1 Topic by brijq91 (edited by brijq91 2017-09-01 20:15:42)

  • brijq91
  • Member
  • Offline
  • Registered: 2017-09-01
  • Posts: 19

Topic: unable to send and receive email

==== Required information ====
- iRedMail version (check /etc/iredmail-release):
- Linux/BSD distribution name and version:
- Store mail accounts in which backend (LDAP/MySQL/PGSQL):
- Web server (Apache or Nginx):
- Manage mail accounts with iRedAdmin-Pro?
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

- iRedMail Version : 0.9.7

- Linux Debian 8 Jessie

- MySQL

- Nginx

Error Message as below.

Sep  1 11:49:27 myinstance amavis[1453]: (01453-01) Passed UNCHECKED {RelayedInternal}, ORIGINATING/MYNETS LOCAL [127.0.0.1]:49467 <admin@somedomain.com.sg> -> <someemail@gmail.com>, Queue-ID: 39A7C848FA, Message-ID: <84131d61cc1dc21ab9df5d7a27b13ff2@somedomain.com.sg>, mail_id: olBaTHG1PFP8, Hits: 0.214, size: 705, queued_as: 6FCE2848FC, dkim_new=dkim:somedomain.com.sg, 8141 ms, Tests: [ALL_TRUSTED=-1,TVD_RCVD_SINGLE=1.213,URIBL_BLOCKED=0.001]
Sep  1 11:49:27 myinstance postfix/amavis/smtp[1509]: 39A7C848FA: to=<someemail@gmail.com>, relay=127.0.0.1[127.0.0.1]:10026, delay=8.5, delays=0.36/0.02/0.01/8.1, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 6FCE2848FC)
Sep  1 11:49:27 myinstance postfix/qmgr[1341]: 39A7C848FA: removed
Sep  1 11:49:57 myinstance postfix/smtp[1363]: connect to gmail-smtp-in.l.google.com[74.125.24.27]:25: Connection timed out

Unable to send in and out from external email messages.

I have already taken approach from http://www.iredmail.org/docs/errors.htm … on-refused to restart amavis

In addition taken a look at http://www.iredmail.org/docs/file.locat … ml#amavisd logs file

Sep  1 11:46:11 myinstance amavis[1445]: starting. /usr/sbin/amavisd-new at mail.mydomain.com amavisd-new-2.10.1 (20141025), Unicode aware, LC_ALL="C", LANG="en_US.UTF-8"
Sep  1 11:46:11  myinstance amavis[1452]: Net::Server: Group Not Defined.  Defaulting to EGID '121 121'
Sep  1 11:46:11  myinstance amavis[1452]: Net::Server: User Not Defined.  Defaulting to EUID '114'

But still unable to debug the issue.



Anybody able to help?
Thank You.

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,770

Re: unable to send and receive email

brijq91 wrote:

Sep  1 11:49:57 myinstance postfix/smtp[1363]: connect to gmail-smtp-in.l.google.com[74.125.24.27]:25: Connection timed out

Your server cannot connect to Gmail server. Do you have correct network settings? like network gateway, firewall rules.

Can you telnet to this gmail ip directly? for example:

telnet 74.125.24.27 25

3 Reply by brijq91

  • brijq91
  • Member
  • Offline
  • Registered: 2017-09-01
  • Posts: 19

Re: unable to send and receive email

I have attached my firewall rules from google cloud. However I am not sure if the firewall rules were added correctly.

I have re tried but the problem still exist.

default-allow-http
http-server   
IP ranges: 0.0.0.0/0
tcp:80   
Allow
1000
default

default-allow-https
https-server   
IP ranges: 0.0.0.0/0
tcp:443   
Allow
1000
default

for-port-25
Apply to all   
IP ranges: 0.0.0.0/0
tcp:25   
Allow
1000
default

imap
Apply to all   
IP ranges: 0.0.0.0/0
tcp:993   
Allow
1000
default

iredmail
Apply to all   
IP ranges: 0.0.0.0/0
tcp:7777   
Allow
1000
default

default-allow-icmp
Apply to all   
IP ranges: 0.0.0.0/0
icmp   
Allow
65534
default

default-allow-internal
Apply to all   
IP ranges: 10.128.0.0/9
tcp:0-65535, udp:0-65535, 1 more   
Allow
65534
default

default-allow-rdp
Apply to all   
IP ranges: 0.0.0.0/0
tcp:3389   
Allow
65534
default

default-allow-ssh
Apply to all   
IP ranges: 0.0.0.0/0
tcp:22   
Allow
65534
default
   



As for the new rule for port 25

I have just added the new rule.

