1

Topic: SMTP does not work on remote client

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 0.9.8
- Linux/BSD distribution name and version: Ubuntu 16.04
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL 5.7.22
- Web server (Apache or Nginx):1.14 ubuntu
- Manage mail accounts with iRedAdmin-Pro?
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

Why does SMTP not work on remote client?
In the mail server, Roundcube can send email so well, but when I've tried on other side such thunderbird, PHP code it does not. I open all ports.

I try to change port and protocol and I got different error also.

1. Port: 587, Protocol: STARTTLS
Error: Failed to connect to STARTTLS://bb.aaa.com:587 [SMTP: Failed to connect socket: Unable to find the socket transport "STARTTLS" - did you forget to enable it when you configured PHP? (code: -1, response: )]

2. Port: 587, Protocol: TLS
Error: Failed to connect to tls://bb.aaa.com:587 [SMTP: Failed to connect socket: fsockopen(): unable to connect to tls://bb.aaa.com:587 (Unknown error) (code: -1, response: )]

3. Port: 587, Protocol: SSL
Error: Failed to connect to ssl://bb.aaa.com:587 [SMTP: Failed to connect socket: fsockopen(): unable to connect to ssl://bb.aaa.com:587 (Unknown error) (code: -1, response: )]

4. Port: 465, Protocol: SSL
Error: Failed to connect to ssl://pmail.cotafer.com:465 [SMTP: Failed to connect socket: Connection timed out (code: -1, response: )]

5. Port: 25, Protocol: None
Error: authentication failure [SMTP: STARTTLS failed (code: 220, response: 2.0.0 Ready to start TLS)]

What is wrong friends?

2

Re: SMTP does not work on remote client

- Does it work if you use IP address instead of domain names like 'bb.aa.com', 'pmail.cotafer.com'?
- Do you have correct DNS records for these domain names?

----

Does my reply help a little? How about buying me a cup of coffee ($5) as an encouragement?

buy me a cup of coffee

3

Re: SMTP does not work on remote client

Hi Zhang,
1. I did, but the error still keeps the same.
2. I think, it is correct, I follow the document.

I can send email out and receive so well on the email server.

4

Re: SMTP does not work on remote client

If Roundcube webmail works well and you can send email out with it, that means SMTP and submission services are ok. In this case, sending email with Thunderbird should work fine with setting: port 587 with TLS (or STARTTLS), use server IP address as smtp server address.

If it doesn't work, any error in Postfix log file (/var/log/maillog)?

----

Does my reply help a little? How about buying me a cup of coffee ($5) as an encouragement?

buy me a cup of coffee

5

Re: SMTP does not work on remote client

- case 1:
When I sent out via thunderbird.

Sending of the message failed.
The message could not be sent using Outgoing server (SMTP) bb.aa.com for an unknown reason. Please verify that your Outgoing server (SMTP) settings are correct and try again.

