Jump to content


Photo
- - - - -

mail server on a dynamic IP


  • Please log in to reply
9 replies to this topic

#1 twirlz

twirlz

    Default Custom Title

  • Agents of the Revolution
  • 1,200 posts
  • Gender:Male

Posted 27 February 2009 - 04:44 PM

Hey guys, I installed hMailserver on my box at home. I believe i have it setup correctly, but i'm having a problem sending mail outside of my network. I have ports 25 and 110 open on my router. I am able to telnet into the mail.hmailserver.com 25 which shows my outbound traffic isn't blocked on port 25, and i'm also able to telnet into my mailserver on port 110 which shows that inbound traffic on 110 isn't blocked. I have my dns MX record pointing to my mailserver. Since I'm on a dynamic IP through Time Warner Cable my IP has been pretty much blacklisted so I'm trying to relay my smtp through their smtp server @ smtp-server.roadrunner.com. I think this is where my problem is, but not positive. I would post at the hMailserver board, but from reading it they don't sound all that friendly and wanting to help.

i'll even show you guys the mail server log in hopes it will prove fruitful. Don't pwn me :)

Edited by twirlz, 28 February 2009 - 08:50 AM.


#2 jabzor

jabzor

    hax?

  • Agents of the Revolution
  • 1,146 posts
  • Country:
  • Gender:Male
  • Location:Northern Elbonia, fighting the lefties

Posted 27 February 2009 - 10:07 PM

If you nmap-online or grc-security port-scan (something truly external to you) are the ports still shown as open?

#3 mirrorshades

mirrorshades

    aviatorglasses

  • Agents of the Revolution
  • 951 posts
  • Gender:Male

Posted 27 February 2009 - 11:03 PM

You need 25 inbound on your WAN/Internet side in order for mail to come in. 110 is just for a POP3 client (like Thunderbird/Outlook Express), you only need that open inbound if you intend to use a POP3 client from outside your network.

If you can scan your network from outside, make sure port 25 is open and you can get to your SMTP banner. GRC can do this for you pretty quickly.

If it *is* listening properly, you may need to review your MX record for your domain. How's that look?

#4 twirlz

twirlz

    Default Custom Title

  • Agents of the Revolution
  • 1,200 posts
  • Gender:Male

Posted 28 February 2009 - 08:47 AM

sorry guys. I totally brain farted on my first post in this thread. Sorry. My problem is me sending outbound mail. I can receive it from outside just fine.

GRC says 25 and 110 is open. I did test this yesterday from work and i was able to telnet and get OK's when i connected.

here's how my mx record looks

FQDN of mail server is mail.twirlz.local

Mail server priority is at 10.

The other stuff is stuff that i couldn't change. i also have an Address record for mail, smtp and pop3 all going to 192.168.2.5.

Edited by twirlz, 28 February 2009 - 08:49 AM.


#5 mirrorshades

mirrorshades

    aviatorglasses

  • Agents of the Revolution
  • 951 posts
  • Gender:Male

Posted 28 February 2009 - 02:04 PM

You can't use the ".local" domain or the 192.168.x.x IP addresses from the Internet... they are private, by definition. (In other words, they would work on your own internal network, but nobody from outside would be able to use them.)

Which domain is your MX record for?

#6 Seal

Seal

    Not a fan of clubs.

  • Agents of the Revolution
  • 2,440 posts
  • Country:
  • Gender:Male
  • Location:Canada

Posted 28 February 2009 - 02:58 PM

Silly question, but do you know if TCP port 25 outbound is blocked by your ISP?

What happens if you manually telnet out from your box to an SMTP server (not your ISP's) and try to deliver mail?

Edited by Seal, 28 February 2009 - 02:59 PM.


#7 twirlz

twirlz

    Default Custom Title

  • Agents of the Revolution
  • 1,200 posts
  • Gender:Male

Posted 28 February 2009 - 09:18 PM

shades: so should i change my MX record to my no-ip domain? The record is for my local domain not the no-ip domain.

