[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 757
  • Last Modified:

Slackware + Gateway + Outlook

I've mail server with slackware and outlook run with no problem at all. Now i want to set this servers as gateway for my local user use this as a gateway. I've search at EE and found some solutions that gave a rc.firewall scripts as a result and work fine. I also try use that scripts and work fine, my local user can connect to internet using my mail server as a gateway.

My problem is when i run rc.firewall, i cannot send email to outside, also when i try to login to my email from IE (squirrelmail) it said IMAP server errors. 110 port bla bla bla ( sorry forgot what it said)

I also try modify the rc.firewall by adding
$ipt -A INPUT -p tcp --dport 25 -j ACCEPT
$ipt -A INPUT -p tcp --dport 110 -j ACCEPT

but also cannot solve my problem ....
please expert any idea ??
0
wlb7631
Asked:
wlb7631
2 Solutions
 
drcheapCommented:
You posted iptables commands to accept SMTP and POP, but none for IMAP.  That may explain why your clients see IMAP errors.

IMAP uses port 143, so maybe this will help:
$ipt -A INPUT -p tcp --dport 143 -j ACCEPT
0
 
wlb7631Author Commented:
Same as before.

The message could not be sent because one of the receipients was rejected by the server. The rejected email
address was 'email@email.com'. Subject 'test', Account: 'mail.domain.com', Server: 'domain.com', Protocol:
SMTP, Server Response:'550 5.7.1 <email@email.com>..Relaying denied. Proper authentication required., Port: 25,
Secure[SSL]: No, Server Error: 550, Error Number:0x800CCC79

When i try to log in to my email using ie, the error is :

Error connecting to IMAP server: domain.
110 : Connection timed out
0
 
drcheapCommented:
I don't see where IMAP fits into this, other than the error that mentions IMAP for whatever reason.

The 550 5.7.1 is an SMTP code coming from the actual server, which means you are making communication with it.  That particular error is probably because you are using "email@email.com" which is not one of the domains serviced by that box, and you are not on one of the networks considered trusted by that box.  You just need to enable SMTP authentication to fix that issue.

As for the port 110 connection timeout...that is POP3, which again is not an IMAP issue.  This should not be a problem since you have the iptables rule just like you do for SMTP.  I would try to connect to the POP3 from someting on the same subnet to make sure it is actually working in the first place.
0
NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

 
Gabriel OrozcoSolution ArchitectCommented:
This have nothing to do with firewalling, but with smtp relaying.

you need to allow your internal network to relay.
if the user trying to send an email to "mail.com" domain is also on the internet, this is not allowed, because if some spammer find your smtp server, he/she will use it to send their email and your server will be flagged as an open relay on all black lists.

so, never allow email from the internet to the internet, *unless you setup smtp-auth*ยจ, and you can safelty allow relay to your internal network.

how to do this? it depends on the smtp software you are using.

--
forgot to say: you need to allow forwarding also from 127.0.0.1 or your webmail will be unable to send email (this is assuming your webmail run in the same computer than your email server)

hope it is not too late ;-)
0
 
Gabriel OrozcoSolution ArchitectCommented:
one more question

did you added a rule to allow anything to localhost? that can cause a lot of strange problems..

add this:

$ipt -I INPUT -A lo -j ACCEPT
0
 
Computer101Commented:
Forced accept.

Computer101
Community Support Moderator
0
 
rchackCommented:
if i use CentOS, what file should i modify ??
0

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now