Cannot receive emails using EE Mail

I have successfully and gratefully used EasyEngine on several servers. However, I am experiencing a problem on this latest server install. I cannot receive emails. From a previous forum topic (Can not receive e-mail but can send), I used the recommended testing methods on the mail server thoroughly. Everything works except the external testing (http://www.stat.ufl.edu/system/mailtesting.shtml). When I try to test using:

telnet eelpout 25

telnet eelpout 110

telnet eelpout 143

openssl s_client -starttls smtp -connect eelpout:25

openssl s_client -connect eelpout:993

they all return either “telnet: Unable to connect to remote host: Connection refused” or “connect: Connection timed out connect:errno=110” errors.

Internally, the mail server tests fine and I get all the correct responses such as verifying the SSL cert chain, sending a test email and the following:

250-PIPELINING

250-SIZE 10240000

250-VRFY

250-ETRN

250-AUTH PLAIN LOGIN

250-AUTH=PLAIN LOGIN

250-ENHANCEDSTATUSCODES

250-8BITMIME

250 DSN

I have checked the firewall and the relevant mail ports are open. I can ping, curl, wget to external ips and sites but the server seems to be blocking mail related connections. Any suggestions would be greatly appreciated.

OK, I think I found the problem - the MX record. With the latest EE mail server install, what should the MX be pointed to (e.g. example.com or mail.example.com or the IP address or something else)?

MX must point to some hostname that resolves to the IP wich the mail server run on.

Well, I changed the MX record and tested it but I still cannot receive emails. Using “telnet eelpout 25” the server will still not connect to the ip address.

Here is the mailer-daemon for test mail:

[email protected]: Remote host said: 554 5.7.1 [email protected]: Relay access denied [RCPT_TO]

You have to properly setup remote DNS, as well DKIM and SPF records. However, these are not tasks you do using EasyEngine.

Sorry, but I can’t go beyond this point, unfortunately.

DKIM, SPF, DMARC records are all in place. However, when I test thru http://www.mail-tester.com/ it says that the server is not fully authenticated because there is no A record for the hostname “Ubuntu”. It recommends I change the hostname in my mail software. When I check hostname in the command line it is clearly my domain name, not Ubuntu. Where else would this testing software be getting that incorrect hostname?

Sorry, disregard previous reply. I found it.

I have a same problem. How can you fix it ?

If you are talking about the hostname, you have to change the “myhostname = ubuntu” in /etc/postfix/main.cf to whatever your mail server hostname should be (ex: mail.example.com). If you are talking about not being able to receive emails, I still haven’t identified the problem. The machine is blocking incoming emails but I can’t find the cause.

@janiosarmento You suggested that the reason my mail server was not receiving mail was due to SPF, DKIM and DNS records. This is not the case. Those records only influence the acceptance of outbound mail. My server gets 8/10 on http://mail-tester.com and will be 10/10 once I install BIND and create private nameservers. At least one problem is that nginx has not been configured for mail. Based on the EE mail server installation, how should nginx.conf and/or available-sites/toyotafinder.com be properly configured? Also I noticed that there is no 250-STARTTLS in my testing results.

Finally, it doesn’t look like Dovecot is configured to listen to anything!

#default_process_limit = 100
#default_client_limit = 1000

#default_vsz_limit = 256M

#default_login_user = dovenull

#default_internal_user = dovecot

service imap-login {
  inet_listener imap {
  #port = 143
}
inet_listener imaps {
  #port = 993
  #ssl = yes
}

#service_count = 1

#process_min_avail = 0

#vsz_limit = $default_vsz_limit
}

service pop3-login {
  inet_listener pop3 {
  #port = 110
  }

inet_listener pop3s {
  #port = 995
  #ssl = yes
  }
}

service lmtp {
  unix_listener lmtp {
  #mode = 0666
}

# Create inet listener only if you can't use the above UNIX socket
#inet_listener lmtp {
# Avoid making LMTP visible for the entire internet
#address =
#port = 
  #}
}

service imap {
#vsz_limit = $default_vsz_limit

# Max. number of IMAP processes (connections)
#process_limit = 1024
}

service pop3 {
# Max. number of POP3 processes (connections)
  #process_limit = 1024
}

service auth {
  unix_listener auth-userdb {
    #mode = 0666
    #user = 
    #group = 
  }

