Centos7 / Postfix / Dovecot not receiving external email

by paolo9785   Last Updated June 22, 2018 11:00 AM

I'm setting up my personal email server, after a while I was able to send emails out with correct DKIM/SPF settings.

Right now i do not understand why I'm not able to receive email from external.

Here below my config:

[[email protected] ~]# cat /etc/postfix/main.cf | grep -v "^#"


queue_directory = /var/spool/postfix

command_directory = /usr/sbin

daemon_directory = /usr/libexec/postfix

data_directory = /var/lib/postfix

mail_owner = postfix

inet_interfaces = localhost

inet_protocols = all


mydestination = $myhostname, localhost.$mydomain, localhost, paolo9785.com


unknown_local_recipient_reject_code = 550


alias_maps = hash:/etc/aliases

alias_database = hash:/etc/aliases

debug_peer_level = 2


debugger_command =
         PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
         ddd $daemon_directory/$process_name $process_id & sleep 5


sendmail_path = /usr/sbin/sendmail.postfix

newaliases_path = /usr/bin/newaliases.postfix

mailq_path = /usr/bin/mailq.postfix

setgid_group = postdrop

html_directory = no

manpage_directory = /usr/share/man

sample_directory = /usr/share/doc/postfix-2.10.1/samples

readme_directory = /usr/share/doc/postfix-2.10.1/README_FILES

virtual_alias_domains = hash:/etc/postfix/virtual_domains

smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = $myhostname
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions =
   permit_sasl_authenticated,
   permit_mynetworks,
   check_relay_domains

smtpd_milters = inet:127.0.0.1:8891
non_smtpd_milters = $smtpd_milters
milter_default_action = accept

master.cf:

[[email protected] ~]# cat /etc/postfix/master.cf | grep -v "^#"  
smtp      inet  n       -       n       -       -       smtpd
pickup    unix  n       -       n       60      1       pickup
cleanup   unix  n       -       n       -       0       cleanup
qmgr      unix  n       -       n       300     1       qmgr
tlsmgr    unix  -       -       n       1000?   1       tlsmgr
rewrite   unix  -       -       n       -       -       trivial-rewrite
bounce    unix  -       -       n       -       0       bounce
defer     unix  -       -       n       -       0       bounce
trace     unix  -       -       n       -       0       bounce
verify    unix  -       -       n       -       1       verify
flush     unix  n       -       n       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
proxywrite unix -       -       n       -       1       proxymap
smtp      unix  -       -       n       -       -       smtp
relay     unix  -       -       n       -       -       smtp
showq     unix  n       -       n       -       -       showq
error     unix  -       -       n       -       -       error
retry     unix  -       -       n       -       -       error
discard   unix  -       -       n       -       -       discard
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       n       -       -       lmtp
anvil     unix  -       -       n       -       1       anvil
scache    unix  -       -       n       -       1       scache

policy unix - n n - 0 spawn user=nobody argv=/bin/python /usr/libexec/postfix/policyd-spf

Firewall config:

[[email protected] ~]# firewall-cmd --list-all
public (active)
  target: default
  icmp-block-inversion: no
  interfaces: eth0
  sources: 
  services: ftp http pop3s smtp ssh https dhcpv6-client imaps
  ports: 110/tcp 465/tcp 10090-10100/tcp 25/tcp 587/tcp 143/tcp 21/tcp 3306/tcp 9000/tcp 993/tcp
  protocols: 
  masquerade: no
  forward-ports: 
  source-ports: 
  icmp-blocks: 
  rich rules: 

Other files:

cat /etc/postfix/mysql-virtual_forwardings.cf
user = mail_admin
password = ******************
dbname = mail
query = SELECT destination FROM forwardings WHERE source='%s'
hosts = 127.0.0.1

cat /etc/postfix/mysql-virtual_email2email.cf
user = mail_admin
password = **********
dbname = mail
query = SELECT email FROM users WHERE email='%s'
hosts = 127.0.0.1

cat /etc/postfix/mysql-virtual_domains.cf
user = mail_admin
password = **********
dbname = mail
query = SELECT domain AS virtual FROM domains WHERE domain='%s'
hosts = 127.0.0.1

cat /etc/postfix/mysql-virtual_mailboxes.cf
user = mail_admin
password = ****************
dbname = mail
query = SELECT CONCAT(SUBSTRING_INDEX(email,'@',-1),'/',SUBSTRING_INDEX(email,'@',1),'/') FROM users WHERE email='%s'
hosts = 127.0.0.1

If i try to send an email to an unknown recipient i get back the response correctly (example [email protected]):

maillogs:

Jun 22 12:31:12 vps258570 postfix/smtpd[12250]: connect from mail-oi0-f50.google.com[------]
Jun 22 12:31:12 vps258570 postfix/trivial-rewrite[12254]: warning: do not list domain paolo9785.com in BOTH mydestination and virtual_alias_domains
Jun 22 12:31:12 vps258570 postfix/smtpd[12250]: NOQUEUE: reject: RCPT from mail-oi0-f50.google.com[-----]: 550 5.1.1 <[email protected]>: Recipient address rejected: User unknown in local recipient table; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<mail-oi0-f50.google.com>
Jun 22 12:31:12 vps258570 postfix/smtpd[12250]: disconnect from mail-oi0-f50.google.com[-------]

While if I send it to an existing mail box ([email protected]) it doesn't go into it.

