Buonasera a tutti

Ho acquistato circa 6 mesi fa una VPS da Aruba, da usare come web server e come mail server.
Ho installato ISP Config, e gestisco senza problemi i veri servizi come web hosting, ftp, database server, ecc.
L'unica pecca è il mail server, che spesso non è raggiungibile dal client Posta di Windows 10 o da Thunderbird, che mi restituisce un messaggio di errore relativo al timeout da parte del server.

Ho provato a verificare la presenza di errori tramite mxtoolbox.com, ma sembra tutto ok... mi potreste aiutare?

I domini che puntano alla VPS sono mrtsolutions.it e tech.croceverdeponte.it (quest'ultimo solo mail server).
Devo precisare però che 1/3 delle volte funziona tutto a dovere senza attese per invio/ricezione di email.
Per esempio adesso su Posta (WIN10) ho due mail in uscita da ***@tech.croceverdeponte.it e dopo circa 40 minuti sono ancora in uscita. Ogni tanto mi riporta "non è stato possibile accedere a questo account", mi fa impostare la password e tutto ok, invio e ricevo mail. Dopo un po' di nuovo errore.

Grazie a tutti...

Cosa dicono i log lato server?
ti sei messo in ascolto sulla porta smtp del server per vedere cosa passa?
Non è che banalmente ti hanno bucato il server e quindi stanno spammando al mondo e il tuo server è in sofferenza?

Cosa dicono i log lato server?
ti sei messo in ascolto sulla porta smtp del server per vedere cosa passa?
Non è che banalmente ti hanno bucato il server e quindi stanno spammando al mondo e il tuo server è in sofferenza?

