Solved

Can restarting the router effect Sendmail

Posted on 2006-06-19
104
470 Views
Last Modified: 2013-11-29
I restarted my router and now I am unable to send or receive emails.  It says the connection cannot be established to the ports 25 or 110.  
Thanks
PS I can connect to the mail server via the mail server machine thru ports 25 and 110.  I am using a Linux machine with Sendmail 8.11.6
0
Comment
Question by:theret79
  • 56
  • 45
  • 2
  • +1
104 Comments
 
LVL 13

Expert Comment

by:prashsax
ID: 16937445
Check if port forwarding is setup correctly on router.

Also, check the access-list on router itself.

Since you are able to access port 25 and 110 from within the network, it has to be on router.
0
 

Author Comment

by:theret79
ID: 16937462
All setup correctly, This worked correctly until Sunday.  So this morning I restarted the router.  It is forwarding my aliases, just not sending the mail to the individual address.  I can connect to the mail server on the mail server but outside the mail server I cannot connect.
0
 
LVL 13

Expert Comment

by:prashsax
ID: 16937486
Can you telnet to your mail server from some other computer on the network.

Just goto some other pc in your network:

telnet MAIL_SERVER_IP 25

this should show some banner.

0
 

Author Comment

by:theret79
ID: 16937501
nope it says that could not open connection to the host on port 25
0
 
LVL 13

Expert Comment

by:prashsax
ID: 16937538
So, check if iptables is running on the linux server.


0
 

Author Comment

by:theret79
ID: 16937561
i turned it off with the command chkconfig --level 1235 iptables off
0
 

Author Comment

by:theret79
ID: 16937562
still not able to connect
0
 
LVL 13

Expert Comment

by:prashsax
ID: 16937575
you have to restart the server.
0
 

Author Comment

by:theret79
ID: 16937604
still no go, rebooted and logged back on, IPchains is not on either
0
 
LVL 13

Expert Comment

by:prashsax
ID: 16937613
Is sendmail running.

can you see it running.
0
 

Author Comment

by:theret79
ID: 16937616
just tried the telnet 10.0.0.4 25 and telnet 10.0.0.4 110 and it allowed me in, but when I start up the mail it still says it cannot connect to the POP3 server
0
 

Author Comment

by:theret79
ID: 16937620
sendmail accepting connections
0
 

Author Comment

by:theret79
ID: 16937641
I just logged in through telnet and it shows I have 29 messages, which it didn't say earlier, it is just giving me the error with Outlook, with cannot connect to POP3 server
0
 
LVL 13

Expert Comment

by:prashsax
ID: 16937681
Try using Outlook Express.

0
 

Author Comment

by:theret79
ID: 16937788
that is what we are using.  when I am on the mail server I use the ls -l command and see email in the user folders, but when we bring up outlook it is having problems connecting to our pop3 server.  I looked in the hostnames file on the server to make sure that it is what it is supposed to be.  Our domain is mail.psstat.com, and it doesn't seem to be able to connect to the mail server to get the email out.  I am so confused, as this worked yesterday.  After we figure this out I am going to see if we can get Exchange.  
0
 
LVL 13

Expert Comment

by:prashsax
ID: 16937802
Have your checked the logs on the server.

Which POP3 deamon are you using. Does it have some entires in the logs for some errors.
0
 

Author Comment

by:theret79
ID: 16937812
I will check the maillogs right now, what command do I use to check what deamon we are using?
0
 
LVL 13

Expert Comment

by:prashsax
ID: 16937832
If you are using Red hat than you most likely be using "pop3d".

Check if you can see it in the process list.
0
 

Author Comment

by:theret79
ID: 16937841
that is exactly what it is ipop3d
0
 
LVL 13

Expert Comment

by:prashsax
ID: 16937854
Try stopping and starting it again.

pop3d stop
pop3d start

Check if it gives you some error.
0
 

Author Comment

by:theret79
ID: 16937891
it just saiys OK POP3 mail.psstat.com v2000.70rh server ready
0
 
LVL 13

Expert Comment

by:prashsax
ID: 16937930
ok.

