1 (edited by bazoooka 2019-07-09 00:52:25)

Topic: Emails getting rejected

Hi, i got this in the log:


==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release):  0.9.9
- Deployed with iRedMail Easy or the downloadable installer? downloadable installer
- Linux/BSD distribution name and version: Distributor ID:

Debian
Description:    Debian GNU/Linux 8.11 (jessie)
Release:        8.11
Codename:       jessie

- Store mail accounts in which backend (LDAP/MySQL/PGSQL):  PGSQL
- Web server (Apache or Nginx): Apache2
- Manage mail accounts with iRedAdmin-Pro? No

- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

Jul  8 11:58:37 server348 postfix/submission/smtpd[21079]: connect from p2E5053E4.dip0.t-ipconnect.de[46.80.83.228]
Jul  8 11:58:37 server348 postfix/submission/smtpd[21079]: warning: connect to Milter service inet:127.0.0.1:8893: Connection refused
Jul  8 11:58:41 server348 postfix/submission/smtpd[21079]: NOQUEUE: reject: RCPT from p2E5053E4.dip0.t-ipconnect.de[46.80.83.228]: 554 5.7.1 <p2E5053E4.dip0.t-ipconnect.de[46.80.83.228]>: Client host rejected: Access denied; from=<> to=<> proto=ESMTP helo=<[192.168.1.171]>
Jul  8 11:58:41 server348 postfix/cleanup[21091]: D4CE578542: message-id=<20190708095841.D4CE578542@>
Jul  8 11:58:41 server348 postfix/qmgr[797]: D4CE578542: from=<double-bounce@cc>, size=1387, nrcpt=1 (queue active)
Jul  8 11:58:41 server348 postfix/submission/smtpd[21079]: disconnect from p2E5053E4.dip0.t-ipconnect.de[46.80.83.228]
Jul  8 11:58:41 server348 postfix/pipe[21093]: D4CE578542: to=<postmaster@>, relay=dovecot, delay=0.04, delays=0.01/0/0/0.03, dsn=2.0.0, status=sent (delivered via dovecot service)
Jul  8 11:58:41 server348 postfix/qmgr[797]: D4CE578542: removed

Postfix SMTP Error Mail:


Transcript of session follows.

Out: 220  ESMTP Postfix
In:  EHLO [192.168.1.171]
Out: 250-
Out: 250-PIPELINING
Out: 250-SIZE 15728640
Out: 250-ETRN
Out: 250-STARTTLS
Out: 250-ENHANCEDSTATUSCODES
Out: 250-8BITMIME
Out: 250 DSN
In:  STARTTLS
Out: 220 2.0.0 Ready to start TLS
In:  EHLO [192.168.1.171]
Out: 250-
Out: 250-PIPELINING
Out: 250-SIZE 15728640
Out: 250-ETRN
Out: 250-AUTH PLAIN LOGIN
Out: 250-AUTH=PLAIN LOGIN
Out: 250-ENHANCEDSTATUSCODES
Out: 250-8BITMIME
Out: 250 DSN
In:  MAIL FROM:<>
Out: 250 2.1.0 Ok
In:  RCPT TO:<>
Out: 554 5.7.1 <p2E5053E4.dip0.t-ipconnect.de[46.80.83.228]>: Client host
     rejected: Access denied
In:  DATA
Out: 554 5.5.1 Error: no valid recipients
In:  QUIT
Out: 221 2.0.0 Bye


The recipients are valid. Also the users are not banned or anything. If i send emails via those users to another its all working. but if my friend who  uses those email adresses sends them this error happens.



