| View previous topic :: View next topic | 
	
	
		| Author | Message | 
	
		| gerasimos_h Site Admin
 
 
 Joined: 09 Aug 2007
 Posts: 1757
 Location: Greece
 
 | 
			
				|  Posted: Fri Feb 15, 2013 8:07 am    Post subject: |   |  
				| 
 |  
				| You shouldn't have problem with that setup, even from a blacklisted IP, since all dynamic IPs are blacklisted. Is you email a gmail yahoo account?
 If it's one of your domain account or another mailserver check the other mailserver for static IP, or can you provide details about the other server's setup?
 
 With that setup postfix login as your user (my@email.com) and send email to itself actually or anywhere else you want, so there is no way your postfix IP get blacklisted, as it acts as a client rather than an MTA.
 
 
 gerasimos_h
 _________________
 Superb! Mini Server Project Manager
 http://sms.it-ccs.com
 |  | 
	
		| Back to top |  | 
	
		| gregpilot Member
 
 
 Joined: 20 Sep 2012
 Posts: 28
 
 
 | 
			
				|  Posted: Fri Feb 15, 2013 5:08 pm    Post subject: |   |  
				| 
 |  
				| I've tried it with both my gmail and work account. The work email server is the one that keeps showing it as blacklisted. I can't seem to get the gmail account to authenticate. I'll go through the setup again and see if I missed something? |  | 
	
		| Back to top |  | 
	
		| gerasimos_h Site Admin
 
 
 Joined: 09 Aug 2007
 Posts: 1757
 Location: Greece
 
 | 
			
				|  Posted: Fri Feb 15, 2013 5:58 pm    Post subject: |   |  
				| 
 |  
				| What /var/log/maillog says? 
 Did you, by any chance, setup an already existing domain as hostname.domain?
 That might mess things up if for instance you setup your server as gmail.com or wikipedia.org e.t.c
 
 gerasimos_h
 _________________
 Superb! Mini Server Project Manager
 http://sms.it-ccs.com
 |  | 
	
		| Back to top |  | 
	
		| gregpilot Member
 
 
 Joined: 20 Sep 2012
 Posts: 28
 
 
 | 
			
				|  Posted: Fri Feb 15, 2013 7:12 pm    Post subject: |   |  
				| 
 |  
				| Here's the maillog. It still isn't authenticating the server... 
 Feb 15 10:09:38 pluto postfix/pickup[31534]: 7ECCAB0163E: uid=0 from=<administrator@pluto>
 Feb 15 10:09:38 pluto postfix/cleanup[32130]: 7ECCAB0163E: hold: header Received: by pluto.localdomain (Postfix, from userid 0)??id 7ECCAB0163E; Fri, 15 Feb 2013 10:09:38 -0700 (MST) from local; from=<administrator@pluto.localdomain> to=<pluto.jsabq@gmail.com>
 Feb 15 10:09:38 pluto postfix/cleanup[32130]: 7ECCAB0163E: message-id=<1360948178.32126@pluto>
 Feb 15 10:09:38 pluto MailScanner[1260]: New Batch: Scanning 1 messages, 16303 bytes
 Feb 15 10:09:39 pluto MailScanner[1260]: Virus and Content Scanning: Starting
 Feb 15 10:09:39 pluto MailScanner[1260]: Expired 1 records from the SpamAssassin cache
 Feb 15 10:09:42 pluto MailScanner[1260]: Requeue: 7ECCAB0163E.AC15D to CF313B01634
 Feb 15 10:09:42 pluto MailScanner[1260]: Uninfected: Delivered 1 messages
 Feb 15 10:09:42 pluto postfix/qmgr[31535]: CF313B01634: from=<administrator@pluto.localdomain>, size=16069, nrcpt=1 (queue active)
 Feb 15 10:09:42 pluto MailScanner[1260]: Deleted 1 messages from processing-database
 Feb 15 10:09:42 pluto MailScanner[1260]: MailScanner child dying of old age
 Feb 15 10:09:42 pluto MailScanner[32240]: MailScanner E-Mail Virus Scanner version 4.84.5 starting...
 Feb 15 10:09:42 pluto MailScanner[32240]: Reading configuration file /opt/MailScanner/etc/MailScanner.conf
 Feb 15 10:09:42 pluto MailScanner[32240]: Reading configuration file /opt/MailScanner/etc/conf.d/README
 Feb 15 10:09:42 pluto MailScanner[32240]: Read 869 hostnames from the phishing whitelist
 Feb 15 10:09:42 pluto MailScanner[32240]: Read 4857 hostnames from the phishing blacklists
 Feb 15 10:09:42 pluto MailScanner[32240]: Using SpamAssassin results cache
 Feb 15 10:09:42 pluto MailScanner[32240]: Connected to SpamAssassin cache database
 Feb 15 10:09:42 pluto MailScanner[32240]: Enabling SpamAssassin auto-whitelist functionality...
 Feb 15 10:09:42 pluto postfix/smtp[32238]: CF313B01634: to=<pluto.jsabq@gmail.com>, relay=smtp.gmail.com[173.194.64.109]:25, delay=4.4, delays=3.9/0.01/0.52/0.03, dsn=5.5.1, status=bounced (host smtp.gmail.com[173.194.64.109] said: 530-5.5.1 Authentication Required. Learn more at 530 5.5.1 http://support.google.com/mail/bin/answer.py?answer=14257 jd1sm65334263obb.8 - gsmtp (in reply to MAIL FROM command))
 Feb 15 10:09:42 pluto postfix/cleanup[32130]: E4E87B0164D: message-id=<20130215170942.E4E87B0164D@pluto.localdomain>
 Feb 15 10:09:43 pluto postfix/bounce[32241]: CF313B01634: sender non-delivery notification: E4E87B0164D
 Feb 15 10:09:43 pluto postfix/qmgr[31535]: E4E87B0164D: from=<>, size=18564, nrcpt=1 (queue active)
 Feb 15 10:09:43 pluto postfix/qmgr[31535]: CF313B01634: removed
 Feb 15 10:09:43 pluto postfix/local[32246]: warning: dict_nis_init: NIS domain name not set - NIS lookups disabled
 Feb 15 10:09:43 pluto postfix/local[32246]: E4E87B0164D: to=<administrator@pluto.localdomain>, relay=local, delay=0.2, delays=0.1/0/0/0.1, dsn=2.0.0, status=sent (delivered to maildir)
 Feb 15 10:09:43 pluto postfix/qmgr[31535]: E4E87B0164D: removed
 Feb 15 10:09:48 pluto MailScanner[32240]: Connected to Processing Attempts Database
 Feb 15 10:09:48 pluto MailScanner[32240]: Found 1 messages in the Processing Attempts Database
 Feb 15 10:09:48 pluto MailScanner[32240]: Using locktype = flock
 |  | 
	
		| Back to top |  | 
	
		| gerasimos_h Site Admin
 
 
 Joined: 09 Aug 2007
 Posts: 1757
 Location: Greece
 
 | 
			
				|  Posted: Fri Feb 15, 2013 7:42 pm    Post subject: |   |  
				| 
 |  
				| The problem is that it can't authenticate, are your mail settings correct? Try first
  	  | Code: |  	  | postconf -e "smtp_sasl_security_options = noanonymous" postfix reload
 
 | 
 Also you can try to switch to port 587 and disable dns lookup with
 [smtp.gmail.com]:587  in transport.
 
