Postfix outgoing SMTP: “connection timed out”Postfix SMTP not available from external networkPostfix is timed out while sendingSetup Postfix using an external SMTP ServerPostfix SMTP mail server External smtp relayPostfix Smtp host resolve issuePostfix Connection refused (993)

Was playing with both hands ever allowed in chess?

Did the computer mouse always output relative x/y and not absolute?

"Applicants for asylum must prove that they have fifteen family members in the Netherlands."

Why did my LGA-ORD flight make an S-shaped turn round the time it was passing a storm?

Max flow problem without splitting the flow from the supply nodes - LP formulation help

When to bemoan and when to moan

How can an employer better accommodate workers on the autism-spectrum to reduce absence from work?

Can socialism and capitalism coexist in the same country?

In Germany, why does the burden of proof fall on authorities rather than the company or individual when it comes to possible illegal funds?

What does "a flight to quality" mean?

If I drop a bag of of say 15 alchemist fire on giant and hits it will it take 15d4 of fire damage and so on?

"Don't invest now because the market is high"

How far apart are stars in a binary system?

Why are these wires sticking out of battery terminal?

Is there any way my opponent can prevent me from winning in this situation?

Prospective employer asking for my current pay slip during interview

How to pay less taxes on a high salary?

Did Roger Rabbit exist prior to the film "Who Framed Roger Rabbit?"

How to educate bachelor and master exchange students from Asia?

Should a soda bottle be stored horizontally or vertically?

How can I convince my department that I have the academic freedom to select textbooks and use multiple-choice tests in my courses?

Why do cargo airlines frequently choose passenger aircraft rather than aircraft designed specifically for cargo?

What are examples of (collections of) papers which "close" a field?

Keep password in macro?



Postfix outgoing SMTP: “connection timed out”


Postfix SMTP not available from external networkPostfix is timed out while sendingSetup Postfix using an external SMTP ServerPostfix SMTP mail server External smtp relayPostfix Smtp host resolve issuePostfix Connection refused (993)






.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty
margin-bottom:0;









0


















I have a little problem with my postfix. The thing is that I can receive emails but when I send an email I get a Connection timed out error.



connect to outlook-com.olc.protection.outlook.com[104.47.5.33]:25: Connection timed out


This is happening with all the emails I send and not just with outlook. I already searched for solutions for this problem but couldn't find anything useful.



This is my main.cf:



# This file was automatically installed on 2019-06-27T15:11:55.824661
inet_interfaces = all
inet_protocols = ipv4
myhostname = webmail.apt-one.com
myorigin = $myhostname
mydestination = $myhostname
mynetworks = 127.0.0.0/8
smtpd_banner = $myhostname ESMTP
biff = no
unknown_local_recipient_reject_code = 550
unverified_recipient_reject_code = 550

# appending .domain is the MUA's job.
append_dot_mydomain = no

readme_directory = no

mailbox_size_limit = 0
message_size_limit = 11534336
recipient_delimiter = +

alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases

## Proxy maps
proxy_read_maps =
 proxy:unix:passwd.byname
 proxy:pgsql:/etc/postfix/sql-domains.cf
 proxy:pgsql:/etc/postfix/sql-domain- aliases.cf
 proxy:pgsql:/etc/postfix/sql-aliases.cf
 proxy:pgsql:/etc/postfix/sql-relaydomains.cf
 proxy:pgsql:/etc/postfix/sql-maintain.cf
 proxy:pgsql:/etc/postfix/sql-relay-recipient-verification.cf
 proxy:pgsql:/etc/postfix/sql-sender-login-map.cf
 proxy:pgsql:/etc/postfix/sql-spliteddomains-transport.cf
 proxy:pgsql:/etc/postfix/sql-transport.cf
## TLS settings
#
smtpd_use_tls = yes
smtpd_tls_auth_only = yes
smtpd_tls_CApath = /etc/ssl/certs
smtpd_tls_key_file = /etc/nginx/privkey.pem
smtpd_tls_cert_file = /etc/nginx/fullchain.pem
smtpd_tls_dh1024_param_file = 
$config_directory/dh2048.pem
smtpd_tls_loglevel = 1
smtpd_tls_session_cache_database = 
btree:$data_directory/smtpd_tls_session_cache
smtpd_tls_security_level = may
smtpd_tls_received_header = yes
smtpd_tls_note_starttls_offer = yes

# Disallow SSLv2 and SSLv3, only accept secure ciphers
smtpd_tls_protocols = TLSv1.3, TLSv1.2, !TLSv1.1, !TLSv1, !SSLv2, !SSLv3
smtp_tls_protocols = TLSv1.3, TLSv1.2, !TLSv1.1, !TLSv1, !SSLv2, !SSLv3
smtp_tls_ciphers = high
smtpd_tls_ciphers = high
smtpd_tls_mandatory_protocols = TLSv1.3, TLSv1.2, !TLSv1.1, !TLSv1, !SSLv2, !SSLv3
smtp_tls_mandatory_protocols = TLSv1.3, TLSv1.2, !TLSv1.1, !TLSv1, !SSLv2, !SSLv3
smtp_tls_mandatory_ciphers = high
smtpd_tls_mandatory_ciphers = high

smtpd_tls_mandatory_exclude_ciphers = MD5, DES, ADH, RC4, PSD, SRP, 3DES, RSA, eNULL, aNULL
smtpd_tls_exclude_ciphers = MD5, DES, ADH, RC4, PSD, SRP, 3DES, RSA, eNULL, aNULL
smtp_tls_mandatory_exclude_ciphers = MD5, DES, ADH, RC4, PSD, SRP, 3DES, RSA, eNULL, aNULL
smtp_tls_exclude_ciphers = MD5, DES, ADH, RC4, PSD, SRP, 3DES, RSA, eNULL, aNULL
tls_preempt_cipherlist = yes

