Solved Postfix + PHP 5.6 Issue

Since upgrading to www/php56, I can no longer use "localhost" as my "SMTP Host" when setting up mail settings in PHP scripts or forum software. When I do, I receive the following error :
Code:
Email to xxx@gmail.com failed: stream_socket_enable_crypto(): Peer certificate CN=`mail.example.com' did not match expected CN=`localhost'
Postfix is running on the same server as my webserver, and my server's hostname is set to "localhost".

When I attempt to change my "SMTP Host" to mail.example.com, I receive the following error :
Code:
Email to xxx@gmail.com failed: 5.5.2 <localhost>: Helo command rejected: need fully-qualified hostname
Now I didn't want to mess with anything further without asking first - as I'm afraid I'll set something wrong and my mail server will end up being an open relay.

Any help would be greatly appreciated!
 
Don't use localhost as an actual hostname. Set the host name to a 'complete' hostname, including a domain, i.e. myhost.example.com.
 
I'm able to resolve this issue if I edit my /etc/hosts file and add my mail server hostname to the list like so :
Code:
127.0.0.1  localhost localhost.my.domain mail.example.com
After doing that and using "mail.example.com" as my SMTP host, everything is delivering fine.

Are there any security issues handling this way?
 
No, that's actually the solution I was going to suggest next. You'll want to change the 'localhost.my.domain' to 'localhost.example.com' too.
 
Thank you, that's an easy fix then.

I have a few domains on this dedicated server - should I still be making that 'localhost.example.com' change? Should the other domains be listed in /etc/hosts as well?
 
Ideally it should be done on DNS, each domain should have a localhost entry pointing to 127.0.0.1. But it's fine to do this in the /etc/hosts file, it just takes a little more administrating.
 
I can't say I've seen anyone have 127.0.0.1 in their DNS - unless you referring to a locally hosted DNS?

I'm using Amazon's Route 53 for all my domains DNS so that probably doesn't apply to me.
 
I can't say I've seen anyone have 127.0.0.1 in their DNS - unless you referring to a locally hosted DNS?

I'm using Amazon's Route 53 for all my domains DNS so that probably doesn't apply to me.

It's used on the host that runs the DNS server or forwarder/resolver, usually the firewall/router, to make sure the system knows exactly the same hosts via DNS as the ones it serves on the LAN. The idea is that the 127.0.0.1 address is always accessible when the other addresses might go away from time to time if the configuration of the interfaces and addresses is dynamic.
 
I can't say I've seen anyone have 127.0.0.1 in their DNS - unless you referring to a locally hosted DNS?
Rarely anyone does, I just think it's good form to do so. Just in case someone has a botched hosts file.
 
I ran in to an issue this morning. I'm not able to telnet to the mail server anymore.
Code:
$ telnet mail.example.com
Trying 127.0.0.1...
telnet: connect to address 127.0.0.1: Connection refused
Trying ::1...
telnet: connect to address ::1: Connection refused
telnet: Unable to connect to remote host
Also, when I connect to my mail server from home and try to send mail, it errors out (however receiving email works just fine). No errors in the maillog (or any indication that a connection was even attempted to be made).
The error I receive from Window Live Mail is :
Code:
The connection to the server has failed.

Subject 'test'
Server: 'mail.example.com'
Windows Live Mail Error ID: 0x800CCC0E
Protocol: SMTP
Port: 587
Secure(SSL): Yes
Socket Error: 10061

This was all working fine before adding my mail server domain to the /etc/hosts/ file.
 
"Connection refused" usually indicates something isn't running, i.e. there's nothing listening on that port. Are you sure your mail service is actually running?
 
Yeah it's running, I see it listed in Top. It's weird .. mail is still getting delivered, but I'm just unable to send mail from home.

Edit: so I just tried again and even after removing mail.example.com from the /etc/hosts file, it still get "Connection Refused". Not sure what is going on, but postfix is running because I am receiving mail from it.
 
Problem solved. My IP address changed on me and the firewall was blocking everything.

I never even thought of that being a possibility - as I pay a lot for my 150mbit fiber internet connection to the home and I was supposed to have a static IP. I guess something happened and I got a new IP after the hardware upgrades they did in my neighborhood.
 
Back
Top