SYSTEM INFORMATION
OS type and version
ubuntu linux 20.04.6
Webmin version
2.202 pro
I can not send email,email is stuck at mail queue, I restart the server and restart the postfix service as well, it dose not solve the problem, please try to help
Steini
December 12, 2024, 2:35pm
2
Have you requested to open port 25 on provider side and did they do?
yes, the port 25 is opened already, and it was working for the last 1 year on same server, I checked on https://portchecker.co/ , the port 25 is opened.
Joe
December 12, 2024, 8:52pm
4
You need to look at the mail log or the journal for the postfix unit. Nobody can possibly guess what’s wrong without an error.
1 Like
hello, I check the system log, it shows like below:
Dec 13 01:27:19 vmi1234742.contaboserver.net postfix/postscreen[276584]: CONNECT from [80.94.95.239]:51646 to [217.76.52.157]:25
Dec 13 01:27:20 vmi1234742.contaboserver.net postfix/postscreen[276584]: PREGREET 11 after 0.45 from [80.94.95.239]:51646: EHLO User\r\n
Dec 13 01:27:20 vmi1234742.contaboserver.net postfix/postscreen[276584]: warning: cannot connect to service private/smtpd: No such file or directory
Dec 13 01:27:20 vmi1234742.contaboserver.net postfix/postscreen[276584]: DISCONNECT [80.94.95.239]:51646
Dec 13 01:27:24 vmi1234742.contaboserver.net postfix/postscreen[276584]: CONNECT from [80.94.95.235]:46500 to [217.76.52.157]:25
Dec 13 01:27:26 vmi1234742.contaboserver.net postfix/postscreen[276584]: PREGREET 11 after 1.2 from [80.94.95.235]:46500: EHLO User\r\n
Dec 13 01:27:26 vmi1234742.contaboserver.net postfix/postscreen[276584]: warning: cannot connect to service private/smtpd: No such file or directory
Dec 13 01:27:26 vmi1234742.contaboserver.net postfix/postscreen[276584]: DISCONNECT [80.94.95.235]:46500
Joe
December 12, 2024, 9:36pm
6
You’ve altered your configuration, though I can’t guess what changes you’ve made exactly. Looks like postscreen is configured. What else has changed from the defaults?
I’m kinda guessing something in master.cf
is wrong. So, maybe post that.
hello, thanks for your reply,please check the master.cf
Postfix master process configuration file. For details on the format
of the file, see the master(5) manual page (command: “man 5 master” or
Do not forget to execute “postfix reload” after editing this file.
==========================================================================
service type private unpriv chroot wakeup maxproc command + args
(yes) (yes) (no) (never) (100)
==========================================================================
smtp inet n - y - - smtpd -o smtpd_sasl_auth_enable=yes -o smtpd_tls_security_level=may
smtp inet n - y - 1 postscreen
#smtpd pass - - y - - smtpd
#dnsblog unix - - y - 0 dnsblog
#tlsproxy unix - - y - 0 tlsproxy
#submission inet n - y - - smtpd
-o syslog_name=postfix/submission
-o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
-o smtpd_tls_auth_only=yes
-o smtpd_reject_unlisted_recipient=no
-o smtpd_client_restrictions=$mua_client_restrictions
-o smtpd_helo_restrictions=$mua_helo_restrictions
-o smtpd_sender_restrictions=$mua_sender_restrictions
-o smtpd_recipient_restrictions=
-o smtpd_relay_restrictions=permit_sasl_authenticated,reject
-o milter_macro_daemon_name=ORIGINATING
#smtps inet n - y - - smtpd
-o syslog_name=postfix/smtps
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
-o smtpd_reject_unlisted_recipient=no
-o smtpd_client_restrictions=$mua_client_restrictions
-o smtpd_helo_restrictions=$mua_helo_restrictions
-o smtpd_sender_restrictions=$mua_sender_restrictions
-o smtpd_recipient_restrictions=
-o smtpd_relay_restrictions=permit_sasl_authenticated,reject
-o milter_macro_daemon_name=ORIGINATING
#628 inet n - y - - qmqpd
pickup unix n - y 60 1 pickup
cleanup unix n - y - 0 cleanup
qmgr unix n - n 300 1 qmgr
#qmgr unix n - n 300 1 oqmgr
tlsmgr unix - - y 1000? 1 tlsmgr
rewrite unix - - y - - trivial-rewrite
bounce unix - - y - 0 bounce
defer unix - - y - 0 bounce
trace unix - - y - 0 bounce
verify unix - - y - 1 verify
flush unix n - y 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - y - - smtp
relay unix - - y - - smtp
-o syslog_name=postfix/$service_name
-o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq unix n - y - - showq
error unix - - y - - error
retry unix - - y - - error
discard unix - - y - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - y - - lmtp
anvil unix - - y - 1 anvil
scache unix - - y - 1 scache
postlog unix-dgram n - n - 1 postlogd
====================================================================
Interfaces to non-Postfix software. Be sure to examine the manual
pages of the non-Postfix software to find out what options it wants.
