Link to home
Start Free TrialLog in
Avatar of sunhux
sunhux

asked on

tracing why SMTP email did not arrive at postfix server


Just set up postfix & it's running on my RHES 4.2 box.

Immediately after postfix is up, I test sending emails from a permitted domain
(ahhh, on this postfix server's domain firewall, we even have a firewall rule
 which permits Tcp25 from those few sending domains' SMTP servers) using
an email client  to sender_id@[IP_address_of_the_postfix_server]  & the
/var/log/maillog on the postfix server indicated the email arrives at the postfix
server (with some errors though) :

# grep recipient_id /var/log/maillog*
maillog:Feb 15 11:41:52 hostname postfix/smtpd[6891]: NOQUEUE: reject: RCPT from gate1.mds.com.sg[203.126.130.157]: 554 5.7.1 <recipient_id@[202.6.163.31]>: Relay access denied; from=<prvs=020cae8c4=recipient_id@mds.com.sg> to=<recipient_id@[202.6.163.31]> proto=ESMTP helo=<gate1.mds.com.sg>
maillog:Feb 15 13:43:20 hostname sendmail[7688]: NOQUEUE: SYSERR(recipient_id): can not chdir(/var/spool/mqueue/): Permission denied

Then I installed dovecot rpm on my RHES box : uninstall it as it's an old version &
reinstall with a newer version & start up dovecot as well.

I did not test sending to sender_id@domain_name at that time because the domain I
purchased from a domain provider/registrar has yet to be registered in our ISP's
DNS.  Subsequently I registered the following A, MX & NS  records with our ISP :
A:      myportaltech.com.            IN      A      202.6.163.31
A:      smtp.myportaltech.com.      IN      A      202.6.163.31

PTR:      31.163.6.202.in-addr.arpa.      IN      PTR      smtp.myportaltech.com.

MX:      myportaltech.com.            IN      MX      10      smtp.myportaltech.com.

NS:      myportaltech.com.             IN          NS          ns1.businessexprezz.com.
NS:      myportaltech.com.             IN          NS          ns2.businessexprezz.com.

The above myportaltech is just a fictitious name of my domain but I
can provide the actual domain name if needed.

After the above records have been propagated to all other DNSes, I
test sending email from the same permitted domain, this time using
domain name & the email never arrives & I did not receive a 'bounced
mail' notification too.  Then I test sending from the same domain to
recipient_id@[202.6.163.31] & this time round, the test email never
show up in /var/log/maillog* anymore.

The network/security guys confirmed that the firewall logs did not
show any denied SMTP records.

So how do I go about troubleshooting this?  

Is this a DNS record entries issue, firewall/network issue or something
within my postfix server?

Avatar of sunhux
sunhux

ASKER


Sorry for the lack of info in earlier post.

Think the main issue is I can't even start up postfix (though
"ps -ef | grep postfix" showed there's a master postfix process
running & 'telnet localhost 25" showed it's listening :

[root@etc]# postfix set-permissions
[root@etc]# postfix start
postfix/postfix-script: starting the Postfix mail system
[root@ etc]# postfix reload
postfix/postfix-script: fatal: the Postfix mail system is not running

I googed for "master.lock unable exclusive lock" but it's mostly on
MacOS & editing php.ini doesn't help:

Relevant error from /var/log/maillog
Feb 17 11:15:20 hostname postfix/postfix-script[29383]: starting the Postfix mail system
Feb 17 11:15:20 hostname postfix/master[29384]: fatal: open lock file /var/lib/postfix/master.lock: unable to set exclusive lock: Resource temporarily unavailable
Feb 17 11:15:21 hostname postfix/smtpd[28721]: warning: connect #7 to subsystem private/proxymap: Connection refused
Feb 17 11:15:24 hostname postfix/postfix-script[29387]: fatal: the Postfix mail system is not running
Feb 17 11:15:31 hostname postfix/smtpd[28721]: warning: connect #8 to subsystem private/proxymap: Connection refused
Feb 17 11:15:41 hostname postfix/smtpd[28721]: warning: connect #9 to subsystem private/proxymap:
++++++++++++++++++++++++++++++++++=

# ./postfinger.sh --nowarn
postfinger - postfix configuration on Thu Feb 17 10:12:16 SGT 2011
version: 1.30

--System Parameters--
mail_version = 2.5.6
hostname = xxxxxxxx
uname = Linux xxxxxxxx 2.6.12.6-xen0 #1 Tue Jan 31 16:03:21 GMT 2006 i686 i686 i386 GNU/Linux

