Hello I am very new to linux servers and ISP / Dovecot / Postfix So I got my server up and running with everything working for now, besides my mails. Postfix is configured as follows: Code: # See /usr/share/postfix/main.cf.dist for a commented, more complete version # Debian specific: Specifying a file name will cause the first # line of that file to be used as the name. The Debian default # is /etc/mailname. #myorigin = /etc/mailname smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) biff = no # appending .domain is the MUA's job. append_dot_mydomain = no # Uncomment the next line to generate "delayed mail" warnings #delay_warning_time = 4h readme_directory = /usr/share/doc/postfix # See http://www.postfix.org/COMPATIBILITY_README.html -- default to 2 on # fresh installs. compatibility_level = 2 # TLS parameters smtpd_tls_cert_file = /etc/postfix/smtpd.cert smtpd_tls_key_file = /etc/postfix/smtpd.key smtpd_use_tls = yes smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for # information on enabling SSL in the smtp client. smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination mydomain = mail.nushara.com alias_maps = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases alias_database = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases myorigin = /etc/mailname mydestination = mail.nushara.com, mail.nushara.com., nushara.com, nushara.com., localhost, localhost.localdomain mynetworks = localhost mailbox_size_limit = 0 recipient_delimiter = + inet_interfaces = all inet_protocols = all html_directory = /usr/share/doc/postfix/html virtual_alias_domains = virtual_alias_maps = hash:/var/lib/mailman/data/virtual-mailman, proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, proxy:mysql$ virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf virtual_mailbox_base = /var/vmail virtual_uid_maps = mysql:/etc/postfix/mysql-virtual_uids.cf virtual_gid_maps = mysql:/etc/postfix/mysql-virtual_gids.cf sender_bcc_maps = proxy:mysql:/etc/postfix/mysql-virtual_outgoing_bcc.cf smtpd_sasl_auth_enable = yes broken_sasl_auth_clients = yes smtpd_sasl_authenticated_header = yes smtpd_restriction_classes = greylisting greylisting = check_policy_service inet:127.0.0.1:10023 smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_rbl_client zen.spamh$ smtpd_tls_security_level = may transport_maps = hash:/var/lib/mailman/data/transport-mailman, proxy:mysql:/etc/postfix/mysql-virtual_transports.cf relay_domains = mysql:/etc/postfix/mysql-virtual_relaydomains.cf relay_recipient_maps = mysql:/etc/postfix/mysql-virtual_relayrecipientmaps.cf smtpd_sender_login_maps = proxy:mysql:/etc/postfix/mysql-virtual_sender_login_maps.cf proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $sender_bcc_maps $virtual_mailbox$ smtpd_helo_required = yes smtpd_helo_restrictions = permit_sasl_authenticated, permit_mynetworks, check_helo_access regexp:/etc/postfix/helo_access, reject_i$ smtpd_sender_restrictions = check_sender_access regexp:/etc/postfix/tag_as_originating.re , permit_mynetworks, permit_sasl_authenti$ smtpd_client_restrictions = check_client_access mysql:/etc/postfix/mysql-virtual_client.cf smtpd_client_message_rate_limit = 100 maildrop_destination_concurrency_limit = 1 maildrop_destination_recipient_limit = 1 virtual_transport = dovecot header_checks = regexp:/etc/postfix/header_checks mime_header_checks = regexp:/etc/postfix/mime_header_checks nested_header_checks = regexp:/etc/postfix/nested_header_checks body_checks = regexp:/etc/postfix/body_checks owner_request_special = no smtp_tls_security_level = may smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3 smtpd_tls_protocols = !SSLv2,!SSLv3 smtp_tls_protocols = !SSLv2,!SSLv3 smtpd_tls_exclude_ciphers = RC4, aNULL smtp_tls_exclude_ciphers = RC4, aNULL dovecot_destination_recipient_limit = 1 smtpd_sasl_type = dovecot smtpd_sasl_path = private/auth content_filter = amavis:[127.0.0.1]:10024 receive_override_options = no_address_mappings message_size_limit = 0 I am able to log in with Mailbird to get access to the account. Roundcube is also working. But sending is not giving me any error but do not send mails and receiving is giving me Code: Reporting-MTA: dns; googlemail.com Received-From-MTA: dns; [email protected] Arrival-Date: Thu, 12 Sep 2019 06:43:28 -0700 (PDT) X-Original-Message-ID: <[email protected]> Final-Recipient: rfc822; [email protected] Action: failed Status: 5.7.1 Remote-MTA: dns; mail.nushara.com. (85.114.133.20, the server for the domain nushara.com.) Diagnostic-Code: smtp; 554 5.7.1 <[email protected]>: Relay access denied Last-Attempt-Date: Thu, 12 Sep 2019 06:43:30 -0700 (PDT) Is there any way you can help me?
You added the domain nushara.com manually in the mydestination line in main.cf, so all addresses for this domain must fail. Change the line to: mydestination = mail.nushara.com, localhost, localhost.localdomain and restart postfix.
