Hi All

I have OpenSuse 64bit running a web site.

I have a form on this site here:-

Dynamic Systems Group

The script itself works and I have tested it on another hosted server and it works fine.

However on my server the email the script sends never arrives, which must be a problem with my Postfix settings I guess.

However I also have two pages on my site for testing sending of mail, which BOTH report a postive result:-

http://www.dynamicsystems.gb.com/testmail.php
and
http://www.dynamicsystems.gb.com/testmail2.php

However even though these pages report successful send the mail stil never arrives.

I have looked at many pages and forums on the internet and I am really, really confused as to how to set up Postfix. On the Suse box I have the Mail Server configured in Yast to send mail via my Gmail.com account using TLS and authentication but still no success!

Can anyone help me to understand how to make this work!! What information is required for you to help me.

I will say I am not a Linux expert, more associated with Windows, but do learn quickly.

Thanks in advance.

Steve B

On Fri, 31 Dec 2010 18:36:01 +0000, stevebragg wrote:

> However even though these pages report successful send the mail stil
> never arrives.

The script probably reports success just in submitting the mail to the
local postfix queue. You might check to see if your ISP blocks outbound
SMTP connections to any but its own SMTP server - if that’s the case,
then the mail is failing to get passed along because of the ISP’s
configuration.

I’ve run into that with my provider myself - the solution is to configure
postfix to relay through your ISP’s SMTP server.

I’ll have to see if I set it up with Postfix on my systems - when I first
set these systems up, they used sendmail, and I think because of that
they still are.

Jim

–
Jim Henderson
openSUSE Forums Administrator
Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C

Hi Jim

Thanks for the response.

We already run our own mail server on another computer on the network.

Therefore the issue you propose I know is not the case. Our broadband supplier does no hosting of any sort for us and we host around 6 email domains on the mail server I mention on the network, on a Windows box with hMailserver.

How can I find out what is happening on the Suse machine with the mail queue?

I said the mail server is Postfix. I just used the mail server in Yast and when I checked the installed software in the software manager and did a search for both postfix and sendmail only postfix appeared as an installed program.

The Suse version is 11.2 64bit.

I don’t understand why, if I have set up the outgoing mail to use my gmail account with TLS and authentication, why this happening.

I realise too there is an element of ignorance on my behalf too, with my lack of exeperience of Linux

All help gratefully appreciated.

Cheers

Steve

On 01/01/2011 08:06 AM, stevebragg wrote:
>
> Hi Jim
>
> Thanks for the response.
>
> We already run our own mail server on another computer on the network.
>
> Therefore the issue you propose I know is not the case. Our broadband
> supplier does no hosting of any sort for us and we host around 6 email
> domains on the mail server I mention on the network, on a Windows box
> with hMailserver.
>
> How can I find out what is happening on the Suse machine with the mail
> queue?
>
> I said the mail server is Postfix. I just used the mail server in Yast
> and when I checked the installed software in the software manager and
> did a search for both postfix and sendmail only postfix appeared as an
> installed program.
>
> The Suse version is 11.2 64bit.
>
> I don’t understand why, if I have set up the outgoing mail to use my
> gmail account with TLS and authentication, why this happening.

You do realize that this statement contradicts the statement above that you “run
our own mail server on another computer on the network”. If you already have a
server running, why do you need to use your gmail account as an SMTP server?

I use gmail as my SMTP server for both my Thunderbird account and as a relaying
agent for mailx. I suspect that you got something wrng in the postfix
configuration; however, I am not an expert on that program.

I am not sure I see why my statement about us having another server contradicts my comments.

The reason I resorted to trying to use my Gmail account was that emails were not being sent by the script on the webserver, even though we at first tried just using the Postfix mail sending function, then tried using the other mail server I mentioned and then, lastly, the Gmail account.

Surely if a person has a webserver with scripts that send mail form data and that server also has postfix (or another mail sending client) then there should be no need to use any other smtp service than the one on the webserver. There should not be any need to relay mail at all.

You could be right that something is wrong in the Postfix settings but I also do not know postfix so that is why I am struggling AND why I am looking for help. I am happy to use another email sender on the Suse box, if it comes to it.

