Hello, I have a new install of ISPConfig3 (my first one) exactly following the tutorial The Perfect Server - Debian Squeeze (Debian 6.0) With BIND & Dovecot [ISPConfig 3]. I'm having problems with remote clients being able to send email via the ISPConfig3 mail server regardless whether they use Thunderbird, Outlook, etc. IMAP and POP3 work fine. The server is on a virtual machine and NAT'd behind a firewall but all mail ports are open and port forwarded through the firewall. I can successfully send smtp if I connect to the server from a client using the public (inside) IP but cannot if I use the private (internet facing) IP. I know the firewall is not blocking the packets because I debugged and logged smtp packets and the logs show the firewall passing port 25 through to the server. For example, below is the output from testing using a telnet session. The first test uses the public IP and the second uses the private IP. Code: [[email protected] ~]$ telnet 192.168.32.101 25 Trying 192.168.32.101... Connected to 192.168.32.101. Escape character is '^]'. 220 ex3ksweb01.ex3host.com ESMTP ehlo mail.ex3.com 250-ex3ksweb01.ex3host.com 250-PIPELINING 250-SIZE 10240000 250-VRFY 250-ETRN 250-STARTTLS 250-AUTH PLAIN LOGIN 250-AUTH=PLAIN LOGIN 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN mail from: [email protected] 250 2.1.0 Ok rcpt to: [email protected] 250 2.1.5 Ok data 354 End data with <CR><LF>.<CR><LF> test message 20120821_1636 . 250 2.0.0 Ok: queued as 7267F1A4F3 quit 221 2.0.0 Bye Connection closed by foreign host. [[email protected] ~]$ telnet mail.ex3test.com 25 Trying 69.149.138.211... telnet: connect to address 69.149.138.211: Connection refused Here is a tail of my mail.log file: Code: Aug 21 19:30:01 ex3ksweb01 dovecot: pop3-login: Disconnected (no auth attempts): rip=127.0.0.1, lip=127.0.0.1, secured Aug 21 19:30:01 ex3ksweb01 dovecot: imap-login: Disconnected (no auth attempts): rip=127.0.0.1, lip=127.0.0.1, secured Aug 21 19:30:01 ex3ksweb01 postfix/smtpd[3818]: connect from localhost[127.0.0.1] Aug 21 19:30:01 ex3ksweb01 postfix/smtpd[3818]: lost connection after CONNECT from localhost[127.0.0.1] Aug 21 19:30:01 ex3ksweb01 postfix/smtpd[3818]: disconnect from localhost[127.0.0.1] Aug 21 19:35:01 ex3ksweb01 dovecot: pop3-login: Disconnected (no auth attempts): rip=127.0.0.1, lip=127.0.0.1, secured Aug 21 19:35:01 ex3ksweb01 dovecot: imap-login: Disconnected (no auth attempts): rip=127.0.0.1, lip=127.0.0.1, secured Aug 21 19:35:01 ex3ksweb01 postfix/smtpd[3910]: connect from localhost[127.0.0.1] Aug 21 19:35:01 ex3ksweb01 postfix/smtpd[3910]: lost connection after CONNECT from localhost[127.0.0.1] Aug 21 19:35:01 ex3ksweb01 postfix/smtpd[3910]: disconnect from localhost[127.0.0.1] Aug 21 19:40:01 ex3ksweb01 dovecot: pop3-login: Disconnected (no auth attempts): rip=127.0.0.1, lip=127.0.0.1, secured Aug 21 19:40:01 ex3ksweb01 dovecot: imap-login: Disconnected (no auth attempts): rip=127.0.0.1, lip=127.0.0.1, secured Aug 21 19:40:01 ex3ksweb01 postfix/smtpd[4001]: connect from localhost[127.0.0.1] Aug 21 19:40:01 ex3ksweb01 postfix/smtpd[4001]: lost connection after CONNECT from localhost[127.0.0.1] Aug 21 19:40:01 ex3ksweb01 postfix/smtpd[4001]: disconnect from localhost[127.0.0.1] I searched for a fix here on the site but no post seemed to fit. I'm not sure if it has to do with SASL or the configuration of amavisd. Any suggestions?