 Did you remove relayhost from main.cf?
 Did you made any other changes? Can you post your current main.cf (postconf -n)?.
 
 gerasimos_h
 _________________
 Superb! Mini Server Project Manager
 http://sms.it-ccs.com
 |  | 
	
		| Back to top |  | 
	
		| gregpilot Member
 
 
 Joined: 20 Sep 2012
 Posts: 28
 
 
 | 
			
				|  Posted: Fri Feb 15, 2013 8:17 pm    Post subject: |   |  
				| 
 |  
				| No, relayhost is still there... 
 
 
 command_directory = /usr/sbin/
 daemon_directory = /usr/libexec/postfix
 local_recipient_maps = $alias_maps unix:passwd.byname $virtual_mailbox_maps
 unknown_local_recipient_reject_code = 550
 home_mailbox = Maildir/
 debug_peer_level = 2
 debugger_command =
 PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
 xxgdb $daemon_directory/$process_name $process_id & sleep 5
 sendmail_path = /usr/sbin/sendmail
 newaliases_path = /usr/sbin/newaliases
 mailq_path = /usr/sbin/mailq
 setgid_group = postdrop
 manpage_directory = /usr/man
 sample_directory = /etc/postfix/sample
 smtp_use_tls = yes
 sendmail_path = /usr/sbin/sendmail
 virtual_alias_maps = hash:/etc/postfix/virtual
 mail_spool_directory = /var/spool/mail
 smtpd_sasl_local_domain =
 broken_sasl_auth_clients = yes
 smtpd_use_tls = yes
 smtpd_recipient_restrictions = permit_mynetworks permit_sas1_authenticated reject_unauth_destination
 alias_maps = hash:/etc/mail/aliases, nis:mail.aliases
 alias_database = hash:/etc/mail/aliases
 smtpd_reject_unlisted_recipient = no
 smtpd_milters = unix:/var/run/clamav-milter/milter.sock
 milter_default_action = accept
 header_checks = regexp:/etc/postfix/header_checks
 smtpd_sasl_auth_enable = yes
 smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
 myorigin = gmail.com
 smtp_sasl_security_options = noanonymous
 transport_maps = hash:/etc/postfix/transport
 smtpd_client_restrictions = permit_mynetworks permit_inet_interfaces reject_unknown_reverse_client_hostname
 relayhost = [smtp.gmail.com]:587
 |  | 
	
		| Back to top |  | 
	
		| gerasimos_h Site Admin
 
 
 Joined: 09 Aug 2007
 Posts: 1757
 Location: Greece
 
 | 
			
				|  Posted: Fri Feb 15, 2013 10:13 pm    Post subject: |   |  
				| 
 |  
				| Although this doesn't look like the full main.cf or at least "postconf -n" try 
 
  	  | Code: |  	  | postconf -e "smtpd_client_restrictions =" postconf -e "myorigin = $mydomain"
 postconf -e "mydestination = $mydomain, localhost.$mydomain, $myhostname"
 postconf -e "relayhost ="
 postconf -e "smtpd_tls_cert_file = /etc/ssl/certs/dovecot.pem"
 postconf -e "smtpd_tls_key_file = /etc/ssl/certs/dovecot.pem"
 postfix reload
 | 
 
 Also you had myorigin = gmail.com which is wrong...
 
 
 gerasimos_h
 _________________
 Superb! Mini Server Project Manager
 http://sms.it-ccs.com
 |  | 
	
		| Back to top |  | 
	
		| gregpilot Member
 
 
 Joined: 20 Sep 2012
 Posts: 28
 
 
 | 
			
				|  Posted: Sat Feb 16, 2013 12:46 am    Post subject: re: |   |  
				| 
 |  
				| That was the entire file. I copied the default file over and re-configured it... (attached) I'm sure I can comment out quite a few of the lines? 
 Would I be able to achieve the same result with sendmail? Would it be easier to configure?
 
 Thanks!
 
 
 
 
	
		
	 
		| Description: |  |  Download
 |  
		| Filename: | main_cf.zip |  
		| Filesize: | 4.98 KB |  
		| Downloaded: | 4962 Time(s) |  
 |  | 
	
		| Back to top |  | 
	
		| gerasimos_h Site Admin
 
 
 Joined: 09 Aug 2007
 Posts: 1757
 Location: Greece
 
 | 
			
				|  Posted: Sat Feb 16, 2013 1:05 am    Post subject: |   |  
				| 
 |  
				| A "postconf -n" would be enough...   
 Did you look at the /var/log/maillog?
 
