25 posts / 0 new
Last post
#1 Sun, 05/09/2010 - 18:25
sfischer

SMTP

From what I have read, and seen on the server SMTP is setup and running. I cannot send an email using my server. Prior to today, I had just used my ISP's smtp server. Now I have a client that needs to send mail through my server. So, I am using Thunderbird to test my mail server. I read my logs and found a problem and got that fixed. Now, it just times out. The error is that it has timed out.

I have setup smtp.myservername.com in DNS as an A record. Should it be something else?

As far as I know, port 25 is not blocked. I have a business account which allows me to run web and mail servers, so it should not be blocked.

I just need to be able to send.

Thanks

Shanon

Mon, 05/10/2010 - 09:00
andreychek

Hi Shanon,

Hmm, are you saying that your desktop and server are on the same network?

If so, does it work if you attempt to access your server using it's internal IP address rather than the external address?

-Eric

Mon, 05/10/2010 - 11:47
sfischer

Thanks for the response Eric. No, the server and the computer are on different networks. As far as I can tell, the server is setup for SMTP. Like I had mentioned, I was just using my ISP's outgoing server, but now I have a client that needs to use my server for outgoing mail. I was just testing from my computer.

Shanon

Mon, 05/10/2010 - 11:59
andreychek

Howdy,

Many ISP's allow you to get to their own mail server, but not port 25 on other servers on the Internet. So it's possible that the ISP for your desktop computer is blocking SMTP connections to your server.

If you let me know the hostname for your server, I can tell you if port 25 is active on it or not. If you're concerned about posting that on the forums here, you can always edit your post after we get this working to remove the hostname :-)

-Eric

Mon, 05/10/2010 - 12:04
sfischer

Host name is pixelmountainstudio.com.

I never thought that they may block my home access. My home is just regular residential service, but my server is business service.

So it may be better to have my client try it from their end, since they would be on business internet service as well.

Please see if you can get to my server.

Thanks for your help!

Shanon

Mon, 05/10/2010 - 12:06
andreychek

Howdy,

Yeah, I can definitely see Postfix / post 25 on your server.

So long as your client's ISP isn't blocking their access as well, you should be in good shape :-)

An alternative is to enable SMTPS and/or Submission in /etc/postfix/master.cf, and use port 465 or 587 to access the SMTP service on your server.

-Eric

Mon, 05/10/2010 - 12:13 (Reply to #6)
sfischer

Well that is good news. Do I need to do anything special with DNS. What would I use for the mail server name.

Sorry to be pain, and thanks for the help.

Shanon

Mon, 05/10/2010 - 12:38
andreychek

You're welcome to use any domain name you like for the mail server, so long as it resolves to your server's IP address :-)

A lot of folks purchase an SSL certificate for the server(s) they manage, and put that SSL cert into Dovecot and Postfix.

In order to take advantage of that SSL certificate, you'd need to use the domain name that's in the SSL cert.

Outside of that, it really doesn't matter what domain name you're using, it just needs to resolve to your IP address.

-Eric

Tue, 05/11/2010 - 11:40
sfischer

My client tried smtp.pixelmountainstudio.com for their outgoing mail and they said it didn't work. So maybe their ISP is blocking port 25. The trouble with that is that they had used their previous hosts email server to send their mail. We know the port is open, so what else could be the problem?

Thanks!

Shanon

Tue, 05/11/2010 - 11:45
andreychek

Well, if they enabled SSL or TLS for their authentication, it may be trying to use SMTPS or Submission... my recommendation would be to enable those in the /etc/postfix/master.cf file, and then restart Postfix.

If that doesn't work, we'll need to know the error your client is receiving.

Also, you'll want to look at the logs for any clues to what's going on.

The exact logs to look at depends on your distro, but you'll want to look at the authentication logs in either /var/log/auth.log or /var/log/secure, and also the mail logs, which would be either /var/log/maillog or /var/log/mail.log.

-Eric

Tue, 05/11/2010 - 18:15
sfischer

I am using CentOS

I tried a few other things, but have now, I think, switched to SMTPS. I have tried it on my end, but it errors. I get Outlook is unable to connect to your outgoing mail server. That could be a blocked port on my end. I am having the client try it now.

I did open up port 465 on the firewall on the server.

There is nothing in the secure and mail logs. It seems like it is not going to the server at all.

Just found this in the log:

May 11 15:58:18 pixelmountainstudio dovecot: pop3-login: Aborted login: user=<user.domain>, method=PLAIN, rip=::ffff:174.1.187.9

Is there a spot to tell postfix which port to listen on. I am not seeing a spot.

Thanks for the help.

Shanon

Tue, 05/11/2010 - 22:09
andreychek

Howdy,

In order to enable SMTPS in Postfix, you need to go into the Postfix master.cf file, and uncomment the lines near the top of the file beginning with "smtps".

Once you do that, it should automatically listen on port 465.

You can verify that it's listening on port 465 by running this command:

netstat -an | grep :465

If that doesn't return anything, SMTPS isn't enabled quite right :-)

-Eric

Wed, 05/12/2010 - 08:42
sfischer

I missed the SMTPS line in the master.cf file. I thought I had done that.