# Enable elliptic curve cryptography
smtpd_tls_eecdh_grade = ultra

# Use TLS if this is supported by the remote SMTP server, otherwise use plaintext.
smtp_tls_CApath = /etc/ssl/certs
smtp_tls_security_level = may
smtp_tls_loglevel = 1

smtpd_tls_session_cache_database = btree:$data_directory/smtpd_scache
smtp_tls_session_cache_database = btree:$data_directory/smtp_scach
smtp_tls_key_file = /etc/nginx/privkey.pem
smtp_tls_cert_file = /etc/nginx/fullchain.pem

## Virtual transport settings#
virtual_transport = lmtp:unix:private/dovecot-lmtp

virtual_mailbox_domains = proxy:pgsql:/etc/postfix/sql-domains.cf
virtual_alias_domains = proxy:pgsql:/etc/postfix/sql-domain-aliases.cf
virtual_alias_maps =
 proxy:pgsql:/etc/postfix/sql-aliases.cf

## Relay domains#
relay_domains =
 proxy:pgsql:/etc/postfix/sql- 
relaydomains.cf
transport_maps =
 proxy:pgsql:/etc/postfix/sql-transport.cf
 proxy:pgsql:/etc/postfix/sql-spliteddomains-transport.cf

## SASL authentication through Dovecot#
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_sasl_security_options = noanonymous

## SMTP session policies#

# We require HELO to check it later
smtpd_helo_required = yes

# We do not let others find out which 
recipients are valid
disable_vrfy_command = yes

# MTA to MTA communication on Port 25. We expect (!) the other party to
# specify messages as required by RFC 821.
strict_rfc821_envelopes = yes

# Verify cache setup
address_verify_map = 
proxy:btree:$data_directory/verify_cache

proxy_write_maps =
 $smtp_sasl_auth_cache_name
 $lmtp_sasl_auth_cache_name
 $address_verify_map

# OpenDKIM setup
smtpd_milters = inet:127.0.0.1:12345
non_smtpd_milters = inet:127.0.0.1:12345
milter_default_action = accept
milter_content_timeout = 30s

# List of authorized senders
smtpd_sender_login_maps =
 proxy:pgsql:/etc/postfix/sql-sender-login-map.cf

# Recipient restriction rules
smtpd_recipient_restrictions =
 permit_mynetworks
 permit_sasl_authenticated
 check_recipient_access
 proxy:pgsql:/etc/postfix/sql-maintain.cf
 proxy:pgsql:/etc/postfix/sql-relay-recipient-verification.cf
 reject_unverified_recipient
 reject_unauth_destination
 reject_non_fqdn_sender
 reject_non_fqdn_recipient
 reject_non_fqdn_helo_hostname

## Postcreen settings#
postscreen_access_list =
 permit_mynetworks
 cidr:/etc/postfix/postscreen_spf_whitelist.cidr
postscreen_blacklist_action = enforce

# Use some DNSBL
postscreen_dnsbl_sites =
 zen.spamhaus.org*3
 bl.spameatingmonkey.net*2
 dnsbl.habl.org
 bl.spamcop.net
 dnsbl.sorbs.net
postscreen_dnsbl_threshold = 3
postscreen_dnsbl_action = enforce

postscreen_greet_banner = Welcome, please wait...
postscreen_greet_action = enforce

postscreen_pipelining_enable = yes
postscreen_pipelining_action = enforce

postscreen_non_smtp_command_enable = yes
postscreen_non_smtp_command_action = enforce

postscreen_bare_newline_enable = yes
postscreen_bare_newline_action = enforce


Does anyone have a solution for this?






server email postfix







share|improve this question



























  • did you try to manually connect to that [104.47.5.33]:25 host:port with -for example- a simple telnet 104.47.5.33 25 and with dns name too

    – cmak.fr
    Jun 29 at 11:09












  • Yes, I did. I get connection timed out.

    – ddegraaf
    Jun 29 at 13:34











  • In that case you know that there is a network (routing, filtering,...) issue and probably not related to postfix.

    – cmak.fr
    Jun 30 at 8:28

















0


















I have a little problem with my postfix. The thing is that I can receive emails but when I send an email I get a Connection timed out error.



connect to outlook-com.olc.protection.outlook.com[104.47.5.33]:25: Connection timed out


This is happening with all the emails I send and not just with outlook. I already searched for solutions for this problem but couldn't find anything useful.