 I think we found it,
 
  	  | Code: |  	  | postconf -e "smtp_sasl_auth_enable = yes" postfix reload
 | 
 
 you can also try if the above fail (that was from google, never need it though)
 
  	  | Code: |  	  | postconf -e "smtp_pix_workarounds =" | 
 and to return it to it's default value
 
  	  | Code: |  	  | postconf -e "smtp_pix_workarounds = disable_esmtp,delay_dotcrlf" | 
 
 Sendmail is if not the most, one of the most difficult to handle MTA, also postfix is the MTA you want for that setup.
 
 gerasimos_h
 _________________
 Superb! Mini Server Project Manager
 http://sms.it-ccs.com
 |  | 
	
		| Back to top |  | 
	
		| gregpilot Member
 
 
 Joined: 20 Sep 2012
 Posts: 28
 
 
 | 
			
				|  Posted: Sat Feb 16, 2013 1:40 am    Post subject: RE: |   |  
				| 
 |  
				| Mail Log: Looks like I need a start TLS command to work on the alias database errors? 
 Thanks!
 
 Feb 15 16:32:45 pluto postfix/postfix-script[345]: refreshing the Postfix mail system
 Feb 15 16:32:45 pluto postfix/master[17482]: reload -- version 2.5.1, configuration /etc/postfix
 Feb 15 16:33:56 pluto postfix/pickup[351]: D37ACB0167E: uid=0 from=<administrator@pluto>
 Feb 15 16:33:56 pluto postfix/cleanup[893]: D37ACB0167E: message-id=<1360971236.885@pluto>
 Feb 15 16:33:56 pluto postfix/qmgr[352]: D37ACB0167E: from=<administrator@pluto.localdomain>, size=572, nrcpt=1 (queue active)
 Feb 15 16:33:57 pluto postfix/smtp[904]: D37ACB0167E: to=<pluto.jsabq@gmail.com>, relay=smtp.gmail.com[74.125.134.108]:587, delay=0.78, delays=0.35/0.05/0.31/0.07, dsn=5.7.0, status=bounced (host smtp.gmail.com[74.125.134.108] said: 530 5.7.0 Must issue a STARTTLS command first. s3sm92664432yhm.10 - gsmtp (in reply to MAIL FROM command))
 Feb 15 16:33:57 pluto postfix/cleanup[893]: 9B3F4B0167F: message-id=<20130215233357.9B3F4B0167F@pluto.localdomain>
 Feb 15 16:33:57 pluto postfix/bounce[905]: D37ACB0167E: sender non-delivery notification: 9B3F4B0167F
 Feb 15 16:33:57 pluto postfix/qmgr[352]: 9B3F4B0167F: from=<>, size=2579, nrcpt=1 (queue active)
 Feb 15 16:33:57 pluto postfix/qmgr[352]: D37ACB0167E: removed
 Feb 15 16:33:57 pluto postfix/local[906]: error: open database /etc/aliases.db: No such file or directory
 Feb 15 16:33:57 pluto postfix/local[906]: warning: dict_nis_init: NIS domain name not set - NIS lookups disabled
 Feb 15 16:33:57 pluto postfix/local[906]: warning: hash:/etc/aliases is unavailable. open database /etc/aliases.db: No such file or directory
 Feb 15 16:33:57 pluto postfix/local[906]: warning: hash:/etc/aliases: lookup of 'administrator' failed
 Feb 15 16:33:57 pluto postfix/local[906]: 9B3F4B0167F: to=<administrator@pluto.localdomain>, relay=local, delay=0.18, delays=0.08/0/0/0.1, dsn=4.3.0, status=deferred (alias database unavailable)
 Feb 15 16:34:15 pluto postfix/postsuper[1086]: 8D884B0167A: removed
 Feb 15 16:34:15 pluto postfix/postsuper[1086]: Deleted: 1 message
 Feb 15 16:34:15 pluto postfix/postsuper[1088]: 9B3F4B0167F: removed
 Feb 15 16:34:15 pluto postfix/postsuper[1088]: Deleted: 1 message
 Feb 15 16:34:47 pluto postfix/postfix-script[1584]: refreshing the Postfix mail system
 Feb 15 16:34:47 pluto postfix/master[17482]: reload -- version 2.5.1, configuration /etc/postfix
 Feb 15 16:35:06 pluto postfix/pickup[1589]: B7E14B0167E: uid=0 from=<administrator@pluto>
 Feb 15 16:35:06 pluto postfix/cleanup[1815]: B7E14B0167E: message-id=<1360971306.1806@pluto>
 Feb 15 16:35:06 pluto postfix/qmgr[1591]: B7E14B0167E: from=<administrator@pluto.localdomain>, size=572, nrcpt=1 (queue active)
 Feb 15 16:35:07 pluto postfix/smtp[1820]: B7E14B0167E: to=<pluto.jsabq@gmail.om>, relay=none, delay=0.63, delays=0.3/0.01/0.32/0, dsn=5.4.4, status=bounced (Host or domain name not found. Name service error for name=gmail.om type=A: Host not found)
 Feb 15 16:35:07 pluto postfix/cleanup[1815]: 5ADA5B0167F: message-id=<20130215233507.5ADA5B0167F@pluto.localdomain>
 Feb 15 16:35:07 pluto postfix/bounce[1825]: B7E14B0167E: sender non-delivery notification: 5ADA5B0167F
 Feb 15 16:35:07 pluto postfix/qmgr[1591]: 5ADA5B0167F: from=<>, size=2504, nrcpt=1 (queue active)
 Feb 15 16:35:07 pluto postfix/qmgr[1591]: B7E14B0167E: removed
 Feb 15 16:35:07 pluto postfix/local[1826]: warning: dict_nis_init: NIS domain name not set - NIS lookups disabled
 Feb 15 16:35:07 pluto postfix/local[1826]: 5ADA5B0167F: to=<administrator@pluto.localdomain>, relay=local, delay=0.24, delays=0.1/0/0/0.13, dsn=2.0.0, status=sent (delivered to mailbox)
 Feb 15 16:35:07 pluto postfix/qmgr[1591]: 5ADA5B0167F: removed
 |  | 
	
