Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19

Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19

Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19

Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19

Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19
Iptables problem sending mails
Results 1 to 5 of 5

Thread: Iptables problem sending mails

Hybrid View

  1. #1

    Iptables problem sending mails

    Hi there

    I got this problem for sending mails outgoing mi LAN:

    mail log output:
    Code:
    Feb 11 17:53:50 e2kserver postfix/smtp[5034]: 506D5A803B: to=<recipient@gmail.com>, relay=none, delay=3786, status=deferred (Host or domain name not found. Name service error for name=gmail.com type=MX: Host not found, try again)
    I think my /etc/resolv.conf is ok, it looks like this:

    Code:
    search e2k.com.py
    nameserver 200.85.32.2 (ISP DNS Server)
    nameserver 200.85.32.3 (ISP DNS Server)
    nameserver 127.0.0.1
    Something I noticed is when I stop the iptables service the mails are sent, but when I start the iptables service again it doesnt work..

    this is my iptables -L output:

    Code:
    Chain INPUT (policy DROP)
    target     prot opt source               destination
    ACCEPT     all  --  anywhere             anywhere
    valid-src  all  --  anywhere             anywhere
    ACCEPT     tcp  --  anywhere             anywhere            tcp spts:1024:65535 dpt:ssh state NEW
    ACCEPT     tcp  --  anywhere             anywhere            tcp spts:1024:65535 dpt:http state NEW
    ACCEPT     tcp  --  anywhere             anywhere            state RELATED,ESTABLISHED
    ACCEPT     all  --  192.168.0.0/24       anywhere
    ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:domain
    ACCEPT     udp  --  anywhere             anywhere            udp dpt:domain
    ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:pop3
    ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ftp
    ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ftp-data
    
    Chain FORWARD (policy DROP)
    target     prot opt source               destination
    valid-src  all  --  anywhere             anywhere
    valid-dst  all  --  anywhere             anywhere
    ACCEPT     all  --  anywhere             anywhere            state NEW,RELATED,ESTABLISHED
    ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED
    
    Chain OUTPUT (policy DROP)
    target     prot opt source               destination
    ACCEPT     all  --  anywhere             anywhere
    valid-dst  all  --  anywhere             anywhere
    ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED
    ACCEPT     tcp  --  anywhere             anywhere            state NEW,RELATED,ESTABLISHED
    ACCEPT     all  --  anywhere             192.168.0.0/24
    ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:domain
    ACCEPT     udp  --  anywhere             anywhere            udp dpt:domain
    ACCEPT     tcp  --  anywhere             anywhere            tcp spt:domain
    ACCEPT     udp  --  anywhere             anywhere            udp spt:domain
    ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:pop3
    ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:smtp
    
    Chain valid-dst (2 references)
    target     prot opt source               destination
    DROP       all  --  anywhere             16.0.0.0/4
    
    Chain valid-src (2 references)
    target     prot opt source               destination
    DROP       all  --  0.0.0.0/8            anywhere
    DROP       all  --  ip-72-16-0-0.valornet.com/12  anywhere
    DROP       all  --  92.168.0.0/16        anywhere
    DROP       all  --  16.0.0.0/4           anywhere
    DROP       all  --  40.0.0.0/5           anywhere
    DROP       all  --  27.0.0.0/8           anywhere
    DROP       all  --  0.0.0.0/8            anywhere
    DROP       all  --  anywhere             255.255.255.255
    DROP       all  --  169.254.0.0/16       anywhere
    what could be wrong?

  2. #2
    Junior Member tuxette's Avatar
    Join Date
    Jan 2006
    Posts
    60
    Can you telnet on port 25 to a mail server, say mx1.mail.yahoo.com? If yes, then it's probably not an IPtables problem.

    I'd also log all the DROPs to help troubleshoot the problem better in future. You can then check the DROPs in your /var/log/messages file.

    If you can telnet to port 25, you may have your mail relay setup incorrectly.

  3. #3
    can't connect to any host on port 25 from my server

    This time I tried using sendmail instead of postfix and this is the new maillog output:

    Code:
    Feb 12 23:38:31 e2kserver sendmail[6976]: k1D2Zqu2006976: to=recipient@gmail.com, delay=00:02:39, mailer=esmtp, pri=30590, dsn=4.4.3, stat=queued
    mails between local users are sent without any problem..

  4. #4
    This is how my iptables -L output is right now:

    Code:
    Chain INPUT (policy DROP)
    target     prot opt source               destination
    ACCEPT     all  --  anywhere             anywhere
    ACCEPT     tcp  --  anywhere             anywhere            tcp spts:1024:65535 dpt:ssh state NEW
    ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:pop3
    ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:smtp
    ACCEPT     tcp  --  anywhere             anywhere            tcp spts:1024:65535 dpt:http state NEW
    ACCEPT     tcp  --  anywhere             anywhere            state RELATED,ESTABLISHED
    ACCEPT     all  --  192.168.0.0/24       anywhere
    ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:domain
    ACCEPT     udp  --  anywhere             anywhere            udp dpt:domain
    ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ftp
    ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ftp-data
    LOG        all  --  anywhere             anywhere            LOG level warning
    
    Chain FORWARD (policy DROP)
    target     prot opt source               destination
    ACCEPT     all  --  anywhere             anywhere            state NEW,RELATED,ESTABLISHED
    ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED
    ACCEPT     all  --  anywhere             anywhere            state NEW,RELATED,ESTABLISHED
    ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED
    LOG        all  --  anywhere             anywhere            LOG level warning
    
    Chain OUTPUT (policy DROP)
    target     prot opt source               destination
    ACCEPT     all  --  anywhere             anywhere
    ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED
    ACCEPT     tcp  --  anywhere             anywhere            state NEW,RELATED,ESTABLISHED
    ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:pop3
    ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:smtp
    ACCEPT     all  --  anywhere             192.168.0.0/24
    ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:domain
    ACCEPT     udp  --  anywhere             anywhere            udp dpt:domain
    ACCEPT     tcp  --  anywhere             anywhere            tcp spt:domain
    ACCEPT     udp  --  anywhere             anywhere            udp spt:domain
    LOG        all  --  anywhere             anywhere            LOG level warning

  5. #5
    Hi,

    If you stop the iptables script and flush the iptables rules, does it work?

    That way you'd know if your firewall is blocking it or the problem lies elsewhere.
    My crime is that of curiosity. My crime is that of judging people by what they say and think, not what they look like. My crime is that of outsmarting you, something that you will never forgive.

Similar Threads

  1. OpenVPN\IPtables routing problem!! Please help me out
    By Pumbaa in forum Linux - Hardware, Networking & Security
    Replies: 0
    Last Post: 01-25-2012, 10:59 AM
  2. linux firewall, iptables forwarding problem
    By weiwei in forum Redhat / Fedora
    Replies: 1
    Last Post: 05-29-2011, 04:58 PM
  3. iptables http forwarding problem
    By sirstan in forum Security
    Replies: 1
    Last Post: 04-23-2008, 11:24 AM
  4. Linux IPTables/Routing Problem
    By Mephisto in forum Security
    Replies: 3
    Last Post: 08-15-2005, 10:01 PM
  5. iptables problem
    By groundzero in forum Security
    Replies: 5
    Last Post: 06-06-2002, 02:14 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •