okay here is my problem. I followed the perfect debian lenny. I have smtp port set to 587. internally mail is delivered and sent fine. I can send to the outside world but not receive from the outside world. My contact forms on my websites work perfectly but I have tried to send test emails from both gmail and yahoo to my mail server and none have been received. This is true for two different domains both with dns hosted outside my own server. mx records have been setup and using mxtoolbox I am able to do discovery on both domains. these are all outputs from my linux debian router iptables -L output: Chain FORWARD (policy DROP) target prot opt source destination ACCEPT icmp -- anywhere anywhere limit: avg 10/sec burst 5 TCPMSS tcp -- anywhere anywhere tcp flags:SYN,RST/SYN TCPMSS clamp to PMTU ACCEPT tcp -- anywhere 192.168.0.100 tcp dpt:imap2 ACCEPT udp -- anywhere 192.168.0.100 udp dpt:imap2 ACCEPT tcp -- anywhere 192.168.0.100 tcp dptop3 ACCEPT udp -- anywhere 192.168.0.100 udp dptop3 ACCEPT tcp -- anywhere 192.168.0.100 tcp dpt:ftp ACCEPT udp -- anywhere 192.168.0.100 udp dpt:fsp ACCEPT tcp -- anywhere 192.168.0.100 tcp dpt:ssh ACCEPT udp -- anywhere 192.168.0.100 udp dpt:ssh ACCEPT tcp -- anywhere 192.168.0.100 tcp dpt:http-alt ACCEPT udp -- anywhere 192.168.0.100 udp dpt:http-alt ACCEPT tcp -- anywhere 192.168.0.100 tcp dpt:https ACCEPT udp -- anywhere 192.168.0.100 udp dpt:https ACCEPT tcp -- anywhere 192.168.0.100 tcp dpt:www ACCEPT udp -- anywhere 192.168.0.100 udp dpt:www ACCEPT tcp -- anywhere 192.168.0.100 tcp dpt:submission ACCEPT udp -- anywhere 192.168.0.100 udp dpt:submission ACCEPT tcp -- anywhere 192.168.0.100 tcp dpt:smtp ACCEPT udp -- anywhere 192.168.0.100 udp dpt:25 OUTBOUND all -- anywhere anywhere ACCEPT tcp -- anywhere 192.168.0.0/24 state RELATED,ESTABLISHED ACCEPT udp -- anywhere 192.168.0.0/24 state RELATED,ESTABLISHED dig output for one domain ; <<>> DiG 9.6-ESV-R1 <<>> pcmedicalclinic.info ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 47423 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0 ;; QUESTION SECTION: ;pcmedicalclinic.info. IN A ;; ANSWER SECTION: pcmedicalclinic.info. 7200 IN A xxx.xxx.xxx.xxx ;; AUTHORITY SECTION: pcmedicalclinic.info. 7200 IN NS ns2.zoneedit.com. pcmedicalclinic.info. 7200 IN NS ns17.zoneedit.com. ;; Query time: 142 msec ;; SERVER: 24.247.24.53#53(24.247.24.53) ;; WHEN: Sun Sep 19 08:56:52 2010 ;; MSG SIZE rcvd: 103 dig for second domain: ; <<>> DiG 9.6-ESV-R1 <<>> bandacabinets.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 13599 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0 ;; QUESTION SECTION: ;bandacabinets.com. IN A ;; ANSWER SECTION: bandacabinets.com. 3600 IN A xxx.xxx.xxx.xxx ;; AUTHORITY SECTION: bandacabinets.com. 3600 IN NS ns10.domaincontrol.com. bandacabinets.com. 3600 IN NS ns09.domaincontrol.com. ;; Query time: 43 msec ;; SERVER: 24.247.24.53#53(24.247.24.53) ;; WHEN: Sun Sep 19 09:00:17 2010 ;; MSG SIZE rcvd: 103 output of telnet localhost 25: Trying 127.0.0.1... Trying ::1... telnet: Unable to connect to remote host: Connection refused server:~# telnet localhost 25 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. 220 server.pcmedicalclinic.info ESMTP Exim 4.69 Sun, 19 Sep 2010 09:04:03 -0400 ehlo localhost 250-server.pcmedicalclinic.info Hello localhost [127.0.0.1] 250-SIZE 52428800 250-PIPELINING 250 HELP here is the output of netstat -antuwp | egrep "(^[^t])|(tcp.