Log: /var/log/maillog
it is always showing connection time out.
Jul 17 06:33:47 bbmail amavis[3302]: Found secondary av scanner clamav-clamscan at /usr/bin/clamscan
Jul 17 09:28:17 bbmail postfix/submission/smtpd[9038]: connect from unknown[xx.x.x.x]
Jul 17 09:28:29 bbmail postfix/submission/smtpd[9045]: connect from unknown[xx.x.x.x]
Jul 17 09:28:33 bbmail postfix/submission/smtpd[9048]: connect from unknown[xx.x.x.x]
Jul 17 09:28:38 bbmail postfix/submission/smtpd[9050]: connect from unknown[xx.x.x.x]
Jul 17 09:28:38 bbmail postfix/submission/smtpd[9051]: connect from unknown[xx.x.x.x]
Jul 17 09:29:42 bbmail postfix/submission/smtpd[9082]: connect from unknown[xx.x.x.x]
Jul 17 09:29:42 bbmail postfix/submission/smtpd[9082]: Anonymous TLS connection established from unknown[163.53.198.170]: TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)
Jul 17 09:29:42 bbmail postfix/submission/smtpd[9082]: warning: TLS library problem: error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca:../ssl/record/rec_layer_s3.c:1399:SSL alert number 48:
Jul 17 09:29:42 bbmail postfix/submission/smtpd[9082]: lost connection after STARTTLS from unknown[xx.x.x.x]
Jul 17 09:29:42 bbmail postfix/submission/smtpd[9082]: disconnect from unknown[163.53.198.170] ehlo=1 starttls=1 commands=2
Jul 17 09:30:15 bbmail postfix/submission/smtpd[9038]: lost connection after CONNECT from unknown[xx.x.x.x]
Jul 17 09:30:15 bbmail postfix/submission/smtpd[9038]: disconnect from unknown[xx.x.x.x] commands=0/0
Jul 17 09:30:21 bbmail postfix/submission/smtpd[9045]: lost connection after CONNECT from unknown[xx.x.x.x]
Jul 17 09:30:21 bbmail postfix/submission/smtpd[9045]: disconnect from unknown[xx.x.x.x] commands=0/0
Jul 17 09:30:24 bbmail postfix/submission/smtpd[9048]: lost connection after CONNECT from unknown[xx.x.x.x]
Jul 17 09:30:24 bbmail postfix/submission/smtpd[9048]: disconnect from unknown[xx.x.x.x] commands=0/0
Jul 17 09:30:28 bbmail postfix/submission/smtpd[9050]: lost connection after CONNECT from unknown[xx.x.x.x]
Jul 17 09:30:28 bbmail postfix/submission/smtpd[9050]: disconnect from unknown[xx.x.x.x] commands=0/0
Jul 17 09:30:28 bbmail postfix/submission/smtpd[9051]: lost connection after CONNECT from unknown[xx.x.x.x]
Jul 17 09:30:28 bbmail postfix/submission/smtpd[9051]: disconnect from unknown[xx.x.x.x] commands=0/0
Jul 17 09:32:22 bbmail postfix/submission/smtpd[9155]: connect from unknown[xx.x.x.x]
Jul 17 09:32:48 bbmail postfix/submission/smtpd[9165]: connect from unknown[xx.x.x.x]
Jul 17 09:32:49 bbmail postfix/submission/smtpd[9165]: Anonymous TLS connection established from unknown[163.53.198.170]: TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)
Jul 17 09:32:49 bbmail postfix/submission/smtpd[9165]: warning: TLS library problem: error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca:../ssl/record/rec_layer_s3.c:1399:SSL alert number 48:
Jul 17 09:32:49 bbmail postfix/submission/smtpd[9165]: lost connection after STARTTLS from unknown[xx.x.x.x]
Jul 17 09:32:49 bbmail postfix/submission/smtpd[9165]: disconnect from unknown[xx.x.x.x] ehlo=1 starttls=1 commands=2
Jul 17 09:34:08 bbmail postfix/submission/smtpd[9155]: lost connection after CONNECT from unknown[xx.x.x.x]
Jul 17 09:34:08 bbmail postfix/submission/smtpd[9155]: disconnect from unknown[xx.x.x.x] commands=0/0
Jul 17 09:28:17 bbmail postfix/submission/smtpd[9038]: connect from unknown[xx.x.x.x]
Jul 17 09:28:29 bbmail postfix/submission/smtpd[9045]: connect from unknown[xx.x.x.x]
Jul 17 09:28:33 bbmail postfix/submission/smtpd[9048]: connect from unknown[xx.x.x.x]
Jul 17 09:28:38 bbmail postfix/submission/smtpd[9050]: connect from unknown[xx.x.x.x]
Jul 17 09:28:38 bbmail postfix/submission/smtpd[9051]: connect from unknown[xx.x.x.x]
Jul 17 09:29:42 bbmail postfix/submission/smtpd[9082]: connect from unknown[xx.x.x.x]
Jul 17 09:29:42 bbmail postfix/submission/smtpd[9082]: Anonymous TLS connection established from unknown[163.53.198.170]: TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)
Jul 17 09:29:42 bbmail postfix/submission/smtpd[9082]: warning: TLS library problem: error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca:../ssl/record/rec_layer_s3.c:1399:SSL alert number 48:
Jul 17 09:29:42 bbmail postfix/submission/smtpd[9082]: lost connection after STARTTLS from unknown[xx.x.x.x]
Jul 17 09:29:42 bbmail postfix/submission/smtpd[9082]: disconnect from unknown[xx.x.x.x] ehlo=1 starttls=1 commands=2
Jul 17 09:30:15 bbmail postfix/submission/smtpd[9038]: lost connection after CONNECT from unknown[xx.x.x.x]
Jul 17 09:30:15 bbmail postfix/submission/smtpd[9038]: disconnect from unknown[xx.x.x.x] commands=0/0

