tcpserver and NAT
Hello I have set up my qmail ( using tcpserver ) server behind my router (NAT), and got it working locally with sending and recieving mail. But global it can send mail out but not recieve mail. I have tried various things like telnet to port 25 and locally it works. But trying from outside there is no response at all. So I think it is a problem with my domain ? or tcpserver. Can anybody help me out? Lars Brandi Jensen
Re: tcpserver and NAT
have you specifically routed port 25 on the router through to your mailserver's ip address? Regards Reier - Original Message - From: Lars Brandi Jensen <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: 21. juli 2000 1104 Subject: tcpserver and NAT Hello I have set up my qmail ( using tcpserver ) server behind my router (NAT), and got it working locally with sending and recieving mail. But global it can send mail out but not recieve mail. I have tried various things like telnet to port 25 and locally it works. But trying from outside there is no response at all. So I think it is a problem with my domain ? or tcpserver. Can anybody help me out? Lars Brandi Jensen
Re: tcpserver and NAT
Reier Pytte wrote: > have you specifically routed port 25 on the router through to your > mailserver's ip address? > Yes, and also for port 110
Re: tcpserver and NAT
> Reier Pytte wrote: > > > have you specifically routed port 25 on the router through to your > > mailserver's ip address? > > > > Yes, and also for port 110 I will explain what I have done until now : I have my one and only domaine my.dk. My local net is in the IP-range 10.1.x.x.. I have compiled the hole thing according to "Life with qmail" on a RedHat 6.2. I used ./config-fast my.dk, and enabled realying in tcp.smtp for 10.1. ( and it is rebuild and so on ). I have set op the pop server and added the following : tcpserver -v -R 0 pop3 /var/qmail/bin/qmail-popup my.dk \ /bin/checkpassword /var/qmail/bin/qmail-pop3d Maildir 2>&1 | \ /var/qmail/bin/splogger pop3d & And cheked /etc/services that the name really is pop3. I have tried to telnet to port 25 ( telnet 10.1.x.x 25 ) locally and it works fine. I have send and recived mails locally and it works out fine. I have send mails outside my net and it works fine. But to recieve mails from outside isn't working. I have tried to telnet to port 25 from outside and there was no response ( telnet www.my.dk 25 ). Any hint's Lars Brandi Jensen
Re: tcpserver and NAT
>there is no MX in my.dk and www.my.dk does not resolve. I think you will find he was just giving a false domain name as is customary among system admins... Brett
Re: tcpserver and NAT
At 13:33 21.07.00 +0200, Lars Brandi Jensen wrote: >I have tried to telnet to port 25 ( telnet 10.1.x.x 25 ) locally and it >works fine. I have send and recived mails locally and it works out fine. >I have send mails outside my net and it works fine. But to recieve mails >from outside isn't working. I have tried to telnet to port 25 from >outside and there was no response ( telnet www.my.dk 25 ). there is no MX in my.dk and www.my.dk does not resolve. Matthias Henze MH458-RIPE MHC SoftWare GmbH voice: +49-(0)9533-92006-0 Fichtera 17 fax: +49-(0)9533-92006-6 96274 Itzgrund/Germanye-Mail: [EMAIL PROTECTED] - - http://www.mhcsoftware.de ---
Re: tcpserver and NAT
On Fri, 21 Jul 2000, Brett Randall wrote: > >there is no MX in my.dk and www.my.dk does not resolve. > > I think you will find he was just giving a false domain name as is customary > among system admins... Not customary on this list. Quite often a DNS error can cause mail not to be delivered. If someone doesn't provide the real name it can't be checked. Vince. -- == Vince Vielhaber -- KA8CSHemail: [EMAIL PROTECTED]http://www.pop4.net 128K ISDN from $22.00/mo - 56K Dialup from $16.00/mo at Pop4 Networking Online Campground Directoryhttp://www.camping-usa.com Online Giftshop Superstorehttp://www.cloudninegifts.com ==
Re: tcpserver and NAT
Lars Brandi Jensen <[EMAIL PROTECTED]> wrote: >I have tried to telnet to port 25 ( telnet 10.1.x.x 25 ) locally and it >works fine. I have send and recived mails locally and it works out fine. >I have send mails outside my net and it works fine. But to recieve mails >from outside isn't working. I have tried to telnet to port 25 from >outside and there was no response ( telnet www.my.dk 25 ). Sounds like your router isn't sending incoming port 25 connections to your qmail system. This is a NAT/router problem. -Dave
