PLEASE HELP: dovecot / postfix problem; email down for days

grimmwerks · May 15, 2014, 7:48pm

I’ve had a problem with my email for a few days and this is my primary work domain, so needless to say I’m freaking out.

For some time I’ve had a virtualmin/webmin/dovecot/postfix setup that functioned, but sending mail was always a problem - so I always used another account to send from my mail software. However usermin use to send just fine.

Recently all hell broke lose; I’ve been trying to fix it myself with various newsgroups / web pages / tutorials so I might be far off the rails by now. I really need this functioning as fast as possible or else it will affect my business.

The main domain is www.grimmwerks.com. I cannot telnet to port 25 - it’s not closed but it’s not responding.

When I use usermin I get: Failed to send mail : SMTP command failed : 421 4.3.2 All server ports are busy

My postconf -n


alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
allow_percent_hack = no
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
home_mailbox = Maildir/
mailbox_command = /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME
mailbox_size_limit = 0
mydestination = $myhostname,localhost.$mydomain, localhost, localdomain, ns1.mydomain.net
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
myorigin = $mydomain
readme_directory = no
recipient_delimiter = +
sender_bcc_maps = hash:/etc/postfix/bcc
sender_dependent_default_transport_maps = hash:/etc/postfix/dependent
smtp_sasl_auth_enable = yes
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_recipient_restrictions = reject_non_fqdn_recipient reject_unknown_recipient_domain permit_mynetworks permit_sasl_authenticated reject_unauth_destination reject_non_fqdn_hostname reject_invalid_hostname check_helo_access pcre:/etc/postfix/helo_checks check_sender_mx_access cidr:/etc/postfix/bogus_mx reject_rbl_client zen.spamhaus.org reject_rbl_client cbl.abuseat.org reject_rbl_client dnsbl-1.uceprotect.net permit
smtpd_sasl_auth_enable = yes
smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
virtual_alias_maps = hash:/etc/postfix/virtual

In my tests to send email to one of my domains from an outside email I just received this:

Technical details of temporary failure:
Connection was dropped by remote host (SENT_HELO)

Eric · May 15, 2014, 8:22pm

Howdy,

What output do you receive if you run this command:

netstat -anlp | grep :25

That will show what, if anything, is currently listening on port 25.

-Eric

grimmwerks · May 15, 2014, 8:44pm


tcp        0      0 0.0.0.0:25000           0.0.0.0:*               LISTEN      305/sshd        
tcp        0      0 0.0.0.0:25              0.0.0.0:*               LISTEN      1916/master     
tcp        0      0 107.150.7.19:25         64.191.8.174:60287      TIME_WAIT   -               
tcp        0      0 107.150.7.19:25         64.191.8.174:43763      TIME_WAIT   -               
tcp        0      0 107.150.7.19:25         64.191.8.174:46798      TIME_WAIT   -               
tcp        0      0 107.150.7.19:25         64.191.8.174:37309      TIME_WAIT   -               
tcp        0      0 107.150.7.19:25         64.191.8.174:36171      TIME_WAIT   -               
tcp        0      0 107.150.7.19:25         64.191.8.174:47278      TIME_WAIT   -               
tcp        0      0 107.150.7.19:25         64.191.8.174:44107      TIME_WAIT   -               
tcp        0      0 107.150.7.19:25         64.191.8.174:39671      TIME_WAIT   -               
tcp        0      0 107.150.7.19:25         64.191.8.174:40276      TIME_WAIT   -               
tcp        0      0 107.150.7.19:25         64.191.8.174:58145      TIME_WAIT   -               
tcp        0      0 107.150.7.19:25         50.31.32.144:27723      TIME_WAIT   -               
tcp        0      0 107.150.7.19:25         64.191.8.174:48329      TIME_WAIT   -               
tcp        0     48 107.150.7.19:25000      24.61.64.179:61119      ESTABLISHED 2885/0          
tcp6       0      0 :::25000                :::*                    LISTEN      305/sshd        
tcp6       0      0 :::25                   :::*                    LISTEN      1916/master

grimmwerks · May 15, 2014, 8:46pm

I think a lot of that bouncing to externals was me just trying to set up some spam checking that another tutorial mentioned; trying to find the specific article…

http://postfixmail.com/blog/index.php/using-webmin-to-set-up-postfix/

and this was set in 'restrictions on recipient addresses" but I only put this in perhaps an hour ago:

reject_non_fqdn_recipient
reject_unknown_recipient_domain
permit_mynetworks
permit_sasl_authenticated
reject_unauth_destination
reject_non_fqdn_hostname
reject_invalid_hostname
check_helo_access pcre:/etc/postfix/helo_checks
check_sender_mx_access cidr:/etc/postfix/bogus_mx
reject_rbl_client zen.spamhaus.org
reject_rbl_client cbl.abuseat.org
reject_rbl_client dnsbl-1.uceprotect.net
permit

Eric · May 15, 2014, 10:49pm

Okay, it does appear that Postfix is listening on port 25.

I’m curious what output that this command shows:

iptables -L -n

Also, what errors, if any, do you see in /var/log/mail.log while trying to connect?

And are you able to connect to port 25 via telnet while logged into the server itself?

-Eric

grimmwerks · May 16, 2014, 12:14pm

Locutus was kind enough to take a look at my setup and thinks that I might have been compromised; because of that and him also pointing out that my nginx setup was really unneeded (mostly wordpress sites) I decided to reinstall; but now I’m having problems with apache running as virtual servers:

https://www.virtualmin.com/node/33187

Eric · May 16, 2014, 2:56pm

I’m glad he was able to help! I’ve posted a followup question in your new thread.

-Eric