Very begining steps after installation

+++++ SOS +++++

hi till,

i am enlightened.

the no pad lock is fine with me. however, i am trying to recreate a reseller hosting with this setup. so the alarm bell which firefox (or chrome) rings is very loud, so loud that it will scare the uninitiated reseller (or customer).

i was thinking that the letsencypt installation step and step thereafter mentioned in the perfect server ...... will somehow ........ magically pick up the server1.mydomain.tld hostname and put a green padlock to it. have i misunderstood this.

According to mxtoolbox.com the reverse dns of my ip xx.xx.xxx.xxx points to xx.xx.xxx.xxx.vultr.com

please advise what is the expected output of this. is it ...

Code:

server1.mydomain.tld 

then the port blocking test yielded the below result.

Code:

user1@server1:~$ telnet xx.xx.xxx.xxx 25
Trying xx.xx.xxx.xxx...
Connected to xx.xx.xxx.xxx.
Escape character is '^]'.
220 server1.mydomain.tld ESMTP Postfix (Debian/GNU)

 

hi till + Taleman,

Good news!. I am able to configure LE https://server1.myhostname.tld:8080 atlast. thanks to the ahrasis guide you posted. that leaves me still with "not abling send outgoing emails" issue. following are the some log files for you.

user@server1:~$ telnet alt2.gmail-smtp-in.l.google.com 25

Code:

Trying 74.125.198.27...
Trying 2607:f8b0:4003:c05::1b...
telnet: Unable to connect to remote host: Network is unreachable

user@server1:~$ mutlitail /var/log/mail.info

Code:

Oct 28 23:17:39 server1 postfix/smtp[32524]: connect to alt1.gmail-smtp-in.l.google.com[74.125.28.26]:25: Connection timed out

user@server1:~$ cat htf_report.txt | more

Code:

##### SERVER #####
IP-address (as per hostname): ***.***.***.***
[WARN] could not determine server's ip address by ifconfig
[INFO] ISPConfig is installed.

##### ISPCONFIG #####
ISPConfig version is 3.1.7p1

##### VERSION CHECK #####
[INFO] php (cli) version is 7.0.19-1

##### PORT CHECK #####

##### MAIL SERVER CHECK #####

##### RUNNING SERVER PROCESSES #####

[INFO] I found the following web server(s):
        Apache 2 (PID 30365)
[INFO] I found the following mail server(s):
        Postfix (PID 29474)
[INFO] I found the following pop3 server(s):
        Dovecot (PID 29491)
[INFO] I found the following imap server(s):
        Dovecot (PID 29491)
[INFO] I found the following ftp server(s):
        PureFTP (PID 29548)

##### LISTENING PORTS #####
(only           ()
Local           (Address)
[anywhere]:110          (29491/dovecot)
[anywhere]:143          (29491/dovecot)
[anywhere]:465          (29474/master)
[anywhere]:21           (29548/pure-ftpd)
***.***.***.***:53              (7053/named)
[localhost]:53          (7053/named)
[anywhere]:22           (17642/sshd)
[anywhere]:25           (29474/master)
[localhost]:953         (7053/named)
[anywhere]:993          (29491/dovecot)
[anywhere]:995          (29491/dovecot)
[localhost]:10023               (26001/postgrey)
[localhost]:10024               (7195/amavisd-new)
[localhost]:10025               (29474/master)
[localhost]:10026               (7195/amavisd-new)

please help on this one.

 

Both me and Till have told You that to send e-mails successfully You need to set reverse dns to the same as the mail server hostname. You have posted a test that shows this is not the case:

Fix the DNS so that host xx.xx.xxx.xxx returns mail.myvhost.tld. Till also reminded in a previous message the port 25 must be open.
If needed, use this helpful website to check the e-mail settings: https://mxtoolbox.com/
There are other similar tools, that is just an example.

 

Dear Taleman,
Please consider me as a noobie and highlight on whether the path I took before/after the setup is correct.

aa) vultr (my vps service provider) provides nameservers ns1.vultr.com and ns1.vultr.com.

bb) i have pointed my domain example.com to the nameservers mentioned above.

cc) then i have added the domain through my VPS panel and so i got 5 entries there (2 for NS, 1 for A and 1 for CNAME and 1 for MX).

