I've had a problem with my email for a few days and this is my primary work domain, so needless to say I'm freaking out.
For some time I've had a virtualmin/webmin/dovecot/postfix setup that functioned, but sending mail was always a problem - so I always used another account to send from my mail software. However usermin use to send just fine.
Recently all hell broke lose; I've been trying to fix it myself with various newsgroups / web pages / tutorials so I might be far off the rails by now. I really need this functioning as fast as possible or else it will affect my business.
The main domain is www.grimmwerks.com. I cannot telnet to port 25 - it's not closed but it's not responding.
When I use usermin I get: Failed to send mail : SMTP command failed : 421 4.3.2 All server ports are busy
My postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
allow_percent_hack = no
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
home_mailbox = Maildir/
mailbox_command = /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME
mailbox_size_limit = 0
mydestination = $myhostname,localhost.$mydomain, localhost, localdomain, ns1.mydomain.net
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
myorigin = $mydomain
readme_directory = no
recipient_delimiter = +
sender_bcc_maps = hash:/etc/postfix/bcc
sender_dependent_default_transport_maps = hash:/etc/postfix/dependent
smtp_sasl_auth_enable = yes
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_recipient_restrictions = reject_non_fqdn_recipient reject_unknown_recipient_domain permit_mynetworks permit_sasl_authenticated reject_unauth_destination reject_non_fqdn_hostname reject_invalid_hostname check_helo_access pcre:/etc/postfix/helo_checks check_sender_mx_access cidr:/etc/postfix/bogus_mx reject_rbl_client zen.spamhaus.org reject_rbl_client cbl.abuseat.org reject_rbl_client dnsbl-1.uceprotect.net permit
smtpd_sasl_auth_enable = yes
smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
virtual_alias_maps = hash:/etc/postfix/virtual
In my tests to send email to one of my domains from an outside email I just received this:
Technical details of temporary failure: Connection was dropped by remote host (SENT_HELO)
Howdy,
What output do you receive if you run this command:
netstat -anlp | grep :25That will show what, if anything, is currently listening on port 25.
-Eric
tcp 0 0 0.0.0.0:25000 0.0.0.0:* LISTEN 305/sshdtcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 1916/master
tcp 0 0 107.150.7.19:25 64.191.8.174:60287 TIME_WAIT -
tcp 0 0 107.150.7.19:25 64.191.8.174:43763 TIME_WAIT -
tcp 0 0 107.150.7.19:25 64.191.8.174:46798 TIME_WAIT -
tcp 0 0 107.150.7.19:25 64.191.8.174:37309 TIME_WAIT -
tcp 0 0 107.150.7.19:25 64.191.8.174:36171 TIME_WAIT -
tcp 0 0 107.150.7.19:25 64.191.8.174:47278 TIME_WAIT -
tcp 0 0 107.150.7.19:25 64.191.8.174:44107 TIME_WAIT -
tcp 0 0 107.150.7.19:25 64.191.8.174:39671 TIME_WAIT -
tcp 0 0 107.150.7.19:25 64.191.8.174:40276 TIME_WAIT -
tcp 0 0 107.150.7.19:25 64.191.8.174:58145 TIME_WAIT -
tcp 0 0 107.150.7.19:25 50.31.32.144:27723 TIME_WAIT -
tcp 0 0 107.150.7.19:25 64.191.8.174:48329 TIME_WAIT -
tcp 0 48 107.150.7.19:25000 24.61.64.179:61119 ESTABLISHED 2885/0
tcp6 0 0 :::25000 :::* LISTEN 305/sshd
tcp6 0 0 :::25 :::* LISTEN 1916/master
I think a lot of that bouncing to externals was me just trying to set up some spam checking that another tutorial mentioned; trying to find the specific article...
http://postfixmail.com/blog/index.php/using-webmin-to-set-up-postfix/
and this was set in 'restrictions on recipient addresses" but I only put this in perhaps an hour ago:
reject_non_fqdn_recipient reject_unknown_recipient_domain permit_mynetworks permit_sasl_authenticated reject_unauth_destination reject_non_fqdn_hostname reject_invalid_hostname check_helo_access pcre:/etc/postfix/helo_checks check_sender_mx_access cidr:/etc/postfix/bogus_mx reject_rbl_client zen.spamhaus.org reject_rbl_client cbl.abuseat.org reject_rbl_client dnsbl-1.uceprotect.net permit
Okay, it does appear that Postfix is listening on port 25.
I'm curious what output that this command shows:
iptables -L -nAlso, what errors, if any, do you see in /var/log/mail.log while trying to connect?
And are you able to connect to port 25 via telnet while logged into the server itself?
-Eric
Locutus was kind enough to take a look at my setup and thinks that I might have been compromised; because of that and him also pointing out that my nginx setup was really unneeded (mostly wordpress sites) I decided to reinstall; but now I'm having problems with apache running as virtual servers:
https://www.virtualmin.com/node/33187
I'm glad he was able to help! I've posted a followup question in your new thread.
-Eric