Discussion:
Postfix setup
(too old to reply)
Tom Misilo
2007-08-13 19:28:05 UTC
Permalink
I followed all the directions here:
https://help.ubuntu.com/7.04/server/C/postfix.html

However when I try and send an email using alpine I am gettng a relay
access denied message when trying to send to my email address. Any
ideas? Also what ports would I need to forward through the router to
be able to send/receive mail from the outside world. As I would like
to be able to use it while out with my laptop.

Thanks in advance,

Tom
--
Tom Misilo
AIM:Tmisilo FL
Jabber:tmisilo at jabber.org
http://tmisilo.ath.cx
Tom Misilo
2007-08-13 20:01:16 UTC
Permalink
Okay I have found out that I cannot telnet port 25 on the server from
inside/outside of the network. Any ideas?
Post by Tom Misilo
https://help.ubuntu.com/7.04/server/C/postfix.html
However when I try and send an email using alpine I am gettng a relay
access denied message when trying to send to my email address. Any
ideas? Also what ports would I need to forward through the router to
be able to send/receive mail from the outside world. As I would like
to be able to use it while out with my laptop.
Thanks in advance,
Tom
--
Tom Misilo
AIM:Tmisilo FL
Jabber:tmisilo at jabber.org
http://tmisilo.ath.cx
--
Tom Misilo
AIM:Tmisilo FL
Jabber:tmisilo at jabber.org
http://tmisilo.ath.cx
Jim Kronebusch
2007-08-14 03:42:42 UTC
Permalink
Post by Tom Misilo
Okay I have found out that I cannot telnet port 25 on the server from
inside/outside of the network. Any ideas?
Post by Tom Misilo
https://help.ubuntu.com/7.04/server/C/postfix.html
However when I try and send an email using alpine I am gettng a relay
access denied message when trying to send to my email address. Any
ideas? Also what ports would I need to forward through the router to
be able to send/receive mail from the outside world. As I would like
to be able to use it while out with my laptop.
Thanks in advance,
I have set up a few email servers in the past using this tutorial:

http://www.howtoforge.com/perfect_setup_ubuntu_6.06

It isn't direct from Ubuntu but is very full featured and is a snap to follow (barring
no problems should have and ISP style solution within 30 minutes). It is also based off
of the 6.06 LTS which should give you good support and stability (mail servers don't
need cutting edge stuff).

If nothing else the portions for troubleshooting and testing should help you track down
your SMTP issues. You probably need to modify your main.cf.

I just looked at the tutorial you reference quickly, the line:

postconf -e 'smtpd_recipient_restrictions =
permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination'

sets up /etc/postfix/main.cf to permit only connections from your mynetworks setting
(which the tutorial has you set as 127.0.0.1) and sets sasl authentication to be an
exception to this. Did you configure your client to use sasl authentication? If not
this will give you a relay access denied error such as what you state. If so this is an
easy fix, configure sasl authentication and your laptop will work perfectly on the road
(provided you don't try and access from a providers network that blocks all port 25
activity except that to their server, then you'll have to use their outgoing mail
server, barring they allow relay). Your firewall will need port forwarding for port 25
for smtp, port 110 for pop3, port 80 if you use webmail, port 143 if you use IMAP.

My suggestion for on the road stuff and to eliminate any provider headaches, install
Squirrel Mail or another Webmail product on your mail server and use that. Then you
don't have to worry about sasl authentication and blocked port 25's by ISPs as all mail
will be sent from the localhost.

Jim
--
This message has been scanned for viruses and
dangerous content by the Cotter Technology
Department, and is believed to be clean.
Jim Kronebusch
2007-08-14 03:47:13 UTC
Permalink
Post by Jim Kronebusch
Your firewall will need port
forwarding for port 25 for smtp, port 110 for pop3, port 80 if you use webmail,
port 143 if you use IMAP.
Just to clarify here (in case I made the above confusing), as long as you just need to
check with a client remotely and only need to send receive mail, your firewall will only
need to forward ports 25 and 110 to the mail server. Do that and check that your server
requires authentication in your client setup and you should be in business.

