CentOS 6.4 [postfix+dovecot] Can send external mail but CANT receive

Lucas Matos asked:

Im trying to set up a mail server with postfix, dovecot and roundcube/thunderbird on a centos 6.4 VPS where my weberver is hosted…
I have this situation:
I can send and receive internal mails ok.
I can send external mails ok.
But i cant receive external mails.

Thats my configuration, please help me to find whats wrong.

postconf -n

[root@server ~]# postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
home_mailbox = Maildir/
html_directory = no
inet_interfaces = all
inet_protocols = all
mailbox_command =
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
mydestination = mail.dvdplaza.org, dvdplaza.org, localhost
mydomain = dvdplaza.org
myorigin = $mydomain
newaliases_path = /usr/bin/newaliases.postfix
readme_directory = /usr/share/doc/postfix-2.6.6/README_FILES
relay_domains = $mydestination, dvdplaza.org
sample_directory = /usr/share/doc/postfix-2.6.6/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtp_tls_note_starttls_offer = yes
smtp_use_tls = yes
smtpd_recipient_restrictions = permit_mynetworks permit_inet_interfaces permit_sasl_authenticated permit_mx_backup
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain =
smtpd_sasl_type = cyrus
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom
unknown_local_recipient_reject_code = 550

hostname, mailname and hosts

[root@server ~]# tail /etc/hostname
#vmi15086.contabo.net
server.dvdplaza.org
#mail.dvdplaza.org


[root@server ~]# tail /etc/mailname
#vmi15086.contabo.net
mail.dvdplaza.org


[root@server ~]# tail /etc/hosts
127.0.0.1       dvdplaza.org server localhost localhost.localdomain
::1     localhost.localdomain   localhost6      localhost       server
#193.37.152.191 vmi15086.contabo.net vmi15086 server
193.37.152.191 dvdplaza.org server
#193.37.152.191 mail.dvdplaza.org mail

Here an analisys of my dns, it shows a SOA problem, i dont know if this SOA problem is related to the external mails are not being received, is it?

http://dnscheck.pingdom.com/?domain=dvdplaza.org&timestamp=1373033981&view=1

When i send a test mail from gmail to my server usually after some hours the email return to gmail reporting:

This is an automatically generated Delivery Status Notification

THIS IS A WARNING MESSAGE ONLY.

YOU DO NOT NEED TO RESEND YOUR MESSAGE.

Delivery to the following recipient has been delayed:

     suporte@dvdplaza.org

Message will be retried for 2 more day(s)

Technical details of temporary failure:
The recipient server did not accept our requests to connect. Learn more at http://support.google.com/mail/bin/answer.py?answer=7720
[(10) mail.dvdplaza.org. [193.37.152.191]:25: Connection timed out]

----- Original message -----

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=mime-version:in-reply-to:references:date:message-id:subject:from:to
         :content-type;
        bh=fs5BZXsmeKZqyvz3lvwzDvtNXXhjQV7YMmXk8eqya6w=;
        b=LrOy9McpY2N+d5D8/LfclSSEQmc7tw+8z4U6aMediQ/P/UcOLuRc/7fcnINB3owUYG
         /QQPUkiFidvYfGITavd0GP9WsaJ768UKFh8vDfrpkjzmgMVezOV5Mvc5cgmtqv6egWaj
         ySlq30TL5NTdep3oalJ9bbS6h+hQSzLfNiVdZHyzMzzUGi+obctncvSdrmYY/gV713ug
         /jLxYuTb1XZ9hSeIlvJKXZXaQ/oVqfdipXgTGNYdcYJnF+WoxFNPJqaBB562yxe9VGCx
         ixKTyb49BZ30WMc3nACHfVqsWFHwGDeoEDcfHUykvoKTzotATVdgyVCcUr7msNDjrbUN
         Lddg==
MIME-Version: 1.0
X-Received: by 10.180.80.6 with SMTP id n6mr19727998wix.59.1372893611365; Wed,
 03 Jul 2013 16:20:11 -0700 (PDT)
Received: by 10.194.122.165 with HTTP; Wed, 3 Jul 2013 16:20:11 -0700 (PDT)
In-Reply-To: <CAPSKjGdzZhsfxPgXykCyT6d3gzx4=DjpOBGiZEt5kjWNNNWHmQ@mail.gmail.com>
References: <20130703231510.5E80A100424@server.dvdplaza.org>
        <CAPSKjGdzZhsfxPgXykCyT6d3gzx4=DjpOBGiZEt5kjWNNNWHmQ@mail.gmail.com>
Date: Wed, 3 Jul 2013 20:20:11 -0300
Message-ID: <CAPSKjGcNrgo-bKbih6xmjTOh5O1UYnaThjtOvhSGVD_rw+2V_A@mail.gmail.com>
Subject: Re: Test message from Roundcube
From: frytec <frytec@gmail.com>
To: suporte@dvdplaza.org
Content-Type: multipart/alternative; boundary=14dae9cc955c0519ac04e0a3b46c