		| Back to top |  | 
	
		| gerasimos_h Site Admin
 
 
 Joined: 09 Aug 2007
 Posts: 1757
 Location: Greece
 
 | 
			
				|  Posted: Sat Feb 16, 2013 10:32 am    Post subject: |   |  
				| 
 |  
				| OK! I see some typos and that you always changing you main.cf file, in one post you have 
  	  | Code: |  	  | alias_database = hash:/etc/mail/aliases alias_maps = hash:/etc/mail/aliases, nis:mail.aliases
 | 
 And on last you have
 
  	  | Code: |  	  | alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases, nis:mail.aliases
 | 
 
 The correct is /etc/mail/aliases
 and always run "newaliases" once you edit it.
 
 Another typo from the maillog
 
  	  | Quote: |  	  | Name service error for name=gmail.om | 
 
 Another thing I notice is postfix version 2.5.1, what SMS version are you running?
 
 Once we can enforce TLS with
 
  	  | Code: |  	  | postconf -e "smtp_enforce_tls = yes" postconf -e "smtpd_enforce_tls = yes"
 postconf -e "smtpd_use_tls = yes"
 postfix reload
 | 
 And additionally you can enable smtps in master.cf
 
 gerasimos_h
 _________________
 Superb! Mini Server Project Manager
 http://sms.it-ccs.com
 |  | 
	
		| Back to top |  | 
	
		| gregpilot Member
 
 
 Joined: 20 Sep 2012
 Posts: 28
 
 
 | 
			
				|  Posted: Mon Feb 18, 2013 5:16 pm    Post subject: |   |  
				| 
 |  
				| SMS64 2.0.2. I'll give those a try. 
 Thanks!
 |  | 
	
		| Back to top |  | 
	
		| gregpilot Member
 
 
 Joined: 20 Sep 2012
 Posts: 28
 
 
 | 
			
				|  Posted: Wed Feb 20, 2013 10:44 pm    Post subject: |   |  
				| 
 |  
				| It's finally working like a champ. See below for my final postconf -n. Maybe it will be useful to someone else? 
 gerasimos_h: Thank You so much for your help!
 
