Can you post from the “top” of the table please (as per the diagram above)?
It’s possible Gmail has changed it’s default settings from SMTP (Port 25) to SMTPS (Port 465) and given the suspicion that your Postfix setup isn’t listening on SMTPS (Port 465) - you won’t see anything in the mail logs for the Gmail attempts.
You are missing the line for smtps - it’s virtually a clone of the smtp line, but wants a few other things as well.
You will also need to ensure the lines in main.cf for TLS are there and have the correct values.
I checked the ports on my server - also running Postfix - and 465\587 were open and the entry for smtps was there in master.cf.
Took me a bit of time to realise Wormly won’t work for 465 - it tries to use SSLv3 which Postfix says “No”. And being on Windows for the client - I had to install OpenSSL as telnet works for Port 25 but you need an SSL client to test 465 (and 587) for that matter.
But then you have to deal with having to whitelist your own IP as it may fail most of the Postfix checks - mine are rather heavy handed and kept catching my IP.
Dibs
I don’t see any relevant logs here. Look in your maillog. You’re trying to fix a problem without identifying the problem first. You don’t even know what you’re trying to fix. That doesn’t make sense.
1 Like
@Joe - I suppose many roads lead to Rome.
In the case where an smtps “listener” doesn’t exist in master.cf - the mail log will appear as if nothing happened, i.e. zero additional entries. Although the logs can’t hurt.
@sejo2001 - can you try to connect via a Gmail client, assuming it fails, post up the /var/log/mail.log snippet for that time?
Also be good if you could post up the contents of your master.cf file.
Either you have altered the file and added an entry for smtps in the table at the top, or there is a line at the bottom (appended to it) for smtps. I say this because I just connected via
openssl s_client -connect technologykenya.com:465 -quiet
and left you an email in your admin@technologykenya.com mailbox.
Dibs
If an smtps config doesn’t exist in master.cf, OP’s installation had errors they ignored. That gets setup as part of the virtualmin-config stage (stage 3) of the installer. It is likely other things are unconfigured, too.
1 Like
@Dibs I saw your email in my inbox. Just some points to note
- Gmail SMTP - gives me the error ‘Couldn’t reach server. Please double-check the server and port number’. The logs from the period I was trying to connect as below dont have any entry from Gmail
Aug 13 13:20:32 server1 postfix/smtpd[24351]: warning: hostname net6-ip76.linkbg.com does not resolve to address 87.246.7.76: Name or service not known
Aug 13 13:20:32 server1 postfix/smtpd[24351]: connect from unknown[87.246.7.76]
Aug 13 13:20:34 server1 postfix/smtpd[24351]: warning: unknown[87.246.7.76]: SASL LOGIN authentication failed: authentication failure
Aug 13 13:20:34 server1 postfix/smtpd[24351]: disconnect from unknown[87.246.7.76]
Aug 13 13:20:37 server1 postfix/smtpd[24436]: connect from unknown[5.34.207.246]
Aug 13 13:20:38 server1 postfix/smtpd[24611]: warning: hostname net6-ip76.linkbg.com does not resolve to address 87.246.7.76: Name or service not known
Aug 13 13:20:38 server1 postfix/smtpd[24611]: connect from unknown[87.246.7.76]
Aug 13 13:20:39 server1 postfix/smtpd[24436]: warning: unknown[5.34.207.246]: SASL LOGIN authentication failed: authentication failure
Aug 13 13:20:39 server1 postfix/smtpd[24436]: disconnect from unknown[5.34.207.246]
Aug 13 13:20:40 server1 postfix/smtpd[24611]: warning: unknown[87.246.7.76]: SASL LOGIN authentication failed: authentication failure
Aug 13 13:20:40 server1 postfix/smtpd[24611]: disconnect from unknown[87.246.7.76]
Aug 13 13:20:44 server1 postfix/smtpd[24351]: warning: hostname net6-ip76.linkbg.com does not resolve to address 87.246.7.76: Name or service not known
Aug 13 13:20:44 server1 postfix/smtpd[24351]: connect from unknown[87.246.7.76]
Aug 13 13:20:46 server1 postfix/smtpd[24351]: warning: unknown[87.246.7.76]: SASL LOGIN authentication failed: authentication failure
Aug 13 13:20:46 server1 postfix/smtpd[24351]: disconnect from unknown[87.246.7.76]
Aug 13 13:20:50 server1 postfix/smtpd[24611]: warning: hostname net6-ip76.linkbg.com does not resolve to address 87.246.7.76: Name or service not known
Aug 13 13:20:50 server1 postfix/smtpd[24611]: connect from unknown[87.246.7.76]
