Virtualmin 7.0 on Centos 7 I do not receive mails.
hello! i have installed webmin all for february on a server and so far it works without problems. Now I did it again on another one on Centos7 totally clean following the steps of the documentation, everything works except the mail reception. Any idea?
Don’t confuse the issue with unrelated things you did in the past.
We’ll need to see relevant maillog entries when you try to send mail to the server.
Oct 23 23:13:48 ns1 postfix/smtpd[6025]: warning: gateway[192.168.1.254]: SASL LOGIN authentication failed: authentication failure
Oct 23 23:13:49 ns1 postfix/smtpd[6025]: disconnect from gateway[192.168.1.254]
Hi Joe, I had this problem again. Any ideas?
So far the only error you’ve shown us is a SASL authentication failure, which is something that happens when a user sends mail through your server, it has nothing to do with receiving mail from outside servers.
If you don’t have errors about receiving mail from other SMTP servers, then you either have a DNS misconfiguration or you don’t have port 25. If you do have errors about receiving, we need to see them. I can’t help without relevant information.
From Mxtools, the error I get is that it cannot connect to the smtp server.
I told you what to check:
Always look in your logs. Nothing in the world knows more about what is happening on your server than the server itself.
Good news Joe, I told you that the problem was in the firewall, specifically in the enriched lists, they were blocking all the mail service ports. Strange isn’t it? by removing the list, I can receive emails from any domain
Next problem, I delete that list but they are added again automatically. Any ideas?
The only automatic rules in a Virtualmin system are added by fail2ban in response to failed authentication attempts. Once again, SMTP servers sending to you do not authenticate, so maybe I don’t understand the problem you’re describing.
When I say “receive mail”, I mean other SMTP servers on the internet sending mail to your server. If that’s not the problem we’re trying to solve, then I don’t understand the problem we are trying to solve. If that is the problem we are trying to solve, the default fail2ban rules we install cannot have any bearing on the problem…we don’t have any rules that would block sending SMTP servers in our default fail2ban configuration.
If you are, instead talking about mail clients, like Thunderbird or Outlook, then if your clients are sending the wrong username or password or both many times, then they would be blocked by fail2ban when trying to login via either IMAP (to retrieve mail) or SMTP (to send). The solution to that is to use the right username and password in your mail client.
All of this would be revealed/confirmed by looking at the relevant logs. I’m just guessing, and I strongly suggest you start getting comfortable looking at logs on your server(s). fail2ban has a log. Everything mail-related has a log (mostly maillog, but also there is a procmail log).
Yep, those are from fail2ban. As I said, you’ve got a mail client trying to login with invalid credentials. After several failed attempts, fail2ban blocks it. So, stop doing that. Give it the right credentials.
You’ll have to wait a while for fail2ban to forgive you for all the bogus attempts. Or, you’ll have to whitelist yourself or your local network.
You can also disable fail2ban. Or just disable that specific jail.
But, keep in mind if you do that, your mail logs will get real chattery with attackers…and they’ll be more likely to succeed in brute forcing one of your user passwords, if you have any weak ones.
1 Like
That’s the strange thing, no one but me is using this service. I don’t have mail clients trying to login. So we came to understand each other Joe. Thank you for your patience.
192.168.1.254 is obviously on your network. You ought to know if there are mail clients on your network trying to login to your server (there definitely are, that’s what we see in those rules).
yes. But 192.168.1.254 is my router (Mikrotik) and this error is what I have since I use it. Does my router try to login?
Maybe. I’m not familiar with that router, but many have the option to notify you of various things by email. If you set that up and since changed the password, that would cause the failures.
For the moment Deactivate that cage as Joe said, I will be investigating why my router tries to log in, since it does not have any email notification configured