Jim
--
This message has been scanned for viruses and
dangerous content by the Cotter Technology
Department, and is believed to be clean.
Gavin McCullagh
2007-08-14 08:33:35 UTC
Permalink
Hi Tom,
Post by Tom Misilo
Okay I have found out that I cannot telnet port 25 on the server from
inside/outside of the network. Any ideas?
It depends what error you get. If you get "connection refused" postfix is
probably either not running or not listening on that interface/port. If
you get "no route to host", you probably have a firewall of some sort in
the way. Telnetting to postfix on the local computer looks like this:

gavinmc at boing:~$ telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 boing.hamilton.local ESMTP Postfix (Ubuntu)

Try it on the local machine first.
Post by Tom Misilo
Post by Tom Misilo
https://help.ubuntu.com/7.04/server/C/postfix.html
However when I try and send an email using alpine I am gettng a relay
access denied message when trying to send to my email address. Any
ideas? Also what ports would I need to forward through the router to
be able to send/receive mail from the outside world. As I would like
to be able to use it while out with my laptop.
"relay access denied message" suggests to me that postfix is refusing to
relay your email as you are not one of the trusted hosts which it will
relay for. At a guess, I'd say that might be down to you answering
"127.0.0.0/8" to the seventh question in the howto which I guess is who
should the server relay mail for.

You don't say if you're sending mail from the local computer or not. If
you are, you'd need to use "localhost" or "127.0.0.1" as your outgoing mail
server (not the machine's name). If it's from another computer, you
probably need to add that computer's ip address or a range of ip addresses
to the relay allowed list by reconfiguring again.

Gavin
Tom Misilo
2007-08-14 12:44:49 UTC
Permalink
Thanks for the replies.

I am trying to use cyrus to handle the pop3/imap requests.
Post by Gavin McCullagh
You don't say if you're sending mail from the local computer or not. If
you are, you'd need to use "localhost" or "127.0.0.1" as your outgoing mail
server (not the machine's name). If it's from another computer, you
probably need to add that computer's ip address or a range of ip addresses
to the relay allowed list by reconfiguring again.
I am sending mail from the localhost using alpine. setting it to
localhost fixed that error. but when I tail the mail.log file this is
what I get

Aug 14 08:34:15 linus postfix/smtp[13788]: C4B5598131:
to=<xxxxxxxx at gmail.com>, relay=none, delay=214, delays=64/0.07/150/0,
dsn=4.4.1, status=deferred (connect to
alt2.gmail-smtp-in.l.google.com[72.14.215.114]: Connection timed out)


I still cannot "telnet mail 25" from another computer on network. But
it works fine if I run it on the server. Any suggestions? Also, would
I be better of using another piece of software instead of cyrus?

Thanks for the help!

