Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I'm running Coyote as a "router" on my home LAN with ADSL connection (DHCP assigned IP). I've got a dynamic DNS with JustLinux. Behind the firewall, I've got a server set up with Xitami webserver (reachable) and Xitami FTP (also reachable). Running Q-mail for e-mail and internal network mail works fine. However, no Internet e-mail can get through to the e-mail server. It times out. I suspect the "router" is the problem. IP masquerade rules are as follows on the router:
ipmasqadm autofw -A -r tcp 25 25 -h 192.168.0.103
ipmasqadm autofw -A -r tcp 80 80 -h 192.168.0.103
ipmasqadm autofw -A -r tcp 21 21 -h 192.168.0.103
Distribution: Debian, Red Hat, Slackware, Fedora, Ubuntu
Posts: 13,602
Rep:
When you say internet mail cannot get through I am assuming you mean that mail from outside your LAN cannot get in. Is this correct? If so have you set up an MX record? What is the exact error message that you get?
-No MX - I'm not running my own DNS. The "domain" is vanderheyden.penguinpowered.com (through JustLinux) and my internal server is named slayer.vanderheyden.penguinpowered.com with vanderheyden.penguinpowered.com set up in locals and rcpthosts in /var/qmail/control (so qmail should receive mail for the domain). An http request to http://vanderheyden.penguinpowered.com takes you to the index.html page on this server, but mail addressed to, say, alan@vanderheyden.penguinpowered.com will not.
-I get a transient fatal error - server has not responded in 4 hours message from the smtp on the return path.
-Mail to alan@slayer.vanderheyden.penguinpowered.com goes through locally just fine with the IP attached to slayer in my hosts file.
-If my wife tries alan@slayer.vanderheyden.penguinpowered.com on her Win98 machine she gets an error for no record of the domain because she doesn't do local mail and there is no slayer recorded at JustLinux.
-Does this help any?
Date: Sun, 6 Aug 2000 16:38:47 GMT
To: <linuxguruwannabe@crosswinds.net>
From: Mail Delivery Subsystem <MAILER-DAEMON@mail1.crosswinds.net>
Subject: Warning: could not send message for past 4 hours
**********************************************
** THIS IS A WARNING MESSAGE ONLY **
** YOU DO NOT NEED TO RESEND YOUR MESSAGE **
**********************************************
The original message was received at Sun, 6 Aug 2000 12:29:21 GMT
from localhost [127.0.0.1]
----- The following addresses had transient non-fatal errors -----
<alan@vanderheyden.penguinpowered.com>
----- Transcript of session follows -----
<alan@vanderheyden.penguinpowered.com>... Deferred: Connection timed out with vanderheyden.penguinpowered.com.
Warning: message still undelivered after 4 hours
Will keep trying until message is 5 days old
Distribution: Debian, Red Hat, Slackware, Fedora, Ubuntu
Posts: 13,602
Rep:
There is a reachable SMTP server at vanderheyden.penguinpowered.com. However without an MX record mail from outside will not know to use that server.
Also, I telneted into the mail server and tried to send a message from "alan@vanderheyden.penguinpowered.com" to "alan@vanderheyden.penguinpowered.com" and got a 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1) error. Unless your are doing anti-relay by ip this is a problem.
#1 How were you able to telnet past my firewall and into the mail server? I'd say that is a security risk, right?
#2 The error message probably means I do not have Q-mail set up correctly (why are instructions for Linux software so damn confusing?) Beautiful code, just crappy instructions :-)
Anyway, how exactly did you telnet in (how did you log on?) and how exactly did you try to send e-mail (I'd like to duplicate your efforts) and how do I solve the MX problem? There has got to be a way around that, right? And how do I shore up my security (to keep you out? :-))
Never mind the first question :-) You telneted in on port 25 of course, which is also how you knew there was a reachable SMTP service! I got the same error code when I figured out how you tried to send the email;
rcpt <alan@vanderheyden.penguinpowered.com>
okey dokey
Still, how do I fix the MX problem? I am looking into the tcwrappers right now to make sure that is all set up correctly (which it obviously currently is not)!
I use GTE's DNS servers for outgoing resolution, but, of course, don't want to pay them for a static IP.
I guess JustLinux does the DNS for the subdomain (one of those free dynamic DNS deals), and I don't believe they do anything special about MX records for e-mail. I don't know a whole lot about DNS, so I'm at a loss to go from here. There has got to be some way around it though, as I'm sure other people have run servers from behind a masquerading firewall on a cable/DSL setup with dynamic IP!
Distribution: Debian, Red Hat, Slackware, Fedora, Ubuntu
Posts: 13,602
Rep:
An MX record specifes a host that will either process or forward mail for a domain. For example: when you email jeremy@linuxquestions.org the MTA looks up the MX record for linuxquestions.org, then tries to deliver the mail to that server. Now, mail SHOULD be delivered to the domain name in the email address if no MX record is present. To be honest I am not sure how reliable that is as I have never had to try it.
It does not seem like qmail knows that it is supposed to accept mail for your domain. Is vanderheyden.penguinpowered.com in rcpthosts? Do you have a /etc/tcp.smtp file?
Some progress. I fixed the problem with the #5.7.1 error. That was a typo in rcpthosts (q instead of a g in penguin!), but also beefed up my tcp wrapper security as it turns out my tpcd is in /usr/sbin and not /usr/local/bin like the Q-mail FAQ suggested (I'm running Peanut on the server, based on Slackware). I can now send mail from alan@vanderheyden... to alan@vanderheyden... with no problem, so Q-mail is accepting mail for that domain. Still not accepting it from the internet, though :-(
Also, I am not using the tcp.smtp file (though it is set up correctly, I believe). I am calling qmaild from inetd so i am using the hosts.allow file. That is correct, yes?
So I've looked over the DNS How-To. I'm getting resigned to the fact that I might have to set up some kind of DNS. How would that work, exactly, since JustLinux runs the DNS for vanderheyden.penguinpowered.com? Do I set up some kind of zone file that handles everything under that? Then I could set up an MX record, right? That might also solve some of my other problems, like getting some of the windows boxen I have (wife and kids) to see my linux machines (so my wife could check her e-mail once we get this working :-))
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.