POSTCONF -n

sudo postconf -n
alias_database = hash:/etc/postfix/aliases
alias_maps = hash:/etc/postfix/aliases
allow_min_user = no
allow_percent_hack = no
biff = no
body_checks = pcre:/etc/postfix/body_checks.pcre
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
content_filter = smtp-amavis:[127.0.0.1]:10024
daemon_directory = /usr/lib/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5
disable_vrfy_command = yes
dovecot_destination_recipient_limit = 1
enable_original_recipient = no
error_notice_recipient =
header_checks = pcre:/etc/postfix/header_checks
inet_interfaces = all
inet_protocols = all
lmtp_tls_mandatory_protocols = !SSLv2 !SSLv3
lmtp_tls_protocols = !SSLv2 !SSLv3
mail_owner = postfix
mailq_path = /usr/bin/mailq
message_size_limit = 15728640
milter_default_action = accept
mlmmj_destination_recipient_limit = 1
mydestination = $myhostname, localhost, localhost.localdomain
mydomain =
myhostname =
mynetworks = 127.0.0.1
myorigin =
newaliases_path = /usr/bin/newaliases
notify_classes = 2bounce, delay, resource, software, policy, data
postscreen_access_list = permit_mynetworks, cidr:/etc/postfix/postscreen_access.cidr
postscreen_blacklist_action = enforce
postscreen_dnsbl_action = enforce
postscreen_dnsbl_reply_map = texthash:/etc/postfix/postscreen_dnsbl_reply
postscreen_dnsbl_sites = zen.spamhaus.org=127.0.0.[2..11]*3
postscreen_dnsbl_threshold = 2
postscreen_dnsbl_whitelist_threshold = -2
postscreen_greet_action = enforce
proxy_read_maps = $canonical_maps $lmtp_generic_maps $local_recipient_maps $mydestination $mynetworks $recipient_bcc_maps $recipient_canonical_maps $relay_domains $relay_recipient_maps $relocated_maps $sender_bcc_maps $sender_canonical_maps $smtp_generic_maps $smtpd_sender_login_maps $transport_maps $virtual_alias_domains $virtual_alias_maps $virtual_mailbox_domains $virtual_mailbox_maps $smtpd_sender_restrictions
queue_directory = /var/spool/postfix
recipient_bcc_maps = proxy:pgsql:/etc/postfix/pgsql/recipient_bcc_maps_user.cf proxy:pgsql:/etc/postfix/pgsql/recipient_bcc_maps_domain.cf
recipient_delimiter = +
relay_domains = $mydestination proxy:pgsql:/etc/postfix/pgsql/relay_domains.cf
sender_bcc_maps = proxy:pgsql:/etc/postfix/pgsql/sender_bcc_maps_user.cf proxy:pgsql:/etc/postfix/pgsql/sender_bcc_maps_domain.cf
sendmail_path = /usr/sbin/sendmail
setgid_group = postdrop
smtp-amavis_destination_recipient_limit = 1
smtp_tls_CAfile = $smtpd_tls_CAfile
smtp_tls_loglevel = 0
smtp_tls_mandatory_protocols = !SSLv2 !SSLv3
smtp_tls_note_starttls_offer = yes
smtp_tls_protocols = !SSLv2 !SSLv3
smtp_tls_security_level = may
smtpd_data_restrictions = reject_unauth_pipelining
smtpd_end_of_data_restrictions = check_policy_service inet:127.0.0.1:7777
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks permit_sasl_authenticated check_helo_access pcre:/etc/postfix/helo_access.pcre reject_non_fqdn_helo_hostname reject_invalid_helo_hostname
smtpd_milters = inet:127.0.0.1:8893
smtpd_recipient_restrictions = reject_unknown_recipient_domain reject_non_fqdn_recipient reject_unlisted_recipient check_policy_service inet:127.0.0.1:7777 permit_mynetworks permit_sasl_authenticated reject_unauth_destination
smtpd_reject_unlisted_recipient = yes
smtpd_reject_unlisted_sender = yes
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain =
smtpd_sasl_path = private/dovecot-auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_sender_login_maps = proxy:pgsql:/etc/postfix/pgsql/sender_login_maps.cf
smtpd_sender_restrictions = reject_unknown_sender_domain reject_non_fqdn_sender reject_unlisted_sender permit_mynetworks reject_sender_login_mismatch permit_sasl_authenticated check_sender_access pcre:/etc/postfix/sender_access.pcre
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/letsencrypt/live/mailserver/fullchain.pem
smtpd_tls_dh1024_param_file = /etc/ssl/dhparams.pem
smtpd_tls_exclude_ciphers = aNULL, eNULL, EXPORT, DES, RC4, MD5, PSK, aECDH, EDH-DSS-DES-CBC3-SHA, EDH-RSA-DES-CDC3-SHA, KRB5-DE5, CBC3-SHA
smtpd_tls_key_file = /etc/letsencrypt/live/mailserver/privkey.pem
smtpd_tls_loglevel = 0
smtpd_tls_mandatory_protocols = !SSLv2 !SSLv3
smtpd_tls_protocols = !SSLv2 !SSLv3
smtpd_tls_security_level = may
swap_bangpath = no
tls_random_source = dev:/dev/urandom
transport_maps = proxy:pgsql:/etc/postfix/pgsql/transport_maps_user.cf proxy:pgsql:/etc/postfix/pgsql/transport_maps_domain.cf proxy:pgsql:/etc/postfix/pgsql/transport_maps_maillist.cf
unknown_local_recipient_reject_code = 550
virtual_alias_domains =
virtual_alias_maps = proxy:pgsql:/etc/postfix/pgsql/virtual_alias_maps.cf proxy:pgsql:/etc/postfix/pgsql/domain_alias_maps.cf proxy:pgsql:/etc/postfix/pgsql/catchall_maps.cf proxy:pgsql:/etc/postfix/pgsql/domain_alias_catchall_maps.cf
virtual_gid_maps = static:2000
virtual_mailbox_base = /var/vmail
virtual_mailbox_domains = proxy:pgsql:/etc/postfix/pgsql/virtual_mailbox_domains.cf
virtual_mailbox_maps = proxy:pgsql:/etc/postfix/pgsql/virtual_mailbox_maps.cf
virtual_minimum_uid = 2000
virtual_transport = dovecot
virtual_uid_maps = static:2000
postconf: warning: /etc/postfix/main.cf: unused parameter: mtpd_banner="Your personal Mail Server"
postconf: warning: /etc/postfix/main.cf: unused parameter: non-smtpd_milters=$smtpd_milters

