Forum

This forum uses cookies
This forum makes use of cookies to store your login information if you are registered, and your last visit if you are not. Cookies are small text documents stored on your computer; the cookies set by this forum can only be used on this website and pose no security risk. Cookies on this forum also track the specific topics you have read and when you last read them. Please confirm whether you accept or reject these cookies being set.

A cookie will be stored in your browser regardless of choice to prevent you being asked this question again. You will be able to change your cookie settings at any time using the link in the footer.
Sentora Support Forums Sentora Forum Archives Sentora Public Support Forums v1.0.x Email Support v1.0.x v Email server not working to external (host rejected)

Email server not working to external (host rejected)
Mykael Offline
Sentora Member
*
OS: CentOS 6.8 / 64-bit
Version: 1.0.3
Server: Work, Dedicated
Posts: 4
Threads: 2
Joined: Aug 2015
Reputation: 0
Sex: Male
Thanks: 0
Given 1 thank(s) in 1 post(s)
#3
RE: Email server not working to external (host rejected)
 05-01-2016, 07:21 PM (This post was last modified: 05-01-2016, 08:32 PM by Mykael.)
(05-01-2016, 05:46 AM)Me.B Wrote: If I try to telnet port 25 on your server, it's not responding...

Are you sure port 25 is open? I tried using the domain you posted here. That's an issue.

M B

I flushed all configs from iptables, added again new rules, installed Nmap to check if tcp/udp ports are opened.
here are the result:

Starting Nmap 5.51 ( http://nmap.org ) at 2016-05-01 11:13 EEST
Nmap scan report for mail.rocomputers.ro (193.138.195.25)
Host is up (0.000094s latency).
PORT    STATE  SERVICE
25/udp  closed smtp
53/udp  open   domain
80/udp  closed http
465/udp closed smtps
All 1000 scanned ports on mail.rocomputers.ro (193.138.195.25) are open|filtered

I can see now that something is wrong in the udp ports, but seems that even if i set the rules to allow them, they are ignored and remain closed.
------------------------------
Another scan for TCP ports:
Starting Nmap 5.51 ( http://nmap.org ) at 2016-05-01 11:53 EEST
Nmap scan report for mail.rocomputers.ro (193.138.195.25)
Host is up (0.000015s latency).
Not shown: 10006 closed ports
PORT     STATE SERVICE
21/tcp   open  ftp
22/tcp   open  ssh
25/tcp   open  smtp
53/tcp   open  domain
80/tcp   open  http
110/tcp  open  pop3
143/tcp  open  imap
587/tcp  open  submission
3306/tcp open  mysql
4190/tcp open  sieve

My current iptables rules are this:

# Generated by iptables-save v1.4.7 on Sun May  1 10:52:50 2016
*filter
:INPUT DROP [3:1728]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [9:3096]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -j DROP
-A INPUT -p tcp -m tcp ! --tcp-flags FIN,SYN,RST,ACK SYN -m state --state NEW -j DROP
-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG FIN,SYN,RST,PSH,ACK,URG -j DROP
-A INPUT -i lo -j ACCEPT
-A INPUT -s 89.40.29.186/32 -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -s 193.138.195.25/32 -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -p udp -m state --state NEW -m udp --dport 53 -j ACCEPT
-A INPUT -p udp -m state --state NEW -m udp --dport 80 -j ACCEPT
-A INPUT -p udp -m state --state NEW -m udp --dport 465 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 20 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 21 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 25 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 53 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 110 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 143 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 443 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 465 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 587 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 3306 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 995 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 10025 -j ACCEPT
COMMIT
# Completed on Sun May  1 10:52:50 2016
--------------------------------------------

Tested the iptables chain policy:
Chain INPUT (policy DROP)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED
DROP       tcp  --  anywhere             anywhere            tcp flags:FIN,SYN,RST,PSH,ACK,URG/NONE
DROP       tcp  --  anywhere             anywhere            tcp flags:!FIN,SYN,RST,ACK/SYN state NEW
DROP       tcp  --  anywhere             anywhere            tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN,SYN,RST,PSH,ACK,URG
ACCEPT     all  --  anywhere             anywhere
ACCEPT     tcp  --  186.29.40.89.abcnet.ro  anywhere            tcp dptConfusedsh
ACCEPT     tcp  --  mail.rocomputers.ro  anywhere            tcp dptConfusedsh
ACCEPT     udp  --  anywhere             anywhere            state NEW udp dpt:domain
ACCEPT     udp  --  anywhere             anywhere            state NEW udp dpt:http
ACCEPT     udp  --  anywhere             anywhere            state NEW udp dpt:igmpv3lite
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ftp-data
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ftp
ACCEPT     tcp  --  anywhere             anywhere            tcp dptConfusedsh
ACCEPT     tcp  --  anywhere             anywhere            tcp dptConfusedmtp
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:domain
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:http
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:pop3
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:imap
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:https
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:urd
ACCEPT     tcp  --  anywhere             anywhere            tcp dptConfusedubmission
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:mysql
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:pop3s
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:10025

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

I test also in telnet, and it gives me the ESMT mesage that i added in configs, and nothing else.. Huh
Can i get a working iptables with corect rules (il add manually for test)? if you have..., or tell me if something is wrong with them, pls.

Im still newbie to linux, i come from zpanel from windows, but i'm learning fast the new operating system.
Find
Reply
Thanks given by:


Messages In This Thread
RE: Email server not working to external (host rejected) - by Mykael - 05-01-2016, 07:21 PM

Possibly Related Threads…
Thread Author Replies Views Last Post
Email has suddenly stopped coming through rsthomas 4 6 ,700 10-12-2022, 09:29 PM
Last Post: rsthomas
user: 'postfix' host: 'localhost' (Got an error reading communication packets) cezars 0 3 ,023 02-01-2022, 08:58 PM
Last Post: cezars
External mail client cannot connect to server iraqiboy90 2 7 ,559 02-28-2021, 11:34 AM
Last Post: iraqiboy90

Forum Jump:


Users browsing this thread: 1 Guest(s)