sunhux
asked on
tracing why SMTP email did not arrive at postfix server
Just set up postfix & it's running on my RHES 4.2 box.
Immediately after postfix is up, I test sending emails from a permitted domain
(ahhh, on this postfix server's domain firewall, we even have a firewall rule
which permits Tcp25 from those few sending domains' SMTP servers) using
an email client to sender_id@[IP_address_of_t
/var/log/maillog on the postfix server indicated the email arrives at the postfix
server (with some errors though) :
# grep recipient_id /var/log/maillog*
maillog:Feb 15 11:41:52 hostname postfix/smtpd[6891]: NOQUEUE: reject: RCPT from gate1.mds.com.sg[203.126.1
maillog:Feb 15 13:43:20 hostname sendmail[7688]: NOQUEUE: SYSERR(recipient_id): can not chdir(/var/spool/mqueue/):
Then I installed dovecot rpm on my RHES box : uninstall it as it's an old version &
reinstall with a newer version & start up dovecot as well.
I did not test sending to sender_id@domain_name at that time because the domain I
purchased from a domain provider/registrar has yet to be registered in our ISP's
DNS. Subsequently I registered the following A, MX & NS records with our ISP :
A: myportaltech.com. IN A 202.6.163.31
A: smtp.myportaltech.com. IN A 202.6.163.31
PTR: 31.163.6.202.in-addr.arpa.
MX: myportaltech.com. IN MX 10 smtp.myportaltech.com.
NS: myportaltech.com. IN NS ns1.businessexprezz.com.
NS: myportaltech.com. IN NS ns2.businessexprezz.com.
The above myportaltech is just a fictitious name of my domain but I
can provide the actual domain name if needed.
After the above records have been propagated to all other DNSes, I
test sending email from the same permitted domain, this time using
domain name & the email never arrives & I did not receive a 'bounced
mail' notification too. Then I test sending from the same domain to
recipient_id@[202.6.163.31
show up in /var/log/maillog* anymore.
The network/security guys confirmed that the firewall logs did not
show any denied SMTP records.
So how do I go about troubleshooting this?
Is this a DNS record entries issue, firewall/network issue or something
within my postfix server?
ASKER
The firewall admin told me they saw incoming SMTP traffic accepted &
pass through the Cyberguard firewall (from Cybergd logs).
Delivery has failed to these recipients or groups:
root@myportaltech.com
A problem occurred during the delivery of this message to this e-mail address. Try sending this message again. If the problem continues, please contact your helpdesk.
I got the following bounced mail notification & further down (after the
****** line) is the latest maillog
The following organization rejected your message: [202.6.163.31].
Diagnostic information for administrators:
Generating server: gate2.mds.com.sg
root@myportaltech.com
[202.6.163.31] #<[202.6.163.31] #5.0.0 smtp; 5.1.0 - Unknown address error 554-'5.7.1 <root@myportaltech.com>: Relay access denied' (delivery attempts: 0)> #SMTP#
Original message headers:
X-IronPort-Anti-Spam-Filte
X-IronPort-Anti-Spam-Resul
Received: from unknown (HELO sght02.mds.corp.int-ads) ([192.168.131.68]) by
gate2.mds.com.sg with ESMTP/TLS/AES128-SHA; 17 Feb 2011 15:44:26 +0800
Received: from SGMBX02.mds.corp.int-ads ([fe80::11cd:49e0:af0f:1ba
