Stopped sending email postfix

SYSTEM INFORMATION
OS type and version ubuntu linux 20.04.6
Webmin version 2.202 pro

I can not send email,email is stuck at mail queue, I restart the server and restart the postfix service as well, it dose not solve the problem, please try to help

Have you requested to open port 25 on provider side and did they do?

yes, the port 25 is opened already, and it was working for the last 1 year on same server, I checked on https://portchecker.co/, the port 25 is opened.

You need to look at the mail log or the journal for the postfix unit. Nobody can possibly guess what’s wrong without an error.

1 Like

hello, I check the system log, it shows like below:

Dec 13 01:27:19 vmi1234742.contaboserver.net postfix/postscreen[276584]: CONNECT from [80.94.95.239]:51646 to [217.76.52.157]:25
Dec 13 01:27:20 vmi1234742.contaboserver.net postfix/postscreen[276584]: PREGREET 11 after 0.45 from [80.94.95.239]:51646: EHLO User\r\n
Dec 13 01:27:20 vmi1234742.contaboserver.net postfix/postscreen[276584]: warning: cannot connect to service private/smtpd: No such file or directory
Dec 13 01:27:20 vmi1234742.contaboserver.net postfix/postscreen[276584]: DISCONNECT [80.94.95.239]:51646
Dec 13 01:27:24 vmi1234742.contaboserver.net postfix/postscreen[276584]: CONNECT from [80.94.95.235]:46500 to [217.76.52.157]:25
Dec 13 01:27:26 vmi1234742.contaboserver.net postfix/postscreen[276584]: PREGREET 11 after 1.2 from [80.94.95.235]:46500: EHLO User\r\n
Dec 13 01:27:26 vmi1234742.contaboserver.net postfix/postscreen[276584]: warning: cannot connect to service private/smtpd: No such file or directory
Dec 13 01:27:26 vmi1234742.contaboserver.net postfix/postscreen[276584]: DISCONNECT [80.94.95.235]:46500

You’ve altered your configuration, though I can’t guess what changes you’ve made exactly. Looks like postscreen is configured. What else has changed from the defaults?

I’m kinda guessing something in master.cf is wrong. So, maybe post that.

hello, thanks for your reply,please check the master.cf

Postfix master process configuration file. For details on the format

of the file, see the master(5) manual page (command: “man 5 master” or

on-line: Postfix manual - master(5)).

Do not forget to execute “postfix reload” after editing this file.

==========================================================================

service type private unpriv chroot wakeup maxproc command + args

(yes) (yes) (no) (never) (100)

==========================================================================

smtp inet n - y - - smtpd -o smtpd_sasl_auth_enable=yes -o smtpd_tls_security_level=may
smtp inet n - y - 1 postscreen
#smtpd pass - - y - - smtpd
#dnsblog unix - - y - 0 dnsblog
#tlsproxy unix - - y - 0 tlsproxy
#submission inet n - y - - smtpd

-o syslog_name=postfix/submission

-o smtpd_tls_security_level=encrypt

-o smtpd_sasl_auth_enable=yes

-o smtpd_tls_auth_only=yes

-o smtpd_reject_unlisted_recipient=no

-o smtpd_client_restrictions=$mua_client_restrictions

-o smtpd_helo_restrictions=$mua_helo_restrictions

-o smtpd_sender_restrictions=$mua_sender_restrictions

-o smtpd_recipient_restrictions=

-o smtpd_relay_restrictions=permit_sasl_authenticated,reject

-o milter_macro_daemon_name=ORIGINATING

#smtps inet n - y - - smtpd

-o syslog_name=postfix/smtps

-o smtpd_tls_wrappermode=yes

-o smtpd_sasl_auth_enable=yes

-o smtpd_reject_unlisted_recipient=no

-o smtpd_client_restrictions=$mua_client_restrictions

-o smtpd_helo_restrictions=$mua_helo_restrictions

-o smtpd_sender_restrictions=$mua_sender_restrictions

-o smtpd_recipient_restrictions=

-o smtpd_relay_restrictions=permit_sasl_authenticated,reject

-o milter_macro_daemon_name=ORIGINATING

#628 inet n - y - - qmqpd
pickup unix n - y 60 1 pickup
cleanup unix n - y - 0 cleanup
qmgr unix n - n 300 1 qmgr
#qmgr unix n - n 300 1 oqmgr
tlsmgr unix - - y 1000? 1 tlsmgr
rewrite unix - - y - - trivial-rewrite
bounce unix - - y - 0 bounce
defer unix - - y - 0 bounce
trace unix - - y - 0 bounce
verify unix - - y - 1 verify
flush unix n - y 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - y - - smtp
relay unix - - y - - smtp
-o syslog_name=postfix/$service_name

