SMTP service

[johanl]

Hi,

 

I installed a new Mandrake 10.0 pc, which is going to be my web/mail/ftp server. Postfix is installed and running, only the pc does not accept connections on port 25. I don't see anything like a smtp daemon, is there something like that or should Postfix accept connections on that port? If that is the case, why doesn't it do that then?

[Guest anon]

Make sure you allow connections through port 25 on your firewall script.

If 25 is open then,

If your running webmin, go to >>Networking>>>>>Extended internet services, and enable smtp

[johanl]

Ok, looked there but SMTP is not in that list...What's best to do now?

[streeter]

The service postfix should be running - check with drakxservices.

 

How far have you got, and what are you trying to achieve, i.e. do you wish to run an internet visible server, or just outbound for your private network?

 

Can you telnet to your smtp server - "telnet <IP_ADDRESS> 25" from your LAN?

 

You will need to open up port 25 on your firewall, and also set postfix up to listen on any required interface - the "inet_interfaces = " directive in the main.cf file.

 

Webmin is quite good for setting the server up.

 

Chris

[johanl]

No it does not accept anything at port 25, and there is no firewall running on it. And Postfix is running I checked that with postfix reload

Edited July 7, 2004 by johanl

[streeter]

So is postfix running?

 

"service postfix status" should give you "master (pid xxx) is running..."

 

If not, try "service postfix start" or use drakxservices.

 

If you still cannot telnet to port 25, you need to edit the configuration - it would help us if you told us exactly what you are trying to achieve and how far you have got...

 

If you use webmin to set postfix up, you probably don't have to do a lot of configuration.

 

Chris

[johanl]

And Postfix is running I checked that with postfix reload

 

Yes, it is running. The pc running postfix only has one network interface, but it does have to be visible on the internet. My firewall is setup to forward port 25 to that pc. However it doesn't even accept telnet on port 25 from my inside network.

[streeter]

>>Yes, it is running

Sorry - reading too quickly!!

 

Have you a line in /etc/postfix/main/cf that says inet_interfaces = all ?

This sets the ports to listen to.

 

Can you ping the postfix machine?

 

Can you telnet from the postfix machine itself to port 25?

 

Chris

[johanl]

I've set the inet_interfaces = all in the main.cf, refreshed postfix, but it still says

Connection refused. If I do a telnet ip 110 it does work, the POP3 server answers.

 

Telnet is not installed by default with Mandrake 10 I noticed, so I can't test that...

[streeter]

"urpmi telnet-client" to install

[johanl]

Interesting, I can connect to the postfix server from the same machine, so:

 

telnet 127.0.0.1 25

 

I can also connect to the firewall from that pc...

I went to Mandrake Control Center, and then to Security - Level and Checks.

There the machine is set to Standard and the description for that level is that it's best when the computer only connects to the internet as a client. Should I change it too poor since I have a firewall?

[streeter]

>> Should I change it too poor since I have a firewall?

Not really - best to have multi-level security.

 

The security levels do not refer directly to the firewall - they do quite a few other things, like checking file permissions and running checks - have a look here for more info: Msec

 

Can you also connect to the interface itself? i.e. "telnet 192.168.0.1 25" or whatever address you are using, rather than 127.0.0.1

 

My guess is you have a firewall on this machine blocking input - post the output of "iptables -nvL". If you get an error, "urpmi iptables" to install it.

 

For testing only, I have a short howto disable a firewall at Disable your firewall

 

Or you could just open port 25 with

iptables -I INPUT 1 -i eth0 -p tcp --dport 25 -j ACCEPT

But be warned this will be the first rule in the chain - you may want to put other rules before it.

 

Chris

[johanl]

iptables is not installed on my postfix server, so I guess that can't block port 25. However, when I do a telnet 192.168.117.156 25 on that postfix server, it doesn't work, could it by my firewall pc not allowing that? I can't think of something else.

 

And when I do a telnet 192.168.117.156 80 from my firewall (to my postfix pc) it works, Apache2 "answers". So why doesn't Postfix answers?

Edited July 8, 2004 by johanl

[johanl]

Ok, after rebooting the Postfix server it works! I think maybe setting inet_interfaces=all might have done the trick. I did a postfix reload after changing that line (it was commented with a #) but that apparantely wasn't enough.

 

Now only to get my firewall forwarding to that pc... ;)

 

thread

Edited July 9, 2004 by johanl

[streeter]

Glad I checked before posting this - I was typing loads of stuff (mostly rubbish) - you fixed it!

 

You don't need iptables installed to have a firewall - iptables is just a 'front end' to the kernel netfilter code and is worth installing to use for troubleshooting. You may have something else setting up a firewall, most likely shorewall.

 

masonjd

>>I hope no one minds...

Of course not - the more the merrier!!

 

Chris