I suck at postfix (or, hey kids this is y u no ISPConfig)

1. So, I think I may have configured Postfix wrong...nothing is getting delivered, not even local mail from cron jobs. It's just sitting in the queue. (Postconf/postfinger and tl;dr at the end)
2.  
3. Ubuntu 14.04.1 LTS
4.  
5. While unfortunately it's been a while since I installed the server and I can't recall my exact steps, I do know I had attempted to (or did) set up ISPConfig on it, so if that helps shed any light on where I went wrong.
6.  
7. The server, andromeda.gamefiar.com, is intended to mail out things to the internet periodically (user signs up, needs email confirmation, etc). I don't particularly care to get the output of the cron jobs (they were supposed to be redirecting their output to a log file anyway...), but mailing users on the forums who sign up, recover pass, or get an update to a subscribed thread, that's kinda necessary. And any stray output from a cron job really needs to get put in some kind of mailbox instead of hanging out in the queue clogging the tubes.
8.  
9. I started moving stuff from my old server to this server today (it's not so "new" anymore, I set it up initially in Sept 2013 with one site) and I spotted some odd activity in top while I was monitoring progress of database imports and whatnot. showq (and other postfix-related processes) using up an exorbitant amount of CPU time, load averages in the 40s and 50s, etc.
10.  
11. Hundreds of megs of logs (within minutes!) accumulating in /var/log/mail.log lead me to investigate.
12.  
13. I did a postcat on some of the things I spotted in the mailq and there were all my cron job mails. The cron jobs were mailing the local account every time they ran (and I have a cron job that runs every minute, among others)
14.  
15. So I just cleared out several. hundred. thousand(!) items from the mailq from almost a year and a half worth of it trying to mail local accounts, and boiled it down to just the 7 emails I'd really like for it to try to send.
16.  
17. (One of them is a bogus address, the rest are real addresses, I masked them out as [email protected])
18.  
19. ----------------------------------------------
20. root@andromeda:~# mailq
21. -Queue ID- --Size-- ----Arrival Time---- -Sender/Recipient-------
22. D6D87F27 4594 Sun Feb 22 23:32:30 [email protected]
23. (delivery temporarily suspended: connect to 127.0.0.1[127.0.0.1]:10024: Connection refused)
24. [email protected]
25.  
26. 6EE3E568E22 1505 Sun Feb 22 23:51:25 [email protected]
27. (connect to 127.0.0.1[127.0.0.1]:10024: Connection refused)
28. [email protected]
29.  
30. 60135641328 1542 Sun Feb 22 23:51:51 [email protected]
31. (delivery temporarily suspended: connect to 127.0.0.1[127.0.0.1]:10024: Connection refused)
32. [email protected]
33.  
34. 56EC8566125 1542 Sun Feb 22 23:52:44 [email protected]
35. (delivery temporarily suspended: connect to 127.0.0.1[127.0.0.1]:10024: Connection refused)
36. [email protected]
37.  
38. A16CB566EC0 1505 Sun Feb 22 23:51:37 [email protected]
39. (delivery temporarily suspended: connect to 127.0.0.1[127.0.0.1]:10024: Connection refused)
40. [email protected]
41.  
42. 2662E566E54 409 Mon Feb 23 00:00:41 [email protected]
43. (delivery temporarily suspended: connect to 127.0.0.1[127.0.0.1]:10024: Connection refused)
44. [email protected]
45.  
46. 734FE571BE1 3606 Sun Feb 22 18:50:39 [email protected]
47. (connect to 127.0.0.1[127.0.0.1]:10024: Connection refused)
48. [email protected]
49. -----------------------------------
50.  
51.  
52.  
53.  
54.  
55.  
56.  
57.  
58.  
59. Note the (delivery temporarily suspended: connect to 127.0.0.1[127.0.0.1]:10024: Connection refused)
60.  
61.  
62.  
63.  
64. I was seeing this on pretty much every mail addressed to a local user with the @ (e.g. [email protected]) or to any internet user (real address).
65.  
66. I did not see this connection refused line on anything that was addressed to simply "ruins" or "root" (no @andromeda.gamefiar.com). For all of that stuff, it was just sitting there in the queue and never ending up in any kind of mail directory like I'd normally see. Here's a sample of the queue before I cleaned it out:
67.  
68.  
69.  
70. -----------------------------------
71. -Queue ID- --Size-- ----Arrival Time---- -Sender/Recipient-------
72. 1FEF95E6BE7 588 Sun Oct 5 23:24:02 ruins
73. ruins
74.  
75. 493BE608DB7 588 Sun Nov 16 16:25:02 ruins
76. ruins
77.  
78. A12F15B8679 737 Wed Dec 31 09:39:01 root
79. root
80.  
81. 78A5D5EF4D2 588 Wed Jan 28 18:59:01 ruins
82. ruins
83.  