-o smtp_helo_timeout=5 -o smtp_connect_timeout=5

showq unix n - y - - showq
error unix - - y - - error
retry unix - - y - - error
discard unix - - y - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - y - - lmtp
anvil unix - - y - 1 anvil
scache unix - - y - 1 scache
postlog unix-dgram n - n - 1 postlogd

====================================================================

Interfaces to non-Postfix software. Be sure to examine the manual

pages of the non-Postfix software to find out what options it wants.

Many of the following services use the Postfix pipe(8) delivery

agent. See the pipe(8) man page for information about ${recipient}

and other message envelope options.

====================================================================

maildrop. See the Postfix MAILDROP_README file for details.

Also specify in main.cf: maildrop_destination_recipient_limit=1

maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}

====================================================================

Recent Cyrus versions can use the existing “lmtp” master.cf entry.

Specify in cyrus.conf:

lmtp cmd=“lmtpd -a” listen=“localhost:lmtp” proto=tcp4

Specify in main.cf one or more of the following:

mailbox_transport = lmtp:inet:localhost

virtual_transport = lmtp:inet:localhost

====================================================================

Cyrus 2.1.5 (Amos Gouaux)

Also specify in main.cf: cyrus_destination_recipient_limit=1

#cyrus unix - n n - - pipe

user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}

====================================================================

Old example of delivery via Cyrus.

#old-cyrus unix - n n - - pipe

flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}

====================================================================

See the Postfix UUCP_README file for configuration details.

uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)

Other external delivery methods.

ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix - n n - 2 pipe
flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman unix - n n - - pipe
flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
${nexthop} ${user}

submission inet n - y - - smtpd -o smtpd_sasl_auth_enable=yes -o smtpd_tls_security_level=may
smtps inet n - y - - smtpd -o smtpd_sasl_auth_enable=yes -o smtpd_tls_security_level=may -o smtpd_tls_wrappermode=yes
587 inet n - - - - smtpd

also I will post the main.cf for your reference:

See /usr/share/postfix/main.cf.dist for a commented, more complete version

Debian specific: Specifying a file name will cause the first

line of that file to be used as the name. The Debian default

is /etc/mailname.

#myorigin = /etc/mailname

biff = no

appending .domain is the MUA’s job.

append_dot_mydomain = no

Uncomment the next line to generate “delayed mail” warnings

#delay_warning_time = 4h

readme_directory = no

See Postfix Backwards-Compatibility Safety Net – default to 2 on

fresh installs.

compatibility_level = 2

TLS parameters

smtpd_tls_cert_file = /etc/postfix/postfix.cert.pem
smtpd_tls_key_file = /etc/postfix/postfix.key.pem
smtpd_tls_security_level = may

smtp_tls_CApath=/etc/ssl/certs
smtp_tls_security_level = dane
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_command = /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME
mailbox_size_limit = 0
recipient_delimiter = +
inet_protocols = ipv4
virtual_alias_maps = hash:/etc/postfix/virtual
sender_bcc_maps = hash:/etc/postfix/bcc
sender_dependent_default_transport_maps = hash:/etc/postfix/dependent
home_mailbox = Maildir/
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination
smtp_dns_support_level = dnssec
smtp_host_lookup = dns
allow_percent_hack = no
resolve_dequoted_address = no
tls_server_sni_maps = hash:/etc/postfix/sni_map
milter_default_action = accept
smtpd_milters = inet:localhost:8891
non_smtpd_milters = inet:localhost:8891
mynetworks_style = subnet
header_size_limit = 10240000
deliver_lock_delay = 2s
message_size_limit = 52428800
line_length_limit = 2048000
default_process_limit = 10000
qmgr_message_active_limit = 20000000
bounce_size_limit = 50000000
fork_delay = 2s
fork_attempts = 50
deliver_lock_attempts = 200
smtpd_tls_CAfile = /etc/postfix/postfix.ca.pem
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1
myorigin = vmi1234742.contaboserver.net

Please wrap configuration files, as well as logs, and command line output, in triple backticks (```) so they are readable.

