Postfix - antispam and relay package
-
RobinGill,
check the difference from postfix config file from old verison to this latest version.
The Custom Valid recipients need an OK at end of email addresses.
What antispam settings did you selected on both installs?
This file should have all valid recipients fetched from ldap as well from custom field.
/usr/local/etc/postfix/relay_recipientsrun /usr/local/bin/php -q /usr/local/www/postfix_recipients.php on console/ssh and check if there are running erros.
att,
Marcello Coutinho -
This is the log that I getting while want to send emails through Webclient:
May 21 13:00:33 pfsense postfix/postscreen[55796]: CONNECT from [127.0.0.1]:27215
May 21 13:00:33 pfsense postfix/postscreen[55796]: PASS OLD [127.0.0.1]:27215
May 21 13:00:33 pfsense postfix/smtpd[55803]: connect from localhost[127.0.0.1]
May 21 13:00:33 pfsense postfix/smtpd[55803]: lost connection after AUTH from localhost[127.0.0.1]
May 21 13:00:33 pfsense postfix/smtpd[55803]: disconnect from localhost[127.0.0.1]
May 21 13:00:36 pfsense postfix/postscreen[55796]: CONNECT from [209.85.217.170]:64486
May 21 13:00:36 pfsense postfix/postscreen[55796]: PASS OLD [209.85.217.170]:64486SMTP error is attached.
-
But when I connect from other webclient like http://www.mail2web.com I got the following logs:
May 21 13:17:09 pfsense postfix/postscreen[55796]: CONNECT from [168.144.250.170]:36591
May 21 13:17:15 pfsense postfix/postscreen[55796]: NOQUEUE: reject: RCPT from [168.144.250.170]:36591: 450 4.3.2 Service currently unavailable; from=networkadmin@sesric.org, to=anhuda@sesric.org, proto=SMTP, helo= <xsmtp07.mail2web.com>May 21 13:17:16 pfsense postfix/postscreen[55796]: PASS NEW [168.144.250.170]:36591
May 21 13:17:16 pfsense postfix/postscreen[55796]: DISCONNECT [168.144.250.170]:36591
May 21 13:17:21 pfsense postfix/postscreen[55796]: CONNECT from [168.144.250.170]:36739
May 21 13:17:21 pfsense postfix/postscreen[55796]: PASS OLD [168.144.250.170]:36739
May 21 13:17:22 pfsense postfix/smtpd[55803]: connect from xsmtp07.mail2web.com[168.144.250.170]
May 21 13:17:22 pfsense postfix/smtpd[55803]: 7E2BFBFEB82: client=xsmtp07.mail2web.com[168.144.250.170]
May 21 13:17:22 pfsense postfix/cleanup[4869]: 7E2BFBFEB82: hold: header Received: from xsmtp07.mail2web.com (xsmtp07.mail2web.com [168.144.250.170])??by pfsense.localdomain (Postfix) with ESMTP id 7E2BFBFEB82??for anhuda@sesric.org; Mon, 21 May 2012 13:17:22 +0300 (EEST from xsmtp07.mail2web.com[168.144.250.170]; from= networkadmin@sesric.orgto= anhuda@sesric.orgproto=ESMTP helo= <xsmtp07.mail2web.com>May 21 13:17:22 pfsense postfix/cleanup[4869]: 7E2BFBFEB82: message-id=380-22012512110189682@M2W107.mail2web.comSo the problem is when I want to send mail from my webclient it gives me the error with SMTP Authentication error. But I am not using any TLS/SASL protocol.</xsmtp07.mail2web.com>/anhuda@sesric.org/networkadmin@sesric.org/anhuda@sesric.org</xsmtp07.mail2web.com>/anhuda@sesric.org/networkadmin@sesric.org
-
But when I connect from other webclient like http://www.mail2web.com I got the following logs:
This log means that you are using postscreen and he is doing his job, first connect of each ip after service start(on boot for example) will be rejected, next connections from this ip will be accepted.
att,
Marcello Coutinho -
This is the log that I getting while want to send emails through Webclient:
May 21 13:00:33 pfsense postfix/smtpd[55803]: lost connection after AUTH from localhost[127.0.0.1]I did not included any authentication feature to this package yet. If you have this config on other server, just paste postfix authentication options on custom field at gui.