Tom
Post by Gavin McCullagh
Hi Tom,
Post by Tom Misilo
Okay I have found out that I cannot telnet port 25 on the server from
inside/outside of the network. Any ideas?
It depends what error you get. If you get "connection refused" postfix is
probably either not running or not listening on that interface/port. If
you get "no route to host", you probably have a firewall of some sort in
gavinmc at boing:~$ telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 boing.hamilton.local ESMTP Postfix (Ubuntu)
Try it on the local machine first.
Post by Tom Misilo
Post by Tom Misilo
https://help.ubuntu.com/7.04/server/C/postfix.html
However when I try and send an email using alpine I am gettng a relay
access denied message when trying to send to my email address. Any
ideas? Also what ports would I need to forward through the router to
be able to send/receive mail from the outside world. As I would like
to be able to use it while out with my laptop.
"relay access denied message" suggests to me that postfix is refusing to
relay your email as you are not one of the trusted hosts which it will
relay for. At a guess, I'd say that might be down to you answering
"127.0.0.0/8" to the seventh question in the howto which I guess is who
should the server relay mail for.
You don't say if you're sending mail from the local computer or not. If
you are, you'd need to use "localhost" or "127.0.0.1" as your outgoing mail
server (not the machine's name). If it's from another computer, you
probably need to add that computer's ip address or a range of ip addresses
to the relay allowed list by reconfiguring again.
Gavin
--
edubuntu-users mailing list
edubuntu-users at lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/edubuntu-users
--
Tom Misilo
AIM:Tmisilo FL
Jabber:tmisilo at jabber.org
http://tmisilo.ath.cx
Gavin McCullagh
2007-08-14 13:03:58 UTC
Permalink
Hi,
Post by Tom Misilo
Thanks for the replies.
I am trying to use cyrus to handle the pop3/imap requests.
Also, would I be better of using another piece of software instead of
cyrus?
Cyrus is highly scalable (moreso than most), but some aspects of it are a
little unusual -- eg how you do server-side filtering, etc. It is not an
unreasonable choice, although depending on the size of your project you
might find something like dovecot a little easier to set up and maintain.
Post by Tom Misilo
I am sending mail from the localhost using alpine. setting it to
localhost fixed that error. but when I tail the mail.log file this is
what I get
to=<xxxxxxxx at gmail.com>, relay=none, delay=214, delays=64/0.07/150/0,
dsn=4.4.1, status=deferred (connect to
alt2.gmail-smtp-in.l.google.com[72.14.215.114]: Connection timed out)
So now it's accepted your emails, but it can't connect to google.com to
deliver them, apprently because something's stopping it from connecting to
72.14.215.114 on port 25. I'd presume that's a firewall rule somewhere as
I see it fine:

gavinmc at boing:~$ telnet 72.14.215.114 25
Trying 72.14.215.114...
Connected to 72.14.215.114.
Escape character is '^]'.
220 mx.google.com ESMTP y1si2317953hua
Post by Tom Misilo
I still cannot "telnet mail 25" from another computer on network. But
it works fine if I run it on the server. Any suggestions?
Again the error telnet gives back is all important. "Connection refused"
suggests postfix is probably only listening on 127.0.0.1 (a postfix config
issue). "No route to host" or "connection timed out" probably suggests a
firewall is blocking you. "Connection closed" might be postfix replying
and immediately closing the connection (not so likely).

It seems like you may have some sort of firewall on the mail server that's
causing most of these problems. I'd suggest you turn off the firewall for
5 minutes and see do the problems go away. If it does, you need to
configure the firewall properly to allow connections in and out on tcp port
25.

Gavin
Tom Misilo
2007-08-14 13:09:05 UTC
Permalink
This is the error I get back from telnet
C:\Documents and Settings\Administrator>telnet mail 25
Connecting To mail...Could not open connection to the host, on port
25: Connect failed

Also to the best of my knowledge there is no firewall running.

I also have this in my main.cf
mynetworks = 127.0.0.0./8 192.168.0.0/24 192.168.1.0/24 So any client
that is on my network should be able to connect, no?

Thanks!
Post by Gavin McCullagh
Hi,
Post by Tom Misilo
Thanks for the replies.
I am trying to use cyrus to handle the pop3/imap requests.
Also, would I be better of using another piece of software instead of
cyrus?
Cyrus is highly scalable (moreso than most), but some aspects of it are a
little unusual -- eg how you do server-side filtering, etc. It is not an
unreasonable choice, although depending on the size of your project you
might find something like dovecot a little easier to set up and maintain.
Post by Tom Misilo
I am sending mail from the localhost using alpine. setting it to
localhost fixed that error. but when I tail the mail.log file this is
what I get
to=<xxxxxxxx at gmail.com>, relay=none, delay=214, delays=64/0.07/150/0,
dsn=4.4.1, status=deferred (connect to
alt2.gmail-smtp-in.l.google.com[72.14.215.114]: Connection timed out)
So now it's accepted your emails, but it can't connect to google.com to
deliver them, apprently because something's stopping it from connecting to
72.14.215.114 on port 25. I'd presume that's a firewall rule somewhere as
gavinmc at boing:~$ telnet 72.14.215.114 25
Trying 72.14.215.114...
Connected to 72.14.215.114.
Escape character is '^]'.
220 mx.google.com ESMTP y1si2317953hua
Post by Tom Misilo
I still cannot "telnet mail 25" from another computer on network. But
it works fine if I run it on the server. Any suggestions?
Again the error telnet gives back is all important. "Connection refused"
suggests postfix is probably only listening on 127.0.0.1 (a postfix config
issue). "No route to host" or "connection timed out" probably suggests a
firewall is blocking you. "Connection closed" might be postfix replying
and immediately closing the connection (not so likely).
It seems like you may have some sort of firewall on the mail server that's
causing most of these problems. I'd suggest you turn off the firewall for
5 minutes and see do the problems go away. If it does, you need to
configure the firewall properly to allow connections in and out on tcp port
25.
Gavin
--
edubuntu-users mailing list
edubuntu-users at lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/edubuntu-users
--
Tom Misilo
AIM:Tmisilo FL
Jabber:tmisilo at jabber.org
http://tmisilo.ath.cx
Gavin McCullagh
2007-08-14 13:46:38 UTC
Permalink
Hi,
Post by Tom Misilo
This is the error I get back from telnet
C:\Documents and Settings\Administrator>telnet mail 25
Connecting To mail...Could not open connection to the host, on port
25: Connect failed
Do you have a linux machine you can connect from? You should get a
slightly clearer answer from it.