sght02.mds.corp.int-ads ([::1]) with mapi id 14.01.0270.001; Thu, 17 Feb 2011
15:44:26 +0800
From: "G PO mds" <sender_id@mds.com.sg>
To: "recipient_id@myportaltech
CC: "root@myportaltech.com" <root@myportaltech.com>
Subject: RE: testg tcpdump 1
Thread-Topic: testg tcpdump 1
Thread-Index: AQHLznZ/QZa8lLNf9kWxtxpo3q
Date: Thu, 17 Feb 2011 07:44:25 +0000
Message-ID: <B4D798BD8BA6A140B26EF75C1
References: <B4D798BD8BA6A140B26EF75C1
**************************
**************************
Feb 17 14:12:41 hostname postfix/smtpd[30975]: > gate2.mds.com.sg[203.126.1
Feb 17 14:12:41 hostname postfix/smtpd[30975]: watchdog_pat: 0x80baf68
Feb 17 14:12:41 hostname postfix/smtpd[30975]: < gate2.mds.com.sg[203.126.1
Feb 17 14:12:41 hostname postfix/smtpd[30975]: extract_addr: input: <root@myportaltech.com>
Feb 17 14:12:41 hostname postfix/smtpd[30975]: smtpd_check_addr: addr=root@myportaltech.com
Feb 17 14:12:41 hostname postfix/smtpd[30975]: send attr request = rewrite
Feb 17 14:12:41 hostname postfix/smtpd[30975]: send attr rule = local
Feb 17 14:12:41 hostname postfix/smtpd[30975]: send attr address = root@myportaltech.com
Feb 17 14:12:41 hostname postfix/smtpd[30975]: private/rewrite socket: wanted attribute: flags
Feb 17 14:12:41 hostname postfix/smtpd[30975]: input attribute name: flags
Feb 17 14:12:41 hostname postfix/smtpd[30975]: input attribute value: 0
Feb 17 14:12:41 hostname postfix/smtpd[30975]: private/rewrite socket: wanted attribute: address
Feb 17 14:12:41 hostname postfix/smtpd[30975]: input attribute name: address
Feb 17 14:12:41 hostname postfix/smtpd[30975]: input attribute value: root@myportaltech.com
Feb 17 14:12:41 hostname postfix/smtpd[30975]: input attribute value: root@myportaltech.com
Feb 17 14:12:41 hostname postfix/smtpd[30975]: private/rewrite socket: wanted attribute: (list terminator)
Feb 17 14:12:41 hostname postfix/smtpd[30975]: input attribute name: (end)
Feb 17 14:12:41 hostname postfix/smtpd[30975]: rewrite_clnt: local: root@myportaltech.com -> root@myportaltech.com
Feb 17 14:12:41 hostname postfix/smtpd[30975]: send attr request = resolve
Feb 17 14:12:41 hostname postfix/smtpd[30975]: send attr sender =
Feb 17 14:12:41 hostname postfix/smtpd[30975]: send attr address = root@myportaltech.com
Feb 17 14:12:41 hostname postfix/smtpd[30975]: private/rewrite socket: wanted attribute: flags
Feb 17 14:12:41 hostname postfix/smtpd[30975]: input attribute name: flags
Feb 17 14:12:41 hostname postfix/smtpd[30975]: input attribute value: 0
Feb 17 14:12:41 hostname postfix/smtpd[30975]: private/rewrite socket: wanted attribute: transport
Feb 17 14:12:41 hostname postfix/smtpd[30975]: input attribute name: transport
Feb 17 14:12:41 hostname postfix/smtpd[30975]: input attribute value: smtp
Feb 17 14:12:41 hostname postfix/smtpd[30975]: private/rewrite socket: wanted attribute: nexthop
Feb 17 14:12:41 hostname postfix/smtpd[30975]: input attribute name: nexthop
Feb 17 14:12:41 hostname postfix/smtpd[30975]: input attribute value: myportaltech.com
Feb 17 14:12:41 hostname postfix/smtpd[30975]: input attribute value: myportaltech.com
Feb 17 14:12:41 hostname postfix/smtpd[30975]: private/rewrite socket: wanted attribute: recipient
Feb 17 14:12:41 hostname postfix/smtpd[30975]: input attribute name: recipient