This is my main.cf:



# This file was automatically installed on 2019-06-27T15:11:55.824661
inet_interfaces = all
inet_protocols = ipv4
myhostname = webmail.apt-one.com
myorigin = $myhostname
mydestination = $myhostname
mynetworks = 127.0.0.0/8
smtpd_banner = $myhostname ESMTP
biff = no
unknown_local_recipient_reject_code = 550
unverified_recipient_reject_code = 550

# appending .domain is the MUA's job.
append_dot_mydomain = no

readme_directory = no

mailbox_size_limit = 0
message_size_limit = 11534336
recipient_delimiter = +

alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases

## Proxy maps
proxy_read_maps =
 proxy:unix:passwd.byname
 proxy:pgsql:/etc/postfix/sql-domains.cf
 proxy:pgsql:/etc/postfix/sql-domain- aliases.cf
 proxy:pgsql:/etc/postfix/sql-aliases.cf
 proxy:pgsql:/etc/postfix/sql-relaydomains.cf
 proxy:pgsql:/etc/postfix/sql-maintain.cf
 proxy:pgsql:/etc/postfix/sql-relay-recipient-verification.cf
 proxy:pgsql:/etc/postfix/sql-sender-login-map.cf
 proxy:pgsql:/etc/postfix/sql-spliteddomains-transport.cf
 proxy:pgsql:/etc/postfix/sql-transport.cf
## TLS settings
#
smtpd_use_tls = yes
smtpd_tls_auth_only = yes
smtpd_tls_CApath = /etc/ssl/certs
smtpd_tls_key_file = /etc/nginx/privkey.pem
smtpd_tls_cert_file = /etc/nginx/fullchain.pem
smtpd_tls_dh1024_param_file = 
$config_directory/dh2048.pem
smtpd_tls_loglevel = 1
smtpd_tls_session_cache_database = 
btree:$data_directory/smtpd_tls_session_cache
smtpd_tls_security_level = may
smtpd_tls_received_header = yes
smtpd_tls_note_starttls_offer = yes

# Disallow SSLv2 and SSLv3, only accept secure ciphers
smtpd_tls_protocols = TLSv1.3, TLSv1.2, !TLSv1.1, !TLSv1, !SSLv2, !SSLv3
smtp_tls_protocols = TLSv1.3, TLSv1.2, !TLSv1.1, !TLSv1, !SSLv2, !SSLv3
smtp_tls_ciphers = high
smtpd_tls_ciphers = high
smtpd_tls_mandatory_protocols = TLSv1.3, TLSv1.2, !TLSv1.1, !TLSv1, !SSLv2, !SSLv3
smtp_tls_mandatory_protocols = TLSv1.3, TLSv1.2, !TLSv1.1, !TLSv1, !SSLv2, !SSLv3
smtp_tls_mandatory_ciphers = high
smtpd_tls_mandatory_ciphers = high

smtpd_tls_mandatory_exclude_ciphers = MD5, DES, ADH, RC4, PSD, SRP, 3DES, RSA, eNULL, aNULL
smtpd_tls_exclude_ciphers = MD5, DES, ADH, RC4, PSD, SRP, 3DES, RSA, eNULL, aNULL
smtp_tls_mandatory_exclude_ciphers = MD5, DES, ADH, RC4, PSD, SRP, 3DES, RSA, eNULL, aNULL
smtp_tls_exclude_ciphers = MD5, DES, ADH, RC4, PSD, SRP, 3DES, RSA, eNULL, aNULL
tls_preempt_cipherlist = yes

# Enable elliptic curve cryptography
smtpd_tls_eecdh_grade = ultra

# Use TLS if this is supported by the remote SMTP server, otherwise use plaintext.
smtp_tls_CApath = /etc/ssl/certs
smtp_tls_security_level = may
smtp_tls_loglevel = 1

smtpd_tls_session_cache_database = btree:$data_directory/smtpd_scache
smtp_tls_session_cache_database = btree:$data_directory/smtp_scach
smtp_tls_key_file = /etc/nginx/privkey.pem
smtp_tls_cert_file = /etc/nginx/fullchain.pem

## Virtual transport settings#
virtual_transport = lmtp:unix:private/dovecot-lmtp

virtual_mailbox_domains = proxy:pgsql:/etc/postfix/sql-domains.cf
virtual_alias_domains = proxy:pgsql:/etc/postfix/sql-domain-aliases.cf
virtual_alias_maps =
 proxy:pgsql:/etc/postfix/sql-aliases.cf

## Relay domains#
relay_domains =
 proxy:pgsql:/etc/postfix/sql- 
relaydomains.cf
transport_maps =
 proxy:pgsql:/etc/postfix/sql-transport.cf
 proxy:pgsql:/etc/postfix/sql-spliteddomains-transport.cf

## SASL authentication through Dovecot#
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_sasl_security_options = noanonymous

## SMTP session policies#

# We require HELO to check it later
smtpd_helo_required = yes

# We do not let others find out which 
recipients are valid
disable_vrfy_command = yes

# MTA to MTA communication on Port 25. We expect (!) the other party to
# specify messages as required by RFC 821.
strict_rfc821_envelopes = yes

