Postfix-Server behind a DSL-Router

Bill Oliver vendor at billoblog.com
Thu Apr 9 23:26:00 UTC 2015 

On Thu, 9 Apr 2015, Andy Blanchard wrote:

> Hi Peter,
>
> 0.0.0.0 is a "wildcard"; Postfix is definitely running and listening
> for incoming connections on port 25 on any IP address on your server.
>
> Do you have access to another PC or something on your internal network
> that you can try connecting from?  At least that way you could
> determine whether you need to focus on the router or the server -
> although based on your updates on FirewallD and Postfix, I'm leaning
> more towards either the router or your ISP blocking SMTP by default at
> present.
>
> On the latter point, it might be worth looking at their FAQ or maybe
> contacting support just in case; some ISPs block SMTP by default as an
> anti-spam measure but will open it up on request, but others require
> you have some form of "premium" connection to host your own servers.
>
> Andy
>

I gotta say, inserting another box was my first thought when I 
read this, but everybody else covered all the salient points so I didn't
write anything.

When I have a problem like this I always do a couple of things:

1) Hook up a laptop I know works behind the router.  If I can send mail
from the server to the server at localhost, then I know the server
*thinks* it's serving.  Then I hook up a laptop behind the
router/firewall.  If I can send and receive behind the firewall, then I
can stop futzing with the configuration files and start looking at the
firewall/router and isp.

2) If the server serves behind the router or firewall, I have a machine 
out in the cloud that I set up a long time ago and know works.  I also
keep a mailing address at my ISP.

The next thing I try is to make sure mail works between my cloud machine
and the ISP. So, I send mail from my ISP to the cloud machine, and vice
versa.

If mail works behind the router, and it works between my ISP
and cloud machine beyond the router, then it's probably my router.

Of course, you need to keep looking at logs to make sure things are
talking and see if you can discover where things are being dropped.

Folk have already written about the things to configure on the router.

A final note about ISPs:

I usually test things out using a couple of addresses from a couple of
machines -- you can use free temporary mail addresses from the web for
some of this, though you don't get to look at logs.  ISPs can do wacky
things.  I run my mail server from a cloud machine I rent from
cotse.net.  It has five static ip addresses attached to it.  My local
ISP (suddenlink) rejects my main ip address for mail (billoblog.com --
50.7.12.26), but accepts my secondary ones such as cindyo.net --
50.7.12.29). Thus, I have to use vendor at cindyo.net to talk to my friends
who use suddenlink, but vendor at billoblog.com for almost everybody else.
Conversely, my wife has a friend to uses AOL, and AOL rejects cindyo.net
but accepts billoblog.com.

I called suddenlink and their response was that they didn't "support"
non-suddenlink servers, and they wouldn't even look to see if or why
they had blacklisted either my domain or ip address.  I haven't bothered
talking to AOL.

billo

More information about the users mailing list