Question

Why postfix on Ubuntu 20.04 does not send email to external email accounts?

Posted February 1, 2021 842 views
EmailUbuntu 20.04

I followed the article (“How To Install and Configure Postfix as a Send-Only SMTP Server” from Digital Ocean knowledge base) line by line several times and the most I got was to send email within internal users. I can’t get postfix sending email to external email accounts, hence my Magento installation won’t send out email do my customer. Any clue what could it be?

Thank you,

Cheizer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
Submit an Answer
1 answer

Hi @helenapreclikova,

Most probably your sending port, either 25, 465 or 587 is not allowed to do outgoing connections. If you are using UFW please do the following:

sudo ufw allow 25/tcp
sudo ufw allow 465/tcp
sudo ufw allow 587/tcp
sudo ufw reload

If you are using plain IPtables use:

iptables -A INPUT -p tcp --dport 25 -j ACCEPT
iptables -A INPUT -p tcp --dport 465 -j ACCEPT
iptables -A INPUT -p tcp --dport 587 -j ACCEPT

Now to allow access to incoming connections:

Allow All Incoming SMTP
To allow your server to respond to SMTP connections, port 25, run these commands:

sudo iptables -A INPUT -p tcp --dport 25 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
sudo iptables -A OUTPUT -p tcp --sport 25 -m conntrack --ctstate ESTABLISHED -j ACCEPT

The second command, which allows the outgoing traffic of established SMTP connections, is only necessary if the OUTPUT policy is not set to ACCEPT.

Regards,
KDSys

  • Hi KFSys,

    thank you for taking your time and suggesting a solution, but unfortunately it did not work. I will give you a context so that you may suggest something additional if that is the case.

    I am running a droplet (Ubuntu 16.04, Apache 2.2, Php 7.2 and mySQL 5.7 - ufw is enabled) exclusively to run a Magento engine on it. I have my domain register pointing to the droplet and MX records pointing to an external server so that I would manage my email server somewhere else, however I still need the “send-only” functionality on the droplet in order for the Magento to send transactional emails. That is the reason I set up Postfix as SMTP send-only on the droplet and I have done all the suggested setup to try and make it work but I still cannot get emails out. I will leave below how my PostFix config file looks like and what is the mail.log and maybe you can suggest me any other setup that would make it work.

    Many thanks in advance,

    Take care.

    ..:: Postfix "main.cf" ::..
    
    # See /usr/share/postfix/main.cf.dist for a commented, more complete version
    
    
    # Debian specific:  Specifying a file name will cause the first
    # line of that file to be used as the name.  The Debian default
    # is /etc/mailname.
    #myorigin = /etc/mailname
    
    smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
    biff = no
    
    # appending .domain is the MUA's job.
    append_dot_mydomain = no
    
    # Uncomment the next line to generate "delayed mail" warnings
    #delay_warning_time = 4h
    
    readme_directory = no
    
    # TLS parameters
    smtpd_tls_cert_file=/etc/letsencrypt/live/cafecapybara.cz/fullchain.pem
    smtpd_tls_key_file=/etc/letsencrypt/live/cafecapybara.cz/privkey.pem
    smtpd_use_tls=yes
    smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
    smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
    
    # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
    # information on enabling SSL in the smtp client.
    
    smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
    myhostname = cafecapybara.cz
    mydomain = cafecapybara.cz
    alias_maps = hash:/etc/aliases
    alias_database = hash:/etc/aliases
    myorigin = $mydomain
    mydestination = 
    relay_domains = $mydomain
    mynetworks = 127.0.0.0/8
    mailbox_size_limit = 0
    recipient_delimiter = +
    inet_interfaces = loopback-only
    
    
    ..:: Mail.log ::..
    
    Feb  3 13:08:51 cafecapybara postfix/smtp[10894]: connect to gmail-smtp-in.l.google.com[2a00:1450:400c:c0c::1a]:25: Network is unreachable
    Feb  3 13:09:21 cafecapybara postfix/smtp[10894]: connect to gmail-smtp-in.l.google.com[108.177.15.26]:25: Connection timed out
    Feb  3 13:09:21 cafecapybara postfix/smtp[10895]: connect to gmail-smtp-in.l.google.com[108.177.15.26]:25: Connection timed out
    Feb  3 13:09:21 cafecapybara postfix/smtp[10895]: connect to gmail-smtp-in.l.google.com[2a00:1450:400c:c0c::1a]:25: Network is unreachable
    Feb  3 13:09:51 cafecapybara postfix/smtp[10894]: connect to alt1.gmail-smtp-in.l.google.com[142.250.4.26]:25: Connection timed out
    Feb  3 13:09:51 cafecapybara postfix/smtp[10894]: connect to alt1.gmail-smtp-in.l.google.com[2404:6800:4003:c06::1b]:25: Network is unreachable
    Feb  3 13:09:51 cafecapybara postfix/smtp[10895]: connect to alt1.gmail-smtp-in.l.google.com[142.250.4.26]:25: Connection timed out
    Feb  3 13:09:51 cafecapybara postfix/smtp[10895]: connect to alt1.gmail-smtp-in.l.google.com[2404:6800:4003:c06::1b]:25: Network is unreachable
    Feb  3 13:09:51 cafecapybara postfix/smtp[10895]: connect to alt2.gmail-smtp-in.l.google.com[2404:6800:4008:c00::1a]:25: Network is unreachable
    Feb  3 13:09:51 cafecapybara postfix/smtp[10895]: E5A4B4666E9: to=<cheizer@gmail.com>, relay=none, delay=43879, delays=43819/0.01/60/0, dsn=4.4.1, status=defer$...
    
    edited by MattIPv4