le ultime righe di /var/log/mail.log:
Oct 7 06:28:57 srv postfix/smtpd[20432]: disconnect from unknown[103.89.88.64] ehlo=1 auth=0/3 rset=3 commands=4/7
Oct 7 06:29:32 srv postfix/smtpd[20432]: connect from unknown[185.36.81.231]
Oct 7 06:29:34 srv postfix/smtpd[20432]: warning: unknown[185.36.81.231]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Oct 7 06:29:34 srv postfix/smtpd[20432]: lost connection after AUTH from unknown[185.36.81.231]
Oct 7 06:29:34 srv postfix/smtpd[20432]: disconnect from unknown[185.36.81.231] ehlo=1 auth=0/1 commands=1/2
Oct 7 06:29:59 srv postfix/smtpd[20432]: warning: hostname sndngbay.site does not resolve to address 45.125.66.126: Name or service not known
Oct 7 06:29:59 srv postfix/smtpd[20432]: connect from unknown[45.125.66.126]
Oct 7 06:30:01 srv postfix/smtpd[20432]: warning: unknown[45.125.66.126]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Oct 7 06:30:01 srv postfix/smtpd[20432]: disconnect from unknown[45.125.66.126] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4
Oct 7 06:30:02 srv postfix/smtpd[20432]: connect from localhost.localdomain[127.0.0.1]
Oct 7 06:30:02 srv postfix/smtpd[20432]: lost connection after CONNECT from localhost.localdomain[127.0.0.1]
Oct 7 06:30:02 srv postfix/smtpd[20432]: disconnect from localhost.localdomain[127.0.0.1] commands=0/0
Oct 7 06:30:02 srv dovecot: imap-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=::1, lip=::1, secured, session=<qttdgUqUHusAAAAAAAAAAAAAAAAAAAAB>
Oct 7 06:30:02 srv dovecot: pop3-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=::1, lip=::1, secured, session=<H9tdgUqUssgAAAAAAAAAAAAAAAAAAAAB>
Oct 7 06:30:02 srv postfix/smtpd[20432]: warning: hostname chat.chatsends.eu does not resolve to address 45.125.66.188: Name or service not known
Oct 7 06:30:02 srv postfix/smtpd[20432]: connect from unknown[45.125.66.188]
Oct 7 06:30:05 srv postfix/smtpd[20432]: warning: unknown[45.125.66.188]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Oct 7 06:30:05 srv postfix/smtpd[20432]: disconnect from unknown[45.125.66.188] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4
Oct 7 06:30:48 srv postfix/smtpd[20432]: connect from unknown[141.98.10.61]
Oct 7 06:30:51 srv postfix/smtpd[20432]: warning: unknown[141.98.10.61]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Oct 7 06:30:51 srv postfix/smtpd[20432]: lost connection after AUTH from unknown[141.98.10.61]
Oct 7 06:30:51 srv postfix/smtpd[20432]: disconnect from unknown[141.98.10.61] ehlo=1 auth=0/1 commands=1/2
Oct 7 06:31:02 srv postfix/smtpd[20432]: warning: hostname s80.tlmken.com does not resolve to address 45.125.65.80
Oct 7 06:31:02 srv postfix/smtpd[20432]: connect from unknown[45.125.65.80]
Oct 7 06:31:04 srv postfix/smtpd[20432]: warning: unknown[45.125.65.80]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Oct 7 06:31:04 srv postfix/smtpd[20432]: lost connection after AUTH from unknown[45.125.65.80]
Oct 7 06:31:04 srv postfix/smtpd[20432]: disconnect from unknown[45.125.65.80] ehlo=1 auth=0/1 commands=1/2
Oct 7 06:31:10 srv postfix/anvil[14803]: statistics: max connection rate 1/60s for (smtp:141.98.10.62) at Oct 7 06:21:27
Oct 7 06:31:10 srv postfix/anvil[14803]: statistics: max connection count 1 for (smtp:141.98.10.62) at Oct 7 06:21:27
Oct 7 06:31:10 srv postfix/anvil[14803]: statistics: max cache size 5 at Oct 7 06:24:48
Oct 7 06:33:05 srv postfix/smtpd[21082]: connect from unknown[185.36.81.246]
Oct 7 06:33:07 srv postfix/smtpd[21082]: warning: unknown[185.36.81.246]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Oct 7 06:33:07 srv postfix/smtpd[21082]: lost connection after AUTH from unknown[185.36.81.246]
Oct 7 06:33:07 srv postfix/smtpd[21082]: disconnect from unknown[185.36.81.246] ehlo=1 auth=0/1 commands=1/2
Oct 7 06:33:08 srv postfix/smtpd[21082]: connect from unknown[185.36.81.243]
Oct 7 06:33:10 srv postfix/smtpd[21082]: warning: unknown[185.36.81.243]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Oct 7 06:33:10 srv postfix/smtpd[21082]: lost connection after AUTH from unknown[185.36.81.243]
Oct 7 06:33:10 srv postfix/smtpd[21082]: disconnect from unknown[185.36.81.243] ehlo=1 auth=0/1 commands=1/2
Oct 7 06:33:32 srv postfix/smtpd[21082]: connect from unknown[185.36.81.238]
Oct 7 06:33:35 srv postfix/smtpd[21082]: warning: unknown[185.36.81.238]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Oct 7 06:33:35 srv postfix/smtpd[21082]: lost connection after AUTH from unknown[185.36.81.238]
Oct 7 06:33:35 srv postfix/smtpd[21082]: disconnect from unknown[185.36.81.238] ehlo=1 auth=0/1 commands=1/2
Oct 7 06:34:00 srv dovecot: imap-login: Login: user=<lorenzo.martini@tech.croceverdeponte.it>, method=PLAIN, rip=79.37.63.168, lip=80.211.111.241, mpid=21091, TLS, session=<gCCHj0qUiKNPJT+o>

le altre due opzioni che mi suggerisci non ho idea di come verificarle...

A me sembra di vedere un numero costante di tentativi di auth esterni senza successo

Con "top" vedi quale è il carico della macchina.

Ad ogni modo hai qualche problema di configurazione secondo me. Oltre al fatto che oggigiorno non ha più molto senso portarsi in casa un mail server.

Cosa dicono i log lato server?
ti sei messo in ascolto sulla porta smtp del server per vedere cosa passa?
Non è che banalmente ti hanno bucato il server e quindi stanno spammando al mondo e il tuo server è in sofferenza?

Ho cancellato il contenuto del file /var/log/mail.info e ho tolto tutti i miei client che si connettevano a quella casella: dopo nemmeno 5 minuti questo è il contenuto dello stesso file:


