Firewall block emails

Discussion in 'Server Operation' started by Mathias, Jan 7, 2007.

  1. Mathias

    Mathias New Member

    Hi

    I got a Debian server installed with The Perfect Setup - Debian but I can't connect to my MailServer on it .

    When I telnet it I get this informations:

    Klippinge-IT:~# telnet 83.95.198.14 110

    Klippinge-IT:~# telnet 83.95.198.14 110
    Trying 83.95.198.14...
    Connected to 83.95.198.14.
    Escape character is '^]'.
    +OK Hello there.
    quit
    +OK Better luck next time.
    Connection closed by foreign host.
    Klippinge-IT:~#

    IPTables says:
    Chain INPUT (policy ACCEPT)
    target prot opt source destination

    Chain FORWARD (policy ACCEPT)
    target prot opt source destination

    Chain OUTPUT (policy ACCEPT)
    target prot opt source destination
    Edit/Delete Message


    How does I get my desktop firewall disables or get it to allow my emails?

    Best Regards
    Mathias
     
  2. martinfst

    martinfst Member Moderator

    Although you seem not to have setup a firewall, a test from my site gives:
    Connection refused is normally a sign of a firewall somewhere between the internet and your server. If you logon to your server, can you do the telnet locally?
     
  3. Mathias

    Mathias New Member

    I have just looked on the server, my mistake it have changed IP to: 87.52.126.13 :)
     
  4. martinfst

    martinfst Member Moderator

    A quick test gives an expected result.
    Code:
    ~$ telnet 87.52.126.13 110
    Trying 87.52.126.13...
    Connected to 87.52.126.13.
    Escape character is '^]'.
    +OK Hello there.
    user test
    +OK Password required.
    password hello
    -ERR Invalid command.
    user test
    +OK Password required.
    pass hallo
    -ERR Login failed.
    All the + and - responses are from your server and you should probably see in your logfiles me testing. You can do more tests yourself by using a valid user name on your system and follow a procedure like:
    Code:
    Type: user "username"
    Type: pass "password"
    Type: list
    You will then get a list over the mails in your mailbox
    Type: retr "mailnumber"
    You will then see the mail with the mail number
    End the session by typing "Quit"
    Mind you, that you have a little amount of time before the POP3 server gives up (around 5 seconds, so be prepared and type quickly)
     
  5. Mathias

    Mathias New Member

    Dear Martin

    It dosen't solve my problem with my firewall or something like that.

    Best Regards
    Mathias
     
  6. martinfst

    martinfst Member Moderator

    Oke, but it's no firewall problem on your server. That one is fine. So you should look at your client or router to check what blocks your traffic.
     
  7. Mathias

    Mathias New Member

    Hi .

    What client?

    And my server is directly connected to the internet
     
  8. martinfst

    martinfst Member Moderator

    Well, the mail client you're using to retrieve mails. Example programs are Oulook, Thunderbird, Eudora to name a few. I assume you're running that on your personal PC. There's no reason to run a POP3 client on your server. POP3 is to retrieve email. If you want to access mail locally on your server, you should use a mail client/tool like 'Mutt'.
    Yes, as I noticed during my testing. That's oke.
     
  9. Mathias

    Mathias New Member

    About client ...

    Is Postfix then my client ?

    And how do I set it up so it works ?
     
  10. martinfst

    martinfst Member Moderator

    No, Postfix it the Mail Transport Agent, the glue between servers to transport mail. I assume you use a setup like:

    Personal PC --> network --> Server

    On your server, you run programs like Postfix (to transport mail) and POP3 (to connect the client and the server to retrieve mail). As a substitute for POP3 you can use IMAP. Both serve the same objective, though they use different protocols. For Postfix there are also a couple of other MTA's regularly used, like sendmail. On your PC client( often a windows PC, but other flavors become more and more popular), you use a mail client like Outlook, Outlook Express or Thunderbird to name a few.

    To sent mail you use the server directly over the so called SMTP protocol. Thus your Personal PC client software (Outlook, etc) connects over the network with the SMTP protocol to the MTA (Postfix) on the server.

    So it's POP3/IMAP to retrieve mail, SMTP to send mail. For POP3/IMAP often a package is used from a team of developers under the name Courier, but there a lots of other options. Perhaps the overwhelming amount of options is a bit scary, but try to read as much as you can. Running a mail server is do-able, but will require a significant learning curve. Try google for more information on setting up a mailserver, mail client usage or similar. I'm pretty sure useful information will popup.
     
    Last edited: Jan 8, 2007
  11. Mathias

    Mathias New Member

    I still can't connect my Mailserver:

    klippinge-it:~# apt-get install courier-authdaemon courier-authmysql courier-pop-ssl courier-pop courier-imap courier-imap-ssl postfix-tls libsasl2 libsasl2-modules libsasl2-modules-sql openssl spamassassin amavisd-new clamav clamav-daemon zoo unzip unarj
    Reading Package Lists... Done
    Building Dependency Tree... Done
    courier-authdaemon is already the newest version.
    courier-authmysql is already the newest version.
    courier-pop-ssl is already the newest version.
    courier-pop is already the newest version.
    courier-imap is already the newest version.
    courier-imap-ssl is already the newest version.
    postfix-tls is already the newest version.
    libsasl2 is already the newest version.
    libsasl2-modules is already the newest version.
    libsasl2-modules-sql is already the newest version.
    openssl is already the newest version.
    spamassassin is already the newest version.
    amavisd-new is already the newest version.
    clamav is already the newest version.
    clamav-daemon is already the newest version.
    zoo is already the newest version.
    unzip is already the newest version.
    unarj is already the newest version.
    0 upgraded, 0 newly installed, 0 to remove and 2 not upgraded.
    klippinge-it:~#
     
  12. martinfst

    martinfst Member Moderator

    How / with which program do you try to connect to your mailserver?
    Because your output shows everything is installed, though maybe not everything is configured. But lets start at the beginning.
     
  13. Mathias

    Mathias New Member

    I use Outlook Express .

    And now I got a connection but can't recive emails .
     
  14. martinfst

    martinfst Member Moderator

    Do you get an error? Anything in a log file on your server (/var/log/....)?
     
  15. Mathias

    Mathias New Member

    The Problems is ... Like we started with...

    They dosen't get delivered to my server.

    I have related to an DNS Report
    http://www.dnsreport.com/tools/dnsreport.ch?domain=klippinge-it.dk

    ERROR: I could not complete a connection to one or more of your mailservers:
    0x535b0baa.arcnXX20.adsl-dhcp.tele.dk: Timed out [Last data sent: [Did not connect]]

    That computer Adress shows I dosen't get the mails delivered.
     
  16. martinfst

    martinfst Member Moderator

    Well, that's because this address is your ADSL home line. You should setup/request a valid domain and next point your MX record to this IP. But I have to warn you: most providers block port 25 (required for MX) on ADSL connections. Not to mention almost everyone blocks incoming mail from such servers.

    Restart with setting up DNS properly for your local server.
     
  17. Mathias

    Mathias New Member

    My Internet Provider have opened so my Email server should work.

    I've talked with them before I wrote here .

    But I will then contact them again ...
     
  18. falko

    falko Super Moderator Howtoforge Staff

    So your server is in a data center with a static IP address? Do the MX records for your domains point to that server or somewhere else?
     
  19. Mathias

    Mathias New Member

    Hi

    Sorry about the late answer...

    Well... My Internet Provider would look on the case, and then tell me what happend ...

    So thanks MartinFst for the help :) ...
     

Share This Page