LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 02-21-2006, 07:15 PM   #1
jfaberna
Member
 
Registered: Jan 2006
Location: North Carolina
Distribution: RH or Fedora
Posts: 36

Rep: Reputation: 15
Why is my port 25 still blocked


I'm running FC4 with SElinux and firewall turned off. I'm behind a hardware firewall that passes ports FTP,SMTP, SSH, POP, IMAP. However, I can't receive incoming email. I'm using postfix
1. grc.com shields up says all the port listed above are open except 25 (SMTP).
2. I can telnet localhost 25 and it works.
3. I can email to myself from myself and it works correctly.
4. I can't telnet port 25 from another machine in the same subnet plugged into the same Linksys router/switch
5. I can from another machine on the same subnet login via squirrelmail to read the self-to-self email test.
6. I can email from my system to another address outside without a problem. Just don't get any replies.

Does anyone know what to look at next?

Jim A
 
Old 02-21-2006, 07:55 PM   #2
Capt_Caveman
Senior Member
 
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658

Rep: Reputation: 57
Is the mail daemon listening on the proper network address? Most distros now ship with a mail daemon that listens on localhost (127.0.0.1) so it can send and receive mail to itself as well as send outgoing mail to remote systems. However it won't be able to receive incoming mail from remote systems. Check 'netstat -pantu' and see what IP the daemon is listening on. If it's the wrong one, you likely just need to edit your mail config file.
 
Old 02-21-2006, 07:56 PM   #3
ilikejam
Senior Member
 
Registered: Aug 2003
Location: Glasgow
Distribution: Fedora / Solaris
Posts: 3,109

Rep: Reputation: 96
Oops. Ignore this post. Didn't read No. 4.

Last edited by ilikejam; 02-21-2006 at 07:57 PM.
 
Old 02-21-2006, 09:09 PM   #4
jfaberna
Member
 
Registered: Jan 2006
Location: North Carolina
Distribution: RH or Fedora
Posts: 36

Original Poster
Rep: Reputation: 15
netstat output

The only line in 'netstat -pantu' output that mentions port 25 is:

tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 2454/master


Not sure what that means as I'm running Postfix.

Jim Abernathy
 
Old 02-21-2006, 09:58 PM   #5
Capt_Caveman
Senior Member
 
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658

Rep: Reputation: 57
Yup. That's the mail daemon and it's listening on localhost. "Master" is just the postfix master process. Because it's only listening on localhost it can only receive local mail. The postfix config should be in /etc/postfix/main.cf. Scroll down the config to the section on "RECEIVING MAIL" and see if the inet_interface directive is set to localhost (you'll see several different entries but only one will be uncommented). If it's set to localhost, then simply comment out that line with the '#' and then uncomment the line that reads "#inet_interfaces = all".
 
Old 02-21-2006, 09:59 PM   #6
jfaberna
Member
 
Registered: Jan 2006
Location: North Carolina
Distribution: RH or Fedora
Posts: 36

Original Poster
Rep: Reputation: 15
Am I getting closer, or moving the problem?

Thanks for the 'netstat' tip.

Okay, I moved back to sendmail, where I have more control over the configuarion. I now have port 25 listening everywhere and I get inbound email that I wasn't getting prior to this.

However, I'm now getting relay refusal messages from earthlink. They told me at tech support to use a authenticated smtp server and setup the SMARTHOST define in sendmail.mc. Only problem with that is it require a username and password. Usually, that's my full earthlink email address and password. I don't have any examples or doc to tell me the syntax of SMARTHOST other than the name of the ISP's server.

Any ideas?

Jim A
 
Old 02-21-2006, 10:14 PM   #7
Capt_Caveman
Senior Member
 
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658

Rep: Reputation: 57
Sorry, I've never setup smarthosts before. This might be helpfull, if not you might want to start a new thread on how to configure smarthosts in the networking forum.
 
Old 02-21-2006, 10:32 PM   #8
philix
Member
 
Registered: Sep 2005
Location: India
Distribution: Redhat Debian
Posts: 30

Rep: Reputation: 15
Hi jfaberna,

You should have an entry like the one given below
tcp 0 0 127.0.0.1:10025 0.0.0.0:* LISTEN 11303/master
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 11303/master

The above statement implies that the computer is waiting under the port 25 under the LAN and localhost IP.

Your mail server is configured to accept mails from localhost
Please check your mail server for its configurations
Thanks
Philix
Jesus Loves you too
 
Old 02-21-2006, 10:46 PM   #9
Capt_Caveman
Senior Member
 
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658

Rep: Reputation: 57
Seriously, please read the thread.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
port 86 blocked on SYN_SENT Barx Slackware 6 07-12-2005 08:19 AM
tftp port blocked? abalmos Linux - Newbie 4 06-09-2005 10:35 AM
SMTP port blocked pierre-luc Linux - Networking 2 05-08-2005 02:53 PM
isp blocked port 25 berrance General 2 11-14-2004 08:25 AM
blocked port 80 squi Linux - Newbie 1 09-19-2003 09:57 AM


All times are GMT -5. The time now is 09:07 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration