Postfix-Server behind a DSL-Router

Thu Apr 9 20:06:01 UTC 2015

Yep. Get it on the same network as the server and run the command:

telnet 192.168.10.1 25

You *should* get a welcome banner from Postfix.  If you do, type
"QUIT" to exit cleanly - this means the problem is almost certainly
with the router.

If you don't, and based on your previous reply to Mike Wright I
suspect that is going to be the case, then you most likely need to
either look at FirewallD again or possibly SELinux.

The latter *should* have been sorted out automatically, but just in
case, you can temporarily disable SELinux with the command:

sudo setenforce 0

To reenable it, use the command:

sudo setenforce 1

On 9 April 2015 at 20:54, Peter Ulrich Kruppa <pukruppa at googlemail.com> wrote:
>
>
> Am 09.04.2015 um 20:52 schrieb Andy Blanchard:
>>
>> Hi Peter,
>>
>> 0.0.0.0 is a "wildcard"; Postfix is definitely running and listening
>> for incoming connections on port 25 on any IP address on your server.
>>
>> Do you have access to another PC or something on your internal network
>> that you can try connecting from?  At least that way you could
>> determine whether you need to focus on the router or the server -
>> although based on your updates on FirewallD and Postfix, I'm leaning
>> more towards either the router or your ISP blocking SMTP by default at
>> present.
>
> Hi Andy,
>
> I have some old laptop running debian. Can I do something with it - without
> setting up another mail server on it?  :-)
>
>
>>
>> On the latter point, it might be worth looking at their FAQ or maybe
>> contacting support just in case; some ISPs block SMTP by default as an
>> anti-spam measure but will open it up on request, but others require
>> you have some form of "premium" connection to host your own servers.
>>
>> Andy
>>
>> On 9 April 2015 at 19:16, Peter Ulrich Kruppa <pukruppa at googlemail.com>
>> wrote:
>>>
>>> Am 09.04.2015 um 19:05 schrieb Rick Stevens:
>>>>
>>>>
>>>> On 04/09/2015 07:22 AM, Peter Ulrich Kruppa wrote:
>>>>>
>>>>>
>>>>> Am 09.04.2015 um 15:32 schrieb Robert Nichols:
>>>>>>
>>>>>>
>>>>>> On 04/09/2015 05:07 AM, Peter Ulrich Kruppa wrote:
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> I set up a Postfix-Server on my Fedora 21 box, which is connected to
>>>>>>> the internet via
>>>>>>> some Netgear Router. My private LAN is 192.168.10.0/24 with the
>>>>>>> Fedora
>>>>>>> box fixed on
>>>>>>> 192.168.10.1 . My Netgear thing has got a fixed IP and hostname,
>>>>>>> let's
>>>>>>> say for
>>>>>>> mydomain.com .
>>>>>>>
>>>>>>> Now I can
>>>>>>>     - send myself mails from my Fedora box
>>>>>>>     - send mails from my Fedora box to the outside p. ex. my
>>>>>>> googlemail
>>>>>>> account
>>>>>>>
>>>>>>> but I can't receive mails from outside.
>>>>>>
>>>>>>
>>>>>>
>>>>>> The default postfix configuration has it listening only on the
>>>>>> localhost
>>>>>> interface.  You will have to change that.  Look for "inet_interfaces
>>>>>> ="
>>>>>> in /etc/postfix/main.cf .
>>>>>
>>>>>
>>>>> I have got
>>>>>       inet_interfaces = all
>>>>> in there.
>>>>
>>>>
>>>>
>>>> Many ISPs block SMTP traffic TO their end users. Most also block
>>>> outgoing SMTP traffic FROM their end users _unless_ it's going to the
>>>> ISP's mail servers (this is to prevent end users from becoming spam
>>>> farms). Assuming your ISP permits bi-directional SMTP traffic, here
>>>> are things to look at:
>>>
>>>
>>> It does - I had that working using a DSL bridge (modem) instead of a
>>> router.
>>>
>>>> 1. The outside world must send mail to the PUBLIC IP of your firewall
>>>> (not the 192.168.x.y address, but the one that's on the public
>>>> Internet). Make sure your MX DNS records reflect that public IP address.
>>>> If your MX records contain "192.168.x.y" or "10.x.y.z", then your record
>>>> is wrong (192.168.0.0/16 and 10.0.0.0/8 are non-routable, private
>>>> networks).
>>>>
>>>> 2. You must configure your external firewall to forward incoming port
>>>> 25 traffic to port 25 on your postfix machine's PRIVATE IP address.
>>>>
>>>> 3. Make sure firewalld on your postfix machine permits incoming port 25
>>>> traffic.
>>>
>>>
>>> Points 1. to 3. should be allright - hopefully ...
>>>
>>>> 4. You must make sure postfix is listening on the private IP address (at
>>>> least). "netstat -lpnt | grep 25" will tell you what IPs postfix is
>>>> listening on.
>>>
>>>
>>>          # netstat -lpnt | grep 25
>>> tcp        0      0 0.0.0.0:25           0.0.0.0:*
>>>                                   LISTEN      1494/master
>>>
>>> How do I read/understand that output? Shouldn't there be 192.168.10.1:25
>>> ?
>>> (By the way: I didn't know postfix daemon is called "master" ,,,)
>>>
>>>
>>> Greetings
>>>
>>> Peter
>>>
>>>
>>>> ----------------------------------------------------------------------
>>>> - Rick Stevens, Systems Engineer, AllDigital    ricks at alldigital.com -
>>>> - AIM/Skype: therps2        ICQ: 22643734            Yahoo: origrps2 -
>>>> -                                                                    -
>>>> -   Errors have occurred. We won't tell you where or why.  We have   -
>>>> -                         lazy programmers.                          -
>>>> ----------------------------------------------------------------------
>>>
>>>
>>> --
>>> users mailing list
>>> users at lists.fedoraproject.org
>>> To unsubscribe or change subscription options:
>>> https://admin.fedoraproject.org/mailman/listinfo/users
>>> Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
>>> Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
>>> Have a question? Ask away: http://ask.fedoraproject.org
>>
>>
>>
>>
> --
> users mailing list
> users at lists.fedoraproject.org
> To unsubscribe or change subscription options:
> https://admin.fedoraproject.org/mailman/listinfo/users
> Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
> Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
> Have a question? Ask away: http://ask.fedoraproject.org

-- 
Andy

The only person to have all his work done by Friday was Robinson Crusoe