Still trying to get any mail working

I am still struggling with the mail server problem. I installed Postfix, which is supposedly more of an “out of the box” solution, but I am having zero luck with it. I can’t send or receive maill from or to my system, but I can mail from one user to another. I feel like I have tried everything.

I tried a clean install of Ubuntu 8.04LTS and went through all the configurations, one of which was spamassassin, when you install using the script, there’s a message saying you need ot configure procmail for spamassassin and there’s a button to configure it with, so I did. It messed it up so I couldn’t import domains. So I reinstalled, reconfigured, tried it again. This time I didn’t touch the spamassassin thing and it allowed the import. This didn’t work for sending or receiving, so I tried importing again, this time using a backup with no mail/ftp users included. No luck, no changes. So I tried messing with spamassassin again and it had the message saying it needed to be configured… so I tried it. Checked the Virtualmin configuration again and it wasn’t ready. Since I didn’t know which procmail rules had been adjusted and since I thought I srewed something up, I did another clean install. Tried creating a domain before importing any domains or changing any settings… no change. Can’t receive or send. I’ve tried adding $mydomainname to the list of accepted hostnames, tried changing canonical mapping settings, tried adjusting just about everything I can think of. Bounces I get from my gmail account I am trying to send to the server are “The recipient server did not accept our requests to connect” and going out there’s no message at all. It’s like there’s no reply from postfix.

Suggestions? This problem is getting to the point of ridiculous in how much time I have spent trying to solve it…<br><br>Post edited by: VyouFinder, at: 2008/11/10 16:52

Howdy,

When you try to send or receive a message, are you seeing any errors in /var/log/mail.log? I’d even be curious if any errors pop up after restarting Postfix.

You’re definitely seeing a plethora of abnormal issues, but perhaps the error message(s) will help make it more clear what’s going on, then we can get it fixed up!
-Eric

Thanks Andreycheck. I’m frustrated with this but willing to work through it and thanks for your helping. Seriously.

My logs don’t show anything out of the ordinary as far as I can tell, with a typical entry being:

When I try to send mail to a domain user on my server from gmail, a day or so later I get a message from gmail:

user@adomainonmyserver.com

Nothing at all shows up in my mail log because it seems like it’s not even hitting my server. I have port 25 forwarded correctly, but it seems it’s not getting to the machine.

When I try to send mail out, I get an entry in the log:

… it’s all timeouts, both ways it seems. I can send and receive internally from one domain to another and from different domain user addresses all fine. I’ve previously sent email from and to my system, so I am pretty sure it’s not Comcast blocking port 25… unless they changed my service in the past few days.

Ideas?

Well, I’m concerned that it might be Comcast related – a lot of ISP’s block SMTP. The biggest issue would be the incoming messages though.

Outgoing can (and should) be routed through Comcasts own mail servers (ie, use their servers as a mail relay, rather than trying to directly deliver emails to remote servers yourself).

But for inbound email – you just need to verify that port 25 is accepting connections (it doesn’t seem to be!).

To test that, you could log into a remote server and use telnet:

telnet yourserver 25

So long as that doesn’t work (you should get a banner announcing the SMTP server), the issue is likely the port forwarding, or Comcast, since email works locally and you don’t see any errors.
-Eric

I tried the telnet 192.168.1.99 25 to check if my port was open from another machine on the same network and got a response that Postfix on Ubuntu is running and available on the machine…

I don’t have a remote machine to test with so I checked to see if the port was open alright at http://www.canyouseeme.org/… It says it’s closed. Unavailable.

The thing is, a week ago I was able to send and receive mail, though my dynamic i.p. was in an RBL for sending purposes and I was planning to redirect through port 587 and use Google’s smtp relay service.

The thing that makes me think Comcast put a block on my port 25 is, I contacted them about being able to send mail on port 25 through smtp and at first I got the general form letter reply. When I persisted, I got a real response from a real person asking me to contact them so they can (hehe) solve the problem… It was about the time I got that email that I was totally unable to send anything at all. So… Does this mean they’ve put a block on me within the past few days? It’s my fear. I am hesitant to contact them because I know they will try to strongarm me into the business service again or possibly me further.

Well, first off, I’d make absolute certain that the domain you’re trying to access still points to your server – that it has the correct IP address.

If you don’t have a static IP, it’s plausible that the domains are pointing to your old IP address if it changed along the way.

Also, I’d double-check your router port forwarding settings and just make sure something didn’t get inadvertently messed up along the way.

It’s of course entirely possible that Comcast is blocking port 25, and even if they aren’t now, they might later.

Just as an alternate idea, there are VPS providers out there, such as Linode and Slicehost, who provide a VPS server for as little as $20/month. I know that you’re probably trying to avoid the costs there, but it’s possible spending a few bucks a month to save yourself these sorts of headaches might be worth it

Just a thought!

But, I’d start by checking the IP address you have now against what the domains have setup in their DNS.
-Eric

Checked and triple checked the ports in the router. I’ve been switching them back and forth between my main server and the backup fairly often…

Also checked that the dns is working fine. My ip actually hasn’t changed, but I have an update script that I tested to make sure it works as well.

No way I am paying for vps, that’s my whole point of doing this is to avoid paying for anything and have a machine with my data on it, physically and in my posession. I much prefer to deal with my own headaches than to deal with a hosting company’s. I’ll do whatever I have to to get it working and in the process I will learn aplenty.

