1

Topic: Mail Server behind the Internet gate

Hi guys,

i'm new to linux world and I d like to ask you for help.

I have iRedMail server in the local network and connected to the internet via our gateway.

What steps should I do to receive mails on the server?

What should I put in iptables of the gateway server

Additional info: main server is connected to the ISP via eth0 interface, and to the mail server via eth1 interface. Mail server local ip 192.168.2.139, server local ip - 192.168.2.254.

What should be the host name of gateway server and mail server?

Again sorry if this Q sounds stupid, but I cant solve it for a week already. Mail server is working only for local addreses, but can send or receive e-mails from other host.

Thks for the asnwers...

2

Re: Mail Server behind the Internet gate

you need seting port forward in gateway.

the good way is use google to help you.

3

Re: Mail Server behind the Internet gate

Forwarding all mail service request to mail server in your gateway, you can find mail service related network ports here:
http://www.iredmail.org/forum/topic209- … ports.html

4

Re: Mail Server behind the Internet gate

Hi again,

I put below lines in iptables config. Port forwarding is working 'cause I can connect to the mail server web interface from the outside network. All the required ports are opened. \

[root@alexlin ~]# iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 443 -j DNAT --to 192.168.2.139:443
[root@alexlin ~]# iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 25 -j DNAT --to 192.168.2.139:25
[root@alexlin ~]# iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 587 -j DNAT --to 192.168.2.139:587
[root@alexlin ~]# iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 3306 -j DNAT --to 192.168.2.139:3306
[root@alexlin ~]# iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 389 -j DNAT --to 192.168.2.139:389
[root@alexlin ~]# iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 636 -j DNAT --to 192.168.2.139:636
[root@alexlin ~]# iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 110 -j DNAT --to 192.168.2.139:110
[root@alexlin ~]# iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 995 -j DNAT --to 192.168.2.139:995
[root@alexlin ~]# iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 2000 -j DNAT --to 192.168.2.139:2000
[root@alexlin ~]# iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 10031 -j DNAT --to 192.168.2.139:10031
[root@alexlin ~]# iptables -A INPUT -p tcp -m multiport --dport 80,443,25,465,110,995,143,993,587,465,22,10000 -j ACCEPT

When I try to send mail via web interface - "Failed to send mail" error appears on the top.

When I try to send mail to the mail server - connection refused in the returned mail body.

Any ideas how to investigate this problem?

5

Re: Mail Server behind the Internet gate

tail -f /var/log/maillog
and see the messages , it should indicate why

did you try to telnet your mail server on port 25? and send an email via it?

telnet <IP> 25
helo l
mail from:<sender@domain>
rcpt to:<recipient@domain1>
data
subject:Test
.
quit

Replace all in <> with real data
then look into maillog the messages

6

Re: Mail Server behind the Internet gate

Did what U wrote to me. Below is the log. Could U please tell me what is wrong?

[root@alexlin ~]# telnet 192.168.2.139 25
Trying 192.168.2.139...
Connected to 192.168.2.139 (192.168.2.139).
Escape character is '^]'.
220 mail.aeps-group.cz ESMTP iRedMail
helo l
250 mail.aeps-group.cz
mail from:alex.levashev@aeps-group.cz
250 2.1.0 Ok
rcpt to:alex.levashev@gmail.com
553 5.7.1 <alex.levashev@aeps-group.cz>: Sender address rejected: not logged in

