PostfixAdmin / Discussion / Postfix Admin Discussion: Postfix vs stunnel relay but outlook client can't sent

I have a problem after setup postfix vs stunnel is relay host:
client outlook --->[postfix:25 relay to stunnel:1125]--->smtp.vt.com.vn:465
I can sent email via postfix with telnet command but can't sent email with outlook client. Help me! My config below:

postconf -n

alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
debug_peer_list = 172.16.1.0/24
debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin $daemon_directory/$process_name $process_id & sleep 5
disable_dns_lookups = yes
html_directory = no
inet_interfaces = all
inet_protocols = all
mail_owner = postfix
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
mydestination = $myhostname, localhost.$mydomain, localhost
mydomain = vt.com.vn
mynetworks = 172.16.1.0/24,127.0.0.0/8
myorigin = vt.com.vn
newaliases_path = /usr/bin/newaliases.postfix
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.10.1/README_FILES
relayhost = [127.0.0.1]:1125
sample_directory = /usr/share/doc/postfix-2.10.1/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtp_always_send_ehlo = yes
smtp_sasl_auth_enable = yes
smtp_sasl_mechanism_filter = plain
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options =
smtp_sasl_tls_security_options = noanonymous noplaintext
smtp_tls_security_level = may
smtpd_client_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
smtpd_sasl_local_domain = $mydomain
smtpd_tls_security_level = may
smtpd_tls_session_cache_timeout = 3600s
unknown_local_recipient_reject_code = 550

cat /etc/postfix/sasl_passwd
[127.0.0.1]:1125 username:password
cat /etc/stunnel/stunnel.conf

chroot = /var/run/stunnel/
setuid = root
setgid = root
pid = /stunnel.pid
debug = 7
output = stunnel.log
cert = /etc/stunnel/stunnel.pem
options = NO_SSLv2
[smtp-tls-wrapper]
client = yes
accept = 1125
connect = smtp.vt.com.vn:465

4.test telnet

Connecting to 192.168.10.6:25...
Connection established.
To escape to local shell, press 'Ctrl+Alt+]'.
220 labnis.vt.com.vn ESMTP Postfix
EHLO VTCC-BIENTD
250-labnis.vt.com.vn
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
MAIL FROM:<bientd@vt.com.vn>
250 2.1.0 Ok
RCPT TO:<bientd@vt.com.vn>
250 2.1.5 Ok
DATA
354 End data with <CR><LF>.<CR><LF>
Subject: Test subject

blah blah
.
250 2.0.0 Ok: queued as 6811F86BBE2A
quit221 2.0.0 Bye

Output maillog when outlook test mail

Jul 11 15:37:14 labnis postfix/smtpd[3569]: unknown[172.16.1.88]: 220 labnis.vt.com.vn ESMTP Postfix
Jul 11 15:37:14 labnis postfix/smtpd[3569]: watchdog_pat: 0x7f50bf0fe250
Jul 11 15:37:14 labnis postfix/smtpd[3569]: < unknown[172.16.1.88]: EHLO BIENTD
Jul 11 15:37:14 labnis postfix/smtpd[3569]: match_list_match: unknown: no match
Jul 11 15:37:14 labnis postfix/smtpd[3569]: match_list_match: 172.16.1.88: no match
Jul 11 15:37:14 labnis postfix/smtpd[3569]: unknown[172.16.1.88]: 250-labnis.vt.com.vn
Jul 11 15:37:14 labnis postfix/smtpd[3569]: unknown[172.16.1.88]: 250-PIPELINING
Jul 11 15:37:14 labnis postfix/smtpd[3569]: unknown[172.16.1.88]: 250-SIZE 10240000
Jul 11 15:37:14 labnis postfix/smtpd[3569]: unknown[172.16.1.88]: 250-VRFY
Jul 11 15:37:14 labnis postfix/smtpd[3569]: unknown[172.16.1.88]: 250-ETRN
Jul 11 15:37:14 labnis postfix/smtpd[3569]: unknown[172.16.1.88]: 250-STARTTLS
Jul 11 15:37:14 labnis postfix/smtpd[3569]: unknown[172.16.1.88]: 250-ENHANCEDSTATUSCODES
Jul 11 15:37:14 labnis postfix/smtpd[3569]: unknown[172.16.1.88]: 250-8BITMIME
Jul 11 15:37:14 labnis postfix/smtpd[3569]: unknown[172.16.1.88]: 250 DSN
Jul 11 15:37:14 labnis postfix/smtpd[3569]: watchdog_pat: 0x7f50bf0fe250
Jul 11 15:37:14 labnis postfix/smtpd[3569]: smtp_get: EOF
Jul 11 15:37:14 labnis postfix/smtpd[3569]: match_hostname: unknown ~? 172.16.1.0/24
Jul 11 15:37:14 labnis postfix/smtpd[3569]: match_hostaddr: 172.16.1.88 ~? 172.16.1.0/24
Jul 11 15:37:14 labnis postfix/smtpd[3569]: lost connection after EHLO from unknown[172.16.1.88]
Jul 11 15:37:14 labnis postfix/smtpd[3569]: disconnect from unknown[172.16.1.88]

Simon Hobson - 2016-07-12

Frist the copy-n-paste from the forum description :
This is not a general Postfix help forum - this is for the separate package PostfixAdmin which configures/maintains virtual domains & mailboxes using Postfix (plus MySQL or PostgreSQL, optionally maildrop, and Courier or Dovecot).
For Postfix help you should head over to postfix.org and check out the Postfix mailing lists.
But, for your problem, I have a few observations :
1) Do the same diagnostics for the manual (telnet) session as you did for the Outlook session so you have something you can compare like-for-like. What you have now is the "client view" for one method, and the "server view" for the other - so nothing to compare ! You can also try turning up the debug level further and see if any more detail comes out.
2) If you use a packet sniffer, you can capture the client-server interaction for the Outlook client giving you something to compare with your telnet session.
3) I am puzzled why you are using stunnel when Postfix supports SSL out of the box ? Wouldn't it be easier to just use Postfix's built-in SSL - it's not hard to set up ?
4) Is it possible that Outlook is attempting to do StartTLS which I'm guessing won't work through stunnel ?

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

F10 - 2016-07-12

Thanks for answering. I am very sorry for creating topic without reading the directions carefully by admin postfix. I will copy-n-paste from the forum Postfix.
As you have suggested some solutions I would like to respond as follows:

1) Do the same diagnostics for the manual (telnet) session as you did for the Outlook session so you have something you can compare like-for-like. What you have now is the "client view" for one method, and the "server view" for the other - so nothing to compare ! You can also try turning up the
debug level further and see if any more detail comes out.
2) If you use a packet sniffer, you can capture the client-server interaction for the Outlook client giving you something to compare with your telnet session.

I will check again

3) I am puzzled why you are using stunnel when Postfix supports SSL out of the box ? Wouldn't it be easier to just use Postfix's built-in SSL - it's not hard to set up ?

Because I want to build a proxy email relay for multiple account email. Befor email relay I want filter some content body or add some email to: bcc, cc..

4) Is it possible that Outlook is attempting to do StartTLS which I'm guessing won't work through stunnel ?

If I setting outlook client to port 1125 stunnel. It's work fine! so I think problem is postfix.

Last edit: F10 2016-07-12

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Postfix vs stunnel relay but outlook client can't sent

Forums

Help

Postfix vs stunnel relay but outlook client can't sent document.SUBSCRIPTION_OPTIONS = { "thing": "topic", "subscribed": false, "url": "subscribe", "icon": { "css": "fa fa-envelope-o" } };

Postfix vs stunnel relay but outlook client can't sent