Feb 17 14:12:41 hostname postfix/smtpd[30975]: input attribute value: root@myportaltech.com
Feb 17 14:12:41 hostname postfix/smtpd[30975]: private/rewrite socket: wanted attribute: flags
Feb 17 14:12:41 hostname postfix/smtpd[30975]: input attribute name: flags
Feb 17 14:12:41 hostname postfix/smtpd[30975]: input attribute value: 4096
Feb 17 14:12:41 hostname postfix/smtpd[30975]: private/rewrite socket: wanted attribute: (list terminator)
Feb 17 14:12:41 hostname postfix/smtpd[30975]: input attribute name: (end)
Feb 17 14:12:41 hostname postfix/smtpd[30975]: resolve_clnt: `' -> `root@myportaltech.com' -> transp=`smtp' host=`por
talcity-tech.com' rcpt=`root@myportaltech.co
Feb 17 14:12:41 hostname postfix/smtpd[30975]: ctable_locate: install entry key root@myportaltech.com
Feb 17 14:12:41 hostname postfix/smtpd[30975]: extract_addr: in: <root@myportaltech.com>, result: root@myportaltech.com
Feb 17 14:12:41 hostname postfix/smtpd[30975]: >>> START Recipient address RESTRICTIONS <<<
Feb 17 14:12:41 hostname postfix/smtpd[30975]: generic_checks: name=reject_invalid_hostna
Feb 17 14:12:41 hostname postfix/smtpd[30975]: generic_checks: name=reject_invalid_hostna
Feb 17 14:12:41 hostname postfix/smtpd[30975]: reject_invalid_hostname: gate2.mds.com.sg
Feb 17 14:12:41 hostname postfix/smtpd[30975]: generic_checks: name=reject_invalid_hostna
Feb 17 14:12:41 hostname postfix/smtpd[30975]: generic_checks: name=reject_unauth_pipelin
Feb 17 14:12:41 hostname postfix/smtpd[30975]: reject_unauth_pipelining: RCPT
Feb 17 14:12:41 hostname postfix/smtpd[30975]: generic_checks: name=reject_unauth_pipelin
Feb 17 14:12:41 hostname postfix/smtpd[30975]: generic_checks: name=permit_mynetworks
Feb 17 14:12:41 hostname postfix/smtpd[30975]: permit_mynetworks: gate2.mds.com.sg 203.126.130.164
Feb 17 14:12:41 hostname postfix/smtpd[30975]: match_hostname: gate2.mds.com.sg ~? 172.18.20.0/24
Feb 17 14:12:41 hostname postfix/smtpd[30975]: match_hostaddr: 203.126.130.164 ~? 172.18.20.0/24
Feb 17 14:12:41 hostname postfix/smtpd[30975]: match_hostname: gate2.mds.com.sg ~? 127.0.0.0/8
Feb 17 14:12:41 hostname postfix/smtpd[30975]: match_hostaddr: 203.126.130.164 ~? 127.0.0.0/8
Feb 17 14:12:41 hostname postfix/smtpd[30975]: match_list_match: gate2.mds.com.sg: no match
Feb 17 14:12:41 hostname postfix/smtpd[30975]: match_list_match: 203.126.130.164: no match
Feb 17 14:12:41 hostname postfix/smtpd[30975]: generic_checks: name=permit_mynetworks status=0
Feb 17 14:12:41 hostname postfix/smtpd[30975]: generic_checks: name=permit_sasl_authentic
Feb 17 14:12:41 hostname postfix/smtpd[30975]: generic_checks: name=permit_sasl_authentic
Feb 17 14:12:41 hostname postfix/smtpd[30975]: generic_checks: name=permit_sasl_authentic
Feb 17 14:12:41 hostname postfix/smtpd[30975]: generic_checks: name=reject_unauth_destina
Feb 17 14:12:41 hostname postfix/smtpd[30975]: reject_unauth_destination:
Feb 17 14:12:41 hostname postfix/smtpd[30975]: permit_auth_destination: root@myportaltech.com
Feb 17 14:12:41 hostname postfix/smtpd[30975]: ctable_locate: leave existing entry key root@myportaltech.com
Feb 17 14:12:41 hostname postfix/smtpd[30975]: NOQUEUE: reject: RCPT from gate2.mds.com.sg[203.126.1
root@myportaltech.com>: Relay access denied; from=<prvs=02230e707=sende