So basically what am I doing wrong? The mail server on the Suse box is the one that comes with the OS and as far as I can see it is Postfix. In it’s opening configuration you can set up mail sending and I am presuming that the webserver scripts use this to send mail, maybe I am wrong and maybe some other mail sender is used?

Could the latter be the case?

I can’t readily find anything in the php.ini file as the settings in that apply to Windows webservers, not Linux ones… Or again am I wrong?

Any help welcome…

Cheers

Steve

Although I haven’t had the “opportunity” to troubleshoot Postfix (knock on wood, mail delivery has always worked for me or the issue was very obvious), I think I can comment and suggest some things to look at troubleshooting…

• First, I understand your Gmail configuration as an SMTP relay server, but you should really start with any working SMTP configuration in your network and try that first.

• Be aware that ISP blocking can be and is commonly filtered by IP address (of the mail server) so that rogue intruders cannot automatically send from your network… So, talk to your ISP to be certain the IP address of your new machine is permitted (or, if you have an extra mailserver in your network for redundancy you <might> consider briefly taking that one down and configuring your new server with that IP address).

Basic SMTP troubleshooting:

• Turn up logging, but due to the disconnected nature of SMTP transfers information will be limited.
  The first thing to determine is whether your message has left your first SMTP server. There are two places to look -

• The SMTP outbound delivery queue which holds all messages which have not successfully left the machine (eg destination not found) Usually repeated attempts will be made before the message would be routed directly to Badmail.

• The Badmail directory which holds messages when delivery has been attempted but have been rejected (eg path not found, server response but no mail delivered)

• Delivery verified in destination Inbox, not the same as delivery confirmation messages. Realize that if you’re working with an MS Exchange Server that it is a unique system that always accepts everything before deciding whether the message is deliverable. All other mail servers I know of will block undeliverable messages before acceptance.

• I think you’ve already looked at this, but consider all possibilities where authentication/authorization is required, typically on the local machine (by default practically all SMTP servers will accept messages from the local machine anonymously), at the edge of any network, at all SMTP Smart Servers (SMtP relay), and the destination server.

• Run TCPTRACEROUTE on port 25 to understand the most likely SMTP path.

Lastly, the local mailserver(s) on your network offer a useful opportunity for narrowing down issues, determining if your new local mailserver is properly configured and the problem is the edge of your network… Try sending messages from your new mailserver directly to your main mailserver. To do this, you will have to understand how your SMTP mailserver resolves destination mailservers, typically a DNS lookup is made (which is then added to the mailserver lookup cache), but if you are in a Domain network (eg Windows or LDAP) then the lookup might first be made against the LDAP directory.

However you’re setup, you’ll need to understand what is happening so you can force delivery in your LAN without leaving your network. Also, be aware that if you’ve already tried sending to this destination mailserver, the IP address may be cached and need to be cleared.

HTH and Good Luck,
Tony

On 2011-01-01 17:36, stevebragg wrote:
>
> I am not sure I see why my statement about us having another server
> contradicts my comments.

It does

> The reason I resorted to trying to use my Gmail account was that emails
> were not being sent by the script on the webserver, even though we at
> first tried just using the Postfix mail sending function, then tried
> using the other mail server I mentioned and then, lastly, the Gmail
> account.
>

It should be easier to send via the server in your network, as you should
be able to see the logs on that machine and thus learn what happens from
their side. With gmail, that is not possible.

> Surely if a person has a webserver with scripts that send mail form
> data and that server also has postfix (or another mail sending client)

Postfix is not a sending client. It is a Mail Transfer Agent.

> then there should be no need to use any other smtp service than the one
> on the webserver. There should not be any need to relay mail at all.

Yes, you have. In a nice world, you would be right; but this is a harsh
world, there are things like spam, and the people that manage the servers
that are going to receive your email will refuse to, if they don’t like
something on your setup. Your mail will be rejected, or silently ignored,
or dumped.

> You could be right that something is wrong in the Postfix settings but
> I also do not know postfix so that is why I am struggling AND why I am
> looking for help. I am happy to use another email sender on the Suse
> box, if it comes to it.

First step:

Send an email, and track its passage in the mail log. Where? Where all logs
are, in /var/log, in this case /var/log/mail. Open a terminal, type “less
/var/log/mail” and follow the email. If you don’t understand it, post it
here or in a pastebin. Careful with passwords and real addresses if you
want them private: change them, but tell us.