Thanks for the quick reply. Here is the output. Unfortunately I'm new to Debian and I'm still learning where / how to do setting for the firewall, etc. Code: [email protected]:/var/log# netstat -tap Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 *:mysql *:* LISTEN 1658/mysqld tcp 0 0 *:pop3 *:* LISTEN 1955/dovecot tcp 0 0 *:imap2 *:* LISTEN 1955/dovecot tcp 0 0 *:sunrpc *:* LISTEN 779/portmap tcp 0 0 *:ftp *:* LISTEN 1794/pure-ftpd (SER tcp 0 0 ex3ksweb01.ex3ho:domain *:* LISTEN 1049/named tcp 0 0 localhost:domain *:* LISTEN 1049/named tcp 0 0 *:ssh *:* LISTEN 1669/sshd tcp 0 0 *:smtp *:* LISTEN 1920/master tcp 0 0 localhost:953 *:* LISTEN 1049/named tcp 0 0 *:imaps *:* LISTEN 1955/dovecot tcp 0 0 *:pop3s *:* LISTEN 1955/dovecot tcp 0 0 *:59813 *:* LISTEN 792/rpc.statd tcp 0 0 localhost:10024 *:* LISTEN 1257/amavisd (maste tcp 0 0 localhost:10025 *:* LISTEN 1920/master tcp 0 0 localhost:33430 localhost:mysql ESTABLISHED 1258/amavisd (ch9-a tcp 0 0 localhost:mysql localhost:33430 ESTABLISHED 1658/mysqld tcp 0 0 localhost:mysql localhost:33446 ESTABLISHED 1658/mysqld tcp 0 48 ex3ksweb01.ex3host.:ssh 192.168.20.151:60429 ESTABLISHED 2309/sshd: administ tcp 0 0 localhost:33446 localhost:mysql ESTABLISHED 1259/amavisd (ch8-a tcp6 0 0 [::]:http-alt [::]:* LISTEN 1277/apache2 tcp6 0 0 [::]:www [::]:* LISTEN 1277/apache2 tcp6 0 0 [::]:tproxy [::]:* LISTEN 1277/apache2 tcp6 0 0 [::]:ftp [::]:* LISTEN 1794/pure-ftpd (SER tcp6 0 0 [::]:domain [::]:* LISTEN 1049/named tcp6 0 0 [::]:ssh [::]:* LISTEN 1669/sshd tcp6 0 0 ip6-localhost:953 [::]:* LISTEN 1049/named tcp6 0 0 [::]:https [::]:* LISTEN 1277/apache2 [email protected]:/var/log#
Thats ok, postfix is listening on all interfaces. So the connecion must be blocked by a firewall, this can be the firewall on the server itself. Test it with: iptables -L A firewall in a router in front of the server or a firewall of your internet acccess provider. Many providers block port 25 to avoid spam, so if your server is not located in a datacenter, then its likely that your provider blocks the smtp connections.
Thanks again for the assistance. Below is the output of the iptables command. If I read this correctly, there is not a rule for smtp. I would have expected the rule to be installed during the setup as shown in the tutorial. Did I miss a step? So at this point do I need to create another fail2ban filter and set up a chain in iptables? and if so can you let me know the command(s) to do that? Regards. Code: [email protected]:~# iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination fail2ban-ssh tcp -- anywhere anywhere multiport dports ssh fail2ban-pureftpd tcp -- anywhere anywhere multiport dports ftp fail2ban-dovecot-pop3imap tcp -- anywhere anywhere multiport dports pop3,pop3s,imap2,imaps Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain fail2ban-dovecot-pop3imap (1 references) target prot opt source destination RETURN all -- anywhere anywhere Chain fail2ban-pureftpd (1 references) target prot opt source destination RETURN all -- anywhere anywhere Chain fail2ban-ssh (1 references) target prot opt source destination RETURN all -- anywhere anywhere [email protected]:~#
Nevermind. It turns out that our internet provider was blocking ports to that location. They shouldn't have been, but they were. Thanks for your help in pointing to the problem. Cheers!