Seal: I have used telnet to connect to an outside mail server. It's part of the installation guide i used to setup. I just tried to send mail from smtp.gmail.com and i get an error
530 5.7.0 Must issue a STARTTLS command first. 9sm8875329wfc.39
. I don't know any other smtp servers i could use to test this out.

#8 Seal

Seal

    Not a fan of clubs.

  • Agents of the Revolution
  • 2,440 posts
  • Country:
  • Gender:Male
  • Location:Canada

Posted 28 February 2009 - 10:04 PM

shades: so should i change my MX record to my no-ip domain? The record is for my local domain not the no-ip domain.

Seal: I have used telnet to connect to an outside mail server. It's part of the installation guide i used to setup. I just tried to send mail from smtp.gmail.com and i get an error

530 5.7.0 Must issue a STARTTLS command first. 9sm8875329wfc.39
. I don't know any other smtp servers i could use to test this out.

I'm an idiot: I didn't read your first post which indicated that your outbound port 25 wasn't blocked :P

A 530 error is normal. GMail does not support the HELO/EHLO way of transferring mail, so its to be expected, and not an indication of problems on your end. It was just to see if your ISP didn't block outbound connections on that port, because when I read your post initially, I saw how inbound worked fine (but overlooked the part on outbound.) Since many ISPs block TCP 25 outbound, it was worth confirming.

Wait - are you trying to relay smtp through Roadrunner? Try this: try sending mail to an address at a domain managed by that SMTP server (...@roadrunner.com), and then try sending a mail through that same relay to an address at a domain not managed by it (...@hotmail.com). Does the former get through and not the latter? So if I'm not clear: send two emails, one to an @roadrunner address, one to a non-roadrunner address, like ...@hotmail.com. See if it relays the former through but not the latter.

Edited by Seal, 28 February 2009 - 10:16 PM.


#9 twirlz

twirlz

    Default Custom Title

  • Agents of the Revolution
  • 1,200 posts
  • Gender:Male

Posted 01 March 2009 - 08:10 AM

I sent an email to my roadrunner and my yahoo email and both sat in my delivery queue. I'm going to try to change my MX records from my .local domain to my hopto.org domain.

edit: well i changed my dns records, change a bunch of settings to match my dns. I'm still getting the same error on my logs.
"APPLICATION"	6120	"2009-03-01 08:28:54.125"	"SMTPDeliverer - Message 76: Relaying to host smtp-server.roadrunner.com."
"DEBUG"	6120	"2009-03-01 08:28:54.125"	"SD::_InitiateExternalConnection"
"DEBUG"	6120	"2009-03-01 08:28:54.125"	"Created TCPConnection"
"DEBUG"	6120	"2009-03-01 08:28:54.125"	"Creating session 241"
"TCPIP"	1040	"2009-03-01 08:28:54.265"	"TCPConnection - SSL handshake with client failed. Error code: 1, Message: asio.ssl error, Remote IP: 75.180.132.33"

I did make an SSL key and cert, but that didn't fix the SSL handshake problem. from what i've found on google this asio.ssl is some boost thing.

Edited by twirlz, 01 March 2009 - 08:40 AM.


#10 mirrorshades

mirrorshades

    aviatorglasses

  • Agents of the Revolution
  • 951 posts
  • Gender:Male

Posted 01 March 2009 - 04:32 PM

You've got two potentially separate issues going on here... sending and receiving are, as far as configuration is concerned, entirely separate. Focus on one or the other to begin with, instead of trying to get them both knocked down at once; otherwise you'll only confuse yourself.

Are you sure that the hopto.org domain will allow you to host an MX record for your subdomain? Many free dynamic DNS providers do not do so, or will force you to set up some sort of oddball relay through their own SMTP servers.

Sending will be another issue altogether; sounds like there is something not jiving between your SMTP server and the one you are trying to relay to. This, however, will likely have little if anything to do with your MX record or inbound email.




BinRev is hosted by the great people at Lunarpages!