Linux postfix delivery problem

I am using SuSE 10.1 with postfix mailserver.
I am getting the following error:
postfix/qmgr[26169]: F014733915: to=<user@mydomain.com>, relay=none, delay=31661, status=deferred (delivery temporarily suspended: connect to 127.0.0.1[127.0.0.1]: Connection refused)
and the mail doesn't get distributed to the clients on the machine...
How can I trace the problem and solve it
amitbuenoAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

ilkerduranCommented:
hi,
can u send the output of :
# netstat -tnlp
# ps auxf | grep postfix

regards,
ilker
0
amitbuenoAuthor Commented:
I am not certain that I have configured the postfix server properly, yet here is the output...

# netstat -tnlp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 0.0.0.0:901             0.0.0.0:*               LISTEN      3366/xinetd
tcp        0      0 127.0.0.1:10025         0.0.0.0:*               LISTEN      26167/master
tcp        0      0 0.0.0.0:3306            0.0.0.0:*               LISTEN      3272/mysqld
tcp        0      0 0.0.0.0:139             0.0.0.0:*               LISTEN      3343/smbd
tcp        0      0 0.0.0.0:111             0.0.0.0:*               LISTEN      2745/portmap
tcp        0      0 127.0.0.1:2544          0.0.0.0:*               LISTEN      3027/zmd
tcp        0      0 192.168.1.190:53        0.0.0.0:*               LISTEN      3070/named
tcp        0      0 127.0.0.1:53            0.0.0.0:*               LISTEN      3070/named
tcp        0      0 0.0.0.0:631             0.0.0.0:*               LISTEN      3088/cupsd
tcp        0      0 0.0.0.0:25              0.0.0.0:*               LISTEN      26167/master
tcp        0      0 127.0.0.1:953           0.0.0.0:*               LISTEN      3070/named
tcp        0      0 0.0.0.0:445             0.0.0.0:*               LISTEN      3343/smbd
tcp        0      0 :::993                  :::*                    LISTEN      13931/couriertcpd
tcp        0      0 :::995                  :::*                    LISTEN      13906/couriertcpd
tcp        0      0 ::1:10025               :::*                    LISTEN      26167/master
tcp        0      0 :::110                  :::*                    LISTEN      13857/couriertcpd
tcp        0      0 :::143                  :::*                    LISTEN      13877/couriertcpd
tcp        0      0 :::80                   :::*                    LISTEN      1662/httpd
tcp        0      0 :::22                   :::*                    LISTEN      3349/sshd
tcp        0      0 :::25                   :::*                    LISTEN      26167/master
tcp        0      0 ::1:953                 :::*                    LISTEN      3070/named
tcp        0      0 :::443                  :::*                    LISTEN      1662/httpd

# ps auxf | grep postfix
postfix  25035  0.0  0.2  23108  1368 ?        Ss   Jun19   0:00 MailScanner: starting child
postfix  29665  1.4  4.2  75988 21860 ?        S    09:16   0:44  \_ MailScanner: waiting for messages
postfix  29666  1.4  4.5  76508 23532 ?        S    09:17   0:44  \_ MailScanner: waiting for messages
postfix  29667  1.4  4.3  75988 22492 ?        S    09:17   0:45  \_ MailScanner: waiting for messages
postfix  29668  1.4  6.9  75988 35968 ?        S    09:17   0:44  \_ MailScanner: waiting for messages
postfix  29705  1.4  6.0  75988 31400 ?        S    09:17   0:44  \_ MailScanner: waiting for messages
root     30213  0.0  0.1   1856   632 pts/0    S+   10:08   0:00              \_ grep postfix
root     26167  0.0  0.2   5632  1372 ?        Ss   00:48   0:00 /usr/lib/postfix/master
postfix  26169  0.0  0.2   5424  1468 ?        S    00:48   0:00  \_ qmgr -l -t fifo -u
postfix  26418  0.0  0.2   5436  1424 ?        S    01:04   0:00  \_ tlsmgr -l -t unix -u
postfix  29621  0.0  0.2   5388  1272 ?        S    09:08   0:00  \_ pickup -l -t fifo -u