Make sure you can ping mail from the windows machine and that you can ping
it by its ip address as well as by name.

On the server, you can run:

gavinmc at boing:~$ netstat --listening --tcp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 *:smtp *:* LISTEN
tcp 0 0 localhost:2207 *:* LISTEN

the two entries above imply that I have a program listening on the smtp
port (ie tcp port 25) on all (*) interfaces and another listening on
localhost (127.0.0.1) only on tcp port 2207.
Post by Tom Misilo
Also to the best of my knowledge there is no firewall running.
You should check this. You can verify the server has no firewall rules
with:

gavinmc at boing:~$ sudo iptables --list
Password:
Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

The output above is from a machine with no firewall rules set.
Post by Tom Misilo
I also have this in my main.cf
mynetworks = 127.0.0.0./8 192.168.0.0/24 192.168.1.0/24 So any client
that is on my network should be able to connect, no?
[ NB: 127.0.0.0./8 has one too many dots ]

I would have thought so, yes. Did you restart postfix after the last
change to main.cf?
sudo /etc/init.d/postfix restart

1. You can connect and send mail on localhost port 25.
- Postfix is at least running on localhost

2. Although your mail server can't reach external mail servers to deliver.
- can you telnet to port 25 on remote mail servers from your server?

3. You can connect by name to port 25 from your mail server, but you get
"relaying denied". This should be fixed by the "mynetworks" line above.
- you should check that.

4. You can't telnet to port 25 from remote windows machine.
- can you ping the server from the windows machine, by name and ip?
- what is is inet_interfaces set to in /etc/postfix/main.cf
- what is the output of "netstat --listening --tcp"

Gavin
Tom Misilo
2007-08-14 14:00:43 UTC
Permalink
The only linux machine on the network is a thinclient so I do not
think that will work? As it will think it is the "mail" server.

I tried from my schools server and cannot telnet in either? but could
that be because of the mynetworks line? and not having there range of
ips in it?

tcp 0 0 *:smtp *:* LISTEN
tcp 0 0 localhost:2207 *:* LISTEN
I found this using netstat so I figure it is running?

iptables is empty.
Post by Tom Misilo
I also have this in my main.cf
mynetworks = 127.0.0.0./8 192.168.0.0/24 192.168.1.0/24 So any client
that is on my network should be able to connect, no?
[ NB: 127.0.0.0./8 has one too many dots ]
I would have thought so, yes. Did you restart postfix after the last
change to main.cf?
sudo /etc/init.d/postfix restart
Ya I noticed the extra dot after I sent the email, and changed it.
Also I have restarted the service.
Post by Tom Misilo
1. You can connect and send mail on localhost port 25.
- Postfix is at least running on localhost
I can connect to port 25 on localhost from localhost, but sending mail
does not work using alpine.
Post by Tom Misilo
2. Although your mail server can't reach external mail servers to deliver.
- can you telnet to port 25 on remote mail servers from your server?
Nope I cannot telnet the gmail mail host that was said earlier.
Post by Tom Misilo
3. You can connect by name to port 25 from your mail server, but you get
"relaying denied". This should be fixed by the "mynetworks" line above.
- you should check that.
Works now using mail.misilo in the alpine config, but mail still does
not ever get out.
Post by Tom Misilo
4. You can't telnet to port 25 from remote windows machine.
- can you ping the server from the windows machine, by name and ip?
pinging by name works and so does pinging by ip
Post by Tom Misilo
- what is is inet_interfaces set to in /etc/postfix/main.cf
inet_interfaces = all
Post by Tom Misilo
- what is the output of "netstat --listening --tcp"
tcp 0 0 *:smtp *:* LISTEN
tcp 0 0 localhost:2207 *:* LISTEN

