• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Resolved Port 587 stopped working

C

celest

New Pleskian
Hello,
2 days ago my mail server stopped working.
No changes were made and no updates were installed (except the auto-updates by plesk).

Im using postfix as smtp server.

main.cnf
Code: 
readme_directory = /usr/share/doc/postfix-2.10.1/README_FILES
virtual_mailbox_domains = $virtual_mailbox_maps, hash:/var/spool/postfix/plesk/virtual_domains
virtual_alias_maps = $virtual_maps, hash:/var/spool/postfix/plesk/virtual
virtual_mailbox_maps = , hash:/var/spool/postfix/plesk/vmailbox
transport_maps = , hash:/var/spool/postfix/plesk/transport
smtpd_tls_cert_file = /etc/postfix/postfix.pem
smtpd_tls_key_file = $smtpd_tls_cert_file
smtpd_tls_security_level = may
smtpd_use_tls = yes
smtp_tls_security_level = may
smtp_use_tls = no
smtpd_timeout = 3600s
smtpd_proxy_timeout = 3600s
disable_vrfy_command = yes
mynetworks =
smtpd_sender_restrictions = check_sender_access hash:/var/spool/postfix/plesk/blacklists, permit_sasl_authenticated
smtpd_client_restrictions = permit_mynetworks, permit_sasl_authenticated
authorized_flush_users =
authorized_mailq_users =
smtp_send_xforward_command = yes
smtpd_authorized_xforward_hosts = 127.0.0.0/8 [::1]/128
smtpd_sasl_auth_enable = yes
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
virtual_mailbox_base = /var/qmail/mailnames
virtual_uid_maps = static:30
virtual_gid_maps = static:31
smtpd_milters = , inet:127.0.0.1:12768
sender_dependent_default_transport_maps = hash:/var/spool/postfix/plesk/sdd_transport_maps
virtual_transport = plesk_virtual
plesk_virtual_destination_recipient_limit = 1
mailman_destination_recipient_limit = 1
message_size_limit = 10240000
mailbox_size_limit = 0
virtual_mailbox_limit = 0
smtpd_tls_ciphers = medium
smtpd_tls_mandatory_ciphers = medium
tls_medium_cipherlist = HIGH:!aNULL:!MD5
smtpd_tls_mandatory_protocols = TLSv1 TLSv1.1 TLSv1.2
smtpd_tls_protocols = TLSv1 TLSv1.1 TLSv1.2
recipient_canonical_maps = tcp:127.0.0.1:12346
recipient_canonical_classes = envelope_recipient,header_recipient

master.cf
Code: 
smtp      inet  n       -       n       -       -       smtpd
#smtp      inet  n       -       n       -       1       postscreen
#smtpd     pass  -       -       n       -       -       smtpd
#dnsblog   unix  -       -       n       -       0       dnsblog
#tlsproxy  unix  -       -       n       -       0       tlsproxy
#submission inet n       -       n       -       -       smtpd
#  -o syslog_name=postfix/submission
#  -o smtpd_tls_security_level=encrypt
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_reject_unlisted_recipient=no
#  -o smtpd_client_restrictions=$mua_client_restrictions
#  -o smtpd_helo_restrictions=$mua_helo_restrictions
#  -o smtpd_sender_restrictions=$mua_sender_restrictions
#  -o smtpd_recipient_restrictions=permit_sasl_authenticated,reject
#  -o milter_macro_daemon_name=ORIGINATING
#smtps     inet  n       -       n       -       -       smtpd
#  -o syslog_name=postfix/smtps
#  -o smtpd_tls_wrappermode=yes
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_reject_unlisted_recipient=no
#  -o smtpd_client_restrictions=$mua_client_restrictions
#  -o smtpd_helo_restrictions=$mua_helo_restrictions
#  -o smtpd_sender_restrictions=$mua_sender_restrictions
#  -o smtpd_recipient_restrictions=permit_sasl_authenticated,reject
#  -o milter_macro_daemon_name=ORIGINATING
#628       inet  n       -       n       -       -       qmqpd
cleanup   unix  n       -       n       -       0       cleanup
#qmgr     unix  n       -       n       300     1       oqmgr
tlsmgr    unix  -       -       n       1000?   1       tlsmgr
rewrite   unix  -       -       n       -       -       trivial-rewrite
bounce    unix  -       -       n       -       0       bounce
defer     unix  -       -       n       -       0       bounce
trace     unix  -       -       n       -       0       bounce
verify    unix  -       -       n       -       1       verify
flush     unix  n       -       n       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
proxywrite unix -       -       n       -       1       proxymap
smtp      unix  -       -       n       -       -       smtp
relay     unix  -       -       n       -       -       smtp
#       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq     unix  n       -       n       -       -       showq
error     unix  -       -       n       -       -       error
retry     unix  -       -       n       -       -       error
discard   unix  -       -       n       -       -       discard
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       n       -       -       lmtp
anvil     unix  -       -       n       -       1       anvil
scache    unix  -       -       n       -       1       scache


