On 11/28/2010 02:50 PM, Marnix Petrarca (DaemonLabs.com) wrote:
Hello everyone,
Hi!
DO NOT post NEW questions to OLD threads.
i'm running postfix from the Fedora Core 12 x64 distribution. The
postfix box is on a 10.x.x.x segment of my firewall, and i'm
connecting from a 192.x.x.x segment of the same firewall. I never had
any of this problem, but perhaps something changed or i forgot. There
is a NAT relationship from 192.168.x.x to 10.x.x.x, and a NAT
relationship from the 10.x.x.x to the external (routable) IP's.
If i set the mynetworks to class, i am able to relay through this
linux box from my exchange 2007 also on the 10.x.x.x segment to the
outside world without any problems.
You're making things unnecessarily complicated.
If you want postfix to accept mail from both the 10.x.x.x network and
the 192.168.x.x network, then include both in mynetworks.
Anything else is unrelated to postfix.
I usually use GRC's idserve.exe to grab the postfix banner, i.e. 220
mx1.daemonlabs.com ESMTP Postfix (2.6.5) at that point to confirm
functionality,
I'd suggest telnet <your.server.ip> 25 instead.
Much simpler, and guaranteed to work on any OS.
but strangely i cannot grab it from my 192.168.x.x segment, even
though i come into the 10.x.x.x segment through the default gateway on
that zone, which should fall under 'class' in mynetworks. If i start
up idserve.exe on the 10.x.x.x zone, i can grab the postfix banner
without problems.
Yeah.. this is where the "unnecessarily complicated" part kicks in.
When sending works as described, i usually at this point configure the
25 portforward on the firewall to point at the linux postfix box,
Mail reception has little to do with mail sending, but yes, you need to
forward port 25 on your external interface to the postfix machine.
i then try to grab the postfix banner on the external IP on the
firewall where the postfix is published as smtp port 25, which also
enters the 10.x.x.x segment from the 10.x.x.x gateway and start
configuring the incoming routes with for instance the transport map.
Not a clue what you're going on about. "grabbing" ? "publishing" ? these
are not networking terms - or postfix ones.
"transport map" IS a postfix term, but it has nothing to do with
"incoming routes".
The problem is that whatever i try over the last days, i cannot grab
the banner on the external interface port 25 or from 192.168.x.x nor
send from 192.168.x.x with for instance a mail client, which in the
past, always worked.
Your ISP may block port 25. Verify this.
Maybe i overlooked some other variable to set yet it seems strange to
me as i would expect the postfix box to accept and forward connections
from anywhere in the 10.x.x.x range - but it doesn't?
Perhaps it would help if you started with some actual network
troubleshooting.
Step one: run
netstat -plnt |grep :25
on the postfix box.
If this does not include the postfix "master" daemon process, and an IP
*other *than 127.0.0.1, then postfix is not configured to listen on
external interfaces.
Step two would be to read http://www.postfix.org/DEBUG_README.html and
follow the steps outlined.
--
J.
