Web Hosting Forum | Lunarpages


*
Welcome, Guest. Please login or register.
Did you miss your activation email?


Login with username, password and session length
May 25, 2013, 02:12:44 PM

Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: Virtuozzo Firewall outgoing emails blocked  (Read 4847 times)
fabrini88
Trekkie
**
Offline Offline

Posts: 11
« on: August 06, 2009, 10:00:38 AM »
Hi, maybe someone has had a similar issue and found the solution..:

I have a vps with plesk 8.6, and I configured the virtuozzo firewall.

I selected the default system policy: Drop All.

And added custom rules to allow ports for: web(80),dns(53), POP(110), plesk(8880,8443), ssh...

For emails to be sent/received (smtp) I enabled:  Input: source any, destination 25 ; Output: source 25, destination any.

Emails are being received ok, but outgoing emails are stuck in the queue. Checking /usr/local/psa/var/log/maillog I see many messages saying:

"Sorry,_I_couldn't_find_any_host_by_that_name"
"Sorry,_I_wasn't_able_to_establish_an_SMTP_connection"

If I allow all tcp,udp on Input and Output, emails are sent OK, so I'm sure it's a firewall issue.

So any ideas why only allowing port 25 is not working?
Logged
conga3
Knows just enough to get in trouble.
Spacescooter Operator
*****
Offline Offline

Posts: 40


WWW
« Reply #1 on: August 06, 2009, 10:10:50 AM »
Sorry I can't help, but I'm interested in what you find out.

Keep us posted on your findings.
Logged
fabrini88
Trekkie
**
Offline Offline

Posts: 11
« Reply #2 on: August 07, 2009, 12:05:35 PM »
an update: 

I changed the "allow all tcp,udp on Input and Output" to:
- Allow Output all tcp, udp
- Allowed Input tcp, udp source ports 1025-65535, destination ports any.

Emails are being sent, but as you can see I still have ports 1025-65535 open...

When I restrict these ports, emails stop being sent..  Confused

I thought only opening 25 should work.. any ideas?
Logged
fabrini88
Trekkie
**
Offline Offline

Posts: 11
« Reply #3 on: August 07, 2009, 12:10:34 PM »
Quote from: fabrini88 on August 07, 2009, 12:05:35 PM

"- Allowed Input tcp, udp source ports 1025-65535, destination ports any."


correction it is:
- Allowed Input tcp, udp source ports ANY, destination ports 1025-65535
Logged
perestrelka
Administrator
Master Jedi
*****
Offline Offline

Posts: 1397
« Reply #4 on: August 13, 2009, 05:17:49 AM »
Hi Fabrini88,

You initial policy looks fine at the first glance. Have you been able to solve this issue?
Logged
Kind Regards,
Vlad Artamonov
fabrini88
Trekkie
**
Offline Offline

Posts: 11
« Reply #5 on: September 22, 2009, 05:40:43 PM »
Hi perestrelka,   Nope..  Sad  I had to leave ports 1025-65535 open
Logged
conga3
Knows just enough to get in trouble.
Spacescooter Operator
*****
Offline Offline

Posts: 40


WWW
« Reply #6 on: September 22, 2009, 08:32:21 PM »
Did you open a support ticket?
Logged
perestrelka
Administrator
Master Jedi
*****
Offline Offline

Posts: 1397
« Reply #7 on: October 05, 2009, 10:03:37 AM »

I agree about opening a support ticket as it is required to review the resulting firewall rules to see what can be wrong. Feel free to PM me, if you open a support ticket and there is no solution provided by admins.
Logged
Kind Regards,
Vlad Artamonov
steve schmidt
Intergalactic Superstar
*****
Offline Offline

Posts: 175
« Reply #8 on: March 27, 2012, 03:22:45 AM »
Can you please share print screen of your errors, so I can get exact Idea about your issues

Cheers Smile
Logged
Preventive Maintenance Software | SharePoint Services | PHP Web Development
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to: