nixCraft Linux Forum

nixCraft

Linux Tech Support Forum

postfix + google = headache. your help needed

This is a discussion on postfix + google = headache. your help needed within the Linux software forums, part of the Linux Getting Started category; Hi all, I installed recently Postfix + Dovecot (yum) on a CentOS 5.1 test box. The configuration went OK, I ...


Go Back   nixCraft Linux Forum > Linux Getting Started > Linux software

postfix + google = headache. your help needed postfix + google = headache. your help needed

Register FAQ Members List Calendar Mark Forums Read

Reply

 

LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 02-25-2008, 10:06 AM
Junior Member
User
  
Join Date: Apr 2007
My distro: CentOS 5
Posts: 9
Rep Power: 0
TECK is on a distinguished road
Default postfix + google = headache. your help needed
Hi all,

I installed recently Postfix + Dovecot (yum) on a CentOS 5.1 test box. The configuration went OK, I can telnet on port 25, 587 and 465 with no problems.

Code:
# hostname -f
localhost.localdomain

#openssl s_client -connect localhost:465
CONNECTED(00000003)
depth=0 /C=CA/ST=Quebec/L=Montreal/O=Axivo Inc./CN=localhost/emailAddress=webmaster@localhost
verify error:num=18:self signed certificate
verify return:1
depth=0 /C=CA/ST=Quebec/L=Montreal/O=Axivo Inc./CN=localhost/emailAddress=webmaster@localhost
verify return:1
[more certificate code here ...]
---
220 localhost.localdomain ESMTP Postfix
ehlo localhost
250-localhost.localdomain
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN

# telnet localhost 587
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 localhost.localdomain ESMTP Postfix
ehlo localhost
250-localhost.localdomain
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
Now, if I want to send a test email using a PHP script (I tried in vBulletin), I get this message in maillog:
Code:
Feb 24 23:21:08 localhost postfix/smtp[4148]: connect to ALT1.ASPMX.L.GOOGLE.com[209.85.133.114]: Connection timed out (port 25)
The email I send out to is set on a Gmail for my domain host. In other words, mail.domain.com is CNAMEed to Google servers.
I was wondering if you could look at my setup and let me know if I missed something.

main.cf
Code:
queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
mail_owner = postfix
default_privs = nobody
inet_interfaces = all
mydestination = $myhostname, localhost.$mydomain, localhost
unknown_local_recipient_reject_code = 550
mynetworks = 192.168.1.0/24, 127.0.0.0/8
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
home_mailbox = Maildir/
mail_spool_directory = /var/spool/mail
mailbox_command = /usr/bin/procmail
local_destination_concurrency_limit = 2
default_destination_concurrency_limit = 20
debug_peer_level = 1
debugger_command =
     PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
     xxgdb $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/sbin/sendmail.postfix
newaliases_path = /usr/bin/newaliases.postfix
mailq_path = /usr/bin/mailq.postfix
setgid_group = postdrop
html_directory = no
manpage_directory = /usr/share/man
sample_directory = /usr/share/doc/postfix-2.3.3/samples
readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES

smtp_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
smtpd_recipient_restrictions =
    permit_mynetworks,
    permit_sasl_authenticated,
    reject_unauth_destination
smtpd_delay_reject = yes
broken_sasl_auth_clients = yes
smtpd_use_tls = yes
smtpd_tls_auth_only = no
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_smtp_use_tls = yes
tls_random_exchange_name = /etc/postfix/prng_exch
tls_random_source = dev:/dev/urandom
master.cf (with some verbose turned on)
Code:
smtp      inet  n       -       n       -       -       smtpd -v
submission inet n       -       n       -       -       smtpd -v
  -o smtpd_enforce_tls=no
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
smtps     inet  n       -       n       -       -       smtpd -v
  -o smtpd_tls_wrappermode=yes
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
...
the rest is unchanged as default conf
I also set the mta to sendmail.postfix.
Code:
# alternatives --config mta

$ ls -l /usr/sbin/sendmail
lrwxrwxrwx 1 root root 21 Dec 14 23:13 /usr/sbin/sendmail -> /etc/alternatives/mta

$ ls -l /etc/alternatives/mta
lrwxrwxrwx 1 root root 26 Feb 23 23:16 /etc/alternatives/mta -> /usr/sbin/sendmail.postfix
I also added the certificates into Dovecot.

Code:
# vi /etc/dovecot.conf
ssl_cert_file = /etc/postfix/ssl/smtpd.crt
ssl_key_file = /etc/postfix/ssl/smtpd.key
ssl_key_password = challenged_password
To generate the certificates, I used:

Code:
# mkdir /etc/postfix/ssl
# cd /etc/postfix/ssl
# openssl genrsa -des3 -rand /etc/hosts -out smtpd.key 1024
# chmod 600 smtpd.key
# openssl req -new -key smtpd.key -out smtpd.csr
# openssl x509 -req -days 3650 -in smtpd.csr -signkey smtpd.key -out smtpd.crt
# openssl rsa -in smtpd.key -out smtpd.key.unencrypted
# mv -f smtpd.key.unencrypted smtpd.key
# openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.pem -days 3650
Any help is appreciated. Thank you for taking the time to read this thread.
__________________
yqed.com (why queued) - my blog
Reply With Quote
Sponsored Links
  #2 (permalink)  
Old 02-25-2008, 11:10 AM
Junior Member
User
  
Join Date: Apr 2007
My distro: CentOS 5
Posts: 9
Rep Power: 0
TECK is on a distinguished road
Default
Hmm, the only server I can connect through telnet is localhost, anything else will timeout.

Code:
# telnet ALT2.ASPMX.L.GOOGLE.com 25
Trying 64.233.183.114...
telnet: connect to address 64.233.183.114: Connection timed out
Trying 64.233.183.27...
telnet: connect to address 64.233.183.27: Connection timed out
telnet: Unable to connect to remote host: Connection timed out
In iptables, I have the line:
Code:
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 25 -j ACCEPT
What should I look for? It does not look like being a postfix issue.
__________________
yqed.com (why queued) - my blog
Reply With Quote
  #3 (permalink)  
Old 02-26-2008, 04:45 PM
Member
User
  
Join Date: Jul 2005
Posts: 85
Rep Power: 0
ricc
Default
I don't know much about the postfix configuration, but I think it is due to the smtp port being blocked on your side.

First of all, let us know how are you connected to the net. Is it thru a firewall/proxy or is the local email server connected directly to the net.

It looks to me like that Firewall is blocking SMTP port connections to the outside world.

Check whether you can connect to Google SMTP from another system on your network. If it can, it means there is something blocking the connection on your localserver. If it also cannot, it means that the firewall is blocking the connection.

ricc
Reply With Quote
Reply

Bookmarks

« How to Create auto restore CD/DVD for linux | facing error while installing oracle on suse 10.1 »

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)

 
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

Similar Threads

Thread Thread Starter Forum Replies Last Post
Google Earth Linux 4.0 Best Program to Download sweta Linux software 0 05-04-2007 12:29 AM
Guidance needed jithendra Linux software 2 11-07-2006 09:26 AM
Help needed regarding bash scripting of a webpage chris411 Shell scripting 2 09-07-2006 10:40 AM
using sed to delete everything except needed patterns guest Shell scripting 8 09-12-2005 02:57 AM
Google India announces topcoder competition vivek The Hangout 0 02-08-2005 07:31 AM


All times are GMT +5.5. The time now is 04:51 PM.

Contact Us - Linux answers from nixCraft - Archive - Top

Powered by vBulletin® Version 3.7.2 - Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Search Engine Optimization by vBSEO 3.2.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36