That would be a good way to test. Unfortunately I don't have telnet setup on any machines that are external to the firewall and have qmail running. When I went to port 25 using telnet, it did appear to authenticate me through one of the usernames, but I may be mistaken since I'm not very knowledgeable about telnet.
Omar, thanks for the offlist help with the port forwarding by the way. This has to be one of the useful and helpful groups of people out there. -michael ----- Original Message ----- From: "Omar Castaneda Acosta" <[EMAIL PROTECTED]> To: "Michael Hudin" <[EMAIL PROTECTED]> Sent: Wednesday, June 05, 2002 11:03 AM Subject: RE: Outgoing SMTP Mystery Well, if you can connect to port 25 from the someplace on the external side of your firewall, then the port forwarding is working ok. try manually (using telnet) sending an email thru a connection being portfw'ed to your qmail server. -----Original Message----- From: Michael Hudin [mailto:[EMAIL PROTECTED]] Sent: Wednesday, June 05, 2002 11:59 AM To: [EMAIL PROTECTED] Subject: Re: Outgoing SMTP Mystery Yeah, I was assuming that there were no default drop rules. I'll make sure to implement those. I did realize that my /etc/hosts file was still set to the old subnet. I corrected that, but it still is having the same problem. The gateway on the mail machine is set correctly and remember that I can POP in and out and SMTP out. I just can't get SMTP in for some mind boggling reason. -michael ----- Original Message ----- From: "Antony Stone" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday, June 04, 2002 4:46 PM Subject: Re: Outgoing SMTP Mystery > On Tuesday 04 June 2002 11:18 pm, Michael Hudin wrote: > > > I've always assumed that the numbers in the brackets were port allowances > > No, they're not (although I can't say what they are - I don't use > iptables-save). If you look at the numbers, many of them are larger than > 65535, so they're certainly not port numbers :-) > > > Here are my tables: > > > > *nat > > > > :PREROUTING ACCEPT [241:88600] > > :POSTROUTING ACCEPT [0:9862] > > :OUTPUT ACCEPT [68:4275] > > > > *mangle > > > > :PREROUTING ACCEPT [18365:3221456] > > :INPUT ACCEPT [10886:760348] > > :FORWARD ACCEPT [7269:2438049] > > :OUTPUT ACCEPT [8009:752540] > > :POSTROUTING ACCEPT [15177:3182145] > > > > *filter > > > > :INPUT ACCEPT [0:229546] > > :FORWARD ACCEPT [363:1553786] > > :OUTPUT ACCEPT [2:619341] > > I find this interesting - you have a default ACCEPT policy on all your chains > - specifically on FORWARD, and I cannot see any rules you have included which > DROP or REJECT packets..... so is there really any filtering going on in your > firewall, or is it in fact just an open router doing some network address > translation !? > > I know this doesn't exactly solve your problem, but I wonder if it means the > problem isn't on your firewall ? > > Perhaps you could check the routing table on your SMTP server - what does it > have for a default gateway address ? > > > Antony. > > >