84. DEDE95DCB51 588 Mon Jan 19 14:00:08 ruins
85. ruins
86.  
87. F02E85D9F10 588 Tue Sep 16 23:25:01 ruins
88. ruins
89. -------------------------------------
90.  
91.  
92.  
93.  
94.  
95.  
96.  
97.  
98. So, long story short:
99.  
100. 1. Why is it seemingly not trying to deliver any mail (even local mail from cron jobs and stuff)?
101. 2. Why is it trying to connect to 127.0.0.1 to deliver mail, and then refusing the connection?
102. 3. How can I make it so that it will deliver local mail, so the output of a cron job ends up in the mailbox of the user who owns the crontab?
103. 4. How can I make it so that it will deliver mail to the internet (or try to, at least)?
104.  
105. Thanks <3
106.  
107.  
108.  
109.  
110.  
111.  
112. Postfinger below.
113. ----------------------------------------------
114.  
115. root@andromeda:~# ./postfinger
116. postfinger - postfix configuration on Mon Feb 23 02:10:41 EST 2015
117. version: 1.30
118.  
119. /usr/sbin/postconf: warning: /etc/postfix/main.cf: undefined parameter: virtual_mailbox_limit_maps
120. --System Parameters--
121. mail_version = 2.11.0
122. hostname = andromeda
123. uname = Linux andromeda 3.13.0-35-generic #62-Ubuntu SMP Fri Aug 15 01:58:42 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux
124.  
125. --Packaging information--
126. looks like this postfix comes from deb package: postfix-2.11.0-1
127.  
128. /usr/sbin/postconf: warning: /etc/postfix/main.cf: undefined parameter: virtual_mailbox_limit_maps
129. --main.cf non-default parameters--
130. alias_database = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
131. alias_maps = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
132. append_dot_mydomain = no
133. biff = no
134. body_checks = regexp:/etc/postfix/body_checks
135. broken_sasl_auth_clients = yes
136. content_filter = amavis:[127.0.0.1]:10024
137. dovecot_destination_recipient_limit = 1
138. header_checks = regexp:/etc/postfix/header_checks
139. html_directory = /usr/share/doc/postfix/html
140. mailbox_size_limit = 512000000
141. maildrop_destination_concurrency_limit = 1
142. maildrop_destination_recipient_limit = 1
143. mime_header_checks = regexp:/etc/postfix/mime_header_checks
144. mydestination = andromeda.gamefiar.com, localhost, localhost.localdomain, 127.0.0.1
145. myhostname = andromeda.gamefiar.com
146. mynetworks = 127.0.0.0/8 [::1]/128
147. myorigin = /etc/mailname
148. nested_header_checks = regexp:/etc/postfix/nested_header_checks
149. owner_request_special = no
150. proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps
151. receive_override_options = no_address_mappings
152. recipient_delimiter = +
153. relay_domains = mysql:/etc/postfix/mysql-virtual_relaydomains.cf
154. relay_recipient_maps = mysql:/etc/postfix/mysql-virtual_relayrecipientmaps.cf
155. smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
156. smtpd_client_message_rate_limit = 100
157. smtpd_client_restrictions = check_client_access mysql:/etc/postfix/mysql-virtual_client.cf
158. smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, check_recipient_access mysql:/etc/postfix/mysql-virtual_recipient.cf, reject_unauth_destination
159. smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
160. smtpd_sasl_auth_enable = yes
161. smtpd_sasl_authenticated_header = yes
162. smtpd_sasl_path = private/auth
163. smtpd_sasl_type = dovecot
164. smtpd_sender_restrictions = check_sender_access mysql:/etc/postfix/mysql-virtual_sender.cf
165. smtpd_tls_cert_file = /etc/postfix/smtpd.cert
166. smtpd_tls_key_file = /etc/postfix/smtpd.key
167. smtpd_tls_security_level = may
168. smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
169. smtpd_use_tls = yes
170. smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
171. transport_maps = hash:/var/lib/mailman/data/transport-mailman, proxy:mysql:/etc/postfix/mysql-virtual_transports.cf
172. virtual_alias_domains =
173. virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, proxy:mysql:/etc/postfix/mysql-virtual_email2email.cf, hash:/var/lib/mailman/data/virtual-mailman
174. virtual_gid_maps = static:5000
175. virtual_mailbox_base = /var/vmail
176. virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
177. virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
178. virtual_transport = dovecot
179. virtual_uid_maps = static:5000
180.  
