of your server in the zone mycompany.com on the DNS server that is authoritative for this zone. The next step is to fix the problems you caused in the SSL setup by replacing the default setup for the mail system. But this requires that your hostname is working in DNS first.
Yes, yesterday I've added an A record for server.mycompany.com pointing to the IP address. So now when I ping server.mycompany.com I get a valid response. (I do not need to add MX record or something, right? A record is enough)? Regarding the SSL, wel I followed guide here on howtoforge, by running: ispconfig_update.sh --force I've chose to reconfigure services. Here is the output: Checking / creating certificate for server.mycompany.com Using certificate path /root/.acme.sh/server.mycompany.com sh: 1: cannot open /dev/tcp/127.0.0.1/80: No such file Using nginx for certificate validation acme.sh is installed, overriding certificate path to use /root/.acme.sh/server.mycompany.com But still when I try to server to https://server.mycompany.com it says not secure... and when doing some checks on sites it says no certificate. Am I missing something?
That's fine, it's not your mail system that you tested there. You can not test your mail system with a web browser anyway. Most likely you manually altered the symlinks for the mail certs, so they point to wrong locations now. Please run the following command and post the result: ls -la /etc/postfix/smtpd.*
The output of that command is: lrwxrwxrwx 1 root root 48 Aug 5 10:56 /etc/postfix/smtpd.cert -> /usr/local/ispconfig/interface/ssl/ispserver.crt -rw-r--r-- 1 root root 2021 Jul 18 15:03 /etc/postfix/smtpd.cert-20240718130345.bak lrwxrwxrwx 1 root root 48 Jul 18 15:03 /etc/postfix/smtpd.cert-20240719122425.bak -> /usr/local/ispconfig/interface/ssl/ispserver.crt lrwxrwxrwx 1 root root 48 Jul 19 14:25 /etc/postfix/smtpd.cert-20240805085626.bak -> /usr/local/ispconfig/interface/ssl/ispserver.crt lrwxrwxrwx 1 root root 48 Aug 5 10:56 /etc/postfix/smtpd.key -> /usr/local/ispconfig/interface/ssl/ispserver.key -rw------- 1 root root 3272 Jul 18 15:03 /etc/postfix/smtpd.key-20240718130345.bak lrwxrwxrwx 1 root root 48 Jul 18 15:03 /etc/postfix/smtpd.key-20240719122425.bak -> /usr/local/ispconfig/interface/ssl/ispserver.key lrwxrwxrwx 1 root root 48 Jul 19 14:25 /etc/postfix/smtpd.key-20240805085626.bak -> /usr/local/ispconfig/interface/ssl/ispserver.key I would like to add something: I've managed to connect outlook. And the good news, I do receive e-mails. But there are some issues: 1) When I start outlook I get a message: "the server you are connected to is using a security certificate that cannot be verified. The target principal name is incorrect" 2) I cannot send e-mails Config: IMAP Incoming: server.mycompany.com | 993 | SSL / TLS Outgoing: server.mycompany.com | 465 | SSL / TLS
Please read the tutorial I posted above on how to set up your email client. You are using the wrong SMTP port.
Wel indeed, I followed that guide + youtube video, but in the video you used STARTTLS, I thought to use SSL / TLS option and I thought that the port was different. Now for outgoing I've changed to StartTLS and port 587, but the e-mail are still not sent... That is the only issue right now ... if this is solved all will be working fine for me...
Which exact error does Outlook show you, and which is shown in the /var/log/mail.log file when you send an email using outlook?
