Postfix mail server not accepting incoming mail from the external interface

rexmundi · 12-19-2003, 08:50 AM

Hi all,
I have an ADSL connection which is on most of the time (except at night, when I turn everything off as I can't sleep with 4 computers buzzing right next to me). My ADSL connection is on a Linux machine named charon which connects my internal network (eth0, 10.0.0.2/24) to the Internet (ppp0) and acts as a mail server (postfix), among other things. But for some reason the darn thing won't accept any mail from the Internet. In fact, it won't even accept a SMTP connection. I've tried this from work (where I am now, so I can't post my config file just yet) using telnet, which should work right? But telnet just hangs. I did set something in my config file to only accept connections from my internal network, but as I understand it this was for specifying which hosts can relay mail, and shouldn't end up blocking incoming connections. I've looked all over, but I can't figure out what's wrong. Anybody out there know what I'm missing?

TIA, rogier

chort · 12-19-2003, 01:04 PM

If
telnet <ip address|server name> 25
just hangs, then there is a firewall in between dropping packets. If the port just wasn't listening, you would get a connection refused.

rexmundi · 12-19-2003, 01:39 PM

No, its isn't the firewall, it's set like so:
iptables -A INPUT -p tcp --dport 25 -j ACCEPT
(or something similar, typing from memory here)
And in my firewall script there's a line just below this one which is the same, except that it's for port 110 (POP3), and I can log in to the POP3 server from anywhere just fine.

chort · 12-19-2003, 01:46 PM

I didn't say it was necessarily *your* firewall...

rexmundi · 12-19-2003, 07:21 PM

I hadn't thought of that! (Silly me)
I'll go check my ISP's homepage or something...

jschiwal · 12-22-2003, 03:46 PM

Many ISP's block port 25 traffic for consumer accounts. It is to stop traffic from infected computers attacking AOL. As i understand, AOL will block any ISP that doesn't do so. That means that outgoing mail has to go through the ISP.

shaggystyle · 12-22-2003, 04:08 PM

I'm having a similar problem with my SMTP server and I was curious about what jschiwal said. If the ISP block port 25 are there any ways to route your mail through another port?

chort · 12-22-2003, 04:41 PM

shaggystyle: Only if you know of a remote server that is willing to setup an SSH tunnel with you and forward your mail. You could setup port forwarding for SSH on a remote host and have it forward some high port to it's own SMTP daemon, but then their SMTP daemon would be doing all the delivery for you. Unless you're trying to prevent your ISP from scanning your mail, there really wouldn't be a good reason to go to all that trouble. Also, it requires access to a box that is not restricted like your ISP is doing to you.