Can not send emails to external domains

Hello guys,
today I installed completely new ISP config server with emails, dns etc.
I can send / receive emails localy and receive emails from external domains but I can not send to external domains.

Here is my main.cf

# Debian specific: Specifying a file name will cause the first
# line of that file to be used as the name. The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

readme_directory = /usr/share/doc/postfix

# See http://www.postfix.org/COMPATIBILITY_README.html -- default to 2 on
# fresh installs.
compatibility_level = 2

# TLS parameters
smtpd_tls_cert_file = /etc/postfix/smtpd.cert
smtpd_tls_key_file = /etc/postfix/smtpd.key
smtpd_use_tls = yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.

smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
myhostname = mail.sametime.cz
alias_maps = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
alias_database = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
myorigin = /etc/mailname
mydestination = mail.sametime.cz, localhost, localhost.localdomain
relayhost =
mynetworks = 127.0.0.0/8 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all
html_directory = /usr/share/doc/postfix/html
virtual_alias_domains =
virtual_alias_maps = hash:/var/lib/mailman/data/virtual-mailman, proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, proxy:mysql:/etc/postfix/mysql-virtual_email2email.cf
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
virtual_mailbox_base = /var/vmail
virtual_uid_maps = mysql:/etc/postfix/mysql-virtual_uids.cf
virtual_gid_maps = mysql:/etc/postfix/mysql-virtual_gids.cf
sender_bcc_maps = proxy:mysql:/etc/postfix/mysql-virtual_outgoing_bcc.cf
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_sasl_authenticated_header = yes
smtpd_restriction_classes = greylisting
greylisting = check_policy_service inet:127.0.0.1:10023
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_rbl_client zen.spamhaus.org, check_recipient_access mysql:/etc/postfix/mysql-virtual_recipient.cf, check_recipient_access mysql:/etc/postfix/mysql-virtual_policy_greylist.cf
smtpd_tls_security_level = may
transport_maps = hash:/var/lib/mailman/data/transport-mailman, proxy:mysql:/etc/postfix/mysql-virtual_transports.cf
relay_domains = mysql:/etc/postfix/mysql-virtual_relaydomains.cf
relay_recipient_maps = mysql:/etc/postfix/mysql-virtual_relayrecipientmaps.cf
smtpd_sender_login_maps = proxy:mysql:/etc/postfix/mysql-virtual_sender_login_maps.cf
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $sender_bcc_maps $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $smtpd_sender_login_maps
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_sasl_authenticated, permit_mynetworks, check_helo_access regexp:/etc/postfix/helo_access, reject_invalid_hostname, reject_non_fqdn_hostname, reject_invalid_helo_hostname, reject_unknown_helo_hostname, check_helo_access regexp:/etc/postfix/blacklist_helo
smtpd_sender_restrictions = check_sender_access regexp:/etc/postfix/tag_as_originating.re , permit_mynetworks, permit_sasl_authenticated, check_sender_access mysql:/etc/postfix/mysql-virtual_sender.cf, check_sender_access regexp:/etc/postfix/tag_as_foreign.re
smtpd_client_restrictions = check_client_access mysql:/etc/postfix/mysql-virtual_client.cf
smtpd_client_message_rate_limit = 100
maildrop_destination_concurrency_limit = 1
maildrop_destination_recipient_limit = 1
virtual_transport = dovecot
header_checks = regexp:/etc/postfix/header_checks
mime_header_checks = regexp:/etc/postfix/mime_header_checks
nested_header_checks = regexp:/etc/postfix/nested_header_checks
body_checks = regexp:/etc/postfix/body_checks
owner_request_special = no
smtp_tls_security_level = may
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
smtpd_tls_protocols = !SSLv2,!SSLv3
smtp_tls_protocols = !SSLv2,!SSLv3
smtpd_tls_exclude_ciphers = RC4, aNULL
smtp_tls_exclude_ciphers = RC4, aNULL
dovecot_destination_recipient_limit = 1
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
message_size_limit = 0
content_filter = amavis:[127.0.0.1]:10024
receive_override_options = no_address_mappings

