relay help

Prev: Add Header
Next: sasl map multiple query question

From: Wade Smart on 28 Jan 2010 17:57

---

I have been using postfix for about two + years but something that was
just out of my understanding at the time was setting up relaying.
Right now I just sent from my mail client (thunderbird) but I would
like to be able to send back through postfix to keep a record of all
sent mails.

Im getting this error:
postfix/smtp[18963]:
499E1B1B64: to=<wadesmart(a)gmail.com>,
relay=72.167.82.80[72.167.82.80]:465,
delay=7822,
delays=7522/0.06/300/0,
dsn=4.4.2,
status=deferred (lost connection with 72.167.82.80[72.167.82.80] while
receiving the initial server greeting)

smart(a)smart-laptop:~$ postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
home_mailbox = Maildir/
inet_interfaces = all
mailbox_command = /usr/lib/dovecot/deliver -c
/etc/dovecot/dovecot-postfix.conf -n -m "${EXTENSION}"
mailbox_size_limit = 0
mydestination = wadesmart.com, localhost.localdomain, localhost, wadesmart
mydomain = wadesmart.com
myhostname = wadesmart.com
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
myorigin = $mydomain
readme_directory = no
recipient_delimiter = +
relay_domains = $mydomain
relayhost = 72.167.82.80:465
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtp_use_tls = yes
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
smtpd_recipient_restrictions = reject_unknown_sender_domain,
reject_unknown_recipient_domain, reject_unauth_pipelining,
permit_mynetworks, permit_sasl_authenticated,
reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_local_domain = wadesmart.com
smtpd_sasl_path = private/dovecot-auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_sender_restrictions = reject_unknown_sender_domain
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/ssl/certs/ssl-mail.pem
smtpd_tls_key_file = /etc/ssl/private/ssl-mail.key
smtpd_tls_mandatory_ciphers = medium
smtpd_tls_mandatory_protocols = SSLv3, TLSv1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom
smart(a)smart-laptop:~$


--
---
Registered Linux User: #480675
Linux since June 2005

From: Noel Jones on 28 Jan 2010 18:12

---

On 1/28/2010 4:57 PM, Wade Smart wrote:
> I have been using postfix for about two + years but something that was
> just out of my understanding at the time was setting up relaying.
> Right now I just sent from my mail client (thunderbird) but I would
> like to be able to send back through postfix to keep a record of all
> sent mails.
>
> Im getting this error:
> postfix/smtp[18963]:
> 499E1B1B64: to=<wadesmart(a)gmail.com>,
> relay=72.167.82.80[72.167.82.80]:465,
> delay=7822,
> delays=7522/0.06/300/0,
> dsn=4.4.2,
> status=deferred (lost connection with 72.167.82.80[72.167.82.80] while
> receiving the initial server greeting)
>
> smart(a)smart-laptop:~$ postconf -n
....
> relayhost = 72.167.82.80:465

(side note, the IP should be enclosed in brackets,
relayhost = [72.167.82.80]:port
but that's probably unrelated to this problem.)

Using port 465 implies that the client is expecting
wrapper-mode TLS. This mode is deprecated for email use and
not directly supported by postfix.

The vast majority of mail relays also support using the
standard "submission" interface at port 587, which is the
strongly preferred port.

If it's an antique mail relay that doesn't support the
submission port, a workaround for client side wrapper mode is
described here:
http://www.postfix.org/TLS_README.html#client_smtps


-- Noel Jones

From: Wade Smart on 29 Jan 2010 17:46

---

Noel Jones wrote:
> On 1/28/2010 4:57 PM, Wade Smart wrote:
>> I have been using postfix for about two + years but something that was
>> just out of my understanding at the time was setting up relaying.
>> Right now I just sent from my mail client (thunderbird) but I would
>> like to be able to send back through postfix to keep a record of all
>> sent mails.
>>
>> Im getting this error:
>> postfix/smtp[18963]:
>> 499E1B1B64: to=<wadesmart(a)gmail.com>,
>> relay=72.167.82.80[72.167.82.80]:465,
>> delay=7822,
>> delays=7522/0.06/300/0,
>> dsn=4.4.2,
>> status=deferred (lost connection with 72.167.82.80[72.167.82.80] while
>> receiving the initial server greeting)
>>
>> smart(a)smart-laptop:~$ postconf -n
> ...
>> relayhost = 72.167.82.80:465
>
> (side note, the IP should be enclosed in brackets,
> relayhost = [72.167.82.80]:port
> but that's probably unrelated to this problem.)
>
> Using port 465 implies that the client is expecting wrapper-mode TLS.
> This mode is deprecated for email use and not directly supported by
> postfix.
>
> The vast majority of mail relays also support using the standard
> "submission" interface at port 587, which is the strongly preferred port.
>
> If it's an antique mail relay that doesn't support the submission port,
> a workaround for client side wrapper mode is described here:
> http://www.postfix.org/TLS_README.html#client_smtps
>
>
> -- Noel Jones

