News: This forum is now permanently frozen.
linktree m0n0wall Forum  >  m0n0wall Support (English)  >  Firewall/NAT
linktree Topic: Mail Server Behind Monowall
Pages: [1]
Topic: Mail Server Behind Monowall  (Read 3414 times)
« on: February 26, 2010, 17:52:48 »
lalo *
Posts: 24
I have a mail server with 10.0.0.20 address
And this are the service that i want to have avaible from the wan.

25/tcp   open  smtp
110/tcp  open  pop3
143/tcp  open  imap
993/tcp  open  imaps
995/tcp  open  pop3s

I have create INBOUND NAT for each service
If   Proto   Ext. port range   NAT IP   Int. port range   Description   
WAN    TCP    25 (SMTP)    10.0.0.20    25 (SMTP)    mail.hi.me SMTP          
WAN    TCP    110 (POP3)    10.0.0.20    110 (POP3)    mail.hi.me POP3     
WAN    TCP    143 (IMAP)    10.0.0.20    143 (IMAP)    mail.hi.me IMAP     
WAN    TCP    993    10.0.0.20    993    mail.hi.me IMAPS     
WAN    TCP    995    10.0.0.20    995    mail.hi.me POP3S    

with the option to create the automatc rules for the firewall
And this are the rules...

Proto   Source   Port   Destination   Port   Description   
   

TCP    *    *    10.0.0.20    25 (SMTP)    NAT mail.hi.me SMTP    
   

TCP    *    *    10.0.0.20    110 (POP3)    NAT mail.hi.me POP3    
   

TCP    *    *    10.0.0.20    143 (IMAP)    NAT mail.hi.me IMAP    
   

TCP    *    *    10.0.0.20    993    NAT mail.hi.me IMAPS    
   

TCP    *    *    10.0.0.20    995    NAT mail.hi.me POP3S


The problem is i cant send and recieve email to my server from mailserver out of my lan.

The CNAME and the A configuration of the dns are correct.
The question that i want to ask you is if the rules are correct, to make accessible the server is that the correct way? Create inbound rules with automatic firewall rules??

Thank You & sorry for my bad English
« Reply #1 on: February 27, 2010, 07:09:38 »
rpsmith ***
Posts: 113
your NAT and firewall rules look fine.  are you sure your network provider is not blocking port 25?  does your firewall log show anything being blocked?  what is showing up in your mail server's SMTP log?  did you setup an MX and SPF record on your domains DNS server?  did your network provider setup a PTR record for your public IP?  is your public IP static?

Roy...
« Last Edit: February 27, 2010, 07:17:57 by rpsmith »
« Reply #2 on: February 27, 2010, 13:05:27 »
lalo *
Posts: 24
I dont know why, today i can recieve emails but if i send an email to my gmail account i cant recieve it.

I have get a look to the /var/log/mail.log and my server sends the mail but the mail is not recieved to the gmail account, if i send the email to che hotmail account i recieve this message.

Diagnostic-Code: smtp; 550 DY-001 Mail rejected by Windows Live Hotmail for
   policy reasons. We generally do not accept email from dynamic IP's as they
   are not typically used to deliver unauthenticated SMTP e-mail to an
   Internet mail server. http://www.spamhaus.org maintains lists of dynamic
   and residential IP addresses. If you are not an email/network admin please
   contact your E-mail/Internet Service Provider for help. Email/network
   admins, please visit http://postmaster.live.com for email delivery
   information and support

I have a dinamic ip with a dyndns setup on monowall does it mean that i cant use my server with my dinamic IP ?? Is there a hack to fix that??



Thanks for help Cheesy
« Last Edit: February 27, 2010, 13:17:35 by lalo »
« Reply #3 on: February 28, 2010, 02:33:53 »
rpsmith ***
Posts: 113
you need a static IP or a service like this:

http://www.no-ip.com/services/managed_mail/outbound_port_25_unblock.html

Roy...
 
Pages: [1]
 
 
Powered by SMF 1.1.20 | SMF © 2013, Simple Machines