Not receiving emails Virtualmin on Ubuntu 20 with Postfix

Everything seems ok

That’s my problem. Everything seems to be ok and yet I don’t receive emails. I am trying for almost 2 weeks now to solve this and I really can’t find what’s wrong.

Please, check your MX records, again using dnschecker.org and choosing the MX record type for your domain. They may be wrong.

Also, run the MX Toolbox diagnostic for your domain, here:

On both cases you do not need to post anything here. Those results may help you find the problem.

With dnschecker everything is green.

with MX tools I have the following problems:

    SMTP Banner Check	    Reverse DNS does not match SMTP Banner
SMTP TLS	Warning - Does not support TLS.
SMTP Transaction Time	15.190 seconds - Not good! on Transaction Time
SMTP Reverse DNS Mismatch	OK - 161.97.132.176 resolves to vmd63883.contaboserver.net	
SMTP Valid Hostname	OK - Reverse DNS is a valid Hostname	
SMTP Connection Time	0 seconds - Good on Connection time	
SMTP Open Relay	OK - Not an open relay.

Very very strange about that “Reverse DNS does not match SMTP Banner” because I have also checked https://dkimvalidator.com/ and I have the following results:

Received: from vmd63883.contaboserver.net (vmd63883.contaboserver.net [161.97.132.176])
by relay-2.us-west-2.relay-prod (Postfix) with ESMTPS id 18CCA2013A
for GVGK2TN1ye4Q36@dkimvalidator.com; Mon, 28 Dec 2020 16:17:21 +0000 (UTC)
Received: from theblackscreenchannel.com (localhost [127.0.0.1])
by vmd63883.contaboserver.net (Postfix) with ESMTPA id A00E0540282
for GVGK2TN1ye4Q36@dkimvalidator.com; Mon, 28 Dec 2020 17:17:19 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple;
d=theblackscreenchannel.com; s=202011; t=1609172239;
bh=nMTF1qnIpIBXMQopAknts9+OnvYe9005+j1suP/Os7Y=;
h=Date:From:To:Subject:From;
b=elsE7bvH87sQ7doN/nb+JcbM5RpCUA8EHjLYE13yGd4GGu3fuAWuDgQaB7EY/hglB
RqGfdGZCncF8PC6Q81NT2nNwRohsDpG2hgp2XQHv97lX7SGbPMBluRT2v6yoLn8RoH
MVXszQg6j+fyzRnbbWS8GQABdWf5eH+VaJEd6gUAbJ12diri+Xc6fdavoFMTwdS/yI
fh0NoZQe04qWPEs8q78Qykm213HPpN2oK+Dq36RP9YTEM2pFy4b7+IlW9ZUmq5Zc5h
NpJo6GmfPK6Xb5mEuZiXfn+yHB01jbuuVxaVH1BNslFdIoJ+QH3fR90giyItwgGiEE
8Oa70Cl9ExGGw==
MIME-Version: 1.0
Date: Mon, 28 Dec 2020 17:17:19 +0100
From: “info-theblackscreenchannel.cominfo@theblackscreenchannel.com
To: GVGK2TN1ye4Q36@dkimvalidator.com
Subject: tetst
User-Agent: Roundcube Webmail/1.4.9
Message-ID: b76db5ba4735cbcabd70c5bed8808aae@theblackscreenchannel.com
X-Sender: info@theblackscreenchannel.com
Content-Type: text/plain; charset=US-ASCII;
format=flowed
Content-Transfer-Encoding: 7bit

tests

DKIM Information:
DKIM Signature

Message contains this DKIM Signature:
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple;
d=theblackscreenchannel.com; s=202011; t=1609172239;
bh=nMTF1qnIpIBXMQopAknts9+OnvYe9005+j1suP/Os7Y=;
h=Date:From:To:Subject:From;
b=elsE7bvH87sQ7doN/nb+JcbM5RpCUA8EHjLYE13yGd4GGu3fuAWuDgQaB7EY/hglB
RqGfdGZCncF8PC6Q81NT2nNwRohsDpG2hgp2XQHv97lX7SGbPMBluRT2v6yoLn8RoH
MVXszQg6j+fyzRnbbWS8GQABdWf5eH+VaJEd6gUAbJ12diri+Xc6fdavoFMTwdS/yI
fh0NoZQe04qWPEs8q78Qykm213HPpN2oK+Dq36RP9YTEM2pFy4b7+IlW9ZUmq5Zc5h
NpJo6GmfPK6Xb5mEuZiXfn+yHB01jbuuVxaVH1BNslFdIoJ+QH3fR90giyItwgGiEE
8Oa70Cl9ExGGw==