Code:

MX      example.com       300         30

Is this correct ? or should it be server1.example.com or mail.server1.example.com. please confirm.

Also please note that I have not touched my DNS in ISPConfig yet. Is this right.

Setting up the reverse DNS for my ip was easy. I could do it in my control panel and thus host xx.xxx.xx.xx will always return whatever value i set there. Presently its server1.example.com

i did a nmap xx.xx.xx.xx and its confirmed that port 25 is open. So kindly advise if i should start adding my domains to ispconfig panel DNS and not to my VPS control panel.

Thanks.

 

The MX record is the receiving e-mail server. If Your setup is only one host, then that it is. You should use the hostname in MX as the mail server hostname everywhere, unless You know You should do otherwise. You can use whatever hostname You like, but use the same hostname everywhere. The hostname in MX record must have an A record.
https://en.wikipedia.org/wiki/MX_record

If this server1.example.com is the e-mail server, put that also in the MX record instead of example.com. Or setup the reverse DNS to return example.com.

If I understand the setup correctly, Your ISP provides the name servers and You must configure Your own domain in those with the VPS Panel. If this assumption is correct, then the setups You do in ISPConfig DNS do not go to the real name servers, so adding Your domains to ISPConfig DNS serves no purpose.

 

hi Taleman,

Many thanks for your reply. Info that MX record is only for incoming mails was an eyeopener. This means that I don't have to muddle with MX records because my incoming mails are working fine.

To recap:
Lets say, My main server domain is server1.example.com on which ispconfig panel is running.The test domain on which i am testing my outgoing mails is email-vhost.com

Earlier, I have added both the domains (example.com and email-vhost.com to my vps panel and have 5 lines of records each).

under ispconfig panel, I have created a email domain for email-vhost.com. i have also created email box called [email protected]. i am able to get incoming mails from personal id [email protected] but not able to send mail to [email protected] from this box.

so i ran the following test

$ sudo grep ^relayhost /etc/postfix/main.cf

Code:

relayhost =

$sudo tail -f /var/log/mail.log

Code:

Oct 30 06:48:12 server1 postfix/smtp[19253]: connect to alt2.gmail-smtp-in.l.google.com[74.125.30.27]:25: Connection timed out
Oct 30 06:48:12 server1 postfix/smtp[19253]: 4B60716078A: to=<[email protected]>, relay=none, delay=128646, delays=128556/0.03/90/0, dsn=4.4.1, status=deferred (connect to alt2.gmail-smtp-in.
l.google.com[74.125.30.27]:25: Connection timed out)

t 30 15:21:42 server1 postfix/qmgr[29477]: CB7EE1607FF: from=<[email protected]>, size=1004, nrcpt=1 (queue active)
Oct 30 15:22:12 server1 postfix/smtp[8256]: connect to gmail-smtp-in.l.google.com[74.125.68.26]:25: Connection timed out
Oct 30 15:22:12 server1 postfix/smtp[8256]: connect to gmail-smtp-in.l.google.com[2404:6800:4003:c02::1a]:25: Network is unreachable
Oct 30 15:22:12 server1 postfix/smtp[8256]: connect to alt1.gmail-smtp-in.l.google.com[2607:f8b0:400e:c04::1a]:25: Network is unreachable

$echo "test" | mail [email protected]
$sudo tail -f /var/log/mail.log

Code:

Oct 30 15:56:36 server1 postfix/pickup[995]: D973F162043: uid=1000 from=<user1>
Oct 30 15:56:36 server1 postfix/cleanup[1843]: D973F162043: message-id=<[email protected]>
Oct 30 15:56:36 server1 postfix/qmgr[996]: D973F162043: from=<[email protected]>, size=401, nrcpt=1 (queue active)
Oct 30 15:56:37 server1 postfix/smtpd[1849]: connect from localhost[127.0.0.1]
Oct 30 15:56:37 server1 postfix/smtpd[1849]: 8A0E6162046: client=localhost[127.0.0.1]
Oct 30 15:56:37 server1 postfix/cleanup[1843]: 8A0E6162046: message-id=<[email protected]>
Oct 30 15:56:37 server1 postfix/qmgr[996]: 8A0E6162046: from=<[email protected]>, size=860, nrcpt=1 (queue active)
Oct 30 15:56:37 server1 amavis[1022]: (01022-01) Passed CLEAN {RelayedOutbound}, LOCAL [127.0.0.1] <[email protected]> -> <[email protected]>, Message-ID: <[email protected]>, mail_id: G7S54nMbi7q9, Hits: 1.766, size: 401, queued_as: 8A0E6162046, 654 ms
Oct 30 15:56:37 server1 postfix/smtp[1844]: D973F162043: to=<[email protected]>, relay=127.0.0.1[127.0.0.1]:10024, delay=0.71, delays=0.02/0.01/0.05/0.63, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 8A0E6162046)
Oct 30 15:56:37 server1 postfix/qmgr[996]: D973F162043: removed
Oct 30 15:57:07 server1 postfix/smtp[1851]: connect to gmail-smtp-in.l.google.com[74.125.68.26]:25: Connection timed out
Oct 30 15:57:07 server1 postfix/smtp[1851]: connect to gmail-smtp-in.l.google.com[2404:6800:4003:c02::1b]:25: Network is unreachable

Please advise what is wrong with my setup ?

 

Is the setup created by ISPConfig or have You edited the configuration files? Use Internet search engines for: troubleshooting postfix sending
and see if You can find the problem.
Also make doubly sure the port 25 is not blocked.

 

Dear Taleman,

Yes, Am using the setup created by ISPConfig. (to be precise Servisy Github script). Never tinkered with the config.

You seem to read my mind. I just finished following this url and still no luck

It is confirmed now that the port is not blocked because i changed the port (as advised in the above url) to 2017 and result is still same. I have also not enabled UFW to ensure that its not blocking anything yet.

Will keep trying and post you the outcome. Meanwhile if any of you experts could help me solve this, I would be very grateful.

 

My experience with installing ISPConfig following the Perfect Server Guide is that it just works. Perhaps the Servicys script is at fault here? Perhaps checking settings following the usual setup guide would provide clues what to fix? I use Debian GNU/Linux and thus use

The Perfect Server - Debian 9 (Stretch) with Apache, BIND, Dovecot, PureFTPD and ISPConfig 3.1
from
https://www.ispconfig.org/documentation/

 

Taleman,

Thanks. A similar problem by another Vultr.com user here points to the blocking of port 25 by VPS provider. So I sent a mail to them to unblock the port, if they are blocking. I also found a difference in the master.cf

Code:

^M  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
^M  -o smtpd_client_restrictions=permit_sasl_authenticated,reject

I removed the ^M in those two lines and restarted postfix but still same error. I will keep trying till I get reply from vultr.com

Cheers.

 

Maybe You can use the Smarthost Vult most likely provides for sending mail? https://en.wikipedia.org/wiki/Smart_host
https://www.howtoforge.com/community/threads/smarthost-for-one-maildomain.66172/

 

Superb Taleman,

I checked the gmail relay host but did not like the part where I have to provide my email id. Believe this means I am vouching for all the Emails Sites, added under my Ispconfig panel. I was looking for relayhost which is not of propreitory in nature and doe not put any limit on the out going mails, even though I do not mean to send many mails / day (500 max accross all domains).

The final setup should be like this.
AA) A client books a domain (client-vhost.com) elsewhere and enters the nameserver to ns1.example.com ns2.example.com in the domain control panel.
BB) The client then visits https://server1.example.com:8080 where he is opened an account (with domain name client-vhost.com) from where he is able to add his ftp, email box, and php website.

So if we make the outgoing mails work, then will have to look at this setup. Thank you very much for your help.

 

Hi Taleman + till,

Finally my VPS service provider (vultr) confirmed that they have opened the smtp port for my use and immediately after a hard reset from my vps control panel all my pending outgoing mails in que are processed.

Thank you once again for your support gentlemen.