Hi,

I'm trying to test smtp connectivity to my postfix configuration and I can telnet to port 25 from the computer itself but cannot from the outside. I get a connection refused error message. What am I doing wrong? I believe my dns is setup correctly as it seems the telnet can hit the box so I'm fairly sure its not that.

Thanks.

DO the following command, and see if your port 25 is running on 0.0.0.0 or 127.0.0.1, which is wrong (127.0.0.1)

netstat -an | grep LIST

It must not be be

tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN

but

tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN

1 members found this post helpful.

Is iptables enabled on the box? Is there a firewall between the two?

1 members found this post helpful.

Is postfix listening on your public IP? do: lsof -ni tcp:25. If you only see postfix listening on localhost, you need to configure it to listen on all interfaces instead.

Or you may have a firewall on that is refusing connections, or a router in the way that is not forwarding the port.

1 members found this post helpful.

It's showing 127.0.0.1:25 0.0.0.0* LISTEN

What does that mean?

I don't have any firewall on and it does seem to be listening on localhost only. How do I change it to listen on all interfaces?

Why are you trying to telnet to your smtp port? They're completely different services. Telnet is usually listening on port 21.

Maybe i should add that this is related to the problem I have of only being able to send email and not receive. Perhaps it does have something to do with DNS too?

That is your problem right there buddy

If you do

netstat -an | grep LIST

It must show

tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN

By default your MTA is configured to ONLY listen on your localhost (127.0.0.1) to prevent spammers from picking up a newbie mail server installation

You must change your postfix mc file to listen on 0.0.0.0 and not on 127.0.0.1

DO you know how to do that ?

You are missing the point of this excersise bud

If you do

telnet 127.0.0.1

You will make a connection on port 23 yes

If you do the following

telnet 127.0.0.1 25

Then you make a port 25 connection and not a port 23 connection

You can also telnet to port 22, 80, 110, 143 etc to test and see if your ports are listening etc.

No, I don't. Im the newbie mail server installation that spammers love I guess.

If you have an MTA listening on port 25 then when you telnet to that port you should see a response. That will tell you if the MTA is listening. This is a widely used test procedure.

LOL, no worries.

I use Sendmail all the time, but I will try and help, since I have done Postfix installs as well, much stronger than Sendmail

OK, so ..

Edit /etc/postfix/master.cf file

look for the line with the 127.0.0.1 in it

replace the 127.0.0.1 with 0.0.0.0

save and quit file, restart postfix, let me know

1 members found this post helpful.

It's axiomatic that someone will always quote your post if you make a simple mistake, so first let me clear up that telnet is port 23, not 21. Port 21 is default for FTP. I always seem to reverse those two, because it seems to me that ssh (port 22) should have come AFTER the unsecured version.

With that said, I was unaware of this trick, which is why I asked the question. It's still more useful to test the connection with the right kind of request, though. All the telnet trick will tell you is that something is listening there, whereas sending a simple smtp message will test that and more.

Thats an aphorism for sure.

Using telnet to connect to the mail server, will certainly give you more than just an ack that something is listening. It should give an insight into what is going on. Of course, you have to do this once connected:
You should see plenty of output while doing this. After that, the logs are a good place to go.

1 members found this post helpful.