0
ilkerduranCommented:
-- tcp        0      0 ::1:10025               :::*                    LISTEN      26167/master
-- tcp        0      0 :::25                   :::*                    LISTEN      26167/master

as its seen, Mailscanner is running on 10025th and postfix is on 25th port.
1. Do u have /etc/resolve.conf file?
2. what are the entries in /etc/hosts ?
3. can u "ping 127.0.0.1" ?
4. what does the server return when u do "telnet 127.0.0.1 25"  and "telnet 127.0.0.1 10025" ?
0
Determine the Perfect Price for Your IT Services

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden with our free interactive tool and use it to determine the right price for your IT services. Download your free eBook now!

amitbuenoAuthor Commented:
/etc/resolve.conf:
nameserver 192.168.1.1
search bueno.co.il

domain bueno.co.il
nameserver 212.143.205.35
-----
/etc/hosts
127.0.0.1       server1.bueno.co.il bueno.co.il localhost
------
I can ping localhost 127.0.0.1
------
# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 server1.bueno.co.il ESMTP Postfix
------
 # telnet 127.0.0.1 10025
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
220 server1.bueno.co.il ESMTP Postfix


0
Cyclops3590Commented:
what is the result of this command
postconf content_filter
i'm guessing you are trying to use amavis for spam/virus filter but either didn't configure it to listen on the right port that postfix wants to relay to or didn't start it
0
amitbuenoAuthor Commented:
# postconf content_filter
content_filter =

I am not using amavis, I am using only MailScanner program.
0
Cyclops3590Commented:
not familiar with mailscanner.  but i'm willing to bet its the same problem.  everything is getting queued up because it can't relay to the mailscanner program.  recheck your config to make sure it is relaying to the port that you have configured it to and that mailscanner is running (use the ps command to verify)
0
Cyclops3590Commented:
also, do you have a url to the howto for mailscanner?  just curious what instructions you followed for setting it up  thx
0
amitbuenoAuthor Commented:
0
Cyclops3590Commented:
ok, now I remember mailscanner
now I have to ask why you have postfix listening on 10025.  
second, can you go to the /var/spool/postfix/hold directory.  all your emails should be in there
to make sure postfix is atleast moving mail to mailscanner, ensure mailscanner is turned off, then send an email.  it should appear in the hold queue.  If it does, atleast that part is correct. turn mailscanner back on.  now watch the /var/spool/postfix/incoming directory.  send another email and see if it pops up there.
since we are trying to debug what is going on as well, make sure to turn on very verbose logging.  in your master.cf file the first uncommented line is the smtp transport.  at the end of that line add this ' -v -v' so it looks like this
smtp    inet    n       -       y       -       -       smtpd -v -v
then restart postfix, then do the tests.  it will create a lot of logs but we need to track the entire path of your test emails
0
amitbuenoAuthor Commented:
I know that the mailscanner is working properly -- I have the logs to see that the Anti virus is running on the emails.
I know that all the emails are in the directory, I have ran postqueue -p and it resulted with about 30 emails that are on the queue.... The main question is why isn't it moving them properly from there and continue with  the line:
"postfix/qmgr[26169]: F014733915: to=<user@mydomain.com>, relay=none, delay=31661, status=deferred (delivery temporarily suspended: connect to 127.0.0.1[127.0.0.1]: Connection refused)"

All these emails are there after the procedure of the mailscanner...
0
Cyclops3590Commented:
please post your main.cf and master.cf with blank and commented lines removed. like i've been saying, postfix is trying to relay to a port on its localhost interface that isn't open or is refusing the connection.  as such it can't do anything with it but keep deferring it.
0
amitbuenoAuthor Commented:
seems we are getting closer to the problem.
I've edited the master.cf and there were two lines of smtp:

First one:smtp      inet  n       -       n       -       2       smtpd -o content_filter=smtp:[127.0.0.1]:10024
Second one:smtp      unix  -       -       n       -       -       smtp

