1

Topic: Can't send from email client.

v0.2.2 (MySQL)
Ubuntu

When sending email from a client such as Outlook, we get this error:
'Recipient address rejected: Invalid HELO/EHLO; Must be a FQDN or an address literal, not 'Johns-PC''
Johns-PC is the name of the local computer.

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: Can't send from email client.

Could you please show us output of command "postconf -n" to help troubleshoot?

3

Re: Can't send from email client.

alias_database = hash:/etc/postfix/aliases
alias_maps = hash:/etc/postfix/aliases
allow_min_user = no
allow_percent_hack = no
append_dot_mydomain = no
biff = no
bounce_queue_lifetime = 4h
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
content_filter = smtp-amavis:[127.0.0.1]:10024
delay_warning_time = 0h
disable_vrfy_command = yes
dovecot_destination_recipient_limit = 1
enable_original_recipient = no
home_mailbox = Maildir/
inet_interfaces = all
inet_protocols = ipv4
mailbox_command = /usr/lib/dovecot/deliver
mailbox_size_limit = 0
maximal_backoff_time = 4000s
maximal_queue_lifetime = 4h
message_size_limit = 15728640
minimal_backoff_time = 300s
mydestination = $myhostname, localhost, localhost.localdomain, localhost.$myhost                                                                                     
name
mydomain = slamthedeck.com
myhostname = mail.slamthedeck.com
mynetworks = 127.0.0.0/8
mynetworks_style = host
myorigin = mail.slamthedeck.com
proxy_read_maps = $canonical_maps $lmtp_generic_maps $local_recipient_maps $myde                                                                                     stination $mynetworks $recipient_bcc_maps $recipient_canonical_maps $relay_domai                                                                                     ns $relay_recipient_maps $relocated_maps $sender_bcc_maps $sender_canonical_maps                                                                                      $smtp_generic_maps $smtpd_sender_login_maps $transport_maps $virtual_alias_doma                                                                                     ins $virtual_alias_maps $virtual_mailbox_domains $virtual_mailbox_maps $smtpd_se                                                                                     nder_restrictions
queue_run_delay = 300s
readme_directory = no
recipient_bcc_maps = proxy:mysql:/etc/postfix/mysql/recipient_bcc_maps_user.cf,                                                                                      proxy:mysql:/etc/postfix/mysql/recipient_bcc_maps_domain.cf
recipient_delimiter = +
relay_domains = $mydestination, proxy:mysql:/etc/postfix/mysql/relay_domains.cf
relayhost =
sender_bcc_maps = proxy:mysql:/etc/postfix/mysql/sender_bcc_maps_user.cf, proxy:                                                                                     mysql:/etc/postfix/mysql/sender_bcc_maps_domain.cf
smtp-amavis_destination_recipient_limit = 1
smtp_data_init_timeout = 240s
smtp_data_xfer_timeout = 600s
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
smtpd_data_restrictions = reject_unauth_pipelining
smtpd_end_of_data_restrictions = check_policy_service inet:127.0.0.1:10031
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_n                                                                                     on_fqdn_helo_hostname, reject_invalid_helo_hostname, check_helo_access pcre:/etc                                                                                     /postfix/helo_access.pcre
smtpd_recipient_restrictions = reject_unknown_sender_domain, reject_unknown_reci                                                                                     pient_domain, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unlisted                                                                                     _recipient, check_policy_service inet:127.0.0.1:7777, check_policy_service inet:                                                                                     127.0.0.1:10031, permit_mynetworks, permit_sasl_authenticated, reject_unauth_des                                                                                     tination
smtpd_reject_unlisted_recipient = yes
smtpd_reject_unlisted_sender = yes
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_una                                                                                     uth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = no
smtpd_sasl_local_domain =
smtpd_sasl_path = ./dovecot-auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_sender_login_maps = proxy:mysql:/etc/postfix/mysql/sender_login_maps.cf
smtpd_sender_restrictions = permit_mynetworks, reject_sender_login_mismatch, per                                                                                     mit_sasl_authenticated
smtpd_tls_CAfile = /etc/ssl/certs/iRedMail_CA.pem
smtpd_tls_cert_file = /etc/ssl/certs/iRedMail_CA.pem
smtpd_tls_key_file = /etc/ssl/private/iRedMail.key
smtpd_tls_loglevel = 0
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
swap_bangpath = no
tls_random_source = dev:/dev/urandom
transport_maps = proxy:mysql:/etc/postfix/mysql/transport_maps_user.cf, proxy:my                                                                                     sql:/etc/postfix/mysql/transport_maps_domain.cf
virtual_alias_domains =
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql/virtual_alias_maps.cf, proxy                                                                                     :mysql:/etc/postfix/mysql/domain_alias_maps.cf, proxy:mysql:/etc/postfix/mysql/c                                                                                     atchall_maps.cf, proxy:mysql:/etc/postfix/mysql/domain_alias_catchall_maps.cf
virtual_gid_maps = static:2000
virtual_mailbox_base = /var/vmail
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql/virtual_mailbox_domains                                                                                     .cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql/virtual_mailbox_maps.cf
virtual_minimum_uid = 2000
virtual_transport = dovecot
virtual_uid_maps = static:2000

4 (edited by camel1cz 2014-02-09 17:50:00)

Re: Can't send from email client.