# Verify cache setup
address_verify_map = 
proxy:btree:$data_directory/verify_cache

proxy_write_maps =
 $smtp_sasl_auth_cache_name
 $lmtp_sasl_auth_cache_name
 $address_verify_map

# OpenDKIM setup
smtpd_milters = inet:127.0.0.1:12345
non_smtpd_milters = inet:127.0.0.1:12345
milter_default_action = accept
milter_content_timeout = 30s

# List of authorized senders
smtpd_sender_login_maps =
 proxy:pgsql:/etc/postfix/sql-sender-login-map.cf

# Recipient restriction rules
smtpd_recipient_restrictions =
 permit_mynetworks
 permit_sasl_authenticated
 check_recipient_access
 proxy:pgsql:/etc/postfix/sql-maintain.cf
 proxy:pgsql:/etc/postfix/sql-relay-recipient-verification.cf
 reject_unverified_recipient
 reject_unauth_destination
 reject_non_fqdn_sender
 reject_non_fqdn_recipient
 reject_non_fqdn_helo_hostname

## Postcreen settings#
postscreen_access_list =
 permit_mynetworks
 cidr:/etc/postfix/postscreen_spf_whitelist.cidr
postscreen_blacklist_action = enforce

# Use some DNSBL
postscreen_dnsbl_sites =
 zen.spamhaus.org*3
 bl.spameatingmonkey.net*2
 dnsbl.habl.org
 bl.spamcop.net
 dnsbl.sorbs.net
postscreen_dnsbl_threshold = 3
postscreen_dnsbl_action = enforce

postscreen_greet_banner = Welcome, please wait...
postscreen_greet_action = enforce

postscreen_pipelining_enable = yes
postscreen_pipelining_action = enforce

postscreen_non_smtp_command_enable = yes
postscreen_non_smtp_command_action = enforce

postscreen_bare_newline_enable = yes
postscreen_bare_newline_action = enforce


Does anyone have a solution for this?






server email postfix







share|improve this question



























  • did you try to manually connect to that [104.47.5.33]:25 host:port with -for example- a simple telnet 104.47.5.33 25 and with dns name too

    – cmak.fr
    Jun 29 at 11:09












  • Yes, I did. I get connection timed out.

    – ddegraaf
    Jun 29 at 13:34











  • In that case you know that there is a network (routing, filtering,...) issue and probably not related to postfix.

    – cmak.fr
    Jun 30 at 8:28













0













0









0








I have a little problem with my postfix. The thing is that I can receive emails but when I send an email I get a Connection timed out error.



connect to outlook-com.olc.protection.outlook.com[104.47.5.33]:25: Connection timed out


This is happening with all the emails I send and not just with outlook. I already searched for solutions for this problem but couldn't find anything useful.



This is my main.cf:



# This file was automatically installed on 2019-06-27T15:11:55.824661
inet_interfaces = all
inet_protocols = ipv4
myhostname = webmail.apt-one.com
myorigin = $myhostname
mydestination = $myhostname
mynetworks = 127.0.0.0/8
smtpd_banner = $myhostname ESMTP
biff = no
unknown_local_recipient_reject_code = 550
unverified_recipient_reject_code = 550

# appending .domain is the MUA's job.
append_dot_mydomain = no

readme_directory = no

mailbox_size_limit = 0
message_size_limit = 11534336
recipient_delimiter = +

alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases

## Proxy maps
proxy_read_maps =
 proxy:unix:passwd.byname
 proxy:pgsql:/etc/postfix/sql-domains.cf
 proxy:pgsql:/etc/postfix/sql-domain- aliases.cf
 proxy:pgsql:/etc/postfix/sql-aliases.cf
 proxy:pgsql:/etc/postfix/sql-relaydomains.cf
 proxy:pgsql:/etc/postfix/sql-maintain.cf
 proxy:pgsql:/etc/postfix/sql-relay-recipient-verification.cf
 proxy:pgsql:/etc/postfix/sql-sender-login-map.cf
 proxy:pgsql:/etc/postfix/sql-spliteddomains-transport.cf
 proxy:pgsql:/etc/postfix/sql-transport.cf
## TLS settings
#
smtpd_use_tls = yes
smtpd_tls_auth_only = yes
smtpd_tls_CApath = /etc/ssl/certs
smtpd_tls_key_file = /etc/nginx/privkey.pem
smtpd_tls_cert_file = /etc/nginx/fullchain.pem
smtpd_tls_dh1024_param_file = 
$config_directory/dh2048.pem
smtpd_tls_loglevel = 1
smtpd_tls_session_cache_database = 
btree:$data_directory/smtpd_tls_session_cache
smtpd_tls_security_level = may
smtpd_tls_received_header = yes
smtpd_tls_note_starttls_offer = yes