--Packaging information--
looks like this postfix comes from RPM package: postfix-2.5.6-1.rhel4

--main.cf non-default parameters--
alias_database = hash:/etc/postfix/aliases
alias_maps = hash:/etc/postfix/aliases
html_directory = /usr/share/doc/postfix-2.5.6-documentation/html
mailq_path = /usr/bin/mailq.postfix
mail_spool_directory = /pop3/spool/mail
manpage_directory = /usr/share/man
mydomain = portalcity-tech.com
myhostname = smtp.portalcity-tech.com
myorigin = $mydomain
newaliases_path = /usr/bin/newaliases.postfix
queue_directory = /pop3/spool/postfix
readme_directory = /usr/share/doc/postfix-2.5.6-documentation/readme
sendmail_path = /usr/sbin/sendmail.postfix
smtpd_sasl_auth_enable = yes

--master.cf--
smtp      inet  n       -       n       -       -       smtpd
pickup    fifo  n       -       n       60      1       pickup
cleanup   unix  n       -       n       -       0       cleanup
qmgr      fifo  n       -       n       300     1       qmgr
tlsmgr    unix  -       -       n       1000?   1       tlsmgr
rewrite   unix  -       -       n       -       -       trivial-rewrite
bounce    unix  -       -       n       -       0       bounce
defer     unix  -       -       n       -       0       bounce
trace     unix  -       -       n       -       0       bounce
verify    unix  -       -       n       -       1       verify
flush     unix  n       -       n       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
proxywrite unix -       -       n       -       1       proxymap
smtp      unix  -       -       n       -       -       smtp
relay     unix  -       -       n       -       -       smtp
        -o smtp_fallback_relay=
showq     unix  n       -       n       -       -       showq
error     unix  -       -       n       -       -       error
retry     unix  -       -       n       -       -       error
discard   unix  -       -       n       -       -       discard
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       n       -       -       lmtp
anvil     unix  -       -       n       -       1       anvil
scache    unix  -       -       n       -       1       scache

-- end of postfinger output --



# postconf -n
alias_database = hash:/etc/postfix/aliases
alias_maps = hash:/etc/postfix/aliases
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
html_directory = /usr/share/doc/postfix-2.5.6-documentation/html
inet_interfaces = all
mail_owner = postfix
mail_spool_directory = /pop3/spool/mail
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
mydomain = myportaltech.com
myhostname = smtp.myportaltech.com
myorigin = $mydomain
newaliases_path = /usr/bin/newaliases.postfix
queue_directory = /pop3/spool/postfix
readme_directory = /usr/share/doc/postfix-2.5.6-documentation/readme
sample_directory = /etc/postfix
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
unknown_local_recipient_reject_code = 550
Avatar of sunhux
sunhux

ASKER


The firewall admin told me they saw incoming SMTP traffic accepted &
pass through the Cyberguard firewall (from Cybergd logs).

Delivery has failed to these recipients or groups:

root@myportaltech.com
A problem occurred during the delivery of this message to this e-mail address. Try sending this message again. If the problem continues, please contact your helpdesk.

I got the following bounced mail notification & further down (after the
****** line) is the latest maillog

The following organization rejected your message: [202.6.163.31].

Diagnostic information for administrators:
Generating server: gate2.mds.com.sg

root@myportaltech.com
[202.6.163.31] #<[202.6.163.31] #5.0.0 smtp; 5.1.0 - Unknown address error 554-'5.7.1 <root@myportaltech.com>: Relay access denied' (delivery attempts: 0)> #SMTP#

Original message headers:

X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AhEBAMtCXE3AqINE/2dsb2JhbACXTI88vSyFXgSPXw
Received: from unknown (HELO sght02.mds.corp.int-ads) ([192.168.131.68])  by
 gate2.mds.com.sg with ESMTP/TLS/AES128-SHA; 17 Feb 2011 15:44:26 +0800
Received: from SGMBX02.mds.corp.int-ads ([fe80::11cd:49e0:af0f:1ba]) by
 sght02.mds.corp.int-ads ([::1]) with mapi id 14.01.0270.001; Thu, 17 Feb 2011
 15:44:26 +0800
From: "G PO mds" <sender_id@mds.com.sg>
To: "recipient_id@myportaltech.com" <recipient_id@myportaltech.com>
CC: "root@myportaltech.com" <root@myportaltech.com>
Subject: RE: testg tcpdump 1
Thread-Topic: testg tcpdump 1
Thread-Index: AQHLznZ/QZa8lLNf9kWxtxpo3qMWag==
Date: Thu, 17 Feb 2011 07:44:25 +0000
Message-ID: <B4D798BD8BA6A140B26EF75C1012558D114E85@SGMBX02.mds.corp.int-ads>
References: <B4D798BD8BA6A140B26EF75C1012558D0F14F3@SGMBX03.mds.corp.int-ads>

