Topic: Need Advise on my setup

[kryptos]

Hi All,

Below is my network, I want to ask what is best possible way that I could run email server using sme on my local network and still be reachable from outside the internet. Currently ISP is dynamic ip address and due budget concern we don't have static ip to use.  I am considering No-ip.com mail reflector but I don't know how I can setup this is on sme behind a PFsense firewall and Public address is dynamic with it own modem router infront.

Currently everything are working firewall, fileserver, openvpn from pfsense. Only lacks is the email server function.

internet(dynamic ip) ----> ISP Modem Router(192.168.10.1)-----> [-------Switch-----]              192.168.1.xx
                                                                                               |    |________________> [Local Area Networks]
                                                                                               |(one nic only)
                                                                                        [192.168.10.2(pfsense)192.168.1.1] --> Firewall Router
                                                                                        [192.168.1.2(Proxmox)]
                                                                                        [192.168.1.3(SME Server- Server Only)]  - FileServer, Mail Server


Hope you give some insights on what to do. Any help would be greatly appriciated.


Best Regards,
Rocel

[brianr]

You need to get the router to port forward the necessary email ports  (25,465, 993 - depending whether you want to pick up email from outside - just 25 otherwise) to the server on 192.168.1.3.

Also you might well find that the router will support one or more Dynamic DNS Address services - I have used dyndns.org for many years for this, it will be updated by the router as the IP address changes, so your MX records can use the Dynamic DNS URL.

I hope this helps..

[kryptos]

You need to get the router to port forward the necessary email ports  (25,465, 993 - depending whether you want to pick up email from outside - just 25 otherwise) to the server on 192.168.1.3.

Also you might well find that the router will support one or more Dynamic DNS Address services - I have used dyndns.org for many years for this, it will be updated by the router as the IP address changes, so your MX records can use the Dynamic DNS URL.

I hope this helps..

Thanks Brian,  I thought it would be port 110 for POP, I just confused which is which when facing from internet side. Is it ok since I have 2 routers before the sme I just do double port forward. First from ISP router then on the pfsense router?


Best Regards,
Rocel

[janet]

kryptos

Port 25 for the mail server. Mail servers talk to each other using port 25.
Other ports eg 110 if you want to access your POP server (on your SME mail server) from outside your network using a mail client.
For IMAPS access (from external mail client) open 465
& so on.

[brianr]

Thanks Brian,  I thought it would be port 110 for POP, I just confused which is which when facing from internet side. Is it ok since I have 2 routers before the sme I just do double port forward. First from ISP router then on the pfsense router?

yes, if all the ports are forwarded to the pfsense firewall (i suppose they must be!), then it must forwarded from there. The dynamic dns update must be in the ISP router though.

[kryptos]

Thanks for the help Janet, Brian,

I think I'll go ahead with the configuration. Be back for the result

Regards,
Rocel