Related

GUI for MongoDB needed to mange Meteor app Question Question
Why are snapshots so slow Question Question

Question

I can send, but I not reciving any outside emails in my domain

Posted August 27, 2015 4.8k views
UbuntuConfiguration ManagementMessaging

HI,

I instaled in my droplet the ISPConfig 3, following these steps https://www.howtoforge.com/tutorial/perfect-server-ubuntu-15.04-with-apache-php-myqsl-pureftpd-bind-postfix-doveot-and-ispconfig/

I instaled too OPENDKim signature and RoundCube webmail

Well,… I have a domain with google MX records, and works well. So I have some domains with local MX, I can send emails normaly, but I still can’t recive outside droplet emails.

I read a lot of material but nothing working… :(

Can anybody help me?

thanks

FM

Add a comment
fredmosc
By:
fredmosc

Related

GUI for MongoDB needed to mange Meteor app Question Question
Why are snapshots so slow Question Question

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
2 answers
eldin August 27, 2015

Hello and welcome to Digitalocean

Could you post your /var/log/mail.log and your Postfix and Dovecot configuration

PS: I would recommend you to read this tutorial Mailserver with Postfix Dovecot and Mysql

Reply Report
  • fredmosc August 27, 2015

    Hi Eldin,

    thanks for response…

    my mail.log i shared at dropbox (https://www.dropbox.com/s/0ur8h9uhz18bn1y/mail.log?dl=0)

    my Postfix main.cf file: 

    # See /usr/share/postfix/main.cf.dist for a commented, more complete version


# Debian specific:  Specifying a file name will cause the first
# line of that file to be used as the name.  The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

readme_directory = /usr/share/doc/postfix

# TLS parameters
smtpd_tls_cert_file = /etc/postfix/smtpd.cert
smtpd_tls_key_file = /etc/postfix/smtpd.key
smtpd_use_tls = yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.

smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
myhostname = odin.fmagenciadigital.com.br
alias_maps = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
alias_database = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
myorigin = /etc/mailname
mydestination = odin.fmagenciadigital.com.br, localhost, localhost.localdomain, mail.phoenixbrazil.com, phoenixbrazil.com
relayhost = 
mynetworks = 127.0.0.0/8 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all
html_directory = /usr/share/doc/postfix/html
virtual_alias_domains = 
virtual_alias_maps = hash:/var/lib/mailman/data/virtual-mailman, proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, proxy:mysql:/etc/postfix/mysql-virtual_email2email.cf
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
virtual_mailbox_base = /var/vmail
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_sasl_authenticated_header = yes
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, check_recipient_access mysql:/etc/postfix/mysql-virtual_recipient.cf
smtpd_tls_security_level = may
transport_maps = hash:/var/lib/mailman/data/transport-mailman, proxy:mysql:/etc/postfix/mysql-virtual_transports.cf
relay_domains = mysql:/etc/postfix/mysql-virtual_relaydomains.cf
relay_recipient_maps = mysql:/etc/postfix/mysql-virtual_relayrecipientmaps.cf
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks
smtpd_sender_restrictions = check_sender_access mysql:/etc/postfix/mysql-virtual_sender.cf
smtpd_client_restrictions = check_client_access mysql:/etc/postfix/mysql-virtual_client.cf
smtpd_client_message_rate_limit = 100
maildrop_destination_concurrency_limit = 1
maildrop_destination_recipient_limit = 1
virtual_transport = dovecot
header_checks = regexp:/etc/postfix/header_checks
mime_header_checks = regexp:/etc/postfix/mime_header_checks
nested_header_checks = regexp:/etc/postfix/nested_header_checks
body_checks = regexp:/etc/postfix/body_checks
owner_request_special = no
smtp_tls_security_level = may
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
smtpd_tls_protocols = !SSLv2,!SSLv3
smtp_tls_protocols = !SSLv2,!SSLv3
dovecot_destination_recipient_limit = 1
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
#content_filter = amavis:[127.0.0.1]:10024
#receive_override_options = no_address_mappings

milter_protocol = 2
milter_default_action = accept

smtpd_milters = inet:localhost:12301
non_smtpd_milters = inet:localhost:12301

    my Dovecot conf file:

    listen = *,[::]
protocols = imap pop3
auth_mechanisms = plain login
disable_plaintext_auth = no
log_timestamp = "%Y-%m-%d %H:%M:%S "
mail_privileged_group = vmail
postmaster_address = postmaster@odin.fmagenciadigital.com.br
ssl_cert = </etc/postfix/smtpd.cert
ssl_key = </etc/postfix/smtpd.key
ssl_protocols = !SSLv2 !SSLv3
passdb {
  args = /etc/dovecot/dovecot-sql.conf
  driver = sql
}
userdb {
  args = /etc/dovecot/dovecot-sql.conf
  driver = sql
}
plugin {
  quota = dict:user::file:/var/vmail/%d/%n/.quotausage
  sieve=/var/vmail/%d/%n/.sieve
}
service auth {
  unix_listener /var/spool/postfix/private/auth {
    group = postfix
    mode = 0660
    user = postfix
  }
  unix_listener auth-userdb {
    group = vmail
    mode = 0600
    user = vmail
  }
  user = root
}
service imap-login {
  client_limit = 1000
  process_limit = 500
}
protocol imap {
  mail_plugins = quota imap_quota
}
protocol pop3 {
  pop3_uidl_format = %08Xu%08Xv
  mail_plugins = quota
}
protocol lda {
  mail_plugins = sieve quota
}

    I saw the tutorial, I think the ISPConfig 3 authomatized all.

    Thanks

    FM

    Reply Report
fredmosc August 27, 2015
[deleted]
Reply Report
eldin August 28, 2015

@fredmosc I found your Problem :-) look :

smtpd[21418]: connect from host1.hdvida.com.br[192.161.241.202]
Aug 27 13:17:17 odin postfix/smtps/smtpd[21193]: SSL_accept error from hm2256-2.locaweb.com.br[187.45.217.68]: Connection timed out

The first “problem” (for me) is you have not a logical Postfix Configuration (no order).

The second real problem is you have a weak TSL configuration

Here for e.g. my configuration:

##### TLS settings ######

tls_preempt_cipherlist = yes
tls_ssl_options = NO_COMPRESSION
tls_high_cipherlist=EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH
smtpd_tls_dh1024_param_file = /etc/nginx/ssl/dhmail.pem

### outgoing connections ###
smtp_tls_security_level=may
smtp_tls_cert_file=/etc/nginx/ssl/mail.crt
smtp_tls_key_file=/etc/nginx/ssl/ssl.key
smtp_tls_ciphers=high
smtp_tls_protocols=!SSLv2,!SSLv3

### incoming connections ###
smtpd_tls_security_level=may
smtpd_tls_cert_file=/etc/nginx/ssl/mail.crt
smtpd_tls_key_file=/etc/nginx/ssl/ssl.key
smtpd_tls_ciphers=high
smtpd_tls_protocols=!SSLv2,!SSLv3

Please order and clean your configuration

Click here to see how to generate a Diffie-Hellman group

nano /etc/postfix/master.cf and uncomment (remove the hashtag) #smtps inet n - - - - smtpd

Restart Postfix sudo service restart postfix

Reply Report
Submit an Answer

Related

Looking for something else?

Ask a new question Search for more help