What is the error you are getting in the Outlook.

Are you using correct userid and password.
0
 

Author Comment

by:theret79
ID: 16937989
It says OUtlook is unable to connect to your incoming POP3 email server.  When I reboot I can see it says starting mail.psstat.com, you don't have to get back to this tonight, I am going home and I will try again in the AM.  Thanks
0
 
LVL 13

Expert Comment

by:prashsax
ID: 16938003
So, you are able to telnet to the server on port 110 from same machine, but when you try and use outlook, it say unable to connect.

If this is true, then check if some kind of firewall/antivirus with port or application blocking is installed on the machine.

If you can telnet to server and not use outlook from same machine, it points to some antivirus which is allow telnet but not outlook to connect to port 110.
0
 

Author Comment

by:theret79
ID: 16938484
I can connect internally if I use the telnet 10.0.0.4 25 but I cannot connect with telnet mail.psstat.com 25.  Does this make sense?  
Thanks
0
 
LVL 3

Expert Comment

by:papimichel
ID: 16938525
check wether there is a firewall configured on that server that might drops connection attempts.
0
 

Author Comment

by:theret79
ID: 16938556
I turned off ipchains and iptables.  
0
 
LVL 12

Expert Comment

by:Imtiaz Hasham
ID: 16938640
Check if there is any firewall activated on the linux / router which will be blocking the ports!!!
0
 

Author Comment

by:theret79
ID: 16942111
I used the ps -x command to look at the process, I don't see anything.  What is the normal pid for firewalls.  it says sendmail: accepting connections.  When using the top command is it possilbe to cycle down through the process?  Thanks
0
 
LVL 13

Expert Comment

by:prashsax
ID: 16943010
If you can do it with IP address and not with name then their could be a problem with DNS record.

Check if you can ping the server with name.

0
 

Author Comment

by:theret79
ID: 16943047
i noticed that there were some ipchain rules running so I just removed it from startup and rebooted to see if that would work and still no go.  I wish I could make this question 1000 points.  When I ping internally i get a response. I am checking from externally.  Do you get a response when you ping mail.psstat.com?
Thanks  you will probably get to it faster than our satellite sight.
Thanks
0
 
LVL 13

Expert Comment

by:prashsax
ID: 16943110
Pinging mail.psstat.com [66.64.219.82]:

Ping #1: Got reply from 66.64.219.82 in 49ms [TTL=52]
Ping #2: Got reply from 66.64.219.82 in 45ms [TTL=52]
Ping #3: Got reply from 66.64.219.82 in 45ms [TTL=52]
Ping #4: Got reply from 66.64.219.82 in 45ms [TTL=52]

Done pinging mail.psstat.com!
0
 

Author Comment

by:theret79
ID: 16943186
that is what my satellite sight got
I see under ps -x that sendmail: accepting connections.  xinetd is running also.  I am still getting the POP3 error from outlook.  
We have an MX record.  Here are the results, does this look ok?

How I am searching:
Searching for psstat.com MX record at g.root-servers.net [192.112.36.4]: Got referral to L.GTLD-SERVERS.NET. [took 41 ms]
Searching for psstat.com MX record at L.GTLD-SERVERS.NET. [192.41.162.30]: Got referral to extns1.nuvox.net. [took 17 ms]
Searching for psstat.com MX record at extns1.nuvox.net. [64.89.70.4]: Reports smtp-in2.nuvox.net. [took 25 ms]

Answer:


Domain Type Class TTL Answer psstat.com. MX IN 3600 smtp-in2.nuvox.net. [Preference = 200]
psstat.com. MX IN 3600 smtp-in3.nuvox.net. [Preference = 300]
psstat.com. MX IN 3600 smtp-in4.nuvox.net. [Preference = 400]
psstat.com. MX IN 3600 smtp-in5.nuvox.net. [Preference = 500]
psstat.com. MX IN 3600 smtp-in6.nuvox.net. [Preference = 600]
psstat.com. MX IN 3600 mail.psstat.com. [Preference = 10]
psstat.com. MX IN 3600 smtp-in1.nuvox.net. [Preference = 100]
psstat.com. NS IN 3600 extns2.nuvox.net.
psstat.com. NS IN 3600 extns1.nuvox.net.
mail.psstat.com. A IN 3600 66.64.219.82
smtp-in1.nuvox.net. A IN 3600 64.89.70.11
smtp-in2.nuvox.net. A IN 3600 64.89.70.11
smtp-in3.nuvox.net. A IN 3600 64.89.70.11
smtp-in4.nuvox.net. A IN 3600 64.89.70.11
smtp-in5.nuvox.net. A IN 3600 64.89.70.11
smtp-in6.nuvox.net. A IN 3600 64.89.70.11
extns1.nuvox.net. A IN 3600 64.89.70.4
extns2.nuvox.net. A IN 3600 64.89.74.4
0
 
LVL 13

Expert Comment

by:prashsax
ID: 16943268
So, this shows that your MX records are good.

Now, ask your satellite site to try and telnet to mail.psstat.com on port 25 and 110.

Since you are able to do it internally, this test would eliminate any problems with port forwarding on router.

0
 

Author Comment

by:theret79
ID: 16943307
actually I am not able to do this internally.  I am able to telnet 10.0.0.4 on 25 and 110, if I use the telnet mail.psstat.com 25 or 110 it says I cannot connect.  Sorry if I was confusing above.  
0
 
LVL 13

Expert Comment

by:prashsax
ID: 16943457
Well  if you can do it using IP address of mail server and not the name. i.e mail.psstat.com then you internal DNS is not resolving the name to IP address.

Which DNS server are you using internally. Check if a CNAME record exists for mail.psstat.com which points to 10.0.0.4.

I belive the record is not their in internal DNS server.

If you are using external DNS server(i.e from ISP) then make sure your have allowed UDP port 53 in and out traffic on your router.
0
 

Author Comment

by:theret79
ID: 16943473
My router doesn't have DNS port 53 open, should I point that to the mail server or to our PDC?  I will try that.
0
 
LVL 13

Expert Comment

by:prashsax
ID: 16943497
Which DNS server are you using in your network.

Is it local or external to your network.
0
 

Author Comment

by:theret79
ID: 16943586
our forward lookup DNS is set for mail.psstat.com and it is pointing at 66.64.219.82.  the DNS lookups are pointing at the correct extns1.nuvox.net, extns2.nuvox.net.  
0
 
LVL 13

Expert Comment

by:prashsax
ID: 16943616
So, this is your problem, your DNS server is located outside of your network and thats why your are not able to connect to your server using name.

Just a quick test, configure outlook to use IP address of mail server instead of name (mail.psstat.com).

With this you should be able to send and receive the mails.

0
 

Author Comment

by:theret79
ID: 16943627
where is the CNAME located in Linux?  If you know I will check that
0
 
LVL 13

Expert Comment

by:prashsax
ID: 16943686
But, how can you look it, you are using external mail servers.

Or, are you using your own DNS servers.

But you just mentioned that your DNS server are 66.x.x.x and your internal IP subnet is 10.x.x.x.

Have you tried configuring outlook with IP of mail server.
0
 

Author Comment

by:theret79
ID: 16943748
I put the 10.0.0.4 on the POP3 and SMTP on the outlook lines.  I ran the test and it connected beautifully, but when I go into the email screen and hit send/receive it gives me the POP3 connection error.  How is that possible if it connected on the test account settings menu?
Thanks
0
 

Author Comment

by:theret79
ID: 16943765
It worked, but now the mail isn't coming in anymore, it seems like something is wrong with the mail.psstat.com name.
0
 

Author Comment

by:theret79
ID: 16943796
can send out I sent a test mail message to my hotmail account and got it, I sent a reply to my psstat.com account and haven't received it.  
0
 
LVL 13

Expert Comment

by:prashsax
ID: 16943814
You are trying to send mail from some other domain. e.g. yahoo.com

And you are not able to receive mails.


How about sending mails to yahoo.com. Can you receive it at yahoo.com

0
 

Author Comment

by:theret79
ID: 16943830
can receive at yahoo.com, but cannot send to psstat.com
0
 
LVL 13

Expert Comment

by:prashsax
ID: 16943850
Did you got a NDR at hotmail.com

Have you asked your guy at satellite to telnet to 66.64.219.82 on port 25.