Many of the following services use the Postfix pipe(8) delivery
agent. See the pipe(8) man page for information about ${recipient}
and other message envelope options.
====================================================================
maildrop. See the Postfix MAILDROP_README file for details.
Also specify in main.cf: maildrop_destination_recipient_limit=1
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
====================================================================
Recent Cyrus versions can use the existing “lmtp” master.cf entry.
Specify in cyrus.conf:
lmtp cmd=“lmtpd -a” listen=“localhost:lmtp” proto=tcp4
Specify in main.cf one or more of the following:
mailbox_transport = lmtp:inet:localhost
virtual_transport = lmtp:inet:localhost
====================================================================
Cyrus 2.1.5 (Amos Gouaux)
Also specify in main.cf: cyrus_destination_recipient_limit=1
#cyrus unix - n n - - pipe
user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
====================================================================
Old example of delivery via Cyrus.
#old-cyrus unix - n n - - pipe
flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
====================================================================
See the Postfix UUCP_README file for configuration details.
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
Other external delivery methods.
ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix - n n - 2 pipe
flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman unix - n n - - pipe
flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
${nexthop} ${user}
submission inet n - y - - smtpd -o smtpd_sasl_auth_enable=yes -o smtpd_tls_security_level=may
smtps inet n - y - - smtpd -o smtpd_sasl_auth_enable=yes -o smtpd_tls_security_level=may -o smtpd_tls_wrappermode=yes
587 inet n - - - - smtpd
also I will post the main.cf for your reference:
See /usr/share/postfix/main.cf.dist for a commented, more complete version
Debian specific: Specifying a file name will cause the first
line of that file to be used as the name. The Debian default
is /etc/mailname.
#myorigin = /etc/mailname
biff = no
appending .domain is the MUA’s job.
append_dot_mydomain = no
Uncomment the next line to generate “delayed mail” warnings
#delay_warning_time = 4h
readme_directory = no
fresh installs.
compatibility_level = 2
TLS parameters
smtpd_tls_cert_file = /etc/postfix/postfix.cert.pem
smtpd_tls_key_file = /etc/postfix/postfix.key.pem
smtpd_tls_security_level = may
smtp_tls_CApath=/etc/ssl/certs
smtp_tls_security_level = dane
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_command = /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME
mailbox_size_limit = 0
recipient_delimiter = +
inet_protocols = ipv4
virtual_alias_maps = hash:/etc/postfix/virtual
sender_bcc_maps = hash:/etc/postfix/bcc
sender_dependent_default_transport_maps = hash:/etc/postfix/dependent
home_mailbox = Maildir/
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination
smtp_dns_support_level = dnssec
smtp_host_lookup = dns
allow_percent_hack = no
resolve_dequoted_address = no
tls_server_sni_maps = hash:/etc/postfix/sni_map
milter_default_action = accept
smtpd_milters = inet:localhost:8891
non_smtpd_milters = inet:localhost:8891
mynetworks_style = subnet
header_size_limit = 10240000
deliver_lock_delay = 2s
message_size_limit = 52428800
line_length_limit = 2048000
default_process_limit = 10000
qmgr_message_active_limit = 20000000
bounce_size_limit = 50000000
fork_delay = 2s
fork_attempts = 50
deliver_lock_attempts = 200
smtpd_tls_CAfile = /etc/postfix/postfix.ca.pem
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1
myorigin = vmi1234742.contaboserver.net
Joe
December 13, 2024, 4:21am
9
Please wrap configuration files, as well as logs, and command line output, in triple backticks (```) so they are readable.