6

Re: SMTP does not work on remote client

- case 2:
I used PHP to send mail
<?php
require_once "Mail.php";
$from = "Test <test@xxx.com>";
$to = "Kun <sitthykun@gmail.com>";
$subject = "Hi!";
$body = "Hi,\n\nHow are you?";
$host = "tls://x.x.x.x";
$port = "587";
$auth = true;
$username = "test@xxx.com";
$password = "Ujdhy3930s3RtE";
$headers = array ('From' => $from,
  'To' => $to,
  'Subject' => $subject);
$smtp = Mail::factory('smtp',
  array ('host' => $host,
    'port' => $port,
    'auth' => true,
    'username' => $username,
    'password' => $password));
$mail = $smtp->send($to, $headers, $body);
if (PEAR::isError($mail)) {
  echo("<p>" . $mail->getMessage() . "</p>");
} else {
  echo("<p>Message successfully sent!</p>");
}

?>
-----------
output:
Failed to connect to tls://x.x.x.x:587
[SMTP: Failed to connect socket: fsockopen(): unable to connect to
tls://x.x.x.x:587 (Unknown error) (code: -1, response: )]

7

Re: SMTP does not work on remote client

Do you use a self-signed ssl cert? is it possible to request a free LetsEncrypt cert and try again?

----

Does my reply help a little? How about buying me a cup of coffee ($5) as an encouragement?

buy me a cup of coffee

8

Re: SMTP does not work on remote client

ZhangHuangbin wrote:

Do you use a self-signed ssl cert? is it possible to request a free LetsEncrypt cert and try again?

I don't use self-signed ssl cert, because i does not work.
I use Let's Encrypt.

9

Re: SMTP does not work on remote client

sitthykun wrote:

Jul 17 09:28:38 bbmail postfix/submission/smtpd[9050]: connect from unknown[xx.x.x.x]

Is this xx.x.x.x the IP address of your laptop running MUA (Outlook/Thunderbird) for testing?

If MUA successfully connects to Postfix, that means port 587 is reachable in your network, then it should be fine. but according to postfix log, the connection was broken after smtp command 'CONNET'.

Is there any firewall / gateway sits between iRedMail server and your MUA? and it also does some traffic control?

----

Does my reply help a little? How about buying me a cup of coffee ($5) as an encouragement?

buy me a cup of coffee

10 (edited by sitthykun 2018-07-20 19:32:54)

Re: SMTP does not work on remote client

yes, Zhang.