Don't think you want the whole thing?

Thanks!

Tom
Post by Tom Misilo
Hi,
Post by Tom Misilo
This is the error I get back from telnet
C:\Documents and Settings\Administrator>telnet mail 25
Connecting To mail...Could not open connection to the host, on port
25: Connect failed
Do you have a linux machine you can connect from? You should get a
slightly clearer answer from it.
Make sure you can ping mail from the windows machine and that you can ping
it by its ip address as well as by name.
gavinmc at boing:~$ netstat --listening --tcp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 *:smtp *:* LISTEN
tcp 0 0 localhost:2207 *:* LISTEN
the two entries above imply that I have a program listening on the smtp
port (ie tcp port 25) on all (*) interfaces and another listening on
localhost (127.0.0.1) only on tcp port 2207.
Post by Tom Misilo
Also to the best of my knowledge there is no firewall running.
You should check this. You can verify the server has no firewall rules
gavinmc at boing:~$ sudo iptables --list
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
The output above is from a machine with no firewall rules set.
Post by Tom Misilo
I also have this in my main.cf
mynetworks = 127.0.0.0./8 192.168.0.0/24 192.168.1.0/24 So any client
that is on my network should be able to connect, no?
[ NB: 127.0.0.0./8 has one too many dots ]
I would have thought so, yes. Did you restart postfix after the last
change to main.cf?
sudo /etc/init.d/postfix restart
1. You can connect and send mail on localhost port 25.
- Postfix is at least running on localhost
2. Although your mail server can't reach external mail servers to deliver.
- can you telnet to port 25 on remote mail servers from your server?
3. You can connect by name to port 25 from your mail server, but you get
"relaying denied". This should be fixed by the "mynetworks" line above.
- you should check that.
4. You can't telnet to port 25 from remote windows machine.
- can you ping the server from the windows machine, by name and ip?
- what is is inet_interfaces set to in /etc/postfix/main.cf
- what is the output of "netstat --listening --tcp"
Gavin
--
edubuntu-users mailing list
edubuntu-users at lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/edubuntu-users
--
Tom Misilo
AIM:Tmisilo FL
Jabber:tmisilo at jabber.org
http://tmisilo.ath.cx
Gavin McCullagh
2007-08-14 14:45:56 UTC
Permalink
Hi,
Post by Tom Misilo
Post by Gavin McCullagh
1. You can connect and send mail on localhost port 25.
- Postfix is at least running on localhost
I can connect to port 25 on localhost from localhost, but sending mail
does not work using alpine.
That's a second issue. The upward connectivity to port 25 on other
servers.
Post by Tom Misilo
Nope I cannot telnet the gmail mail host that was said earlier.
Until this works, postfix will not be able to deliver mail. The most
likely reason for this failure, I guess, is a firewall or routing issue.
The main point is, it's a network issue, not a postfix one.
Post by Tom Misilo
Post by Gavin McCullagh
3. You can connect by name to port 25 from your mail server, but you get
"relaying denied". This should be fixed by the "mynetworks" line above.
- you should check that.
Works now using mail.misilo in the alpine config, but mail still does
not ever get out.
But that's for network connectivity reasons. Postfix is now accepting mail
on all its interfaces though.
Post by Tom Misilo
Post by Gavin McCullagh
4. You can't telnet to port 25 from remote windows machine.
- can you ping the server from the windows machine, by name and ip?
pinging by name works and so does pinging by ip
So DNS is okay and there's basic routing between the desktop and the mail
server. A firewall seems the most likely problem now. That could be on
either the server or the windows machine.
Post by Tom Misilo
Post by Gavin McCullagh
- what is is inet_interfaces set to in /etc/postfix/main.cf
inet_interfaces = all
Post by Gavin McCullagh
- what is the output of "netstat --listening --tcp"
tcp 0 0 *:smtp *:* LISTEN
tcp 0 0 localhost:2207 *:* LISTEN
Postfix is listening on all interfaces but packets are getting dropped or
blocked between your windows machine and your mail server on tcp port 25.