Oct 9 11:18:46 srv postfix/anvil[17625]: statistics: max connection rate 1/60s for (smtp:141.98.10.55) at Oct 9 11:11:57
Oct 9 11:18:46 srv postfix/anvil[17625]: statistics: max connection count 1 for (smtp:141.98.10.55) at Oct 9 11:11:57
Oct 9 11:18:46 srv postfix/anvil[17625]: statistics: max cache size 3 at Oct 9 11:12:56
Oct 9 11:19:13 srv postfix/smtpd[18361]: warning: hostname olop1.polo.manaus.br does not resolve to address 45.125.65.82: Name or service not known
Oct 9 11:19:13 srv postfix/smtpd[18361]: connect from unknown[45.125.65.82]
Oct 9 11:19:13 srv postfix/smtpd[18361]: lost connection after AUTH from unknown[45.125.65.82]
Oct 9 11:19:13 srv postfix/smtpd[18361]: disconnect from unknown[45.125.65.82] ehlo=1 auth=0/1 commands=1/2
Oct 9 11:19:28 srv postfix/smtpd[18361]: connect from mail179-15.suw41.mandrillapp.com[198.2.179.15]
Oct 9 11:19:29 srv postfix/smtpd[18361]: NOQUEUE: filter: RCPT from mail179-15.suw41.mandrillapp.com[198.2.179.15]: <bounce-md_30850198.5d9d9368.v1-ddee655727ae4dc1863bb3f8b40fa553@mandrillapp.com>: Sender address triggers FILTER amavis:[127.0.0.1]:10026; from=<bounce-md_30850198.5d9d9368.v1-ddee655727ae4dc1863bb3f8b40fa553@mandrillapp.com> to=<postmaster@srv.mrtsolutions.it> proto=ESMTP helo=<mail179-15.suw41.mandrillapp.com>
Oct 9 11:19:29 srv postfix/smtpd[18361]: NOQUEUE: filter: RCPT from mail179-15.suw41.mandrillapp.com[198.2.179.15]: <bounce-md_30850198.5d9d9368.v1-ddee655727ae4dc1863bb3f8b40fa553@mandrillapp.com>: Sender address triggers FILTER amavis:[127.0.0.1]:10024; from=<bounce-md_30850198.5d9d9368.v1-ddee655727ae4dc1863bb3f8b40fa553@mandrillapp.com> to=<postmaster@srv.mrtsolutions.it> proto=ESMTP helo=<mail179-15.suw41.mandrillapp.com>
Oct 9 11:19:29 srv postfix/smtpd[18361]: NOQUEUE: reject: RCPT from mail179-15.suw41.mandrillapp.com[198.2.179.15]: 454 4.7.1 <postmaster@srv.mrtsolutions.it>: Relay access denied; from=<bounce-md_30850198.5d9d9368.v1-ddee655727ae4dc1863bb3f8b40fa553@mandrillapp.com> to=<postmaster@srv.mrtsolutions.it> proto=ESMTP helo=<mail179-15.suw41.mandrillapp.com>
Oct 9 11:19:30 srv postfix/smtpd[18361]: NOQUEUE: filter: RCPT from mail179-15.suw41.mandrillapp.com[198.2.179.15]: <bounce-md_30850198.5d9cd30c.v1-94a7fa37735041a88de29092fa103f5e@mandrillapp.com>: Sender address triggers FILTER amavis:[127.0.0.1]:10026; from=<bounce-md_30850198.5d9cd30c.v1-94a7fa37735041a88de29092fa103f5e@mandrillapp.com> to=<postmaster@srv.mrtsolutions.it> proto=ESMTP helo=<mail179-15.suw41.mandrillapp.com>
Oct 9 11:19:30 srv postfix/smtpd[18361]: NOQUEUE: filter: RCPT from mail179-15.suw41.mandrillapp.com[198.2.179.15]: <bounce-md_30850198.5d9cd30c.v1-94a7fa37735041a88de29092fa103f5e@mandrillapp.com>: Sender address triggers FILTER amavis:[127.0.0.1]:10024; from=<bounce-md_30850198.5d9cd30c.v1-94a7fa37735041a88de29092fa103f5e@mandrillapp.com> to=<postmaster@srv.mrtsolutions.it> proto=ESMTP helo=<mail179-15.suw41.mandrillapp.com>
Oct 9 11:19:30 srv postfix/smtpd[18361]: NOQUEUE: reject: RCPT from mail179-15.suw41.mandrillapp.com[198.2.179.15]: 454 4.7.1 <postmaster@srv.mrtsolutions.it>: Relay access denied; from=<bounce-md_30850198.5d9cd30c.v1-94a7fa37735041a88de29092fa103f5e@mandrillapp.com> to=<postmaster@srv.mrtsolutions.it> proto=ESMTP helo=<mail179-15.suw41.mandrillapp.com>
Oct 9 11:19:30 srv postfix/smtpd[18361]: disconnect from mail179-15.suw41.mandrillapp.com[198.2.179.15] ehlo=2 starttls=1 mail=2 rcpt=0/2 rset=1 quit=1 commands=7/9
Oct 9 11:19:45 srv postfix/smtpd[18361]: warning: hostname s.lz1.zl.sampa.br does not resolve to address 185.36.81.232: Name or service not known
Oct 9 11:19:45 srv postfix/smtpd[18361]: connect from unknown[185.36.81.232]
Oct 9 11:19:46 srv postfix/smtpd[18361]: lost connection after AUTH from unknown[185.36.81.232]
Oct 9 11:19:46 srv postfix/smtpd[18361]: disconnect from unknown[185.36.81.232] ehlo=1 auth=0/1 commands=1/2
Oct 9 11:20:02 srv postfix/smtpd[18361]: connect from localhost.localdomain[127.0.0.1]
Oct 9 11:20:02 srv postfix/smtpd[18361]: lost connection after CONNECT from localhost.localdomain[127.0.0.1]
Oct 9 11:20:02 srv postfix/smtpd[18361]: disconnect from localhost.localdomain[127.0.0.1] commands=0/0