main.cf
# See /usr/share/postfix/main.cf.dist for a commented, more complete version
# Debian specific: Specifying a file name will cause the first
# line of that file to be used as the name. The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname
biff = no
# appending .domain is the MUA's job.
append_dot_mydomain = no
# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h
readme_directory = no
# See http://www.postfix.org/COMPATIBILITY_README.html -- default to 2 on
# fresh installs.
compatibility_level = 2
# TLS parameters
smtpd_tls_cert_file = /etc/postfix/postfix.cert.pem
smtpd_tls_key_file = /etc/postfix/postfix.key.pem
smtpd_tls_security_level = may
smtp_tls_CApath=/etc/ssl/certs
smtp_tls_security_level = dane
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_command = /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME
mailbox_size_limit = 0
recipient_delimiter = +
inet_protocols = ipv4
virtual_alias_maps = hash:/etc/postfix/virtual
sender_bcc_maps = hash:/etc/postfix/bcc
sender_dependent_default_transport_maps = hash:/etc/postfix/dependent
home_mailbox = Maildir/
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination
smtp_dns_support_level = dnssec
smtp_host_lookup = dns
allow_percent_hack = no
resolve_dequoted_address = no
tls_server_sni_maps = hash:/etc/postfix/sni_map
milter_default_action = accept
smtpd_milters = inet:localhost:8891
non_smtpd_milters = inet:localhost:8891
mynetworks_style = subnet
header_size_limit = 10240000
deliver_lock_delay = 2s
message_size_limit = 52428800
line_length_limit = 2048000
default_process_limit = 10000
qmgr_message_active_limit = 20000000
bounce_size_limit = 50000000
fork_delay = 2s
fork_attempts = 50
deliver_lock_attempts = 200
smtpd_tls_CAfile = /etc/postfix/postfix.ca.pem
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1
myorigin = vmi1234742.contaboserver.net
master.cf
#
# Postfix master process configuration file. For details on the format
# of the file, see the master(5) manual page (command: "man 5 master" or
# on-line: http://www.postfix.org/master.5.html).
#
# Do not forget to execute "postfix reload" after editing this file.
#
# ==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (no) (never) (100)
# ==========================================================================
smtp inet n - y - - smtpd -o smtpd_sasl_auth_enable=yes -o smtpd_tls_security_level=may
smtp inet n - y - 1 postscreen
#smtpd pass - - y - - smtpd
#dnsblog unix - - y - 0 dnsblog
#tlsproxy unix - - y - 0 tlsproxy
#submission inet n - y - - smtpd
# -o syslog_name=postfix/submission
# -o smtpd_tls_security_level=encrypt
# -o smtpd_sasl_auth_enable=yes
# -o smtpd_tls_auth_only=yes
# -o smtpd_reject_unlisted_recipient=no
# -o smtpd_client_restrictions=$mua_client_restrictions
# -o smtpd_helo_restrictions=$mua_helo_restrictions
# -o smtpd_sender_restrictions=$mua_sender_restrictions
# -o smtpd_recipient_restrictions=
# -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
# -o milter_macro_daemon_name=ORIGINATING
#smtps inet n - y - - smtpd
# -o syslog_name=postfix/smtps
# -o smtpd_tls_wrappermode=yes
# -o smtpd_sasl_auth_enable=yes
# -o smtpd_reject_unlisted_recipient=no
# -o smtpd_client_restrictions=$mua_client_restrictions
# -o smtpd_helo_restrictions=$mua_helo_restrictions
# -o smtpd_sender_restrictions=$mua_sender_restrictions
# -o smtpd_recipient_restrictions=
# -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
# -o milter_macro_daemon_name=ORIGINATING
#628 inet n - y - - qmqpd
pickup unix n - y 60 1 pickup
cleanup unix n - y - 0 cleanup
qmgr unix n - n 300 1 qmgr
#qmgr unix n - n 300 1 oqmgr
tlsmgr unix - - y 1000? 1 tlsmgr
rewrite unix - - y - - trivial-rewrite
bounce unix - - y - 0 bounce
defer unix - - y - 0 bounce
trace unix - - y - 0 bounce
verify unix - - y - 1 verify
flush unix n - y 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - y - - smtp
relay unix - - y - - smtp
-o syslog_name=postfix/$service_name
# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq unix n - y - - showq
error unix - - y - - error
retry unix - - y - - error
discard unix - - y - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - y - - lmtp
anvil unix - - y - 1 anvil
scache unix - - y - 1 scache
postlog unix-dgram n - n - 1 postlogd
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# Many of the following services use the Postfix pipe(8) delivery