Thanks for the fast reply. At least this fixed something, but now I am getting the following issue: Code: This is the mail system at host v22019078654392401.mail.nushara.com. I'm sorry to have to inform you that your message could not be delivered to one or more recipients. It's attached below. For further assistance, please send mail to postmaster. If you do so, please include this problem report. You can delete your own text from the attached returned message. The mail system <[email protected]>: host gmail-smtp-in.l.google.com[2a00:1450:400c:c08::1b] said: 550-5.7.1 [2a03:4000:37:4ad:640a:8bff:fe7f:e663] Our system has detected that 550-5.7.1 this message does not meet IPv6 sending guidelines regarding PTR 550-5.7.1 records and authentication. Please review 550-5.7.1 https://support.google.com/mail/?p=IPv6AuthError for more information 550 5.7.1 . l24si56014wmg.136 - gsmtp (in reply to end of DATA command) Also the "554 5.7.1 <[email protected]>: Relay access denied" issue is still present
The message tells you what to do. Google tells you that they do not accept your email because you missed to set up a PTR record for the IPv6 address of your server at your server provider.
Ok so I've checked my DNS records in ISP and found that there is no PTR record. But What do I have to put into the two inputs? Putting in my IPv6 is not working. And the onlything i found on the net are some "zones" but this still does not give me a clue what to do here. Would be great if you could explain this to me, since I am not that much into all this domain / networking stuff. Thank you in advance!
The PTR is normally not set in ISPConfig, it is set in the server control panel of your datacenter provider or it is set by the provider which assigned you that IP.
Ok so since I can not have an impact on this, I've changed the inet_protocols = ipv4 and restarted. Now the mail got into my spam but thats a gmail issue i think (already contacted barracuda or some sort of service) So now I need to figure out how to solve the receiving issue. Any idea on that?
You did not post any error messages about a receiving problem except the one that was solved already in post #2.
Ok so when I try to send a mail to the address I get an error from google: Code: 554 5.7.1 <[email protected]>: Relay access denied with a file attached: Code: Reporting-MTA: dns; googlemail.com Received-From-MTA: dns; [email protected] Arrival-Date: Thu, 12 Sep 2019 07:37:06 -0700 (PDT) X-Original-Message-ID: <[email protected]> Final-Recipient: rfc822; [email protected] Action: failed Status: 5.7.1 Remote-MTA: dns; mail.nushara.com. (85.114.133.20, the server for the domain nushara.com.) Diagnostic-Code: smtp; 554 5.7.1 <[email protected]>: Relay access denied Last-Attempt-Date: Thu, 12 Sep 2019 07:37:25 -0700 (PDT) The IP shown (85.114.133.20) is not the same as the ip of my server. But I dont know, where this is coming from (maybe google?) this is also not my local ip of my ISP i am connected to atm.
Then the DNS record of your domain is wrong then. Find out which the authoritative DNS server of your domain is and change the record there. you can e.g. use intodns.com to check the DNS record and find out the right server. The DNS server is not necessarily the one on your ISPConfig system! Also be aware that changes in DNS may take 24 hours, so don't expect and immediate change.
Ok so it looks like the mx record is wrong in some way.. MX Records 10 mail.nushara.com 85.114.133.20 Right now i have the following MX Records: MX mail mail.nushara.com 10 60 MX nushara.com. nushara.com. 10 3600 So I change this to nushara.com to see if the ip is valid after the dns refresh I will report back if there is any progress. Thank you very much for your help!
You said above that 85.114.133.20 is not the IP of the server, but it must point to the IP of the server.
right now it is pointing to: A mail 91.132.145.24 0 3600 So I dont know, there this other IP is coming from
According to intodns, you seem to have removed the mail A-Record "10 mail.nushara.com No A Record (no glue either)". You have to add it again with the right IPv4 address of your server.
And take care to change it on the right dns servers, the ones you have to change are: ns01.domainssaubillig.de. ['195.191.92.10'] (NO GLUE) [TTL=172800] ns02.domainssaubillig.de. ['195.191.93.10'] (NO GLUE) [TTL=172800]
Please re-read post #10 and #17, I explained it there. Your problem is not related to your ISPConfig server in any way because your ISPConfig server is not the DNS server of that domain. So if you add a dns record on your ISPConfig server does not matter when your ISPConfig server is not the DNS server of that domain. Or do you think your DNS server would be the one for google.com just because you add google.com in the dns manager? So, you registered the domain name at a company named domainssaubillig as it seems and the DNS servers of that company are responsible for your domain. What you have to do is: 1) Delete the DNS zone you added on your ISPConfig system as it makes no sense to add DNS records on servers that are not authoritative for a domain. 2) login to the domain management panel of the company where you registered your domain name and set the correct DNS records there.
Ok, now that I have added them to the hoster it seems to work. I can now receive mails too But why is the service freaking out about the name server so much? You also mentioned this might be an issue right? Do I have to change them too?
