Postfix problems

4 posts / 0 new
Topic locked
Last post
#1 Thu, 05/21/2015 - 12:18
te-deum

Postfix problems

Hello,

I have a fresh new CentOS 7.1 with Virtualmin installed and configured. I am trying to configure Postfix but I have problems with gmail and some others server.

I have these errors :

  • connect to io-118.arrakis.es[212.59.201.118]:25: Connection timed out
  • connect to club-internet.com[69.172.201.208]:25: Connection timed out
  • host mx1.free.fr[212.27.48.6] said: 451 too many errors from your ip
  • connect to unibeton.com[208.91.197.128]:25: Connection timed out
  • lost connection with web.dennyspage.com[46.17.100.214] while receiving the initial server greeting
  • ...
  • For gMail, I have the error : mail transport unavailable

Here is a postconf -n report :

[root@serveur ~]# postconf -n
postconf: warning: /etc/postfix/master.cf: undefined parameter: mua_sender_restrictions
postconf: warning: /etc/postfix/master.cf: undefined parameter: mua_client_restrictions
postconf: warning: /etc/postfix/master.cf: undefined parameter: mua_helo_restrictions
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
allow_percent_hack = no
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5
default_destination_concurrency_limit = 10
home_mailbox = Maildir/
html_directory = no
inet_protocols = all
mailbox_command = /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME
mailbox_size_limit = 0
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
mydestination = $myhostname, localhost.$mydomain, localhost, serveur.mondomaine.fr
mydomain = mondomaine.fr
myhostname = serveur.mondomaine.fr
newaliases_path = /usr/bin/newaliases.postfix
readme_directory = /usr/share/doc/postfix-2.10.1/README_FILES
sample_directory = /usr/share/doc/postfix-2.10.1/samples
sender_bcc_maps = hash:/etc/postfix/bcc
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
slow_destination_concurrency_limit = 2
slow_destination_rate_delay = 1s
slow_destination_recipient_limit = 2
slow_initial_destination_concurrency = 1
smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_tls_cert_file = /etc/postfix/postfix.cert.pem
smtpd_tls_key_file = /etc/postfix/postfix.key.pem
smtpd_tls_mandatory_ciphers = high
smtpd_tls_mandatory_protocols = SSLv3, TLSv1
smtpd_use_tls = yes
transport_maps = hash:/etc/postfix/transport, regexp:/etc/postfix/transport_regexp
unknown_local_recipient_reject_code = 550
virtual_alias_maps = hash:/etc/postfix/virtual

This is my master.cf :

