?
Solved

CentOS 5.4 - dovecot , postfix, squirrelmail

Posted on 2009-12-16
25
Medium Priority
?
1,153 Views
Last Modified: 2013-12-15
okay i have squirremail setup and I can send myself an e-mail and view it in my inbox. When I use my gmail account and test I do not get the e-mail in my inbox. (maybe too early, but i have not got an undeliverable mail message yet)

what is restricting mail from coming from the internet ?
0
Comment
Question by:Stangman66
  • 13
  • 10
  • 2
25 Comments
 
LVL 33

Accepted Solution

by:
Todd Gerbert earned 332 total points
ID: 26066483
If you have a firewall or router, is it configured to allow incoming SMTP connections (port 25)?

Is DNS setup correctly, you have in place appropriate A, PTR and MX records?

If you're on a consumer-grade broadband connection, i.e. from your telephone or cable company, it's entirely possible they are blocking such traffic.
0
 

Author Comment

by:Stangman66
ID: 26066525
yea - i forgot to mention i had e-mail working perfect on my win 2k3 server. decided to ditch windows and trying to get linux up and running.

i have port 25 forwarded to the linux box 192.168.1.141 and port 143
I have an MX, A, and a CNAME setup (for website)
0
 
LVL 4

Assisted Solution

by:wareb73
wareb73 earned 1668 total points
ID: 26066619
Is port 25 open on the host?

Service iptables status.

If not, then run.

Iptables -I RH-Firewall-1-INPUT 5 -m state --state new -m tcp -p tcp --dport 25 -j ACCEPT
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
LVL 4

Assisted Solution

by:wareb73
wareb73 earned 1668 total points
ID: 26066650
That is supposed to be a lower case i.  Sent that from my droid.
0
 

Author Comment

by:Stangman66
ID: 26066739
let me clarify real quick. in squirrelmail i can send myself and email to jdone@mydomain.com and to mypersonalemail@gmail.com. Both accounts receive the e-mail.

Then to test I tried sending mail from mypersonalemail@gmail.com TO jdone@mydomain.com and I do not see anything in my squirrelmail inbox. No mailer-daemon messages either.
# service iptables status
Table: filter
Chain INPUT (policy ACCEPT)
num  target     prot opt source               destination         
1    RH-Firewall-1-INPUT  all  --  0.0.0.0/0            0.0.0.0/0           

Chain FORWARD (policy ACCEPT)
num  target     prot opt source               destination         
1    RH-Firewall-1-INPUT  all  --  0.0.0.0/0            0.0.0.0/0           

Chain OUTPUT (policy ACCEPT)
num  target     prot opt source               destination         

Chain RH-Firewall-1-INPUT (2 references)
num  target     prot opt source               destination         
1    ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           
2    ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 255 
3    ACCEPT     esp  --  0.0.0.0/0            0.0.0.0/0           
4    ACCEPT     ah   --  0.0.0.0/0            0.0.0.0/0           
5    ACCEPT     udp  --  0.0.0.0/0            224.0.0.251         udp dpt:5353 
6    ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0           udp dpt:631 
7    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:631 
8    ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED 
9    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:21 
10   ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:25 
11   ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:22 
12   ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:80 
13   ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:77 
14   REJECT     all  --  0.0.0.0/0            0.0.0.0/0           reject-with icmp-host-prohibited 

Open in new window

0
 
LVL 4

Assisted Solution

by:wareb73
wareb73 earned 1668 total points
ID: 26066848
Is the firewall running on the mail server?
0
 

Author Comment

by:Stangman66
ID: 26066983
(excuse the ignorance) how do i check that?
0
 
LVL 4

Assisted Solution

by:wareb73
wareb73 earned 1668 total points
ID: 26067028
See third post up
0
 

Author Comment

by:Stangman66
ID: 26067353
I think so

I ran that service iptables status command and that was the results it returned

0
 

Author Comment

by:Stangman66
ID: 26067380
ran command
iptables -I RH-Firewall-1-INPUT 5 -m state --state new -m tcp -p tcp --dport 143 -j ACCEPT


still not incoming from my gmail account
0
 

Author Comment

by:Stangman66
ID: 26068022
where do you find dovecots debug file ? I enabled:  mail_debug = yes   in my dovecot.conf file....i just cannot find where the debug is. I checked in /var/mail  where the mail is routed, but not there.


made sure the firewall has Mail (SMTP) enabled, but telnet is not - do I need to enable that one?
0
 
LVL 4

Assisted Solution

by:wareb73
wareb73 earned 1668 total points
ID: 26068068
No, you don't need telnet.  from a different computer on your network, does this command connect??

telnet <mail server IP> 25
0
 

Author Comment

by:Stangman66
ID: 26068083
ok, it's apparent that when I send mydomain.com an e-mail from outside the domain it is not reaching the server or something.

below is two checks - first was when i sent from outside the domain, second is from within domain (the one I would get) and both outputs are the same....



