Navigation

kforbes · #1 8th March 2011, 18:42

I am currently using version 2.2.6

Since we first installed the server, we have been unable to send email using our SMTP server when outside the local LAN (outside the office).
The error we receive in MS Outlook is 0x80042109.

Some information:
I've tried using IP address and hostname in email account settings, to no avail.
Port 25 is open on my firewall (and redirecting correctly to the mail server) and my ISP does not block traffic on port 25.
My server does not appear on any blacklists

I've searched through the forums and found a handful of users who had similar problems, but no firm solutions:
http://www.howtoforge.com/forums/showthread.php?t=17116
http://how2forge.net/forums/showthread.php?t=21808
http://how2forge.net/forums/showthread.php?t=42927

Any help would be greatly appreciated.

falko · #2 9th March 2011, 16:48

Are there any errors in your mail log (in the /var/log/ directory)?

kforbes · #3 10th March 2011, 05:50

Unfortunately no errors seem to appear,

I'm watching mail.log after performing a send/receive from Outlook while out of the office and with a message in my outbox.
I can see the connection from my IP to the mail server for courierpop3login (checking for new messages), but there's no other traffic listed between my IP and the mail server.

On the sending computer, Outlook simply stays with trying to send the message before finally failing and reporting back error code 0x80042109.

falko · #4 10th March 2011, 17:07

What are the outputs of

Code:

netstat -tap

and

Code:

iptables -L

? I guess Postfix isn't running or blocked by your firewall.

jnsc · #5 10th March 2011, 18:25

Do you use authentification when not on lan?

kforbes · #6 10th March 2011, 19:14

iptables -L output:

Code:

Chain INPUT (policy DROP)
target     prot opt source               destination
DROP       tcp  --  anywhere             127.0.0.0/8
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED
ACCEPT     all  --  anywhere             anywhere
DROP       all  --  BASE-ADDRESS.MCAST.NET/4  anywhere
PUB_IN     all  --  anywhere             anywhere
PUB_IN     all  --  anywhere             anywhere
PUB_IN     all  --  anywhere             anywhere
PUB_IN     all  --  anywhere             anywhere
DROP       all  --  anywhere             anywhere

Chain FORWARD (policy DROP)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED
DROP       all  --  anywhere             anywhere

Chain INT_IN (0 references)
target     prot opt source               destination
ACCEPT     icmp --  anywhere             anywhere
DROP       all  --  anywhere             anywhere

Chain INT_OUT (0 references)
target     prot opt source               destination
ACCEPT     icmp --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
PUB_OUT    all  --  anywhere             anywhere
PUB_OUT    all  --  anywhere             anywhere
PUB_OUT    all  --  anywhere             anywhere
PUB_OUT    all  --  anywhere             anywhere

Chain PAROLE (9 references)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere

Chain PUB_IN (4 references)
target     prot opt source               destination
ACCEPT     icmp --  anywhere             anywhere            icmp destination-unreachable
ACCEPT     icmp --  anywhere             anywhere            icmp echo-reply
ACCEPT     icmp --  anywhere             anywhere            icmp time-exceeded
ACCEPT     icmp --  anywhere             anywhere            icmp echo-request
PAROLE     tcp  --  anywhere             anywhere            tcp dpt:ftp
PAROLE     tcp  --  anywhere             anywhere            tcp dpt:ssh
PAROLE     tcp  --  anywhere             anywhere            tcp dpt:smtp
PAROLE     tcp  --  anywhere             anywhere            tcp dpt:domain
PAROLE     tcp  --  anywhere             anywhere            tcp dpt:www
PAROLE     tcp  --  anywhere             anywhere            tcp dpt:81
PAROLE     tcp  --  anywhere             anywhere            tcp dpt:pop3
PAROLE     tcp  --  anywhere             anywhere            tcp dpt:https
PAROLE     tcp  --  anywhere             anywhere            tcp dpt:10000
ACCEPT     udp  --  anywhere             anywhere            udp dpt:domain
DROP       icmp --  anywhere             anywhere
DROP       all  --  anywhere             anywhere

Chain PUB_OUT (4 references)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere

I'll post the output of netstat -tap later tonight when I can post how it looks when I am out of the office and trying to send via the SMTP.

