Receiving External Mail on Linux


I setup Postfix on my machine to send e-mail. :slight_smile:

Ok, so then I created an account on the machine called accounts.

Then from gmail, I sent a mail to I logged into my server as ‘accounts’, and typed mail expecting to see the e-mail I sent from gmail. There was nothing…

It’s weird, it sends the mails out fine, but I can’t receive anything. The mail didn’t get bounced either, so I don’t know where exactly it is…

Any ideas?


For to be able to receive the mail, these conditions must be satisfied:

The MX record for must resolve to the SMTP server that receives the mail. Extra hassle if the server has a floating address, i.e. dynamic.

The server must accept mail for

The server must be reachable on port 25, i.e. firewalls, etc. must be taken care of.

The account must be valid on the server.

If you have just a home ISP connection you may not satisfy some of those conditions.

For to be able to receive the mail, these conditions must be satisfied:

The MX record for must resolve to the SMTP server that receives the mail. Extra hassle if the server has a floating address, i.e. dynamic.

I think this is ok… I have added an MX record for the domain.

The server must accept mail for

I don’t know how to determine this.

The server must be reachable on port 25, i.e. firewalls, etc. must be taken care of.

I have done a telnet onto the machine from another host and it seems fine.

The account must be valid on the server.

I have created an account called ‘accounts’…

If you have just a home ISP connection you may not satisfy some of those conditions.

It’s not a home ISP connection. I am logging onto a dedicated web server provided by my hosting company.

In postfix there is a setting for the set of domains that the server accepts. You can also test it empirically by telneting from the outside and giving a RCPT TO with the target domain. If the mail is rejected, then postfix is not accepting mail for that domain. Typically postfix says you are not allowed to relay, meaning I don’t know that domain you asked for so I’m not going to pass any mail to it.

Weren’t you the one who had exactly this response from a telnet probe?

Yes I was… I think I am getting somewhere with it now. When I telnet to it connects fine… but when I telnet to it doesn’t know who it is. Is this the MX record? I’m not sure…

The MX is what you get back in the answer section from this query:

dig mx

if anything.

I changed these settings in Postfix. They were commented out.

mydestination = $myhostname, localhost.$mydomain, localhost, mail.$mydomain


local_recipient_maps =

which means it should accept everything from everyone… not ideal I know but it would suffice for the purposes of getting it working.

Is a different system then When yes, why the test to telnet to When no, why the double name? Is the second name in the DNS server as an alias? And the MX record points to
BTW you say telnet, I hope you mean

telnet <host> 25

else telnet will go to its default port 22.

23 actually. We’re all so used to ssh now.

:shame: I thought about checking this, but was too lazy


Thanks for all the replies… yes, I am using 25. I am not sure why I am using, it’s the same machine as… I don’t have a separate mail server. When it came to populating the MX record it was looking for, so I put in mail. I am not sure what the point of it is though, just to keep them separate I guess…


So does resolve to an IP address, or do you effectively have no MX at all?

Or rephrasing, there’s nothing wrong with specifying the MX as but it must be an A or CNAME. If you make up a domain name called mail, it has eventually resolve to an IP address.

If you really do have an IP address for, watch carefully what address telnet says it’s connecting to, that it’s the correct one.

Also read the banner that postfix gives, you can also get it to display something specific to the server.

And if it’s the correct one, then that server should have in its mail log at the very least a record that a connection was made.

If necessary you can do a netstat -atn on the server while the telnet is running and see that a connection is active on port 25 from the client machine.

All the tools are there to do a diagnosis. You just have to pay attention.

Adding to ken_yap, I have the idea that you have no idea what things like are.

The are fully qualified hostnames with the first item being the name of the host and the rest the domain (starting with the lowest subdomain, going upwards to the root domain). They are meant to resolve to IP addresses when it comes to network traffic. They are only there for human usage. The names like www, mail, etc, have no meaning for the network, they are just combinations of charactars that should be unique inside their subdomain. Convenience dictates that webservers of have the name www, etc. But that is no must and by no means general (the website I am typing this has the name

Now for a hostname to resolve to an IP address it has to have an A record in the appropriate DNS server. When you want to gave the same IP aaddress a second hostname you must ad a CNAME record to the DNS serve. And for translating back the IP address into a hostname (including its aliases when exitsing) you need aPTR record in the appropriate DNS server.

So, when you have an existing, propperly in DNS defined host and want to run a mail client on it you need an MX record pointing to When you think that hat is a terrible name that will confuse people (silly idea to me, theyshouild just use it, not think about it), you shouls add a CNAME record for and mention this host in your MX record.

After this there will be no difference between

telnet 25


telnet 25

because both name resolve to the same IP address and would be the same as

telnet 25

BTW there are valid reasons to use aliases for different usages on a system. You can then later move one function easily to an other system (other IP adress) by changing th DNS server.

(And you can see how the idea that hosts with name www are something different has even infiltrated this forums software. It insists on making a link from and not from Do not now if this makes me >:) or rotfl! )

Wow! Thanks very much to everyone for long and detailed replies… Ok, I have changed the DNS to the following:

Record                Domain                         IP
A                     ip address
A                       ip address
PTR                    resolving to my ipaddress

I wasn’t able to add a CNAME, it said an A record already exists… weird but anyway, now I can telnet to and and it uses the same ip…


This is not correct. As you do not show how your CNAME RR looked like, I can not comment on its correctness. Apart from other RRs in the DNS server (like SOA) there must be:           A          CNAME               MX   PTR

These are normaly in two different zone files in the DNS server, each being based on resp. and 20.30.40.INT-ADDR.ARPA so the constant repeating of the domain inside the files may be omitted.
This will direct all mail send to to go to the host, which host is an alias of, whose address is

Hope this helps.

What is wrong in my opinion in your setup (as far as I can see because you do not show the complete RRs):
. two hosts with the same IP address instead of a proper CNAME;
. MX RR pointing mail directed to www to go to mail, which is the same as www, so why redirect this mail?
. PTR RR resolving to mail instead of www (this only when mail is a CNAME, when www is a CNAME of mail it would be correct).

Hurrah! It works… almost… a little bit weird but it works nonetheless.

If I send a mail to user@**mail.** it works!!!

Actually it’s not illegal to have two or more A records with the same IP. In fact some DNS experts argue that this is better than one A and the rest CNAMEs for various justifications. I won’t go into those reasons here. What is not legal is a CNAME pointing to a CNAME.

This shows that your e-mail program works on that system. It does not show that any MX RR works, because you send it now directly to There is no MX record needed for that.

To ken_yap,
I am aware of that, but it seemed better to tell eeijlar directly what to do then digging deeper in the fineries of DNS. IMHO he still does not understand exactly why he needs, or not needs som RRs. Maybe does not matter as long as it works :wink: . (Would not be enough to me though, I always want to know why???)

I sent the mail externally from gmail… any idea why it works for and not

… and no I haven’t a clue what I’m doing, or what any of this means. DNS is all greek to me :slight_smile:

I think it doesn’t help that you are doing this at a DNS registrar’s site. In this case you have to learn to use dig to figure out what various names map to.

Also you should be aware of TTLs of records. You may have an old record that hasn’t expired yet so gmail is using cached information. That is why changes in DNS zones should be made carefully because once an unintended record is out there, you can only wait for the TTL to expire before it will change. Seasoned experts pull down the TTL before they make changes that might have to be revoked quickly.