I open all ports on iRedMail server.
I open all ports on MUA.
-------------------------------------------
tail -f /var/log/iredapd/iredapd.log
2018-07-20 09:52:11 INFO [x.x.x.x] RCPT, data.test@domaindo.com => test.123@gmail.com, DUNNO [sasl_username=data.test@domaindo.com, sender=data.test@domaindo.com, client_name=unknown, reverse_client_name=unknown, helo=[192.168.168.101], encryption_protocol=TLSv1.2, process_time=0.0561s]
2018-07-20 09:52:11 INFO [x.x.x.x] END-OF-MESSAGE, data.test@domaindo.com => test.123@gmail.com, DUNNO [recipient_count=1, size=444, process_time=0.0039s]
----------------------------------
tail -f /var/log/mail.log
Jul 20 09:51:18 txtmail postfix/submission/smtpd[20844]: connect from unknown[x.x.x.x]
Jul 20 09:51:21 txtmail postfix/submission/smtpd[20849]: connect from unknown[x.x.x.x]
Jul 20 09:51:44 txtmail postfix/submission/smtpd[20844]: lost connection after CONNECT from unknown[x.x.x.x]
Jul 20 09:51:44 txtmail postfix/submission/smtpd[20844]: disconnect from unknown[x.x.x.x] commands=0/0
Jul 20 09:51:50 txtmail postfix/submission/smtpd[20844]: connect from unknown[x.x.x.x]
Jul 20 09:52:10 txtmail postfix/submission/smtpd[20873]: connect from unknown[x.x.x.x]
Jul 20 09:52:11 txtmail postfix/submission/smtpd[20873]: Anonymous TLS connection established from unknown[x.x.x.x]: TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)
Jul 20 09:52:11 txtmail postfix/submission/smtpd[20873]: BC18281088: client=unknown[x.x.x.x], sasl_method=PLAIN, sasl_username=data.test@domaindo.com
Jul 20 09:52:11 txtmail postfix/cleanup[20879]: BC18281088: message-id=<2c2063ec-434b-56a9-a9ec-8401e146d999@domaindo.com>
Jul 20 09:52:11 txtmail postfix/qmgr[20706]: BC18281088: from=<data.test@domaindo.com>, size=635, nrcpt=1 (queue active)
Jul 20 09:52:12 txtmail postfix/submission/smtpd[20873]: disconnect from unknown[x.x.x.x] ehlo=2 starttls=1 auth=1 mail=1 rcpt=1 data=1 quit=1 commands=8
Jul 20 09:52:12 txtmail postfix/submission/smtpd[20873]: connect from unknown[x.x.x.x]
Jul 20 09:52:12 txtmail postfix/10025/smtpd[20888]: connect from txtmail.domaindo.com[127.0.0.1]
Jul 20 09:52:12 txtmail postfix/10025/smtpd[20888]: 2D8D0813E5: client=txtmail.domaindo.com[127.0.0.1]
Jul 20 09:52:12 txtmail postfix/cleanup[20879]: 2D8D0813E5: message-id=<2c2063ec-434b-56a9-a9ec-8401e146d999@domaindo.com>
Jul 20 09:52:12 txtmail postfix/qmgr[20706]: 2D8D0813E5: from=<data.test@domaindo.com>, size=1115, nrcpt=1 (queue active)
Jul 20 09:52:12 txtmail postfix/10025/smtpd[20888]: disconnect from txtmail.domaindo.com[127.0.0.1] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5
Jul 20 09:52:12 txtmail amavis[12489]: (12489-07) Passed CLEAN {RelayedInbound}, ORIGINATING [x.x.x.x]:54728 [x.x.x.x] <data.test@domaindo.com> -> <test.123@gmail.com>, Queue-ID: BC18281088, Message-ID: <2c2063ec-434b-56a9-a9ec-8401e146d999@domaindo.com>, mail_id: csMkHmJ76SsC, Hits: -1, size: 635, queued_as: 2D8D0813E5, 203 ms, Tests: [ALL_TRUSTED=-1]
Jul 20 09:52:12 txtmail postfix/amavis/smtp[20884]: BC18281088: to=<test.123@gmail.com>, relay=127.0.0.1[127.0.0.1]:10026, delay=0.69, delays=0.45/0.01/0/0.22, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 2D8D0813E5)
Jul 20 09:52:12 txtmail postfix/qmgr[20706]: BC18281088: removed
Jul 20 09:52:12 txtmail postfix/smtp[20889]: connect to gmail-smtp-in.l.google.com[2404:6800:4003:c02::1b]:25: Network is unreachable
Jul 20 09:52:12 txtmail postfix/smtp[20889]: Trusted TLS connection established to gmail-smtp-in.l.google.com[74.125.68.26]:25: TLSv1.2 with cipher ECDHE-RSA-CHACHA20-POLY1305 (256/256 bits)
Jul 20 09:52:13 txtmail postfix/submission/smtpd[20844]: lost connection after CONNECT from unknown[x.x.x.x]
Jul 20 09:52:13 txtmail postfix/submission/smtpd[20844]: disconnect from unknown[x.x.x.x] commands=0/0
Jul 20 09:52:13 txtmail postfix/smtp[20889]: 2D8D0813E5: to=<test.123@gmail.com>, relay=gmail-smtp-in.l.google.com[74.125.68.26]:25, delay=1.8, delays=0.01/0.04/0.67/1.1, dsn=2.0.0, status=sent (250 2.0.0 OK 1532080333 z9-v6si1322985pln.250 - gsmtp)
Jul 20 09:52:13 txtmail postfix/qmgr[20706]: 2D8D0813E5: removed
Jul 20 09:52:21 txtmail postfix/submission/smtpd[20844]: connect from unknown[x.x.x.x]