In my mail.log, there are instances of postfix/smtp running for users operating on the LAN, so I'm inclined to believe that postfix is running.
Also double checked that port 25 is open on the firewall and it is (and redirecting that traffic to the mail server).

jnsc: I am using authentication both on and off the LAN.

kforbes · #7 11th March 2011, 13:24

netstat -tap

Code:

Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 *:mysql                 *:*                     LISTEN     3886/mysqld
tcp        0      0 *:81                    *:*                     LISTEN     4208/ispconfig_http
tcp        0      0 *:ftp                   *:*                     LISTEN     4607/proftpd: (acce
tcp        0      0 192.168.1.100:domain    *:*                     LISTEN     4592/named
tcp        0      0 localhost.locald:domain *:*                     LISTEN     4592/named
tcp        0      0 *:smtp                  *:*                     LISTEN     28887/master
tcp        0      0 localhost.localdoma:953 *:*                     LISTEN     4592/named
tcp        0      1 192.168.1.100:44056     tornado.klis.com:smtp   SYN_SENT   11257/smtp
tcp        0      1 192.168.1.100:45795     homtail.co.uk:smtp      SYN_SENT   11258/smtp
tcp        0      0 192.168.1.100:smtp      promo-emm1.listen:38177 TIME_WAIT  -
tcp        0      0 192.168.1.100:smtp      mail-fx0-f43.goog:60721 ESTABLISHED11259/smtpd
tcp        0      0 192.168.1.100:smtp      content119b.lga2.:52959 ESTABLISHED9974/smtpd
tcp6       0      0 *:imaps                 *:*                     LISTEN     3760/couriertcpd
tcp6       0      0 *:pop3s                 *:*                     LISTEN     3795/couriertcpd
tcp6       0      0 *:pop3                  *:*                     LISTEN     3775/couriertcpd
tcp6       0      0 *:imap2                 *:*                     LISTEN     3740/couriertcpd
tcp6       0      0 *:www                   *:*                     LISTEN     3467/apache2
tcp6       0      0 *:ssh                   *:*                     LISTEN     4049/sshd
tcp6       0      0 *:smtp                  *:*                     LISTEN     28887/master
tcp6       0      0 ip6-localhost:953       *:*                     LISTEN     4592/named
tcp6       0      0 *:https                 *:*                     LISTEN     3467/apache2
tcp6       0      0 ::ffff:192.168.1.1:pop3 ::ffff:10.0.0.1%32:1982 TIME_WAIT  -
tcp6       0      0 ::ffff:192.168.1.1:pop3 ::ffff:10.0.0.1%32:1983 TIME_WAIT  -
tcp6       0      0 ::ffff:192.168.1.1:pop3 ::ffff:10.0.0.1%32:1131 TIME_WAIT  -
tcp6       0      0 ::ffff:192.168.1.1:pop3 ::ffff:74.198.164:60933 ESTABLISHED-
tcp6       0      0 ::ffff:192.168.1.1:pop3 bda-67-223-89-17.:47640 TIME_WAIT  -
tcp6       0      0 ::ffff:192.168.1.1:pop3 ::ffff:74.198.164:38516 TIME_WAIT  -
tcp6       0      0 ::ffff:192.168.1.1:pop3 blk-30-141-246.ea:64118 TIME_WAIT  -
tcp6       0    148 ::ffff:192.168.1.10:ssh blk-30-141-246.ea:64081 ESTABLISHED11162/0
tcp6       0      0 ::ffff:192.168.1.1:pop3 hlfxns0188w-09919:61423 TIME_WAIT  -
tcp6       0      0 ::ffff:192.168.1.1:pop3 bda-67-223-93-115:34880 TIME_WAIT  -

blk-30-141-246.ea is my attempts outside of the office.

falko · #8 11th March 2011, 15:45

Can you disable your firewall for testing purposes and try again?

kforbes · #9 11th March 2011, 21:37

Hi falko,

I will attempt this over the weekend when there aren't as many employees in the office.

For reference: we're using a Watchguard Firebox as our Internet Gateway/Firewall. It also splits the connection coming in between the mail server and the office network (the mail server does not reside on the network itself).

The reason I believe the issue is not being caused by the firewall is two fold:
1) Prior to this, we had a switch and a router filling the role that the Firebox fills now and still had this issue come up.
2) The configuration in the Firebox's settings for SMTP (port 25) traffic is identical to the configuration for POP3 (port 110) traffic and POP3 traffic does work outside of the office.

But definitely will try to access without the firewall in place this weekend and will report back.

kforbes · #10 12th March 2011, 17:07

Wow, I am extremely sorry for wasting your time.

I put the mail server directly onto the Internet, avoiding the firewall and wouldn't you know it, SMTP worked.

So I guess it's on to trouble-shooting the Firebox.

Again, sorry for that. Thanks for the help.

Navigation

Facebook

News

Recent comments

Newsletter