This is where you should receive the mails.

They should be able to connect to it.(Should you router is configured correctly.)

I have check your DNS records on DNSSTUFF.com, they are fine.

Just ask them to try and telnet to port 25 on 66.64.219.82.
0
 

Author Comment

by:theret79
ID: 16943889
the weird thing is that I can connect to the incoming and outgoing mail servers with the 10.0.0.4, but I haven't received the test email that is sent out once you change outlook settings.  I doesn't seem like it is actually receiving even though it can connect to it.  there is plenty of space available.
0
 

Author Comment

by:theret79
ID: 16943908
the are unable to connect to 66.64.219.82 on port 25, I am checking my firewall again.  The ports are open, 25 and 110 on the firewall,  I didn't get a the NDR I got a delay error.  
0
 
LVL 13

Expert Comment

by:prashsax
ID: 16943912
You send a test mail to the same user with which you have configured outlook, and still no mail received.

If yes, then it could be a problem with either MTA or pop3d.
0
 
LVL 13

Expert Comment

by:prashsax
ID: 16943923
You will get NDR on hotmail.

It has to be on router or firewall.

Do you have router and firewall both, or are you using your router as firewall.
0
Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

 

Author Comment

by:theret79
ID: 16943933
I have a feeling it is the ipop3d, to start it back up I have read that it is included in the xinetd running program.  when you first told me how to use the top command ipop3d was always at the top of the process, it isn't at the top right now.  How can I look at the entire list under the top command.
0
 

Author Comment

by:theret79
ID: 16943938
the router is the firewall
0
 

Author Comment

by:theret79
ID: 16944442
alright I have made some adjustments and now we can send and receive internally, but cannot receive externally.  The last time this happened (last week) our domain name expired, we have renewed it and the MX records are in order.  I don't know what it could be.  the mail is not getting into the mail server from the outside.  So it seems to me that there is something wrong with the psstat.com domain or an issue with a firewall.  
0
 
LVL 13

Expert Comment

by:prashsax
ID: 16944532
Yes, the issue could be either with portforward or with ACL.

Or are you using static nat instead of portforward.

Could you paste your ACLs and portforward/nat entries here.

You can change your public IP address.
0
 

Author Comment

by:theret79
ID: 16944604
we don't use one-to-one Nat
we are using portforward
here are the rules we have

TELNET[TCP/23~23] -> 10.0.0.2
HTTP[TCP/80~80] -> 10.0.0.3
FTP[TCP/21~21] -> 10.0.0.3
VNC[TCP/5900~5900] -> 10.0.0.3
PPTP[TCP/1723~1723] -> 10.0.0.10
IPSEC[UDP/500~500] -> 10.0.0.10
L2TP[UDP/1701~1701] ->10.0.0.10
RDP[TCP/3389~3389] -> 10.0.0.131
PCANY[TCP/5631~5631] ->10.0.0.106
PCANYW[UDP/5632~5632] -> 10.0.0.106
ALL TRAFFIC[TCP&UDP/1~65535] -> 10.0.0.1
POP3[TCP/110~110] -> 10.0.0.4
SMTP[TCP/25~25] -> 10.0.0.4

0
 

Author Comment

by:theret79
ID: 16944688
ipchains is running after the reboot on the mail server  The rules are
Chain input (policy ACCEPT):
target            prot  opt       source          destination              ports
ACCEPT          tcp  -y----    anywhere      anywhere              any -> imap
ACCEPT          tcp  -y----    anywhere      anywhere              any -> ssh
ACCEPT          tcp  -y----    anywhere      anywhere              any - > smtp
ACCEPT          tcp  -y----    anywhere      anywhere              any -> http
ACCEPT          udp  ------    anywhere      anywhere             bootps:bootpc -> bootps:bootpc
ACCEPT          udp  ------    anywhere      anywhere             bootps:bootpc -> bootps:bootpc
ACCEPT          all   ------    anywhere      anywhere               n/a
ACCEPT          udp ------   ns1.charter-stl.com  anywhere     domain -> any
ACCEPT          udp ------   10.0.0.131      anywhere             domain -> any
ACCEPT          tcp  -y----    anywhere      anywhere              any - > pop3
ACCEPT          udp  ------    anywhere      anywhere              any - > pop3
ACCEPT          tcp  -y----    10.0.0.0/8      anywhere              any - > netbios-ns:netbios-ssn
ACCEPT          udp  ------    10.0.0.0/8      anywhere              any - > netbios-ns:netbios-ssn
CHAIN FORWARD (POLICY ACCEPT):
CHAIN OUTPUT (POLICY ACEPT):
0
 