*LISTEN)" tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 1864/portmap tcp 0 0 0.0.0.0:10000 0.0.0.0:* LISTEN 3771/perl tcp 0 0 0.0.0.0:51 0.0.0.0:* LISTEN 10411/sshd tcp 0 0 0.0.0.0:50292 0.0.0.0:* LISTEN 1875/rpc.statd tcp 0 0 66.188.44.194:53 0.0.0.0:* LISTEN 3070/named tcp 0 0 192.168.0.1:53 0.0.0.0:* LISTEN 3070/named tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 3070/named tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 3141/cupsd tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 3424/exim4 tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 3070/named tcp6 0 0 :::51 :::* LISTEN 10411/sshd tcp6 0 0 :::53 :::* LISTEN 3070/named tcp6 0 0 ::1:631 :::* LISTEN 3141/cupsd tcp6 0 0 ::1:953 :::* LISTEN 3070/named udp 0 0 0.0.0.0:32906 0.0.0.0:* 1875/rpc.statd udp 0 0 0.0.0.0:779 0.0.0.0:* 1875/rpc.statd udp 0 0 0.0.0.0:10000 0.0.0.0:* 3771/perl udp 0 0 127.0.0.1:921 0.0.0.0:* 3100/lwresd udp 0 0 66.188.44.194:53 0.0.0.0:* 3070/named udp 0 0 192.168.0.1:53 0.0.0.0:* 3070/named udp 0 0 127.0.0.1:53 0.0.0.0:* 3070/named udp 0 0 0.0.0.0:67 0.0.0.0:* 6239/dhcpd3 udp 0 0 0.0.0.0:68 0.0.0.0:* 3574/dhclient udp 0 0 0.0.0.0:5353 0.0.0.0:* 3054/avahi-daemon: udp 0 0 0.0.0.0:111 0.0.0.0:* 1864/portmap udp 0 0 0.0.0.0:60918 0.0.0.0:* 3054/avahi-daemon: udp 0 0 0.0.0.0:631 0.0.0.0:* 3141/cupsd udp6 0 0 :::53 :::* 3070/named udp6 0 0 :::52712 :::* 3054/avahi-daemon: udp6 0 0 :::5353 :::* 3054/avahi-daemon: raw 0 0 0.0.0.0:1 0.0.0.0:* 7 6239/dhcpd3 now from my webserver: here is the output of netstat -antuwp | egrep "(^[^t])|(tcp.*LISTEN)" PID/Program name tcp 0 0 0.0.0.0:40420 0.0.0.0:* LISTEN 1642/rpc.statd tcp 0 0 127.0.0.1:10024 0.0.0.0:* LISTEN 9420/amavisd (maste tcp 0 0 127.0.0.1:10025 0.0.0.0:* LISTEN 23761/master tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN 12414/mysqld tcp 0 0 0.0.0.0:587 0.0.0.0:* LISTEN 23761/master tcp 0 0 127.0.0.1:783 0.0.0.0:* LISTEN 2032/spamd.pid tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 1631/portmap tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN 16219/pure-ftpd (SE tcp 0 0 192.168.0.100:53 0.0.0.0:* LISTEN 2585/mydns tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 2585/mydns tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1847/sshd tcp 0 0 127.0.0.1:761 0.0.0.0:* LISTEN 2705/famd tcp6 0 0 :::993 :::* LISTEN 2562/couriertcpd tcp6 0 0 :::995 :::* LISTEN 2580/couriertcpd tcp6 0 0 :::110 :::* LISTEN 2568/couriertcpd tcp6 0 0 :::143 :::* LISTEN 2550/couriertcpd tcp6 0 0 :::8080 :::* LISTEN 1661/apache2 tcp6 0 0 :::80 :::* LISTEN 1661/apache2 tcp6 0 0 :::8081 :::* LISTEN 1661/apache2 tcp6 0 0 :::21 :::* LISTEN 16219/pure-ftpd (SE tcp6 0 0 ::1:53 :::* LISTEN 2585/mydns tcp6 0 0 :::22 :::* LISTEN 1847/sshd udp 0 0 192.168.0.100:53 0.0.0.0:* 2585/mydns udp 0 0 127.0.0.1:53 0.0.0.0:* 2585/mydns udp 0 0 0.0.0.0:46135 0.0.0.0:* 1642/rpc.statd udp 0 0 0.0.0.0:970 0.0.0.0:* 1642/rpc.statd udp 0 0 0.0.0.0:111 0.0.0.0:* 1631/portmap udp 0 0 192.168.0.100:123 0.0.0.0:* 2720/ntpd udp 0 0 127.0.0.1:123 0.0.0.0:* 2720/ntpd udp 0 0 0.0.0.0:123 0.0.0.0:* 2720/ntpd udp6 0 0 ::1:53 :::* 2585/mydns udp6 0 0 fe80::201:6cff:fed4:123 :::* 2720/ntpd udp6 0 0 ::1:123 :::* 2720/ntpd udp6 0 0 :::123 :::* 2720/ntpd the output of telnet localhost 587 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. 220 server.pcmedserver.info ESMTP Postfix (Debian/GNU) ehlo localhost 250-server.pcmedserver.info 250-PIPELINING 250-SIZE 250-VRFY 250-ETRN 250-STARTTLS 250-AUTH LOGIN PLAIN 250-AUTH=LOGIN PLAIN 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN hope that this is enough for you to troubleshoot my problem.
more info when I use telnet server 143 it connects but when i try 01 LOGIN user name and password using the log in I set up in ispconfig i get 01 NO Login failed. Connection closed by foreign hos mx for one domain dns at godaddy.com: 0 smtp.bandacabinets.com xxx.xxx.xxx.xxx 30 min SMTP Test 10 mail.bandabinets.com 0.0.0.0 30 min SMTP Test for second domain dns at zoneedit.com: 0 mail.pcmedicalclinic.info xxx.xxx.xxx.xxx 2 hrs SMTP Test Blacklist Check 20 smtp.pcmedicalclinic.info xxx.xxx.xxx.xxx 2 hrs SMTP Test
I think the problem is that you use port 587 instead of 25. Gmail and any other external mail server will try to connect to your server on port 25.
Thanks Falko its all fixed. I had to change the master.cf to look like this: submission inet n - - - - smtpd -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject -o milter_macro_daemon_name=ORIGINATING uncommented those lines and all works perfectly now.