# Disallow SSLv2 and SSLv3, only accept secure ciphers
smtpd_tls_protocols = TLSv1.3, TLSv1.2, !TLSv1.1, !TLSv1, !SSLv2, !SSLv3
smtp_tls_protocols = TLSv1.3, TLSv1.2, !TLSv1.1, !TLSv1, !SSLv2, !SSLv3
smtp_tls_ciphers = high
smtpd_tls_ciphers = high
smtpd_tls_mandatory_protocols = TLSv1.3, TLSv1.2, !TLSv1.1, !TLSv1, !SSLv2, !SSLv3
smtp_tls_mandatory_protocols = TLSv1.3, TLSv1.2, !TLSv1.1, !TLSv1, !SSLv2, !SSLv3
smtp_tls_mandatory_ciphers = high
smtpd_tls_mandatory_ciphers = high

smtpd_tls_mandatory_exclude_ciphers = MD5, DES, ADH, RC4, PSD, SRP, 3DES, RSA, eNULL, aNULL
smtpd_tls_exclude_ciphers = MD5, DES, ADH, RC4, PSD, SRP, 3DES, RSA, eNULL, aNULL
smtp_tls_mandatory_exclude_ciphers = MD5, DES, ADH, RC4, PSD, SRP, 3DES, RSA, eNULL, aNULL
smtp_tls_exclude_ciphers = MD5, DES, ADH, RC4, PSD, SRP, 3DES, RSA, eNULL, aNULL
tls_preempt_cipherlist = yes

# Enable elliptic curve cryptography
smtpd_tls_eecdh_grade = ultra

# Use TLS if this is supported by the remote SMTP server, otherwise use plaintext.
smtp_tls_CApath = /etc/ssl/certs
smtp_tls_security_level = may
smtp_tls_loglevel = 1

smtpd_tls_session_cache_database = btree:$data_directory/smtpd_scache
smtp_tls_session_cache_database = btree:$data_directory/smtp_scach
smtp_tls_key_file = /etc/nginx/privkey.pem
smtp_tls_cert_file = /etc/nginx/fullchain.pem

## Virtual transport settings#
virtual_transport = lmtp:unix:private/dovecot-lmtp

virtual_mailbox_domains = proxy:pgsql:/etc/postfix/sql-domains.cf
virtual_alias_domains = proxy:pgsql:/etc/postfix/sql-domain-aliases.cf
virtual_alias_maps =
 proxy:pgsql:/etc/postfix/sql-aliases.cf

## Relay domains#
relay_domains =
 proxy:pgsql:/etc/postfix/sql- 
relaydomains.cf
transport_maps =
 proxy:pgsql:/etc/postfix/sql-transport.cf
 proxy:pgsql:/etc/postfix/sql-spliteddomains-transport.cf

## SASL authentication through Dovecot#
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_sasl_security_options = noanonymous

## SMTP session policies#

# We require HELO to check it later
smtpd_helo_required = yes

# We do not let others find out which 
recipients are valid
disable_vrfy_command = yes

# MTA to MTA communication on Port 25. We expect (!) the other party to
# specify messages as required by RFC 821.
strict_rfc821_envelopes = yes

# Verify cache setup
address_verify_map = 
proxy:btree:$data_directory/verify_cache

proxy_write_maps =
 $smtp_sasl_auth_cache_name
 $lmtp_sasl_auth_cache_name
 $address_verify_map

# OpenDKIM setup
smtpd_milters = inet:127.0.0.1:12345
non_smtpd_milters = inet:127.0.0.1:12345
milter_default_action = accept
milter_content_timeout = 30s

# List of authorized senders
smtpd_sender_login_maps =
 proxy:pgsql:/etc/postfix/sql-sender-login-map.cf

# Recipient restriction rules
smtpd_recipient_restrictions =
 permit_mynetworks
 permit_sasl_authenticated
 check_recipient_access
 proxy:pgsql:/etc/postfix/sql-maintain.cf
 proxy:pgsql:/etc/postfix/sql-relay-recipient-verification.cf
 reject_unverified_recipient
 reject_unauth_destination
 reject_non_fqdn_sender
 reject_non_fqdn_recipient
 reject_non_fqdn_helo_hostname

## Postcreen settings#
postscreen_access_list =
 permit_mynetworks
 cidr:/etc/postfix/postscreen_spf_whitelist.cidr
postscreen_blacklist_action = enforce

# Use some DNSBL
postscreen_dnsbl_sites =
 zen.spamhaus.org*3
 bl.spameatingmonkey.net*2
 dnsbl.habl.org
 bl.spamcop.net
 dnsbl.sorbs.net
postscreen_dnsbl_threshold = 3
postscreen_dnsbl_action = enforce

postscreen_greet_banner = Welcome, please wait...
postscreen_greet_action = enforce

postscreen_pipelining_enable = yes
postscreen_pipelining_action = enforce

postscreen_non_smtp_command_enable = yes
postscreen_non_smtp_command_action = enforce

postscreen_bare_newline_enable = yes
postscreen_bare_newline_action = enforce


Does anyone have a solution for this?






server email postfix







share|improve this question
















I have a little problem with my postfix. The thing is that I can receive emails but when I send an email I get a Connection timed out error.



connect to outlook-com.olc.protection.outlook.com[104.47.5.33]:25: Connection timed out


This is happening with all the emails I send and not just with outlook. I already searched for solutions for this problem but couldn't find anything useful.



