Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 3 > Installation/Configuration

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 19th April 2013, 20:53
YYZ YYZ is offline
Junior Member
 
Join Date: Apr 2013
Posts: 2
Thanks: 0
Thanked 0 Times in 0 Posts
Default Mailserver not receiving SMTP (firewall block?)

Hi,

Just built a Linode LAMP server a week ago and everything works perfect with the exception of SMTP The server can send but cannot receive email.

Even though iptables indicate that TCP port25 is open for inbound connections, it is in fact closed as I cannot connect to the public IP address from the internet.
Local connection on the server to 127.0.0.1 works perfectly indicating that the daemon is alive and fine.
I could not figure this out for a life of me.

Thanks!

OS: Description: Ubuntu 12.04.2 LTS
Kernel: 3.8.4-x86_64
Base Linode Stackscript install: http://www.linode.com/stackscripts/v...ckScriptID=131
HowtoForge customization (using courier instead of Dovecot): http://www.howtoforge.com/perfect-se...ot-ispconfig-3

IPTABLES config (generated by ISPCONFIG3):
iptables -S (ipv4)
-P INPUT DROP
-P FORWARD DROP
-P OUTPUT ACCEPT
-N INT_IN
-N INT_OUT
-N PAROLE
-N PUB_IN
-N PUB_OUT
-N fail2ban-dovecot-pop3imap
-N fail2ban-pureftpd
-N fail2ban-ssh
-N ufw-after-forward
-N ufw-after-input
-N ufw-after-logging-forward
-N ufw-after-logging-input
-N ufw-after-logging-output
-N ufw-after-output
-N ufw-before-forward
-N ufw-before-input
-N ufw-before-logging-forward
-N ufw-before-logging-input
-N ufw-before-logging-output
-N ufw-before-output
-N ufw-reject-forward
-N ufw-reject-input
-N ufw-reject-output
-N ufw-track-input
-N ufw-track-output
-A INPUT -p tcp -m multiport --dports 110,995,143,993 -j fail2ban-dovecot-pop3imap
-A INPUT -p tcp -m multiport --dports 21 -j fail2ban-pureftpd
-A INPUT -p tcp -m multiport --dports 22 -j fail2ban-ssh
-A INPUT -s 81.169.154.250/32 -j DROP
-A INPUT -p tcp -m multiport --dports 110,995,143,993 -j fail2ban-dovecot-pop3imap
-A INPUT -p tcp -m multiport --dports 21 -j fail2ban-pureftpd
-A INPUT -p tcp -m multiport --dports 22 -j fail2ban-ssh
-A INPUT -d 127.0.0.0/8 ! -i lo -p tcp -j DROP
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -s 224.0.0.0/4 -j DROP
-A INPUT -i eth+ -j PUB_IN
-A INPUT -i ppp+ -j PUB_IN
-A INPUT -i slip+ -j PUB_IN
-A INPUT -i venet+ -j PUB_IN
-A INPUT -i bond+ -j PUB_IN
-A INPUT -j DROP
-A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -j DROP
-A OUTPUT -o eth+ -j PUB_OUT
-A OUTPUT -o ppp+ -j PUB_OUT
-A OUTPUT -o slip+ -j PUB_OUT
-A OUTPUT -o venet+ -j PUB_OUT
-A OUTPUT -o bond+ -j PUB_OUT
-A INT_IN -p icmp -j ACCEPT
-A INT_IN -j DROP
-A INT_OUT -p icmp -j ACCEPT
-A INT_OUT -j ACCEPT
-A PAROLE -j ACCEPT
-A PUB_IN -p icmp -m icmp --icmp-type 3 -j ACCEPT
-A PUB_IN -p icmp -m icmp --icmp-type 0 -j ACCEPT
-A PUB_IN -p icmp -m icmp --icmp-type 11 -j ACCEPT
-A PUB_IN -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A PUB_IN -p tcp -m tcp --dport 20 -j PAROLE
-A PUB_IN -p tcp -m tcp --dport 21 -j PAROLE
-A PUB_IN -p tcp -m tcp --dport 22 -j PAROLE
-A PUB_IN -p tcp -m tcp --dport 25 -j PAROLE
-A PUB_IN -p tcp -m tcp --dport 53 -j PAROLE
-A PUB_IN -p tcp -m tcp --dport 80 -j PAROLE
-A PUB_IN -p tcp -m tcp --dport 110 -j PAROLE
-A PUB_IN -p tcp -m tcp --dport 143 -j PAROLE
-A PUB_IN -p tcp -m tcp --dport 443 -j PAROLE
-A PUB_IN -p tcp -m tcp --dport 993 -j PAROLE
-A PUB_IN -p tcp -m tcp --dport 995 -j PAROLE
-A PUB_IN -p tcp -m tcp --dport 3306 -j PAROLE
-A PUB_IN -p tcp -m tcp --dport 8080 -j PAROLE
-A PUB_IN -p tcp -m tcp --dport 8081 -j PAROLE
-A PUB_IN -p tcp -m tcp --dport 8085 -j PAROLE
-A PUB_IN -p tcp -m tcp --dport 10000 -j PAROLE
-A PUB_IN -p udp -m udp --dport 53 -j ACCEPT
-A PUB_IN -p udp -m udp --dport 3306 -j ACCEPT
-A PUB_IN -p icmp -j DROP
-A PUB_IN -j DROP
-A PUB_OUT -j ACCEPT
-A fail2ban-dovecot-pop3imap -j RETURN
-A fail2ban-dovecot-pop3imap -j RETURN
-A fail2ban-dovecot-pop3imap -j RETURN
-A fail2ban-dovecot-pop3imap -j RETURN
-A fail2ban-pureftpd -j RETURN
-A fail2ban-pureftpd -j RETURN
-A fail2ban-pureftpd -j RETURN
-A fail2ban-pureftpd -j RETURN
-A fail2ban-ssh -j RETURN
-A fail2ban-ssh -j RETURN
-A fail2ban-ssh -j RETURN
Reply With Quote
Sponsored Links
  #2  
Old 22nd April 2013, 13:30
YYZ YYZ is offline
Junior Member
 
Join Date: Apr 2013
Posts: 2
Thanks: 0
Thanked 0 Times in 0 Posts
 
Default

Problem has been fixed.

Postfix was configured to listen only on the local loopback address.
run "sudo dpkg-reconfigure postfix" to update the configuration.

It is always the simple things.
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
mysql and mail problem viritech General 3 16th October 2012 12:54
WebDAV doesn't start - DAVLockDB not created - error 405 Method not allowed maljam Server Operation 2 23rd March 2011 16:06
amavis rejects all inbound emails aclhkaclhk Installation/Configuration 5 28th February 2010 04:24
Postfix issues NewMee Installation/Configuration 7 20th April 2009 18:52
Centos 4.4 32bit Hangs, High Server load 3cwired_com Server Operation 11 16th November 2006 15:47


All times are GMT +2. The time now is 20:06.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.