Linode Forum
Linode Community Forums
 FAQFAQ    SearchSearch    MembersMembers      Register Register 
 LoginLogin [ Anonymous ] 
Post new topic  Reply to topic
Author Message
 Post subject: iptables and email
PostPosted: Sat Nov 10, 2012 10:34 pm 
Offline
Junior Member

Joined: Sat Nov 10, 2012 10:24 pm
Posts: 22
I have run thru the http://library.linode.com/email/postfix ... 0.04-lucid email set up, and everything looks good.
But I can not login to send or receive.

I run the telnet localhost pop3 command and it appears exactly as in the guide.
Same with telnet localhost 25 / ehlo localhost.

But thru Outlook failed to connect to server. Created user / password account. Checked database they are there.

I also copied iptables example:
*filter

# Allow loopback (lo0) traffic and drop all traffic to 127/8 that doesn't use the lo0 interface
-A INPUT -i lo -j ACCEPT
-A INPUT -i ! lo -d 127.0.0.0/8 -j REJECT

# Accept established inbound connections
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

# Allow all outbound traffic
-A OUTPUT -j ACCEPT

# Allow HTTP and HTTPS connections
-A INPUT -p tcp --dport 80 -j ACCEPT
-A INPUT -p tcp --dport 443 -j ACCEPT

# Allow SSH/SFTP
# Change the value 22 if you are using a non-standard port
-A INPUT -p tcp -m state --state NEW --dport 22 -j ACCEPT

# Allow FTP
# Purely optional, but required for WordPress to install its own plugins or update itself.
-A INPUT -p tcp -m state --state NEW --dport 21 -j ACCEPT

# Allow PING
# Again, optional. Some disallow this altogether.
-A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT

# Reject ALL other inbound
-A INPUT -j REJECT
-A FORWARD -j REJECT

COMMIT

Does that have anything to do with my I can not get my email working?

Thanks,
Dave


Top
   
 Post subject: Re: iptables and email
PostPosted: Sat Nov 10, 2012 10:43 pm 
Offline
Senior Member
User avatar

Joined: Sun Dec 27, 2009 11:12 pm
Posts: 1038
Location: Colorado, USA
Your IPTABLES need to allow TCP 25 and TCP 110 from the outside for email to work.

Setup a line like the SSH line (and in the spot just under the SSH line) and you should be ok.

_________________
Either provide enough details for people to help, or sit back and listen to the crickets chirp.
Security thru obscurity is a myth - and really really annoying.


Top
   
 Post subject: Re: iptables and email
PostPosted: Sat Nov 10, 2012 11:05 pm 
Offline
Junior Member

Joined: Sat Nov 10, 2012 10:24 pm
Posts: 22
Well added this:
-A INPUT -p tcp -m state --state NEW --dport 25 -j ACCEPT
-A INPUT -p tcp -m state --state NEW --dport 110 -j ACCEPT

as suggested. Now a little closer, getting login error / rejected by server.
I coped the password I used and see the excrypted version in the database but even trying both did nothing same rejection....lol story of my life :)


Top
   
 Post subject: Re: iptables and email
PostPosted: Sat Nov 10, 2012 11:12 pm 
Offline
Junior Member

Joined: Sat Nov 10, 2012 10:24 pm
Posts: 22
OK it worked in thunderbird. So it works :) Outlook well no outlook there. Thanks for the info.

Are there increased risks by having these ports open?

Dave


Top
   
 Post subject: Re: iptables and email
PostPosted: Sat Nov 10, 2012 11:32 pm 
Offline
Senior Member
User avatar

Joined: Sun Jan 18, 2009 2:41 pm
Posts: 830
Any service you expose to the Internet represents an increased risk. You can help protect yourself by keeping your software up to date, requiring all clients to authenticate, and using encrypted sessions.

Note that you may also need port 587 open for sending e-mail. I don't know if that will help your Outlook problems, but it's commonly used by e-mail clients.


Top
   
Display posts from previous:  Sort by  
Post new topic  Reply to topic


Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum

Search for:
Jump to:  
RSS

Powered by phpBB® Forum Software © phpBB Group