I followed this tutorial to install Postfix to prepare myself to be able to once again use Microsoft Outlook to check emails.

I think most of it is set up correctly. Through adding a new account in Outlook, I am able to successfully connect to the incoming mail server. However, I am unable to connect to the outgoing (SMTP) mail server. Both servers are listed as “mmaengineer.com”, with ports 993 for incoming and 25 for outgoing (both using SSL). I also have SSL setup through LetsEncrypt, which is where the certs point to in the main.cf file below (this file is a bit of a mess from trying to pull from different sources to make this work).

# See /usr/share/postfix/main.cf.dist for a commented, more complete version

# Debian specific:  Specifying a file name will cause the first
# line of that file to be used as the name.  The Debian default
# is /etc/mailname.
myorigin = mmaengineer.com

smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

readme_directory = no

# TLS parameters
#smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
#smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_tls_auth_only = yes

smtpd_tls_loglevel = 1

# Disable SSLv2/3 as they are vulnerable
smtpd_tls_protocols = !SSLv2, !SSLv3
smtp_tls_protocols = !SSLv2, !SSLv3
# Insist on stronger ciphers
smtpd_tls_ciphers = high
smtp_tls_ciphers = high
broken_sasl_auth_clients = yes
smtp_tls_cert_file = /etc/letsencrypt/live/mmaengineer.com/cert.pem
smtp_tls_key_file = /etc/letsencrypt/live/mmaengineer.com/privkey.pem

smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination

# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.

smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
myhostname = Mmaengineer
alias_maps = hash:/etc/aliases proxy:pgsql:/etc/postfix/pgsql-aliases.cf
local_recipient_maps = proxy:pgsql:/etc/postfix/pgsql-boxes.cf $alias_maps
alias_database = hash:/etc/aliases
mydestination = Mmaengineer, localhost.localdomain, , localhost
relayhost =
mynetworks = [::ffff:]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all

mailbox_transport = lmtp:unix:private/dovecot-lmtp
virtual_transport = lmtp:unix:private/dovecot-lmtp
virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf
virtual_alias_maps = mysql:/etc/postfix/mysql-virtual-alias-maps.cf

  • Nothing in the configuration you’ve shown stands out as incorrect. Let’s look at your logs. First, from the command line run the following command (change if needed to match your log locations)

    tail -f /var/log/mail.err /var/log/mail.log /var/log/dovecot.log /var/log/spamassassin/spamd.log

    Press the return key a few time on separate new log entrees that will print. Try sending mail to check-auth@verifier.port25.com without a subject nor body. Cut and paste log outputs here, redacted if need be.

  • @tylerdd91d55f77 - Forgot to ask. Do you have port 587 open, and is there a process listening there:

    lsof -i tcp:587
  • The only output to mail.log when I attempt to verify the account on Microsoft Outlook is as follows:

    Jul 19 21:33:26 Mmaengineer dovecot: imap-login: Login: user=<tyler@mmaengineer.com>, method=PLAIN, rip=, lip=, mpid=3693, TLS, session=<zyIhMAc46gAYItlR>
    Jul 19 21:33:27 Mmaengineer dovecot: imap(tyler@mmaengineer.com): Disconnected: Disconnected in IDLE in=11 out=366

    The logon method via IMAP works, but sending a test e-mail fails without sending any data to the log. Microsoft Outlook gives the general error:

    Send test e-mail message: Your server does not support the connection encryption type you have specified. Try changing the encryption method. Contact your mail server administrator or Internet service provider (ISP) for additional assistance.

    I have the firewall enabled and port 587, 25, 993, and 465 allowed.

    root@Mmaengineer:/var/log# lsof -i tcp:587
    master  2969 root   17u  IPv4  21716      0t0  TCP *:submission (LISTEN)
    master  2969 root   18u  IPv6  21717      0t0  TCP *:submission (LISTEN)
  • @gndo
    It won’t let me post the full contents here.

  • Show 6 more comments

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

1 answer

@tylerdd91d55f77 - Now that your config settings work, you need to set up your SPF, DKIM, and DMARC records for gmail to not mark your mail as spam. Look in the bottom of this page with the “Related Questions” section to get details of how to create those DNS records, or use the search bar on the upper part of this page. Good luck.

  • Thank you for all the help.

    Microsoft Outlook still didn’t send the test email correctly when I tried it out this morning before work. Since the account has a random password which I do not have with me, I’ll have to test this later.

  • @gndo
    So, I’m able to access my account through Outlook on my phone, and it appears to be receiving and sending mail just fine (though I will need to setup SpamAssassin and the mail records). For some reason, Outlook on my desktop is unable to connect. The account setup is a little different, but it’s still having problems connecting to send an email via SMTP. But thank you for all your help.

Submit an Answer