***************************************************************************************

********************************** latest maillog **************************************

Feb 17 14:12:41 hostname postfix/smtpd[30975]: > gate2.mds.com.sg[203.126.130.164]: 554 5.7.1 <senderid@myportaltech.com>: Relay access denied
Feb 17 14:12:41 hostname postfix/smtpd[30975]: watchdog_pat: 0x80baf68
Feb 17 14:12:41 hostname postfix/smtpd[30975]: < gate2.mds.com.sg[203.126.130.164]: RCPT TO:<root@myportaltech.com>
Feb 17 14:12:41 hostname postfix/smtpd[30975]: extract_addr: input: <root@myportaltech.com>
Feb 17 14:12:41 hostname postfix/smtpd[30975]: smtpd_check_addr: addr=root@myportaltech.com
Feb 17 14:12:41 hostname postfix/smtpd[30975]: send attr request = rewrite
Feb 17 14:12:41 hostname postfix/smtpd[30975]: send attr rule = local
Feb 17 14:12:41 hostname postfix/smtpd[30975]: send attr address = root@myportaltech.com
Feb 17 14:12:41 hostname postfix/smtpd[30975]: private/rewrite socket: wanted attribute: flags
Feb 17 14:12:41 hostname postfix/smtpd[30975]: input attribute name: flags
Feb 17 14:12:41 hostname postfix/smtpd[30975]: input attribute value: 0
Feb 17 14:12:41 hostname postfix/smtpd[30975]: private/rewrite socket: wanted attribute: address
Feb 17 14:12:41 hostname postfix/smtpd[30975]: input attribute name: address
Feb 17 14:12:41 hostname postfix/smtpd[30975]: input attribute value: root@myportaltech.com

Feb 17 14:12:41 hostname postfix/smtpd[30975]: input attribute value: root@myportaltech.com
Feb 17 14:12:41 hostname postfix/smtpd[30975]: private/rewrite socket: wanted attribute: (list terminator)
Feb 17 14:12:41 hostname postfix/smtpd[30975]: input attribute name: (end)
Feb 17 14:12:41 hostname postfix/smtpd[30975]: rewrite_clnt: local: root@myportaltech.com -> root@myportaltech.com
Feb 17 14:12:41 hostname postfix/smtpd[30975]: send attr request = resolve
Feb 17 14:12:41 hostname postfix/smtpd[30975]: send attr sender =
Feb 17 14:12:41 hostname postfix/smtpd[30975]: send attr address = root@myportaltech.com
Feb 17 14:12:41 hostname postfix/smtpd[30975]: private/rewrite socket: wanted attribute: flags
Feb 17 14:12:41 hostname postfix/smtpd[30975]: input attribute name: flags
Feb 17 14:12:41 hostname postfix/smtpd[30975]: input attribute value: 0
Feb 17 14:12:41 hostname postfix/smtpd[30975]: private/rewrite socket: wanted attribute: transport
Feb 17 14:12:41 hostname postfix/smtpd[30975]: input attribute name: transport
Feb 17 14:12:41 hostname postfix/smtpd[30975]: input attribute value: smtp
Feb 17 14:12:41 hostname postfix/smtpd[30975]: private/rewrite socket: wanted attribute: nexthop
Feb 17 14:12:41 hostname postfix/smtpd[30975]: input attribute name: nexthop
Feb 17 14:12:41 hostname postfix/smtpd[30975]: input attribute value: myportaltech.com