oto=ESMTP helo=<gate2.mds.com.sg>
Feb 17 14:12:41 hostname postfix/smtpd[30975]: generic_checks: name=reject_unauth_destina
Feb 17 14:12:41 hostname postfix/smtpd[30975]: > gate2.mds.com.sg[203.126.1
: Relay access denied
Feb 17 14:12:41 hostname postfix/smtpd[30975]: watchdog_pat: 0x80baf68
Feb 17 14:12:42 hostname postfix/smtpd[30975]: < gate2.mds.com.sg[203.126.1
Feb 17 14:12:42 hostname postfix/smtpd[30975]: > gate2.mds.com.sg[203.126.1
Feb 17 14:12:42 hostname postfix/smtpd[30975]: watchdog_pat: 0x80baf68
Feb 17 14:12:47 hostname postfix/smtpd[30975]: < gate2.mds.com.sg[203.126.1
Feb 17 14:12:47 hostname postfix/smtpd[30975]: > gate2.mds.com.sg[203.126.1
Feb 17 14:12:47 hostname postfix/smtpd[30975]: match_hostname: gate2.mds.com.sg ~? 172.18.20.0/24
Feb 17 14:12:47 hostname postfix/smtpd[30975]: match_hostaddr: 203.126.130.164 ~? 172.18.20.0/24
Feb 17 14:12:47 hostname postfix/smtpd[30975]: match_hostname: gate2.mds.com.sg ~? 127.0.0.0/8
Feb 17 14:12:47 hostname postfix/smtpd[30975]: match_hostaddr: 203.126.130.164 ~? 127.0.0.0/8
Feb 17 14:12:47 hostname postfix/smtpd[30975]: match_list_match: gate2.mds.com.sg: no match
Feb 17 14:12:47 hostname postfix/smtpd[30975]: match_list_match: 203.126.130.164: no match
Feb 17 14:12:47 hostname postfix/smtpd[30975]: send attr request = disconnect
Feb 17 14:12:47 hostname postfix/smtpd[30975]: send attr ident = smtp:203.126.130.164
Feb 17 14:12:47 hostname postfix/smtpd[30975]: private/anvil: wanted attribute: status
Feb 17 14:12:47 hostname postfix/smtpd[30975]: input attribute name: status
Feb 17 14:12:47 hostname postfix/smtpd[30975]: input attribute value: 0
Feb 17 14:12:47 hostname postfix/smtpd[30975]: private/anvil: wanted attribute: (list terminator)
Feb 17 14:12:47 hostname postfix/smtpd[30975]: input attribute name: (end)
Feb 17 14:12:47 hostname postfix/smtpd[30975]: match_hostaddr: 203.126.130.164 ~? 127.0.0.0/8
Feb 17 14:12:47 hostname postfix/smtpd[30975]: match_list_match: gate2.mds.com.sg: no match
Feb 17 14:12:47 hostname postfix/smtpd[30975]: match_list_match: 203.126.130.164: no match
Feb 17 14:12:47 hostname postfix/smtpd[30975]: send attr request = disconnect
Feb 17 14:12:47 hostname postfix/smtpd[30975]: send attr ident = smtp:203.126.130.164
Feb 17 14:12:47 hostname postfix/smtpd[30975]: private/anvil: wanted attribute: status
Feb 17 14:12:47 hostname postfix/smtpd[30975]: input attribute name: status
Feb 17 14:12:47 hostname postfix/smtpd[30975]: input attribute value: 0
Feb 17 14:12:47 hostname postfix/smtpd[30975]: private/anvil: wanted attribute: (list terminator)
Feb 17 14:12:47 hostname postfix/smtpd[30975]: input attribute name: (end)
Feb 17 14:12:47 hostname postfix/smtpd[30975]: disconnect from gate2.mds.com.sg[203.126.1
Feb 17 14:16:07 hostname postfix/anvil[30977]: statistics: max connection rate 1/60s for (smtp:203.126.130.164) at Feb 1
7 14:12:41
Feb 17 14:16:07 hostname postfix/anvil[30977]: statistics: max connection count 1 for (smtp:203.126.130.164) at Feb 17 1
4:12:41
Feb 17 14:16:07 hostname postfix/anvil[30977]: statistics: max cache size 1 at Feb 17 14:12:41
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
not fully resolved
ASKER
Sorry for the lack of info in earlier post.