I contacted the company and, you were right, so I changed the port and I
added the brackets. Similar error message:
relay=non delay=35 delays=4.6/0.08/30/0 dns=4.41 status=deferred
(connect to 72.167.82.80[72.167.82.80]:587: Connection timed out)

Ok, Im just going to ask this because.. I dont know.
You "can" connect to a normal smtp port with postfix, right?
I mean, I get my email from Godaddy and Im using or wanted postfix to
send my mail back through my account.

Wade

--
Registered Linux User: #480675
Registered Linux Machine: #408606
Linux since June 2005

From: Noel Jones on 29 Jan 2010 18:30

---

On 1/29/2010 4:46 PM, Wade Smart wrote:
> Noel Jones wrote:
>> On 1/28/2010 4:57 PM, Wade Smart wrote:
>>> I have been using postfix for about two + years but something that was
>>> just out of my understanding at the time was setting up relaying.
>>> Right now I just sent from my mail client (thunderbird) but I would
>>> like to be able to send back through postfix to keep a record of all
>>> sent mails.
>>>
>>> Im getting this error:
>>> postfix/smtp[18963]:
>>> 499E1B1B64: to=<wadesmart(a)gmail.com>,
>>> relay=72.167.82.80[72.167.82.80]:465,
>>> delay=7822,
>>> delays=7522/0.06/300/0,
>>> dsn=4.4.2,
>>> status=deferred (lost connection with 72.167.82.80[72.167.82.80] while
>>> receiving the initial server greeting)
>>>
>>> smart(a)smart-laptop:~$ postconf -n
>> ...
>>> relayhost = 72.167.82.80:465
>>
>> (side note, the IP should be enclosed in brackets,
>> relayhost = [72.167.82.80]:port
>> but that's probably unrelated to this problem.)
>>
>> Using port 465 implies that the client is expecting wrapper-mode TLS.
>> This mode is deprecated for email use and not directly supported by
>> postfix.
>>
>> The vast majority of mail relays also support using the standard
>> "submission" interface at port 587, which is the strongly preferred port.
>>
>> If it's an antique mail relay that doesn't support the submission
>> port, a workaround for client side wrapper mode is described here:
>> http://www.postfix.org/TLS_README.html#client_smtps
>>
>>
>> -- Noel Jones
>
> I contacted the company and, you were right, so I changed the port and I
> added the brackets. Similar error message:
> relay=non delay=35 delays=4.6/0.08/30/0 dns=4.41 status=deferred
> (connect to 72.167.82.80[72.167.82.80]:587: Connection timed out)

Hmm, testing from here:
# telnet 72.167.82.80 587
Trying 72.167.82.80...
telnet: connect to address 72.167.82.80: Operation timed out
telnet: Unable to connect to remote host

So it looks like 587 isn't available. At least from here.
Let's try 465. This requires openssl rather than telnet...

# openssl s_client -connect 72.167.82.80:465
CONNECTED(00000003)
depth=3 /L=ValiCert Validation Network/O=ValiCert,
[big SSL handshake snipped]
...certificate chain)
---
220 p3plsmtpa01-09.prod.phx3.secureserver.net ESMTP

OK, 465 works for me.

Lets try port 25.
# telnet 72.167.82.80 25
Trying 72.167.82.80...
Connected to p3plsmtpa01-v01.prod.phx3.secureserver.net.
Escape character is '^]'.
220 p3plsmtpa01-04.prod.phx3.secureserver.net ESMTP


OK, port 25 works. So it looks as if they gave you bad
information about port 587. You'll either need to use port
25, or if your ISP blocks that, you'll need to use the stunnel
workaround to connect to 465.



>
> Ok, Im just going to ask this because.. I dont know.
> You "can" connect to a normal smtp port with postfix, right?
> I mean, I get my email from Godaddy and Im using or wanted postfix to
> send my mail back through my account.
>
> Wade
>

Yes, of course. But something (firewall, ISP policy, or other
end just isn't listening) can block postfix's access to
whatever port you're trying to use.