I've commented the second line, it might have interfeared with the process, and ran postfix again... now I got in the mail log the following line:
Jun 20 17:12:59 mshome postfix/qmgr[1140]: F176A34D2B: to=<host@mydomain.com>, relay=none, delay=63410, status=deferred (delivery temporarily suspended: transport is unavailable)
Jun 20 17:13:57 mshome postfix/qmgr[1140]: warning: connect to transport smtp: Connection refused
0
Cyclops3590Commented:
ok, i knew it, that's where the content_filter is coming in do this
netstat -ntlp | grep 10024
does it give any results
if no, then remove the '-o' and everything after that then restart postfix
if so, then wondering what it is because mailscanner doesn't use port relay for scanning, amavis does though
0
amitbuenoAuthor Commented:
the "netstat -ntlp | grep 10024" gave no result
so I remove '-o' and everything after that.
Now I got in the mail log the following:

Jun 20 17:28:55 mshome postfix/qmgr[1380]: F176A34D2B: from=<from@netvision.net.il>, size=5391, nrcpt=1 (queue active)
Jun 20 17:28:55 mshome postfix/qmgr[1380]: F176A34D2B: to=<host@mydomain.com>, relay=none, delay=64366, status=deferred (delivery temporarily suspended: transport is unavailable)
Jun 20 17:29:53 mshome postfix/qmgr[1380]: warning: connect to transport smtp: Connection refused
0
Cyclops3590Commented:
btw, uncomment this line, forgot to say it needs to be there
smtp      unix  -       -       n       -       -       smtp
second, you restarted postfix completely right, not just reloaded?
third, please post your master.cf with blank and commented lines removed.  thx
0
amitbuenoAuthor Commented:
I've uncomented the line.
I have restarted postfix completely
here is the master.cf:

smtp      inet  n       -       n       -       2       smtpd
pickup    fifo  n       -       n       60      1       pickup
cleanup   unix  n       -       n       -       0       cleanup
qmgr      fifo  n       -       n       300     1       qmgr
tlsmgr    unix  -       -       n       1000?   1       tlsmgr
rewrite   unix  -       -       n       -       -       trivial-rewrite
bounce    unix  -       -       n       -       0       bounce
defer     unix  -       -       n       -       0       bounce
trace     unix  -       -       n       -       0       bounce
verify    unix  -       -       n       -       1       verify
flush     unix  n       -       n       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
smtp      unix  -       -       n       -       -       smtp
relay     unix  -       -       n       -       -       smtp
      -o fallback_relay=
showq     unix  n       -       n       -       -       showq
error     unix  -       -       n       -       -       error
discard   unix  -       -       n       -       -       discard
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       n       -       -       lmtp
anvil     unix  -       -       n       -       1       anvil
localhost:10025 inet      n      -      n      -      -      smtpd -o content_filter=
scache        unix      -      -      n      -      1      scache
maildrop  unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
cyrus        unix      -      n      n      -      -      pipe
  user=cyrus argv=/usr/lib/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
uucp        unix      -      n      n      -      -      pipe
  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail    unix  -       n       n       -       -       pipe
  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp     unix  -       n       n       -       -       pipe
  flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient
procmail  unix  -       n       n       -       -       pipe
  flags=R user=nobody argv=/usr/bin/procmail -t -m /etc/procmailrc ${sender} ${recipient}
0
Cyclops3590Commented:
looks good, but as nothing is using this transport it can be commented out
localhost:10025 inet      n      -      n      -      -      smtpd -o content_filter=

after adding the smtp back in, did that change anything?
try 'postqueue -f' to see if you can flush the queue
0
amitbuenoAuthor Commented:
adding the smtp back, didn't change anything
postqueue -f results with nothing

Should I comment out the:
localhost:10025 inet      n      -      n      -      -      smtpd -o content_filter=
0
Cyclops3590Commented:
ya, you don't need it
what does the log say now.  your previous message led me to the smtp transport that you commented out
warning: connect to transport smtp: Connection refused
also do this
netstat -lxnp | grep master | grep smtp
that will show you the transports that are open for postfix
make sure that it returns a result for the smtp transport
0
amitbuenoAuthor Commented:
the log currently say:
Jun 20 18:24:20 mshome postfix/qmgr[1926]: F176A34D2B: to=<host@mydomain.com>, relay=none, delay=67691, status=deferred (delivery temporarily suspended: connect to 127.0.0.1[127.0.0.1]: Connection refused)

