How to open port 26

I use smtp on my router to send mails about loged in, locked out users and so on. Will take a look...

I had an ISP who blocked port 25 too. I had to wait it out and the datacenter later unblocked it. I had to request my server IP to be whitelisted on a lot of email services like hotmail, and aol to just name two.

If you're using something like Xenforo, WordPress, or even Microsoft Outlook; I'd suggest looking into Amazon's Email service, at least until you have your ISP unblock 25. It's the easiest solution and just waiting it out. I think it's called Amazon SES. But you could also use a hosting company that gives you a mailbox like HostMetro's Mailbox service. You pay for each domain I think. So keep that in mind.

Hope I've given some helpful advice. It's a waiting game though with the ISP  I would know haha. and that's if they ever unblock it.

(host smtp.gmail.com[209.85.233.108] said: 530 5.7.0 Must issue a STARTTLS command first. t10sm164144lfd.18 - gsmtp (in reply to MAIL FROM command))
 
How to fix it? Some say that you’re missing smtp_use_tls=yes but I dont...

Main.cf conf:

# postfix config file

# uncomment for debugging if needed
soft_bounce=yes

# postfix main
mail_owner = postfix
setgid_group = postdrop
delay_warning_time = 4

# postfix paths
html_directory = no
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
queue_directory = /var/spool/postfix
sendmail_path = /usr/sbin/sendmail.postfix
newaliases_path = /usr/bin/newaliases.postfix
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man

# network settings
inet_interfaces = all
mydomain = id.lv
myhostname = host.blabla.lv
mynetworks = $config_directory/mynetworks
mydestination = $myhostname, localhost.$mydomain, localhost
relay_domains = proxy:mysql:/etc/postfix/mysql-relay_domains_maps.cf

# mail delivery
recipient_delimiter = +

# mappings
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
transport_maps = hash:/etc/postfix/transport
#local_recipient_maps =

# virtual setup
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_alias_maps.cf, regexp:/etc/postfix/virtual_regexp
virtual_mailbox_base = /var/vmail
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains_maps.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailbox_maps.cf
virtual_mailbox_limit_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailbox_limit_maps.cf
virtual_minimum_uid = 101
virtual_uid_maps = static:101
virtual_gid_maps = static:12
virtual_transport = dovecot
dovecot_destination_recipient_limit = 1

# debugging
debug_peer_level = 2
debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
       xxgdb $daemon_directory/$process_name $process_id & sleep 5

# authentication
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = $myhostname
broken_sasl_auth_clients = yes
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth

# sets gmail as relay
relayhost = [smtp.gmail.com]:587

# use sasl when authenticating to foreign SMTP servers
smtp_sasl_auth_enable = yes

# path to password map file
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd

# tls config
smtp_use_tls = yes
smtpd_use_tls = yes
smtpd_tls_security_level = may
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
smtp_tls_session_cache_database = btree:$data_directory/smtp_tls_session_cache
# Change mail.example.com.* to your host name
smtpd_tls_key_file = /etc/pki/tls/private/host.blabla.lv.key
smtpd_tls_cert_file = /etc/pki/tls/certs/host.blabla.lv.crt
smtpd_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt
#smtp_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt

# eliminates default security options which are imcompatible with gmail
smtp_sasl_security_options =

# rules restrictions
smtpd_client_restrictions =
smtpd_helo_restrictions =
smtpd_sender_restrictions =
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unknown_recipient_domain, reject_rbl_client zen.spamhaus.org, reject_rbl_client bl.spamcop.net, reject_rbl_client dnsbl.sorbs.net

smtpd_helo_required = yes
unknown_local_recipient_reject_code = 550
disable_vrfy_command = yes
smtpd_data_restrictions = reject_unauth_pipelining

# Other options
# email size limit ~20Meg
message_size_limit = 204800000
mailbox_size_limit = 2048000000

# Limit 500 emails per hour per email address
anvil_rate_time_unit = 3600s
smtpd_client_message_rate_limit = 500
 

So from this, created the tls_policy:
http://askubuntu.com/questions/228938/how-can-i-configure-postfix-to-send-all-email-through-my-gmail-account

Now I get: (TLS is required, but our TLS engine is unavailable)

Trying but no luck  , how to fix this: (delivery temporarily suspended: TLS is required, but our TLS engine is unavailable) 

It works 
Solution:
main.cf
For more tls logging: smtp_tls_note_starttls_offer = yes
comment out or remove:
smtp_tls_CAfile = /etc/ssl/certs/savannidgerinel_com_CA.pem
smtp_tls_cert_file = /etc/ssl/certs/apps.savannidgerinel.com.pem
smtp_tls_key_file = /etc/ssl/private/apps.savannidgerinel.com.key.pem

BUT NOV i can send mail from my roundcube mail to gmail and other mails, but cant send back to roundcube mail...

If iI send form roundcube to gmail, reply from gmail to roundcube my mail gets sent to the relay hosts gmail.
How to fix that?
What do I need to change to get mails sent back to roundcube mail? A bit confused!!! But it works t least