Jun 22 12:40:12 ----------- postfix/smtpd[12331]: connect from mail-oi0-f65.google.com[-----------]
Jun 22 12:40:13 ----------- postfix/trivial-rewrite[12335]: warning: do not list domain paolo9785.com in BOTH mydestination and virtual_alias_domains
Jun 22 12:40:13 ----------- postfix/smtpd[12331]: warning: support for restriction "check_relay_domains" will be removed from Postfix; use "reject_unauth_destination" instead
Jun 22 12:40:13 ----------- postfix/smtpd[12331]: 1B42E2477: client=mail-oi0-f65.google.com[-----------]
Jun 22 12:40:13 ----------- postfix/cleanup[12336]: 1B42E2477: message-id=<[email protected]om>
Jun 22 12:40:13 ----------- opendkim[888]: 1B42E2477: mail-oi0-f65.google.com [-----------] not internal
Jun 22 12:40:13 ----------- opendkim[888]: 1B42E2477: not authenticated
Jun 22 12:40:13 ----------- opendkim[888]: 1B42E2477: DKIM verification successful
Jun 22 12:40:13 ----------- postfix/qmgr[12237]: 1B42E2477: from=<[email protected]>, size=2536, nrcpt=1 (queue active)
Jun 22 12:40:13 ----------- postfix/trivial-rewrite[12335]: warning: do not list domain paolo9785.com in BOTH mydestination and virtual_alias_domains
Jun 22 12:40:13 ----------- postfix/local[12337]: 1B42E2477: to=<[email protected]>, orig_to=<[email protected]>, relay=local, delay=0.23, delays=0.18/0.02/0/0.03, dsn=5.4.6, status=bounced (alias database loop for postmaster)
Jun 22 12:40:13 ----------- postfix/cleanup[12336]: 511A9DFB: message-id=<[email protected]>
Jun 22 12:40:13 ----------- postfix/qmgr[12237]: 511A9DFB: from=<>, size=4516, nrcpt=1 (queue active)
Jun 22 12:40:13 ----------- postfix/bounce[12338]: 1B42E2477: sender non-delivery notification: 511A9DFB
Jun 22 12:40:13 ----------- postfix/qmgr[12237]: 1B42E2477: removed
Jun 22 12:40:13 ----------- postfix/smtpd[12331]: disconnect from mail-oi0-f65.google.com[-----------]
Jun 22 12:40:13 ----------- postfix/smtp[12339]: 511A9DFB: host gmail-smtp-in.l.google.com[108.177.15.27] said: 421-4.7.0 This message does not have authentication information or fails to pass 421-4.7.0 authentication checks. To best protect our users from spam, the 421-4.7.0 message has been blocked. Please visit 421-4.7.0  https://support.google.com/mail/answer/81126#authentication for more 421 4.7.0 information. f18-v6si7346729wre.357 - gsmtp (in reply to end of DATA command)
Jun 22 12:40:13 ----------- postfix/smtp[12339]: connect to gmail-smtp-in.l.google.com[2a00:1450:400c:c09::1a]:25: Network is unreachable
Jun 22 12:40:13 ----------- postfix/smtp[12339]: connect to alt1.gmail-smtp-in.l.google.com[2a00:1450:4010:c08::1b]:25: Network is unreachable
Jun 22 12:40:14 ----------- postfix/smtp[12339]: 511A9DFB: to=<[email protected]>, relay=alt1.gmail-smtp-in.l.google.com[64.233.165.27]:25, delay=1.1, delays=0/0.01/0.67/0.45, dsn=4.7.0, status=deferred (host alt1.gmail-smtp-in.l.google.com[64.233.165.27] said: 421-4.7.0 This message does not have authentication information or fails to pass 421-4.7.0 authentication checks. To best protect our users from spam, the 421-4.7.0 message has been blocked. Please visit 421-4.7.0  https://support.google.com/mail/answer/81126#authentication for more 421 4.7.0 information. p186-v6si2956365lfp.402 - gsmtp (in reply to end of DATA command))
Jun 22 12:40:37 ----------- postfix/smtpd[12331]: connect from mail-oi0-f42.google.com[-----------]
Jun 22 12:40:37 ----------- postfix/smtpd[12331]: 6604E24A6: client=mail-oi0-f42.google.com[-----------]
Jun 22 12:40:37 ----------- postfix/cleanup[12336]: 6604E24A6: message-id=<[email protected]om>
Jun 22 12:40:37 ----------- opendkim[888]: 6604E24A6: mail-oi0-f42.google.com [-----------] not internal
Jun 22 12:40:37 ----------- opendkim[888]: 6604E24A6: not authenticated
Jun 22 12:40:37 ----------- opendkim[888]: 6604E24A6: DKIM verification successful
Jun 22 12:40:37 ----------- postfix/qmgr[12237]: 6604E24A6: from=<[email protected]>, size=3274, nrcpt=1 (queue active)
Jun 22 12:40:37 ----------- postfix/trivial-rewrite[12335]: warning: do not list domain paolo9785.com in BOTH mydestination and virtual_alias_domains
Jun 22 12:40:37 ----------- postfix/local[12337]: 6604E24A6: to=<[email protected]>, orig_to=<[email protected]>, relay=local, delay=0.19, delays=0.17/0/0/0.02, dsn=5.4.6, status=bounced (alias database loop for postmaster)
Jun 22 12:40:37 ----------- postfix/cleanup[12336]: 9484424A7: message-id=<[email protected]-------.ovh.net>
Jun 22 12:40:37 ----------- postfix/qmgr[12237]: 9484424A7: from=<>, size=5256, nrcpt=1 (queue active)
Jun 22 12:40:37 ----------- postfix/bounce[12338]: 6604E24A6: sender non-delivery notification: 9484424A7
Jun 22 12:40:37 ----------- postfix/qmgr[12237]: 6604E24A6: removed
Jun 22 12:40:37 ----------- postfix/smtpd[12331]: disconnect from mail-oi0-f42.google.com[-----------]
Jun 22 12:40:38 ----------- postfix/smtp[12339]: 9484424A7: to=<[email protected]>, relay=gmail-smtp-in.l.google.com[-----------]:25, delay=0.49, delays=0/0/0.2/0.28, dsn=2.0.0, status=sent (250 2.0.0 OK 1529664038 q25-v6si480244wmq.203 - gsmtp)
Jun 22 12:40:38 ----------- postfix/qmgr[12237]: 9484424A7: removed
Jun 22 12:41:02 ----------- postfix/smtpd[12331]: connect from mail-ot0-f196.google.com[-----------]
Jun 22 12:41:03 ----------- postfix/smtpd[12331]: 4CE822477: client=mail-ot0-f196.google.com[-----------]
Jun 22 12:41:05 ----------- postfix/cleanup[12336]: 4CE822477: message-id=<[email protected]om>
Jun 22 12:41:05 ----------- opendkim[888]: 4CE822477: mail-ot0-f196.google.com [-----------] not internal
Jun 22 12:41:05 ----------- opendkim[888]: 4CE822477: not authenticated
Jun 22 12:41:05 ----------- opendkim[888]: 4CE822477: DKIM verification successful
Jun 22 12:41:05 ----------- postfix/qmgr[12237]: 4CE822477: from=<[email protected]>, size=2553, nrcpt=1 (queue active)

