Little problem with firewall and email...
Little problem with firewall and email...
Hi guys,
I've just configured my new server, and everything seems to work fine...
When I installed it (RH9), I enabled the firewall with high security level, but now it seems that doesn't accept incoming emails, and in my mailbox I receive only emails generated on the server itself...
I think it's a firewall configuration problem, I tried to configure or disable it with lokkit, but this doesn't produce any action... even by disabling it and rebooting the machine I get no emails...
Maybe this could help solving the problem:
service iptables status
Tabella: filter
Chain INPUT (policy ACCEPT)
target prot opt source destination
RH-Lokkit-0-50-INPUT all -- anywhere anywhere
Chain FORWARD (policy ACCEPT)
target prot opt source destination
RH-Lokkit-0-50-INPUT all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain RH-Lokkit-0-50-INPUT (2 references)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp dpt:pop3 flags:SYN,RST,ACK/SYN
ACCEPT tcp -- anywhere anywhere tcp dpt:smtp flags:SYN,RST,ACK/SYN
ACCEPT tcp -- anywhere anywhere tcp dpt:mysql flags:SYN,RST,ACK/SYN
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh flags:SYN,RST,ACK/SYN
ACCEPT tcp -- anywhere anywhere tcp dpt:telnet flags:SYN,RST,ACK/SYN
ACCEPT tcp -- anywhere anywhere tcp dpt:http flags:SYN,RST,ACK/SYN
ACCEPT tcp -- anywhere anywhere tcp dpt:ftp flags:SYN,RST,ACK/SYN
ACCEPT udp -- anywhere anywhere udp spts:bootps:bootpc dpts:bootps:bootpc
ACCEPT udp -- anywhere anywhere udp spts:bootps:bootpc dpts:bootps:bootpc
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
REJECT tcp -- anywhere anywhere tcp flags:SYN,RST,ACK/SYN reject-with icmp-port-unreachable
REJECT udp -- anywhere anywhere udp reject-with icmp-port-unreachable
HELP!
I've just configured my new server, and everything seems to work fine...
When I installed it (RH9), I enabled the firewall with high security level, but now it seems that doesn't accept incoming emails, and in my mailbox I receive only emails generated on the server itself...
I think it's a firewall configuration problem, I tried to configure or disable it with lokkit, but this doesn't produce any action... even by disabling it and rebooting the machine I get no emails...
Maybe this could help solving the problem:
service iptables status
Tabella: filter
Chain INPUT (policy ACCEPT)
target prot opt source destination
RH-Lokkit-0-50-INPUT all -- anywhere anywhere
Chain FORWARD (policy ACCEPT)
target prot opt source destination
RH-Lokkit-0-50-INPUT all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain RH-Lokkit-0-50-INPUT (2 references)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp dpt:pop3 flags:SYN,RST,ACK/SYN
ACCEPT tcp -- anywhere anywhere tcp dpt:smtp flags:SYN,RST,ACK/SYN
ACCEPT tcp -- anywhere anywhere tcp dpt:mysql flags:SYN,RST,ACK/SYN
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh flags:SYN,RST,ACK/SYN
ACCEPT tcp -- anywhere anywhere tcp dpt:telnet flags:SYN,RST,ACK/SYN
ACCEPT tcp -- anywhere anywhere tcp dpt:http flags:SYN,RST,ACK/SYN
ACCEPT tcp -- anywhere anywhere tcp dpt:ftp flags:SYN,RST,ACK/SYN
ACCEPT udp -- anywhere anywhere udp spts:bootps:bootpc dpts:bootps:bootpc
ACCEPT udp -- anywhere anywhere udp spts:bootps:bootpc dpts:bootps:bootpc
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
REJECT tcp -- anywhere anywhere tcp flags:SYN,RST,ACK/SYN reject-with icmp-port-unreachable
REJECT udp -- anywhere anywhere udp reject-with icmp-port-unreachable
HELP!
I have just checked on the RH manual, and at the end it says
Do I have to use it? I haven't it installed, and it has some dependancies, there's a yum repository with it?To change your security level configuration after you have completed the installation, use the Security Level Configuration Tool.
Type the redhat-config-securitylevel command in a shell prompt to launch the Security Level Configuration Tool. If you are not root, it will prompt you for the root password to continue.