This is my main.cf:



# This file was automatically installed on 2019-06-27T15:11:55.824661
inet_interfaces = all
inet_protocols = ipv4
myhostname = webmail.apt-one.com
myorigin = $myhostname
mydestination = $myhostname
mynetworks = 127.0.0.0/8
smtpd_banner = $myhostname ESMTP
biff = no
unknown_local_recipient_reject_code = 550
unverified_recipient_reject_code = 550

# appending .domain is the MUA's job.
append_dot_mydomain = no

readme_directory = no

mailbox_size_limit = 0
message_size_limit = 11534336
recipient_delimiter = +

alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases

## Proxy maps
proxy_read_maps =
 proxy:unix:passwd.byname
 proxy:pgsql:/etc/postfix/sql-domains.cf
 proxy:pgsql:/etc/postfix/sql-domain- aliases.cf
 proxy:pgsql:/etc/postfix/sql-aliases.cf
 proxy:pgsql:/etc/postfix/sql-relaydomains.cf
 proxy:pgsql:/etc/postfix/sql-maintain.cf
 proxy:pgsql:/etc/postfix/sql-relay-recipient-verification.cf
 proxy:pgsql:/etc/postfix/sql-sender-login-map.cf
 proxy:pgsql:/etc/postfix/sql-spliteddomains-transport.cf
 proxy:pgsql:/etc/postfix/sql-transport.cf
## TLS settings
#
smtpd_use_tls = yes
smtpd_tls_auth_only = yes
smtpd_tls_CApath = /etc/ssl/certs
smtpd_tls_key_file = /etc/nginx/privkey.pem
smtpd_tls_cert_file = /etc/nginx/fullchain.pem
smtpd_tls_dh1024_param_file = 
$config_directory/dh2048.pem
smtpd_tls_loglevel = 1
smtpd_tls_session_cache_database = 
btree:$data_directory/smtpd_tls_session_cache
smtpd_tls_security_level = may
smtpd_tls_received_header = yes
smtpd_tls_note_starttls_offer = yes

# Disallow SSLv2 and SSLv3, only accept secure ciphers
smtpd_tls_protocols = TLSv1.3, TLSv1.2, !TLSv1.1, !TLSv1, !SSLv2, !SSLv3
smtp_tls_protocols = TLSv1.3, TLSv1.2, !TLSv1.1, !TLSv1, !SSLv2, !SSLv3
smtp_tls_ciphers = high
smtpd_tls_ciphers = high
smtpd_tls_mandatory_protocols = TLSv1.3, TLSv1.2, !TLSv1.1, !TLSv1, !SSLv2, !SSLv3
smtp_tls_mandatory_protocols = TLSv1.3, TLSv1.2, !TLSv1.1, !TLSv1, !SSLv2, !SSLv3
smtp_tls_mandatory_ciphers = high
smtpd_tls_mandatory_ciphers = high

smtpd_tls_mandatory_exclude_ciphers = MD5, DES, ADH, RC4, PSD, SRP, 3DES, RSA, eNULL, aNULL
smtpd_tls_exclude_ciphers = MD5, DES, ADH, RC4, PSD, SRP, 3DES, RSA, eNULL, aNULL
smtp_tls_mandatory_exclude_ciphers = MD5, DES, ADH, RC4, PSD, SRP, 3DES, RSA, eNULL, aNULL
smtp_tls_exclude_ciphers = MD5, DES, ADH, RC4, PSD, SRP, 3DES, RSA, eNULL, aNULL
tls_preempt_cipherlist = yes

# Enable elliptic curve cryptography
smtpd_tls_eecdh_grade = ultra

# Use TLS if this is supported by the remote SMTP server, otherwise use plaintext.
smtp_tls_CApath = /etc/ssl/certs
smtp_tls_security_level = may
smtp_tls_loglevel = 1

smtpd_tls_session_cache_database = btree:$data_directory/smtpd_scache
smtp_tls_session_cache_database = btree:$data_directory/smtp_scach
smtp_tls_key_file = /etc/nginx/privkey.pem
smtp_tls_cert_file = /etc/nginx/fullchain.pem

## Virtual transport settings#
virtual_transport = lmtp:unix:private/dovecot-lmtp

virtual_mailbox_domains = proxy:pgsql:/etc/postfix/sql-domains.cf
virtual_alias_domains = proxy:pgsql:/etc/postfix/sql-domain-aliases.cf
virtual_alias_maps =
 proxy:pgsql:/etc/postfix/sql-aliases.cf

## Relay domains#
relay_domains =
 proxy:pgsql:/etc/postfix/sql- 
relaydomains.cf
transport_maps =
 proxy:pgsql:/etc/postfix/sql-transport.cf
 proxy:pgsql:/etc/postfix/sql-spliteddomains-transport.cf

## SASL authentication through Dovecot#
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_sasl_security_options = noanonymous

## SMTP session policies#

# We require HELO to check it later
smtpd_helo_required = yes

# We do not let others find out which 
recipients are valid
disable_vrfy_command = yes

# MTA to MTA communication on Port 25. We expect (!) the other party to
# specify messages as required by RFC 821.
strict_rfc821_envelopes = yes

