Looking at 2 virtual domains, one is accepting incoming email, and the other domain is rejecting everything. I'm pretty sure this was working before I started trying to get outgoing mail to work, which is a story for another day.
Anyway, I think I've put everything back to the way it was but this domain is still rejecting all incoming mail. The only domain specific change I can recall I made was to the mx record and I know I've returned that correctly (I changed it from mail.virtualdomain.tld to hostname.tld in a fit of rage trying to get outgoing to work). The errors in the log are like this:
Apr 14 01:24:07 lisn-mdv postfix/smtpd[31213]: connect from a2s61.a2hosting.com[75.98.165.130] Apr 14 01:24:07 lisn-mdv postfix/smtpd[31213]: NOQUEUE: reject: RCPT from a2s61.a2hosting.com[75.98.165.130]: 554 5.7.1 me@virtualdomain.tld: Recipient address rejected: Access denied; from=them@incomingdomain.tld to=me@virtualdomain.tld proto=ESMTP helo=<a2s61.a2hosting.com> Apr 14 01:24:07 lisn-mdv postfix/smtpd[31213]: disconnect from a2s61.a2hosting.com[75.98.165.130]
host -t mx virtualdomain.tld
returns
virtualdomain.tld mail is handled by 5 mail.virtualdomain.tld.
and
host mail.virtualdomain.tld
resolves to the proper ip.
What else should I be looking at? This is maddening! :-)
Ok, it seems that the mx change was the first problem. Once the DNS entries got updated, that error went away. Now, the email is being bounced with the error:
The mail server could not deliver mail to me@virtualdomain.tld The account or domain may not exist, they may be blacklisted, or missing the proper dns entries.
No such bounced email to other other virtual domain... No errors in the mail.log
Any suggestions?
I was hoping the problem would just go away (partial DNS update or some such) but no such luck. Incoming mail is still being rejected.
Sigh...
Just to be sure it was not account related, I created a new test account and it also fails to receive emails. If I could get a grip on what is wrong, I could figure out how to fix it.
In case someone sees this and could take a look, the test email account is test@whdt.net
Thanks
Hmm, "Access denied" is an unusual error.
What output do you receive if you run this command:
postconf -n
For postconf -n, I get:
alias_database = hash:/etc/aliasesalias_maps = hash:/etc/aliases
allow_percent_hack = no
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
home_mailbox = Maildir/
inet_interfaces = all
mailbox_command = /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME
mailbox_size_limit = 0
mydestination = lisn-mdv.razercut.com, localhost.razercut.com, , localhost
myhostname = lisn-mdv.razercut.com
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
myorigin = /etc/mailname
readme_directory = no
recipient_delimiter = +
sender_bcc_maps = hash:/etc/postfix/bcc
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject
smtpd_sasl_auth_enable = yes
smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
virtual_alias_maps = hash:/etc/postfix/virtual
(edited for clarity. Looks much better now than the one run-on sentence :-)
Looking at the data from postconf, none of it is specific to a single domain, so I doubt the error is in that? Seems like it would be specific to a domain configuration if one works and another does not?
Just guessing...
Just a little more info. I tried creating email accounts on other domains (I just have email accounts on two of the domains, one works and one doesn't) and they don't work either.
The only thing unique that I can tell is that the one that works has a unique ip, and the other domains had a shared ip. However, I tried changing one to a unique ip and that didn't seem to make any difference.
Thanks!
Ok, I understand this may be too strange of a problem, or such an obvious noob question, that I won't get a help here. Does someone at least have references to someplace where I might find answers? I don't mind tracking the problem down myself, I just don't know where to start. Maybe a more in-depth troubleshooting than the one on this system (my DNS all appear to be ok, including reverse DNS).
Thanks
I see in auth.log entries like:
Wouldn't it need to look for emailuser.myvirtualdomain.tld? Or is there some lookup that is supposed to say emailuser@myvirtualdomain.tld == emailuser.myvirtualdomain.tld?
If I run http://www.intodns.com/whdt.net it shows a different MX entry
Your MX records that were reported by your nameservers are:
5 mail.whdt.com No A Record (no glue either)
I guess you have to look into the dns zone and correct the errors including adding the IP for the A record mail.
Figures someone would take a look now :-)
In desperation I tried swapping the ips of the one that worked with the one that didn't. Didn't make any difference, so I swapped them back. You must have caught it while it was still updating!
In fact, it still shows the screwed up mx record.
Here is a 3rd domain which also doesn't work:
http://www.intodns.com/marksteiner.ag
The one that does:
http://www.intodns.com/faroutprojects.com
And here is the dns record for whdt.net:
$ttl 38400 @ IN SOA lisn-mdv.razercut.com. root.lisn-mdv.razercut.com. ( 1315275273 10800 3600 604800 38400 ) whdt.net. IN NS ns1.razercut.com. whdt.net. IN A 67.215.190.59 www.whdt.net. IN A 67.215.190.59 ftp.whdt.net. IN A 67.215.190.59 m.whdt.net. IN A 67.215.190.59 localhost.whdt.net. IN A 127.0.0.1 webmail.whdt.net. IN A 67.215.190.59 admin.whdt.net. IN A 67.215.190.59 mail.whdt.net. IN A 67.215.190.59 whdt.net. IN MX 5 mail.whdt.com. whdt.net. IN TXT "v=spf1 a mx a:whdt.net ip4:67.215.190.59 ?all" whdt.net. IN NS ns2.razercut.com.So I send an email to kazmaier at marksteiner dot ag (while whdt is in flux) and the syslog entry is:
Thanks for your help. I really am at wits end.
So the only thing I see at the moment is that the mail works on 67.215.190.58
as is razercut.com on that IP
So I would first change the the hostname of the server to ns1.razercut.com as currently your SOA is not listed and ns1 is.
Then change the SOA of all zonefiles from lisn-mdv.razercut.com to ns1.razercut.com if this is not done automatically
and also make sure that all sites and services are listening on IP 67.215.190.58
if you can per haps recreate the domains on the same shared IP