Get the most out of your Centmin Mod LEMP stack
Become a Member

Email possible postfix conf issues

Discussion in 'Domains, DNS, Email & SSL Certificates' started by SFLC, Dec 16, 2016.

  1. SFLC

    SFLC Active Member

    224
    59
    28
    Dec 4, 2016
    The Canadas
    Ratings:
    +112
    Local Time:
    1:14 AM
    1
    10
    Hello,

    I'm having a strange problem, first let me give you background info:

    I don't want to set up a email system and am running centminmod stock and it comes with postfix, which is fine, as i need to be able to have my sites send out emails but dont need receive capability.

    If the servers been sitting for a while and I run the command:

    mail -s "Log" myemail@emailprovider.com < /1.log

    nothing happens, the command goes through (and yes the 1.log file exists at that location), however i dont receive the email. So i looked at /var/log/maillog to see whats happening and this is the latest entry that applies to the email that didnt go through

    Dec 16 09:38:38 cluster postfix/smtp[19342]: 31AEF141B75: to=<root@mydomain.tld>, orig_to=<root>, relay=none, delay=40731, delays=40731/0.05/0.01/0, dsn=4.4.1, status=deferred (connect to cluster.mydomain.tld[my.v4.server.ip]:25: Connection refused)
    Dec 16 09:43:38 cluster postfix/qmgr[1032]: 034C6141B6B: from=<>, size=3028, nrcpt=1 (queue active)

    so i try the mail -s "Log" myemail@emailprovider.com < /1.log command again and this time it works and i get the email, spf pass, dkim pass thanks to centminmod addon and everything looks good, so i look at the mail log again to see what happened, maybe the system thought i was joking at first and refused to send it the first time, or maybe postfix is lazy :(, so this is the latest entry now

    Dec 16 09:46:21 cluster postfix/pickup[18239]: 1BDC6141BAD: uid=0 from=<root>
    Dec 16 09:46:21 cluster postfix/cleanup[19921]: 1BDC6141BAD: message-id=<20161216094621.1BDC6141BAD@cluster.mydomain.tld>
    Dec 16 09:46:21 cluster opendkim[489]: 1BDC6141BAD: no signing table match for 'root@mydomain.tld'
    Dec 16 09:46:21 cluster opendkim[489]: 1BDC6141BAD: no signature data
    Dec 16 09:46:21 cluster postfix/qmgr[1032]: 1BDC6141BAD: from=<root@mydomain.tld>, size=416, nrcpt=1 (queue active)
    Dec 16 09:46:21 cluster postfix/smtp[19924]: Trusted TLS connection established to gmail-smtp-in.l.google.com[64.233.167.26]:25: TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)
    Dec 16 09:46:21 cluster postfix/smtp[19924]: 1BDC6141BAD: to=<myemail@provider.com>, relay=gmail-smtp-in.l.google.com[64.233.167.26]:25, delay=0.44, delays=0.13/0.02/0.14/0.16, dsn=2.0.0, status=sent (250 2.0.0 OK 1481881581 e70si2561086wma.135 - gsmtp)
    Dec 16 09:46:21 cluster postfix/qmgr[1032]: 1BDC6141BAD: removed
    Dec 16 09:48:38 cluster postfix/qmgr[1032]: 70044141BA2: from=<root@mydomain.tld>, size=1068, nrcpt=1 (queue active)

    so it shows that it was able to connect to gmail and send it,

    also one thing i noticed, the maillog is riddled with entries like this:

    Dec 16 04:08:38 cluster postfix/smtp[26705]: connect to mydomain.tld[my.v4.server.ip]:25: Connection refused
    Dec 16 04:08:38 cluster postfix/smtp[26705]: connect to cluster.mydomain.tld[my.v4.server.ip]:25: Connection refused
    Dec 16 04:08:38 cluster postfix/smtp[26706]: connect to mydomain.tld[my.v4.server.ip]:25: Connection refused
    Dec 16 04:08:38 cluster postfix/smtp[26706]: connect to cluster.mydomain.tld[my.v4.server.ip]:25: Connection refused
    Dec 16 04:08:38 cluster postfix/smtp[26708]: connect to mydomain.tld[my.v4.server.ip]:25: Connection refused
    Dec 16 04:08:38 cluster postfix/smtp[26708]: connect to cluster.mydomain.tld[my.v4.server.ip]:25: Connection refused

    ec 16 06:03:38 cluster postfix/qmgr[1032]: 9D9FC141B68: from=<root@mydomain.tld>, size=555, nrcpt=1 (queue active)
    Dec 16 06:03:38 cluster postfix/qmgr[1032]: CD8B3141B71: from=<root@mydomain.tld>, size=555, nrcpt=1 (queue active)
    Dec 16 06:03:38 cluster postfix/qmgr[1032]: 8F3F2141B62: from=<root@mydomain.tld>, size=555, nrcpt=1 (queue active)
    Dec 16 06:03:38 cluster postfix/qmgr[1032]: D3CDD14190A: from=<root@mydomain.tld>, size=555, nrcpt=1 (queue active)
    Dec 16 06:03:38 cluster postfix/qmgr[1032]: EEDEF141B9B: from=<root@mydomain.tld>, size=555, nrcpt=1 (queue active)
    Dec 16 06:03:38 cluster postfix/qmgr[1032]: E4AE3141BA0: from=<root@mydomain.tld>, size=899, nrcpt=1 (queue active)
    Dec 16 06:03:38 cluster postfix/smtp[3006]: connect to mydomain.tld[my.v4.server.ip]:25: Connection refused
    Dec 16 06:03:38 cluster postfix/smtp[3006]: connect to cluster.mydomain.tld[my.v4.server.ip]:25: Connection refused
    Dec 16 06:03:38 cluster postfix/smtp[3007]: connect to mydomain.tld[my.v4.server.ip]:25: Connection refused
    Dec 16 06:03:38 cluster postfix/smtp[3007]: connect to cluster.mydomain.tld[my.v4.server.ip]:25: Connection refused
    Dec 16 06:03:38 cluster postfix/smtp[3009]: connect to mydomain.tld[my.v4.server.ip]:25: Connection refused
    Dec 16 06:03:38 cluster postfix/smtp[3009]: connect to cluster.mydomain.tld[my.v4.server.ip]:25: Connection refused
    Dec 16 06:03:38 cluster postfix/smtp[3006]: 034C6141B6B: to=<root@mydomain.tld>, relay=none, delay=34614, delays=34614/0.03/0.01/0, dsn=4.4.1, status=deferred (connect to cluster.mydomain.tld[my.v4.server.ip]:25: Connection refused)
    Dec 16 06:03:38 cluster postfix/smtp[3006]: connect to mydomain.tld[my.v4.server.ip]:25: Connection refused
    Dec 16 06:03:38 cluster postfix/smtp[3006]: connect to cluster.mydomain.tld[my.v4.server.ip]:25: Connection refused
    Dec 16 06:03:38 cluster postfix/smtp[3007]: 9D9FC141B68: to=<root@mydomain.tld>, orig_to=<root>, relay=none, delay=36917, delays=36917/0.05/0.01/0, dsn=4.4.1, status=deferred (connect to cluster.mydomain.tld[my.v4.server.ip]:25: Connection refused)
    Dec 16 06:03:38 cluster postfix/smtp[3009]: CD8B3141B71: to=<root@mydomain.tld>, orig_to=<root>, relay=none, delay=28652, delays=28652/0.07/0.01/0, dsn=4.4.1, status=deferred (connect to cluster.mydomain.tld[my.v4.server.ip]:25: Connection refused)
    Dec 16 06:03:38 cluster postfix/smtp[3006]: 8F3F2141B62: to=<root@mydomain.tld>, orig_to=<root>, relay=none, delay=40739, delays=40739/0.09/0.02/0, dsn=4.4.1, status=deferred (connect to cluster.mydomain.tld[my.v4.server.ip]:25: Connection refused)
    Dec 16 06:03:38 cluster postfix/error[3014]: D3CDD14190A: to=<root@mydomain.tld>, orig_to=<root>, relay=none, delay=46404, delays=46404/0.14/0/0.05, dsn=4.4.1, status=deferred (delivery temporarily suspended: connect to cluster.mydomain.tld[my.v4.server.ip]:25: Connection refused)
    Dec 16 06:03:38 cluster postfix/error[3015]: EEDEF141B9B: to=<root@mydomain.tld>, orig_to=<root>, relay=none, delay=25090, delays=25090/0.14/0/0.04, dsn=4.4.1, status=deferred (delivery temporarily suspended: connect to cluster.mydomain.tld[my.v4.server.ip]:25: Connection refused)
    Dec 16 06:03:38 cluster postfix/error[3016]: E4AE3141BA0: to=<root@mydomain.tld>, orig_to=<root>, relay=none, delay=24457, delays=24457/0.15/0/0.05, dsn=4.4.1, status=deferred (delivery temporarily suspended: connect to cluster.mydomain.tld[my.v4.server.ip]:25: Connection refused)