Aug 13 13:20:53 server1 postfix/smtpd[24611]: warning: unknown[87.246.7.76]: SASL LOGIN authentication failed: authentication failure
Aug 13 13:20:53 server1 postfix/smtpd[24611]: disconnect from unknown[87.246.7.76]
Aug 13 13:20:59 server1 postfix/smtpd[24582]: connect from unknown[5.34.207.246]
Aug 13 13:21:01 server1 postfix/smtpd[24582]: warning: unknown[5.34.207.246]: SASL LOGIN authentication failed: authentication failure
Aug 13 13:21:01 server1 postfix/smtpd[24582]: disconnect from unknown[5.34.207.246]
Aug 13 13:21:31 server1 postfix/smtpd[24582]: connect from unknown[212.70.149.66]
Aug 13 13:21:35 server1 postfix/smtpd[24436]: connect from unknown[212.70.149.66]
Aug 13 13:21:40 server1 postfix/smtpd[24582]: warning: unknown[212.70.149.66]: SASL LOGIN authentication failed: authentication failure
Aug 13 13:21:42 server1 postfix/smtpd[24582]: disconnect from unknown[212.70.149.66]
Aug 13 13:21:42 server1 dovecot: imap-login: Disconnected (no auth attempts in 2 secs): user=<>, rip=92.118.161.29, lip=144.91.67.131, TLS handshaking: Disconnected, session=<Xu5lmh3m+fNcdqEd>
Aug 13 13:21:45 server1 postfix/smtpd[24436]: warning: unknown[212.70.149.66]: SASL LOGIN authentication failed: authentication failure
Aug 13 13:21:46 server1 postfix/smtpd[24436]: disconnect from unknown[212.70.149.66]
Aug 13 13:21:48 server1 postfix/smtpd[24582]: connect from unknown[212.70.149.66]
Aug 13 13:21:53 server1 postfix/smtpd[24436]: connect from unknown[212.70.149.66]
Aug 13 13:21:58 server1 postfix/smtpd[24582]: warning: unknown[212.70.149.66]: SASL LOGIN authentication failed: authentication failure
Aug 13 13:21:59 server1 postfix/smtpd[24582]: disconnect from unknown[212.70.149.66]
Aug 13 13:22:03 server1 postfix/smtpd[24436]: warning: unknown[212.70.149.66]: SASL LOGIN authentication failed: authentication failure
Aug 13 13:22:04 server1 postfix/smtpd[24436]: disconnect from unknown[212.70.149.66]
Aug 13 13:23:10 server1 postfix/smtpd[25398]: connect from unknown[141.98.11.17]
@Joe Is there a way to redo the install without deleting my virtual servers so that I can get the config right?
#
# Postfix master process configuration file. For details on the format
# of the file, see the master(5) manual page (command: "man 5 master").
#
# Do not forget to execute "postfix reload" after editing this file.
#
# ==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
# ==========================================================================
213.136.81.111:smtp inet n - n - - smtpd -o smtpd_sasl_auth_enable=yes -o smtpd_tls_security_level=may
#smtp inet n - n - 1 postscreen
#smtpd pass - - n - - smtpd
#dnsblog unix - - n - 0 dnsblog
#tlsproxy unix - - n - 0 tlsproxy
#submission inet n - n - - smtpd
# -o syslog_name=postfix/submission
# -o smtpd_tls_security_level=encrypt
# -o smtpd_sasl_auth_enable=yes
# -o smtpd_reject_unlisted_recipient=no
# -o smtpd_client_restrictions=$mua_client_restrictions
# -o smtpd_helo_restrictions=$mua_helo_restrictions
# -o smtpd_sender_restrictions=$mua_sender_restrictions
# -o smtpd_recipient_restrictions=permit_sasl_authenticated,reject
# -o milter_macro_daemon_name=ORIGINATING
#smtps inet n - n - - smtpd
# -o syslog_name=postfix/smtps
# -o smtpd_tls_wrappermode=yes
# -o smtpd_sasl_auth_enable=yes
# -o smtpd_reject_unlisted_recipient=no
# -o smtpd_client_restrictions=$mua_client_restrictions
# -o smtpd_helo_restrictions=$mua_helo_restrictions
# -o smtpd_sender_restrictions=$mua_sender_restrictions
# -o smtpd_recipient_restrictions=permit_sasl_authenticated,reject
# -o milter_macro_daemon_name=ORIGINATING
#628 inet n - n - - qmqpd
pickup unix n - n 60 1 pickup
cleanup unix n - n - 0 cleanup
qmgr unix n - n 300 1 qmgr
#qmgr unix n - n 300 1 oqmgr
tlsmgr unix - - n 1000? 1 tlsmgr
rewrite unix - - n - - trivial-rewrite
bounce unix - - n - 0 bounce
defer unix - - n - 0 bounce
trace unix - - n - 0 bounce
verify unix - - n - 1 verify
flush unix n - n 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - n - - smtp
relay unix - - n - - smtp
# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq unix n - n - - showq
error unix - - n - - error
retry unix - - n - - error
discard unix - - n - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
anvil unix - - n - 1 anvil
scache unix - - n - 1 scache
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# Many of the following services use the Postfix pipe(8) delivery