smtp inet    n   -   n   -   -   smtpd -o smtpd_sasl_auth_enable=yes
#smtp      inet  n       -       n       -       1       postscreen
#smtpd     pass  -       -       n       -       -       smtpd
#dnsblog   unix  -       -       n       -       0       dnsblog
#tlsproxy  unix  -       -       n       -       0       tlsproxy
#submission inet n       -       n       -       -       smtpd
#  -o syslog_name=postfix/submission
#  -o smtpd_tls_security_level=
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_reject_unlisted_recipient=no
#  -o smtpd_client_restrictions=$mua_client_restrictions
#  -o smtpd_helo_restrictions=$mua_helo_restrictions
#  -o smtpd_sender_restrictions=$mua_sender_restrictions
#  -o smtpd_recipient_restrictions=permit_sasl_authenticated,reject
#  -o milter_macro_daemon_name=ORIGINATING
smtps   inet    n   -   n   -   -   smtpd -o syslog_name=postfix/smtps -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_reject_unlisted_recipient=no -o smtpd_client_restrictions=$mua_client_restrictions -o smtpd_helo_restrictions=$mua_helo_restrictions -o smtpd_sender_restrictions=$mua_sender_restrictions -o smtpd_recipient_restrictions=permit_sasl_authenticated,reject -o milter_macro_daemon_name=ORIGINATING
#628       inet  n       -       n       -       -       qmqpd
pickup    unix  n       -       n       60      1       pickup
cleanup   unix  n       -       n       -       0       cleanup
qmgr      unix  n       -       n       300     1       qmgr
#qmgr     unix  n       -       n       300     1       oqmgr
tlsmgr    unix  -       -       n       1000?   1       tlsmgr
rewrite   unix  -       -       n       -       -       trivial-rewrite
bounce    unix  -       -       n       -       0       bounce
defer     unix  -       -       n       -       0       bounce
trace     unix  -       -       n       -       0       bounce
verify    unix  -       -       n       -       1       verify
flush     unix  n       -       n       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
proxywrite unix -       -       n       -       1       proxymap
smtp      unix  -       -       n       -       -       smtp
relay     unix  -       -       n       -       -       smtp
#       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq     unix  n       -       n       -       -       showq
error     unix  -       -       n       -       -       error
retry     unix  -       -       n       -       -       error
discard   unix  -       -       n       -       -       discard
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       n       -       -       lmtp
anvil     unix  -       -       n       -       1       anvil
scache    unix  -       -       n       -       1       scache
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# Many of the following services use the Postfix pipe(8) delivery
# agent.  See the pipe(8) man page for information about ${recipient}
# and other message envelope options.
# ====================================================================
#
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
#maildrop  unix  -       n       n       -       -       pipe
#  flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
#
# ====================================================================
#
# Recent Cyrus versions can use the existing "lmtp" master.cf entry.
#
# Specify in cyrus.conf:
#   lmtp    cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4
#
# Specify in main.cf one or more of the following:
#  mailbox_transport = lmtp:inet:localhost
#  virtual_transport = lmtp:inet:localhost
#
# ====================================================================
#
# Cyrus 2.1.5 (Amos Gouaux)
# Also specify in main.cf: cyrus_destination_recipient_limit=1
#
#cyrus     unix  -       n       n       -       -       pipe
#  user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -r ${sender} -m ${extension} ${user}
#
# ====================================================================
#
# Old example of delivery via Cyrus.
#
#old-cyrus unix  -       n       n       -       -       pipe
#  flags=R user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -m ${extension} ${user}
#
# ====================================================================
#
# See the Postfix UUCP_README file for configuration details.
#
#uucp      unix  -       n       n       -       -       pipe
#  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
#
# ====================================================================
#
# Other external delivery methods.
#
#ifmail    unix  -       n       n       -       -       pipe
#  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
#
#bsmtp     unix  -       n       n       -       -       pipe
#  flags=Fq. user=bsmtp argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient
#
#scalemail-backend unix -       n       n       -       2       pipe
#  flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store
#  ${nexthop} ${user} ${extension}
#
#mailman   unix  -       n       n       -       -       pipe
#  flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
#  ${nexthop} ${user}
submission  inet    n   -   n   -   -   smtpd -o smtpd_sasl_auth_enable=yes
 
#
# Slow - config
#
slow    unix    -       -       n       -       5       smtp
   -o syslog_name=postfix-slow
   -o smtp_destination_concurrency_limit=3
   -o slow_destination_rate_delay=1

And finally my transport :

wanadoo.com slow:
wanadoo.fr slow:
orange.com slow:
orange.fr slow:
#yahoo.fr slow:
free.fr slow:
aliceadsl.fr slow:
alicepro.fr slow:
aliceteam.fr slow:
libertysurf.fr slow:
libertysurf.net slow:
worldonline.fr slow:
freesbee.fr slow:
infonie.fr slow:
monsieurcinema.com slow:
teamtiscali.com slow:
nomade.fr slow:
chez.com slow:
nordnet.fr slow:
hotmail.com slow:
yopmail.com slow:
laposte.net slow:
alice.fr slow:
ymail.com slow:
rocketmail.com slow:
gmail.com slow:
yahoo.fr slow:

I am very annoyed, so any help will be appreciated :roll: Thank you

Thu, 05/21/2015 - 16:18
Diabolico
Diabolico's picture

Check if you have open port 25 and if you can connect from outside.