LVL 13

Expert Comment

by:prashsax
ID: 16944742
ip chains rules are fine.(As you are able to do it internally)

Aren't you using a cisco router.

Which router is this.
0
 

Author Comment

by:theret79
ID: 16945103
it is a Linksys RV082
0
 
LVL 13

Expert Comment

by:prashsax
ID: 16945210
Ok.

Now goto Firewall control page.

Check if you have a rule where

Action is allowed.
Interface is WAN.
Service is SMTP and POP3(Could be two seperate rules).
Source is any.
Detination is any.
0
 

Author Comment

by:theret79
ID: 16945333
Do you want me to get on the firewall control page on Linux or on my main router coming in?  I am assuming on Linux.  I don't know how to do that on the linux machine.  the Linksys router is the main router coming into the office.  The only rules I have set on the Linksys router is the port forward rules that have POP3 open and SMTP open on their respective ports.  
0
 

Author Comment

by:theret79
ID: 16945341
I can set access rules to allow all for the POP3 and SMTP is that what I need to do?
0
 

Author Comment

by:theret79
ID: 16945378
from my system log on the router I am seeing this error a lot.  
Jun 20 13:37:49 2006     System Log    Mail sending to dcannon@psstat.com failed  
0
 
LVL 13

Expert Comment

by:prashsax
ID: 16945590
can you resolve psstat.com using nslookup.

just do nslookup psstat.com. This should resolve to your IP address.
0
 

Author Comment

by:theret79
ID: 16945606
Here is the output of nslookup
Server: 10.0.0.1
Address: 10.0.0.1#53

** server can't find psstat.com. : NXDOMAIN
0
 
LVL 13

Expert Comment

by:prashsax
ID: 16945609
Yes, create a rule to allow SMTP and POP3 on firewall.

This will ensure that you get mails from outside.

0
 
LVL 13

Expert Comment

by:prashsax
ID: 16945622
So, you cannot resolve psstat.com internally.

what is 10.0.0.1. Is it your DNS server.

0
 

Author Comment

by:theret79
ID: 16945690
10.0.0.1 is the LAN IP
our wan DNS addresses are 66.89.74.2
                                         66.89.70.2
0
 
LVL 13

Expert Comment

by:prashsax
ID: 16945722
So, why is it pointing to 10.0.0.1 when you are trying to resolve the names.

It should point to 66.89.74.2.

Also, create one more rule on firewall for UDP port 53.

Have you checked if you could receive mails from outside after creating those rules on firewall.

0
 

Author Comment

by:theret79
ID: 16945755
In which file in Linux do I point the DNS to 66.89.74.2?  Thanks for being patient with me as I am not used to sendmail or sendmail access rules at all.
0
 
LVL 13

Expert Comment

by:prashsax
ID: 16945796
ok, do this.

on linux box.

ifconfig

This will show you the DNS server IP address.