It is usually easier to check by using a local MUA (mail user client), like
mailx, that uses the local MTA (mail transfer agent). When that works, try
your webserver.

–
Cheers / Saludos,

Carlos E. R.
(from 11.2 x86_64 “Emerald” at Telcontar)

Thanks Carlos

As the log was 14,000 odd lines long and the less command revealed content from a long time ago I just opened the log in the text editor.

I went to the web site, completed the contact form, then opened the mail log and here is the latest entries from the time the contact form was sent:-

Jan 2 16:39:59 webserver postfix/cleanup[26040]: warning: database /etc/postfix/sender_canonical.db is older than source file /etc/postfix/sender_canonical
Jan 2 16:39:59 webserver postfix/cleanup[26040]: warning: database /etc/postfix/virtual.db is older than source file /etc/postfix/virtual
Jan 2 16:39:59 webserver postfix/pickup[25104]: 51452DC982: uid=30 from=<wwwrun>
Jan 2 16:39:59 webserver postfix/trivial-rewrite[26041]: warning: database /etc/postfix/virtual.db is older than source file /etc/postfix/virtual
Jan 2 16:39:59 webserver postfix/cleanup[26040]: 51452DC982: message-id=<20110102163959.51452DC982@mail.dsgmservices.com>
Jan 2 16:39:59 webserver postfix/qmgr[9663]: 51452DC982: from=<wwwrun@mail.dsgmservices.com>, size=1046, nrcpt=1 (queue active)
Jan 2 16:39:59 webserver postfix/smtp[26042]: warning: host mail.dynamicsystems.gb.com[80.175.232.145]:25 greeted me with my own hostname mail.dsgmservices.com
Jan 2 16:39:59 webserver postfix/smtp[26042]: warning: host mail.dynamicsystems.gb.com[80.175.232.145]:25 replied to HELO/EHLO with my own hostname mail.dsgmservices.com
Jan 2 16:39:59 webserver postfix/smtp[26042]: 51452DC982: to=<steve@anotherdomain.com>, relay=mail.dynamicsystems.gb.com[80.175.232.145]:25, delay=0.57, delays=0.16/0.01/0.4/0, dsn=5.4.6, status=bounced (mail for mail.dynamicsystems.gb.com loops back to myself)
Jan 2 16:39:59 webserver postfix/cleanup[26040]: C81E2DC983: message-id=<20110102163959.C81E2DC983@mail.dsgmservices.com>
Jan 2 16:39:59 webserver postfix/qmgr[9663]: C81E2DC983: from=<>, size=2982, nrcpt=1 (queue active)
Jan 2 16:39:59 webserver postfix/bounce[26043]: 51452DC982: sender non-delivery notification: C81E2DC983
Jan 2 16:39:59 webserver postfix/qmgr[9663]: 51452DC982: removed
Jan 2 16:39:59 webserver postfix/local[26045]: warning: database /etc/aliases.db is older than source file /etc/aliases
Jan 2 16:40:00 webserver postfix/lmtp[26047]: C81E2DC983: to=<name@mail.dsgmservices.com>, orig_to=<wwwrun@mail.dsgmservices.com>, relay=none, delay=0.17, delays=0.05/0.05/0.07/0, dsn=4.4.1, status=deferred (connect to mail.dsgmservices.com[/var/lib/imap/socket/lmtp]: No such file or directory)

Now reading this I can see that the web server is using a completely different server to relay/send through, or so it seems. I have set the mail server on the Suse box up to send via my Gmail account and clearly the mailed form from the site on the same machine is going via a different route, so it seems clear on that basis (I think) that the mail server on Suse is not the engine that is sending mail from the web sites…

So I’m even more baffled now.

Cheers

Steve

Hi Carlos

I made some changed to the postfix.cnf file and changed the rely to another server we own in another building.

Now the email goes but ONLY to a user on that same server and not other users elsewhere. The error from the new server is that the users being sent to are unknown, which I would expect as relaying is only allowed for authorised users with login and passwords.

In postfix is relaying realy required? Can we not just send mail direct to the recipients mail (domain) server on the basis that if they are real on that server they will get the mail?

Cheers

Steve B

On 2011-01-02 18:06, stevebragg wrote:
>
> Thanks Carlos
>
> As the log was 14,000 odd lines long and the less command revealed
> content from a long time ago I just opened the log in the text editor.