# netstat -lxnp | grep master | grep smtp
unix  2      [ ACC ]     STREAM     LISTENING     1031466 1924/master         private/bsmtp
unix  2      [ ACC ]     STREAM     LISTENING     1031398 1924/master         private/smtp

0
amitbuenoAuthor Commented:
Do you know how can I trace the problem?
0
Cyclops3590Commented:
do a
tcpdump -i lo
then send a test mail.  try to find out what port its trying to connect to.
also, just so I know there isn't anything potentially wrong elsewhere, can you post the main.cf as well.  just want to make sure
0
amitbuenoAuthor Commented:
when I ran the tcpdump, I've done a 'postfix flush' -- here are the results:
# tcpdump -i lo
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on lo, link-type EN10MB (Ethernet), capture size 96 bytes
20:16:15.344470 IP server1.bueno.co.il.29477 > server1.bueno.co.il.10024: S 3484945943:3484945943(0) win 32767 <mss 16396,sackOK,timestamp 177044104 0,nop,wscale 2>
20:16:15.344498 IP server1.bueno.co.il.10024 > server1.bueno.co.il.29477: R 0:0(0) ack 3484945944 win 0
20:16:15.356328 IP server1.bueno.co.il.29478 > server1.bueno.co.il.10024: S 3487514817:3487514817(0) win 32767 <mss 16396,sackOK,timestamp 177044107 0,nop,wscale 2>
20:16:15.356355 IP server1.bueno.co.il.10024 > server1.bueno.co.il.29478: R 0:0(0) ack 3487514818 win 0
20:16:15.367938 IP server1.bueno.co.il.29479 > server1.bueno.co.il.10024: S 3482219854:3482219854(0) win 32767 <mss 16396,sackOK,timestamp 177044110 0,nop,wscale 2>
20:16:15.367963 IP server1.bueno.co.il.10024 > server1.bueno.co.il.29479: R 0:0(0) ack 3482219855 win 0
20:16:15.440442 IP server1.bueno.co.il.29480 > server1.bueno.co.il.10024: S 3486663770:3486663770(0) win 32767 <mss 16396,sackOK,timestamp 177044128 0,nop,wscale 2>
20:16:15.440473 IP server1.bueno.co.il.10024 > server1.bueno.co.il.29480: R 0:0(0) ack 3486663771 win 0
20:16:15.521453 IP server1.bueno.co.il.29481 > server1.bueno.co.il.10024: S 3494614872:3494614872(0) win 32767 <mss 16396,sackOK,timestamp 177044148 0,nop,wscale 2>
20:16:15.521482 IP server1.bueno.co.il.10024 > server1.bueno.co.il.29481: R 0:0(0) ack 3494614873 win 0
0
Cyclops3590Commented:
its still trying to connect to 10024
try actually killing off postfix, make sure there are no processes left
ps aux | grep postfix
ps aux | grep master
then start it back up again.  either that or there is something in a config file specifying to relay thru 10024
0
amitbuenoAuthor Commented:
I rebooted the machine,. and it still looks in port 10024
0
Cyclops3590Commented:
do this in the /etc/postfix directory
grep 10024 *
grep 10024 */*
any results?
0
amitbuenoAuthor Commented:
there is a trace of it in files:
master.cf.SuSEconfig
master.cf.rpmsave

but in both files the lines are commented '#', and these files aren't being used anyhow...
0
Cyclops3590Commented:
going to setup my own 10.1 test server, see if i can replicate it.  the last thing is to do this
postconf | grep 10024
anything?
0
amitbuenoAuthor Commented:
postconf | grep 10024
results with nothing...
0
Cyclops3590Commented:
k, see if this gives us any information
netstat -ntp | grep 127.0.0.1
0
amitbuenoAuthor Commented:
before I even posted the question here, I started installing amavis, --> but then I stopped, and reinstalled MailScanner.