and logs when trying to send email to externa domain

Nov 25 01:43:00 mail postfix/submission/smtpd[7603]: connect from ip-37-188-190-181.eurotel.cz[37.188.190.181]
Nov 25 01:43:01 mail postfix/submission/smtpd[7603]: NOQUEUE: filter: RCPT from ip-37-188-190-181.eurotel.cz[37.188.190.181]: <[email protected]>: Sender address triggers FILTER amavis:[127.0.0.1]:10026; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<[100.98.101.167]>
Nov 25 01:43:01 mail postfix/submission/smtpd[7603]: 6023EA1571: client=ip-37-188-190-181.eurotel.cz[37.188.190.181], sasl_method=PLAIN, [email protected]
Nov 25 01:43:01 mail postfix/cleanup[7607]: 6023EA1571: message-id=<[email protected]>
Nov 25 01:43:01 mail postfix/qmgr[6061]: 6023EA1571: from=<[email protected]>, size=1217, nrcpt=1 (queue active)
Nov 25 01:43:02 mail postfix/smtpd[7630]: connect from localhost[127.0.0.1]
Nov 25 01:43:02 mail postfix/smtpd[7630]: 12E35A1573: client=localhost[127.0.0.1]
Nov 25 01:43:02 mail postfix/cleanup[7607]: 12E35A1573: message-id=<[email protected]>
Nov 25 01:43:02 mail postfix/qmgr[6061]: 12E35A1573: from=<[email protected]>, size=1665, nrcpt=1 (queue active)
Nov 25 01:43:02 mail postfix/smtpd[7630]: disconnect from localhost[127.0.0.1] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5
Nov 25 01:43:02 mail amavis[6104]: (06104-03) Passed CLEAN {RelayedOutbound}, ORIGINATING LOCAL [37.188.190.181]:51997 [37.188.190.181] <[email protected]> -> <[email protected]>, Queue-ID: 6023EA1571, Message-ID: <[email protected]>, mail_id: ODdLv3pHO_pU, Hits: 2.584, size: 1217, queued_as: 12E35A1573, 185 ms
Nov 25 01:43:02 mail postfix/smtp[7627]: 6023EA1571: to=<[email protected]>, relay=127.0.0.1[127.0.0.1]:10026, delay=0.77, delays=0.57/0.02/0.01/0.18, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10027): 250 2.0.0 Ok: queued as 12E35A1573)
Nov 25 01:43:02 mail postfix/qmgr[6061]: 6023EA1571: removed
Nov 25 01:43:16 mail dovecot: imap-login: Login: user=<[email protected]>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=7633, secured, session=<l/uLgHJ7lKJ/AAAB>
Nov 25 01:43:16 mail dovecot: imap([email protected]): Logged out in=119 out=1241
Nov 25 01:43:17 mail postfix/smtp[7631]: 12E35A1573: lost connection with gmail-smtp-in.l.google.com[64.233.167.26] while receiving the initial server greeting
Nov 25 01:43:17 mail postfix/smtp[7631]: connect to gmail-smtp-in.l.google.com[2a00:1450:400c:c0a::1b]:25: Cannot assign requested address


Thank you very much for any help!

Jiri

 

are you sure, that port 25 is not blocked for outgoing connections? try telnet 64.233.167.26 25

 

Hey Florian,
yes tenlnet works fine
64.233.167.27...
Connected to gmail-smtp-in.l.google.com.
Escape character is '^]'.

Here is a log from firewall


I´m a bit out of options tbh I had an exchange server before and it worked fine. So ISP doesn´t block smtp.

 

But it has to be server misconfiguration because from the another postfix server i turned on just for testing I can send emails to all domains.

 

But when I try to telnet 64.233.167.27 25 I will get Connection closed by foreign host message

 

Ok I tried to reinstall ISPC from sratch but with CentOS, I was able to send one mail to outside domain...then Im back to same issue I´m really out of ideas here.

 

Here is my current mail log if I try to send email to gmail domain...

