[CentOS] setting up postfix

Larry Martell larry.martell at gmail.com
Tue Oct 16 12:43:16 EDT 2012


On Tue, Oct 16, 2012 at 10:26 AM, Andy Smith <spookza at gmail.com> wrote:
> On 16 October 2012 17:14, Larry Martell <larry.martell at gmail.com> wrote:
>
>> On Tue, Oct 16, 2012 at 8:58 AM, Joseph Spenner <joseph85750 at yahoo.com>
>> wrote:
>> >
>> >
>> >
>> > ________________________________
>> >  >From: "m.roth at 5-cent.us" <m.roth at 5-cent.us>
>> >>To: CentOS mailing list <centos at centos.org>
>> >>Sent: Tuesday, October 16, 2012 7:49 AM
>> >>Subject: Re: [CentOS] setting up postfix
>> >  >
>> >>Larry Martell wrote:
>> >> This should be an easy one. I'm trying to get postfix going. I've
>> >> never done this before. I followed the directions at
>> >> http://wiki.centos.org/HowTos/postfix. I opened port 25:
>> >>
>> >> iptables -I INPUT -p tcp -m tcp --dport 25 -j ACCEPT
>> >>
>> >> But I don't receive the mail. In a file in /var/spool/postfix/defer I
>> see:
>> >>
>> >> alt2.gmail-smtp-in.l.google.com[2607:f8b0:400d:c00::1a]:25: Network is
>> >> unreachable
>> >>
>> >> Have I missed a step or done something wrong?
>> >>
>> >
>> > Have you tested to see if tcp/25 is really open?  From another system:
>> >
>> > $ telnet ip.of.postfix.box 25
>> >
>> > Do you get a sendmail/postfix message of some sort?
>>
>> No, I can't connect:
>>
>> # telnet 10.188.36.207 25
>> Connecting To 10.188.36.207...Could not open connection to the host, on
>> port 25:
>>  Connect failed
>>
>> iptables shows that port open:
>>
>> Chain INPUT (policy ACCEPT)
>> target     prot opt source               destination
>> ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:smtp
>>
>> Chain OUTPUT (policy ACCEPT)
>> target     prot opt source               destination
>> ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:smtp
>
>
> Hi.
>
> It seems you are telnetting using- and have firewall rules for- an IPv4
> network.
> Your postfix seems to be trying to use IPv6. :
> alt2.gmail-smtp-in.l.google.com[2607:f8b0:400d:c00::1a]:25: Network
> is unreachable.
>
> Does the client's network and ISP use IPv6?
>
> Have you tried configuring inet_protocols = ipv4 in the main.cf ?
> Your box might be configured with IPv6, but that doesn't mean it is usable
> on the network.
>
> OT: The default policies of your chains appear to be "ACCEPT" - thus if
> there is no REJECT or DROP rule matching your SMTP connection, it will be
> automatically accepted when it hits the bottom of the chain, regardless of
> what ACCEPT rules you apply.

Good catch Andy. I made that change and now I can telnet to port 25 and I get:

220 localhost.localdomain ESMTP Postfix

But the outgoing mail is still failing, but now with:

reason=connect to alt4.gmail-smtp-in.l.google.com[173.194.78.27]:25:
Connection timed out


More information about the CentOS mailing list