--------------------------------------
tail -f /var/log/letsencrypt/letsencrypt.log
2018-07-20 10:10:43,271:DEBUG:certbot.main:certbot version: 0.25.0
2018-07-20 10:10:43,272:DEBUG:certbot.main:Arguments: ['-q']
2018-07-20 10:10:43,273:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2018-07-20 10:10:43,288:DEBUG:certbot.log:Root logging level set at 30
2018-07-20 10:10:43,290:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log
2018-07-20 10:10:43,301:DEBUG:certbot.plugins.selection:Requested authenticator <certbot.cli._Default object at 0x7f360614feb8> and installer <certbot.cli._Default object at 0x7f360614feb8>
2018-07-20 10:10:43,318:INFO:certbot.renewal:Cert not yet due for renewal
2018-07-20 10:10:43,319:DEBUG:certbot.plugins.selection:Requested authenticator nginx and installer nginx
2018-07-20 10:10:43,648:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx
Description: Nginx Web Server plugin - Alpha
Interfaces: IAuthenticator, IInstaller, IPlugin
Entry point: nginx = certbot_nginx.configurator:NginxConfigurator
Initialized: <certbot_nginx.configurator.NginxConfigurator object at 0x7f36061637b8>
Prep: True
2018-07-20 10:10:43,650:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx
Description: Nginx Web Server plugin - Alpha
Interfaces: IAuthenticator, IInstaller, IPlugin
Entry point: nginx = certbot_nginx.configurator:NginxConfigurator
Initialized: <certbot_nginx.configurator.NginxConfigurator object at 0x7f36061637b8>
Prep: True
2018-07-20 10:10:43,651:DEBUG:certbot.plugins.selection:Selected authenticator <certbot_nginx.configurator.NginxConfigurator object at 0x7f36061637b8> and installer <certbot_nginx.configurator.NginxConfigurator object at 0x7f36061637b8>
2018-07-20 10:10:43,651:INFO:certbot.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx
2018-07-20 10:10:43,651:DEBUG:certbot.renewal:no renewal failures
---------------------------------------------
tail -f /var/log/dovecot/dovecot.log
Jul 20 11:24:47 imap(data.test@domaindo.com): Debug: acl vfile: file /var/vmail/vmail1/domaindo.com/p/r/e/data.test-2018.07.10.06.25.14//Maildir/dovecot-acl not found
Jul 20 11:24:47 imap(data.test@domaindo.com): Debug: INBOX: Mailbox opened because: SELECT
Jul 20 11:24:47 imap(data.test@domaindo.com): Debug: Drafts: Mailbox opened because: STATUS
Jul 20 11:24:47 imap(data.test@domaindo.com): Debug: Drafts: Mailbox opened because: SELECT
Jul 20 11:24:47 imap(data.test@domaindo.com): Debug: Sent: Mailbox opened because: STATUS
Jul 20 11:24:47 imap(data.test@domaindo.com): Debug: Sent: Mailbox opened because: SELECT
Jul 20 11:24:47 imap(data.test@domaindo.com): Debug: Junk: Mailbox opened because: STATUS
Jul 20 11:24:47 imap(data.test@domaindo.com): Debug: Junk: Mailbox opened because: SELECT
Jul 20 11:24:47 imap(data.test@domaindo.com): Debug: Trash: Mailbox opened because: STATUS
Jul 20 11:24:47 imap(data.test@domaindo.com): Info: Logged out in=421 out=2972

11

Re: SMTP does not work on remote client

The postfix log looks normal.

----

Does my reply help a little? How about buying me a cup of coffee ($5) as an encouragement?

buy me a cup of coffee

12

Re: SMTP does not work on remote client

The postfix log looks normal.

----

Does my reply help a little? How about buying me a cup of coffee ($5) as an encouragement?

buy me a cup of coffee