Jesse Kline said: > On Wed, 2003-03-19 at 08:27, Trevor Lauder wrote: >> So, you are using a machine on the same LAN as the mail server but >> trying to access it with the mail client using your external (ISP) IP >> Address as the SMTP/POP3 Server? > > Yes, if I telnet to 192.168.1.120 on ports 25 and 110 I get in OK, but > if I telnet to acc3ss.homelinux.org on ports 25 and 110 my connection is > refused. > >> So if you were to send an email from something like hotmail to your >> new dyndns domain name, your email server would receive the email? > > I would assume so. I have only tested it sending to and from my telus > account, however I will give hotmail a try as well. >
Ok, if you can send an email from your telus account to your new account and it gets through the firewall and into your mailserver then there is nothing wrong with your port forwarding rules and there isn't anything wrong with your SMTP/POP3 Config if you can send and receive mail from the inside. This sounds like it's a problem with DNAT onto the same network. This is what I mean using an example: Firewall is 192.168.1.1 on the LAN interface and 222.222.222.222 on the WAN interface Mailserver is 192.168.1.5 Client workstation is 192.168.1.100 You can access 192.168.1.5 from 192.168.1.100 just fine, both POP3 and SMTP which is what you are saying I think. You can access 222.222.222.222 from the outside on ports 110 and 25 which means port forwarding works which is also what I think you are saying. You can't however access 222.222.222.222 on ports 110 and 25 from 192.168.1.100, this is because you are already on the inside and the firewall doesn't know how to DNAT (port forward) the connection back onto the same network. If this example is what you are seeing then it's almost for sure you are having a DNAT onto the same network problem. If your firewall is a cheap $80-100 linksys/smc/etc firewall then there probably isn't anything you can do about it. If it's a linux firewall you can try taking a look at this page: http://www.netfilter.org/documentation/HOWTO//NAT-HOWTO-10.html for examples on how to fix that problem. The other solution, which is what I usually have done is to setup an authoritative DNS server for your domain that only serves out DNS for your LAN. Then point acc3ss.homelinux.org to whatever your internal IP Addresses are and setup MX records for it too if you want. That way anyone outside of your network resolves to your firewalls external address but anyone on your internal network would resolve to your firewall/mailservers internal address. Hope this helps. Cheers Trevor > Thank you, > > Jesse > -- > Jesse Kline, RHCT > http://www3.telus.net/public/klinej/resume.html
