Iredmail does not send mail....and does not receive. What is the problem?

D

Doo_Zookn2015-01-07 07:01:31

Email

Doo_Zookn, 2015-01-07 07:01:31

Good afternoon, I ask for help on this issue:
Task
There is a forum on the xenforo engine from which it is MANDATORY to send mail through your server. It is not discussed and alternatives are not considered. (The categorical nature of this question is not based on me, but on my own)
At the same time, the task was not only to "raise" the smtp server for, in fact, the main task, but it was also "offered" to raise a full-fledged mail infrastructure that would contain a pleasant web muzzle , and, in fact, could be used through mail clients. Thus, indeed, the advantage is obvious - the growing team will be provided with its own service and everyone will be satisfied.
Decision:
An assembly of services under the patriotic name "iRedMail" was chosen, a separate server was allocated for it, which was called mail.example.com by making the appropriate domain records. The current version from the official site was installed on the "clean" server, and domain records were also made, which are necessary in such cases, as a result, the dns zone acquired the following form (the action takes place within the framework of digitalocean.com cloud hosting):

$ORIGIN example.com.
$TTL 1800
example.com. IN SOA ns1.digitalocean.com. hostmaster.example.com. 1420598169 10800 3600 604800 1800
example.com. 1800 IN NS ns1.digitalocean.com.
example.com. 1800 IN NS ns2.digitalocean.com.
example.com. 1800 IN NS ns3.digitalocean.com.
example.com. 1800 IN A 104.235.33.101
mail.example.com. 1800 IN A 104.235.33.6
mail.example.com. 1800 IN TXT "v=spf1 ip4:104.235.33.6 -all"
dkim._domainkey.example.com. 1800 IN TXT "v = DKIM1; p = MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDS + tUnHPUT6hasVuD4oL4gLMQ6dYufHaFKtdZvHREGHb / ImBdRR5g4ZL + CxOL5j9d0oPdz98AY0VdEZZueVulX0llPmDCtpyPKpMh4zvfZ / X7UL9vz + AuQrGy8srIb8n / H7i + IzPz5j + V4v0H6Ehkir9xNSD6Oc0apmLgHHHurAQIDAQAB"
example.com. 1800 IN MX 10 mail.example.com.

Inspired by the words that all this joy rises in 20 minutes, I rebooted the droplet and was delighted when I saw that the web face was working, both the admin panel and the mail service itself. Everything logs in, everything is beautiful. That's all.
Not a single sent letter came to this server, and not a single letter sent from it left. Letters were sent from different domains and were also sent to different ones.
Analysis:
Since there is a little less experience in the administration of mail systems, it was decided to begin the analysis of the problem with publicly available online services.
1. On mxtoolbox, when polling a domain, the record is determined correctly, the smtp test shows joyful green checkmarks, in the session transcript we see the following:

Connecting to 104.235.33.6

220 mail.example.com ESMTP Postfix (Ubuntu) [655 ms]
EHLO MXTB-PWS3.mxtoolbox.com
250-mail.example.com
250-PIPELINING
250-SIZE 15728640
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN [671 ms]
MAIL FROM: <[email protected]>
250 2.1.0 Ok [686 ms]
RCPT TO: <[email protected]>
454 4.7.1 <[email protected]>: Relay access denied [671 ms]

MXTB-PWS3v2 3354ms

The blacklists are clean, some minor shortcomings in the records have been corrected. The case is rubbish, nothing works, we checked the DKIM records (who knows, maybe everyone now requires a signature):

[email protected]:~# amavisd-new testkeys
TESTING#1: dkim._domainkey.bodytomail.info   => pass

Problem: In my crooked hands, full of brain exhaustion and ignorance of where to stick to make it work.
I am attaching the system log for the last few minutes, I am also ready to promptly provide any other information.