Wel outlook does not show any errors. The message shown as sent. But it never arrives to my hotmail account. Here is the log: 2024-08-05T14:41:21.730313+02:00 server postfix/smtpd[4153224]: connect from unknown[178.215.236.70] 2024-08-05T14:41:23.294533+02:00 server postfix/smtpd[4153224]: warning: unknown[178.215.236.70]: SASL LOGIN authentication failed: (reason unavailable), sasl_username=info 2024-08-05T14:41:23.309251+02:00 server postfix/smtpd[4153224]: lost connection after AUTH from unknown[178.215.236.70] 2024-08-05T14:41:23.309383+02:00 server postfix/smtpd[4153224]: disconnect from unknown[178.215.236.70] ehlo=1 auth=0/1 commands=1/2 2024-08-05T14:41:39.184163+02:00 server postfix/smtpd[4153224]: warning: hostname 119-40-84-186.bdcom.com does not resolve to address 119.40.84.186: Name or service not known 2024-08-05T14:41:39.184566+02:00 server postfix/smtpd[4153224]: connect from unknown[119.40.84.186] 2024-08-05T14:41:42.057869+02:00 server postfix/smtpd[4153224]: warning: unknown[119.40.84.186]: SASL LOGIN authentication failed: (reason unavailable), [email protected] 2024-08-05T14:41:48.256769+02:00 server postfix/smtpd[4153224]: warning: unknown[119.40.84.186]: SASL LOGIN authentication failed: (reason unavailable), [email protected] 2024-08-05T14:41:54.336926+02:00 server postfix/qmgr[4133864]: BD798D27113: from=<[email protected]>, size=2713, nrcpt=1 (queue active) 2024-08-05T14:41:54.367137+02:00 server postfix/smtp[4153847]: warning: DNSSEC validation may be unavailable 2024-08-05T14:41:54.367189+02:00 server postfix/smtp[4153847]: warning: reason: dnssec_probe 'ns:.' received a response that is not DNSSEC validated 2024-08-05T14:41:58.455928+02:00 server postfix/smtpd[4153224]: warning: unknown[119.40.84.186]: SASL LOGIN authentication failed: (reason unavailable), [email protected] 2024-08-05T14:42:08.811807+02:00 server postfix/smtpd[4153224]: warning: unknown[119.40.84.186]: SASL LOGIN authentication failed: Connection lost to authentication server, [email protected] 2024-08-05T14:42:08.984691+02:00 server postfix/smtpd[4153224]: disconnect from unknown[119.40.84.186] ehlo=1 auth=0/4 rset=4 quit=1 commands=6/10 2024-08-05T14:42:24.375869+02:00 server postfix/smtp[4153847]: connect to hotmail-com.olc.protection.outlook.com[52.101.8.43]:25: Connection timed out 2024-08-05T14:42:54.406728+02:00 server postfix/smtp[4153847]: connect to hotmail-com.olc.protection.outlook.com[52.101.137.3]:25: Connection timed out 2024-08-05T14:43:24.437034+02:00 server postfix/smtp[4153847]: connect to hotmail-com.olc.protection.outlook.com[52.101.9.27]:25: Connection timed out 2024-08-05T14:43:49.084313+02:00 server dovecot: auth: Error: auth client 0 disconnected with 1 pending requests: Connection reset by peer 2024-08-05T14:43:54.467305+02:00 server postfix/smtp[4153847]: connect to hotmail-com.olc.protection.outlook.com[52.101.194.14]:25: Connection timed out 2024-08-05T14:43:54.485096+02:00 server postfix/smtp[4153847]: BD798D27113: to=<[email protected]>, relay=none, delay=11065, delays=10945/0.03/120/0, dsn=4.4.1, status=deferred (connect to hotmail-com.olc.protection.outlook.com[52.101.194.14]:25: Connection timed out) 2024-08-05T14:45:02.293152+02:00 server dovecot: imap-login: Disconnected: Connection closed (no auth attempts in 0 secs): user=<>, rip=127.0.0.1, lip=127.0.0.1, secured, session=<iueuC+8efs5/AAAB> 2024-08-05T14:45:02.293609+02:00 server dovecot: pop3-login: Disconnected: Connection closed (no auth attempts in 0 secs): user=<>, rip=127.0.0.1, lip=127.0.0.1, secured, session=<I+quC+8ePql/AAAB> 2024-08-05T14:45:02.300419+02:00 server postfix/smtpd[4154036]: connect from localhost.localdomain[127.0.0.1] 2024-08-05T14:45:02.300512+02:00 server postfix/smtpd[4154036]: lost connection after CONNECT from localhost.localdomain[127.0.0.1] 2024-08-05T14:45:02.300550+02:00 server