Feb 17 14:12:41 hostname postfix/smtpd[30975]: input attribute value: myportaltech.com
Feb 17 14:12:41 hostname postfix/smtpd[30975]: private/rewrite socket: wanted attribute: recipient
Feb 17 14:12:41 hostname postfix/smtpd[30975]: input attribute name: recipient
Feb 17 14:12:41 hostname postfix/smtpd[30975]: input attribute value: root@myportaltech.com
Feb 17 14:12:41 hostname postfix/smtpd[30975]: private/rewrite socket: wanted attribute: flags
Feb 17 14:12:41 hostname postfix/smtpd[30975]: input attribute name: flags
Feb 17 14:12:41 hostname postfix/smtpd[30975]: input attribute value: 4096
Feb 17 14:12:41 hostname postfix/smtpd[30975]: private/rewrite socket: wanted attribute: (list terminator)
Feb 17 14:12:41 hostname postfix/smtpd[30975]: input attribute name: (end)
Feb 17 14:12:41 hostname postfix/smtpd[30975]: resolve_clnt: `' -> `root@myportaltech.com' -> transp=`smtp' host=`por
talcity-tech.com' rcpt=`root@myportaltech.com' flags= class=default
Feb 17 14:12:41 hostname postfix/smtpd[30975]: ctable_locate: install entry key root@myportaltech.com
Feb 17 14:12:41 hostname postfix/smtpd[30975]: extract_addr: in: <root@myportaltech.com>, result: root@myportaltech.com
Feb 17 14:12:41 hostname postfix/smtpd[30975]: >>> START Recipient address RESTRICTIONS <<<
Feb 17 14:12:41 hostname postfix/smtpd[30975]: generic_checks: name=reject_invalid_hostname

Feb 17 14:12:41 hostname postfix/smtpd[30975]: generic_checks: name=reject_invalid_hostname
Feb 17 14:12:41 hostname postfix/smtpd[30975]: reject_invalid_hostname: gate2.mds.com.sg
Feb 17 14:12:41 hostname postfix/smtpd[30975]: generic_checks: name=reject_invalid_hostname status=0
Feb 17 14:12:41 hostname postfix/smtpd[30975]: generic_checks: name=reject_unauth_pipelining
Feb 17 14:12:41 hostname postfix/smtpd[30975]: reject_unauth_pipelining: RCPT
Feb 17 14:12:41 hostname postfix/smtpd[30975]: generic_checks: name=reject_unauth_pipelining status=0
Feb 17 14:12:41 hostname postfix/smtpd[30975]: generic_checks: name=permit_mynetworks
Feb 17 14:12:41 hostname postfix/smtpd[30975]: permit_mynetworks: gate2.mds.com.sg 203.126.130.164
Feb 17 14:12:41 hostname postfix/smtpd[30975]: match_hostname: gate2.mds.com.sg ~? 172.18.20.0/24
Feb 17 14:12:41 hostname postfix/smtpd[30975]: match_hostaddr: 203.126.130.164 ~? 172.18.20.0/24
Feb 17 14:12:41 hostname postfix/smtpd[30975]: match_hostname: gate2.mds.com.sg ~? 127.0.0.0/8
Feb 17 14:12:41 hostname postfix/smtpd[30975]: match_hostaddr: 203.126.130.164 ~? 127.0.0.0/8
Feb 17 14:12:41 hostname postfix/smtpd[30975]: match_list_match: gate2.mds.com.sg: no match
Feb 17 14:12:41 hostname postfix/smtpd[30975]: match_list_match: 203.126.130.164: no match
Feb 17 14:12:41 hostname postfix/smtpd[30975]: generic_checks: name=permit_mynetworks status=0
Feb 17 14:12:41 hostname postfix/smtpd[30975]: generic_checks: name=permit_sasl_authenticated

Feb 17 14:12:41 hostname postfix/smtpd[30975]: generic_checks: name=permit_sasl_authenticated
Feb 17 14:12:41 hostname postfix/smtpd[30975]: generic_checks: name=permit_sasl_authenticated status=0
Feb 17 14:12:41 hostname postfix/smtpd[30975]: generic_checks: name=reject_unauth_destination
Feb 17 14:12:41 hostname postfix/smtpd[30975]: reject_unauth_destination: root@myportaltech.com
Feb 17 14:12:41 hostname postfix/smtpd[30975]: permit_auth_destination: root@myportaltech.com
Feb 17 14:12:41 hostname postfix/smtpd[30975]: ctable_locate: leave existing entry key root@myportaltech.com
Feb 17 14:12:41 hostname postfix/smtpd[30975]: NOQUEUE: reject: RCPT from gate2.mds.com.sg[203.126.130.164]: 554 5.7.1 <
root@myportaltech.com>: Relay access denied; from=<prvs=02230e707=senderid@mds.com.sg> to=<root@myportaltech.com> pr
oto=ESMTP helo=<gate2.mds.com.sg>
Feb 17 14:12:41 hostname postfix/smtpd[30975]: generic_checks: name=reject_unauth_destination status=2
Feb 17 14:12:41 hostname postfix/smtpd[30975]: > gate2.mds.com.sg[203.126.130.164]: 554 5.7.1 <root@myportaltech.com>
: Relay access denied
Feb 17 14:12:41 hostname postfix/smtpd[30975]: watchdog_pat: 0x80baf68
Feb 17 14:12:42 hostname postfix/smtpd[30975]: < gate2.mds.com.sg[203.126.130.164]: RSET
Feb 17 14:12:42 hostname postfix/smtpd[30975]: > gate2.mds.com.sg[203.126.130.164]: 250 2.0.0 Ok
Feb 17 14:12:42 hostname postfix/smtpd[30975]: watchdog_pat: 0x80baf68