# Verify cache setup
address_verify_map = 
proxy:btree:$data_directory/verify_cache

proxy_write_maps =
 $smtp_sasl_auth_cache_name
 $lmtp_sasl_auth_cache_name
 $address_verify_map

# OpenDKIM setup
smtpd_milters = inet:127.0.0.1:12345
non_smtpd_milters = inet:127.0.0.1:12345
milter_default_action = accept
milter_content_timeout = 30s

# List of authorized senders
smtpd_sender_login_maps =
 proxy:pgsql:/etc/postfix/sql-sender-login-map.cf

# Recipient restriction rules
smtpd_recipient_restrictions =
 permit_mynetworks
 permit_sasl_authenticated
 check_recipient_access
 proxy:pgsql:/etc/postfix/sql-maintain.cf
 proxy:pgsql:/etc/postfix/sql-relay-recipient-verification.cf
 reject_unverified_recipient
 reject_unauth_destination
 reject_non_fqdn_sender
 reject_non_fqdn_recipient
 reject_non_fqdn_helo_hostname

## Postcreen settings#
postscreen_access_list =
 permit_mynetworks
 cidr:/etc/postfix/postscreen_spf_whitelist.cidr
postscreen_blacklist_action = enforce

# Use some DNSBL
postscreen_dnsbl_sites =
 zen.spamhaus.org*3
 bl.spameatingmonkey.net*2
 dnsbl.habl.org
 bl.spamcop.net
 dnsbl.sorbs.net
postscreen_dnsbl_threshold = 3
postscreen_dnsbl_action = enforce

postscreen_greet_banner = Welcome, please wait...
postscreen_greet_action = enforce

postscreen_pipelining_enable = yes
postscreen_pipelining_action = enforce

postscreen_non_smtp_command_enable = yes
postscreen_non_smtp_command_action = enforce

postscreen_bare_newline_enable = yes
postscreen_bare_newline_action = enforce


Does anyone have a solution for this?






server email postfix




server email postfix






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Jun 29 at 12:29









Kulfy

9,21211 gold badges35 silver badges60 bronze badges




9,21211 gold badges35 silver badges60 bronze badges










asked Jun 29 at 8:26









ddegraafddegraaf

1




1















  • did you try to manually connect to that [104.47.5.33]:25 host:port with -for example- a simple telnet 104.47.5.33 25 and with dns name too

    – cmak.fr
    Jun 29 at 11:09












  • Yes, I did. I get connection timed out.

    – ddegraaf
    Jun 29 at 13:34











  • In that case you know that there is a network (routing, filtering,...) issue and probably not related to postfix.

    – cmak.fr
    Jun 30 at 8:28

















  • did you try to manually connect to that [104.47.5.33]:25 host:port with -for example- a simple telnet 104.47.5.33 25 and with dns name too

    – cmak.fr
    Jun 29 at 11:09












  • Yes, I did. I get connection timed out.

    – ddegraaf
    Jun 29 at 13:34











  • In that case you know that there is a network (routing, filtering,...) issue and probably not related to postfix.

    – cmak.fr
    Jun 30 at 8:28
















did you try to manually connect to that [104.47.5.33]:25 host:port with -for example- a simple telnet 104.47.5.33 25 and with dns name too

– cmak.fr
Jun 29 at 11:09






did you try to manually connect to that [104.47.5.33]:25 host:port with -for example- a simple telnet 104.47.5.33 25 and with dns name too

– cmak.fr
Jun 29 at 11:09














Yes, I did. I get connection timed out.

– ddegraaf
Jun 29 at 13:34





Yes, I did. I get connection timed out.

– ddegraaf
Jun 29 at 13:34













In that case you know that there is a network (routing, filtering,...) issue and probably not related to postfix.

– cmak.fr
Jun 30 at 8:28





In that case you know that there is a network (routing, filtering,...) issue and probably not related to postfix.

– cmak.fr
Jun 30 at 8:28










1 Answer
1






active

oldest

votes


















2



















Lots of ISPs block outbound connections on port 25. ATT consumer/residential plans, as of the time of writing, all seem to block it. You may be able to change this in your ISP-provided router's configuration, or ask your ISP to allow it for your client at the gateway...






share|improve this answer


























    Your Answer








    StackExchange.ready(function()
    var channelOptions =
    tags: "".split(" "),
    id: "89"
    ;
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function()
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled)
    StackExchange.using("snippets", function()
    createEditor();
    );

    else
    createEditor();

    );

    function createEditor()
    StackExchange.prepareEditor(
    heartbeatType: 'answer',
    autoActivateHeartbeat: false,
    convertImagesToLinks: true,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: 10,
    bindNavPrevention: true,
    postfix: "",
    imageUploader:
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/4.0/"u003ecc by-sa 4.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    ,
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    );



    );














    draft saved

    draft discarded
















    StackExchange.ready(
    function ()
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1154809%2fpostfix-outgoing-smtp-connection-timed-out%23new-answer', 'question_page');

    );

    Post as a guest















    Required, but never shown


























    1 Answer
    1






    active

    oldest

    votes








    1 Answer
    1






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    2



















    Lots of ISPs block outbound connections on port 25. ATT consumer/residential plans, as of the time of writing, all seem to block it. You may be able to change this in your ISP-provided router's configuration, or ask your ISP to allow it for your client at the gateway...






