Domain: ailawandorder.com
MiaB V73
I’m having some issue with my box being able to send email without any problem, but can’t receive any mail.
I’ve checked all my DNS and firewall settings and can’t seem to find where the issue is.
Anyone could guide me around pinpointing the issue?
The first place to start is your logs to learn what is happening with your server. Have you looked at /var/log/mail.err? mail.log?
I see you’re on v73 and did you update after the z-push update on 28 July. I say this because it looks like your logging in / out fairly quickly using imap, and maybe the z-push update will help.
Everything is up-to-date according to the official curl install command. In the past month I’ve probably ran it 20+ times just to make sure everything is fine.
Looking through the z-push logs it’s all empty.
Using MX Lookup - Check MX Records of Domain
Status says: Connection Error
and
Connection Timed Out
Leads me to believe it’s firewall related, but both router and and Ubuntu firewall seem to be setup correctly.
Looks like port 25 is closed from your server provider. For many, you just have to submit a ticket to open it up.
I have used that exact service to find port 25 is “closed”, I’ve contacted my ISP already and they said that after checking port 25 is not blocked.
On my Mail-in-a-Box admin panel, is does say
“Outbound mail (SMTP port 25) is not blocked”
Is there a way to check and make sure it’s my ISP and not me that did something dumb on the router?
FWIW, I’m no expert on this stuff, just someone who’s been running a MIAB for several years now.
Looking at the logs, it seems to be on the postfix server side where you’re having the problem because you are connecting, but immediately disconnecting. I would take a careful look at your postfix config file and see if you have a IP allow/block rules that might be impacting your setup. e.g. are you allowing 10.0.0.1?
At what time did you send the mail? Is the relevant part of the log shown?
Why is there a router involved?
Stretchoid is a scanner, I don´t think this is relevant.
10.0.0.1 is a private address. Is this you trying stuff? The anvil stuff does not worry me, it’s just giving you the status.
I tried Network Tools: DNS,IP,Email which seems to be ok. It is able to connect to your box, with a session transcript that is recognizable. This suggests no directly recognizable errors, and you should be able to receive mail.
Maybe try again, and look at the relevant part of /var/log/mail.log ?
As of a few hours ago, I’ve solved majority of the issues.
I was running MiaB locally as a vm, and had pfsense forward the relevant ports. I’ve checked them over 10 times to make sure they were correct. Even disabled, then re-enabled them to force some sort of filter reload. On top of manually reloading the filter.
Reading the pfsense documentation, best practices for forwarding multiple ports is to group them into an alias and forward the alias all at once instead of one by one. That seemed to have solved the issue.
The only remaining issue i have is the MTA-STS policy missing warning. Reading over many threads here doesn’t seem to be a clear indication of what the issue might be.
Error: MTA-STS policy is missing: STSFetchResult.NONE
The MTA-STS warning might resolve overnight, just wait one day, it might be gone 
Here to be the bearer of bad news; it’s been about 36 hours and the MTA-STS warning hasn’t resolved itself.
Well, I’ll ask the obvious question: have you verified the file exists?
/var/lib/mailinabox/mta-sts.txt shows
version: STSv1
mode: enforce
mx: box.ailawandorder.com
max_age: 604800
https://mta-sts.ailawandorder.com/.well-known/mts-sts.txt
shows 404 not found
How about the file:
/root/mailinabox/conf/mta-sts.txt
Mine has:
version: STSv1
mode: MODE
mx: PRIMARY_HOSTNAME
max_age: 604800
Seems like a permission problem amongst your VM, web server, and MIAB. That’s a rabiit hole… Beyond my scope! Good luck. 
/root/mailinabox/conf/mta-sts.txt shows the same as yours
Thanks for your help anyways.
I’ll start digging into why it’s 404
Your site seems to have dns issues. First fix those.
I switch to using MiaB’s dns to see if anything would change, that seem to break things even more. Even though MiaB’s status checks doesn’t report any problems (apart fom MTA-STS missing).
Switched back to using my domain providers DNS, waiting for DNS records to propogate.