att,
Marcello Coutinho -
Marcello,
I am getting emails through my Internal Mail Server IP and unable to get those emails through external email server such as 94.55.59.130 or mail2.sesric.org. When I configure Outlook with local mail server ip with 10.10.1.5 it works but it doesn't worh with external ip. Thats the problem I am facing. I can only get email in office but unable to get them at home.
best regards,
Nahid -
nahid,
This package is just a mail forwarder with antispam features, it will not replace your internal server, if you need external access to your internal server, use a nat rule for it on another ip/port and leave postfix filtering messages from internet to your internal server.
att,
Marcello Coutinho -
Marcello,
My problem is that I can access from Webclient like mail2web and send mail via my mailserver but unable to connect through mail my external outgoing mail server. Thats problem I am getting. My incoming and outgoing server is same. Thats why I cant change to access from external through another IP.
best regards
Nahid -
My incoming and outgoing server is same. Thats why I cant change to access from external through another IP.
Create a nat from external port 587 redirecting it to your internal server. This way you can use auth to send email to your internal server.
att,
Marcello Coutinho -
This is the log when I choose my external mail server ip:
May 21 17:33:33 pfsense postfix/postscreen[16712]: CONNECT from [127.0.0.1]:7002
May 21 17:33:39 pfsense postfix/postscreen[16712]: PASS OLD [127.0.0.1]:7002
May 21 17:33:39 pfsense postfix/smtpd[30639]: connect from localhost[127.0.0.1]
May 21 17:33:39 pfsense postfix/smtpd[30639]: NOQUEUE: reject: RCPT from localhost[127.0.0.1]: 450 4.7.1 <abunaser>: Helo command rejected: Host not found; from= anhuda@sesric.orgto= networkadmin@sesric.orgproto=ESMTP helo= <abunaser>May 21 17:33:39 pfsense postfix/smtpd[30639]: disconnect from localhost[127.0.0.1]
May 21 17:34:39 pfsense postfix/postscreen[16712]: CONNECT from [127.0.0.1]:58545
May 21 17:34:39 pfsense postfix/postscreen[16712]: PASS OLD [127.0.0.1]:58545
May 21 17:34:39 pfsense postfix/smtpd[30639]: connect from localhost[127.0.0.1]
May 21 17:34:39 pfsense postfix/smtpd[30639]: NOQUEUE: reject: RCPT from localhost[127.0.0.1]: 450 4.7.1 <abunaser>: Helo command rejected: Host not found; from= anhuda@sesric.orgto= networkadmin@sesric.orgproto=ESMTP helo= <abunaser>May 21 17:34:39 pfsense postfix/smtpd[30639]: disconnect from localhost[127.0.0.1]Even I couldn't send between my networks.
Nahid</abunaser>/networkadmin@sesric.org/anhuda@sesric.org</abunaser></abunaser>/networkadmin@sesric.org/anhuda@sesric.org</abunaser>
-
Marcello,
I will try with 587 port. But could you please look over the logs I posted. Even I want to send emails between my network it rejected as "Helo command rejected: Host not found; from= anhuda@sesric.orgto= networkadmin@sesric.orgproto=ESMTP helo=<abunaser>"
But my domain is sesric.org. Even I have passed my network by given 10.10.1.0/24 to my client access list. ıs there anything wrong with the config?
Nahid</abunaser>/networkadmin@sesric.org/anhuda@sesric.org
-
Marcello,
When I uncheck "Use SMTP Authentication" I get the following logs:
May 21 19:23:28 pfsense postfix/postscreen[8009]: CONNECT from [127.0.0.1]:29580
May 21 19:23:28 pfsense postfix/postscreen[8009]: PASS OLD [127.0.0.1]:29580
May 21 19:23:28 pfsense postfix/smtpd[3010]: connect from localhost[127.0.0.1]
May 21 19:23:28 pfsense postfix/smtpd[3010]: NOQUEUE: reject: RCPT from localhost[127.0.0.1]: 450 4.7.1 <sesric.org?[10.10.1.254]>: Helo command rejected: Host not found; from= networkadmin@sesric.orgto= anhuda@sesric.orgproto=ESMTP helo= <sesric.org?[10.10.1.254]>May 21 19:23:28 pfsense postfix/smtpd[3010]: lost connection after RCPT from localhost[127.0.0.1]
May 21 19:23:28 pfsense postfix/smtpd[3010]: disconnect from localhost[127.0.0.1]And I think it is something wrong with my config that is not going to accept my domain name. Because here also I just tried to send mail inside my domain.
