Retracing Steps in Pefect Set-up Centos 5.1

[can]

As indicated, I am having to retrace my steps to figure out why I can't get my Postfix installation running properly.

I believe (being very new to this) that my DNS connectiviety is the issue. My server (192.168.XX.XX) is behind a firewall appliance that is assigned the IP 74.XX.XX.XX.

I apologize for asking very basic questions, but I need to ensure that I am not misunderstanding so that I can get this right.

1): the perfect setup example shows a mapping of an "Internal IP" to its related FQDN. In my case, my "EXTERNAL IP" is mapped to my FQDN. Is this correct?

2) Does the DNS port (53) need to be forwarded in the firewall appliance (mine is)?

3) Before even starting up POSTFIX I run IFCONFIG and get inet = 192.168.XX.XX; If I run NSLOOKUP mail.xxx.com, I get my server (mail.xxx.com) and the EXTERNAL IP (74.xx.xx.xx). Is this correct?

Again, I appreciate any help in stepping through this. My frustration is growing, but I am endeavoring to stay patient!

[falko]

Quote:

Originally Posted by can

2) Does the DNS port (53) need to be forwarded in the firewall appliance (mine is)?

Only if you want to run your own name server. In this case you must forward both TCP and UDP.

Quote:

Originally Posted by can

3) Before even starting up POSTFIX I run IFCONFIG and get inet = 192.168.XX.XX; If I run NSLOOKUP mail.xxx.com, I get my server (mail.xxx.com) and the EXTERNAL IP (74.xx.xx.xx). Is this correct?

Yes. Make sure that port 25 is forwarded to your ISPConfig server, that your ISP isn't blocking port 25, and that you aren't blacklisted (most dynamic IP addresses are): http://www.mxtoolbox.com/blacklists.aspx

[can]

As mentioned, we are a static IP, but I will check the blacklist to make sure that we are not there. We do not run a nameserver, bu instead rely on COMCAST to provide primary and backup DSN addressess as part of our commerical account. They do not block Port 25 and in fact, have disabled our gateway firewall as I had requested.

At 04:00 this morning, I got up and started to read your tutorial on DNS and BIND. It was very informative and I applaude you for your strong and concise technical writing skills.

As someone really new to LINUX and related email administration (self-taught), I find that most documentation takes for granted a reader familiarity with underlying related concepts and principles. In my case, this forces me to backtrack and get the base knowledge to go forward in the reading. At the same time, I am under pressure to "get my systems up and running" so that I can return to making a living in my small business.

I have another basic question regarding /etc/hosts (as per your example 4 on page 3 (perfect setup Centos 5.1).

My file is like your example, except that my server mail.xxx.com points to the Internet address assigned to my firewall appliance (74.xx.xx.xx), but yours apparently points to an internal address 192.168.0.100. Based upon the fact that my foward and reverse DNS point my mail.xxx.com server to the external address (74.xx.xx.xx), is this hosts configuration correct?

Again, thank you for your patience and consideration as I trace my steps and gather the basic knowledge required to be effective and efficient.

[falko]

Quote:

Originally Posted by can

Based upon the fact that my foward and reverse DNS point my mail.xxx.com server to the external address (74.xx.xx.xx), is this hosts configuration correct?

Yes, that's ok.

[can]

Thanks for that last verification. I have backed-up with this new information and a clean CENTOS and Postfix installation to reconfigure from scratch. I picked up "The Book of Postfix" and have stepped line by line in order to get my system working.

I got stopped in my tracks when I was unable to telnet to my server with "telnet mail.xxx.com 25". So I went to the trouble shooting section and am again stopped when I try "telnet 74.xx.xx.xx 25". Recall that my server "mail.afea.com" is behind a firewall appliance and is pointed to the external IP address 74.xx.xx.xx. I have checked my main.cf file and the "inet_interfaces" line is set to "all" and nothing else.

Can you advise on what else I should check?

[can]

Falkso,

I learned something from "the Postfix Book" author today. The "postfix reload" command does not rebind the interfaces. I did not know this and used the command after updating my "inet" line in the main.cf file.

Once I stopped and restarted postfix, I was able to telnet to my localmachine via the external IP address.

[can]

Falko,

I very much appreciate the time that you took to help with my configuration issues. I am up and running and getting more familiar with LINUX and POSTFIX administration.

Again, thank you.

can