Hi, Just built a Linode LAMP server a week ago and everything works perfect with the exception of SMTP The server can send but cannot receive email. Even though iptables indicate that TCP port25 is open for inbound connections, it is in fact closed as I cannot connect to the public IP address from the internet. Local connection on the server to 127.0.0.1 works perfectly indicating that the daemon is alive and fine. I could not figure this out for a life of me. Thanks! OS: Description: Ubuntu 12.04.2 LTS Kernel: 3.8.4-x86_64 Base Linode Stackscript install: http://www.linode.com/stackscripts/view/?StackScriptID=131 HowtoForge customization (using courier instead of Dovecot): http://www.howtoforge.com/perfect-server-ubuntu-12.04-lts-apache2-bind-dovecot-ispconfig-3 IPTABLES config (generated by ISPCONFIG3): iptables -S (ipv4) -P INPUT DROP -P FORWARD DROP -P OUTPUT ACCEPT -N INT_IN -N INT_OUT -N PAROLE -N PUB_IN -N PUB_OUT -N fail2ban-dovecot-pop3imap -N fail2ban-pureftpd -N fail2ban-ssh -N ufw-after-forward -N ufw-after-input -N ufw-after-logging-forward -N ufw-after-logging-input -N ufw-after-logging-output -N ufw-after-output -N ufw-before-forward -N ufw-before-input -N ufw-before-logging-forward -N ufw-before-logging-input -N ufw-before-logging-output -N ufw-before-output -N ufw-reject-forward -N ufw-reject-input -N ufw-reject-output -N ufw-track-input -N ufw-track-output -A INPUT -p tcp -m multiport --dports 110,995,143,993 -j fail2ban-dovecot-pop3imap -A INPUT -p tcp -m multiport --dports 21 -j fail2ban-pureftpd -A INPUT -p tcp -m multiport --dports 22 -j fail2ban-ssh -A INPUT -s 81.169.154.250/32 -j DROP -A INPUT -p tcp -m multiport --dports 110,995,143,993 -j fail2ban-dovecot-pop3imap -A INPUT -p tcp -m multiport --dports 21 -j fail2ban-pureftpd -A INPUT -p tcp -m multiport --dports 22 -j fail2ban-ssh -A INPUT -d 127.0.0.0/8 ! -i lo -p tcp -j DROP -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -s 224.0.0.0/4 -j DROP -A INPUT -i eth+ -j PUB_IN -A INPUT -i ppp+ -j PUB_IN -A INPUT -i slip+ -j PUB_IN -A INPUT -i venet+ -j PUB_IN -A INPUT -i bond+ -j PUB_IN -A INPUT -j DROP -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT -A FORWARD -j DROP -A OUTPUT -o eth+ -j PUB_OUT -A OUTPUT -o ppp+ -j PUB_OUT -A OUTPUT -o slip+ -j PUB_OUT -A OUTPUT -o venet+ -j PUB_OUT -A OUTPUT -o bond+ -j PUB_OUT -A INT_IN -p icmp -j ACCEPT -A INT_IN -j DROP -A INT_OUT -p icmp -j ACCEPT -A INT_OUT -j ACCEPT -A PAROLE -j ACCEPT -A PUB_IN -p icmp -m icmp --icmp-type 3 -j ACCEPT -A PUB_IN -p icmp -m icmp --icmp-type 0 -j ACCEPT -A PUB_IN -p icmp -m icmp --icmp-type 11 -j ACCEPT -A PUB_IN -p icmp -m icmp --icmp-type 8 -j ACCEPT -A PUB_IN -p tcp -m tcp --dport 20 -j PAROLE -A PUB_IN -p tcp -m tcp --dport 21 -j PAROLE -A PUB_IN -p tcp -m tcp --dport 22 -j PAROLE -A PUB_IN -p tcp -m tcp --dport 25 -j PAROLE -A PUB_IN -p tcp -m tcp --dport 53 -j PAROLE -A PUB_IN -p tcp -m tcp --dport 80 -j PAROLE -A PUB_IN -p tcp -m tcp --dport 110 -j PAROLE -A PUB_IN -p tcp -m tcp --dport 143 -j PAROLE -A PUB_IN -p tcp -m tcp --dport 443 -j PAROLE -A PUB_IN -p tcp -m tcp --dport 993 -j PAROLE -A PUB_IN -p tcp -m tcp --dport 995 -j PAROLE -A PUB_IN -p tcp -m tcp --dport 3306 -j PAROLE -A PUB_IN -p tcp -m tcp --dport 8080 -j PAROLE -A PUB_IN -p tcp -m tcp --dport 8081 -j PAROLE -A PUB_IN -p tcp -m tcp --dport 8085 -j PAROLE -A PUB_IN -p tcp -m tcp --dport 10000 -j PAROLE -A PUB_IN -p udp -m udp --dport 53 -j ACCEPT -A PUB_IN -p udp -m udp --dport 3306 -j ACCEPT -A PUB_IN -p icmp -j DROP -A PUB_IN -j DROP -A PUB_OUT -j ACCEPT -A fail2ban-dovecot-pop3imap -j RETURN -A fail2ban-dovecot-pop3imap -j RETURN -A fail2ban-dovecot-pop3imap -j RETURN -A fail2ban-dovecot-pop3imap -j RETURN -A fail2ban-pureftpd -j RETURN -A fail2ban-pureftpd -j RETURN -A fail2ban-pureftpd -j RETURN -A fail2ban-pureftpd -j RETURN -A fail2ban-ssh -j RETURN -A fail2ban-ssh -j RETURN -A fail2ban-ssh -j RETURN
Problem has been fixed. Postfix was configured to listen only on the local loopback address. run "sudo dpkg-reconfigure postfix" to update the configuration. It is always the simple things.