Less is quite powerful and fast on very big files. The “end” key will go to
the end of the file. It has fast search forward (/) and backwards (?) -
notice it is the same key in the US keyboard.

And editor has to map the entire file for write operations, it is slower -
and you can change the file by mistake.

> I went to the web site, completed the contact form, then opened the
> mail log and here is the latest entries from the time the contact form
> was sent:-

Please post content like this between code tags - or it wraps and makes
reading difficult.

View this thread: http://forums.opensuse.org/showthread.php?t=451526

> Jan 2 16:39:59 webserver postfix/cleanup[26040]: warning: database /etc/postfix/sender_canonical.db is older than source file /etc/postfix/sender_canonical
> Jan 2 16:39:59 webserver postfix/cleanup[26040]: warning: database /etc/postfix/virtual.db is older than source file /etc/postfix/virtual

Ah, this is very important: it means that you have made changes to the
configuration that were not applied.

See how I do that here
<http://forums.opensuse.org/showthread.php?t=451499>, the part about the
Makefile.

> Jan 2 16:39:59 webserver postfix/pickup[25104]: 51452DC982: uid=30 from=<wwwrun>
> Jan 2 16:39:59 webserver postfix/trivial-rewrite[26041]: warning: database /etc/postfix/virtual.db is older than source file /etc/postfix/virtual
> Jan 2 16:39:59 webserver postfix/cleanup[26040]: 51452DC982: message-id=<20110102163959.51452DC982@mail.dsgmservices.com>
> Jan 2 16:39:59 webserver postfix/qmgr[9663]: 51452DC982: from=<wwwrun@mail.dsgmservices.com>, size=1046, nrcpt=1 (queue active)
> Jan 2 16:39:59 webserver postfix/smtp[26042]: warning: host mail.dynamicsystems.gb.com[80.175.232.145]:25 greeted me with my own hostname mail.dsgmservices.com
> Jan 2 16:39:59 webserver postfix/smtp[26042]: warning: host mail.dynamicsystems.gb.com[80.175.232.145]:25 replied to HELO/EHLO with my own hostname mail.dsgmservices.com

Ha!

It is using mail.dynamicsystems.gb.com as a relay server, and postfix is
surprised as seeing it it responding with what it thinks is his own
hostname. You must give your server a different name.

It is not using gmail because your changes were not applied (maps not
compiled).

> Jan 2 16:39:59 webserver postfix/smtp[26042]: 51452DC982: to=<steve@anotherdomain.com>, relay=mail.dynamicsystems.gb.com[80.175.232.145]:25, delay=0.57, delays=0.16/0.01/0.4/0, dsn=5.4.6, status=bounced (mail for mail.dynamicsystems.gb.com loops back to myself)

And it is bounced back for that reason, same hostname.

> Jan 2 16:39:59 webserver postfix/cleanup[26040]: C81E2DC983: message-id=<20110102163959.C81E2DC983@mail.dsgmservices.com>
> Jan 2 16:39:59 webserver postfix/qmgr[9663]: C81E2DC983: from=<>, size=2982, nrcpt=1 (queue active)
> Jan 2 16:39:59 webserver postfix/bounce[26043]: 51452DC982: sender non-delivery notification: C81E2DC983
> Jan 2 16:39:59 webserver postfix/qmgr[9663]: 51452DC982: removed
> Jan 2 16:39:59 webserver postfix/local[26045]: warning: database /etc/aliases.db is older than source file /etc/aliases

same compile map fault.

> Jan 2 16:40:00 webserver postfix/lmtp[26047]: C81E2DC983: to=<name@mail.dsgmservices.com>, orig_to=<wwwrun@mail.dsgmservices.com>, relay=none, delay=0.17, delays=0.05/0.05/0.07/0, dsn=4.4.1, status=deferred (connect to mail.dsgmservices.com[/var/lib/imap/socket/lmtp]: No such file or directory)

Mail is not delivered because you also have an imap server problem.

> Now reading this I can see that the web server is using a completely
> different server to relay/send through, or so it seems. I have set the
> mail server on the Suse box up to send via my Gmail account

No, you haven’t

> So I’m even more baffled now.