Think the main issue is I can't even start up postfix (though
"ps -ef | grep postfix" showed there's a master postfix process
running & 'telnet localhost 25" showed it's listening :
[root@etc]# postfix set-permissions
[root@etc]# postfix start
postfix/postfix-script: starting the Postfix mail system
[root@ etc]# postfix reload
postfix/postfix-script: fatal: the Postfix mail system is not running
I googed for "master.lock unable exclusive lock" but it's mostly on
MacOS & editing php.ini doesn't help:
Relevant error from /var/log/maillog
Feb 17 11:15:20 hostname postfix/postfix-script[293
Feb 17 11:15:20 hostname postfix/master[29384]: fatal: open lock file /var/lib/postfix/master.lo
Feb 17 11:15:21 hostname postfix/smtpd[28721]: warning: connect #7 to subsystem private/proxymap: Connection refused
Feb 17 11:15:24 hostname postfix/postfix-script[293
Feb 17 11:15:31 hostname postfix/smtpd[28721]: warning: connect #8 to subsystem private/proxymap: Connection refused
Feb 17 11:15:41 hostname postfix/smtpd[28721]: warning: connect #9 to subsystem private/proxymap:
++++++++++++++++++++++++++
# ./postfinger.sh --nowarn
postfinger - postfix configuration on Thu Feb 17 10:12:16 SGT 2011
version: 1.30
--System Parameters--
mail_version = 2.5.6
hostname = xxxxxxxx
uname = Linux xxxxxxxx 2.6.12.6-xen0 #1 Tue Jan 31 16:03:21 GMT 2006 i686 i686 i386 GNU/Linux
--Packaging information--
looks like this postfix comes from RPM package: postfix-2.5.6-1.rhel4
--main.cf non-default parameters--
alias_database = hash:/etc/postfix/aliases
alias_maps = hash:/etc/postfix/aliases
html_directory = /usr/share/doc/postfix-2.5
mailq_path = /usr/bin/mailq.postfix
mail_spool_directory = /pop3/spool/mail
manpage_directory = /usr/share/man
mydomain = portalcity-tech.com
myhostname = smtp.portalcity-tech.com
myorigin = $mydomain
newaliases_path = /usr/bin/newaliases.postfi
queue_directory = /pop3/spool/postfix
readme_directory = /usr/share/doc/postfix-2.5
sendmail_path = /usr/sbin/sendmail.postfix
smtpd_sasl_auth_enable = yes
--master.cf--
smtp inet n - n - - smtpd
pickup fifo n - n 60 1 pickup
cleanup unix n - n - 0 cleanup
qmgr fifo n - n 300 1 qmgr
tlsmgr unix - - n 1000? 1 tlsmgr
rewrite unix - - n - - trivial-rewrite
bounce unix - - n - 0 bounce
defer unix - - n - 0 bounce
trace unix - - n - 0 bounce
verify unix - - n - 1 verify
flush unix n - n 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - n - - smtp
relay unix - - n - - smtp
-o smtp_fallback_relay=
showq unix n - n - - showq
error unix - - n - - error
retry unix - - n - - error
discard unix - - n - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
anvil unix - - n - 1 anvil
scache unix - - n - 1 scache
-- end of postfinger output --
# postconf -n
alias_database = hash:/etc/postfix/aliases
alias_maps = hash:/etc/postfix/aliases
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
html_directory = /usr/share/doc/postfix-2.5
inet_interfaces = all
mail_owner = postfix
mail_spool_directory = /pop3/spool/mail
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
mydomain = myportaltech.com
myhostname = smtp.myportaltech.com
myorigin = $mydomain
newaliases_path = /usr/bin/newaliases.postfi
queue_directory = /pop3/spool/postfix
readme_directory = /usr/share/doc/postfix-2.5
sample_directory = /etc/postfix
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_option
unknown_local_recipient_re