Oct 9 11:20:02 srv dovecot: imap-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=::1, lip=::1, secured, session=<718mynaUzKgAAAAAAAAAAAAAAAAAAAAB>
Oct 9 11:20:02 srv dovecot: pop3-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=::1, lip=::1, secured, session=<O2EmynaUYIYAAAAAAAAAAAAAAAAAAAAB>
Oct 9 11:23:22 srv postfix/anvil[18363]: statistics: max connection rate 1/60s for (smtp:45.125.65.82) at Oct 9 11:19:13
Oct 9 11:23:22 srv postfix/anvil[18363]: statistics: max connection count 1 for (smtp:45.125.65.82) at Oct 9 11:19:13
Oct 9 11:23:22 srv postfix/anvil[18363]: statistics: max message rate 2/60s for (smtp:198.2.179.15) at Oct 9 11:19:29
Oct 9 11:23:22 srv postfix/anvil[18363]: statistics: max cache size 3 at Oct 9 11:19:45
Oct 9 11:23:58 srv postfix/smtpd[18514]: connect from unknown[141.98.10.61]
Oct 9 11:23:58 srv postfix/smtpd[18514]: lost connection after AUTH from unknown[141.98.10.61]
Oct 9 11:23:58 srv postfix/smtpd[18514]: disconnect from unknown[141.98.10.61] ehlo=1 auth=0/1 commands=1/2
Oct 9 11:24:02 srv postfix/pickup[17614]: 2842B827D0: uid=0 from=<root>
Oct 9 11:24:02 srv postfix/cleanup[18536]: 2842B827D0: message-id=<20191009092402.2842B827D0@srv.mrtsolutions.it>
Oct 9 11:24:02 srv postfix/qmgr[17615]: 2842B827D0: from=<root@srv.mrtsolutions.it>, size=635, nrcpt=1 (queue active)
Oct 9 11:24:02 srv postfix/smtpd[18545]: connect from localhost.localdomain[127.0.0.1]
Oct 9 11:24:02 srv postfix/smtpd[18545]: 7EE99827CF: client=localhost.localdomain[127.0.0.1]
Oct 9 11:24:02 srv postfix/cleanup[18536]: 7EE99827CF: message-id=<20191009092402.2842B827D0@srv.mrtsolutions.it>
Oct 9 11:24:02 srv postfix/qmgr[17615]: 7EE99827CF: from=<root@srv.mrtsolutions.it>, size=1366, nrcpt=1 (queue active)
Oct 9 11:24:02 srv postfix/smtpd[18545]: disconnect from localhost.localdomain[127.0.0.1] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5
Oct 9 11:24:02 srv amavis[1277]: (01277-08) Passed CLEAN {RelayedInternal}, LOCAL [127.0.0.1] <root@srv.mrtsolutions.it> -> <postmaster@srv.mrtsolutions.it>, Message-ID: <20191009092402.2842B827D0@srv.mrtsolutions.it>, mail_id: yuGdFpYK5EG5, Hits: 1.048, size: 635, queued_as: 7EE99827CF, 318 ms
Oct 9 11:24:02 srv postfix/smtp[18542]: 2842B827D0: to=<postmaster@srv.mrtsolutions.it>, relay=127.0.0.1[127.0.0.1]:10024, delay=0.42, delays=0.06/0.02/0.01/0.33, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 7EE99827CF)
Oct 9 11:24:02 srv postfix/qmgr[17615]: 2842B827D0: removed
Oct 9 11:24:02 srv dovecot: lda(postmaster@srv.mrtsolutions.it): sieve: msgid=<20191009092402.2842B827D0@srv.mrtsolutions.it>: stored mail into mailbox 'INBOX'
Oct 9 11:24:02 srv postfix/pipe[18546]: 7EE99827CF: to=<postmaster@srv.mrtsolutions.it>, relay=dovecot, delay=0.25, delays=0.01/0.02/0/0.22, dsn=2.0.0, status=sent (delivered via dovecot service)
Oct 9 11:24:02 srv postfix/qmgr[17615]: 7EE99827CF: removed
Oct 9 11:24:22 srv postfix/smtpd[18514]: warning: hostname cata4.atacado.sampa.br does not resolve to address 185.36.81.16: Name or service not known
Oct 9 11:24:22 srv postfix/smtpd[18514]: connect from unknown[185.36.81.16]
Oct 9 11:24:22 srv postfix/smtpd[18514]: lost connection after AUTH from unknown[185.36.81.16]
Oct 9 11:24:22 srv postfix/smtpd[18514]: disconnect from unknown[185.36.81.16] ehlo=1 auth=0/1 commands=1/2
Oct 9 11:25:01 srv postfix/smtpd[18514]: connect from localhost.localdomain[127.0.0.1]
Oct 9 11:25:01 srv postfix/smtpd[18514]: lost connection after CONNECT from localhost.localdomain[127.0.0.1]
Oct 9 11:25:01 srv postfix/smtpd[18514]: disconnect from localhost.localdomain[127.0.0.1] commands=0/0
Oct 9 11:25:01 srv dovecot: imap-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=::1, lip=::1, secured, session=<wJEE3HaU7KgAAAAAAAAAAAAAAAAAAAAB>
Oct 9 11:25:01 srv dovecot: pop3-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=::1, lip=::1, secured, session=<hbQE3HaUgIYAAAAAAAAAAAAAAAAAAAAB>
Oct 9 11:25:36 srv postfix/smtpd[18514]: connect from unknown[45.125.65.34]
Oct 9 11:25:36 srv postfix/smtpd[18514]: lost connection after AUTH from unknown[45.125.65.34]
Oct 9 11:25:36 srv postfix/smtpd[18514]: disconnect from unknown[45.125.65.34] ehlo=1 auth=0/1 commands=1/2