On the server run:

sudo tcpdump -i ethX port 25

changing ethX to be the interface you expect packets to arrive on (eth0
most likely?). With the above running, redo the telnet on the windows
machine and you should see packets appearing on the tcpdump. If the
packets arrive to the server, there is some issue (most obviously a
firewall) on the server. If packets don't arrive, they're getting stopped
before they get to the server -- probably by a firewall on the client.

Gavin
Tom Misilo
2007-08-14 14:51:02 UTC
Permalink
I did some searching on my ISP's website and it seems they block all
requests and when I run nmap on my pc from one at school, it comes up
with

PORT STATE SERVICE
25/tcp filtered smtp
Post by Gavin McCullagh
Post by Tom Misilo
Post by Gavin McCullagh
3. You can connect by name to port 25 from your mail server, but you get
"relaying denied". This should be fixed by the "mynetworks" line above.
- you should check that.
Works now using mail.misilo in the alpine config, but mail still does
not ever get out.
But that's for network connectivity reasons. Postfix is now accepting mail
on all its interfaces though.
Post by Tom Misilo
Post by Gavin McCullagh
4. You can't telnet to port 25 from remote windows machine.
- can you ping the server from the windows machine, by name and ip?
pinging by name works and so does pinging by ip
So DNS is okay and there's basic routing between the desktop and the mail
server. A firewall seems the most likely problem now. That could be on
either the server or the windows machine.
Post by Tom Misilo
Post by Gavin McCullagh
- what is is inet_interfaces set to in /etc/postfix/main.cf
inet_interfaces = all
Post by Gavin McCullagh
- what is the output of "netstat --listening --tcp"
tcp 0 0 *:smtp *:* LISTEN
tcp 0 0 localhost:2207 *:* LISTEN
Postfix is listening on all interfaces but packets are getting dropped or
blocked between your windows machine and your mail server on tcp port 25.
sudo tcpdump -i ethX port 25
changing ethX to be the interface you expect packets to arrive on (eth0
most likely?). With the above running, redo the telnet on the windows
machine and you should see packets appearing on the tcpdump. If the
packets arrive to the server, there is some issue (most obviously a
firewall) on the server. If packets don't arrive, they're getting stopped
before they get to the server -- probably by a firewall on the client.
Okay I ran this and tried connecting to it via telnet from the windows
pc, but no packets appear. tried it about ten times hoping something
would come up :)

I also opened port 25 on the windows firewall and no luck, nor with
turning it completely off.