After enabling, I did the netstat and got a response, plus I was able to telnet to it.

I will have the client try it and see what happens.

Thanks for your help and patience!

Shanon

Wed, 05/12/2010 - 08:50
sfischer

And things are looking up. But, I got a relay access denied when sending to one of my other accounts. Do I need to setup relaying in Postfix? I have seen that on the Postfix config pages.

Found this in the log

fatal: parameter "smtpd_recipient_restrictions": specify at least one working instance of: check_relay_domains, reject_unauth_destination, reject, defer or defer_if_permit

Thanks!

Shanon

Wed, 05/12/2010 - 09:00
andreychek

After enabling, I did the netstat and got a response, plus I was able to telnet to it.

Glad you got that part working! That's the hard part :-)

But, I got a relay access denied when sending to one of my other accounts

That often means that in Outlook, it's not trying to authenticate outgoing smtp connections. So although it may be using port 465, it's not actually setup to pass in a username and password.

Make sure Outlook is authenticating outgoing smtp connections, as that's typically not done by default.

fatal: parameter "smtpd_recipient_restrictions": specify at least one working instance of: check_relay_domains, reject_unauth_destination, reject, defer or defer_if_permit

Hrm, that could be a problem too. Edit your /etc/postfix/main.cf file, find the line beginning with "smtpd_recipient_restrictions, and make sure the last parameter on that line is "reject_unauth_destination". Then restart Postfix.

That's in there by default, but it may have gotten lost in all the tweaking :-)

-Eric

Wed, 05/12/2010 - 09:11
sfischer

I added reject_unauth_destination, but that didn't help. It is the only entry there right now. I had Thunderbird set to use a username to login before sending. When I first tried this morning, after getting smtps set right, it asked for the password, which I gave it.

Nothing odd in the logs this time.

Wed, 05/12/2010 - 09:13
andreychek

By default, you should have a line in your main.cf that looks something like this:

smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination

Wed, 05/12/2010 - 09:19
sfischer

An error occurred while sending mail. The mail server responded: 4.3.5 Server configuration error. Please check the message recipient user@user.com and try again.

That was after adding those lines and restarting postfix.

At least we know it is getting to the server.

Again, nothing weird in the server logs.

Wed, 05/12/2010 - 09:23
andreychek

It sounds like something may be wrong with your main.cf file.

It's unusual that you wouldn't see an error in the mail logs for an error like you're seeing there... if you just go and restart Postfix without attempting to connect, does that show any errors?

Also, what output do you get if you type this on the command line:

postconf -n

Wed, 05/12/2010 - 09:30
sfischer

I restarted postfix without making any changes and there was no error, it started fine. I did another test and checked the logs.

Found this:

May 12 07:27:36 pixelmountainstudio postfix/local[7618]: ACA5A9B8143: to=pixelmountainstudio@pixelmountainstudio.com, orig_to=, relay=local, delay=4.1, delays=0.03/0.01/0/4, dsn=2.0.0, status=sent (delivered to command: /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME)

Is it my login??

I did the postconf -n, and sorry for sounding stupid, but how can I copy it from the command line to here?

Have to have a shower now, will be back in a bit.

Thanks for all your help this early in the morning.

Wed, 05/12/2010 - 09:49
andreychek

Is it my login??

I don't know what your login is :-)

If you go into "Edit Mail and FTP Users" for your Virtual Server, you'll see there what the email logins for your domain are.

I did the postconf -n, and sorry for sounding stupid, but how can I copy it from the command line to here?

Are you logging into your server via SSH from your desktop? Typically with that, you can just copy and paste the output using your mouse.

If you're logging in at the console, well, that would be more difficult :-) Rather than logging in at the console, you might want to try a tool such as Putty to remotely login using SSH, which would allow you to use your mouse for things like this :-)

-Eric

Wed, 05/12/2010 - 09:55
sfischer

Just from trying to understand the error message, I thought maybe my login info was wrong. But I double checked it and it was right.

I login to the server using putty. All console based. I can't copy and paste from there. That is why I like webmin and virtualmin so much.

I do see mydestination = $myhostname, localhost.$mydomain, localhost, pixelmountain

That just doesn't quite look right to me, but what do I know.

Wed, 05/12/2010 - 09:59
andreychek

You may want to take a peek at this for some info on copy/paste using Putty:

http://www.chiark.greenend.org.uk/~sgtatham/putty/faq.html#faq-cutpaste

As far as your mydestination line goes -- that shouldn't be generating a server configuration error (though, you may want to add "pixelmountainstudio.com" to the end of the line, but keep the rest as-is).

-Eric

Wed, 05/12/2010 - 10:22
sfischer

But I can't get it to copy. Not too sure how to edit it either. Sorry for not being able to do this. I am using a linux box, and I putty into the server. I have to go to my shop soon where I have a windows box. Maybe that will work.

Wed, 05/12/2010 - 14:56
sfischer

There was a problem with the settings. I had an extra bit in there that I shouldn't have. I wasn't even receiving mail. Got that worked out now.

I tried it where I am now and it looks like it works!

The Client tried it and it works too!!!

Thanks for all the help!

Shanon

Topic locked