Nov 25 18:35:07 mail postfix/smtpd[13238]: connect from localhost[127.0.0.1]
Nov 25 18:35:07 mail postfix/smtpd[13238]: 435EA20CBA14: client=localhost[127.0.0.1]
Nov 25 18:35:07 mail postfix/cleanup[13218]: 435EA20CBA14: message-id=<[email protected]>
Nov 25 18:35:07 mail postfix/qmgr[18262]: 435EA20CBA14: from=<[email protected]>, size=951, nrcpt=1 (queue active)
Nov 25 18:35:07 mail postfix/smtpd[13238]: disconnect from localhost[127.0.0.1]
Nov 25 18:35:07 mail amavis[18295]: (18295-05) Passed CLEAN {RelayedOutbound}, MYNETS LOCAL [127.0.0.1] <[email protected]> -> <[email protected]>, Message-ID: <[email protected]>, mail_id: rHwHPKVV5YjR, Hits: 2.307, size: 510, queued_as: 435EA20CBA14, 5505 ms
Nov 25 18:35:07 mail postfix/smtp[13224]: B34F420CBA11: to=<[email protected]>, relay=127.0.0.1[127.0.0.1]:10024, delay=5.6, delays=0.05/0.01/0/5.5, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 435EA20CBA14)
Nov 25 18:35:07 mail postfix/qmgr[18262]: B34F420CBA11: removed
Nov 25 18:35:12 mail postfix/smtpd[13107]: warning: unknown[103.207.38.153]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Nov 25 18:35:16 mail postfix/qmgr[18262]: 43CBF20CBA10: from=<[email protected]>, size=1915, nrcpt=1 (queue active)
Nov 25 18:35:22 mail postfix/smtp[13245]: 435EA20CBA14: lost connection with gmail-smtp-in.l.google.com[64.233.167.27] while receiving the initial server greeting
Nov 25 18:35:22 mail postfix/smtp[13245]: connect to gmail-smtp-in.l.google.com[2a00:1450:400c:c0a::1a]:25: Network is unreachable
Nov 25 18:35:22 mail postfix/smtp[13245]: connect to alt1.gmail-smtp-in.l.google.com[2a00:1450:4010:c0a::1b]:25: Network is unreachable
Nov 25 18:35:22 mail postfix/smtpd[13107]: warning: unknown[103.207.38.153]: SASL LOGIN authentication failed: Connection lost to authentication server
Nov 25 18:35:31 mail postfix/smtp[13257]: 43CBF20CBA10: lost connection with exchange.voksys.cz[80.95.118.138] while receiving the initial server greeting
Nov 25 18:35:37 mail postfix/smtp[13245]: 435EA20CBA14: lost connection with alt1.gmail-smtp-in.l.google.com[173.194.221.27] while receiving the initial server greeting
Nov 25 18:35:46 mail postfix/smtp[13257]: 43CBF20CBA10: lost connection with backup.smarthosting.cz[109.107.203.30] while receiving the initial server greeting
Nov 25 18:35:46 mail postfix/smtp[13257]: connect to backup.smarthosting.cz[2a00:11b0:f100:1809::5]:25: Network is unreachable
Nov 25 18:35:46 mail postfix/smtp[13257]: 43CBF20CBA10: to=<[email protected]>, relay=none, delay=468, delays=438/0.01/30/0, dsn=4.4.1, status=deferred (connect to backup.smarthosting.cz[2a00:11b0:f100:1809::5]:25: Network is unreachable)

 

Is the IP you have on a black list?
Is telnet to google port 25 working or not? #3 and #5 contradict.

 

IP is not blacklisted. Here is result of telnet
[root@mail ~]# telnet 173.194.221.26 25
Trying 173.194.221.26...
Connected to 173.194.221.26.
Escape character is '^]'.
Connection closed by foreign host.

But as I said I was able to send one email to external domain...then it starded again. Also I can see outgoint smtp traffic in firewall log

 

Try https://www.mail-tester.com. hope it helps.

 

Finally managed to fix it. Firewall was scanning all outgoing SMTP/S traffic and for some reason blocked all outgoing messages. It wasn´t in a log so I tought this is not an issue. But it was.

Thanks guys for your time!

Cheers Jir