I have a redhat 7.2 firewall with a redhat 8.0 pop3 email server and
they are not on a local network together.

I recently reset the Iptables rules on the firewalll(big mistake) and
now email is no longer being sent to the mail server. So by my master
reasoning I'm guessing there was a rule forwarding email that is now
lost.

A couple of things I have tried that have not worked(though its
possible I'm doing something wrong)

1. iptables -t nat -A PREROUTING -t nat -p tcp $FireWallIP --dport 25
-j DNAT -to $EmailIP:25

2. iptables -t nat -A PREROUTING -d $FireWallIP -p tcp --dport 25 -j
DNAT --to-destination $EmailIP:25(also tried $EmailIP)

3. iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 25 -j DNAT
--to $EmailIP:25(als tried $EmailIP)

The fireWall does have 2 ipaddresses,(external, internal) while the
Mail server only has an external one. I've only tried using the
firewall's external ip address. I did try the internal once, but it
cut off internet for everybody on the network(the firewall also acts
as the default gateway for our windows machines) Any help appreciated.

Thanks

Try this:
Edit to suit.

$IPTABLES -t nat -A PREROUTING -p tcp -i $WAN -d $OUTDIDE_MAILSERVER --dport 25 -j DNAT --to $INSIDE_MAILSERVER:25


$IPTABLES -A FORWARD -p tcp -i $WAN -d $INSIDE_MAILSERVER --dport 25 -j ACCEPT

there is no inside/outside mail server. Only one mail server that has an external static IP address of 1.2.3.4(not really but no 192.... or 10....)

i've got a mail server running sendmail, imapd and sshd. here's the firewall script i wrote:

#!/bin/bash
#
# initialize firewall
#

echo Flushing old firewall settings
/usr/sbin/iptables -F
echo Starting firewall...

# first set general policies
/usr/sbin/iptables -P INPUT DROP
/usr/sbin/iptables -P OUTPUT DROP
/usr/sbin/iptables -P FORWARD DROP

# listen with sshd,sendmail,imapd
/usr/sbin/iptables -A INPUT -p tcp --dport 22 -j ACCEPT
/usr/sbin/iptables -A INPUT -p tcp --dport 25 -j ACCEPT
/usr/sbin/iptables -A INPUT -p tcp --dport 143 -j ACCEPT

# and allow DNS and sendmail output
#/usr/sbin/iptables -A OUTPUT -p tcp --dport 53 -j ACCEPT
/usr/sbin/iptables -A OUTPUT -p tcp --dport 25 -j ACCEPT
# now for the loopback interface
/usr/sbin/iptables -A INPUT -i lo -j ACCEPT
/usr/sbin/iptables -A OUTPUT -o lo -j ACCEPT

# and permission to carry on conversations
/usr/sbin/iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
/usr/sbin/iptables -A OUTPUT -m state --state RELATED,ESTABLISHED -j ACCEPT

# and miscellaneous stuff

echo Firewall loaded
/usr/sbin/iptables -L


i had to open 25 to output for sendmail, and i need 53 output open for sendmail to resolve domain names. i don't know what all that -t nat stuff and PREROUTING is...mine is very simple. and secure i think...isn't it?

(this is a server with ip address 192.168.1.105, and ports 22, 25 and 143 are forwarded from my router, which is also my gateway.)

I'm not sure if I've done a good job explaining my problem.

I have a T1 line that connects to a hub, that hub then has connections to 3 computers, my mail server, my web server, and my firewall.

My firewall also acts a gateway for the local network has 2 nics, one going to that hub, and another that goes to switch that other computers are connected to.

I reset IPtables on the firewall(thinking that it would not have any affect on the mail server because the mail server was not behind the firewall). I was wrong after resetting IPtables we stopped receiving emails.

I even got the following error when trying to send an email from my personal email account

Technical details of temporary failure:
TEMP_FAILURE: Could not initiate SMTP conversation with any hosts:
[SERVERNAME (10): Connection refused]

I'm guessing know that somehow the firewall machine also told email messages where the mail server was(I don't really understand why though...)

I am not trying to setup a firewall on my mail server, and the mail server does not receive its IP address from the firewall. Any ideas are appreciated.

Thanks

alright, so your mail server is on a static outside IP, and you also have 2 computers behind a firewall/gateway (i'm gonna ignore the web server for the moment). where are you getting the error messages? when you try to send mail from your client machines? have you logged in to your mail server itself and tried sending mail from pine or something? also check /var/log/maillog and see if there's anything interesting. also, what's your smtp server on your client machines (what you entered in, say, thunderbird)? it should be your domain name, for instance example.homelinux.net. can you resolve that address? try pinging it. i'm curious whether it's only port 25 that's not going through, or if anything is. it depends what kind of firewall you're using for your mail server though...i assume you've got something up. make sure 25 and 110 (for pop, 143 for imap) are open to incoming packets, and 25 and 53 need to be open to outgoing packets. that's on the mail server's firewall, not your firewall/gateway machine. i know you didn't change anything, but it's worth verifying. what i'm curious about is whether mail retrieval still works, or ssh if you set that up. if those services still work, then it's something specific to sendmail, and can help us narrow it down.

Ok all is solved, it was something on the mail server itself and just an odd coincidence that it started happening after i was messing around with the firewall. Opened all ports on the mail server, will work on making it more secure, thanks for listening to my rants about what i "thought" was the problem. Don't understand why the mail server stopped working, but it works....