Koozali.org: home of the SME Server
Obsolete Releases => SME Server 8.x => Topic started by: AssureTek on May 28, 2013, 01:07:54 PM
-
Hi
The server was originally a gateway and firewall with virtual hosts. We moved to a UTM router and I port forwarded the ports but for some reason the SMTP server will not respond.
I reconfigured the server for its new role as server only.
I can telnet localhost 25 no problems but I can not telnet from the local LAN let alone an Internet port.
It seems to me that the SMTP server is only looking at localhost.
I am relatively new to SME and only this single client of mine uses it.
Anyhelp would be appreciated.
-
My guess is that something in your server's history has generated non-standard service configuration settings.
Here are a couple ideas on things to look for:
Check the "status", "access","AllowHosts" and "DenyHosts" settings for smtpd and qpsmtpd.
From a shell prompt, type:
config show smptd
and
config show qpsmtpd
Make sure that "access" is "public" and "status" is "enabled" (case is critical - enabled does not equal Enabled). By default there will be no entry for either AllowHosts or DenyHosts.
Correct access and status using the appropriate command(s):
config setprop smtpd access public
config setprop smtpd status enabled
config setprop qpsmtpd access public
config setprop qpsmtpd status enabled
If you are showing values for AllowHosts or DenyHosts, figure out what they're doing and if they're relevant or required. If you decide you don't need them, they can be deleted using one of these commands:
[config delprop smtpd AllowHosts
[config delprop smtpd DenyHosts
[config delprop qpsmtpd AllowHosts
[config delprop qpsmtpd AllowHosts
Activate your changes using:
signal-event email-update
...and try again from the LAN.
You can reset your service configuration settings to SME default values as shown here (but record the current settings first):
http://wiki.contribs.org/DB_Variables_Configuration#Setting_db_variables_to_default_values
-
Thanks for that.
I did what you say and can now telnet from the local network.
I have many other port forwards that are working just port 25 is not from external. Eg No probs SSH into the system. So I am quite sure that my router is correct. We also have an asterisk server with many PF rules and that works.
matrix:~# nmap mail.xxxxxxx.com
Starting Nmap 5.00 ( http://nmap.org ) at 2013-05-29 12:48 WST
Interesting ports on xxxx.x..x..x..xxx):
Not shown: 991 filtered ports
PORT STATE SERVICE
110/tcp closed pop3
143/tcp open imap
222/tcp open rsh-spx
465/tcp open smtps
993/tcp open imaps
995/tcp closed pop3s
1723/tcp open pptp
3389/tcp open ms-term-serv
5060/tcp closed sip
Nmap done: 1 IP address (1 host up) scanned in 21.90 seconds
config show smtpd
smtpd=service
Authentication=enabled
Instances=40
InstancesPerIP=5
MaximumDateOffset=0
PatternsScan=enabled
Proxy=disabled
TCPPort=25
TCPProxyPort=25
VirusScan=disabled
access=public
status=enabled
tnef2mime=enabled
config show qpsmtpd
qpsmtpd=service
Bcc=disabled
BccMode=cc
BccUser=maillog
DNSBL=enabled
LogLevel=6
MaxScannerSize=25000000
RBLList=whois.rfc-ignorant.org:dnsbl.njabl.org:zen.spamhaus.org
RHSBL=enabled
RelayRequiresAuth=enabled
SBLList=dsn.rfc-ignorant.org
TlsBeforeAuth=1
access=public
qplogsumm=disabled
status=enabled
-
It should "just work", and if it doesn't, OP should create a bug report. Since it's still not working correctly, OP should still create a bug report. Diagnosing the original problem will likely be more difficult now, since the configuration has been changed. My advice is to always try to completely diagnose a problem before attempting to fix it.