# agent. See the pipe(8) man page for information about ${recipient}
# and other message envelope options.
# ====================================================================
#
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
#maildrop unix - n n - - pipe
# flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
#
# ====================================================================
#
# Recent Cyrus versions can use the existing "lmtp" master.cf entry.
#
# Specify in cyrus.conf:
# lmtp cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4
#
# Specify in main.cf one or more of the following:
# mailbox_transport = lmtp:inet:localhost
# virtual_transport = lmtp:inet:localhost
#
# ====================================================================
#
# Cyrus 2.1.5 (Amos Gouaux)
# Also specify in main.cf: cyrus_destination_recipient_limit=1
#
#cyrus unix - n n - - pipe
# user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -r ${sender} -m ${extension} ${user}
#
# ====================================================================
#
# Old example of delivery via Cyrus.
#
#old-cyrus unix - n n - - pipe
# flags=R user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -m ${extension} ${user}
#
# ====================================================================
#
# See the Postfix UUCP_README file for configuration details.
#
#uucp unix - n n - - pipe
# flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
#
# ====================================================================
#
# Other external delivery methods.
#
#ifmail unix - n n - - pipe
# flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
#
#bsmtp unix - n n - - pipe
# flags=Fq. user=bsmtp argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient
#
#scalemail-backend unix - n n - 2 pipe
# flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store
# ${nexthop} ${user} ${extension}
#
#mailman unix - n n - - pipe
# flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
# ${nexthop} ${user}
213.136.81.111:submission inet n - n - - smtpd -o smtpd_sasl_auth_enable=yes -o smtpd_tls_security_level=may
213.136.81.111:smtps inet n - n - - smtpd -o smtpd_sasl_auth_enable=yes -o smtpd_tls_security_level=may -o smtpd_tls_wrappermode=yes
smtp-1623790190258914 unix - - n - - smtp -o smtp_bind_address=213.136.81.111 -o smtp_bind_address6=2a02:c207:2060:9227:0000:0000:0000:0001
144.91.67.131:smtp inet n - n - - smtpd -o smtpd_sasl_auth_enable=yes -o smtpd_tls_security_level=may -o smtpd_tls_cert_file=/home/tekenya/ssl.cert -o smtpd_tls_key_file=/home/tekenya/ssl.key -o smtpd_tls_security_level=may -o myhostname=technologykenya.com -o smtpd_tls_CAfile=/etc/ssl/virtualmin/162387737816852/ssl.ca
127.0.0.1:smtp inet n - n - - smtpd -o smtpd_sasl_auth_enable=yes -o smtpd_tls_security_level=may
144.91.67.131:submission inet n - n - - smtpd -o smtpd_sasl_auth_enable=yes -o smtpd_tls_security_level=may -o smtpd_tls_cert_file=/home/tekenya/ssl.cert -o smtpd_tls_key_file=/home/tekenya/ssl.key -o smtpd_tls_security_level=may -o myhostname=technologykenya.com -o smtpd_tls_CAfile=/etc/ssl/virtualmin/162387737816852/ssl.ca
127.0.0.1:submission inet n - n - - smtpd -o smtpd_sasl_auth_enable=yes -o smtpd_tls_security_level=may
144.91.67.131:smtps inet n - n - - smtpd -o smtpd_sasl_auth_enable=yes -o smtpd_tls_security_level=may -o smtpd_tls_wrappermode=yes -o smtpd_tls_cert_file=/home/tekenya/ssl.cert -o smtpd_tls_key_file=/home/tekenya/ssl.key -o smtpd_tls_security_level=may -o myhostname=technologykenya.com -o smtpd_tls_CAfile=/etc/ssl/virtualmin/162387737816852/ssl.ca
127.0.0.1:smtps inet n - n - - smtpd -o smtpd_sasl_auth_enable=yes -o smtpd_tls_security_level=may -o smtpd_tls_wrappermode=yes
smtp-162387737816852 unix - - n - - smtp -o smtp_bind_address=144.91.67.131 -o smtp_bind_address6=2a02:c207:2060:9227:0000:0000:0000:0001
@sejo2001 - appears you have 2 IPs (144.91.67.131 & 213.136.81.111). Just an observation.
You do have the smtps & submission lines at the bottom.
In your Gmail client - when you get the error
“Connection timed out: There may be a problem with the settings you added. Please contact your other email provider to verify the correct server name and port.”
What does it say when you click on the “more details” link just below that?
Dibs
@sejo2001 - in the Gmail client pop up box where you put in the server name, what are you putting in for the servername (the send email one)?
Are you putting in “mail.technologykenya.com”? If so you are going to get an SSL name mismatch as the CN name is technologykenya.com" on 465 and Gmail will error.[Ignore this bit if you are putting in technologykenya.com].
Dibs
@dibs I am inputting mail.technologykenya.com and the text under the : “Connection timed out: There may be a problem with the settings you added. Please contact your other email provider to verify the correct server name and port.” From the pop3 window and for SMPT window “Couldn’t reach server. Please double-check the server and port number.”
@sejo2001 - put in technologykenya.com instead and see how that works?
@Dibs just the name does not work.
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.