dovecot: Dec 16 18:21:17 Info: imap-login: Login: user=<jdone>, method=PLAIN, rip=::ffff:127.0.0.1, lip=::ffff:127.0.0.1, secured
dovecot: Dec 16 18:21:17 Info: IMAP(jdone): Effective uid=501, gid=100, home=/home/jdone
dovecot: Dec 16 18:21:17 Info: IMAP(jdone): maildir: data=/home/jdone/Maildir/
dovecot: Dec 16 18:21:17 Info: IMAP(jdone): maildir: root=/home/jdone/Maildir, index=/home/jdone/Maildir, control=, inbox=
dovecot: Dec 16 18:21:18 Info: IMAP(jdone): Disconnected: Logged out


dovecot: Dec 16 18:21:18 Info: imap-login: Login: user=<jdone>, method=PLAIN, rip=::ffff:127.0.0.1, lip=::ffff:127.0.0.1, secured
dovecot: Dec 16 18:21:18 Info: IMAP(jdone): Effective uid=501, gid=100, home=/home/jdone
dovecot: Dec 16 18:21:18 Info: IMAP(jdone): maildir: data=/home/jdone/Maildir/
dovecot: Dec 16 18:21:18 Info: IMAP(jdone): maildir: root=/home/jdone/Maildir, index=/home/jdone/Maildir, control=, inbox=
dovecot: Dec 16 18:21:18 Info: IMAP(jdone): Disconnected: Logged out

Open in new window

0
 

Author Comment

by:Stangman66
ID: 26068101
220 mail.mydomain.com  ESMTP Postfix
0
 

Author Comment

by:Stangman66
ID: 26068109
telnet 192.168.1.141. 143

shows: OK Dovecot ready
0
 
LVL 4

Assisted Solution

by:wareb73
wareb73 earned 1668 total points
ID: 26068132
So, it is a router issue and not a server issue.  The port is open and talking on the network.  I would think it is DNS or port forwarding.

The server is fine.  Usually on rouers there is a way to monitor the incoming connections, you might want to monitor that while you send an email from google.

Bryan
0
 

Author Comment

by:Stangman66
ID: 26068320
DDWRT firmware, and I have ports 25, 110, 143 open for 192.168.1.141

is there a setting in dovecot that prevents outside mail from coming in ?
0
 
LVL 4

Assisted Solution

by:wareb73
wareb73 earned 1668 total points
ID: 26068599
No, Dovecot is the service that allows you to connect to retrieve mail.  It has nothing to do with receiving email, that is handled by postfix which you have configured to receive email.  Your postfix server, by means of that telnet, is listening on the network for connections, it is just that your external connection is not getting to it.  This would seem to be a network issue, firewall or DNS.
0
 

Author Comment

by:Stangman66
ID: 26068608
Well, since the windows server 2k3 worked, then it must be a firewall issue on the linux machine. Is there a command to shut down the firewall for testing purposes ?
0
 
LVL 4

Assisted Solution

by:wareb73
wareb73 earned 1668 total points
ID: 26068615
service iptables stop.  but I doubt that is the problem since you were able to telnet to port 25 from another machine on your network.
0
 

Author Comment

by:Stangman66
ID: 26068669
any suggestions on how to boil that down?

network issue ?   - i have ports 25,110,143 forwarded to this machine on my router (worked fine w/windows server & windows server is turned off)
DNS settings are what my ISP provided and they worked fine w/windows




0
 
LVL 4

Assisted Solution

by:wareb73
wareb73 earned 1668 total points
ID: 26072162
You need to determine if the mail traffic is reaching your outer most point, the router.  There should be a way to turn on logging and watch the logs to see if there is any port 25 traffic coming to your router.  If not, the problem is more than likely DNS related.  If it is, then the problem lies in the router config.

We know that the server is working since you were able to telnet to port 25 from another host on that network.  This may seem like a dumb question, but can the mail server ping the router?
0
 

Author Comment

by:Stangman66
ID: 26076302
yea the server can ping the router and browse the internet just fine with my ISP provided DNS settings
0
 
LVL 4

Assisted Solution

by:wareb73
wareb73 earned 1668 total points
ID: 26076771
Not what I am talking about, you need to be able to resolve your domain via the internet from out side of your network.  Meaning, everyone else in the world needs to be able to resolve your domain.  Not your being able to get out to the internet.
0
 
LVL 33

Assisted Solution

by:Todd Gerbert
Todd Gerbert earned 332 total points
ID: 26076930
If you care to share the domain name we can lookup the appropriate DNS records from the outside world fairly easily.
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

As tax season makes its return, so does the increase in cyber crime and tax refund phishing that comes with it
Often times it's very very easy to extend a volume on a Linux instance in AWS, but impossible to shrink it. I wanted to contribute to the experts-exchange community a way of providing a procedure that works on an AWS instance. It can also be used on…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial
Suggested Courses
Course of the Month15 days, 21 hours left to enroll

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question