- I often come to the conclusion that my brain has too many tabs open. -
Failing at desktop publishing & graphic design since 1994.

Fri, 05/22/2015 - 03:29
te-deum

Re,

I finnaly solved my problem with GMail (I hope so...). In the logs I read this error : postfix/trivial-rewrite[952]: warning: database /etc/postfix/transport.db is older than source file /etc/postfix/transport

So I force postfix to reload the transport configuration by executing :

postmap /etc/postfix/transport
service postfix restart

I have checked my open ports and everything seems ok :

[root@serveur ~]# netstat -lnt
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State
tcp        0      0 0.0.0.0:20000           0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:993             0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:995             0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:3306            0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:587             0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:110             0.0.0.0:*               LISTEN
tcp        0      0 127.0.0.1:783           0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:143             0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:10000           0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:465             0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN
tcp        0      0 127.0.0.1:11000         0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:25              0.0.0.0:*               LISTEN
tcp6       0      0 :::993                  :::*                    LISTEN
tcp6       0      0 :::995                  :::*                    LISTEN
tcp6       0      0 :::587                  :::*                    LISTEN
tcp6       0      0 :::110                  :::*                    LISTEN
tcp6       0      0 ::1:783                 :::*                    LISTEN
tcp6       0      0 :::143                  :::*                    LISTEN
tcp6       0      0 :::80                   :::*                    LISTEN
tcp6       0      0 :::465                  :::*                    LISTEN
tcp6       0      0 :::21                   :::*                    LISTEN
tcp6       0      0 :::22                   :::*                    LISTEN
tcp6       0      0 :::25                   :::*                    LISTEN
tcp6       0      0 :::443                  :::*                    LISTEN

Now I have a lot of SASL error like these one :

May 22 10:16:17 serveur postfix/smtpd[5532]: warning: unknown[194.63.142.101]: SASL LOGIN authentication failed: authentication failure
May 22 10:16:19 serveur postfix/smtpd[5532]: warning: unknown[194.63.142.101]: SASL LOGIN authentication failed: authentication failure
May 22 10:16:21 serveur postfix/smtpd[5532]: warning: unknown[194.63.142.101]: SASL LOGIN authentication failed: authentication failure
May 22 10:16:22 serveur postfix/smtpd[5535]: warning: ec2-54-208-194-166.compute-1.amazonaws.com[54.208.194.166]: SASL LOGIN authentication failed: authentication failure
May 22 10:16:25 serveur postfix/smtpd[5532]: warning: ec2-54-208-194-166.compute-1.amazonaws.com[54.208.194.166]: SASL LOGIN authentication failed: authentication failure
May 22 10:18:14 serveur postfix/smtpd[5861]: warning: hostname serveur.kappadev.fr does not resolve to address 87.98.142.111
May 22 10:18:16 serveur postfix/smtpd[5861]: warning: unknown[87.98.142.111]: SASL LOGIN authentication failed: authentication failure
May 22 10:18:19 serveur postfix/smtpd[5861]: warning: unknown[87.98.142.111]: SASL LOGIN authentication failed: authentication failure
May 22 10:18:21 serveur postfix/smtpd[5861]: warning: unknown[87.98.142.111]: SASL LOGIN authentication failed: authentication failure

I change my server and 87.98.142.111 was the old IP address... the new server resolve to a new IP address. So why is there an error with this IP ? I check my DNS and my reverse... everything is configured with the new address. Any Idea ??

Thank you.

Fri, 05/22/2015 - 10:36
andreychek

Howdy,

Well, ignoring that error for a moment -- is everything else working properly? And are you able to log into your email client and send an email through your server?

If everything else is working, those errors may be just bots trying to guess at email accounts, and failing.

-Eric

Topic locked