181. --master.cf--
182. /usr/sbin/postconf: warning: /etc/postfix/main.cf: undefined parameter: virtual_mailbox_limit_maps
183. smtp inet n - - - - smtpd
184. submission inet n - - - - smtpd
185. -o syslog_name=postfix/submission
186. -o smtpd_tls_security_level=encrypt
187. -o smtpd_sasl_auth_enable=yes
188. -o smtpd_client_restrictions=permit_sasl_authenticated,reject
189. smtps inet n - - - - smtpd
190. -o syslog_name=postfix/smtps
191. -o smtpd_tls_wrappermode=yes
192. -o smtpd_sasl_auth_enable=yes
193. -o smtpd_client_restrictions=permit_sasl_authenticated,reject
194. pickup unix n - - 60 1 pickup
195. cleanup unix n - - - 0 cleanup
196. qmgr unix n - n 300 1 qmgr
197. tlsmgr unix - - - 1000? 1 tlsmgr
198. rewrite unix - - - - - trivial-rewrite
199. bounce unix - - - - 0 bounce
200. defer unix - - - - 0 bounce
201. trace unix - - - - 0 bounce
202. verify unix - - - - 1 verify
203. flush unix n - - 1000? 0 flush
204. proxymap unix - - n - - proxymap
205. proxywrite unix - - n - 1 proxymap
206. smtp unix - - - - - smtp
207. relay unix - - - - - smtp
208. showq unix n - - - - showq
209. error unix - - - - - error
210. retry unix - - - - - error
211. discard unix - - - - - discard
212. local unix - n n - - local
213. virtual unix - n n - - virtual
214. lmtp unix - - - - - lmtp
215. anvil unix - - - - 1 anvil
216. scache unix - - - - 1 scache
217. maildrop unix - n n - - pipe
218. flags=DRhu user=vmail argv=/usr/bin/maildrop -d vmail ${extension} ${recipient} ${user} ${nexthop} ${sender}
219. uucp unix - n n - - pipe
220. flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
221. ifmail unix - n n - - pipe
222. flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
223. bsmtp unix - n n - - pipe
224. flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
225. scalemail-backend unix - n n - 2 pipe
226. flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
227. mailman unix - n n - - pipe
228. flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
229. ${nexthop} ${user}
230. dovecot unix - n n - - pipe
231. flags=DROhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop}
232. amavis unix - - - - 2 smtp
233. -o smtp_data_done_timeout=1200
234. -o smtp_send_xforward_command=yes
235. 127.0.0.1:10025 inet n - - - - smtpd
236. -o content_filter=
237. -o local_recipient_maps=
238. -o relay_recipient_maps=
239. -o smtpd_restriction_classes=
240. -o smtpd_client_restrictions=
241. -o smtpd_helo_restrictions=
242. -o smtpd_sender_restrictions=
243. -o smtpd_recipient_restrictions=permit_mynetworks,reject
244. -o mynetworks=127.0.0.0/8
245. -o strict_rfc821_envelopes=yes
246. -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
247.  
248. -- end of postfinger output --
249.  
250.  
251.  
252.  
253.  
254.  
255.  
256.  
257. edit: tail of mail.log
258.  
259. Feb 23 02:18:44 andromeda postfix/smtp[27304]: connect to 127.0.0.1[127.0.0.1]:10024: Connection refused
260. Feb 23 02:18:44 andromeda postfix/smtp[27304]: 2636B560015: to=<[email protected]>, orig_to=<root>, relay=none, delay=583, delays=583/0.01/0/0, dsn=4.4.1, status=deferred (connect to 127.0.0.1[127.0.0.1]:10024: Connection refused)
261. Feb 23 02:18:44 andromeda postfix/smtp[27304]: warning: connect to mysql server 127.0.0.1: Access denied for user 'ispconfig'@'localhost' (using password: YES)
262. Feb 23 02:18:44 andromeda postfix/smtp[27304]: warning: mysql:/etc/postfix/mysql-virtual_relaydomains.cf: table lookup problem
263. Feb 23 02:18:44 andromeda postfix/smtp[27304]: warning: 2636B560015: flush service failure
264. Feb 23 02:28:44 andromeda postfix/smtp[28109]: connect to 127.0.0.1[127.0.0.1]:10024: Connection refused
265. Feb 23 02:28:44 andromeda postfix/smtp[28109]: 2636B560015: to=<[email protected]>, orig_to=<root>, relay=none, delay=1182, delays=1182/0.01/0/0, dsn=4.4.1, status=deferred (connect to 127.0.0.1[127.0.0.1]:10024: Connection refused)
266. Feb 23 02:28:44 andromeda postfix/smtp[28109]: warning: connect to mysql server 127.0.0.1: Access denied for user 'ispconfig'@'localhost' (using password: YES)
267. Feb 23 02:28:44 andromeda postfix/smtp[28109]: warning: mysql:/etc/postfix/mysql-virtual_relaydomains.cf: table lookup problem
268. Feb 23 02:28:44 andromeda postfix/smtp[28109]: warning: 2636B560015: flush service failure
269.  
270.  
271.  
272. yuuuup, ispconfig msut be the problem