Signature Information:
v= Version: 1
a= Algorithm: rsa-sha256
c= Method: simple/simple
d= Domain: theblackscreenchannel.com
s= Selector: 202011
q= Protocol:
bh= nMTF1qnIpIBXMQopAknts9+OnvYe9005+j1suP/Os7Y=
h= Signed Headers: Date:From:To:Subject:From
b= Data: elsE7bvH87sQ7doN/nb+JcbM5RpCUA8EHjLYE13yGd4GGu3fuAWuDgQaB7EY/hglB
RqGfdGZCncF8PC6Q81NT2nNwRohsDpG2hgp2XQHv97lX7SGbPMBluRT2v6yoLn8RoH
MVXszQg6j+fyzRnbbWS8GQABdWf5eH+VaJEd6gUAbJ12diri+Xc6fdavoFMTwdS/yI
fh0NoZQe04qWPEs8q78Qykm213HPpN2oK+Dq36RP9YTEM2pFy4b7+IlW9ZUmq5Zc5h
NpJo6GmfPK6Xb5mEuZiXfn+yHB01jbuuVxaVH1BNslFdIoJ+QH3fR90giyItwgGiEE
8Oa70Cl9ExGGw==
Public Key DNS Lookup

Building DNS Query for 202011._domainkey.theblackscreenchannel.com
Retrieved this publickey from DNS: v=DKIM1; k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxv001OvTrqWVExGEoKXnk714hodaHCxjObF6RBvBnN5wglFmbxbpeNjgBmVeZkgdIM+kfeJ45WhyA3KTcpQIpd6dirgsEyDmx4NrKlg7Ob7opi6n0I9/giNFBxIP1h1WQAQzJMKNkTqfFH7Kd0urk67w8jQACCUyrLb3FBmhgwuuTVrLQ5ujMzjO2tfU3Pbrg561oi9orLL8/HOWUqfGxqeKZVy9pjBvcj3b3gw+qbwMNOxj/3tNpejN1g1OVfus5jh80ASbBGdwD1DqQkiXdMEXpRySTlHPg7IvBK8J5Q+1EV9+JM3PpenjvS/ntIuSuZOHwyyBSeDPUFjp5r9RXQIDAQAB
Validating Signature

result = pass
Details:

SPF Information:

Using this information that I obtained from the headers

Helo Address = vmd63883.contaboserver.net From Address = info@theblackscreenchannel.com From IP = 161.97.132.176

SPF Record Lookup

Looking up TXT SPF record for theblackscreenchannel.com Found the following namesevers for theblackscreenchannel.com: ns3.contabo.net ns1.contabo.net ns2.contabo.net Retrieved this SPF Record: zone updated 20201228 (TTL = 599) using authoritative server (ns3.contabo.net) directly for SPF Check

Result: pass (Mechanism ‘mx’ matched)

Result code: pass Local Explanation: theblackscreenchannel.com: 161.97.132.176 is authorized to use ‘info@theblackscreenchannel.com’ in ‘mfrom’ identity (mechanism ‘mx’ matched) spf_header = Received-SPF: pass (theblackscreenchannel.com: 161.97.132.176 is authorized to use ‘info@theblackscreenchannel.com’ in ‘mfrom’ identity (mechanism ‘mx’ matched)) receiver=dkimvalidator.com; identity=mailfrom; envelope-from="info@theblackscreenchannel.com"; helo=vmd63883.contaboserver.net; client-ip=161.97.132.176

SpamAssassin Score: 0.203
Message is NOT marked as spam
Points breakdown:
0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record
0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily
valid
0.0 TVD_SPACE_RATIO No description available.
0.1 DKIM_INVALID DKIM or DK signature exists, but is not valid
0.0 BODY_SINGLE_WORD Message body is only one word (no spaces)

It seems, then, your problem is not with DKIM specifically, but with Postfix (the “unable to read banner” problem).