Jun 22 12:41:05 ----------- postfix/local[12337]: 4CE822477: to=<[email protected]>, orig_to=<[email protected]>, relay=local, delay=2.1, delays=2.1/0/0/0.02, dsn=5.4.6, status=bounced (alias database loop for postmaster)
Jun 22 12:41:05 ----------- postfix/cleanup[12336]: 6388B24AD: message-id=<[email protected]>
Jun 22 12:41:05 ----------- postfix/qmgr[12237]: 6388B24AD: from=<>, size=4535, nrcpt=1 (queue active)
Jun 22 12:41:05 ----------- postfix/bounce[12338]: 4CE822477: sender non-delivery notification: 6388B24AD
Jun 22 12:41:05 ----------- postfix/qmgr[12237]: 4CE822477: removed
Jun 22 12:41:05 ----------- postfix/smtpd[12331]: disconnect from mail-ot0-f196.google.com[-----------]
Jun 22 12:41:05 ----------- postfix/smtp[12339]: 6388B24AD: to=<[email protected]>, relay=gmail-smtp-in.l.google.com[-----------]:25, delay=0.42, delays=0/0/0.14/0.27, dsn=2.0.0, status=sent (250 2.0.0 OK 1529664065 i62-v6si1280096wmf.142 - gsmtp)
Jun 22 12:41:05 ----------- postfix/qmgr[12237]: 6388B24AD: removed


Related Questions