Hai gente che prova a collegarsi al tuo server.
Controlla nella mail di postmaster/root: penso troverai tutte le notifiche di fallito login.

Hai gente che prova a collegarsi al tuo server.
Controlla nella mail di postmaster/root: penso troverai tutte le notifiche di fallito login.

Sia in postmaster@ sia in root@ non ho email, non so se può essere dovuto ai filtri antispam impostati tramite ispconfig ma nel dubbio li ho tolti.
Comunque questo problema di lentezza (che poi termina in errore con fallimento dell'operazione) avviene solamente da client, dalla webmail sembra sempre tutto ok

Sia in postmaster@ sia in root@ non ho email,
Me bala n'ocio:


Oct 9 11:24:02 srv dovecot: lda(postmaster@srv.mrtsolutions.it): sieve: msgid=<20191009092402.2842B827D0@srv.mrtsolutions.it>: stored mail into mailbox 'INBOX'
Oct 9 11:24:02 srv postfix/pipe[18546]: 7EE99827CF: to=<postmaster@srv.mrtsolutions.it>, relay=dovecot, delay=0.25, delays=0.01/0.02/0/0.22, dsn=2.0.0, status=sent (delivered via dovecot service)
Oct 9 11:24:02 srv postfix/qmgr[17615]: 7EE99827CF: removed

Qua sopra dice proprio che ha messo dentro la mail.

Me bala n'ocio:


Oct 9 11:24:02 srv dovecot: lda(postmaster@srv.mrtsolutions.it): sieve: msgid=<20191009092402.2842B827D0@srv.mrtsolutions.it>: stored mail into mailbox 'INBOX'
Oct 9 11:24:02 srv postfix/pipe[18546]: 7EE99827CF: to=<postmaster@srv.mrtsolutions.it>, relay=dovecot, delay=0.25, delays=0.01/0.02/0/0.22, dsn=2.0.0, status=sent (delivered via dovecot service)
Oct 9 11:24:02 srv postfix/qmgr[17615]: 7EE99827CF: removed

Qua sopra dice proprio che ha messo dentro la mail.

Ho visto, ma dalla webmail vedo che non ci sono. Non so da dove poterle controllare altrimenti

Ho visto, ma dalla webmail vedo che non ci sono. Non so da dove poterle controllare altrimenti

/var/mail/root ?

Risolto?

Potresti essere bandito da fail2ban tramite il filtro postfix-sasl se fai troppi tentativi d'accesso sbagliati. Se è così, il tuo IP viene tempornamente bloccato.