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: Emails getting rejected

Hi,

Seems like the problem comes from the mail client you're using which is outside the network of your iredmail server.

What happens if you try to send the mail from roundcube/sogo web interface directly?

3

Re: Emails getting rejected

florianaltendorfer wrote:

Jul  8 11:58:37 server348 postfix/submission/smtpd[21079]: warning: connect to Milter service inet:127.0.0.1:8893: Connection refused

The milter program/daemon which configured to running on port 8893 is not running. Please start it first.

4

Re: Emails getting rejected

ZhangHuangbin wrote:
florianaltendorfer wrote:

Jul  8 11:58:37 server348 postfix/submission/smtpd[21079]: warning: connect to Milter service inet:127.0.0.1:8893: Connection refused

The milter program/daemon which configured to running on port 8893 is not running. Please start it first.


Ok - how is that service called?

5

Re: Emails getting rejected

iRedMail doesn't ship a program which listens on port 8893, it must be installed by you manually after iRedMail installation. So, you have to figure it out yourself.

6

Re: Emails getting rejected

florianaltendorfer wrote:
ZhangHuangbin wrote:
florianaltendorfer wrote:

Jul  8 11:58:37 server348 postfix/submission/smtpd[21079]: warning: connect to Milter service inet:127.0.0.1:8893: Connection refused

The milter program/daemon which configured to running on port 8893 is not running. Please start it first.


Ok - how is that service called?


stupid question - it's opendmarc... sorry - i'll see if it's working now.

Also - how can i delete this forum account?

7

Re: Emails getting rejected

florianaltendorfer wrote:

Also - how can i delete this forum account?

you cannot delete it by yourself, but I can help if you really want to.

8

Re: Emails getting rejected

ZhangHuangbin wrote:
florianaltendorfer wrote:

Also - how can i delete this forum account?

you cannot delete it by yourself, but I can help if you really want to.


Yes that would be great - or changing my username would be ok already as well. I just don't want my real name standing here in the public forums...

9

Re: Emails getting rejected

What's the new username do you want to use?

10

Re: Emails getting rejected

bazoooka would be cool (Y)

11

Re: Emails getting rejected

Username updated. smile