main.cf

# See /usr/share/postfix/main.cf.dist for a commented, more complete version


# Debian specific:  Specifying a file name will cause the first
# line of that file to be used as the name.  The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

readme_directory = no

# See http://www.postfix.org/COMPATIBILITY_README.html -- default to 2 on
# fresh installs.
compatibility_level = 2



# TLS parameters
smtpd_tls_cert_file = /etc/postfix/postfix.cert.pem
smtpd_tls_key_file = /etc/postfix/postfix.key.pem
smtpd_tls_security_level = may

smtp_tls_CApath=/etc/ssl/certs
smtp_tls_security_level = dane
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache


smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_command = /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME
mailbox_size_limit = 0
recipient_delimiter = +
inet_protocols = ipv4
virtual_alias_maps = hash:/etc/postfix/virtual
sender_bcc_maps = hash:/etc/postfix/bcc
sender_dependent_default_transport_maps = hash:/etc/postfix/dependent
home_mailbox = Maildir/
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination
smtp_dns_support_level = dnssec
smtp_host_lookup = dns
allow_percent_hack = no
resolve_dequoted_address = no
tls_server_sni_maps = hash:/etc/postfix/sni_map
milter_default_action = accept
smtpd_milters = inet:localhost:8891
non_smtpd_milters = inet:localhost:8891
mynetworks_style = subnet
header_size_limit = 10240000
deliver_lock_delay = 2s
message_size_limit = 52428800
line_length_limit = 2048000
default_process_limit = 10000
qmgr_message_active_limit = 20000000
bounce_size_limit = 50000000
fork_delay = 2s
fork_attempts = 50
deliver_lock_attempts = 200
smtpd_tls_CAfile = /etc/postfix/postfix.ca.pem
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1
myorigin = vmi1234742.contaboserver.net

master.cf

#
# Postfix master process configuration file.  For details on the format
# of the file, see the master(5) manual page (command: "man 5 master" or
# on-line: http://www.postfix.org/master.5.html).
#
# Do not forget to execute "postfix reload" after editing this file.
#
# ==========================================================================
# service type  private unpriv  chroot  wakeup  maxproc command + args
#               (yes)   (yes)   (no)    (never) (100)
# ==========================================================================
smtp	inet	n	-	y	-	-	smtpd -o smtpd_sasl_auth_enable=yes -o smtpd_tls_security_level=may
smtp	inet	n	-	y	-	1	postscreen
#smtpd     pass  -       -       y       -       -       smtpd
#dnsblog   unix  -       -       y       -       0       dnsblog
#tlsproxy  unix  -       -       y       -       0       tlsproxy
#submission inet n       -       y       -       -       smtpd
#  -o syslog_name=postfix/submission
#  -o smtpd_tls_security_level=encrypt
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_tls_auth_only=yes
#  -o smtpd_reject_unlisted_recipient=no
#  -o smtpd_client_restrictions=$mua_client_restrictions
#  -o smtpd_helo_restrictions=$mua_helo_restrictions
#  -o smtpd_sender_restrictions=$mua_sender_restrictions
#  -o smtpd_recipient_restrictions=
#  -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
#  -o milter_macro_daemon_name=ORIGINATING
#smtps     inet  n       -       y       -       -       smtpd
#  -o syslog_name=postfix/smtps
#  -o smtpd_tls_wrappermode=yes
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_reject_unlisted_recipient=no
#  -o smtpd_client_restrictions=$mua_client_restrictions
#  -o smtpd_helo_restrictions=$mua_helo_restrictions
#  -o smtpd_sender_restrictions=$mua_sender_restrictions
#  -o smtpd_recipient_restrictions=
#  -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
#  -o milter_macro_daemon_name=ORIGINATING
#628       inet  n       -       y       -       -       qmqpd
pickup    unix  n       -       y       60      1       pickup
cleanup   unix  n       -       y       -       0       cleanup
qmgr      unix  n       -       n       300     1       qmgr
#qmgr     unix  n       -       n       300     1       oqmgr
tlsmgr    unix  -       -       y       1000?   1       tlsmgr
rewrite   unix  -       -       y       -       -       trivial-rewrite
bounce    unix  -       -       y       -       0       bounce
defer     unix  -       -       y       -       0       bounce
trace     unix  -       -       y       -       0       bounce
verify    unix  -       -       y       -       1       verify
flush     unix  n       -       y       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
proxywrite unix -       -       n       -       1       proxymap
smtp      unix  -       -       y       -       -       smtp
relay     unix  -       -       y       -       -       smtp
        -o syslog_name=postfix/$service_name
#       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq     unix  n       -       y       -       -       showq
error     unix  -       -       y       -       -       error
retry     unix  -       -       y       -       -       error
discard   unix  -       -       y       -       -       discard
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       y       -       -       lmtp
anvil     unix  -       -       y       -       1       anvil
scache    unix  -       -       y       -       1       scache
postlog   unix-dgram n  -       n       -       1       postlogd
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# Many of the following services use the Postfix pipe(8) delivery
# agent.  See the pipe(8) man page for information about ${recipient}
# and other message envelope options.
# ====================================================================
#
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
maildrop  unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
#
# ====================================================================
#
# Recent Cyrus versions can use the existing "lmtp" master.cf entry.
#
# Specify in cyrus.conf:
#   lmtp    cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4
#
# Specify in main.cf one or more of the following:
#  mailbox_transport = lmtp:inet:localhost
#  virtual_transport = lmtp:inet:localhost
#
# ====================================================================
#
# Cyrus 2.1.5 (Amos Gouaux)
# Also specify in main.cf: cyrus_destination_recipient_limit=1
#
#cyrus     unix  -       n       n       -       -       pipe
#  user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
#
# ====================================================================
# Old example of delivery via Cyrus.
#
#old-cyrus unix  -       n       n       -       -       pipe
#  flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
#
# ====================================================================
#
# See the Postfix UUCP_README file for configuration details.
#
uucp      unix  -       n       n       -       -       pipe
  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
#
# Other external delivery methods.
#
ifmail    unix  -       n       n       -       -       pipe
  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp     unix  -       n       n       -       -       pipe
  flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix	-	n	n	-	2	pipe
  flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman   unix  -       n       n       -       -       pipe
  flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
  ${nexthop} ${user}

