View Single Post
  #5  
Old 16th March 2012, 16:54
3DPeruna 3DPeruna is offline
Member
 
Join Date: Jan 2007
Posts: 50
Thanks: 8
Thanked 0 Times in 0 Posts
Default Still pulling my hair out!

Server A:

netstat -tap

Code:
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 localhost.localdo:10024 *:*                     LISTEN      1113/amavisd (maste
tcp        0      0 localhost.localdo:10025 *:*                     LISTEN      10998/master
tcp        0      0 *:mysql                 *:*                     LISTEN      1061/mysqld
tcp        0      0 *:submission            *:*                     LISTEN      10998/master
tcp        0      0 *:http-alt              *:*                     LISTEN      11464/apache2
tcp        0      0 *:www                   *:*                     LISTEN      11464/apache2
tcp        0      0 XX-XXX-XXX-XXX.b:domain *:*                     LISTEN      2740/named
tcp        0      0 thisismydomain:domain *:*                     LISTEN      2740/named
tcp        0      0 localhost.locald:domain *:*                     LISTEN      2740/named
tcp        0      0 *:ftp                   *:*                     LISTEN      1934/pure-ftpd (SER
tcp        0      0 *:ssh                   *:*                     LISTEN      937/sshd
tcp        0      0 *:smtp                  *:*                     LISTEN      10998/master
tcp        0      0 localhost.localdoma:953 *:*                     LISTEN      2740/named
tcp        0      0 *:https                 *:*                     LISTEN      11464/apache2
tcp        0      0 localhost.localdo:mysql localhost.localdo:50214 ESTABLISHED 1061/mysqld
tcp        0    248 thisismydomain.c:ssh 69-168-254-123.br:55688 ESTABLISHED 17411/sshd: ohdweb
tcp        0      0 localhost.localdo:50216 localhost.localdo:mysql ESTABLISHED 11489/smtpd
tcp        0      0 localhost.localdo:50213 localhost.localdo:mysql ESTABLISHED 13573/trivial-rewri
tcp        0      0 localhost.localdo:mysql localhost.localdo:50216 ESTABLISHED 1061/mysqld
tcp        0      0 localhost.localdo:mysql localhost.localdo:50213 ESTABLISHED 1061/mysqld
tcp        0      0 localhost.localdo:50204 localhost.localdo:mysql ESTABLISHED 13630/amavisd (ch1-
tcp        0      0 localhost.localdo:50215 localhost.localdo:mysql ESTABLISHED 11489/smtpd
tcp        0      0 localhost.localdo:50218 localhost.localdo:mysql ESTABLISHED 13574/proxymap
tcp        0      0 localhost.localdo:mysql localhost.localdo:50217 ESTABLISHED 1061/mysqld
tcp        0      0 thisismydomain.:smtp static.227.227.47:47934 TIME_WAIT   -
tcp        0      0 localhost.localdo:50221 localhost.localdo:mysql ESTABLISHED 13574/proxymap
tcp        0      0 localhost.localdo:10025 localhost.localdo:59219 TIME_WAIT   -
tcp        0      0 localhost.localdo:mysql localhost.localdo:50212 ESTABLISHED 1061/mysqld
tcp        0      0 localhost.localdo:59204 localhost.localdo:10025 ESTABLISHED 13630/amavisd (ch1-
tcp        0      0 localhost.localdo:49970 localhost.localdo:mysql TIME_WAIT   -
tcp        0      0 localhost.localdo:mysql localhost.localdo:50218 ESTABLISHED 1061/mysqld
tcp        0      0 localhost.localdo:mysql localhost.localdo:50221 ESTABLISHED 1061/mysqld
tcp        0      0 localhost.localdo:mysql localhost.localdo:50215 ESTABLISHED 1061/mysqld
tcp        0      0 localhost.localdo:10025 localhost.localdo:59204 ESTABLISHED 13654/smtpd
tcp        0      0 thisismydomain.:smtp 42.113.172.235:50138    TIME_WAIT   -
tcp        0      0 localhost.localdo:50214 localhost.localdo:mysql ESTABLISHED 13574/proxymap
tcp        0      0 localhost.localdo:50212 localhost.localdo:mysql ESTABLISHED 13574/proxymap
tcp        0      0 localhost.localdo:mysql localhost.localdo:50204 ESTABLISHED 1061/mysqld
tcp        0      0 localhost.localdo:50217 localhost.localdo:mysql ESTABLISHED 13574/proxymap
tcp6       0      0 [::]:imaps              [::]:*                  LISTEN      1752/couriertcpd
tcp6       0      0 [::]:pop3s              [::]:*                  LISTEN      1818/couriertcpd
tcp6       0      0 [::]:pop3               [::]:*                  LISTEN      1782/couriertcpd
tcp6       0      0 [::]:imap2              [::]:*                  LISTEN      1711/couriertcpd
tcp6       0      0 [::]:domain             [::]:*                  LISTEN      2740/named
tcp6       0      0 [::]:ftp                [::]:*                  LISTEN      1934/pure-ftpd (SER
tcp6       0      0 [::]:ssh                [::]:*                  LISTEN      937/sshd
tcp6       0      0 ip6-localhost:953       [::]:*                  LISTEN      2740/named
tcp6       0      0 thisismydomain.:pop3 69-168-254-123.br:58708 TIME_WAIT   -
tcp6       0      0 thisismydomain:imap2 69-168-254-123.br:49616 ESTABLISHED 8828/couriertls
tcp6       0      0 thisismydomain:imap2 69-168-254-123.br:49610 ESTABLISHED 8824/couriertls
tcp6       0      0 thisismydomain:imap2 69-168-254-123.br:49611 ESTABLISHED 8808/imapd
tcp6       0      0 thisismydomain:imap2 69-168-254-123.br:49615 ESTABLISHED 8829/couriertls
tcp6       0      0 thisismydomain:imap2 69-168-254-123.br:49617 ESTABLISHED 8813/imapd
tcp6       0      0 thisismydomain:imap2 69-168-254-123.br:53905 ESTABLISHED 4950/couriertls
tcp6       0      0 thisismydomain:imap2 69-168-254-123.br:49597 ESTABLISHED 8815/couriertls
tcp6       0      0 thisismydomain:imap2 69-168-254-123.br:65311 ESTABLISHED 5303/imapd
tcp6       0      0 thisismydomain:imap2 69-168-254-123.br:49595 ESTABLISHED 8817/couriertls
tcp6       0      0 thisismydomain:imap2 69-168-254-123.br:49603 ESTABLISHED 8825/couriertls
tcp6       0      0 thisismydomain:imap2 69-168-254-123.br:49612 ESTABLISHED 8819/couriertls
tcp6       0      0 thisismydomain.:pop3 69-168-254-123.br:58723 TIME_WAIT   -
iptables -L

