Postfix - cannot establish remote connection to send mail

Hi. I know this kind of question comes up a lot but I've been through all of them and can't for the life of me see why I'm having problems with my setup.

I have installed and configured postfix / dovecot and am able to send messages directly from the server. I am now trying to configure an email client (Mail). I can login to the server via port 143 and retrieve messages from my inbox. However I cannot connect to the server to send an email. I've opened up port 26 in the firewall as my ISP has blocked this. I'm able to telnet to port 26 on my mail server from a remote machine and can connect.



netstat -tap shows the following:

tcp 0 0 *:smtp *:* LISTEN 10661/master
tcp 0 0 *:26 *:* LISTEN 10661/master


iptables --list shows:

Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp dpt:mysql
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
ACCEPT tcp -- anywhere anywhere tcp dpt:smtp
ACCEPT tcp -- anywhere anywhere tcp dpt:26
ACCEPT tcp -- anywhere anywhere tcp dpts:ftp-data:ftp
ACCEPT tcp -- anywhere anywhere tcp dpts:50000:50050
ACCEPT tcp -- anywhere anywhere tcp dpt:http
ACCEPT tcp -- anywhere anywhere tcp dpt:https
ACCEPT tcp -- anywhere anywhere tcp dpt:imap
ACCEPT tcp -- anywhere anywhere tcp dpt:imaps
ACCEPT tcp -- anywhere anywhere tcp dptop3
ACCEPT tcp -- anywhere anywhere tcp dptop3s
ACCEPT tcp -- anywhere anywhere tcp dpt:ndmp
ACCEPT all -- localhost anywhere
ACCEPT icmp -- anywhere anywhere
REJECT all -- anywhere anywhere reject-with icmp-port-unreachable

Chain FORWARD (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere state NEW,RELATED,ESTABLISHED
REJECT all -- anywhere anywhere reject-with icmp-port-unreachable

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere state NEW,RELATED,ESTABLISHED

As you can tell this is the first time I've set up a mail server from scratch and am going round in circles now - I am so close but just need a bit of advice from any gurus out there who've had this problem before.

Many Thanks

 

- Are you authenticating yourself when you want to send mail?
- "tail -f" the mail log files and watch for entries when you try to send mail and see if you find any error messages.

 

thanks for responding so quickly! am seeing

Aug 15 11:04:43 BrightEdgeWeb postfix/anvil[12950]: statistics: max connection rate 2/60s for (26:78.86.227.26) at Aug 15 10:58:03
Aug 15 11:04:43 BrightEdgeWeb postfix/anvil[12950]: statistics: max connection count 1 for (26:78.86.227.26) at Aug 15 10:57:59
Aug 15 11:04:43 BrightEdgeWeb postfix/anvil[12950]: statistics: max cache size 1 at Aug 15 10:57:59
Aug 15 11:07:46 BrightEdgeWeb postfix/smtpd[13269]: connect from 78-86-227-26.zone2.bethere.co.uk[78.86.227.26]
Aug 15 11:07:46 BrightEdgeWeb postfix/smtpd[13269]: lost connection after EHLO from 78-86-227-26.zone2.bethere.co.uk[78.86.227.26]
Aug 15 11:07:46 BrightEdgeWeb postfix/smtpd[13269]: disconnect from 78-86-227-26.zone2.bethere.co.uk[78.86.227.26]
Aug 15 11:11:06 BrightEdgeWeb postfix/anvil[13271]: statistics: max connection rate 1/60s for (26:78.86.227.26) at Aug 15 11:07:46
Aug 15 11:11:06 BrightEdgeWeb postfix/anvil[13271]: statistics: max connection count 1 for (26:78.86.227.26) at Aug 15 11:07:46
Aug 15 11:11:06 BrightEdgeWeb postfix/anvil[13271]: statistics: max cache size 1 at Aug 15 11:07:46


does that mean anything?

 

What's the output of

Code:

netstat -tap

?

 

thanks flako. am seeing the following:


Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 *:mysql *:* LISTEN 1312/mysqld
tcp 0 0 *:ndmp *:* LISTEN 15286/perl
tcp 0 0 *:smtp *:* LISTEN 14170/master
tcp 0 0 *:26 *:* LISTEN 14170/master
tcp 0 0 *op3 *:* LISTEN 14095/dovecot
tcp 0 0 *:imap *:* LISTEN 14095/dovecot
tcp 0 0 *:http *:* LISTEN 1378/httpd
tcp 0 0 *:ssh *:* LISTEN 1227/sshd
tcp 0 0 *:https *:* LISTEN 1378/httpd

 

Looks good. What error messages do you get in your email client and in the mail log?