submission	inet	n	-	y	-	-	smtpd -o smtpd_sasl_auth_enable=yes -o smtpd_tls_security_level=may
smtps	inet	n	-	y	-	-	smtpd -o smtpd_sasl_auth_enable=yes -o smtpd_tls_security_level=may -o smtpd_tls_wrappermode=yes
587	inet	n	-	-	-	-	smtpd

What’s going on here? I don’t see how this can work.

1 Like

I did not do any change to the postfix, also I don’t know what is the correct setting, can you suggest me the solution, I am complete new to coding.

Somebody changed it.

You can start by commenting out this line (put a # in front of it):

smtp	inet	n	-	y	-	1	postscreen

I did the commenting out already, and reload the configuration, but it seems the mail queque messages still stucked there,

can you access my my server by remote and check the issues. thanks

What do the queued messages say? You said port 25 is open, its needs to be outbound. inbound is not the issue and portchecker.co doesn’t check for that.

1 Like

This is an old server, it was working a week before,

the quequed message reply as below:

`root@vmi1234742:~# mailq | tail -30
community@villalantana.ae

B799C2E00AA0 648 Tue Dec 10 17:27:43 customercare@u-artist.com
(delivery temporarily suspended: connect to mta5.am0.yahoodns.net[67.195.204.77]:25: Connection refused)
suhochmylu1988@yahoo.com

B7C252E01251 9684 Thu Dec 12 13:40:24 alihamza@u-artist.com
(delivery temporarily suspended: connect to alt4.gmail-smtp-in.l.google.com[142.250.157.27]:25: Connection refused)
mugalihamza@gmail.com

B661F2E006DD 6270047 Mon Dec 9 13:22:56 account@u-artist.com
(delivery temporarily suspended: connect to alt4.gmail-smtp-in.l.google.com[142.250.157.27]:25: Connection refused)
abubakarabdallah054@gmail.com
dodo3fun@gmail.com
frnzfaraz@gmail.com
irfankazmi45@gmail.com
joyc931026@gmail.com
nomanalibutt1234@gmail.com
thamprasadkami@gmail.com
uaecabinet@gmail.com

993C52E001F2 680 Mon Dec 9 13:16:43 customercare@u-artist.com
(delivery temporarily suspended: connect to mta5.am0.yahoodns.net[67.195.204.77]:25: Connection refused)
suhochmylu1988@yahoo.com

949952E00D61 938 Tue Dec 10 15:07:30 customercare@u-artist.com
(delivery temporarily suspended: connect to mta5.am0.yahoodns.net[67.195.204.77]:25: Connection refused)
suhochmylu1988@yahoo.com

– 29869 Kbytes in 37 Requests.`

Create a dmarc record,

already done, dmarc record added successfully, but the email is still queued, even I click flush, it is not sending.

It doesn’t fix straight away, i can take 24 hours due to dns cache, plus not 100% sure its the problem.