LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Server (http://www.linuxquestions.org/questions/linux-server-73/)
-   -   Access website and send emails problem using shorewall as firewall and qmail as MTA (http://www.linuxquestions.org/questions/linux-server-73/access-website-and-send-emails-problem-using-shorewall-as-firewall-and-qmail-as-mta-904228/)

Eduardo Mena 09-21-2011 10:32 AM

Access website and send emails problem using shorewall as firewall and qmail as MTA
 
Hi everybody,

I don't have access to the www.forces.gc.ca website from our local network and I can't send emails to the domain forces.gc.ca.
In general I can to access any website and send emails without problem, but I don't understand what are happening with the domain forces.gc.ca.

I use shorewall as firewall in a linux 2.6.20.3 server
RAM : 255608 kB
CPU : Pentium II

To send email I use qmail at another server with Red Hat Enterprise Linux Server release 5
RAM : 4051620 kB
CPU : Intel(R) Xeon(R)

I have access to www.forces.gc.ca.website without using the firewall, then, maybe I need to modify the shorewall configuration.
This configuration has been working fine for some time.

Could you help me to fix this problem as soon as possible?

Thanks a lot.

Eduardo M.

zackwasa 09-23-2011 01:57 AM

Can you please show the output of these commands:
telnet forces.gc.ca 80
telnet forces.gc.ca 25

RMI

Eduardo Mena 09-23-2011 08:47 AM

Thanks zackwasa for your answer.

Display from my server (firewall)
root@serverh:~# telnet forces.gc.ca 80
telnet: forces.gc.ca: Temporary failure in name resolution
forces.gc.ca: Host name lookup failure

root@serverh:~# telnet forces.gc.ca 25
telnet: forces.gc.ca: Temporary failure in name resolution
forces.gc.ca: Host name lookup failure

I had in my network configuration (workstation) only a Primary DNS with IP local addresse(192.168.x.x)
and I added a Secondary and Tertiary DNS with addresse IP from my ISP
64.254.x.x
216.94.x.x.

Display from my workstation with Secondary and Tertiary DNS added :
bash-3.1# telnet forces.gc.ca 80
Trying 131.137.250.121...
Connected to forces.gc.ca (131.137.250.121).
Escape character is '^]'.

bash-3.1# telnet forces.gc.ca 25
Trying 131.137.250.121...
telnet: connect to address 131.137.250.121: Connection timed out
telnet: Unable to connect to remote host: Connection timed out

The mail server from forces.gc.ca is mx01.forces.gc.ca (131.137.245.201)

From my server :
root@serverh:~# telnet mx01.forces.gc.ca 25
telnet: mx01.forces.gc.ca: Temporary failure in name resolution
mx01.forces.gc.ca: Host name lookup failure

root@serverh:~# telnet 131.137.245.201 25
Trying 131.137.245.201...
Connected to 131.137.245.201.
Escape character is '^]'.
220 SMTP SMTP Proxy Service Ready

From my workstation
bash-3.1# telnet mx01.forces.gc.ca 25
Trying 131.137.245.201...
Connected to mx01.forces.gc.ca (131.137.245.201).
Escape character is '^]'.
220 SMTP SMTP Proxy Service Ready

I think that is a DNS problem. Modify all workstations(Windows) from my local area network adding a Secondary DNS is not a good idea. Maybe I could modify only /etc/resolv.conf file adding the IP addresses from my ISP :

search mydomain.com
127.0.0.1
nameserver 64.254.x.x
nameserver 216.94.x.x.

It is correct? I need restart any service ? or I need do another thing.

Thanks a lot.

E

zackwasa 09-24-2011 05:29 AM

Try adding the google resolver as your first one:
nameserver 8.8.4.4

Check if you can access all domains fine after that.

RMI

Eduardo Mena 09-24-2011 08:18 PM

Thanks zackwasa

Now, I can to access the website ! , I'm going to test the email.

Eduardo Mena 09-27-2011 08:39 AM

Hi,

The email is working very well.
The problem is fixed.

Thanks to everybody.


All times are GMT -5. The time now is 02:27 AM.