Mail server can not be accesed from outside through ADSL

Hi experts, I have configure the outgoing connection through ADSL router, and there is no problem with it.
But, I have problem when I should configure Port Redirection Table.
I have Linux mail server that can be accessed from internet, via HTTP, SMTP and POP3.
But if I connect via ADSL, the mail server cannot be accessed from outside, even from HTTP. In my router ADSL, I configured port redirection for port 80., 25 and 110.
If I connect directly, mail server ok.
I use Linux Slackware 8.1 Kernel 2.4.18, with qmail-1.03, and squirrel mail-1.4.2 and Vigor 2500 ADSL router.

 When I check the configuration from internet, there is a report in Vigor ADSL router.

     Private IP :Port #Pseudo Port         Peer IP :Port  Ifno  Status  
-------------------------------------------------------------------------------    80           80 50437     3  0     when try access from internet    80           80 50350     3  0    80           80 50214     3  0    
     110          110  1207     3  0   when try POP3 from outlook  

And from my Linux mail server, I typed netstat –n, the report :

Proto Recv-Q Send-Q Local Address           Foreign Address         State      
tcp        0      0     SYN_RECV  

I’ve searched from internet to solve this problem, it seems the problem in my ADSL ISP.But I have to make sure the problem in their site, because they said that they  already redirected the IP. We can access internet http (go outside) from our LAN through ADSL router, Is it means that they open port 80 for http from outside to go to my mail server? Is there any setting that I should set in Linux, even if I connect directly form PC to my Linux mail server, it works properly?
I really appreciate for all of your help.

Best Regards,
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Hi niken_asterina,
You shouldn't be having a problem on your server, I see you are listening on the LAN IP of the server so it is doing what it needs to do. Download and run NMAP (, or any port scanner you prefer and test it against your WAN-IP, make sure your server is up, and find out what ports are being listened on. If port 110 and 25 are being listened on then there is some other problem. Ultimately, you should be able to do:

telnet 110

And get a response, an "OK message." If you find that the ports are not being listened on then run NMAP on the server using the LAN IP to make sure that it is indeed excepting inbound connections on those ports. See what happens. If the WAN port scan fails and the LAN port scan succeeds then you have isolated the problem. You did not enable any security on your server to only accept connections from your subnet eh?

ADSL usually means residential/non-business consumer and Acceptable Use Policies (AUP's) for home/cheap accounts typically do not allow running servers.  That's the first thing to check.  Many ISP's block inbound popular server ports including 21, 25, 53, 80, 110, and NETBIOS ports 139 and 445 to their end users.  That's why you can get a 1.5 down/256k up ADSL line for $30/mo while a 1.1 up/down SDSL line explicitly allowing servers and larger blocks of IP addresses will run you closer to $300/mo.  ADSL is cheaper because by design (slower outgoing bandwidth) it is intended for home/casual users, no servers, and no guarantee of uptime.  If an ADSL line goes down and takes 3-5 days to get fixed, this is considered acceptable in the industry.  Obviously 5 days downtime is not considered acceptable if you're running servers.

Residential cable customers are often bound by similar AUP's as ADSL subscribers.  If home-type connections in your area block common inbound server ports, it is likely intentional to enforce their AUP.  If you require services not covered by your AUP, then you should get a commercial line.  I have a T1 at home with 32 IP's (and 8 phone lines that use no bandwidth until the phone is actually in use) and a wide open AUP to do anything I want that's not illegal, and no monthly bandwidth useage caps.  Some people laugh at my $355/mo bill and say things like "well I have comcast and can download twice as fast as you and I only pay $60/mo.  Laugh away.  You can't run any servers, you pay $5/mo per additional IP if you need them, you can't run your own DNS nor have RDNS delegated to you, you can't send out port 25 traffic to anywhere but comcast's SMTP servers, and have a third the outgoing bandwidth as me...not to mention my uptime guarantee and more prompt/professional/clueful tech support.  Many but not all consumer-grade broadband connections have monthly bandwidth caps as well.  You get what you pay for depending on your local market.

Residential broadband AUP's vary provider to provider and market to market, so you might get away with more in other areas.  Since the TCP handshake is not completing to your server, and the port forwarding seems correct in your router, I'd wager your ISP is blocking you.  You may need a more expensive service.  I've even seen "buisness class DSL" packages around here that STILL don't allow servers and will block popular inbound ports.  Then again those are still in the $50-100/mo range.

I wish you luck in finding a cheap broadband ISP that allows running servers.  See if speakeasy is available in your area.  If you're lucky, you might even get their 6mbit/1mbit ADSL package allowing servers for about $100/mo with a couple IP addresses.  No uptime guarantee, but otherwise a great deal and sweet download bandwidth.  I wouldn't want to host for pay on one of those lines, but personal/friend's use and for hobby/learning purposes it'd be pretty sweet.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
niken_asterinaAuthor Commented:
Thanks, for all your comment,
Actually this is in ISP site, but unfortunately they cannot do anything to help me. So I will move to the other ISP.

It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.