digital ocean – Postfix receives but don’t send emails on DigitalOcean droplet

As I was following the tutorial (https://www.digitalocean.com/community/tutorials/how-to-install-and-configure-postfix-on-ubuntu-18-04)

I established postfix mail server. By the way unfortunately a can’t send e-mails anywhere outside my droplet. According to logs I receive status: status=bounced (host healthqode.me[127.0.1.1] said: 554

Here is the last log data:

sudo tail -f /var/log/mail.log
Apr 25 11:15:26 healthqode postfix/submission/smtpd[26048]: connect from localhost.localdomain[127.0.0.1]
Apr 25 11:15:26 healthqode postfix/submission/smtpd[26048]: NOQUEUE: reject: RCPT from localhost.localdomain[127.0.0.1]: 554 5.7.1 <myrealmail@mail.com>: Recipient address rejected: Access denied; from=<mymail@healthqode.me> to=<myrealmail@mail.com> proto=ESMTP helo=<healthqode.me>
Apr 25 11:15:26 healthqode postfix/smtp[26046]: 93683428F4: to=<myrealmail@mail.com>, relay=healthqode.me[127.0.1.1]:587, delay=0.13, delays=0.02/0.02/0.09/0.01, dsn=5.7.1, status=bounced (host healthqode.me[127.0.1.1] said: 554 5.7.1 <myrealmail@mail.com>: Recipient address rejected: Access denied (in reply to RCPT TO command))
Apr 25 11:15:26 healthqode postfix/submission/smtpd[26048]: disconnect from localhost.localdomain[127.0.0.1] ehlo=2 starttls=1 mail=1 rcpt=0/1 data=0/1 rset=1 quit=1 commands=6/8
Apr 25 11:15:26 healthqode postfix/cleanup[26044]: B27B2428F6: message-id=<20220425111526.B27B2428F6@healthqode.me>
Apr 25 11:15:26 healthqode postfix/qmgr[26037]: B27B2428F6: from=<>, size=2424, nrcpt=1 (queue active)
Apr 25 11:15:26 healthqode postfix/bounce[26050]: 93683428F4: sender non-delivery notification: B27B2428F6
Apr 25 11:15:26 healthqode postfix/qmgr[26037]: 93683428F4: removed
Apr 25 11:15:26 healthqode postfix/local[26052]: B27B2428F6: to=<myrootuser@healthqode.me>, orig_to=<mymail@healthqode.me>, relay=local, delay=0.02, delays=0/0.01/0/0, dsn=2.0.0, status=sent (delivered to maildir)
Apr 25 11:15:26 healthqode postfix/qmgr[26037]: B27B2428F6: removed

What I have tried:

  1. I have added ports 587, 465 and 25 in ufw firewall allows,

  2. Added SPF and MX records. Here is my DNS-settings:

    CNAME mail.healthqode.me healthqode.me TXT healthqode.me v=spf1 include:healthqode.me ~all MX healthqode.me healthqode.me 10 A www.healthqode.me 164.92.243.79 A healthqode.me 164.92.243.79 NS healthqode. me ns1.digitalocean.com NS healthqode.me ns2.digitalocean.com NS healthqode.me ns3.digitalocean.com

  3. dig -x 164.92.243.79

    ; <<>> DiG 9.11.3-1ubuntu1.17-Ubuntu <<>> -x 164.92.243.79 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 39319 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

    ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 65494 ;; QUESTION SECTION: ;79.243.92.164.in-addr.arpa. IN PT

    ;; ANSWER SECTION: 79.243.92.164.in-addr.arpa. 1800 IN PTR healthqode.me.

    ;; Query time: 24 msec ;; SERVER: 127.0.0.53#53(127.0.0.53) ;; WHEN: Mon Apr 25 11:52:22 UTC 2022 ;; MSG SIZE rcvd: 82

    By the way when I try to dig a domain it return the further:

dig -x healthqode.me

; <<>> DiG 9.11.3-1ubuntu1.17-Ubuntu <<>> -x healthqode.me
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 8643
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;me.healthqode.in-addr.arpa.    IN  PTR

;; Query time: 25 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Mon Apr 25 11:52:49 UTC 2022
;; MSG SIZE  rcvd: 55
  1. I checked e-mail in blacklists. Everything is ok. By the way mxtoolbox returns everything ok except one line: Reverse DNS is not a valid Hostname

5. Here is my main.cf file content:

smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
myhostname = healthqode.me
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = $myhostname, healthqode.me, mail.healthqode.me, localhost.healthqode.me, localhost
_#relayhost = [mail.healthqode.me]:587
#relayhost = smtp.healthqode.me:submission
#relayhost = [healthqode.me]:587_
**(I tried different varies of this record, nothing changed)**
relayhost = healthqode.me:submission
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
#inet_protocols = all **(I changed this record to ipv4)**
inet_protocols = ipv4
home_mailbox = Maildir/
virtual_alias_maps = hash:/etc/postfix/virtual

smtp_tls_security_level=encrypt **(Added this line)**
  1. Here is my master.cf

submission inet n – y – – smtpd (uncommented this line)

      -o syslog_name=postfix/submission **(uncommented this line)**
      -o smtpd_tls_security_level=encrypt **(uncommented this line)**
      -o smtpd_sasl_auth_enable=yes **(uncommented this line)**
      -o smtpd_tls_auth_only=yes **(uncommented this line)**
    #  -o smtpd_reject_unlisted_recipient=no
    #  -o smtpd_client_restrictions=$mua_client_restrictions
    #  -o smtpd_helo_restrictions=$mua_helo_restrictions
    #  -o smtpd_sender_restrictions=$mua_sender_restrictions
    #  -o smtpd_recipient_restrictions=
      -o smtpd_relay_restrictions=permit_sasl_authenticated,reject **(uncommented this line)**
      -o milter_macro_daemon_name=ORIGINATING **(uncommented this line)**
  1. I added SSL by sertbot to domains: healthqode.me, www.healthqode.me, mail.healthqode.me

  2. I tried to change my hostfile settings so I turned them to the standard settings:

    127.0.1.1 healthqode.me 127.0.0.1 localhost.localdomain localhost

    ::1 localhost ip6-localhost ip6-loopback ff02::1 ip6-allnodes ff02::2 ip6-allrouters

Nothing :((((

PS Sometimes trying different settings, I receive said 530. So I tried different ways to solve my problem, but don’t know what to try anymore. I have read a lot of issues on Stack and DO, and nothing that could help me.

PPS the domain name register is GoDaddy, The DNS records there are:
NS    healthqode.me       ns1.digitalocean.com
NS    healthqode.me       ns2.digitalocean.com
NS    healthqode.me       ns3.digitalocean.com

Leave a Comment