Email client does not read incoming mail outgoing fine.

December 17, 2014 2.4k views
nelson
By:
nelson

Hello,
I set up Debian with ISPConfig 3. However i am running into a problem reading incoming mail in Squirrel or Outlook. Sending mail works fine. I can see the mail sitting in /var/mail/{mailid} where {mailid} is the file. I sent a message from my gmail account and confirmed it is there so it appears my DNS/MX is fine.

Sending from either Squirrel and Outlook works fine. It appears the issue is between the mail server and client.

Does anyone suggest what I should look at?
Thanks!

3 comments
  • rustx December 17, 2014

    Hi Nelson,

    Could we know what is the domain on the which one you want to access IMAP service ?

    The good tests to do from your laptop are :

    nmap -PN mail.yourdomain.com (or whatever domain you have in MX)

    This will show you all opened ports at that IP. To have IMAP and IMAPs working fine, you should have port 143 and/or 993 port opened to be sure outlook can connect your IMAP service.

    The next step would be to configure outlook properly, to use the good authentication method while sending mailbox credentials.

    I am not an ISPConfig expert, but I think those tests could help you to understand what happens.

    Hope this help !

    --
    rustx

  • nelson December 17, 2014

    Hi rustx,
    The domain is caltaer.com
    I am not familiar with the nmap command. Is it Win or Linux? Tried on both, not found.
    I was connecting using POP. I switched to IMAP trying both 143 and 993 and Outlook will not connect.
    Thanks for the suggestions.

  • JonsJava December 17, 2014

    Looking at your domain, the MX for caltaer.com goes to mail.caltaer.com, which points to 104.236.106.57

    I take it 104.236.106.57 is the IP of the server in question. When I telnet to it, it appears to be working:

     telnet 104.236.106.57 25
Trying 104.236.106.57...
Connected to 104.236.106.57.
Escape character is '^]'.
220 caltaer.com ESMTP Postfix (Debian/GNU)

    IMAP on 143 respons with STARTTLS (secure), so that's good:

    telnet 104.236.106.57 143
Trying 104.236.106.57...
Connected to 104.236.106.57.
Escape character is '^]'.
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS AUTH=PLAIN AUTH=LOGIN] Dovecot ready.

    Next, checking port 993:

    jharris@jonsjava:~$ telnet 104.236.106.57 993
Trying 104.236.106.57...
Connected to 104.236.106.57.
Escape character is '^]'.

    All looks right there too.

    This only leaves the /etc/postfix/main.cf , /etc/postfix/master.cf , & /etc/dovecot/dovecot.conf files as likely culprits.

    Can we see a copy of those files?

Log In to Comment
1 Answer
nelson December 17, 2014

Thanks for peeking at this. The three config files follow:

/etc/dovecot/dovecot.conf

listen = *,[::]
protocols = imap pop3
authmechanisms = plain login
disableplaintextauth = no
logtimestamp = "%Y-%m-%d %H:%M:%S "
mailprivilegedgroup = vmail
sslcert = </etc/postfix/smtpd.cert
sslkey = </etc/postfix/smtpd.key
sslprotocols = !SSLv2 !SSLv3
passdb {
args = /etc/dovecot/dovecot-sql.conf
driver = sql
}
userdb {
args = /etc/dovecot/dovecot-sql.conf
driver = sql
}
plugin {
quota = dict:user::file:/var/vmail/%d/%n/.quotausage
sieve=/var/vmail/%d/%n/.sieve
}
service auth {
unixlistener /var/spool/postfix/private/auth {
group = postfix
mode = 0660
user = postfix
}
unixlistener auth-userdb {
group = vmail
mode = 0600
user = vmail
}
user = root
}
service imap-login {
clientlimit = 1000
processlimit = 500
}
protocol imap {
mailplugins = quota imapquota
}
protocol pop3 {
pop3uidlformat = %08Xu%08Xv
mailplugins = quota
}
protocol lda {
mail_plugins = sieve quota
}