postfix/smtpd[4154036]: disconnect from localhost.localdomain[127.0.0.1] commands=0/0 2024-08-05T14:45:29.184684+02:00 server postfix/anvil[4153226]: statistics: max connection rate 1/60s for (smtp:193.32.162.27) at Aug 5 14:38:22 2024-08-05T14:45:29.184867+02:00 server postfix/anvil[4153226]: statistics: max connection count 1 for (smtp:193.32.162.27) at Aug 5 14:38:22 2024-08-05T14:45:29.184967+02:00 server postfix/anvil[4153226]: statistics: max cache size 2 at Aug 5 14:41:39 2024-08-05T14:46:54.402274+02:00 server postfix/qmgr[4133864]: 74A69D27111: from=<[email protected]>, size=3973, nrcpt=1 (queue active) 2024-08-05T14:46:54.434305+02:00 server postfix/smtp[4154064]: warning: DNSSEC validation may be unavailable 2024-08-05T14:46:54.434375+02:00 server postfix/smtp[4154064]: warning: reason: dnssec_probe 'ns:.' received a response that is not DNSSEC validated 2024-08-05T14:47:24.465517+02:00 server postfix/smtp[4154064]: connect to hotmail-com.olc.protection.outlook.com[52.101.40.30]:25: Connection timed out 2024-08-05T14:47:53.555120+02:00 server postfix/smtpd[4154088]: warning: hostname mail.whatami.co does not resolve to address 193.32.162.27 2024-08-05T14:47:53.555172+02:00 server postfix/smtpd[4154088]: connect from unknown[193.32.162.27] 2024-08-05T14:47:54.495733+02:00 server postfix/smtp[4154064]: connect to hotmail-com.olc.protection.outlook.com[52.101.10.0]:25: Connection timed out 2024-08-05T14:47:55.181904+02:00 server postfix/smtpd[4154088]: warning: unknown[193.32.162.27]: SASL LOGIN authentication failed: (reason unavailable), [email protected] 2024-08-05T14:47:55.210289+02:00 server postfix/smtpd[4154088]: lost connection after AUTH from unknown[193.32.162.27] 2024-08-05T14:47:55.210536+02:00 server postfix/smtpd[4154088]: disconnect from unknown[193.32.162.27] ehlo=1 auth=0/1 commands=1/2 2024-08-05T14:48:24.526483+02:00 server postfix/smtp[4154064]: connect to hotmail-com.olc.protection.outlook.com[52.101.194.18]:25: Connection timed out 2024-08-05T14:48:54.555825+02:00 server postfix/smtp[4154064]: connect to hotmail-com.olc.protection.outlook.com[52.101.73.29]:25: Connection timed out 2024-08-05T14:48:54.569464+02:00 server postfix/smtp[4154064]: 74A69D27111: to=<[email protected]>, relay=none, delay=11078, delays=10958/0.03/120/0, dsn=4.4.1, status=deferred (connect to hotmail-com.olc.protection.outlook.com[52.101.73.29]:25: Connection timed out) 2024-08-05T14:50:02.311963+02:00 server dovecot: imap-login: Disconnected: Connection closed (no auth attempts in 0 secs): user=<>, rip=127.0.0.1, lip=127.0.0.1, secured, session=<19GQHe8eHpV/AAAB> 2024-08-05T14:50:02.314410+02:00 server dovecot: pop3-login: Disconnected: Connection closed (no auth attempts in 0 secs): user=<>, rip=127.0.0.1, lip=127.0.0.1, secured, session=<qt2QHe8epo1/AAAB> 2024-08-05T14:50:02.329320+02:00 server postfix/smtpd[4154248]: connect from localhost.localdomain[127.0.0.1] 2024-08-05T14:50:02.329429+02:00 server postfix/smtpd[4154248]: lost connection after CONNECT from localhost.localdomain[127.0.0.1] 2024-08-05T14:50:02.329530+02:00 server postfix/smtpd[4154248]: disconnect from localhost.localdomain[127.0.0.1] commands=0/0 2024-08-05T14:51:15.393730+02:00 server postfix/anvil[4154089]: statistics: max connection rate 1/60s for (smtp:193.32.162.27) at Aug 5 14:47:53 2024-08-05T14:51:15.393926+02:00 server postfix/anvil[4154089]: statistics: max connection count 1 for (smtp:193.32.162.27) at Aug 5 14:47:53 2024-08-05T14:51:15.394024+02:00 server postfix/anvil[4154089]: statistics: max cache size 1 at Aug 5 14:47:53 2024-08-05T14:51:53.755433+02:00 server postfix/smtpd[4154290]: connect from unknown[178.215.236.70] 2024-08-05T14:51:55.348927+02:00 server postfix/smtpd[4154290]: warning: unknown[178.215.236.70]: SASL LOGIN authentication failed: (reason unavailable), sasl_username=admin 2024-08-05T14:51:55.363367+02:00 