Feb 17 14:12:47 hostname postfix/smtpd[30975]: < gate2.mds.com.sg[203.126.130.164]: QUIT
Feb 17 14:12:47 hostname postfix/smtpd[30975]: > gate2.mds.com.sg[203.126.130.164]: 221 2.0.0 Bye
Feb 17 14:12:47 hostname postfix/smtpd[30975]: match_hostname: gate2.mds.com.sg ~? 172.18.20.0/24
Feb 17 14:12:47 hostname postfix/smtpd[30975]: match_hostaddr: 203.126.130.164 ~? 172.18.20.0/24
Feb 17 14:12:47 hostname postfix/smtpd[30975]: match_hostname: gate2.mds.com.sg ~? 127.0.0.0/8
Feb 17 14:12:47 hostname postfix/smtpd[30975]: match_hostaddr: 203.126.130.164 ~? 127.0.0.0/8
Feb 17 14:12:47 hostname postfix/smtpd[30975]: match_list_match: gate2.mds.com.sg: no match
Feb 17 14:12:47 hostname postfix/smtpd[30975]: match_list_match: 203.126.130.164: no match
Feb 17 14:12:47 hostname postfix/smtpd[30975]: send attr request = disconnect
Feb 17 14:12:47 hostname postfix/smtpd[30975]: send attr ident = smtp:203.126.130.164
Feb 17 14:12:47 hostname postfix/smtpd[30975]: private/anvil: wanted attribute: status
Feb 17 14:12:47 hostname postfix/smtpd[30975]: input attribute name: status
Feb 17 14:12:47 hostname postfix/smtpd[30975]: input attribute value: 0
Feb 17 14:12:47 hostname postfix/smtpd[30975]: private/anvil: wanted attribute: (list terminator)
Feb 17 14:12:47 hostname postfix/smtpd[30975]: input attribute name: (end)

Feb 17 14:12:47 hostname postfix/smtpd[30975]: match_hostaddr: 203.126.130.164 ~? 127.0.0.0/8
Feb 17 14:12:47 hostname postfix/smtpd[30975]: match_list_match: gate2.mds.com.sg: no match
Feb 17 14:12:47 hostname postfix/smtpd[30975]: match_list_match: 203.126.130.164: no match
Feb 17 14:12:47 hostname postfix/smtpd[30975]: send attr request = disconnect
Feb 17 14:12:47 hostname postfix/smtpd[30975]: send attr ident = smtp:203.126.130.164
Feb 17 14:12:47 hostname postfix/smtpd[30975]: private/anvil: wanted attribute: status
Feb 17 14:12:47 hostname postfix/smtpd[30975]: input attribute name: status
Feb 17 14:12:47 hostname postfix/smtpd[30975]: input attribute value: 0
Feb 17 14:12:47 hostname postfix/smtpd[30975]: private/anvil: wanted attribute: (list terminator)
Feb 17 14:12:47 hostname postfix/smtpd[30975]: input attribute name: (end)
Feb 17 14:12:47 hostname postfix/smtpd[30975]: disconnect from gate2.mds.com.sg[203.126.130.164]
Feb 17 14:16:07 hostname postfix/anvil[30977]: statistics: max connection rate 1/60s for (smtp:203.126.130.164) at Feb 1
7 14:12:41
Feb 17 14:16:07 hostname postfix/anvil[30977]: statistics: max connection count 1 for (smtp:203.126.130.164) at Feb 17 1
4:12:41
Feb 17 14:16:07 hostname postfix/anvil[30977]: statistics: max cache size 1 at Feb 17 14:12:41
ASKER CERTIFIED SOLUTION
Avatar of Member_2_4694817
Member_2_4694817
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of sunhux
sunhux

ASKER

not fully resolved