*/etc/postfix/master.cf *

Postfix master process configuration file. For details on the format of the file, see the master(5) manual page (command: "man 5 master"). Do not forget to execute "postfix reload" after editing this file. service type private unpriv chroot wakeup maxproc command + args (yes) (yes) (yes) (never) (100) smtp inet n - - - 1 postscreen smtpd pass - - - - - smtpd dnsblog unix - - - - 0 dnsblog tlsproxy unix - - - - 0 tlsproxy

submission inet n - - - - smtpd
-o syslogname=postfix/submission
-o smtpdtlssecuritylevel=encrypt
-o smtpdsaslauthenable=yes
-o smtpdclientrestrictions=permitsasl_authenticated,reject

-o miltermacrodaemon_name=ORIGINATING

smtps inet n - - - - smtpd
-o syslogname=postfix/smtps
-o smtpdtlswrappermode=yes
-o smtpdsaslauthenable=yes
-o smtpdclientrestrictions=permitsaslauthenticated,reject

-o miltermacrodaemon_name=ORIGINATING 628 inet n - - - - qmqpd

pickup fifo n - - 60 1 pickup
cleanup unix n - - - 0 cleanup
qmgr fifo n - n 300 1 qmgr

qmgr fifo n - n 300 1 oqmgr

tlsmgr unix - - - 1000? 1 tlsmgr
rewrite unix - - - - - trivial-rewrite
bounce unix - - - - 0 bounce
defer unix - - - - 0 bounce
trace unix - - - - 0 bounce
verify unix - - - - 1 verify
flush unix n - - 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - - - - smtp
relay unix - - - - - smtp

-o smtphelotimeout=5 -o smtpconnecttimeout=5

showq unix n - - - - showq
error unix - - - - - error
retry unix - - - - - error
discard unix - - - - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - - - - lmtp
anvil unix - - - - 1 anvil
scache unix - - - - 1 scache

Interfaces to non-Postfix software. Be sure to examine the manual pages of the non-Postfix software to find out what options it wants. Many of the following services use the Postfix pipe(8) delivery agent. See the pipe(8) man page for information about ${recipient} and other message envelope options. maildrop. See the Postfix MAILDROP_README file for details. Also specify in main.cf: maildropdestinationrecipient_limit=1

maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/bin/maildrop -d vmail ${extension} ${recipient} ${user} ${nexthop} ${sender}

Recent Cyrus versions can use the existing "lmtp" master.cf entry. Specify in cyrus.conf: lmtp cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4 Specify in main.cf one or more of the following: mailbox_transport = lmtp:inet:localhost virtual_transport = lmtp:inet:localhost Cyrus 2.1.5 (Amos Gouaux) Also specify in main.cf: cyrusdestinationrecipient_limit=1 cyrus unix - n n - - pipe user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user} Old example of delivery via Cyrus. old-cyrus unix - n n - - pipe flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user} See the Postfix UUCP_README file for configuration details.

uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)

Other external delivery methods.

ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix - n n - 2 pipe
flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman unix - n n - - pipe
flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
${nexthop} ${user}

dovecot unix - n n - - pipe
flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop}
amavis unix - - - - 2 smtp
-o smtpdatadonetimeout=1200
-o smtpsendxforwardcommand=yes

127.0.0.1:10025 inet n - - - - smtpd
-o contentfilter=
-o localrecipientmaps=
-o relayrecipientmaps=
-o smtpdrestrictionclasses=
-o smtpdclientrestrictions=
-o smtpdhelorestrictions=
-o smtpdsenderrestrictions=
-o smtpdrecipientrestrictions=permitmynetworks,reject
-o mynetworks=127.0.0.0/8
-o strictrfc821envelopes=yes
-o receiveoverrideoptions=nounknownrecipientchecks,noheaderbodychecks

** /etc/postfix/main.cf **

See /usr/share/postfix/main.cf.dist for a commented, more complete version Debian specific: Specifying a file name will cause the first line of that file to be used as the name. The Debian default is /etc/mailname. myorigin = /etc/mailname

smtpdbanner = $myhostname ESMTP $mailname (Debian/GNU)
biff = no

appending .domain is the MUA's job.

