Postfix server cannot recieve email

ua flag

I've been having issues with getting my postfix email server to accept emails. I started with port 587 open, but whenever I would send an email to that, it would seem like nothing happened, and /var/log/mail.log would say access denied on port 25 (I did not have port 25 opened as I thought it was only 587 necessary).

I then tried opening port 25 for it, and now I am getting the error 5.7.1 Relay access denied.

I am unsure of what this is happening and can't seem to be able to fix it. I do seem to be able to send mail fine though.

Here is the output of postconf -n

alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
compatibility_level = 2
header_checks = regexp:/etc/postfix/header_checks
home_mailbox = Mail/Inbox/
inet_interfaces = all
inet_protocols = all
mailbox_command = /usr/lib/dovecot/deliver
mailbox_size_limit = 0
milter_default_action = accept
milter_protocol = 6
mydestination = localhost.$mydomain, localhost, $mydomain
myhostname =
mynetworks = [::ffff:]/104 [::1]/128
myorigin = /etc/mailname
non_smtpd_milters = inet:localhost:12301
readme_directory = no
recipient_delimiter = +
relayhost =
smtp_tls_CAfile = /etc/letsencrypt/live/
smtp_tls_CApath = /etc/ssl/certs
smtp_tls_mandatory_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1
smtp_tls_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1
smtp_tls_security_level = may
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_invalid_helo_hostname, reject_non_fqdn_helo_hostname, reject_unknown_helo_hostname
smtpd_milters = inet:localhost:12301
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination, reject_unknown_recipient_domain
smtpd_relay_restrictions = permit_sasl_authenticated, reject_unauth_destination, permit_mynetworks
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous, noplaintext
smtpd_sasl_tls_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_sender_login_maps = pcre:/etc/postfix/login_maps.pcre
smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_sender_login_mismatch, reject_unknown_reverse_client_hostname, reject_unknown_sender_domain
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/letsencrypt/live/
smtpd_tls_exclude_ciphers = aNULL, LOW, EXP, MEDIUM, ADH, AECDH, MD5, DSS, ECDSA, CAMELLIA128, 3DES, CAMELLIA256, RSA+AES, eNULL
smtpd_tls_key_file = /etc/letsencrypt/live/
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1
smtpd_tls_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1
smtpd_tls_security_level = may
tls_preempt_cipherlist = yes

And here is postconf -M

cleanup    unix  n       -       y       -       0       cleanup
qmgr       unix  n       -       n       300     1       qmgr
tlsmgr     unix  -       -       y       1000?   1       tlsmgr
rewrite    unix  -       -       y       -       -       trivial-rewrite
bounce     unix  -       -       y       -       0       bounce
defer      unix  -       -       y       -       0       bounce
trace      unix  -       -       y       -       0       bounce
verify     unix  -       -       y       -       1       verify
flush      unix  n       -       y       1000?   0       flush
proxymap   unix  -       -       n       -       -       proxymap
proxywrite unix  -       -       n       -       1       proxymap
relay      unix  -       -       y       -       -       smtp
showq      unix  n       -       y       -       -       showq
error      unix  -       -       y       -       -       error
retry      unix  -       -       y       -       -       error
discard    unix  -       -       y       -       -       discard
local      unix  -       n       n       -       -       local
virtual    unix  -       n       n       -       -       virtual
lmtp       unix  -       -       y       -       -       lmtp
anvil      unix  -       -       y       -       1       anvil
scache     unix  -       -       y       -       1       scache
postlog    unix-dgram n  -       n       -       1       postlogd
maildrop   unix  -       n       n       -       -       pipe flags=DRXhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
uucp       unix  -       n       n       -       -       pipe flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail     unix  -       n       n       -       -       pipe flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp      unix  -       n       n       -       -       pipe flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix - n       n       -       2       pipe flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman    unix  -       n       n       -       -       pipe flags=FRX user=list argv=/usr/lib/mailman/bin/ ${nexthop} ${user}
spamassassin unix -      n       n       -       -       pipe user=debian-spamd argv=/usr/bin/spamc -f -e /usr/sbin/sendmail -oi -f ${sender} ${recipient}
smtp       unix  -       -       n       -       -       smtp
smtp       inet  n       -       y       -       -       smtpd -o content_filter=spamassassin
submission inet  n       -       y       -       -       smtpd -o syslog_name=postfix/submission -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes -o smtpd_tls_auth_only=yes
smtps      inet  n       -       y       -       -       smtpd -o syslog_name=postfix/smtps -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes
spamassassin unix -      n       n       -       -       pipe user=debian-spamd argv=/usr/bin/spamc -f -e /usr/sbin/sendmail -oi -f ${sender} ${recipient}

(Domain changed to from real domain)

Zareh Kasparian avatar
us flag
how do you send email to mail server ? via telneting to the mail server with "MAIL FROM" and "RCPT TO" commands? or via mail client and authentication?
ar flag

mydestination = localhost.$mydomain, localhost, $mydomain

You accept mail destined for localhost, localhost.$mydomain and $mydomain.

You don't define $mydomain anywhere. Add a line with mydomain = where is the domain you wish to receive mail for.

That said, e-mail is a thankless service to host. A single mistake and you're blacklisted by all the major players. It's generally a good idea to stay away if you don't know some bits'n'pieces of how the protocol works.

DanielRoberts avatar
ua flag
Ah thank you! Makes sense now I think about it, and you're probably right about hosting it myself - I think I was doing it more for the fun of setting something like that up in a time of boredom!
vidarlo avatar
ar flag
Absolutely worth doing to learn - just be aware of the pitfalls.
I sit in a Tesla and translated this thread with Ai:


Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.