Re: tcpserver and NAT
On Fri, Jul 21, 2000 at 01:33:34PM +0200, Lars Brandi Jensen wrote: > I have tried to telnet to port 25 ( telnet 10.1.x.x 25 ) locally and it > works fine. I have send and recived mails locally and it works out fine. > I have send mails outside my net and it works fine. But to recieve mails > from outside isn't working. I have tried to telnet to port 25 from > outside and there was no response ( telnet www.my.dk 25 ). > > Any hint's www.my.dk doesn't resolve. If that's not your actual domain, how can we diagnose dns problems? However, you seem to have narrowed this problem down to a router configuration issue. Find an example of a port which is being successfully forwarded to an IP on your lan. Examine the difference between that configuration and your port 25 configuration. John
Re: tcpserver and NAT
>>I have tried to telnet to port 25 ( telnet 10.1.x.x 25 ) locally and it >>works fine. I have send and recived mails locally and it works out fine. >>I have send mails outside my net and it works fine. But to recieve mails >>from outside isn't working. I have tried to telnet to port 25 from >>outside and there was no response ( telnet www.my.dk 25 ). > >Sounds like your router isn't sending incoming port 25 connections to >your qmail system. This is a NAT/router problem. By the way unless you have a really nice router, port forwarding can be a bugger to do...The ipportfw & ipmasqadm code available for Linux stinks as far as setting it up goes in a LAN, but maybe try (on an internet-viewable machine if you have one), using nportredird or redir (both work nicely, but nportredird has more functionality). Should work with BSD and other variants... www.freshmeat.net has downloads. Might help, might not... Brett.
Re: tcpserver and NAT
John White wrote: > > On Fri, Jul 21, 2000 at 01:33:34PM +0200, Lars Brandi Jensen wrote: > > I have tried to telnet to port 25 ( telnet 10.1.x.x 25 ) locally and it > > works fine. I have send and recived mails locally and it works out fine. > > I have send mails outside my net and it works fine. But to recieve mails > > from outside isn't working. I have tried to telnet to port 25 from > > outside and there was no response ( telnet www.my.dk 25 ). > > > > Any hint's > > www.my.dk doesn't resolve. > > If that's not your actual domain, how can we diagnose dns problems? > > However, you seem to have narrowed this problem down to a router > configuration issue. > > Find an example of a port which is being successfully forwarded to > an IP on your lan. Examine the difference between that configuration > and your port 25 configuration. > > John Hi, The problem seems to be on the network side. From outside, you cannot route the class A network 10.X.X.X. If you have a firewall, you can try this : 1) In your DNS, set entries to your smtp and pop port, ex : mysmtp IN MX myserver myserver IN A mypopIN A 2) in the firewall, NAT to the class A address(10.x.x.x) and grant access on ports 25 and 100. Now, your server smtp and pop should be visible from Internet at . (check carefully to not be an open relay). To send mail outside, you should pass through the same . Think paranoid mode in tcpserver... Hope this help! Excuse my english :o) -- André Michaud Analyste de l'informatique Direction générale des télécomunications Conseil du trésor
Re: tcpserver and NAT
Brett Randall <[EMAIL PROTECTED]> writes on 21 July 2000 at 23:34:02 +1000 > >there is no MX in my.dk and www.my.dk does not resolve. > > I think you will find he was just giving a false domain name as is customary > among system admins... WHY is it customary? I just don't understand the level of paranoia that seems to imply. And I've seen, repeatedly, how it prevents people from helping. -- Photos: http://dd-b.lighthunters.net/ Minicon: http://www.mnstf.org/minicon Bookworms: http://ouroboros.demesne.com/ SF: http://www.dd-b.net/dd-b David Dyer-Bennet / Welcome to the future! / [EMAIL PROTECTED]