Clear as water - log says it all

–
Cheers / Saludos,

Carlos E. R.
(from 11.2 x86_64 “Emerald” at Telcontar)

On 2011-01-02 19:06, stevebragg wrote:
>
> Hi Carlos
>
> I made some changed to the postfix.cnf file and changed the rely to
> another server we own in another building.

There is no “postfix.cnf” file.

Please read my previous post before continuing.

> In postfix is relaying realy required?

No.

> Can we not just send mail
> direct to the recipients mail (domain) server on the basis that if they
> are real on that server they will get the mail?

You can send mail directly provided you have a fixed internet IP and a
domain name with an MX entry (and reversal DNS if possible). That’s the
starting point.

–
Cheers / Saludos,

Carlos E. R.
(from 11.2 x86_64 “Emerald” at Telcontar)

Carlos

Thank you for your reply.

You know I DID start this thread off by saying I am not a Linux expert…

Sorry it was not the file postfix.cnf - it was main.cnf in the Postfix folder, but I am sure you knew that :-)?

I did read your previous thread but did not understand it all, nor a lot of the entries in the log.

One thing you said:-

> Jan 2 16:39:59 webserver postfix/cleanup[26040]: warning: database /etc/postfix/sender_canonical.db is older than source file /etc/postfix/sender_canonical
> Jan 2 16:39:59 webserver postfix/cleanup[26040]: warning: database /etc/postfix/virtual.db is older than source file /etc/postfix/virtual

Ah, this is very important: it means that you have made changes to the
configuration that were not applied.

I have no idea what these changes are and I did not make them, if anything, I guess, they were done in an update?

You also said:-

See how I do that here
<http://forums.opensuse.org/showthread.php?t=451499>, the part about the
Makefile.

I really would not have a clue how to do this at this stage… Though I will take a look to see if I understand it.

You also said:-

You can send mail directly provided you have a fixed internet IP and a
domain name with an MX entry (and reversal DNS if possible). That's the
starting point.

We do have a domain with an MX entry AND we have a fixed IP address (well 4 actually) and the web server itself has been allocated one of these: 80.175.232.147.

The MX is: mail.dsgmservices.com

Here is a part of the postfix main.cnf file, where I have commented out the relay’s:-

myhostname = mail.dsgmservices.com
delay_warning_time = 1h
message_strip_characters = \0
program_directory = /usr/lib/postfix
inet_interfaces = all
masquerade_domains = 
mydestination = $myhostname, localhost.$mydomain
defer_transports = 
mynetworks_style = subnet
disable_dns_lookups = no
#relayhost = mail.dynamicsystems.gb.com
#relayhost = mail.flsuk.co.uk

In your previous thread you said:-

Ha!

It is using mail.dynamicsystems.gb.com as a relay server, and postfix is
surprised as seeing it it responding with what it thinks is his own
hostname. You must give your server a different name.

It is not using gmail because your changes were not applied (maps not
compiled).

Which I did change after as per the thread from me before this one and now mail gets to anyone one the .flsuk.co.uk domain but nowhere else - hence my questions about not relaying.

I did stop and re-start postfix after making the changes but is the mail server built into Suse (Yast) postfix or something else?

Cheers

Steve

Hi Again Carlos

I have read the thread on the makefile thing and I don’t understand it.

Not being a Linux oriented experienced person…

What is a makefile? Or will you be pointing me at another thread somewhere?

In that thread, about the makefile, you said to the user - who seems to have the same desire as me, that it to send mail from forms on a web site etc.:-

You can set up postfix to relay all mail to that server (with auth, if
needed). Or, you can configure your local applications to send directly to
that server bypassing postfix.

So it seems that this comment by you is exactly how I want to do this. But how. I have searched many threads but can’t seem to find one that makes it easy to understand… Unless you can point me to one, and how to deal with this “makefile” thing.

Cheers

Steve

Hi Carlos

After making some further changes to the WebServer I have now got to the point where the relay server is working to the point that it requires authentication, otherwise it will not let the mail be sent.

So in Postfix can you advise me how to set the settings for authentication.

The authentication method is just plain text etc.

Cheers

Steve B

On 2011-01-03 14:06, stevebragg wrote:
>
> Carlos
>
> Thank you for your reply.
>
> You know I DID start this thread off by saying I am not a Linux
> expert…
>
> Sorry it was not the file postfix.cnf - it was main.cnf in the Postfix
> folder, but I am sure you knew that :-)?

