Topic: Mail issues after changing to server only

[AssureTek]

Hi

The server was originally a gateway and firewall with virtual hosts.  We moved to a UTM router and I port forwarded the ports but for some reason the SMTP server will not respond.

I reconfigured the server for its new role as server only.

I can telnet localhost 25 no problems but I can not telnet from the local LAN let alone an Internet port.

It seems to me that the SMTP server is only looking at localhost.

I am relatively new to SME and only this single client of mine uses it.

Anyhelp would be appreciated.

[mmccarn]

My guess is that something in your server's history has generated non-standard service configuration settings.

Here are a couple ideas on things to look for:

Check the "status", "access","AllowHosts" and "DenyHosts" settings for smtpd and qpsmtpd.

From a shell prompt, type:
config show smptd
and
config show qpsmtpd


Make sure that "access" is "public" and "status" is "enabled" (case is critical - enabled does not equal Enabled).  By default there will be no entry for either AllowHosts or DenyHosts.


Correct access and status using the appropriate command(s):
config setprop smtpd access public
config setprop smtpd status enabled
config setprop qpsmtpd access public
config setprop qpsmtpd status enabled

If you are showing values for AllowHosts or DenyHosts, figure out what they're doing and if they're relevant or required.  If you decide you don't need them, they can be deleted using one of these commands:
[config delprop smtpd AllowHosts
[config delprop smtpd DenyHosts
[config delprop qpsmtpd AllowHosts
[config delprop qpsmtpd AllowHosts

Activate your changes using:
signal-event email-update

...and try again from the LAN.

You can reset your service configuration settings to SME default values as shown here (but record the current settings first):
http://wiki.contribs.org/DB_Variables_Configuration#Setting_db_variables_to_default_values

[AssureTek]

Thanks for that.

I did what you say and can now telnet from the local network.

I have many other port forwards that are working just port 25 is not from external. Eg No probs SSH into the system. So I am quite sure that my router is correct. We also have an asterisk server with many PF rules and that works.

matrix:~# nmap mail.xxxxxxx.com

Starting Nmap 5.00 ( http://nmap.org ) at 2013-05-29 12:48 WST
Interesting ports on xxxx.x..x..x..xxx):
Not shown: 991 filtered ports
PORT     STATE  SERVICE
110/tcp  closed pop3
143/tcp  open   imap
222/tcp  open   rsh-spx
465/tcp  open   smtps
993/tcp  open   imaps
995/tcp  closed pop3s
1723/tcp open   pptp
3389/tcp open   ms-term-serv
5060/tcp closed sip

Nmap done: 1 IP address (1 host up) scanned in 21.90 seconds



config show smtpd
smtpd=service
    Authentication=enabled
    Instances=40
    InstancesPerIP=5
    MaximumDateOffset=0
    PatternsScan=enabled
    Proxy=disabled
    TCPPort=25
    TCPProxyPort=25
    VirusScan=disabled
    access=public
    status=enabled
    tnef2mime=enabled

config show qpsmtpd
qpsmtpd=service
    Bcc=disabled
    BccMode=cc
    BccUser=maillog
    DNSBL=enabled
    LogLevel=6
    MaxScannerSize=25000000
    RBLList=whois.rfc-ignorant.org:dnsbl.njabl.org:zen.spamhaus.org
    RHSBL=enabled
    RelayRequiresAuth=enabled
    SBLList=dsn.rfc-ignorant.org
    TlsBeforeAuth=1
    access=public
    qplogsumm=disabled
    status=enabled

[CharlieBrady]

It should "just work", and if it doesn't, OP should create a bug report. Since it's still not working correctly, OP should still create a bug report. Diagnosing the original problem will likely be more difficult now, since the configuration has been changed. My advice is to always try to completely diagnose a problem before attempting to fix it.