Please advise:)

Thank You

4 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,770

Re: unable to send and receive email

Can you reach other mail servers via port 25?
For example:

telnet 74.125.24.27 25
telnet mail.iredmail.org 25

5 Reply by brijq91 (edited by brijq91 2017-09-04 21:38:59)

  • brijq91
  • Member
  • Offline
  • Registered: 2017-09-01
  • Posts: 19

Re: unable to send and receive email

Sep  4 08:26:05 myinstance postfix/qmgr[1367]: 5F67684942: removed
Sep  4 08:26:35 myinstance postfix/smtp[15533]: connect to mx-apac.mail.gm0.yahoodns.net[106.10.166.52]:25: Connection timed out

I have already ensure that both ingress and egress firewall rules have been clearly allow for tcp:25 into my cloud instance.

Egress

port25out
myinstance   
IP ranges: 0.0.0.0/0
tcp:25   
Allow
1000
default


Ingress

port25
taiyuanemail   
IP ranges: 0.0.0.0/0
tcp:25   
Allow
1000
default

Other mail servers via port 25 having same issues.

I have verified that I did open up ports  (25, 465, 587, 110, 995, 143, and 993).

I have also verified that all mail servers no matter whichever mail domains all having timeout issue exactly same logs.

In addition, I have also tried different ISP being connected still same exact problem remains.

Please advise thank you

6 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,770

Re: unable to send and receive email

Does your ISP block port 25 for incoming/outgoing traffic?

7 Reply by brijq91

  • brijq91
  • Member
  • Offline
  • Registered: 2017-09-01
  • Posts: 19

Re: unable to send and receive email

ZhangHuangbin wrote:

Does your ISP block port 25 for incoming/outgoing traffic?

I have tried several ISP but still no luck.

Wonder what might have gone wrong.

Please advise.
Thank You so much

8 Reply by RikuS

  • RikuS
  • Member
  • Offline
  • Registered: 2016-06-10
  • Posts: 116

Re: unable to send and receive email

You mentioned to be using Google Cloud. Have you read this?
https://cloud.google.com/compute/docs/t … ding-mail/

9 Reply by brijq91 (edited by brijq91 2017-09-06 00:12:26)

  • brijq91
  • Member
  • Offline
  • Registered: 2017-09-01
  • Posts: 19

Re: unable to send and receive email

RikuS wrote:

You mentioned to be using Google Cloud. Have you read this?
https://cloud.google.com/compute/docs/t … ding-mail/

I have tried to direct to other port numbers but it still does work.

in my /etc/postfix/main.cf file,

I have added;

relayhost = [smtp-relay.gmail.com]:587

though the link you have provided me says it closes port 587 too,

I am still able to receive a bounce email

'''
This is the mail system at host mydomain.com.sg

I'm sorry to have to inform you that your message could not
be delivered to one or more recipients. It's attached below.

For further assistance, please send mail to postmaster.

If you do so, please include this problem report. You can
delete your own text from the attached returned message.

                   The mail system

<someemail@gmail.com>: host smtp.gmail.com[74.125.200.108] said: 530-5.5.1
    Authentication Required. Learn more at 530 5.5.1
    https://support.google.com/mail/?p=WantAuthError t16sm1796106pfj.117 -
    gsmtp (in reply to MAIL FROM command)
Reporting-MTA: dns; mydomain.com.sg
X-Postfix-Queue-ID: 5D4E284997
X-Postfix-Sender: rfc822; email@mydomain.com.sg
Arrival-Date: Tue,  5 Sep 2017 13:20:30 +0000 (UTC)

Final-Recipient: rfc822; someemail@gmail.com
Original-Recipient: rfc822;someemail@gmail.com
Action: failed
Status: 5.5.1
Remote-MTA: dns; smtp.gmail.com
Diagnostic-Code: smtp; 530-5.5.1 Authentication Required. Learn more at 530
    5.5.1  https://support.google.com/mail/?p=WantAuthError t16sm1796106pfj.117
    - gsmtp

'''



I did also tried some other ports like 2050 for example its says timeout error as usual,

as for 487 it has connection lost while serving greeting

Please advise.