 broken_sasl_auth_clients = yes
 command_directory = /usr/sbin/
 config_directory = /etc/postfix
 daemon_directory = /usr/libexec/postfix
 debug_peer_level = 2
 debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin xxgdb $daemon_directory/$process_name $process_id & sleep 5
 html_directory = /usr/doc/postfix-2.4.5/HTML
 mail_spool_directory = /var/spool/mail
 mailq_path = /usr/sbin/mailq
 manpage_directory = /usr/man
 myorigin = $mydomain
 newaliases_path = /usr/sbin/newaliases
 relay_domains = $virtual_mailbox_domains
 relayhost = SMTP_SERVER
 sample_directory = /etc/postfix/sample
 sendmail_path = /usr/sbin/sendmail
 setgid_group = postdrop
 smtp_pix_workarounds = disable_esmtp,delay_dotcrlf
 smtp_sasl_auth_enable = yes
 smtp_sasl_password_maps = hash:/etc/postfix/smtp_sasl_password_map
 smtp_sasl_security_options = noanonymous
 smtp_use_tls = yes
 smtpd_client_restrictions =
 smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated defer
 smtpd_sasl_auth_enable = yes
 smtpd_tls_cert_file = /etc/ssl/certs/dovecot.pem
 smtpd_tls_key_file = /etc/ssl/certs/dovecot.pem
 smtpd_tls_security_level = may
 smtpd_use_tls = yes
 transport_maps = hash:/etc/postfix/transport
 unknown_local_recipient_reject_code = 550
 virtual_gid_maps = static:5001
 virtual_mailbox_base = /var/vmail/
 virtual_mailbox_domains = sms.virtual
 virtual_mailbox_limit = 0
 virtual_mailbox_maps = ldap:/etc/postfix/ldap-users.cf
 virtual_minimum_uid = 5001
 virtual_uid_maps = static:5001
 |  | 
	
		| Back to top |  | 
	
		| gerasimos_h Site Admin
 
 
 Joined: 09 Aug 2007
 Posts: 1757
 Location: Greece
 
 | 
			
				|  Posted: Wed Feb 20, 2013 10:58 pm    Post subject: |   |  
				| 
 |  
				| You keep changing your configuration, it seems like main.cf.original now   Funny thing is that ain't the original config as it was SMS's first configuration way back when we used ldap authentication as default.
 
 What was it of all that make the difference?
 
 I insist though that relayhost isn't necessary in main.cf and it probably cause problems to other email destinations, that's the reason we use transport.
 
 gerasimos_h
 _________________
 Superb! Mini Server Project Manager
 http://sms.it-ccs.com
 |  | 
	
		| Back to top |  | 
	
		| gregpilot Member
 
 
 Joined: 20 Sep 2012
 Posts: 28
 
 
 | 
			
				|  Posted: Wed Feb 20, 2013 11:21 pm    Post subject: |   |  
				| 
 |  
				| I'm not sure. Webmin kept filling in relayhost so I decided to try it. I had made so many changes to the main.cf file, I figured I would try to start with a fresh main.cf and rebuild my configuration. The .original seemed to be clean enough to start with. As far as the LDAP line items, I'm not sure if they are necessary for my intended use? They are relics from the .original file and I didn't touch them. I am only using the machine to send mail and don't care if it is able to receive and properly distribute inbound mail. |  | 
	
		| Back to top |  | 
	
		|  |