Not unless I see at least a bit of the file and I recognize the lines

>
> I did read your previous thread but did not understand it all, nor a
> lot of the entries in the log.
>
> One thing you said:-
>
>
> Code:
> --------------------
> > Jan 2 16:39:59 webserver postfix/cleanup[26040]: warning: database /etc/postfix/sender_canonical.db is older than source file /etc/postfix/sender_canonical
> > Jan 2 16:39:59 webserver postfix/cleanup[26040]: warning: database /etc/postfix/virtual.db is older than source file /etc/postfix/virtual
>
> Ah, this is very important: it means that you have made changes to the
> configuration that were not applied.
> --------------------
>
>
> I have no idea what these changes are and I did not make them, if
> anything, I guess, they were done in an update?

Ok, every time the file /etc/postfix/virtual is changed, a corresponding
/etc/postfix/virtual.db file has to be created or updated. Postfix does not
read the “virtual” file, only the “virtual.db” file. However, it notice
that the file was changed and complains. There are several files in that
directory, map files, that need this.

To do that “compilation”, you need to do:

Code:

su -
cd /etc/postfix
postmap virtual
postmap sender_canonical

for all the files that postfix is complaining about.

To automate this, I have a file named /etc/postfix/Makefile:

Code:

all: access.db relay_ccerts.db sasl_passwd.db
transport.db canonical.db relocated.db
sender_canonical.db virtual.db
ehlo_discard_words.db sender_relayhost.db
generic.db

transport.db: transport
postmap transport

sender_relayhost.db: sender_relayhost
postmap sender_relayhost

virtual.db: virtual
postmap virtual

generic.db: generic
postmap generic

canonical.db: canonical
postmap canonical

sender_canonical.db: sender_canonical
postmap sender_canonical

sasl_passwd.db: sasl_passwd
postmap sasl_passwd

/etc/aliases.db: /etc/aliases
postalias /etc/aliases

access.db: access
postmap access

relocated.db: relocated
postmap relocated

ehlo_discard_words.db: ehlo_discard_words
postmap ehlo_discard_words

(notice that the blank spaces at the start of each line are tabs, not
spaces. That’s important).

So that now I do:

Code:

su -
cd /etc/postfix
make

Try correcting all that before doing any more tests, the results are confusing.

>
> Code:
> --------------------
> You can send mail directly provided you have a fixed internet IP and a
> domain name with an MX entry (and reversal DNS if possible). That’s the
> starting point.
> --------------------
>
>
> We do have a domain with an MX entry AND we have a fixed IP address
> (well 4 actually) and the web server itself has been allocated one of
> these: 80.175.232.147.

No, there is no MX entry.

Code:

cer@Telcontar:~> host -t MX mail.dsgmservices.com
mail.dsgmservices.com has no MX record
cer@Telcontar:~> host -t MX mail.dynamicsystems.gb.com
mail.dynamicsystems.gb.com has no MX record

I don’t know how important that will be in your case, but there isn’t one.

The problem the log shows is that postfix is thinking both names resolve to
the same machine and that he is that machine, so it can not relay to itself
as that would be a loop. You could have a problem with your local dns
resolution.

The other possibility is that the machine “mail.dynamicsystems.gb.com” in
the greeting says it is “mail.dsgmservices.com” instead of
mail.dynamicsystems.gb.com, ie, its mailserver is misconfigured.

webserver → sends to → mailserver
mail.dsgmservices.com mail.dynamicsystems.gb.com

You have more problems, in fact. See:

Code:

> cer@Telcontar:~> host mail.dynamicsystems.gb.com
> mail.dynamicsystems.gb.com has address 80.175.232.145
> cer@Telcontar:~> host 80.175.232.145
> 145.232.175.80.in-addr.arpa domain name pointer mail.flsuk.co.uk.
> cer@Telcontar:~> host mail.flsuk.co.uk
> mail.flsuk.co.uk has address 109.170.173.224
> cer@Telcontar:~> host 109.170.173.224
> 224.173.170.109.in-addr.arpa domain name pointer 109-170-173-224.xdsl.murphx.net.
> cer@Telcontar:~> host 109-170-173-224.xdsl.murphx.net
> 109-170-173-224.xdsl.murphx.net has address 109.170.173.224

That might cause problems with some spam filters.