    so basically at this point im not sure what to do, i cant have outgoing mail have to get sent twice to be received once, and the funny part is after the second time, the third, fourth ++ times work, until the server sits for a while and doesnt deal with mail then its back to square one again and mail has to be sent twice the first time to be recieved once.

    do i have to install exim (although id rather not) or is there anything i can change, i looked at postfix conf file and dont see anything that would apply to this.

    thanks for anyones help in advance.
     
  2. SFLC

    SFLC Active Member

    224
    59
    28
    Dec 4, 2016
    The Canadas
    Ratings:
    +112
    Local Time:
    1:14 AM
    1
    10
    i should probably mention that my mx records point back to the hostname of the server, and maybe thats whats causing the issue as i dont have an smtp server setup, but at the same time i dont care for receive just local send only from php
     
  3. eva2000

    eva2000 Administrator Staff Member

    29,051
    6,591
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,786
    Local Time:
    9:14 AM
    Nginx 1.13.x
    MariaDB 5.5
    any time in the past was a their a smtp server setup on cluster.mydomain.tld and/or mydomain.tld ?

    what if you try
    Code (Text):
    cat /1.log | mail -s "Log" email@address.com

    Then remove those MX records at DNS level
     
  4. SFLC

    SFLC Active Member

    224
    59
    28
    Dec 4, 2016
    The Canadas
    Ratings:
    +112
    Local Time:
    1:14 AM
    1
    10
    no there was no smtp server ever installed, i deleted the mx records then ran the your cat command and there was no output
     
  5. eva2000

    eva2000 Administrator Staff Member

    29,051
    6,591
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,786
    Local Time:
    9:14 AM
    Nginx 1.13.x
    MariaDB 5.5
    there's not meant to be output for command i suggested to run

    no output ? no errors in logs ?

    you should of received the test email from that command
     
  6. eva2000

    eva2000 Administrator Staff Member

    29,051
    6,591
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,786
    Local Time:
    9:14 AM
    Nginx 1.13.x
    MariaDB 5.5
    for connection refused also check CSF LFD (login failure daemon) at /var/log/lfd.log could be someone is trying to connect to the domain's mail server on port 25 and CSF firewall is blocking it as it should
     
  7. SFLC

    SFLC Active Member

    224
    59
    28
    Dec 4, 2016
    The Canadas
    Ratings:
    +112
    Local Time:
    1:14 AM
    1
    10
    No doesn't look like anyones trying to connect to port 25, either way my main concern is for my websites to be able to send notification emails etc and that appears to be working, as for why the command line sending is acting that way doesnt matter as i dont send anything from there thats not addressed only to me, so i'll just live with it for now