My postfix (V: 2.5.5-1.1) running on ubuntu server (9.04) started to reject mail arriving in from outside about 2 weeks ago. Doing a "manual" session via telnet shows that the connection is always closed after the
MAIL FROM: [email protected]
line is input, with the message "Connection closed by foreign host."
Doing the same from another client inside the LAN works fine. In the log files I get the line "lost connection after MAIL from xxxxx.tld[xxx.xxx.xxx.xxx]" This is after some lines like:
match_hostaddr: XXX.XXX.XXX.XXX ~? [::1]/128
match_hostname: XXXX.tld ~? 192.168.1.0/24
...
match_list_match: xxx.xxx.xxx.xxx: no match
which seem to suggest some kind of filter which checks for allowed addresses. I have been unable to locate where this filter lives, or how to turn it off. I'm not even sure if that's what's causing my problem. Connections from inside the LAN don't get disconnected even though they also show a "match_list_match: ... no match" line.
I didn't change any configuration files recently, below is my main.cf as it currently stands. I don't really know what all the parameters do and how they interact. I just set it up initially and it worked fine (up to recently).
smtpd_banner = $myhostname ESMTP $mail_name (GNU)
biff = no
readme_directory = no
# TLS parameters
smtpd_tls_cert_file=/etc/ssl/certs/server.crt
smtpd_tls_key_file=/etc/ssl/private/server.key
#smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtp_sasl_auth_enable = no
smtp_use_tls=no
smtp_sasl_password_maps = hash:/etc/postfix/smtp_auth
myhostname = XXXXXXX.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = XXXX.XXXX.com, XXXX.com, localhost.XXXXX.com, localhost
relayhost = XXX.XXX.XXX.XXX
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 192.168.1.0/24
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
smtpd_sasl_local_domain =
#smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_authenticated_header = yes
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_
when checking the process list, postfix/smtpd runs as
smtpd -n smtp -t inet -u -c -o stress -v -v
Any clues?
It turns out that it had nothing to do with my configuration, but it seems that my isp was terminating smtp connections. They have been taken over by a new company and new policies seem to have been put in place.
I ended up using my ISP's mail server as a relay. This was simple enough because they allow relay access from any IP that's in their pool without authentication.