server postfix/smtpd[4154290]: lost connection after AUTH from unknown[178.215.236.70] 2024-08-05T14:51:55.363447+02:00 server postfix/smtpd[4154290]: disconnect from unknown[178.215.236.70] ehlo=1 auth=0/1 commands=1/2 What also is very strange that er a lot of connected / disconnected .. is it normal? And what is this exactly: 2024-08-05T14:47:55.181904+02:00 server postfix/smtpd[4154088]: warning: unknown[193.32.162.27]: SASL LOGIN authentication failed: (reason unavailable), [email protected] like someone is trying to connect to me ? But anyways regarding sending the e-mail, from [email protected] to [email protected] and ... connection timed out
Ok, that's something completely different as what you claimed. It means you can send emails with Outlook successfully, and the email log confirms this. Your problem is that your email server is not able to connect on port 25 to other systems. Contact the datacenter or provider of the internet connection for this server to open port 25 outgoing in their external firewall.
Which message? I did not see log for sent message. You should only show the relevant part of the log. Is the message still in mail queue? See with command mailq. Servers get connection attempts from all over the Internet all the time.
It is not sent, because it is still there and tries over everytime: 2024-08-05T15:13:54.707307+02:00 server postfix/smtp[4156226]: E5972D2789F: to=<[email protected]>, relay=none, delay=11164, delays=11044/0.03/120/0, dsn=4.4.1, status=deferred (connect to hotmail-com.olc.protection.outlook.com[52.101.40.3]:25: Connection timed out)
This means it was sent by Outlook, so sending was fine. What fails is the connect between your server and hotmail. I told you what to do to get that fixed, as its not an issue on your system.
Ok, I'll contact and I'll ask to open port 25 if it is closed, can I somehow test it myself? And to be safe are you guys sure it is ok that I see this in the logs: 1) 2024-08-05T15:22:24.444699+02:00 server postfix/smtp[4156663]: connect to mx.1secmail.com[178.32.61.35]:25: Connection timed out 2024-08-05T15:22:24.462274+02:00 server postfix/smtp[4156663]: 46387D2167B: to=<[email protected]>, relay=none, delay=109434, delays=109404/0.02/30/0, dsn=4.4.1, status=deferred (connect to mx.1secmail.com[178.32.61.35]:25: Connection timed out) wth is this [email protected] 2) 2024-08-05T15:17:59.008986+02:00 server postfix/smtpd[4156409]: warning: unknown[193.32.162.74]: SASL LOGIN authentication failed: (reason unavailable), [email protected] I don't have feedback mailbox for mycompany.com, it feels like someone is trying different e-mails with my domain name Is this all normal, or someone is trying to hack? ))))))
If you have not sent it or use software that has sent it, then it's not OK. But it was not sent anyway, as your system can not send emails while port 25 is closed. But you can use the postcat command to inspect the email in the mailqueue to see what it contains. There will be always someone trying to send email through your systems, that's normal for any system connected to the net. That#s why your system has fail2ban installed and why you should always use a secure password.
FYI, you were right I read on the site : "Unfortunately, spamming is a big problem. And we naturally want to prevent this. That's why we block outgoing traffic on ports 25 and 465 by default on all servers. This is a very common practice in the hosting industry because it prevents abuse." I can unblock it within few days... it is fine... No ofcourse I have not sent it, that is why I'm asking, very strange. I'll investigate. I was not expecting that there would be SOOOO much unknown activity be going on, like there are many requests with different names trying to authenticate... wow And yes, I'm using secure password. Fail2ban is active and running right?