What's in your master.cf?

 

Hi Falko. Thanks for sticking with me!

Mail client says the following:

CONNECTED Aug 17 09:40:27.843 [kCFStreamSocketSecurityLevelNone] -- host:mail.brightanalytics.co.uk -- port:26 -- socket:0x118db51a0 -- thread:0x10053b7b0

READ Aug 17 09:40:27.860 [kCFStreamSocketSecurityLevelNone] -- host:mail.brightanalytics.co.uk -- port:26 -- socket:0x118db51a0 -- thread:0x10053b7b0
220 mail.brightanalytics.co.uk ESMTP Postfix

WROTE Aug 17 09:40:27.887 [kCFStreamSocketSecurityLevelNone] -- host:mail.brightanalytics.co.uk -- port:26 -- socket:0x118db51a0 -- thread:0x10053b7b0
EHLO [192.168.1.72]


READ Aug 17 09:40:27.918 [kCFStreamSocketSecurityLevelNone] -- host:mail.brightanalytics.co.uk -- port:26 -- socket:0x118db51a0 -- thread:0x10053b7b0
250-mail.brightanalytics.co.uk
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN


WROTE Aug 17 09:40:27.971 [kCFStreamSocketSecurityLevelNone] -- host:mail.brightanalytics.co.uk -- port:26 -- socket:0x118db51a0 -- thread:0x10053b7b0
QUIT



Postfix's master.cf contains the following:



# Postfix master process configuration file. For details on the format
# of the file, see the master(5) manual page (command: "man 5 master").
#
# ==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
# ==========================================================================
smtp inet n - n - - smtpd
26 inet n - n - - smtpd
#submission inet n - n - - smtpd
# -o smtpd_enforce_tls=yes
# -o smtpd_sasl_auth_enable=yes
# -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#smtps inet n - n - - smtpd
# -o smtpd_tls_wrappermode=yes
# -o smtpd_sasl_auth_enable=yes
# -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#628 inet n - n - - qmqpd
pickup fifo n - n 60 1 pickup
cleanup unix n - n - 0 cleanup
qmgr fifo n - n 300 1 qmgr
#qmgr fifo n - n 300 1 oqmgr
tlsmgr unix - - n 1000? 1 tlsmgr
rewrite unix - - n - - trivial-rewrite
bounce unix - - n - 0 bounce
defer unix - - n - 0 bounce
trace unix - - n - 0 bounce
verify unix - - n - 1 verify
flush unix n - n 1000? 0 flush
proxymap unix - - n - - proxymap
smtp unix - - n - - smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
relay unix - - n - - smtp
-o fallback_relay=
# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq unix n - n - - showq
error unix - - n - - error
discard unix - - n - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
anvil unix - - n - 1 anvil
scache unix - - n - 1 scache
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# Many of the following services use the Postfix pipe(8) delivery
# agent. See the pipe(8) man page for information about ${recipient}
# and other message envelope options.
# ====================================================================
#
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
#
# The Cyrus deliver program has changed incompatibly, multiple times.
#
old-cyrus unix - n n - - pipe
flags=R user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -m ${extension} ${user}
# Cyrus 2.1.5 (Amos Gouaux)
# Also specify in main.cf: cyrus_destination_recipient_limit=1
cyrus unix - n n - - pipe
user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -r ${sender} -m ${extension} ${user}
#
# See the Postfix UUCP_README file for configuration details.
#
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
#
# Other external delivery methods.
#
ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient



---


Thanks again for taking the time to help me with this I really appreciate it!

 

Code:

mh1:~# telnet mail.brightanalytics.co.uk 25
Trying 31.222.188.70...
Connected to mail.brightanalytics.co.uk.
Escape character is '^]'.
220 mail.brightanalytics.co.uk ESMTP Postfix
ehlo localhost
250-mail.brightanalytics.co.uk
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
quit
221 2.0.0 Bye
Connection closed by foreign host.
mh1:~# telnet mail.brightanalytics.co.uk 26
Trying 31.222.188.70...
Connected to mail.brightanalytics.co.uk.
Escape character is '^]'.
220 mail.brightanalytics.co.uk ESMTP Postfix
ehlo localhost
250-mail.brightanalytics.co.uk
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
quit
221 2.0.0 Bye
Connection closed by foreign host.
mh1:~#

I can connect to your server on both ports (25 and 26). Can you try another email client for testing purposes?