Now, could you post the output.
0
 

Author Comment

by:theret79
ID: 16945884
eth0     Link encap: Ethernet  HWaddr 00:A0:C9:22:07:53
           inet addr: 10.0.0.4  Bcast: 10.0.0.255    Mask: 255.255.255.0
           UP BROADCAST RUNNING MUTICAST MTU: 1500  Metric: 1
           RX packets:5027  errors:0  dropped:0  overruns:0  frame:0
           TX packets:2877  errors:0  dropped:0  overruns:0  frame:0
           collisions:0  txqueuelen:100
           RX bytes:467230 (456.2 Kb)  TX bytes:204848  (200.0 Kb)
           Interrupt:11  Base address:0x8000

lo        Link encap: Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING   MTU:16436  Metric: 1
          RX packets:131132  errors:0  dropped:0  overruns:0  frame:0
          TX packets:131132  errors:0  dropped:0  overruns:0  frame:0
          collisions:0 txqueuelen:0
          RX bytes:6557280 (6.2 Mb)  TX bytes:6557280 (6.2 Mb)
0
 
LVL 13

Expert Comment

by:prashsax
ID: 16945920
Ok, now

check resolve.conf.

its under \etc\resolve.conf

This will show you the DNS server IP address.

Other utility to be used is "netconfig".


0
 

Author Comment

by:theret79
ID: 16945945
under resolve.conf it has
nameserver 10.0.0.1
0
 

Author Comment

by:theret79
ID: 16945950
so I need to point the nameserver to the DNS server with the netconfig utility
0
 
LVL 13

Expert Comment

by:prashsax
ID: 16946038
ideally it should point to a DNS server inside the network.

How about all other machine you have. Windows Machine.

What DNS server are they using.(You can find out their DNS server using ipconfig /all)

Is it 66.x.x.x or 10.0.0.1.


0
 

Author Comment

by:theret79
ID: 16946087
All our windows machines use 10.0.0.3 except our PDC which uses 10.0.0.1
0
 
LVL 13

Expert Comment

by:prashsax
ID: 16946120
And what is this 10.0.0.1. Is it a Windows Server running DNS service on it.

And what is 10.0.0.3. Is this your DNS server as well.

0
 

Author Comment

by:theret79
ID: 16946149
They both are running DNS on them but I think you might have mad a break thru the 10.0.0.1 DNS has nothing in there about mail.  My DNS on 10.0.0.3 has all the information about mail.psstat.com on it.
0
 
LVL 13

Expert Comment

by:prashsax
ID: 16946175
So, point your linux mail server to use 10.0.0.3.

With this, you should be able to send and receive mail internally.

For external mails, you still need to create firewall rules I have already told you.
0
 

Author Comment

by:theret79
ID: 16946230
so everything should stay the same in the netconfig utility except the DNS lookup?  Thanks for your time prashsax, if this works I wish I could give you 1000 points
0
 
LVL 13

Expert Comment

by:prashsax
ID: 16946240
not a problem.

Just change the DNS server to 10.0.0.3.

Then test from some internal client. Send mail locally first.
0
 

Author Comment

by:theret79
ID: 16946475
I have an error with lpd now when I started it up it says local host ip address is not available, so I know I screwed something up.

Here is what I entered under netconfig
IP address 10.0.0.4
Netmask  255.255.255.0
Default gateway(IP): 10.0.0.1
Primary nameserver 10.0.0.3
0
 
LVL 13

Expert Comment

by:prashsax
ID: 16946500
to fix it: open the network config by typing 'printtool' in your xterm.
become root of course, then select the hosts tab, then 'add'.  

you need the following:

IP: 127.0.0.1
Name: localhost.localdomain
Nickname: localhost
0
 

Author Comment

by:theret79
ID: 16946539
if that is just a printer utility then I am not too worried about it, I never print from that thing anyways.  Well we can send and receive internally, but the mail is still not coming in.  I sent two test emails.  if the mail servers name is 10.0.0.4 and the DNS lookup is 10.0.0.3 did I set the netconfig up correctly?  The default gateway I set to the LAN IP.  Let me know if this is correct.  Thanks again
0
 
LVL 13

Expert Comment

by:prashsax
ID: 16946574
Yes, it is correct.

And internal mail flow show work.(Which is working.)

Now create the rule on the firewall as I have told you above.

This will enable outbound mails as well.