plesk_virtual unix - n n - - pipe flags=DORhu user=popuser:popuser argv=/usr/lib64/plesk-9.0/postfix-local -f ${sender} -d ${recipient} -p /var/qmail/mailnames
127.0.0.1:12346 inet n n n - - spawn user=popuser:popuser argv=/usr/lib64/plesk-9.0/postfix-srs
mailman unix - n n - - pipe flags=R user=mailman:mailman argv=/usr/lib64/plesk-9.0/postfix-mailman ${nexthop} ${user} ${recipient}
pickup fifo n - n 60 1 pickup
qmgr fifo n - n 1 1 qmgr
smtps inet n - n - - smtpd -o smtpd_tls_wrappermode=yes
plesk_saslauthd unix y y n - 1 plesk_saslauthd status=5 listen=6 dbpath=/var/spool/postfix/plesk/passwd.db
plesk-mydomain.com-myserverip- unix - n n - - smtp -o smtp_bind_address=myserverip -o smtp_bind_address6= -o smtp_address_preference=ipv4 -o smtp_helo_name=mydomain.com
submission inet n - n - - smtpd -o smtpd_enforce_tls=yes -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination

I even reinstalled the VPS twice.
No firewall is enabled.
Code: 
# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

On my mail-server telnet IP 587 and telnet 127.0.0.1 587 works fine. But from different servers or my PC it does not work.

All other ports like 25 and 465 can be accessed with telnet from my PC and different servers without issues. Only 587 does not work anymore. I have no idea what I should do anymore.

I also contacted my server hoster about it. They said that no firewall is enabled for my vps.

Kind Regards
 
Update 2:
When I try to send an email (to hotmail/outlook) It says mail send successful ( in roundcube ).
But mail is never received.
I look in maillog file and I get this issue:
Code: 
mail postfix/smtp[14350]: connect to eur.olc.protection.outlook.com[104.47.10.33]:25: Connection timed out

If I try telnet 104.47.10.33 25 it does not work.
With another server, the telnet to the hotmail/outlook IP it works fine.
My mail-server domain and IP is not blacklisted in spamhaus.

Update:
Problem not really solved. I bought a new server and it works fine now. But I mark it as solved anyway.
 
Last edited:
You must log in or register to reply here.

Similar threads

R
Issue Postfix generates a lot of processes after a hacker attack
Replies
0
Views
234
RomanLed
R
B
Resolved no SASL authentication mechanisms
2
Replies
21
Views
5K
bork
B
T
Issue SMTPD No Auth from IP Issue
Replies
2
Views
1K
Tessxr
T
R
Resolved Plesk behind HAProxy
Replies
5
Views
3K
razertechDE
R
M
Forwarded to devs Postfix master.cf: submission not changed to use chroot during migration
Replies
2
Views
1K
mow
M
Back
Top