Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 2 > Installation/Configuration

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 10th August 2011, 21:43
kforbes kforbes is offline
Junior Member
 
Join Date: Mar 2011
Posts: 9
Thanks: 0
Thanked 0 Times in 0 Posts
Default Setting up SMTP traffic through port 587

Hi folks,

A few months ago, I posted this thread: http://www.howtoforge.com/forums/sho...d.php?p=253185 about trying to get SMTP traffic to work for our users outside of our office. Long story short, in the end, it was never our firewall but actually the ISP filtering port 25.

So here I am, still trying to get SMTP to work outside of our office. Which has brought me to using port 587, but I'm hitting some snags.

I found this thread: http://www.howtoforge.com/forums/showthread.php?t=31977 and went through the steps advised.

Some Info
  • ISPConfig 2.2.6
  • My firewall has port 587 open
  • Through the WebGUI for ISPconfig, it also says port 587 is open.
  • As suggested by Antennipasi in the thread linked above, I uncommented the correct line and added the information he suggested.
  • I was able to telnet on localhost to port 25 and 587 and receive the same response.
  • I was unable to telnet to port 25 and 587 from another machine.

Here is my master.cf file:
Code:
#
# Postfix master process configuration file.  For details on the format
# of the file, see the Postfix master(5) manual page.
#
# ==========================================================================
# service type  private unpriv  chroot  wakeup  maxproc command + args
#               (yes)   (yes)   (yes)   (never) (100)
# ==========================================================================
smtp      inet  n       -       -       -       -       smtpd
submission inet n      -       -       -       -       smtpd
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_client_restrictions=permit_sasl_authenticated,permit_mynetworks,check_relay_dom                                                                              ains,reject
#smtps    inet  n       -       -       -       -       smtpd
#  -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes
#submission inet n      -       -       -       -       smtpd
#  -o smtpd_etrn_restrictions=reject
#  -o smtpd_enforce_tls=yes -o smtpd_sasl_auth_enable=yes
#628      inet  n       -       -       -       -       qmqpd
pickup    fifo  n       -       -       60      1       pickup
cleanup   unix  n       -       -       -       0       cleanup
qmgr      fifo  n       -       n       300     1       qmgr
#qmgr     fifo  n       -       -       300     1       oqmgr
tlsmgr    unix  -       -       -       1000?   1       tlsmgr
rewrite   unix  -       -       -       -       -       trivial-rewrite
bounce    unix  -       -       -       -       0       bounce
defer     unix  -       -       -       -       0       bounce
trace     unix  -       -       -       -       0       bounce
verify    unix  -       -       -       -       1       verify
flush     unix  n       -       -       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
smtp      unix  -       -       -       -       -       smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
relay     unix  -       -       -       -       -       smtp
        -o fallback_relay=
#       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq     unix  n       -       -       -       -       showq
error     unix  -       -       -       -       -       error
discard   unix  -       -       -       -       -       discard
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       -       -       -       lmtp
anvil     unix  -       -       -       -       1       anvil
scache    unix  -       -       -       -       1       scache
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# Many of the following services use the Postfix pipe(8) delivery
# agent.  See the pipe(8) man page for information about ${recipient}
# and other message envelope options.
# ====================================================================
#
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
maildrop  unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
#
# See the Postfix UUCP_README file for configuration details.
#
uucp      unix  -       n       n       -       -       pipe
  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
#
# Other external delivery methods.
#
ifmail    unix  -       n       n       -       -       pipe
  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp     unix  -       n       n       -       -       pipe
  flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix  -       n       n       -       2       pipe
  flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${                                                                              extension}
mailman   unix  -       n       n       -       -       pipe
  flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
  ${nexthop} ${user}
Thoughts?
Reply With Quote
Sponsored Links
  #2  
Old 11th August 2011, 11:13
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 37,015
Thanks: 840
Thanked 5,651 Times in 4,461 Posts
Default

Please post the output of:

ntstat -tap

and

iptables -L
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #3  
Old 11th August 2011, 16:25
kforbes kforbes is offline
Junior Member
 