Thank You

10 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,770

Re: unable to send and receive email

I'm curious why you keep ignoring my reply about trying "telnet" other mail servers.
Seems your network has improper rule for port 25, or blocks port 25 directly.

If you want to try relayhost, we have document for you:
http://www.iredmail.org/docs/relayhost.html

11 Reply by brijq91

  • brijq91
  • Member
  • Offline
  • Registered: 2017-09-01
  • Posts: 19

Re: unable to send and receive email

I am sorry if I did miss out on that because I am still confused on what telnet does.
However, these are the results from telnet with

telnet mail.iredmail.org 25
telnet: Unable to connect to remote host: Connection timed out.

stmp.gmail.com 25 connection failed
telnet: Unable to connect to remote host: Connection timed out

stmp.gmail.com 587
Trying 74.125.200.108...
Connected to gmail-smtp-msa.l.google.com.
Escape character is '^]'.
220 smtp.gmail.com ESMTP p12sm85440pgd.0 - gsmtp

stmp.gmail.com 465
Trying 74.125.200.108...
Connected to gmail-smtp-msa.l.google.com.
Escape character is '^]'.


As for relay host

in main.cf file

relay host = [smtp.gmail.com]:587

I am getting undelivered email bounce back



This is the mail system at host mydomain.com.sg.

I'm sorry to have to inform you that your message could not
be delivered to one or more recipients. It's attached below.

For further assistance, please send mail to postmaster.

If you do so, please include this problem report. You can
delete your own text from the attached returned message.

                   The mail system

<brijq91@gmail.com>: host imap.gmail.com[74.125.68.109] said: 530-5.5.1
    Authentication Required. Learn more at 530 5.5.1
    https://support.google.com/mail/?p=WantAuthError 184sm64024pfg.18 - gsmtp
    (in reply to MAIL FROM command)
Reporting-MTA: dns; mydomain.com.sg
X-Postfix-Queue-ID: 46FF384327
X-Postfix-Sender: rfc822; postmaster@mydomain.com.sg
Arrival-Date: Wed,  6 Sep 2017 14:57:27 +0000 (UTC)

Final-Recipient: rfc822; email@gmail.com
Original-Recipient: rfc822;email@gmail.com
Action: failed
Status: 5.5.1
Remote-MTA: dns; imap.gmail.com
Diagnostic-Code: smtp; 530-5.5.1 Authentication Required. Learn more at 530
    5.5.1  https://support.google.com/mail/?p=WantAuthError 184sm64024pfg.18 -
    gsmtp


As it shows that there is connection shown from telnet.
Just being refused somehow.

Please advise.
Thank You so much.

12 Reply by RikuS (edited by RikuS 2017-09-07 05:54:08)

  • RikuS
  • Member
  • Offline
  • Registered: 2016-06-10
  • Posts: 116

Re: unable to send and receive email

brijq91 wrote:

As it shows that there is connection shown from telnet.
Just being refused somehow.

You already saw the error, Gmail expects you to authenticate to send email:

brijq91 wrote:

Authentication Required. Learn more at 530 5.5.1

And Zhang just posted a guide for you in his previous message:

ZhangHuangbin wrote:

If you want to try relayhost, we have document for you:
http://www.iredmail.org/docs/relayhost.html

13 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,770

Re: unable to send and receive email

brijq91 wrote:

telnet mail.iredmail.org 25
telnet: Unable to connect to remote host: Connection timed out.
stmp.gmail.com 25 connection failed
telnet: Unable to connect to remote host: Connection timed out

As a mail server, your server must be able to connect to other servers through port 25. But it cannot. It means your network / firewall may block port 25.

Port 25 MUST be open to communicate with other servers.

14 Reply by brijq91

  • brijq91
  • Member
  • Offline
  • Registered: 2017-09-01
  • Posts: 19

Re: unable to send and receive email

ZhangHuangbin wrote:
brijq91 wrote:

telnet mail.iredmail.org 25
telnet: Unable to connect to remote host: Connection timed out.
stmp.gmail.com 25 connection failed
telnet: Unable to connect to remote host: Connection timed out

As a mail server, your server must be able to connect to other servers through port 25. But it cannot. It means your network / firewall may block port 25.

Port 25 MUST be open to communicate with other servers.

Ok I understand that.
Thank You so much for all the help