How can I receive emails from external ?

[RORO FUJINO]

I can not succeed receiving emails from external like gmail.

The purpose is that internal users in GCE receive emails. 

-I set up post fix main.cf as attached.

-Succeeded for outgoing mails using maligun.org because tcp#25 is prohibited.

-dovecot is not set up because pop/imap do not seem to be required.

I have experience of receiving emails for user in Ubuntu inside my home network.

This is my first time for GCE.

Could you tell me how I need to setup something additional ?

Thank you for your support.

FUJINO

other settings

-using CentOS7 on GCE

- #telnet localhost 25 from GCE is succeeded

- firewall rule for GCP :default other than below

  ingress http tcp 80, https tcp 443 , tcp 110

# postconf -n

config_directory = /etc/postfix

home_mailbox = Maildir/

inet_interfaces = all

inet_protocols = ipv4

mail_owner = postfix

mailbox_size_limit = 0

message_size_limit = 10485760

mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain

mydomain = xxxxx.pgw.jp

myhostname = mail.xxxxx.pgw.jp

myorigin = $mydomain

recipient_delimiter = +

smtpd_banner = $myhostname ESMTP unknown

smtpd_recipient_restrictions = permit_mynetworks , permit_sasl_authenticated , reject_unauth_destination

smtpd_sasl_auth_enable = yes

smtpd_sasl_local_domain = $myhostname

relayhost = [smtp.mailgun.org]:2525

smtp_tls_security_level = encrypt

smtp_sasl_auth_enable = yes

smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd

smtp_sasl_security_options = noanonymous

#netstat -ant

Active Internet connections (servers and established)

Proto Recv-Q Send-Q Local Address           Foreign Address         State      

tcp        0      0 0.0.0.0:111             0.0.0.0:*               LISTEN     

tcp        0      0 0.0.0.0:2000            0.0.0.0:*               LISTEN     

tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN     

tcp        0      0 0.0.0.0:25              0.0.0.0:*               LISTEN     

tcp        0      0 10.138.0.2:22           106.156.154.48:56742    ESTABLISHED

tcp        0      0 10.138.0.2:57738        169.254.169.254:80      CLOSE_WAIT 

tcp        0      0 10.138.0.2:57744        169.254.169.254:80      ESTABLISHED

tcp        0      0 10.138.0.2:57746        169.254.169.254:80      ESTABLISHED

tcp        0     52 10.138.0.2:22           106.156.154.48:57073    ESTABLISHED

tcp        0      0 10.138.0.2:57742        169.254.169.254:80      ESTABLISHED

tcp6       0      0 :::111                  :::*                    LISTEN     

tcp6       0      0 :::22                   :::*                    LISTEN

[Carlos (Cloud Platform Support)]

It seems your server is listening on port 25. You may try explicitly setting a firewall rule to allow incoming connections on port 25. The default rules for ingress does not include that port. Certainly, connections that are initiated on the GCE side (outbound) on port 25 are blocked.

Please check this similar discussion. Other than that, I can only think on the correct setting of your MX records or tweaking your server configuration.