Postfix Dovecot first installation on Ubuntu and...

Your system is not accepting connections to either the SMTP, submission, or IMAP ports. You need to check through the Linode guide again and check that you've done everything.

Dear Vance, thanks for your comment.

I guess maybe I did something wrong following the "Secure your server" part.

I have reset the IPtables and inserted the ports that should be available for mail traffic (the example file in the documentation is only for web).

So actually the server should now accept connections for web and mail services.

Here is the the iptables -vL:

Chain INPUT (policy DROP 0 packets, 0 bytes)

pkts bytes target prot opt in out source destination

20 1065 ACCEPT all – lo any anywhere anywhere

0 0 REJECT all -- !lo any 127.0.0.0/8 anywhere reject-with icmp-port-unreachable

0 0 ACCEPT icmp -- any any anywhere anywhere state NEW icmp echo-request

1 44 ACCEPT tcp -- any any anywhere anywhere tcp dpt:ssh state NEW

0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:http state NEW

0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:https state NEW

0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:pop3s state NEW

0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:imaps state NEW

0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:smtp state NEW

0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:submission state NEW

0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:urd state NEW

249 18074 ACCEPT all -- any any anywhere anywhere state RELATED,ESTABLISHED

1 52 LOG all -- any any anywhere anywhere limit: avg 5/min burst 5 LOG level debug prefix "iptablesINPUTdenied: "

1 52 REJECT all -- any any anywhere anywhere reject-with icmp-port-unreachable

Chain FORWARD (policy DROP 0 packets, 0 bytes)

pkts bytes target prot opt in out source destination

0 0 LOG all -- any any anywhere anywhere limit: avg 5/min burst 5 LOG level debug prefix "iptablesFORWARDdenie d: "

0 0 REJECT all -- any any anywhere anywhere reject-with icmp-port-unreachable

Chain OUTPUT (policy ACCEPT 215 packets, 31711 bytes)

pkts bytes target prot opt in out source destination

Looks like you are getting closer. Your system is accepting connections on the SMTP and submission ports (25 and 587) and Postfix is listening on both. Your firewall is still blocking connections to the IMAP port (143). This may be intentional, but you would then have to make sure your e-mail client is configured to use SSL/TLS (not STARTTLS) over IMAPS port 993. While port 993 is open in your firewall, Dovecot doesn't seem to be listening to it. You can run netstat -lvpnut to see what daemons on your system are listening on the network.

Thank you again for your support.

I uninstalled and reinstalled postfix and dovecot and checked several times the guide steps.

When it comes to the always thrilling "Test Email" part, I try to set up an account pointing to IMAP 993 and SMTP 25 and there is no connection.

And yet the iptables I've set up thanks to the ubuntu support forum look appropriate to me.

I have choosen the input accept policy, set up specific rules for ssh web and email, and then put the DROP rule for everything else:

sudo iptables -L

Chain INPUT (policy ACCEPT)

target prot opt source destination

fail2ban-ssh tcp – anywhere anywhere multiport dports ssh

fail2ban-ssh tcp -- anywhere anywhere multiport dports ssh

ACCEPT all -- anywhere anywhere

ACCEPT tcp -- anywhere anywhere tcp dpt:ssh

ACCEPT tcp -- anywhere anywhere tcp dpt:http

ACCEPT tcp -- anywhere anywhere tcp dpt:smtp

ACCEPT tcp -- anywhere anywhere tcp dpt:urd

ACCEPT tcp -- anywhere anywhere tcp dpt:submission

ACCEPT tcp -- anywhere anywhere tcp dpt:pop3

ACCEPT tcp -- anywhere anywhere tcp dpt:pop3s

ACCEPT tcp -- anywhere anywhere tcp dpt:imap2

ACCEPT tcp -- anywhere anywhere tcp dpt:imaps

DROP all -- anywhere anywhere

Chain FORWARD (policy DROP)

target prot opt source destination

Chain OUTPUT (policy ACCEPT)

target prot opt source destination

Chain ICMP (0 references)

target prot opt source destination

Chain TCP (0 references)

target prot opt source destination

Chain UDP (0 references)

target prot opt source destination

Chain fail2ban-ssh (2 references)

target prot opt source destination

RETURN all -- anywhere anywhere

RETURN all -- anywhere anywhere

I still feel like being in the middle of the Ocean…..

Marco

There's nothing really wrong with your firewall rules, so long as your client uses IMAPS over port 993 to receive mail. I was able to connect to Dovecot on this port. I'm afraid I don't know much about setting up or configuring Dovecot, though.

There is a good chance that your home ISP blocks connections to port 25 - many do this. Use port 587 instead in your client for sending mail. I was able to connect to Postfix on port 587.

If you still aren't able to send or receive mail, check the logs on your server; they should give you useful details.

Hi

resetting the whole system and doing all the steps from the guide again helped. The system seems to be working.

For beginners, i suggest to pay special attention to the postfix configuration part where the (virtual) user tables are defined.

thanks

Marco