    share|improve this answer





























      2



















      Lots of ISPs block outbound connections on port 25. ATT consumer/residential plans, as of the time of writing, all seem to block it. You may be able to change this in your ISP-provided router's configuration, or ask your ISP to allow it for your client at the gateway...






      share|improve this answer



























        2















        2











        2









        Lots of ISPs block outbound connections on port 25. ATT consumer/residential plans, as of the time of writing, all seem to block it. You may be able to change this in your ISP-provided router's configuration, or ask your ISP to allow it for your client at the gateway...






        share|improve this answer














        Lots of ISPs block outbound connections on port 25. ATT consumer/residential plans, as of the time of writing, all seem to block it. You may be able to change this in your ISP-provided router's configuration, or ask your ISP to allow it for your client at the gateway...







        share|improve this answer













        share|improve this answer




        share|improve this answer










        answered Sep 27 at 6:01









        Morgan DavisMorgan Davis

        212 bronze badges




        212 bronze badges































            draft saved

            draft discarded















































            Thanks for contributing an answer to Ask Ubuntu!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid


            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.

            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function ()
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1154809%2fpostfix-outgoing-smtp-connection-timed-out%23new-answer', 'question_page');

            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown









            -

            Popular posts from this blog

            Tamil (spriik) Luke uk diar | Nawigatjuun

            Image
            Fering ArtiikelDrawiidisk Spriiken SölringÖömrangFeringHalunderHalifreeskMooringWiringhiirderKarhiirderGooshiirderDrawiidisk SpriikTamil NaduIndienSri Lanka (function()var node=document.getElementById("mw-dismissablenotice-anonplace");if(node)node.outerHTML="u003Cdiv class="mw-dismissable-notice"u003Eu003Cdiv class="mw-dismissable-notice-close"u003E[u003Ca tabindex="0" role="button"u003EFersteegu003C/au003E]u003C/divu003Eu003Cdiv class="mw-dismissable-notice-body"u003Eu003Cdiv id="localNotice" lang="frr" dir="ltr"u003Eu003Cdiv id="sitenotice"u003Enu003Ccenteru003Enu003Ctable class="rahmenfarbe4" style="border-style: solid; border-width: thin; width: 70%;"u003Ennu003Ctbodyu003Eu003Ctru003Enu003Ctd style="text-align:center;"u003Eu003Ca href="/wiki/Datei:Nordfriesischeflagge.svg" class="image"u003Eu003Cimg alt="Nordfriesische
            Read more

            Align equal signs while including text over equalitiesAMS align: left aligned text/math plus multicolumn alignmentMultiple alignmentsAligning equations in multiple placesNumbering and aligning an equation with multiple columnsHow to align one equation with another multline equationUsing \ in environments inside the begintabularxNumber equations and preserving alignment of equal signsHow can I align equations to the left and to the right?Double equation alignment problem within align enviromentAligned within align: Why are they right-aligned?

            Image
            Why didn't the Universal Translator speak whale? What is /dev/null and why can't I use hx on it? The work of mathematicians outside their professional environment Does the DOJ's declining to investigate the Trump-Zelensky call ruin the basis for impeachment? Are there any tricks to pushing a grand piano? Maintaining distance Does it require less energy to reach the Sun from Pluto's orbit than from Earth's orbit? Object Oriented Design: Where to place behavior that pertains to more than one type of object? Choice of solvent during thin layer chromatography How to catch creatures that can predict the next few minutes? Use floats or doubles when writing mobile games How come the Russian cognate for the Czech word "čerstvý" (fresh) means entirely the opposite thing (stale)? What are the limits on an impeached and not convicted president? How to calculate Limit of this sequence Bash-script as linux-service won't run, but executed
            Read more

            Where does the image of a data connector as a sharp metal spike originate from?Where does the concept of infected people turning into zombies only after death originate from?Where does the motif of a reanimated human head originate?Where did the notion that Dragons could speak originate?Where does the archetypal image of the 'Grey' alien come from?Where did the suffix '-Man' originate?Where does the notion of being injured or killed by an illusion originate?Where did the term “sophont” originate?Where does the trope of magic spells being driven by advanced technology originate from?Where did the term “the living impaired” originate?

            Image
            Automatically extend a Python list to N elements if it's too short? Fired for a policy I didnt know about, as well as another false reason Why isn't tilde recognised as home folder in this case? When does an Artillerist's Cannon have disadvantage? How large should a hole be for a bolt to go through? When is TeX better than LaTeX? How to determine if drill is suitable for concrete? Huygens Lander: Why The Short Battery Life? Why do people use bigger cassettes for lower gearing when they could instead use smaller chainrings? Is there a difference between downloading / installing a list of packages and downloading each packge by its own? Question about exercise 21.10 in The TeXbook How to publish a page using tridion core service client in sdl web 8.5 Can one get into trouble if one doesn't show up at the gate 30 minutes before departure (or whatever time window the boarding pass is indicating)? Does an action-reaction pair always contain the same
            Read more