You need to use SMTP authentication in outlook (checkbox Server requires authentication or similar).
If you're still rejected even after successful authentication, you miss sender and/or recipient domain in cluebringer setup (all local domains have to be in group 'internal_comains'

Edit: oh, my answer is valid to actual version of iRedMail - if you're using v 0.2.2, it wouldn't work. Sorry.

5

Re: Can't send from email client.

camel1cz wrote:

Edit: oh, my answer is valid to actual version of iRedMail - if you're using v 0.2.2, it wouldn't work. Sorry.

I believe it means iRedAdmin open source edition 0.2.2, not iRedMail-0.2.2.

6

Re: Can't send from email client.

I'm not sure what cluebringer setup is?
I'm currently confused.

7

Re: Can't send from email client.

Connect to the cluebringer database and check table "policy_group_members"... all local domains has to be there. The entries looks like:

 id | policygroupid |        member        | disabled | comment | type 
----+---------------+----------------------+----------+---------+------
  2 |             2 | @example.org         |        0 |         | 

The policygroupid is important and has to be 2 (corresponding with internal_domains) and disabled has to be 0... if your local domains are not there, add them. The problem should be solved by this.

8

Re: Can't send from email client.

Okay, I've never used cluebringer.
Upon searching through conf files, there appears to be a web interface. When I try to connect, nothing. How does one connect to cluebringer?

9

Re: Can't send from email client.

Let's back to your issue in first post.

rubberducky wrote:

'Recipient address rejected: Invalid HELO/EHLO; Must be a FQDN or an address literal, not 'Johns-PC''

Your Postfix config looks just fine. But what confused me is, Postfix configured by iRedMail won't report HELO rejection message like this. Is it possible that your mail client connected to another mail server? What's the error message in Postfix log file (/var/log/mail.log) on your Ubuntu (iRedMail) server?

10 (edited by camel1cz 2014-02-10 17:00:43)

Re: Can't send from email client.

Hi Zhang,

this message comes from cluebringer (EHLO check) not the postfix itself (FQDN restriction) / I had the same issue.

11

Re: Can't send from email client.

The output from /var/log/mail.log


Feb 10 16:38:50 mailserv postfix/smtpd[9126]: connect from 50-192-223-25-static.hfc.comcastbusiness.net[50.192.223.25]
Feb 10 16:38:51 mailserv postfix/smtpd[9126]: NOQUEUE: reject: RCPT from 50-192-223-25-static.hfc.comcastbusiness.net[50.192.223.25]: 554 5.7.1 <daniel@slamthedeck.com$
Feb 10 16:38:53 mailserv postfix/smtpd[9126]: disconnect from 50-192-223-25-static.hfc.comcastbusiness.net[50.192.223.25]
Feb 10 16:42:14 mailserv postfix/anvil[9128]: statistics: max connection rate 1/60s for (smtp:50.192.223.25) at Feb 10 16:38:50
Feb 10 16:42:14 mailserv postfix/anvil[9128]: statistics: max connection count 1 for (smtp:50.192.223.25) at Feb 10 16:38:50
Feb 10 16:42:14 mailserv postfix/anvil[9128]: statistics: max cache size 1 at Feb 10 16:38:50

12

Re: Can't send from email client.

rubberducky wrote:

Feb 10 16:38:51 mailserv postfix/smtpd[9126]: NOQUEUE: reject: RCPT from 50-192-223-25-static.hfc.comcastbusiness.net[50.192.223.25]: 554 5.7.1 <daniel@slamthedeck.com$

detailed reject reason was stripped in pasted log. Please paste full log instead.

13

Re: Can't send from email client.

Hi Zhang,

I am also facing the same issue on my mail server, I have attached screenshot for review. Error comes while sending email from webmail to other iredmail domain itself. e.g. both domains are configured in same server where users are not able to send email to each other domains from outlook or webmail.

Issue sorted when I disabled CheckHelo Module from  vi /etc/policyd/cluebringer.conf

# CheckHelo module
[CheckHelo]
enable=0

But upon disabling this module many SPAM email have started to come inside which were not coming. Is there any specific solution which we can apply to resolve this issue.

Iredmail Version: 0.8.6
CentOS release 6.5 (Final) dedicated server having dual core CPU and 32gb RAM.

Post's attachments

web mail.JPG 80.02 kb, file has never been downloaded. 

You don't have the permssions to download the attachments of this post.

14

Re: Can't send from email client.

Have a look on my answer #7

15

Re: Can't send from email client.

Hi camel1cz, it seems issue is solved once I applied the solution. Actually I had forgotten from where to access cluebringer but upon checking my .tips file i found out web URL. so silly...
by the way thank you for your support.