Topic: SMTP port closed on external interface - No external mail co

[Bill Talcott]

http://forums.contribs.org/index.php?topic=16790.msg65027#msg65027

http://forums.contribs.org/index.php?topic=16790.msg65027#msg65027

Those two appear to be the same thing. Users were reporting that they weren't getting any external emails in. An external port scan showed 25 as "stealth". Opening 25 via the Port Opening contrib fixed the problem for now, but I'd really like to know why it's doing this. I have a 5.5U5 with Damien's Amavis+Clam and SSMTP addons, but nothing has changed recently to cause this. Anyone have any ideas why port 25 wouldn't be open?

[Dan Williams]

Hi Bill,
I am the original poster of the:
http://forums.contribs.org/index.php?topic=16790.msg65027#msg65027
Damien's Contrib is unrelated to this, as we did not have it loaded on our machine that had the problem. Do have RAV however, but that is not the problem.
We were able to open the port as you described and that sorted it out for that instance. One thing I noticed while watching the console on this machine while it booted, was that qmail would fail to load.
Starting and stopping qmail manually in our case also opened the port.
What did we do to fix it? It just "cleared itself up"
We to would like an answer, for next time.
Dan

[Bill Talcott]

We don't have RAV, so I agree that it's probably not related to the problem.

Also, restarting qmail doesn't fix it. Everything that should be starting does. I don't know of any changes that could cause this. It worked one day, the next it didn't.

[Dan Williams]

Hi Bill,
Is it working now?
Did it just "cleared itself up" like ours?
Dan

[Bill Talcott]

Nope, it's still not working. If I remove the port opening entry for 25, the port goes "stealthed" and doesn't receive incoming mail. After removing the rule, I've tried running every email-related "-update" command I could find, restarting qmail, etc. Once the port is reopened via the panel, it works fine again. It's very possible that I'm just not doing the right thing to restore the default configuration, but nothing I've tried seems to help.

Any other suggestions as to commands or settings to try?

[Niels Leeuwis]

Hello,

Exactly the same problem here, I started testing with 5.6 and discovered that I did not receive e-mail, exept from some servers. Downgraded to 5.5, same problem. Checking my ports indicates that 25 is stealthed and I'm to much a newbee to know how to open that port ...

My setup is a DSL connection with a smoothwall firewall, the Mitel web & mail server is in the DMZ en the ports 25, 80 & 110 are forwarded to the Mitel.

What I think is strange is that when I sent an email from my local network to my mail server in the DMZ the header indicates that it does reach the SMTP server from my provider and that server relays it back to my mailserver. That message arrives in the mailbox from my Mitel.
{see header below}
Return-Path:
Delivered-To: niels@digital-1.leeuwis.org
Received: (qmail 3083 invoked by alias); 18 Apr 2003 13:25:18 -0000
Delivered-To: alias-localdelivery-niels@leeuwis.org
Received: (qmail 3080 invoked from network); 18 Apr 2003 13:25:17 -0000
Received: from smtp05.wxs.nl (195.121.6.57)
  by digital-1.leeuwis.org (172.16.56.10) with ESMTP; 18 Apr 2003 13:25:17 -0000
Received: from pc1 (ip3e830887.speed.planet.nl [62.131.8.135])
 by smtp05.wxs.nl (iPlanet Messaging Server 5.2 Patch 1 (built Aug 19 2002))
 with SMTP id <0HDJ00ATKJX0AL@smtp05.wxs.nl> for niels@leeuwis.org; Fri,
 18 Apr 2003 15:24:37 +0200 (MEST)
Date: Fri, 18 Apr 2003 15:26:01 +0200
From: Niels Leeuwis
Subject: test van nl net
To: niels@leeuwis.org
Message-id: <000c01c305ae$0e37eb60$0a3ca8c0@smoothwall>
MIME-version: 1.0
X-MIMEOLE: Produced By Microsoft MimeOLE V5.50.4920.2300
X-Mailer: Microsoft Outlook Express 5.50.4920.2300
Content-type: text/plain; charset=Windows-1252
Content-transfer-encoding: 7BIT
X-Priority: 3
X-MSMail-priority: Normal

When I sent a message from a hotmail account or from an other provider (12move in this example) messages never arrive and I get an reply that the server mail.leeuwis.org doesn't respond.

Any idears ??

Niels

[Terry Brummell]

Is this the correct IP address?

Validation results
Timed out

canonical address:

MX records preference exchange IP address (if included)
10 mail.leeuwis.org [62.131.8.135]
SMTP session

[Contacting mail.leeuwis.org [62.131.8.135]...]
[Timed out]

[Niels Leeuwis]

Hello,

> Is this the correct IP address?
>
> Validation results
> Timed out
>
> canonical address:
>
> MX records preference exchange IP address (if included)
> 10 mail.leeuwis.org [62.131.8.135]
> SMTP session
>
> [Contacting mail.leeuwis.org [62.131.8.135]...]
> [Timed out]

Yes, it's the correct IP adress, set up of the IP is ADLS modem/router
62.131.8.135 ADSL modem 10.0.0.138 - 10.0.0.150 smoothwall 172.16.56.1:25 -
172.16.56.10:25 Mitel

port scans indicate port 25 stealthed ...

Niels

[Terry Brummell]

Port scans inside your network, or from the public side?  If that's from the public side try and telnet to port 25 on your SME...

[Bill Talcott]

Niels Leeuwis wrote:
>
> Exactly the same problem here, I started testing with 5.6 and
> discovered that I did not receive e-mail, exept from some
> servers. Downgraded to 5.5, same problem. Checking my ports
> indicates that 25 is stealthed and I'm to much a newbee to
> know how to open that port ...

Install the Port Opening contrib and open port 25. That should work as a temporary fix...

[Niels Leeuwis]

Port scan from outside (using GRC.COM and Sygate). Scanning port 25 is not visible in the firewall logs so it's being sent to the mitel.

[Niels Leeuwis]

I read about the port opening contrib before but failed locating it

Niels

[Dan Williams]

I would not make any drastic changes at this point such as port opening contribs etc.
I have had the exact same thing happen a few times, and it just clear itself up.
Try this for the heck of it.
/etc/rc.d/init.d/network restart
service qmail restart
nmap 'your internal ip'
As well, what mode is your server running in?
Have you by chance recently changed it's role?
Dan

[Terry Brummell]

Try telnetting to port 25 *internally*, from the same subnet as the SME.  This will tell you if the problem is on your SME box or your NAT/router setup.  If you connect properly you should see something like:

220 pdc.brummell.net mailfront ESMTP

[Niels Leeuwis]

> I have had the exact same thing happen a few times, and it
> just clear itself up.

I don't like computer problems that clear themselves up ....)

> Try this for the heck of it.
> /etc/rc.d/init.d/network restart
> service qmail restart

no result,

> nmap 'your internal ip'

command not found

> As well, what mode is your server running in?

server only mode

> Have you by chance recently changed it's role?

nope, I did a fresh install this afternoon, first 5.6 to fix the problem, when that didn't work 5.5 but that didn't fix the problem. what puzzles me is that I was able to receive some mail, but not from all places.

Niels

(have to take the wife out for dinner in 15 mins, so have to puzzle again tomorrow...
thanks for the efford so far)