I have a website (safirasaloes.com.br) hosted at DigitalOcean and DNS set at CloudFlare. I'm trying to receive e-mails at contato@safirasaloes.com.br with Postfix but I can't.
The big problem here is that I don't have a way of getting feedback from those systems in order to define where the problem is. So I don't know whether I made some mistake at CloudFlare, DigitalOcean firewall or Postfix configuration.
The ports allowed at my DigitalOcean server are:
- 5000 (SSH connection)
- 80 (web app)
- 443 (SSL)
- 25 (Receive E-mail)
My configuration at CloudFlare is:
Type Name Value TTL Active
A safirasaloes.com.brpoints to 104.236.43.94 Automatictrue
CNAMEwww is an alias of safirasaloes.com.br Automatictrue
MX safirasaloes.com.brmail handled by mail.safirasaloes.com.br with priority 10Automatic
AAAA safirasaloes.com.brpoints to 2604:a880:800:10::542:b001 Automatictrue
My FQDN was set at Postfix as safirasaloes.com.br and the main.cf is
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no
append_dot_mydomain = no
readme_directory = no
# TLS parameters
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
myhostname = safirasaloes.com.br
#alias_maps = hash:/etc/aliases
virtual_alias_maps = hash:/etc/postfix/virtual
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = safirasaloes.com.br, safirasaloes, localhost.localdomain, localhost
relayhost =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
Best Answer
Per our discussion in the comments, your issue was that
safirasaloes.com.br
's MX records pointed tomail.safirasaloes.com.br
, which didn't exist. The FQDNs referenced by a MX record must be resolvable for mail to be delivered.