# agent. See the pipe(8) man page for information about ${recipient}
# and other message envelope options.
# ====================================================================
#
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
#
# ====================================================================
#
# Recent Cyrus versions can use the existing "lmtp" master.cf entry.
#
# Specify in cyrus.conf:
# lmtp cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4
#
# Specify in main.cf one or more of the following:
# mailbox_transport = lmtp:inet:localhost
# virtual_transport = lmtp:inet:localhost
#
# ====================================================================
#
# Cyrus 2.1.5 (Amos Gouaux)
# Also specify in main.cf: cyrus_destination_recipient_limit=1
#
#cyrus unix - n n - - pipe
# user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
#
# ====================================================================
# Old example of delivery via Cyrus.
#
#old-cyrus unix - n n - - pipe
# flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
#
# ====================================================================
#
# See the Postfix UUCP_README file for configuration details.
#
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
#
# Other external delivery methods.
#
ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix - n n - 2 pipe
flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman unix - n n - - pipe
flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
${nexthop} ${user}
submission inet n - y - - smtpd -o smtpd_sasl_auth_enable=yes -o smtpd_tls_security_level=may
smtps inet n - y - - smtpd -o smtpd_sasl_auth_enable=yes -o smtpd_tls_security_level=may -o smtpd_tls_wrappermode=yes
587 inet n - - - - smtpd
Joe
December 13, 2024, 5:18am
12
What’s going on here? I don’t see how this can work.
1 Like
I did not do any change to the postfix, also I don’t know what is the correct setting, can you suggest me the solution, I am complete new to coding.
Joe
December 13, 2024, 5:43am
14
Somebody changed it.
You can start by commenting out this line (put a #
in front of it):
smtp inet n - y - 1 postscreen
I did the commenting out already, and reload the configuration, but it seems the mail queque messages still stucked there,
can you access my my server by remote and check the issues. thanks
What do the queued messages say? You said port 25 is open, its needs to be outbound. inbound is not the issue and portchecker.co doesn’t check for that.
1 Like
This is an old server, it was working a week before,
the quequed message reply as below:
`root@vmi1234742:~# mailq | tail -30
community@villalantana.ae
B799C2E00AA0 648 Tue Dec 10 17:27:43 customercare@u-artist.com
(delivery temporarily suspended: connect to mta5.am0.yahoodns.net [67.195.204.77]:25: Connection refused)
suhochmylu1988@yahoo.com
B7C252E01251 9684 Thu Dec 12 13:40:24 alihamza@u-artist.com
(delivery temporarily suspended: connect to alt4.gmail-smtp-in.l.google.com [142.250.157.27]:25: Connection refused)
mugalihamza@gmail.com
B661F2E006DD 6270047 Mon Dec 9 13:22:56 account@u-artist.com
(delivery temporarily suspended: connect to alt4.gmail-smtp-in.l.google.com [142.250.157.27]:25: Connection refused)
abubakarabdallah054@gmail.com
dodo3fun@gmail.com
frnzfaraz@gmail.com
irfankazmi45@gmail.com
joyc931026@gmail.com
nomanalibutt1234@gmail.com
thamprasadkami@gmail.com
uaecabinet@gmail.com
993C52E001F2 680 Mon Dec 9 13:16:43 customercare@u-artist.com
(delivery temporarily suspended: connect to mta5.am0.yahoodns.net [67.195.204.77]:25: Connection refused)
suhochmylu1988@yahoo.com
949952E00D61 938 Tue Dec 10 15:07:30 customercare@u-artist.com
(delivery temporarily suspended: connect to mta5.am0.yahoodns.net [67.195.204.77]:25: Connection refused)
suhochmylu1988@yahoo.com
– 29869 Kbytes in 37 Requests.`
already done, dmarc record added successfully, but the email is still queued, even I click flush, it is not sending.
It doesn’t fix straight away, i can take 24 hours due to dns cache, plus not 100% sure its the problem.