Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 230
  • Last Modified:

Sendmail Client Receive Problem

One of the Linux servers on our network can send mail internally to all users, send mail out to any host (internet via an exchange server and intranet), and remote systems within our network can send mail through it with no problem to any host on our network or the internet.  The problem comes when trying to receive mail through the Linux server via remote e-mail clients.  There is NO error in the mail logs.  It simply cannot connect to the sendmail server.  I’ve already allowed our internal network IP’s via the Firewall and even turned off the Firewall with no luck.
0
maxxum
Asked:
maxxum
  • 4
  • 3
1 Solution
 
majorwooCommented:
you have a machine outside the firewall, that you want to check mail from a machine inside the firewall? have you setup port forwarding so that the request for mail gets to the mail server and not the firewall? (even turning the firewall off wont do that, you need to get the request through to the mail server)

assuming you have a modern iptables firewall add:

EXTIF="eth1" #or your external interface
MAILIP="192.168.2.5" #or IP of your mail server
/sbin/iptables -t nat -A PREROUTING -i $EXTIF -p tcp --dport 25 -j DNAT --to $MAILIP:25
/sbin/iptables -A FORWARD -p tcp --dport 25 -i $EXTIF -j ACCEPT
0
 
maxxumAuthor Commented:
Yes, I am using iptables and have opened the mail port, but not as you have purposed.  I am not at work now but will try your solution tomorrow morning.  Thanks in advance if it works.
0
 
majorwooCommented:
ok, lemme know.

Just openign the port would allow you to talk to port 25 of the firewall.. you want port 25 of the mailserver, which unless it has a public IP needs to have port 25 from the firewall forwarded to it. (as i showed you)
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
maxxumAuthor Commented:
Sorry that I didn't get back.  Well, it worked, but only after reading up on iptables for a few hours before making the changes. :)

Thanks majorwoo
0
 
majorwooCommented:
curious, what else did you have to do? that should have done it unless you have some wild configuration
0
 
maxxumAuthor Commented:
lol, nothing too wild.  I had to read up on iptables because I was not as familiar with it as I would like to be.  The server in question is acting as a gateway/firewall for a modem bank whos users must be able to check their mail.  So, instead of calling directly to the exchange server on the other side, the Linux box will handle all requests (surfing, email, ftp, telnet/ssh for admins, etc.).  The iptable is getting pretty long and I wanted to make sure security was being maintained.  I had to implement many options that I was not sure of so I just re-wrote the hole thing separating it into sections and commenting each so other admins would know what I was trying to do.  Thank you for your help, it worked out very well.  The modem bank is working well and is being real-world tested as we speak.
0
 
majorwooCommented:
i should have given you this earlier, i know i meant to as i pasted part of it in here for you

http://majorwoo.dynup.net:1024/pub/rc.firewall

is the very well commented script that I use now for home/work/here (with some mods, buts its a great setup/starting point)
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

  • 4
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now