–
Cheers / Saludos,

Carlos E. R.
(from 11.2 x86_64 “Emerald” at Telcontar)

Hi Carlos

I did your file, created it and ran it in the terminal and just got one long list of error reports. I ran the file in the postfix folder.

However I did all the commands manually and they worked OK.

By the way there were no blank spaces at the beginning of the lines so I have no idea which lines needed or had tabs.

Regarding the MX records. This is odd as the MX records ARE set at the ISP (Freeparking) for mail.dsgmservices.com, but again the problem may be my lack of knowledge of setting up the Suse mail server. I know how it’s done in Windows, using bit MDaemon and hMailserver, not in Suse.

The MX records are correct for mail.dynamicsystems.gb.com and they point to 80.175.232.145, as I have verified in MX Lookup Tool - Check your DNS MX Records online - MxToolbox.

Frankly I did not expect to have to go through all this trouble as I understood that once the web server was set up it would just transport mail directly. But I guess I was told wrongly.

I am not sure what you mean by this:-

Code:
---------------

> cer@Telcontar:~> host mail.dynamicsystems.gb.com
> mail.dynamicsystems.gb.com has address 80.175.232.145
> cer@Telcontar:~> host 80.175.232.145
> 145.232.175.80.in-addr.arpa domain name pointer mail.flsuk.co.uk.
> cer@Telcontar:~> host mail.flsuk.co.uk
> mail.flsuk.co.uk has address 109.170.173.224
> cer@Telcontar:~> host 109.170.173.224
> 224.173.170.109.in-addr.arpa domain name pointer 109-170-173-224.xdsl.murphx.net.
> cer@Telcontar:~> host 109-170-173-224.xdsl.murphx.net
> 109-170-173-224.xdsl.murphx.net has address 109.170.173.224

The MX records are pointing correctly to the right IP addresses.

Even though I am replying to this I have posted a later thread saying that I have not got a bit further…

Cheers

Steve

On 2011-01-03 15:06, stevebragg wrote:

> So in Postfix can you advise me how to set the settings for
> authentication.

But first you have to solve your issue with postmap (make) I told you in
the other post.

The documentation is in /usr/share/doc/packages/postfix-doc/ (install the
postfix-doc rpm first).

Ok, the changes to make postfix authenticate as client are - for details,
read SASL_README.html, I may forget things:

/etc/postfix/main.cf:

#-- Passwords: client
smtp_sasl_auth_enable = yes

The next one not for you, perhaps.

smtp_sender_dependent_authentication = yes

smtp_sasl_security_options = noanonymous
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_mechanism_filter = cram-md5, login

You need this to choose a relay server based in the “From:” header.

It is the configuration used to send to different ISPs.

sender_dependent_relayhost_maps = hash:/etc/postfix/sender_relayhost

#-- Passwords: server
#smtpd_sasl_auth_enable = yes

Encrypted transport

~/doc/packages/postfix/README_FILES/TLS_README

#smtp_use_tls = yes obsoleto
#smtpd_use_tls = no obsoleto
smtp_tls_security_level = may
smtp_tls_loglevel = 1
#…

0 Disable logging of TLS activity.

1 Log TLS handshake and certificate information.

2 Log levels during TLS negotiation.

3 Log hexadecimal and ASCII dump of TLS negotiation process.

4 Log hexadecimal and ASCII dump of complete transmission after STARTTLS.

#smtp_tls_session_cache_database = btree:/etc/postfix/smtp_scache

postfix 2.5.0,

<https://bugs.launchpad.net/ubuntu/+source/postfix/+bug/223376>
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
#smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_timeout = 3600s

con path, regenerar con “/usr/bin/c_rehash /etc/postfix/certs”

smtp_tls_CApath = /etc/postfix/certs
#smtp_tls_CAfile = /etc/postfix/smtp_cacerts

/etc/postfix/sasl_passwd:
[mail.myisp.net] username:password
[mail.myisp.net]:submission username:password

In my notes I also have this change in master.cf - it is needed to send to
gmail:

tlsmgr unix - - n 1000? 1 tlsmgr

–
Cheers / Saludos,

Carlos E. R.
(from 11.2 x86_64 “Emerald” at Telcontar)

On 2011-01-03 18:06, stevebragg wrote:
>
> Hi Carlos
>
> I did your file, created it and ran it in the terminal and just got one
> long list of error reports. I ran the file in the postfix folder.
>
> However I did all the commands manually and they worked OK.
>
> By the way there were no blank spaces at the beginning of the lines so
> I have no idea which lines needed or had tabs.