# Postfix smtp-auth
#unix_listener /var/spool/postfix/private/auth {
  #  mode = 0666
 #}

  # Auth process is run as this user.
  #user = $default_internal_user
 }

service auth-worker {
  #user = root
}

service dict {
  unix_listener dict {
  #mode = 0600
  #user = 
  #group = 
  }
}

This readout might shed some light:

install@toyotafinder:~$ sudo netstat -tap
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 *:telnet                *:*                     LISTEN      1234/inetd
tcp        0      0 *:smtp                  *:*                     LISTEN      31062/master
tcp        0      0 *:sieve                 *:*                     LISTEN      31579/dovecot
tcp        0      0 *:imaps                 *:*                     LISTEN      31579/dovecot
tcp        0      0 *:pop3s                 *:*                     LISTEN      31579/dovecot
tcp        0      0 toyotafinder.com:10024  *:*                     LISTEN      12719/amavisd-new (
tcp        0      0 toyotafinder.com:9000   *:*                     LISTEN      31171/php-fpm: pool
tcp        0      0 toyotafinder.com:10025  *:*                     LISTEN      31062/master
tcp        0      0 toyotafinder.com:9001   *:*                     LISTEN      31863/php-fpm.conf)
tcp        0      0 toyotafinder.com:mysql  *:*                     LISTEN      23174/mysqld
tcp        0      0 *:submission            *:*                     LISTEN      31062/master
tcp        0      0 toyotafinder.com:6379   *:*                     LISTEN      2887/redis-server 1
tcp        0      0 toyotafinder.com:11211  *:*                     LISTEN      1667/memcached
tcp        0      0 *:pop3                  *:*                     LISTEN      31579/dovecot
tcp        0      0 *:22222                 *:*                     LISTEN      12853/nginx: worker
tcp        0      0 *:imap2                 *:*                     LISTEN      31579/dovecot
tcp        0      0 *:http                  *:*                     LISTEN      12853/nginx: worker
tcp        0      0 *:urd                   *:*                     LISTEN      31062/master
tcp        0      0 *:ssh                   *:*                     LISTEN      1259/sshd
tcp        0      0 toyotafinder.com:57883  toyotafinder.com:6379   ESTABLISHED 12857/nginx: worker
tcp        0      0 toyotafinder.com:50867  toyotafinder.com:6379   ESTABLISHED 12863/nginx: worker
tcp        0      0 toyotafinder.com:6379   toyotafinder.com:55190  ESTABLISHED 2887/redis-server 1
tcp        0      0 toyotafinder.com:6379   toyotafinder.com:56362  ESTABLISHED 2887/redis-server 1
tcp        0      0 toyotafinder.com:36172  toyotafinder.com:mysql  ESTABLISHED 31174/auth
tcp        0      0 toyotafinder.com:6379   toyotafinder.com:52009  ESTABLISHED 2887/redis-server 1
tcp        0      0 toyotafinder.com:21488  toyotafinder.com:6379   ESTABLISHED 12855/nginx: worker
tcp        0      0 toyotafinder.com:55190  toyotafinder.com:6379   ESTABLISHED 12868/nginx: worker
tcp        0      0 toyotafinder.com:4242   toyotafinder.com:6379   ESTABLISHED 12867/nginx: worker
tcp        0      0 toyotafinder.com:mysql  toyotafinder.com:36172  ESTABLISHED 23174/mysqld
tcp        0      0 toyotafinder.com:6379   toyotafinder.com:50785  ESTABLISHED 2887/redis-server 1
tcp        0      0 toyotafinder.com:50785  toyotafinder.com:6379   ESTABLISHED 12862/nginx: worker
tcp        0      0 toyotafinder.com:6379   toyotafinder.com:57883  ESTABLISHED 2887/redis-server 1
tcp        0      0 mail.toyotafinder.:http c-73-245-29-232.h:49441 TIME_WAIT   -
tcp        0      0 toyotafinder.com:51641  toyotafinder.com:6379   ESTABLISHED 12864/nginx: worker
tcp        0      0 toyotafinder.com:6379   toyotafinder.com:49367  ESTABLISHED 2887/redis-server 1
tcp        0      0 mail.toyotafinder.:http c-73-245-29-232.h:49442 TIME_WAIT   -