appenddotmydomain = no

Uncomment the next line to generate "delayed mail" warnings delaywarningtime = 4h

readme_directory = /usr/share/doc/postfix

TLS parameters

smtpdtlscertfile = /etc/postfix/smtpd.cert
smtpdtlskeyfile = /etc/postfix/smtpd.key
smtpdusetls = yes
smtpdtlssessioncachedatabase = btree:${datadirectory}/smtpdscache
smtptlssessioncachedatabase = btree:${datadirectory}/smtpscache

See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for information on enabling SSL in the smtp client.

myhostname = caltaer.com
aliasmaps = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
aliasdatabase = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
myorigin = /etc/mailname
mydestination = caltaer.com, localhost, localhost.localdomain
relayhost =
mynetworks = 127.0.0.0/8 [::1]/128
mailboxsizelimit = 0
recipientdelimiter = +
inetinterfaces = all
htmldirectory = /usr/share/doc/postfix/html
virtualaliasdomains =
virtualaliasmaps = hash:/var/lib/mailman/data/virtual-mailman, proxy:mysql:/etc/postfix/mysql-virtualforwardings.cf, proxy:mysql:/etc/postfix/mysql-virtualemail2email.cf
virtualmailboxdomains = proxy:mysql:/etc/postfix/mysql-virtualdomains.cf
virtualmailboxmaps = proxy:mysql:/etc/postfix/mysql-virtualmailboxes.cf
virtualmailboxbase = /var/vmail
virtualuidmaps = static:5000
virtualgidmaps = static:5000
inetprotocols = all
smtpdsaslauthenable = yes
brokensaslauthclients = yes
smtpdsaslauthenticatedheader = yes
smtpdrecipientrestrictions = permitmynetworks, permitsaslauthenticated, rejectunauthdestination, checkrecipientaccess mysql:/etc/postfix/mysql-virtualrecipient.cf
smtpdtlssecuritylevel = may
transportmaps = hash:/var/lib/mailman/data/transport-mailman, proxy:mysql:/etc/postfix/mysql-virtualtransports.cf
relaydomains = mysql:/etc/postfix/mysql-virtualrelaydomains.cf
relayrecipientmaps = mysql:/etc/postfix/mysql-virtualrelayrecipientmaps.cf
proxyreadmaps = $localrecipientmaps $mydestination $virtualaliasmaps $virtualaliasdomains $virtualmailboxmaps $virtualmailboxdomains $relayrecipientmaps $relaydomains $canonicalmaps $sendercanonicalmaps $recipientcanonicalmaps $relocatedmaps $transportmaps $mynetworks
smtpdsenderrestrictions = checksenderaccess mysql:/etc/postfix/mysql-virtualsender.cf
smtpdclientrestrictions = checkclientaccess mysql:/etc/postfix/mysql-virtualclient.cf
smtpdclientmessageratelimit = 100
maildropdestinationconcurrencylimit = 1
maildropdestinationrecipientlimit = 1
virtualtransport = dovecot
headerchecks = regexp:/etc/postfix/headerchecks
mimeheaderchecks = regexp:/etc/postfix/mimeheaderchecks
nestedheaderchecks = regexp:/etc/postfix/nestedheaderchecks
bodychecks = regexp:/etc/postfix/bodychecks
ownerrequestspecial = no
smtptlssecuritylevel = may
smtpdtlsmandatoryprotocols = !SSLv2, !SSLv3
smtpdtlsprotocols = !SSLv2,!SSLv3
smtptlsprotocols = !SSLv2,!SSLv3
dovecotdestinationrecipientlimit = 1
smtpdsasltype = dovecot
smtpdsaslpath = private/auth
contentfilter = amavis:[127.0.0.1]:10024
receiveoverrideoptions = noaddressmappings

Reply
Have another answer? Share your knowledge.