Join Date: Mar 2011
Posts: 9
Thanks: 0
Thanked 0 Times in 0 Posts
Default

netstat -tap
Code:
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State                                                                                               PID/Program name
tcp        0      0 *:mysql                 *:*                     LISTEN     5                                                                                        474/mysqld
tcp        0      0 *:submission            *:*                     LISTEN     1                                                                                        0408/master
tcp        0      0 *:81                    *:*                     LISTEN     5                                                                                        800/ispconfig_http
tcp        0      0 *:ftp                   *:*                     LISTEN     6                                                                                        203/proftpd: (acce
tcp        0      0 192.168.1.100:domain    *:*                     LISTEN     6                                                                                        188/named
tcp        0      0 localhost.locald:domain *:*                     LISTEN     6                                                                                        188/named
tcp        0      0 *:smtp                  *:*                     LISTEN     1                                                                                        0408/master
tcp        0      0 localhost.localdoma:953 *:*                     LISTEN     6                                                                                        188/named
tcp        0      0 192.168.1.100:smtp      mail.kaestle-ski.:30934 ESTABLISHED5153/smtpd
tcp        0      0 192.168.1.100:smtp      content120c.lga2.:48952 ESTABLISHED3034/smtpd
tcp        0      0 192.168.1.100:smtp      mail-gw0-f43.goog:56613 ESTABLISHED5148/smtpd
tcp        0      0 192.168.1.100:smtp      230.177.187.78.st:28890 ESTABLISHED3658/smtpd
tcp6       0      0 *:imaps                 *:*                     LISTEN     5348/couriertcpd
tcp6       0      0 *:pop3s                 *:*                     LISTEN     5383/couriertcpd
tcp6       0      0 *:submission            *:*                     LISTEN     10408/master
tcp6       0      0 *:pop3                  *:*                     LISTEN     5363/couriertcpd
tcp6       0      0 *:imap2                 *:*                     LISTEN     5328/couriertcpd
tcp6       0      0 *:www                   *:*                     LISTEN     6050/apache2
tcp6       0      0 *:ssh                   *:*                     LISTEN     5641/sshd
tcp6       0      0 *:smtp                  *:*                     LISTEN     10408/master
tcp6       0      0 ip6-localhost:953       *:*                     LISTEN     6188/named
tcp6       0      0 *:https                 *:*                     LISTEN     6050/apache2
tcp6       0      0 ::ffff:192.168.1.1:pop3 ::ffff:10.0.0.1%3:49358 TIME_WAIT  -
tcp6       0      0 ::ffff:192.168.1.1:pop3 153.232.133.219.b:62512 ESTABLISHED5341/courierpop3d
tcp6       0      0 ::ffff:192.168.1.1:pop3 ::ffff:10.0.0.1%32:4567 TIME_WAIT  -
tcp6       0    148 ::ffff:192.168.1.10:ssh ::ffff:10.0.0.1%3:51692 ESTABLISHED5373/0
tcp6       0      0 ::ffff:192.168.1.1:pop3 ::ffff:10.0.0.1%32:1948 TIME_WAIT  -
tcp6       0      0 ::ffff:192.168.1.1:pop3 ::ffff:10.0.0.1%3:51823 TIME_WAIT  -
tcp6       0      0 ::ffff:192.168.1.1:pop3 ::ffff:10.0.0.1%32:2820 TIME_WAIT  -
tcp6       0      0 ::ffff:192.168.1.1:pop3 ::ffff:10.0.0.1%3:52227 TIME_WAIT  -
tcp6       0      0 ::ffff:192.168.1.1:pop3 ::ffff:10.0.0.1%32:1870 TIME_WAIT  -
tcp6       0      0 ::ffff:192.168.1.1:pop3 ::ffff:10.0.0.1%32:1873 TIME_WAIT  -
tcp6       0      0 ::ffff:192.168.1.1:pop3 bda-74-82-81-144.:45251 TIME_WAIT  -
tcp6       0      0 ::ffff:192.168.1.1:pop3 ::ffff:10.0.0.1%3:51317 TIME_WAIT  -
tcp6       0      0 ::ffff:192.168.1.1:pop3 ::ffff:10.0.0.1%3:49424 TIME_WAIT  -
tcp6       0      0 ::ffff:192.168.1.1:pop3 ::ffff:10.0.0.1%3:52242 TIME_WAIT  -
tcp6       0      0 ::ffff:192.168.1.1:pop3 ::ffff:10.0.0.1%32:2860 TIME_WAIT  -
iptables -L
Code:
Chain INPUT (policy DROP)
target     prot opt source               destination
DROP       tcp  --  anywhere             127.0.0.0/8
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED
ACCEPT     all  --  anywhere             anywhere
DROP       all  --  base-address.mcast.net/4  anywhere
PUB_IN     all  --  anywhere             anywhere
PUB_IN     all  --  anywhere             anywhere
PUB_IN     all  --  anywhere             anywhere
PUB_IN     all  --  anywhere             anywhere
DROP       all  --  anywhere             anywhere