Code: Select all
service iptables status
Tabella: filter
Chain INPUT (policy ACCEPT)
target prot opt source destination
RH-Lokkit-0-50-INPUT all -- anywhere anywhere
Chain FORWARD (policy ACCEPT)
target prot opt source destination
RH-Lokkit-0-50-INPUT all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain RH-Lokkit-0-50-INPUT (2 references)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp dpt:mysql flags:SYN,RST,ACK/SYN
ACCEPT tcp -- anywhere anywhere tcp dpt:8443 flags:SYN,RST,ACK/SYN
ACCEPT tcp -- anywhere anywhere tcp dpt:pop3 flags:SYN,RST,ACK/SYN
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh flags:SYN,RST,ACK/SYN
ACCEPT tcp -- anywhere anywhere tcp dpt:smtp flags:SYN,RST,ACK/SYN
ACCEPT tcp -- anywhere anywhere tcp dpt:http flags:SYN,RST,ACK/SYN
ACCEPT tcp -- anywhere anywhere tcp dpt:ftp flags:SYN,RST,ACK/SYN
ACCEPT all -- anywhere anywhere
REJECT tcp -- anywhere anywhere tcp dpts:0:1023 flags:SYN,RST,ACK/SYN reject-with icmp-port-unreachable
REJECT tcp -- anywhere anywhere tcp dpt:nfs flags:SYN,RST,ACK/SYN reject-with icmp-port-unreachable
REJECT udp -- anywhere anywhere udp dpts:0:1023 reject-with icmp-port-unreachable
REJECT udp -- anywhere anywhere udp dpt:nfs reject-with icmp-port-unreachable
REJECT tcp -- anywhere anywhere tcp dpts:x11:6009 flags:SYN,RST,ACK/SYN reject-with icmp-port-unreachable
REJECT tcp -- anywhere anywhere tcp dpt:xfs flags:SYN,RST,ACK/SYN reject-with icmp-port-unreachable
And why only some Horde PHP files are not interpreted???
If it's not the firewall, what could it be???
Help....
I checked /var/log/maillog and it's empty, even other old logs are empty, only one of the 27 july (day when I set up the server) there are the following entries:
Code: Select all
Jul 27 09:50:00 localhost sendmail[2314]: alias database /etc/aliases rebuilt by root
Jul 27 09:50:00 localhost sendmail[2314]: /etc/aliases: 63 aliases, longest 10 bytes, 625 bytes total
Jul 27 09:50:00 localhost sendmail[2327]: starting daemon (8.12.8): SMTP+queueing@01:00:00
Jul 27 09:50:00 localhost sm-msp-queue[2336]: starting daemon (8.12.8): queueing@01:00:00
Jul 27 10:11:44 localhost sendmail[2234]: alias database /etc/aliases rebuilt by root
Jul 27 10:11:44 localhost sendmail[2234]: /etc/aliases: 63 aliases, longest 10 bytes, 625 bytes total
Jul 27 10:11:44 localhost sendmail[2247]: starting daemon (8.12.8): SMTP+queueing@01:00:00
Jul 27 10:11:44 localhost sm-msp-queue[2256]: starting daemon (8.12.8): queueing@01:00:00
Jul 27 11:39:45 localhost sendmail[2354]: alias database /etc/aliases rebuilt by root
Jul 27 11:39:45 localhost sendmail[2354]: /etc/aliases: 63 aliases, longest 10 bytes, 625 bytes total
Jul 27 11:39:45 localhost sendmail[2367]: starting daemon (8.12.8): SMTP+queueing@01:00:00
Jul 27 11:39:45 localhost sm-msp-queue[2376]: starting daemon (8.12.8): queueing@01:00:00
Jul 27 11:53:22 localhost sendmail[2473]: alias database /etc/aliases rebuilt by root
Jul 27 11:53:22 localhost sendmail[2473]: /etc/aliases: 63 aliases, longest 10 bytes, 625 bytes total
Jul 27 11:53:22 localhost sendmail[2486]: starting daemon (8.12.8): SMTP+queueing@01:00:00
Jul 27 11:53:22 localhost sm-msp-queue[2495]: starting daemon (8.12.8): queueing@01:00:00
Other info that could help
This is the etc/xinetd.d/smtp_psa
Code: Select all
service smtp
{
socket_type = stream
protocol = tcp
wait = no
disable = no
user = root
instances = UNLIMITED
server = /var/qmail/bin/tcp-env
server_args = /usr/sbin/rblsmtpd -r sbl-xbl.spamhaus.org /var/qmail/bin/relaylock /var/qmail/bin/qmail-smtpd /var/qmail/bin/smtp_auth /var/qmail/bin/true /var/qmail/bin/cmd5checkpw /var/qmail/bin/true
}
You won't believe it, it was a problem with the SPAM protection...
The problem has come to life because on the "old" server I had SPAM protection installed; when I installed PSA on the new server I didn't setup the related module, and when I restored the backup there's been the problem...
In fact in the PSA control panel the option was "gray"...
I removed the line /usr/sbin/rblsmtpd -r sbl-xbl.spamhaus.org from the smtp_psa and smtps_psa and now it works fine...
I think I could solve even by installing the anti-spam module, but on the old server it wasn't very useful... maybe the spam-list server was wrong...
Now I just have to solve the problem with webmail...
The problem has come to life because on the "old" server I had SPAM protection installed; when I installed PSA on the new server I didn't setup the related module, and when I restored the backup there's been the problem...
In fact in the PSA control panel the option was "gray"...
I removed the line /usr/sbin/rblsmtpd -r sbl-xbl.spamhaus.org from the smtp_psa and smtps_psa and now it works fine...
I think I could solve even by installing the anti-spam module, but on the old server it wasn't very useful... maybe the spam-list server was wrong...
Now I just have to solve the problem with webmail...