Jan  6 22:50:08 mail postfix/smtp[2832]: DE7A012555D: to=<[email protected]>, relay=none, delay=22$
Jan  6 22:50:08 mail postfix/smtp[2832]: connect to 127.0.0.1[127.0.0.1]:10024: Connection refused
Jan  6 22:50:08 mail postfix/smtp[2834]: 2A93E12554F: to=<[email protected]>, relay=none, delay=26$
Jan  6 22:50:08 mail postfix/smtp[2832]: B94D1125540: to=<[email protected]>, relay=none, delay=5188, delays=51$
Jan  6 22:50:08 mail postfix/error[2842]: 89D0A12555B: to=<[email protected]>, relay=none, delay=2$
Jan  6 22:50:08 mail postfix/error[2842]: 5714F125559: to=<[email protected]>, relay=none, delay=2$
Jan  6 22:50:08 mail postfix/error[2842]: 5ABEA12555A: to=<[email protected]>, relay=none, delay=2$
Jan  6 22:50:08 mail postfix/error[2842]: 6FAD4125561: to=<[email protected]>, relay=none, delay=2$
Jan  6 22:50:08 mail postfix/error[2842]: 454B0125550: to=<[email protected]>, relay=none, delay=2$
Jan  6 22:50:08 mail postfix/error[2842]: 3CC7E125560: to=<[email protected]>, relay=none, delay=2$
Jan  6 22:50:08 mail postfix/error[2843]: 3A7D512555F: to=<[email protected]>, relay=none, delay=2$
Jan  6 22:50:08 mail postfix/error[2842]: 72C05125562: to=<[email protected]>, relay=none, delay=2$
Jan  6 22:50:08 mail postfix/error[2843]: E6CC512555E: to=<[email protected]>, relay=none, delay=2$
Jan  6 22:50:42 mail postfix/smtpd[2857]: connect from mail.bodytomail.info[127.0.0.1]
Jan  6 22:50:42 mail postfix/smtpd[2857]: 1F9D4125569: client=mail.bodytomail.info[127.0.0.1], sasl_method$
Jan  6 22:50:43 mail postfix/cleanup[2860]: 1F9D4125569: message-id=<[email protected]$
Jan  6 22:50:43 mail postfix/qmgr[1940]: 1F9D4125569: from=<[email protected]>, size=557, nrcpt=1$
Jan  6 22:50:43 mail postfix/smtp[2834]: connect to 127.0.0.1[127.0.0.1]:10024: Connection refused
Jan  6 22:50:43 mail roundcube: User [email protected] [104.131.98.142]; Message for [email protected]$
Jan  6 22:50:43 mail postfix/smtp[2834]: 1F9D4125569: to=<[email protected]>, relay=none, delay=1.1, delays=1.1$
Jan  6 22:50:43 mail postfix/smtpd[2857]: disconnect from mail.bodytomail.info[127.0.0.1]
Jan  6 22:51:01 mail CRON[2872]: (sogo) CMD (/usr/sbin/sogo-ealarms-notify)
Jan  6 22:51:01 mail CRON[2873]: (sogo) CMD (/usr/sbin/sogo-tool expire-sessions 30)
Jan  6 22:51:01 mail mysqld: 150106 22:51:01 [Warning] Aborted connection 276 to db: 'sogo' user: 'sogo' h$
Jan  6 22:51:01 mail mysqld: 150106 22:51:01 [Warning] Aborted connection 277 to db: 'sogo' user: 'sogo' h$
Jan  6 22:52:01 mail CRON[2883]: (sogo) CMD (/usr/sbin/sogo-ealarms-notify)
Jan  6 22:52:01 mail CRON[2884]: (sogo) CMD (/usr/sbin/sogo-tool expire-sessions 30)
Jan  6 22:52:01 mail mysqld: 150106 22:52:01 [Warning] Aborted connection 280 to db: 'sogo' user: 'sogo' h$
Jan  6 22:52:01 mail mysqld: 150106 22:52:01 [Warning] Aborted connection 281 to db: 'sogo' user: 'sogo' h$
Jan  6 22:52:23 mail postfix/scache[2839]: statistics: start interval Jan  6 22:50:08
Jan  6 22:52:23 mail postfix/scache[2839]: statistics: domain lookup hits=0 miss=2 success=0%
Jan  6 22:53:01 mail CRON[2891]: (sogo) CMD (/usr/sbin/sogo-ealarms-notify)

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

D

Doo_Zookn, 2015-01-07
@Doo_Zookn

First - first things first, we clean the log (this is a stereotype, so we don’t pay attention to it)
Then we open the mailer and write a test letter, and read the log.

Jan  7 02:11:02 mail postfix/smtpd[6011]: connect from unknown[1.1.1.1]
Jan  7 02:11:03 mail postfix/smtpd[6011]: D98A71252C7: client=unknown[1.1.1.1], sasl_method=PLAIN, [email protected]
Jan  7 02:11:05 mail postfix/cleanup[6018]: D98A71252C7: message-id=<[email protected]>
Jan  7 02:11:05 mail postfix/qmgr[5992]: D98A71252C7: from=<[email protected]>, size=568, nrcpt=1 (queue active)
Jan  7 02:11:05 mail postfix/smtp[6019]: connect to 127.0.0.1[127.0.0.1]:10024: Connection refused
Jan  7 02:11:05 mail postfix/smtp[6019]: D98A71252C7: to=<[email protected]>, relay=none, delay=1.7, delays=1.7/0.01/0/0, dsn=4.4.1, status=deferred (connect to 127.0.0.1[127.0.0.1]:10024: Connection refused)
Jan  7 02:11:05 mail postfix/smtpd[6011]: disconnect from unknown[1.1.1.1]

We see that postfix does not want to work in such conditions, namely, he does not like the fact that amavis, which listens to 10024, does not want to work with him for some reason.
Okay, we see another answer to toster.ru about the need to run a daemon with a spam handler.

[email protected]:~# service amavis status
 * amavisd is not running

[email protected]:~# service amavis status
 * amavisd is running

We run to send a letter with us again, everything is as it was.
We check:

[email protected]:~# service amavis status
 * amavisd is not running

In general, now briefly, ClamAV turns out to be somehow connected with the above daemon, because when amavisd is started, ClamAV also starts working and nothing portends trouble. However, some time passes and he begins to want to knock on some socket, which supposedly should be in / tmp /, which ClamAV, thank God, reported in the log. So, I don’t know what kind of socket it is, I didn’t google it either. I took it and just made a touch and oh gods! Everything started!
As for the inbox, Greylisting is to blame, what to do with it now I understand, but I can say for sure that the correct regimen, healthy sleep and nutrition are the best sources for solving problems. Happy holidays everyone!

A

Armenian Radio, 2015-01-07
@gbg

service spamassassin start
or
service amavisd start
Can't contact postfix with antispam, so it doesn't work