Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 3 > Installation/Configuration

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 6th June 2010, 19:59
MattJo. MattJo. is offline
Member
 
Join Date: May 2010
Posts: 40
Thanks: 16
Thanked 0 Times in 0 Posts
Default Yet another: I can't receive mail

Hello,

ISPConfig3 installed behind firewall with NAT. I think I need to bind the external IP to something, but I am not sure how or what. I have searched the forums, but not sure my issue is the same as others.

I am able to send mail, but not receive.

I tried changing the main.cf in postfix interfaces from all to the 127.0.0.1 and the external, but neither "all" or the specific ip's works.

I have forward TCP ports 20, 21, 22, 25, 53, 80, 110, 143, 443, 3306, 8080, and 10000 and UDP ports 53, 3306

please help. thanks,

Matt
Reply With Quote
Sponsored Links
  #2  
Old 7th June 2010, 09:16
Mark_NL Mark_NL is offline
Senior Member
 
Join Date: Sep 2008
Location: The Netherlands
Posts: 912
Thanks: 12
Thanked 100 Times in 96 Posts
Default

For receiving mail you should forward port 25 to your mailserver (tcp)

then try from a different machine (outside your local network): telnet <ip> <port>

you should get a connection then.
Reply With Quote
The Following User Says Thank You to Mark_NL For This Useful Post:
MattJo. (8th June 2010)
  #3  
Old 8th June 2010, 04:30
MattJo. MattJo. is offline
Member
 
Join Date: May 2010
Posts: 40
Thanks: 16
Thanked 0 Times in 0 Posts
Default thanks

Thanks very much, I wasn't able to connect and this led me to check the port forwarding on the firewall only to discover that I had mixed up the number in the local ip address for the port forwarding.
Reply With Quote
  #4  
Old 8th June 2010, 09:09
Mark_NL Mark_NL is offline
Senior Member
 
Join Date: Sep 2008
Location: The Netherlands
Posts: 912
Thanks: 12
Thanked 100 Times in 96 Posts
Default

Hehehe, good to hear, don't forget port 465 if you want to use SMTPS (Secure connection)

good luck!
Reply With Quote
The Following User Says Thank You to Mark_NL For This Useful Post:
MattJo. (8th June 2010)
  #5  
Old 8th June 2010, 15:56
MattJo. MattJo. is offline
Member
 
Join Date: May 2010
Posts: 40
Thanks: 16
Thanked 0 Times in 0 Posts
Default Port 465/587

Mark,

Thanks again.

How do I configure postfix to use 465? Or Do I simply open a port in the firewall and configure my client appropriately? For that matter 587 (which is TLS?)?


Matt
Reply With Quote
  #6  
Old 8th June 2010, 16:22
Mark_NL Mark_NL is offline
Senior Member
 
Join Date: Sep 2008
Location: The Netherlands
Posts: 912
Thanks: 12
Thanked 100 Times in 96 Posts
Default

hehe, depends on how you're gonna handle it ..

you have TLS and SSL

SSL is the predecessor of TLS.

both are secure transport layers, but TLS start off insecure, then requests a secure connection (on the same port), creates one and continues .. SSL starts off encrypted right away. (in short ;-))

So TLS is the easiest i'd say for you so you don't have to open up extra ports, but if you want Implicit SSL, you could edit master.cf, uncomment the stuff that belongs to "smtps", and open up port 465 on your firewall, and make sure it's send to your mailserver with NAT.

If you installed ispconfig with an how-to from this site (f.e. with a Perfect install) then you already have TLS support setup and you're good to go (no need to open extra ports then)
Reply With Quote
The Following User Says Thank You to Mark_NL For This Useful Post:
MattJo. (8th June 2010)
  #7  
Old 8th June 2010, 16:28
MattJo. MattJo. is offline
Member
 
Join Date: May 2010
Posts: 40
Thanks: 16
Thanked 0 Times in 0 Posts
Default

Thanks, I will try this tonight.

Interesting I always thought TLS was more secure.

thanks,

Matt
Reply With Quote
  #8  
Old 8th June 2010, 16:41
Mark_NL Mark_NL is offline
Senior Member
 
Join Date: Sep 2008
Location: The Netherlands
Posts: 912
Thanks: 12
Thanked 100 Times in 96 Posts
Default

Welll, with TLS you can define when you want to have stuff encrypted or not .. SSL is just everything encrypted ..

this image might give you some idea of what i mean:


edit: and TLS = SSLv3
Reply With Quote
  #9  
Old 9th June 2010, 06:35
MattJo. MattJo. is offline
Member
 
Join Date: May 2010
Posts: 40
Thanks: 16
Thanked 0 Times in 0 Posts
Default telnet port 25/465

Hi Mark (and anyone else).

So I looked at master.cf and am lost. Do I just uncomment the following items:

#smtps inet n - - - - smtpd
# -o smtpd_tls_wrappermode=yes
# -o smtpd_sasl_auth_enable=yes
# -o smtpd_client_restrictions=permit_sasl_authenticate d,reject
# -o milter_macro_daemon_name=ORIGINATING

or is there more?

Also will this secure the SMTP server to prevent spamming? (I was able to telnet and create a spam message to myself--somewhat scary.)

thanks,

Matt


PS What are the perfect server default ports that I can close--in other words, are not used "out of the box" for Perfect server setup?

Last edited by MattJo.; 9th June 2010 at 06:39.
Reply With Quote
  #10  
Old 9th June 2010, 08:57
Mark_NL Mark_NL is offline
Senior Member
 
Join Date: Sep 2008
Location: The Netherlands
Posts: 912
Thanks: 12
Thanked 100 Times in 96 Posts
 
Default

if you uncomment the lines you said you'll be able to have pure SSL connections to your mailserver, but you need to open port 465 and NAT it to your mailserver.

The secure SMTP will not prevent spam, the secure SMTP is for your own mailsending, so you can send mail over a secure line.

the perfect setup for firewalling would be by starting in a closed environment, as in: block ALL, then start opening ports you need.
Reply With Quote
The Following User Says Thank You to Mark_NL For This Useful Post:
MattJo. (12th June 2010)
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Postfix problem and few questions Gimly Installation/Configuration 12 7th July 2009 16:27
Postfix + postfixadmin = SMTP errors... Rashef Server Operation 4 25th June 2009 16:12
just the last step...and it works. Postfix...need help config. ubuntusr Installation/Configuration 1 5th January 2009 09:50
Problem with dcc-client installation (Postfix) swap-as Installation/Configuration 9 18th September 2008 20:47
Core 4: Error Messages on Fresh Install re CTX/SSL jjw Installation/Configuration 30 6th September 2006 12:16


All times are GMT +2. The time now is 18:05.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.