There is a chance that amavis left any traces, although I removed its components?
0
amitbuenoAuthor Commented:
netstat -ntp | grep 127.0.0.1
doesn't give any results
0
Cyclops3590Commented:
flush the queue then try again and this time try this
netstat -ntpc | grep 127.0.0.1
0
amitbuenoAuthor Commented:
nothing...
0
Cyclops3590Commented:
well i just went thru a few tests and can't reproduce it.  obviously something is somewhere from that amavis install.  backup your postfix etc directory and queues (just to be sure) and reinstall postfix.  from everything you've told me there is no reason postfix should be relaying to 10024
0
amitbuenoAuthor Commented:
before reinstalling postfix, I tried installing the amavis,.
The machine processed the messages, and found some spam messages,
Yet, the messages that should have been moved to the users directory got stuck in the queue. With the following error in the mail log:

Jun 21 11:15:42 mshome postfix/smtp[12102]: 114C934C6C: to=<zohar@bueno.co.il>, relay=127.0.0.1[127.0.0.1], delay=154002, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.5.0 From MTA([127.0.0.1]:10025) during fwd-connect (Negative greeting:  at (eval 57) line 442, <GEN4> line 43.): id=12051-01 (in reply to end of DATA command))
Jun 21 11:15:42 mshome postfix/qmgr[12099]: 114C934C6C: from=<zohar@bueno.co.il>, size=764, nrcpt=1 (queue active)
Jun 21 11:15:44 mshome amavis[12050]: (12050-01) (!)rw_loop read failed: Connection refused
Jun 21 11:15:44 mshome amavis[12050]: (12050-01) (!)FWD via SMTP: <nighthaw@netvision.net.il> -> <zohar@bueno.co.il>, 451 4.5.0 From MTA([127.0.0.1]:10025) during fwd-connect (Negative greeting:  at (eval 57) line 442, <GEN4> line 80.): id=12050-01
Jun 21 11:15:44 mshome amavis[12050]: (12050-01) Blocked MTA-BLOCKED, [212.143.154.159] <nighthaw@netvision.net.il> -> <zohar@bueno.co.il>, Message-ID: <00a701c7b2bb$3a9ec2a0$1d01a8c0@nova>, mail_id: N3fbVtj9bWQI, Hits: 2.796, size: 1369, 150095 ms
Jun 21 11:15:44 mshome amavis[12050]: (12050-02) (!!)WARN: all primary virus scanners failed, considering backups
0
Cyclops3590Commented:
you uncommented this line in the master.cf right
localhost:10025 inet      n      -      n      -      -      smtpd -o content_filter=
if so check to make sure its listenting
netstat -ntlp | grep 10025
if it is then then try to telnet to that port to make sure it gives a banner.  I'm not sure what the 'negative greeting' is all about.  I've never seen it and kind find anything on it.
however I'm starting to think your postfix install is corrupt.  There just seems to be too many WTF type issues here.
0
amitbuenoAuthor Commented:
I've uncommented the line, and it seems to process the messages ok.
Yet,. the test messages I've been trying to send result with the following:

Jun 21 21:13:29 mshome postfix/smtp[19733]: 30D8434E83: to=<zohar@bueno.co.il>, relay=bueno.co.il[212.143.154.159], delay=0, status=bounced (mail for bueno.co.il loops back to myself)
Jun 21 21:13:29 mshome postfix/qmgr[19295]: 30D8434E83: removed
0
Cyclops3590Commented:
did you your domain in the mydestination parameter list?
this happens when its trying to relay mail to a server and thru the DNS MX/A records find out it needs to forward the mail to itself yet its not configured to actually accept the mail for delivery
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Cyclops3590Commented:
also, unless you want both mailscanner and amavis to scan the email, you should take out the header_checks variable in the main.cf that the mailscanner howto had you do and then restart postfix one more time.
0
amitbuenoAuthor Commented:
I removed the mailscanner, and the header_check from postfix.
Yet, how do I prevent the mail bounce,. I got a user in the system called zohar, but when it tried to send mail to it -- it sais its a loop back or something....
0
amitbuenoAuthor Commented:
oh, I missed to see the answer,. above...
0
amitbuenoAuthor Commented:
Great man, thanks for the help
0
Cyclops3590Commented:
np, too bad we couldn't find out how it was still referencing the 10024 port though.
0
amitbuenoAuthor Commented:
Thats ok, at least it is working properly now....

All the emails are getting appended to the /var/spool/mail directory.... under the user name...

How can I put the messages in each user directory?
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Email Servers

From novice to tech pro — start learning today.