-- Noel Jones

From: Wade Smart on 1 Feb 2010 20:43

---

Noel Jones wrote:
> On 1/29/2010 4:46 PM, Wade Smart wrote:
>> Noel Jones wrote:
>>> On 1/28/2010 4:57 PM, Wade Smart wrote:
>>>> I have been using postfix for about two + years but something that was
>>>> just out of my understanding at the time was setting up relaying.
>>>> Right now I just sent from my mail client (thunderbird) but I would
>>>> like to be able to send back through postfix to keep a record of all
>>>> sent mails.
>>>>
>>>> Im getting this error:
>>>> postfix/smtp[18963]:
>>>> 499E1B1B64: to=<wadesmart(a)gmail.com>,
>>>> relay=72.167.82.80[72.167.82.80]:465,
>>>> delay=7822,
>>>> delays=7522/0.06/300/0,
>>>> dsn=4.4.2,
>>>> status=deferred (lost connection with 72.167.82.80[72.167.82.80] while
>>>> receiving the initial server greeting)
>>>>
>>>> smart(a)smart-laptop:~$ postconf -n
>>> ...
>>>> relayhost = 72.167.82.80:465
>>>
>>> (side note, the IP should be enclosed in brackets,
>>> relayhost = [72.167.82.80]:port
>>> but that's probably unrelated to this problem.)
>>>
>>> Using port 465 implies that the client is expecting wrapper-mode TLS.
>>> This mode is deprecated for email use and not directly supported by
>>> postfix.
>>>
>>> The vast majority of mail relays also support using the standard
>>> "submission" interface at port 587, which is the strongly preferred
>>> port.
>>>
>>> If it's an antique mail relay that doesn't support the submission
>>> port, a workaround for client side wrapper mode is described here:
>>> http://www.postfix.org/TLS_README.html#client_smtps
>>>
>>>
>>> -- Noel Jones
>>
>> I contacted the company and, you were right, so I changed the port and I
>> added the brackets. Similar error message:
>> relay=non delay=35 delays=4.6/0.08/30/0 dns=4.41 status=deferred
>> (connect to 72.167.82.80[72.167.82.80]:587: Connection timed out)
>
> Hmm, testing from here:
> # telnet 72.167.82.80 587
> Trying 72.167.82.80...
> telnet: connect to address 72.167.82.80: Operation timed out
> telnet: Unable to connect to remote host
>
> So it looks like 587 isn't available. At least from here.
> Let's try 465. This requires openssl rather than telnet...
>
> # openssl s_client -connect 72.167.82.80:465
> CONNECTED(00000003)
> depth=3 /L=ValiCert Validation Network/O=ValiCert,
> [big SSL handshake snipped]
> ...certificate chain)
> ---
> 220 p3plsmtpa01-09.prod.phx3.secureserver.net ESMTP
>
> OK, 465 works for me.
>
> Lets try port 25.
> # telnet 72.167.82.80 25
> Trying 72.167.82.80...
> Connected to p3plsmtpa01-v01.prod.phx3.secureserver.net.
> Escape character is '^]'.
> 220 p3plsmtpa01-04.prod.phx3.secureserver.net ESMTP
>
>
> OK, port 25 works. So it looks as if they gave you bad information
> about port 587. You'll either need to use port 25, or if your ISP
> blocks that, you'll need to use the stunnel workaround to connect to 465.
>
>
>
>>
>> Ok, Im just going to ask this because.. I dont know.
>> You "can" connect to a normal smtp port with postfix, right?
>> I mean, I get my email from Godaddy and Im using or wanted postfix to
>> send my mail back through my account.
>>
>> Wade
>>
>
> Yes, of course. But something (firewall, ISP policy, or other end just
> isn't listening) can block postfix's access to whatever port you're
> trying to use.
>
> -- Noel Jones


Someone posted me this link.
https://help.ubuntu.com/community/GmailPostfixFetchmail

After trying it with Gmail I tried it with Godaddy.

It is working because Im getting my test messages but Im getting all
sorts of errors the log:

to=<smart(a)wadesmart.com>
relay=smtpout.where.secureserver.net[64.202.165.58]:3535,
delay=309
delays=309/0.03/0.32/0
dns=4.74
status=deferred (TLS is required, but was not offered by host....)


Im using port 3535 because I found a post online about someone had
success with that port (and I use that with my mail client to.)

Wade

--
Registered Linux User: #480675
Registered Linux Machine: #408606
Linux since June 2005

 |  Next  |  Last
Pages: 1 2
Prev: Add Header
Next: sasl map multiple query question