[root@mail ~]# tail -f /var/log/maillog
Jan 31 01:43:48 mail postfix/smtpd[6600]: disconnect from unknown[192.168.2.254]
Jan 31 01:47:08 mail postfix/anvil[6602]: statistics: max connection rate 1/60s for (smtp:192.168.2.254) at Jan 31 01:43:48
Jan 31 01:47:08 mail postfix/anvil[6602]: statistics: max connection count 1 for (smtp:192.168.2.254) at Jan 31 01:43:48
Jan 31 01:47:08 mail postfix/anvil[6602]: statistics: max cache size 1 at Jan 31 01:43:48
Jan 31 01:48:42 mail postfix/smtpd[6702]: connect from unknown[192.168.2.254]
Jan 31 01:52:07 mail postfix/smtpd[6702]: NOQUEUE: reject: RCPT from unknown[192.168.2.254]: 553 5.7.1 <alex.levashev@aeps-group.cz>: Sender address rejected: not logged in; from=<alex.levashev@aeps-group.cz> to=<alex.levashev@gmail.com> proto=SMTP helo=<l>
Jan 31 01:52:27 mail postfix/smtpd[6702]: disconnect from unknown[192.168.2.254]
Jan 31 01:52:30 mail postfix/smtpd[6702]: connect from unknown[192.168.2.254]
Jan 31 01:53:29 mail postfix/smtpd[6702]: NOQUEUE: reject: RCPT from unknown[192.168.2.254]: 553 5.7.1 <alex.levashev@aeps-group.cz>: Sender address rejected: not logged in; from=<alex.levashev@aeps-group.cz> to=<alex.levashev@gmail.com> proto=SMTP helo=<l>
Jan 31 01:55:14 mail postfix/smtpd[6702]: disconnect from unknown[192.168.2.254]

7

Re: Mail Server behind the Internet gate

When sending to the same rcpt via web interface, I get:

Jan 31 01:58:17 mail roundcube: [31-Jan-2010 01:58:17 -0100] IMAP Error: Authentication for alex.levashev@gmail.com failed (LOGIN): "a001 NO Authentication failed." (POST /webmail/?_task=&_action=login)
Jan 31 01:58:26 mail roundcube: [31-Jan-2010 01:58:26 -0100]: Successful login for alex.levashev@aeps-group.cz (id 1) from 192.168.2.254
Jan 31 01:58:34 mail postfix/anvil[6704]: statistics: max connection rate 1/60s for (smtp:192.168.2.254) at Jan 31 01:48:42
Jan 31 01:58:34 mail postfix/anvil[6704]: statistics: max connection count 1 for (smtp:192.168.2.254) at Jan 31 01:48:42
Jan 31 01:58:34 mail postfix/anvil[6704]: statistics: max cache size 1 at Jan 31 01:48:42
Jan 31 01:58:56 mail postfix/smtpd[6949]: connect from mail.aeps-group.cz[127.0.0.1]
Jan 31 01:58:56 mail postfix/smtpd[6949]: NOQUEUE: reject: RCPT from mail.aeps-group.cz[127.0.0.1]: 450 4.1.2 <alex.levashev@gmail.com>: Recipient address rejected: Domain not found; from=<alex.levashev@aeps-group.cz> to=<alex.levashev@gmail.com> proto=ESMTP helo=<81.0.197.58>
Jan 31 01:58:56 mail roundcube: Invalid response code received from server (450):
Jan 31 01:58:56 mail roundcube: [31-Jan-2010 01:58:56 -0100] SMTP Error: SMTP error: Failed to add recipient 'alex.levashev@gmail.com' in /var/www/roundcubemail-0.2.1/program/steps/mail/func.inc on line 1296 (POST /webmail/?_task=mail&_action=send)
Jan 31 01:58:56 mail postfix/smtpd[6949]: disconnect from mail.aeps-group.cz[127.0.0.1]

8

Re: Mail Server behind the Internet gate

Up

9

Re: Mail Server behind the Internet gate

Server is still down. Please help...

10

Re: Mail Server behind the Internet gate

Dear iRedMail developers - could it be the bug of iRedMail? Because I ve made a clean install of iRedMail OS and just made a port forwarding... Please help..!

