Centos – Postfix smtpd not listening ‘Unable to Connect to SMTP Host’

I set a postfix + cyrus-sasl + cyrus-imapd mail server on my CentOS 6.5 x64 server. After I finished the settings, I found that I can send internal emails and send emails to other mailboxes like Gmail. But I can't receive my reply from Gmail and mxtoolbox diagnosed as 'Unable to Connect to SMTP Host' (time-out after 15 senconds). I can't telnet myipaddress 25 either. Here is what I did and I have no idea what is wrong. Please help and thanks.

vim /etc/postfix/main.cf  
myhostname = mail.mydomain.com  
mydomain = mydomain.com  
myorigin = $mydomain  
inet_interfaces = all  
mydestination = $myhostname, localhost.$mydomain, localhost,$mydomain
mynetworks = 192.168.0.0/24, 127.0.0.0/8  
local_recipient_maps =    
smtpd_banner = $myhostname ESMTP unknow       
smtpd_sasl_auth_enable = yes   
broken_sasl_auth_clients = yes  
smtpd_sasl_local_domain = $myhostname  
smtpd_sasl_security_options = noanonymous 
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination  
smtpd_sasl_security_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination  
message_size_limit = 15728640
mailbox_transport=lmtp:unix:/var/lib/imap/socket/lmtp

vim /etc/sasl2/smtpd.conf
log_level: 3
saslauthd_path:/var/run/saslauthd/mux

vim /etc/sysconfig/iptables
-A INPUT -p TCP -i $EXTIF --dport 25 --sport 1024:65534 -j ACCEPT
-A INPUT -p TCP -i $EXTIF --dport 993 --sport 1024:65534 -j ACCEPT
-A INPUT -p TCP -i $EXTIF --dport 995 --sport 1024:65534 -j ACCEPT

/etc/init.d/postfix start  
/etc/init.d/saslauthd start  
/etc/init.d/cyrus-imapd start

netstat -tpnl | grep smtpd
netstat -tpnl | grep :25
tcp        0      0 0.0.0.0:25                  0.0.0.0:*                   LISTEN      1698/master
netstat -tpnl | grep cyrus
tcp        0      0 0.0.0.0:110                 0.0.0.0:*                   LISTEN      3432/cyrus-master   
tcp        0      0 0.0.0.0:143                 0.0.0.0:*                   LISTEN      3432/cyrus-master   
tcp        0      0 0.0.0.0:4190                0.0.0.0:*                   LISTEN      3432/cyrus-master   
tcp        0      0 0.0.0.0:993                 0.0.0.0:*                   LISTEN      3432/cyrus-master   
tcp        0      0 0.0.0.0:995                 0.0.0.0:*                   LISTEN      3432/cyrus-master   
tcp        0      0 :::110                      :::*                        LISTEN      3432/cyrus-master   
tcp        0      0 :::143                      :::*                        LISTEN      3432/cyrus-master   
tcp        0      0 :::4190                     :::*                        LISTEN      3432/cyrus-master   
tcp        0      0 :::993                      :::*                        LISTEN      3432/cyrus-master   
tcp        0      0 :::995                      :::*                        LISTEN      3432/cyrus-master

Best Answer

NickW answered your question right off the bat. Since you can telnet to it when iptables is turned off but not when it's on the problem is the firewall. NickW is correct on his second comment too that the process should be "master" and not smtp but by default postfix should listen on port 25.

When I do a telnet right now I get this:

# telnet h-chen.com 25
Trying 144.214.150.161...
telnet: Unable to connect to remote host: No route to host

If your install is a default CentOS install then one of the "reject" statements in iptables may look like this:

REJECT --reject-with icmp-host-prohibited

When a server rejects with 'icmp-host-prohibited' it sends the 'No route to host' statement to the client. From your iptables output that you gave us (giving the output of iptables -L would help us more) I don't think that the "-i" or "--sport" options are needed.

Best Answer

Related Solutions

Centos – Can’t access Apache in the CentOS Virtualbox

Relay access denied when not send from server itself

Related Topic