How do I know if it is my iSP blocking port 25 or my RH8 Firewall setting
I am having problems with port 25.
NMAP shows port 25 is open when I scan localhost NMAP shows port 25 is close when I scan my public ip 216.232.47.51 FTP, HTTP, SSH, POP3 and IMAP is open I tried setting the redhat-config-securitylevel however the secrity level always showing high on the graphical UI? I have tried to set it to none or medium then go back to UI and still the same. Restarting the server does not work. Here are the IMAP scans: Interesting ports on sony1 (127.0.0.1): (The 1592 ports scanned but not shown below are in state: closed) Port State Service 21/tcp open ftp 22/tcp open ssh 25/tcp open smtp 80/tcp open http 106/tcp open pop3pw 110/tcp open pop-3 143/tcp open imap2 443/tcp open https 6000/tcp open X11 Interesting ports on sony1.28c.net (216.232.47.51): (The 1593 ports scanned but not shown below are in state: closed) Port State Service 21/tcp open ftp 22/tcp open ssh 80/tcp open http 106/tcp open pop3pw 110/tcp open pop-3 143/tcp open imap2 443/tcp open https 6000/tcp open X11 Thanks Lawrence |
Still new to Linux. Tried shutting down IPTABLES but port 25 still closed :(
|
Post your iptables firewall rules, it's under /etc/sysconfig, and we'll see, ok.
|
Which file in /etc/sysconfig do you need? There are no files starting with ip*. As far as I know firewall is not running.
[root@sony1 init.d]# ./iptables status Table: filter Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination [root@sony1 init.d]# ./ipchains status bash: ./ipchains: No such file or directory |
As far as I know firewall is not running.
Any box connected to a network should have a firewall running, especiall a public one. Please see the 1st thread in this forum, 2nd post for firewall HOWTO's, scripts etc. |
It was hook up to the DMZ zone of the Sonicwall Firewall but I was trying to trouble shoot the port 25 problem. That why it is wide open.
I will take a look at your posts.. Thanks |
if you want to know if its blocked by your isp you might just give them a call and ask them. Or just disable your firewall or flush all its rules(iptables -F) and run nmap again, if the port is still blocked is most likely that your isp has it blocked. I still think that the easiest way to find out is to call your isp and ask.Most isp's do block port 25 to prevent spam.
|
I have confirmed that ISP is not blocking any port. I also tried moving the server back into LAN and tried to telnet into linux box from another machine at port 25, however it is still unsucessful.
This server is a new install. Firewall is not running. :( |
you might want to double check that since i have noticed that some isp representatives don't actually know if they are blocking ports. My isp use to be verizon dsl and they block ports 25 and 80 so i called them up to ask why, the rep told me and explaine why(mostly because of spam and virus). I got disconnected so i called again and another rep answered and he told me they didnt block any ports.
|
Check your /var/log/maillog file for any errors or hints. run netstat -a and look for the smtp entry. It should be in listening to smtp port (25). Mine looks like this:
Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 *:smtp *:* LISTEN Roger. |
I have found out there is a configuration item in /etc/mail/sendmail.mc that said to only listen to 127.0.0.1 (localhost). It shouldn't have been there, but it was.
Everything is working now. Thanks |
All times are GMT -5. The time now is 08:23 PM. |