After searching on Google for similar occurrences, I found this post where some possibilities are presented.

Port 25 not enabled on firewall from provider, IP or domain on blacklist (unlikely to create problems when receiving emails), among others.

Did you contacted your hosting provider about this?

First of all, why did you not set a proper hostname on the server?
Using the providers domain is generally not a good idea.

Secondly, how did you install Virtualmin on the server?
Because if I remember correctly you recently had a thread regarding the templates from Contabo which was not working.

Third, port 25 is not listening. That’s why you are not receiving email. Firewall?

I really don’t know anymore. Postfix is enabled, tried also the blacklist check. None of my IPs or domains are blacklisted. My provider is not blocking any ports for their severs. I can send emails without problems.

Why do you mean with not set a proper hostname on the server(I never had problems with the hostname of the provider, but I think that I will do it)? The provider installed webmin(I chosed it without LAMP) and afterwards I have installed Virtualmin.

I have checked now the port 25 with: netstat -tuplen | grep 25 and this is what I got:

tcp 0 0 127.0.0.1:783 0.0.0.0:* LISTEN 0 5253154 840696/perl

with iptables -nL | grep 25 I have:
REJECT tcp – 0.0.0.0/0 0.0.0.0/0 multiport dports 25,465,587,143,993,110,995 match-set f2b-postfix-sasl src reject-with icmp-port-unreachable
ACCEPT tcp – 0.0.0.0/0 0.0.0.0/0 tcp dpt:25 ctstate NEW,UNTRACKED
ACCEPT tcp – 0.0.0.0/0 0.0.0.0/0 tcp dpts:1025:65535 ctstate NEW,UNTRACKED

The FQDN should be a domain YOU own, not the provider.

This implies Postfix isn’t running (or at least not listening to port 25).
If you see this post, this user had a very similar problem as you using Contabo and preinstalled stuff.
Even if the didn’t install LAMP or Virtualmin, just having Webmin installed before could lead to problems and this is obviously what happened here.

2 Likes

Yes, sorry, I forgot that I made some changes and it was stopped. I will start it now and run it again.

netstat -tuplen | grep 25

tcp 0 0 127.0.0.1:783 0.0.0.0:* LISTEN 0 5253154 840696/perl
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 0 6554946 1124169/master
tcp 0 0 161.97.132.177:25 0.0.0.0:* LISTEN 0 6554942 1124169/master
tcp 0 0 161.97.132.176:25 0.0.0.0:* LISTEN 0 6554838 1124169/master

I think you are right and need to start fresh once more just with Ubuntu installed. I was afraid of that. I will start backing all up .

That seems to be the best thing here.
I tried connecting to your server and it still times out.

Start with a completely fresh install, change the hostname of the server to something you own, like server1.mydomain.com and the follow the installation instructions for Virtualmin.
This will give you a lot less issues, guaranteed.

Thank you very much Paulo for taking the time and help me out. I will start fresh with the server and see what will happen.

1 Like

Thank you very much for the help. I will do that right now. I hope that this time everything will be fine, because right now it’s like Bermuda Triangle. There are untraceable problems :))

2 Likes

I NEVER use a provider’s pre-built images – and I have a good provider. But images get stale very quickly. Also, you never know whether the person who built the image had his or her own ideas about how to do it. Give me a clean OS and login credentials. I’ll take it from there.

Fortunately, my provider will let me install literally whatever I want. They’ll download it and install whatever OS I ask for, or will let me provide my own ISO. They’re a good outfit.

Richard

Hi, they just needed to install Ubuntu and Webmin without LAMP or any other “extras”, that’s it. Never thought that it would cause so many problems. Lesson learned. Want to do something right? Do it yourself :)) The cliché is true.

2 Likes

Hi there,

Coming with an update. I have started fresh, installed everything manually with my own hostname, own nameservers and like you said, a lot, but a lot less issues. Don’t know what they did wrong but didn’t have a problem this time, few things that I did not know, because I am new with Virtualmin but no ghost problems with ghost errors. I wish I would have done it from the beginning.
Thank you again and I wish you all Happy Holidays and a Happy New Year!

3 Likes

This topic was automatically closed 4 days after the last reply. New replies are no longer allowed.