Code:
Chain INPUT (policy ACCEPT)
target     prot opt source               destination
fail2ban-ssh  tcp  --  anywhere             anywhere            multiport dports ssh
fail2ban-courierimaps  tcp  --  anywhere             anywhere            multiport dports imaps
fail2ban-courierpop3  tcp  --  anywhere             anywhere            multiport dports pop3
fail2ban-courierimap  tcp  --  anywhere             anywhere            multiport dports imap2
fail2ban-pure-ftpd  tcp  --  anywhere             anywhere            multiport dports ftp,ftp-data,ftps,ftps-data

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Chain fail2ban-courierimap (1 references)
target     prot opt source               destination
RETURN     all  --  anywhere             anywhere

Chain fail2ban-courierimaps (1 references)
target     prot opt source               destination
RETURN     all  --  anywhere             anywhere

Chain fail2ban-courierpop3 (1 references)
target     prot opt source               destination
RETURN     all  --  anywhere             anywhere

Chain fail2ban-courierpop3s (0 references)
target     prot opt source               destination
RETURN     all  --  anywhere             anywhere

Chain fail2ban-pure-ftpd (1 references)
target     prot opt source               destination
RETURN     all  --  anywhere             anywhere

Chain fail2ban-sasl (0 references)
target     prot opt source               destination
RETURN     all  --  anywhere             anywhere

Chain fail2ban-ssh (1 references)
target     prot opt source               destination
RETURN     all  --  anywhere             anywhere
/etc/postfix/main.cf
Code:
# See /usr/share/postfix/main.cf.dist for a commented, more complete version


# Debian specific:  Specifying a file name will cause the first
# line of that file to be used as the name.  The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

readme_directory = /usr/share/doc/postfix

# TLS parameters
smtpd_tls_cert_file = /etc/postfix/smtpd.cert
smtpd_tls_key_file = /etc/postfix/smtpd.key
smtpd_use_tls = yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.

myhostname = thisismydomain.com
alias_maps = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
alias_database = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
myorigin = /etc/mailname
mydestination = thisismydomain.com, localhost, localhost.localdomain, $mydomains
relayhost =
mynetworks = 127.0.0.0/8 [::1]/128, XXX.XXX.XXX.XXX
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
html_directory = /usr/share/doc/postfix/html
virtual_alias_domains =
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, proxy:mysql:/etc/postfix/mysql-virtual_email2email.cf, hash:/var/lib/mailman/data/virtual-mailman
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
virtual_mailbox_base = /var/vmail
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_sasl_authenticated_header = yes
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
smtpd_tls_security_level = may
transport_maps = proxy:mysql:/etc/postfix/mysql-virtual_transports.cf
relay_domains = mysql:/etc/postfix/mysql-virtual_relaydomains.cf
relay_recipient_maps = mysql:/etc/postfix/mysql-virtual_relayrecipientmaps.cf
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_$
smtpd_sender_restrictions = check_sender_access mysql:/etc/postfix/mysql-virtual_sender.cf
smtpd_client_restrictions = check_client_access mysql:/etc/postfix/mysql-virtual_client.cf
smtpd_client_message_rate_limit = 100
maildrop_destination_concurrency_limit = 1
maildrop_destination_recipient_limit = 1
virtual_transport = maildrop
header_checks = regexp:/etc/postfix/header_checks
mime_header_checks = regexp:/etc/postfix/mime_header_checks
nested_header_checks = regexp:/etc/postfix/nested_header_checks
body_checks = regexp:/etc/postfix/body_checks
owner_request_special = no
content_filter = amavis:[127.0.0.1]:10024
receive_override_options = no_address_mappings
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
smtpd_tls_auth_only = no
smtp_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_CAfile = /usr/local/ispconfig/interface/ssl/startssl.chain.class1.server.crt
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
message_size_limit = 0
Just looking to get Server B to send through Server A...

Server B is behind a NAT on a Cisco router. All ports open, nothing blocked at the router level.
Reply With Quote