tcp        0   4496 mail.toyotafinder.c:ssh c-73-245-29-232.h:61104 ESTABLISHED 27694/sshd: install
tcp        0      0 toyotafinder.com:6379   toyotafinder.com:57419  ESTABLISHED 2887/redis-server 1
tcp        0      0 mail.toyotafinder.:http c-73-245-29-232.h:49444 ESTABLISHED 12855/nginx: worker
tcp        0      0 toyotafinder.com:57592  toyotafinder.com:6379   ESTABLISHED 12853/nginx: worker
tcp        0      0 mail.toyotafinder.c:ssh c-73-245-29-232.h:62838 ESTABLISHED 3378/sshd: install
tcp        0      0 toyotafinder.com:56362  toyotafinder.com:6379   ESTABLISHED 12859/nginx: worker
tcp        0      0 toyotafinder.com:6379   toyotafinder.com:4242   ESTABLISHED 2887/redis-server 1
tcp        0      0 toyotafinder.com:6379   toyotafinder.com:51370  ESTABLISHED 2887/redis-server 1
tcp        0      0 toyotafinder.com:6379   toyotafinder.com:25094  ESTABLISHED 2887/redis-server 1
tcp        0      0 toyotafinder.com:55524  toyotafinder.com:6379   ESTABLISHED 12858/nginx: worker
tcp        0      0 toyotafinder.com:54068  toyotafinder.com:6379   ESTABLISHED 12855/nginx: worker
tcp        0      0 toyotafinder.com:56025  toyotafinder.com:6379   ESTABLISHED 12861/nginx: worker
tcp        0      0 toyotafinder.com:6379   toyotafinder.com:50867  ESTABLISHED 2887/redis-server 1
tcp        0      0 toyotafinder.com:6379   toyotafinder.com:21488  ESTABLISHED 2887/redis-server 1
tcp        0      0 toyotafinder.com:6379   toyotafinder.com:59007  ESTABLISHED 2887/redis-server 1
tcp        0      0 toyotafinder.com:51370  toyotafinder.com:6379   ESTABLISHED 12854/nginx: worker
tcp        0      0 toyotafinder.com:6379   toyotafinder.com:57592  ESTABLISHED 2887/redis-server 1
tcp        0      0 toyotafinder.com:52009  toyotafinder.com:6379   ESTABLISHED 12865/nginx: worker
tcp        0      0 toyotafinder.com:49367  toyotafinder.com:6379   ESTABLISHED 12863/nginx: worker
tcp        0      0 toyotafinder.com:59007  toyotafinder.com:6379   ESTABLISHED 12856/nginx: worker
tcp        0      0 toyotafinder.com:6379   toyotafinder.com:51641  ESTABLISHED 2887/redis-server 1
tcp        0      0 toyotafinder.com:57419  toyotafinder.com:6379   ESTABLISHED 12866/nginx: worker
tcp        0      0 toyotafinder.com:6379   toyotafinder.com:55524  ESTABLISHED 2887/redis-server 1
tcp        0      0 toyotafinder.com:25094  toyotafinder.com:6379   ESTABLISHED 12860/nginx: worker
tcp        0      0 toyotafinder.com:6379   toyotafinder.com:54068  ESTABLISHED 2887/redis-server 1
tcp        0      0 toyotafinder.com:6379   toyotafinder.com:56025  ESTABLISHED 2887/redis-server 1
tcp6       0      0 [::]:smtp               [::]:*                  LISTEN      31062/master
tcp6       0      0 [::]:sieve              [::]:*                  LISTEN      31579/dovecot
tcp6       0      0 [::]:imaps              [::]:*                  LISTEN      31579/dovecot
tcp6       0      0 [::]:pop3s              [::]:*                  LISTEN      31579/dovecot
tcp6       0      0 [::]:submission         [::]:*                  LISTEN      31062/master
tcp6       0      0 [::]:pop3               [::]:*                  LISTEN      31579/dovecot
tcp6       0      0 [::]:imap2              [::]:*                  LISTEN      31579/dovecot
tcp6       0      0 [::]:http               [::]:*                  LISTEN      12853/nginx: worker
tcp6       0      0 [::]:urd                [::]:*                  LISTEN      31062/master
tcp6       0      0 [::]:ssh                [::]:*                  LISTEN      1259/sshd

The bottom line is that the software is not configured correctly and I am not experienced enough with mail to make the necessary changes. If this is too involved to address in this forum, would it be something rtcamp would be willing to handle as contract work?