Chain FORWARD (policy DROP)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED
DROP       all  --  anywhere             anywhere

Chain INT_IN (0 references)
target     prot opt source               destination
ACCEPT     icmp --  anywhere             anywhere
DROP       all  --  anywhere             anywhere

Chain INT_OUT (0 references)
target     prot opt source               destination
ACCEPT     icmp --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
PUB_OUT    all  --  anywhere             anywhere
PUB_OUT    all  --  anywhere             anywhere
PUB_OUT    all  --  anywhere             anywhere
PUB_OUT    all  --  anywhere             anywhere

Chain PAROLE (9 references)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere

Chain PUB_IN (4 references)
target     prot opt source               destination
ACCEPT     icmp --  anywhere             anywhere            icmp destination-unreachable
ACCEPT     icmp --  anywhere             anywhere            icmp echo-reply
ACCEPT     icmp --  anywhere             anywhere            icmp time-exceeded
ACCEPT     icmp --  anywhere             anywhere            icmp echo-request
PAROLE     tcp  --  anywhere             anywhere            tcp dpt:ftp
PAROLE     tcp  --  anywhere             anywhere            tcp dpt:ssh
PAROLE     tcp  --  anywhere             anywhere            tcp dpt:smtp
PAROLE     tcp  --  anywhere             anywhere            tcp dpt:domain
PAROLE     tcp  --  anywhere             anywhere            tcp dpt:www
PAROLE     tcp  --  anywhere             anywhere            tcp dpt:81
PAROLE     tcp  --  anywhere             anywhere            tcp dpt:pop3
PAROLE     tcp  --  anywhere             anywhere            tcp dpt:https
PAROLE     tcp  --  anywhere             anywhere            tcp dpt:10000
ACCEPT     udp  --  anywhere             anywhere            udp dpt:domain
DROP       icmp --  anywhere             anywhere
DROP       all  --  anywhere             anywhere

Chain PUB_OUT (4 references)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere
Reply With Quote
  #4  
Old 11th August 2011, 16:32
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 37,015
Thanks: 840
Thanked 5,651 Times in 4,461 Posts
Default

Please add port 587 to the tcp ports in the firewall settings in ISPConfig under System > Firewall
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #5  
Old 11th August 2011, 17:18
kforbes kforbes is offline
Junior Member
 
Join Date: Mar 2011
Posts: 9
Thanks: 0
Thanked 0 Times in 0 Posts
 
Default

Thanks till,

I did that and can now send on port 587.

EDIT
I will try it from outside the office later today to confirm that it's working.

Last edited by kforbes; 11th August 2011 at 17:21. Reason: further information
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Dovecot v2 with ISPConfig 3 CSsab Installation/Configuration 13 13th September 2012 20:01
Some errors after using iRedMail to setup mail server DaaX HOWTO-Related Questions 1 21st January 2010 16:27
localhost postfix/master: fatal: bind 127.0.0.1 port 125: Permission denied g18c Installation/Configuration 4 24th March 2009 18:39
Centos 4.4 32bit Hangs, High Server load 3cwired_com Server Operation 11 16th November 2006 16:47
How to install BFD (Brute Force Detection) domino Tips/Tricks/Mods 9 31st March 2006 23:40


All times are GMT +2. The time now is 01:46.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.