edit

[root@server ~]# iptables -L INPUT -v -n

Chain INPUT (policy DROP 0 packets, 0 bytes)
     pkts bytes target     prot opt in     out     source               destination      
        0     0 ACCEPT     tcp  --  !lo    *       8.8.4.4              0.0.0.0/0           tcp dpt:53
        0     0 ACCEPT     udp  --  !lo    *       8.8.4.4              0.0.0.0/0           udp dpt:53
        0     0 ACCEPT     tcp  --  !lo    *       8.8.4.4              0.0.0.0/0           tcp spt:53
        2   142 ACCEPT     udp  --  !lo    *       8.8.4.4              0.0.0.0/0           udp spt:53
        0     0 ACCEPT     tcp  --  !lo    *       8.8.8.8              0.0.0.0/0           tcp dpt:53
        0     0 ACCEPT     udp  --  !lo    *       8.8.8.8              0.0.0.0/0           udp dpt:53
        0     0 ACCEPT     tcp  --  !lo    *       8.8.8.8              0.0.0.0/0           tcp spt:53
      133 14101 ACCEPT     udp  --  !lo    *       8.8.8.8              0.0.0.0/0           udp spt:53
     374K   34M LOCALINPUT  all  --  !lo    *       0.0.0.0/0            0.0.0.0/0       
     6534 1094K ACCEPT     all  --  lo     *       0.0.0.0/0            0.0.0.0/0        
     120K 5585K INVALID    tcp  --  !lo    *       0.0.0.0/0            0.0.0.0/0        
     286K   18M ACCEPT     all  --  !lo    *       0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED
       17   964 ACCEPT     tcp  --  !lo    *       0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:21
        2   104 ACCEPT     tcp  --  !lo    *       0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:22
        5   284 ACCEPT     tcp  --  !lo    *       0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:9091
       49  2548 ACCEPT     tcp  --  !lo    *       0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:51413
       30  1352 ACCEPT     tcp  --  !lo    *       0.0.0.0/0            0.0.0.0/0           state NEW tcp dpts:30000:35000
        0     0 ACCEPT     udp  --  !lo    *       0.0.0.0/0            0.0.0.0/0           state NEW udp dpt:20
        0     0 ACCEPT     udp  --  !lo    *       0.0.0.0/0            0.0.0.0/0           state NEW udp dpt:21
    61759 7853K ACCEPT     udp  --  !lo    *       0.0.0.0/0            0.0.0.0/0           state NEW udp dpt:51413
        8   860 ACCEPT     icmp --  !lo    *       0.0.0.0/0            0.0.0.0/0           icmp type 8 limit: avg 1/sec burst 5
        0     0 ACCEPT     icmp --  !lo    *       0.0.0.0/0            0.0.0.0/0           icmp type 0 limit: avg 1/sec burst 5
        0     0 ACCEPT     icmp --  !lo    *       0.0.0.0/0            0.0.0.0/0           icmp type 11
        3   634 ACCEPT     icmp --  !lo    *       0.0.0.0/0            0.0.0.0/0           icmp type 3
     2982  308K LOGDROPIN  all  --  !lo    *       0.0.0.0/0            0.0.0.0/0

[root@server ~]# netstat -lanp | grep 25

tcp        0      0 0.0.0.0:25                  0.0.0.0:*                   LISTEN      1561/master
tcp        0      0 :::25                       :::*                        LISTEN      1561/master
udp        0      0 2a02:c200:0:10:250:56f:51413 :::*                                    1092/transmission-d
unix  2      [ ACC ]     STREAM     LISTENING     9925   1561/master         public/flush

Update: New status on mxtoolbox

    SMTP Reverse Banner Check   OK - 193.37.152.191 resolves to ip-191-152-37-193.static.contabo.net

    SMTP Reverse DNS Mismatch   Warning - Reverse DNS does not match SMTP Banner    Ignore
    SMTP TLS    Warning - Does not support TLS.     Ignore
    SMTP Connection Time    0 seconds - Good on Connection time     
    SMTP Open Relay     OK - Not an open relay.     
    SMTP Transaction Time   15.152 seconds - Not good! on Transaction Time  Ignore
Session Transcript:

SendSMTPCommand: Timeout waiting for response after 15 seconds.

MXTB-PWS3v2 16335ms

My answer:


You very clearly do not have port 25 open in the firewall. Open the port for inbound traffic.


View the full question and answer on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.