Best regards,
Nahid</sesric.org?[10.10.1.254]>/anhuda@sesric.org/networkadmin@sesric.org</sesric.org?[10.10.1.254]> -
Helo command rejected: Host not found; from= networkadmin@sesric.orgto= anhuda@sesric.orgproto=ESMTP helo=<sesric.org?[10.10.1.254]>/anhuda@sesric.org/networkadmin@sesric.org
This is your error.
Change your client helo info to a valid dns name(internal or external).
If you want, you can disable the helo check on antispam settings too.(I do not recomend, but in some cases this is the easier way to workaround misconfigured servers)
att,
Marcello Coutinho -
Marcello,
As you recommend to use helo. In the doamin tab I wrote my domain name as "sesric.org" and the internal ip 10.10.1.5. My mail server is "mail2.sesric.org". So do I need to change my domain with mail server. Or how can I convert helo to a valid dns name with Internal / External mail server name.
Best regards,
Nahid -
Marcello,
As you recommend to use helo. In the doamin tab I wrote my domain name as "sesric.org" and the internal ip 10.10.1.5. My mail server is "mail2.sesric.org". So do I need to change my domain with mail server. Or how can I convert helo to a valid dns name with Internal / External mail server name.
No domain tab modification is required. Each smtp client has it's own config options. I have no idea how to fix the helo info on your client.
-
Marcello,
After inspecting Postfix configuration I added myhostname and smtpd_banner through which I solved the rDNS. Now I get the real mail server name when I connect through telnet over 25 port.
Actually here I think there is something unusual with my webclient as always it tries to connect through 127.0.0.1. Every time I tried to connect through webclient I inspect the logs of postfix shows that it tries to connect from 127.0.0.1. If I make a port forward on 25 where the source address would be the localhost(127.0.0.1) and forward them to Internal mail server (10.10.1.5) will it work?
What do you think? If I do so will cause any problem on postfix?
Nahid
-
From yesterday I am getting the following error and unable to get emails.
(mail for [10.10.1.5] loops back to myself) It bounced the emails.
Need help.
-
Hi Marcello,
Many thanks for the information! I've managed to get LDAP working - problem turned out to be a space in a user name. Just thought I would also mention that once the import has worked, I can see all the entries in the GUI when looking at view config/relay_recipients.
Also after reinstalling yet again it seems to be working perfectly! Thanks again for the package :)
-
RobinGill,
all working now? I was trying to reproduce your no valid recipients check you've posted today.
The reinstall did the trick?att,
Marcello Coutinho -
Hi marcelloc,
I'm sorry if this really doesn't concern you, but I would love if you could either point me in some direction or something about this matter;
I'm using your postfix forwarder just for relaying messages because my net is blocked, works wonderfully, but…
I realized today that messages over just a couple of megabytes is a no-go sending through the forwarder, I upped the limit to ~100mb (102400000 bytes).
I just tried sending a message that is just over 10 megabytes in size and I get this message:May 25 10:55:22 princesscelestia postfix/smtpd[3713]: NOQUEUE: reject: MAIL from twilightsparkle.fogelholk.se[192.168.11.11]: 452 4.3.1 Insufficient system storage; proto=SMTP helo= <derpy.fogelholk.se>May 25 10:55:22 princesscelestia postfix/smtpd[3713]: warning: not enough free space in mail queue: 47714304 bytes < 1.5*message size limit</derpy.fogelholk.se>
I use the 4gb nanoBSD-image build on a usb-stick, and on the dashboard it says I have only used 17% of the total disk space, is it possible to, I don't know, use another folder or something with more space for Postfix Forwarder?
I must admit I'm not very good with BSD-commands, but I get around somewhat and you should be able to get quite techy in your description if you decide to help me :)Thanks for a great addon otherwise, has worked great so far!
Edit: Did some more testing and the error above apperently means that postfix can't allocate the 102400000 bytes that I set, if I for example decrease it to 20480000 bytes (~20mb) I can send messages larger than 10 megabytes.
Though I would like to increase the limit to about 100 megabytes or around there, is this possible with either moving the postfix folder or where it allocates the space in some way or another?
