No POP3 after enabling Firewall

[cpu_f1xer]

I installed ebox on a server fresh from the insallation disc downloaded from eboxplatform.
Mail worked great until I enabled the Firewall. Now SMTP works fine but POP3 seems to be prohibited on the external network interface.
Here is what I've done so far...

• I created a Service Name called pop configured to allow TCP/UDP source port 110 to destination port 110.
  
• Added a packet filter rule allowing acceptance of any external network source traffic to the service name pop.
• Added this rule to the top of the priority list.

Still no luck.
Goofy thing is there is no service or rule for SMTP (port 25) but it works fine. Makes me wonder about the word "Firewall" on this platform.
I verified that POP3 is enabled on the Mail Services tab of the Mail management page.
External interface is directly on public network with no router (other than ISP cable modem) in between.
Any suggestions?

[sixstone]

The POP3 clients does not connect from 110 port. So you may change in pop service configuration in source port from 110 to any. Now it should work fine.

If you're using POPS, change the destination port from 110 to 995.

Hope this may be helpful.

[cpu_f1xer]

That worked. I never knew the client doesn't initiate on 110.
Question now is why does SMTP (port 25) work without a service rule?

[sixstone]

That worked. I never knew the client doesn't initiate on 110.
Question now is why does SMTP (port 25) work without a service rule?

A mystery  ... anyway in future versions this behaviour may change so you'd better add a rule to the SMTP traffic as well...

[HANNES1985]

Sorry for using your thread but you seem to get it right Pop/smtp mail in all

i`ve got ebox setup and all mail via ethernet works but the mail to external sources does not!!!
Can you help me with this issue here`s what i get on outlook if i try to send mail to outside my ethernet
"The message could not be sent because one of the recipients was rejected by the server. The rejected e-mail address was 'hanneswallace@yahoo.com'. Subject 'test', Account: '192.127.80.250', Server: '192.127.80.250', Protocol: SMTP, Server Response: '554 <hanneswallace@yahoo.com>: Relay access denied', Port: 25, Secure(SSL): No, Server Error: 554, Error Number: 0x800CCC79" any help would be deerly apriciated 

[sixstone]

You may change your mail configuration by adding allowed relay objects, the wanted hosts to send mail from. This setting is set in Mail -> General -> Settings.

Deny is default because of spam possible issues. Therefore, you may create an object with your our LAN network address as member and then allow this object to send mail from your mail system.

Hope this helps.

[HANNES1985]

I did do that allready no success but thanx for your reply 

[cpu_f1xer]

Strange. I am now experiencing a similar issue. I have mail setup to require authentication. I configured outlook to login with same credentials as POP but I get an error "None of the authentication methods supported by this client are supported by your server."
I have tried a variety of settings in outlook with no luck. If I use no authentication to send mail then the server rejects because it does not allow relaying (which is what I want).
Any clues would be appreciated.

[cpu_f1xer]

Solved my own problem.
Needed to select TLS encryption type in the Advanced tab of Outlook's E-mail settings dialog box.
Uses invalid certificate but who cares?

 

[javi]

Just for your information this is what you have to do to be able to use the SMTP server and send emails with some Outlook versions:

- If the firewall is enabled in eBox you will have to allow the destination tcp port 465, save changes
- In outlook you will have to configure it to use port 465 instead of 25, use secure mode and stuff

Outlook needs to use that port instead of 25 to work properly.

From the next eBox version onwards you won't have to manually add port 465 port, we will include in our "Mail system" service by default.

As cpu_f1xer points, newer Outlook versions need to be configured on the advanced tab to support TLS encryption.

[HANNES1985]

Trail & error is no option for you guys thanx hey you helped a lot thanx alot 

[HANNES1985]

In my queue management this accurs now im no guru but I think this may be my problem and this is all Greek to afrikaans speaking guy I DO NOT KNOW WHAT THIS IS call me stupid but this is the way i learn and im not giving up

/etc/cron.daily/logrotate:
error: ebox-soap:1 lines must begin with a keyword or a filename (possibly in double quotes)
error: ebox-soap:16 unxpected }
run-parts: /etc/cron.daily/logrotate exited with return code 1
 
any help would be greatly appreciated Thanx

[HANNES1985]

one step closer now it doesnt give me relay denied but it does give me an error and its now time out wile connecting
If i run the test settings it states that outlook can connect and that i need to check the port and if the server requires ssl support


 ???any help?
 

[sixstone]

In my queue management this accurs now im no guru but I think this may be my problem and this is all Greek to afrikaans speaking guy I DO NOT KNOW WHAT THIS IS call me stupid but this is the way i learn and im not giving up

/etc/cron.daily/logrotate:
error: ebox-soap:1 lines must begin with a keyword or a filename (possibly in double quotes)
error: ebox-soap:16 unxpected }
run-parts: /etc/cron.daily/logrotate exited with return code 1
 
any help would be greatly appreciated Thanx

You may uninstall ebox-soap since you're not using it (I'm sure about this) by running:

Code: [Select]

$ apt-get remove ebox-soap

And remove manually /etc/logrotate.d/ebox-soap file. Anyway, it's a known fixed bug.

Thanks for your report.

[HANNES1985]

I have uninstalled soap but still shows me this error (connect to 127.0.0.1[127.0.0.1]: Connection refused) with
the same on my previous post. How do you remove this (/etc/logrotate.d/ebox-soap) manually, i did run the uninstall code (apt-get remove ebox-soap) within my server, and it did remove it coz i cant see it in my GUI anymore

Thank you for your help on this matter..