0
 

Author Comment

by:theret79
ID: 16946614
alright I added the DNS on the port forward and pointed it to 10.0.0.3, and the TCP and SMTP are already open and pointing to 10.0.0.4, restarted Sendmail and still not go.
0
 
LVL 12

Expert Comment

by:Imtiaz Hasham
ID: 16946626
Can you try and restart the router again, hope that helps..
0
 

Author Comment

by:theret79
ID: 16946650
restarted it, still nothing.  I tried telnet to the domain name mail.psstat.com 25 internally and it can't find the name.  When I restart the Red hat it says that it is setting mail.psstat.com.  Alright thanks for your help today prashsax.  I am going home for the afternoon.  I will be dialing in tonight to see if I can figure it out.
Thanks
0
 
LVL 13

Expert Comment

by:prashsax
ID: 16946658
Now try this on Linux mail server.

nslookup
>set type=mx
>hotmail.com

this should resolve to MX records of hotmail.com

0
 

Author Comment

by:theret79
ID: 16946697
I did this and it still didn't allow any of the test hotmail messages in.  I don't know if it gets us any further but we know that we can send/receive internally and we can send externally, we are just unable to receive externally.  
0
 
LVL 13

Expert Comment

by:prashsax
ID: 16946729
Ask someone from outside your network to telnet to mail.psstat.com on port 25.

So, now you can send mail to hotmail.com

If they are not able to telnet, then your firewall is not allowing packets in.

What SMTP rule you exactly have on firewall.
0
 

Author Comment

by:theret79
ID: 16946755
smtp[TCP/25~25] -> 10.0.0.4
I had my friend telnet into mail.psstat.com 25 and it said could not open connection to the host
0
 
LVL 13

Expert Comment

by:prashsax
ID: 16946780
Yes, this is correct.
The interface should be WAN and source and destination should be any.
0
 
LVL 13

Expert Comment

by:prashsax
ID: 16946829
Try modifying the rule.

Source IP and destination IP should be any.

http://www.tomsnetworking.com/2004/04/29/linksys_rv082_10_rv082/page5.html

0
 

Author Comment

by:theret79
ID: 16947595
I set the rules up to accept any connections for both 25 and 110, and still not able to get in.  I can telnet in through 23 but not 25 and 110.
0
 
LVL 13

Expert Comment

by:prashsax
ID: 16950978
Make sure the destination IP in the firewall rule for port 25 and 110 is not 10.0.0.4.

If has to be the 66.x.x.x. or it can be any.

But it cannot be 10.0.0.4 since the interface is WAN.

What have you defined in destination rule.

Could you copy the rule here, in same format. e.g
Status Interface        Service   Source       Destination      
Allow   WAN             TCP/25   ANY            ANY
0
 

Author Comment

by:theret79
ID: 16951046
I took out the 10.0.0.4 rules and The rule for firewall access rules are
action  service      source interface  source     destination   time
allow  POP3(110)  wan1                  any         any             always
allow  SMTP(25)    wan1                 any          any            always
0
 
LVL 13

Expert Comment

by:prashsax
ID: 16951754
Yes, this is good.

Now, can someone from outside telnet to port 25 and 110.
0
 

Author Comment

by:theret79
ID: 16951772
nope, noone can use those two, I am calling my ISP to see if anything changed on Sunday with the pass thru router we have from them.
0
 
LVL 13

Accepted Solution

by:
prashsax earned 500 total points
ID: 16951851
You said that people can telnet on port 23 from outside.

If thats correct, then setup port 25 access similar to port 23.

If you suspect ISP is blocking access, then you could redirect port 23 from outside to port 25 on inside.

Just for testing.

Then try to telnet on port 23 from outside, it should show you SMTP banner.



0
 

Author Comment

by:theret79
ID: 16952011
the port 25 similar to 23 and it seemed to open them up.  Now I am receiving email.  I don't know why that seemed to open them up but they are open now.  Thanks for your time Prashsax, i really appreciate it.
Dave
0
 
LVL 13

Expert Comment

by:prashsax
ID: 16952122
Good to know, that its working.

ThankQ.
0

Featured Post

Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Creating an OSPF network that automatically (dynamically) reroutes network traffic over other connections to prevent network downtime.
Don’t let your business fall victim to the coming apocalypse – use our Survival Guide for the Fax Apocalypse to identify the risks and signs of zombie fax activities at your business.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now