It does seem strange that I could receive fine a few days ago, then I get a real email from a csr with Comcast, then mail mysteriously can’t connect and port 25 is inaccessible from the outside world. The strange thing there is that Comcast customers regularly use stuff like Outlook to get their email, and it uses port 25. So if they’ve decided to block me, it is out of the ordinary… right? Do they commonly block port 25? Maybe I should configure with that in mind anyway so as to avoid future problems with them.

I guess I can’t speak to why it once worked, and sure, it is a little bit of a “coincidence” that it doesn’t work now.

That said, Comcast is known for blocking inbound port 25, it’s fairly common these days:

http://www.dslreports.com/shownews/82880
http://www.lockergnome.com/usrbingeek/2007/04/12/comcast-blocking-port-25/
http://www.early-retirement.org/forums/f27/comcast-blocking-inbound-and-outbound-port-25-a-37862.html

So, as the practice of blocking inbound port 25 is getting more and more common, I guess I view it as a fluke that it ever actually worked for you

If you really don’t want to have to deal with that issue, you could always consider colocating a server – but barring that, you might need to consider their business package if you want to be able to receive email.

One hackish alternative would be to buy one of those $20/month VPS’s, and purely use it as an inbound MX relay.

If you were to run email on an alternate port, this VPS MX relay could be configured soley to accept email and relay them to your server on this alternate port.

I’m aware of how you feel about hosting companies and VPS’s, I’m just tossing out options
-Eric

I’m 99.9% certain Comcast put a block on me just within the past few days. When I got the email from an actual person at tech support, when I read “Thank you for bringing this to my attention” and read the rest of their email, I just had this sinking feeling like I shouldn’t have contacted them.

Apparently they have, and have also blocked ports 587 and 465. A week or two ago I checked these ports via online ports scanner and they were both open. I used to get errors from Google, the smtp server I was trying to redirect through 587 saying I need the starttls command. Now I can’t even get that and all I get is the timeout. As posted, I tried re-installing several times in case I had misconfigured anything, then I tried rebooting my router, checking and double checking the ports and how they forward…

The links you pointed out to me had stories of people being blocked out of the blue, without warning or notice, and that’s what I think the Comcast tech support representative meant when saying “thanks for bringing this to my attention” he was referring to the fact that I have a mail server at all.

When I try to command line: telnet dslreports.com 25, I get a timeout also… Two port sniffers tell me 25 and even 587 are both inaccessible.

When I try it from my local netowrk machines, I get a response saying Postfix on Ubuntu is there waiting for it… so. It works internally, but not externally. All my other port forwards work fine in the router. I rebooted EVERYTHING… there’s lack of communication between the router and the outside world meaning … Comcast.

Going with a monthly, annual, or otherwise paid mx service or anything else just isn’t an option for me. It goes against the whole point of this project. The goal is to have a fully capable webserver with mail and everything on my home computer running on nothing but a connection. After that, I plan to setup a colocated backup. A large part of my reason for doing this project at all is so that I can learn how it all works and if it means paying extra for a more serious connection, I will go that route. I like afraid.org for their dynamic dns services.

I have a hard time believing Comcast would block me like that and not tell me. I can’t complain too much because one time on the phone tech support told me it was against their terms of service to run a mail server or a messaging script, both of which I do, but then again the same guy told me I couldn’t run a web server at all until I told him that I could and was allowed to… So… It’s kind of like, you never know.

I knew I had to redirect through 587 because they were blocking outbound email from my i.p. but that would’ve been solved by using gmail’s free smtp relay service.

Has anyone tried using Google Apps and then using the MX redirects:

http://www.google.com/support/a/bin/answer.py?hl=en&answer=33352

This might be an option I would consider, as it seems like it would be a free and relatively permanent place to store an mx record for a domain. What do you think of that idea? As a short-term solution?

For the long-term solution, I am loking at finding an alternative to Corpcast, oops I mean Comcast. They give me free television with my internet but when I tried it, it was just like propaganda anyway. I won’t miss it or them and possibly find myself a static i.p. or something too.

Update…

Checked with Comcast… They’re not blocking my port 25. The tech “checked the modem” and assured me of this even after I explained that I have checked my port forwarding and my mx records…

I’m going to have to dig deeper around here but it’s not Comcast whichc is a relief to not have to change isp’s.

Update - Checked with Comcast and today they assure me that port 25 IS blocked.

You never know with Comcast it seems, at least where I am. The tech I chatted with today seemed a lot more helpful and when I told them about the girl “checking the modem” yesterday he told me what their system is like. Basically he’s got a screen where he can click to see port 25’s status. He said he definitely shows it as blocked and could not tell me the reason in writing. He went on to say that they use an automated system for the most part that, if your port 25 sees any action, it just blocks it. Getting to remove this block is, according to Dino anyway, possible, but can’t be discussed in writing and you have to call them.

Honestly, wasting nearly every hour for the past two weeks trying to figure this out makes me frustrated enough that I am thinking I will switch isp’s. It’s such a hassle and expense that I will have to think about it more but one thing I have learned is that when contacting Comcast, the customer service reps tend to make answers up as they go along. If they break the terms of service, they won’t admit to it, and they do this as a policy. I wasn’t breaking the terms of service