11

Re: Mail Server behind the Internet gate

It's clear here:

Jan 31 01:53:29 mail postfix/smtpd[6702]: NOQUEUE: reject: RCPT from unknown[192.168.2.254]: 553 5.7.1 <alex.levashev@aeps-group.cz>: Sender address rejected: not logged in; from=<alex.levashev@aeps-group.cz> to=<alex.levashev@gmail.com> proto=SMTP helo=<l>

You have to use SMTP AUTH to send mail.

12

Re: Mail Server behind the Internet gate

ZhangHuangbin wrote:

It's clear here:

Jan 31 01:53:29 mail postfix/smtpd[6702]: NOQUEUE: reject: RCPT from unknown[192.168.2.254]: 553 5.7.1 <alex.levashev@aeps-group.cz>: Sender address rejected: not logged in; from=<alex.levashev@aeps-group.cz> to=<alex.levashev@gmail.com> proto=SMTP helo=<l>

You have to use SMTP AUTH to send mail.

Yes, but mainly I need to use web interface, and while using it I get different error:
Jan 31 01:58:56 mail roundcube: [31-Jan-2010 01:58:56 -0100] SMTP Error: SMTP error: Failed to add recipient 'alex.levashev@gmail.com' in /var/www/roundcubemail-0.2.1/program/steps/mail/func.inc on line 1296 (POST /webmail/?_task=mail&_action=send)
Jan 31 01:58:56 mail postfix/smtpd[6949]: disconnect from mail.aeps-group.cz[127.0.0.1]

How can I get rid of it?

13

Re: Mail Server behind the Internet gate

And this error too:

Jan 31 01:58:56 mail postfix/smtpd[6949]: NOQUEUE: reject: RCPT from mail.aeps-group.cz[127.0.0.1]: 450 4.1.2 <alex.levashev@gmail.com>: Recipient address rejected: Domain not found; from=<alex.levashev@aeps-group.cz> to=<alex.levashev@gmail.com> proto=ESMTP helo=<81.0.197.58>

14

Re: Mail Server behind the Internet gate

ripsmail wrote:

Recipient address rejected: Domain not found; from=<alex.levashev@aeps-group.cz> to=<alex.levashev@gmail.com>

Could you please use 'postmap' tool to verify your LDAP/SQL query in postfix? Make sure postfix can find your hosting domains.

15

Re: Mail Server behind the Internet gate

ZhangHuangbin wrote:
ripsmail wrote:

Recipient address rejected: Domain not found; from=<alex.levashev@aeps-group.cz> to=<alex.levashev@gmail.com>

Could you please use 'postmap' tool to verify your LDAP/SQL query in postfix? Make sure postfix can find your hosting domains.

As I told you before I n new to *nix and unfortunately I don't know how to use this POSTMAP command, could u please give me more details?

16

Re: Mail Server behind the Internet gate

Why not google first?

17 (edited by ripsmail 2010-02-02 17:32:08)

Re: Mail Server behind the Internet gate

ZhangHuangbin wrote:

Why not google first?

I had googled, and read the man for postmap, but you have to understand all the terminology of mail systems and so on and so on and I just took the ready inbox desicion of mail server, thought if would work out of the box, but it won't.

That's why I have written above that I m new to *nix and some words and commands should be unknown fo me.

So please - explain in normal words - what should I do to make this error disapper.

Thanks in advance.

18

Re: Mail Server behind the Internet gate

Please... I have no another way exept your consultation...

19

Re: Mail Server behind the Internet gate

Is that so hard to help me? I think you just need to see some of my config files and see some logs, and after u ll have some diagnose - u are the developers. please. thks in advance.

20

Re: Mail Server behind the Internet gate

Up

21

Re: Mail Server behind the Internet gate

Hi,

sorry, was not online.

your postfix config contains errors i think. i would suggest to reinstall everything.

forget first your external access  (forwarding) , disable all firewall (/etc/init.d/iptables stop )

and try if you can send a mail locally (from you to you) and that you can login in the webmail and any client(thunderbird, oe, ....)

maillog is your friend and will explain you the possible error and correction

when this part works, then you can work on the forwarding part.