That’s why it did not work for you. (expletive) gateway!

Ok, here you have it again:

URL: http://paste.opensuse.org/1426751

>
> Regarding the MX records. This is odd as the MX records ARE set at the
> ISP (Freeparking) for mail.dsgmservices.com, but again the problem may
> be my lack of knowledge of setting up the Suse mail server. I know how
> it’s done in Windows, using bit MDaemon and hMailserver, not in Suse.

The MX record is set on the DNS server, at the ISP. Your operating system
is irrelevant, just theirs - unless they are set to mirror your local DNS
entry. I’m no expert in the real world of DNS, I just note that there is
something wrong with yours. I don’t really know how to correct it.

> The MX records are correct for mail.dynamicsystems.gb.com and they
> point to 80.175.232.145, as I have verified in ‘MX Lookup Tool - Check
> your DNS MX Records online - MxToolbox’ (http://www.mxtoolbox.com).

I have verified it there and says that there is no MX - just the same as I
get in two linux machines here.

> http://www.mxtoolbox.com/SuperTool.aspx?action=mx%3Amail.dynamicsystems.gb.com

> SuperTool Beta
> Command:
> mx:mail.dynamicsystems.gb.com mx
>
> No records found
> reverse lookup smtp diag port scan blacklist
>
> Reported by ns3.ukdnsservers.co.uk on Monday, January 03, 2011 at 11:34:02 AM (GMT-6)
>

I think the MX record is not absolutely necessary because if not found mail
uses the A entry. But as I say, I’m not an expert.

> Frankly I did not expect to have to go through all this trouble as I
> understood that once the web server was set up it would just transport
> mail directly. But I guess I was told wrongly.

Yes and no… a default openSUSE installation can send mail via postfix
without doing anything. The problem is that the receiving side will
probably reject it.

> I am not sure what you mean by this:-
>
>
> Code:
> --------------------
> Code:
> ---------------
>
> > cer@Telcontar:~> host mail.dynamicsystems.gb.com
> > mail.dynamicsystems.gb.com has address 80.175.232.145
> > cer@Telcontar:~> host 80.175.232.145
> > 145.232.175.80.in-addr.arpa domain name pointer mail.flsuk.co.uk.
> > cer@Telcontar:~> host mail.flsuk.co.uk
> > mail.flsuk.co.uk has address 109.170.173.224
> > cer@Telcontar:~> host 109.170.173.224
> > 224.173.170.109.in-addr.arpa domain name pointer 109-170-173-224.xdsl.murphx.net.
> > cer@Telcontar:~> host 109-170-173-224.xdsl.murphx.net
> > 109-170-173-224.xdsl.murphx.net has address 109.170.173.224
> --------------------

Ok, it is a check of where each name and address point to.

mail.dynamicsystems.gb.com → 80.175.232.145
80.175.232.145 → mail.flsuk.co.uk

Thus reverse DNS is wrong, 80.175.232.145 should point back to
mail.dynamicsystems.gb.com. The name given could in turn point back to the
correct IP, but it points to a different one:

mail.flsuk.co.uk → 109.170.173.224
109.170.173.224 → 109-170-173-224.xdsl.murphx.net

Here reverse resolution is simple not set, which is typical, but some mail
servers do reject mail based on this test.

The test result on mail.flsuk.co.uk is typical, but the one on
mail.dynamicsystems.gb.com. It may not have influence on your current
problem, but you may have an issue there.

> The MX records are pointing correctly to the right IP addresses.

No, there are no MX records. Look, if I do “host -v
mail.dynamicsystems.gb.com”, I get a longish text, and there is one line:

;; QUESTION SECTION:
;mail.dynamicsystems.gb.com. IN MX

But there is no corresponding “;; ANSWER SECTION:” line. Thus, no MX record.

–
Cheers / Saludos,

Carlos E. R.
(from 11.2 x86_64 “Emerald” at Telcontar)