Also this is the output of iptables --list

root at linus:~# iptables --list
Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Tom
Jim Kronebusch
2007-08-14 14:53:00 UTC
Permalink
Post by Gavin McCullagh
Post by Tom Misilo
Post by Gavin McCullagh
4. You can't telnet to port 25 from remote windows machine.
- can you ping the server from the windows machine, by name and ip?
pinging by name works and so does pinging by ip
So DNS is okay and there's basic routing between the desktop and the mail
server. A firewall seems the most likely problem now. That could be on
either the server or the windows machine.
When you ping by name, is an internal IP or external IP resolved? If an external is
resolved then communication is going outside then trying to come back in. This could
allow your external firewall to block your internal requests on port 25.
--
This message has been scanned for viruses and
dangerous content by the Cotter Technology
Department, and is believed to be clean.
Jim Kronebusch
2007-08-14 14:48:22 UTC
Permalink
Post by Tom Misilo
Post by Gavin McCullagh
1. You can connect and send mail on localhost port 25.
- Postfix is at least running on localhost
I can connect to port 25 on localhost from localhost, but sending mail
does not work using alpine.
Post by Gavin McCullagh
3. You can connect by name to port 25 from your mail server, but you get
"relaying denied". This should be fixed by the "mynetworks" line above.
- you should check that.
Works now using mail.misilo in the alpine config, but mail still does
not ever get out.
The addition of your fqdn to your servers /etc/hosts file pointing to your servers IP
will probably help here. I think both problems under 1 and 3 are related to names
resolving to external IP addresses. Modify your hosts files manually, or build an
internal DNS server and point the internal machines to it.
Post by Tom Misilo
Post by Gavin McCullagh
2. Although your mail server can't reach external mail servers to deliver.
- can you telnet to port 25 on remote mail servers from your server?
Nope I cannot telnet the gmail mail host that was said earlier.
Probably not a "good" practice, but when I test servers I open all ports through the
firewall to that machine. Once all software has tested as working, I then close
unwanted ports. Then when things break I know it is a firewall setting, but this allows
me to test without the worry of firewall interference.

If cranking things wide open for testing isn't an option then be sure to open TCP and
UDP for 25 both ways on the firewall.

Also when configuring any mail clients not listed in mynetworks to enable smtp
authentication.
--
This message has been scanned for viruses and
dangerous content by the Cotter Technology
Department, and is believed to be clean.
Jim Kronebusch
2007-08-14 14:40:59 UTC
Permalink
I tried it also using the IP address, and nope my windows hosts file
doesn't map the name mail to the server IP. I am running a bind9
server which resolves the FQDN and such.
So were you successful in accessing via IP? If not then you have a firewall problem on
the server itself, try disabling the firewall completely.

If connecting by IP did work then you need something to help resolve internal addresses.
When this is needed I always build a second Bind box that only answers internally. The
one accessible to the outside world resolves names to outside IP's, the other resolves
the same name to internal IP's. Then I point the DNS for all my internal machines to
the internal DNS server. This to me is easier than managing hosts files on all internal
machines. The other option is to add the info to hosts files such as:

int.ern.al.add mail.yourdomain.com

This works good for testing as it is quickly done and easily changed.

You have a few problems here from what I see. First test everything locally on the
server (send mail, receive mail, telnet to port 25, etc), once that is working then test
everything from a workstation on your internal subnet. Once you can perform all tasks
internally, then test from your laptop externally. This sequence first let's you know
the server is set up right, then helps you troubleshoot connecting a local machine and
setting up so your internal network can communicate (troubleshooting mynetworks setting
and server firewall). Then you test externally troubleshooting your external firewall
and smtp auth/relay settings. I find that to be the best method. Don't forget to
re-check in that order as well when making changes as it is easy to break previously
tested settings when making firewall changes or changes to the main.cf. Also run
"postconf check" after every modification to the main.cf file, this will ensure there
isn't any real stupid typos in the main.cf.

Jim
--
This message has been scanned for viruses and
dangerous content by the Cotter Technology
Department, and is believed to be clean.
Denis Melnikov
2007-08-14 07:51:35 UTC
Permalink
Hi,

1. Check if postfix is running and listening port 25 at 127.0.0.1
at least:
netstat -anp | grep LISTEN

2. Check your firewall settings with FireStarter.

Denis
Post by Tom Misilo
Okay I have found out that I cannot telnet port 25 on the server from
inside/outside of the network. Any ideas?
Post by Tom Misilo
https://help.ubuntu.com/7.04/server/C/postfix.html
However when I try and send an email using alpine I am
gettng a relay
Post by Tom Misilo
access denied message when trying to send to my email address. Any
ideas? Also what ports would I need to forward through the router to
be able to send/receive mail from the outside world. As I would like
to be able to use it while out with my laptop.
Thanks in advance,
Tom
--
Tom Misilo
AIM:Tmisilo FL
Jabber:tmisilo at jabber.org
http://tmisilo.ath.cx
Continue reading on narkive:
Loading...