[ALUG] I need an E-Mail expert to help me solve this

Chris Green cl at isbd.net
Sun Feb 19 21:57:50 GMT 2017

On Sun, Feb 19, 2017 at 03:23:45PM +0000, Phil Ashby wrote:
> On 19/02/17 12:00, Chris Green <cl at isbd.net> wrote:
> > 
> > I have an E-Mail requirement/problem that I've wasted several hours on over the past few days to
> > little effect.  Maybe someone here can help.
> > 
> > My home (linux) machine runs all the time and hosts the domain zbmc.eu which is registered at
> > gandi.net.  The zone file there is configured to point at my home machine and the MX record is
> > set up too:-
> > chris at cheddar$ host zbmc.eu
> > zbmc.eu has address
> > zbmc.eu mail is handled by 10 zbmc.eu.
> > chris at cheddar$ is my PlusNet ADSL connection.
> > 
> > ..[lots of testing that indicates 'something' is blocking SMTP on some routes, but not all...]
> Hi Chris,
> I have almost the same setup as you, an external/public server (mail.ashbysoft.com) that forwards
> mail to an internal/private server at home (phil.ashbysoft.com, on PlusNet), my external server is
> in a co-lo facility and managed by me, rather than a 3rd part but hey, it's
> still working so it doesn't look like PlusNet per se..
> I tried a few tests for your host:
> - from my home network (via NAT, PlusNet):
>   phlash at zaphod:~$ host zbmc.eu
>   zbmc.eu has address
>   zbmc.eu mail is handled by 10 zbmc.eu.
>   phlash at zaphod:~$ telnet zbmc.eu 25	# not looking good for inbound connectivity on 25
>   Trying
>   ^C
>   phlash at zaphod:~$ telnet zbmc.eu 587	# nor the alternative SMTP submission port 587
>   Trying
>   ^C
This is because my firewall blocks connections from anywhere except
the TsoHost servers on port 25.  ............. der!!!!!  Which of
course explains mostly why it won't work from elsewhere!!!!!

I think you have just hit the proverbial nail on the proverbial head!

> My conclusion so far would be that you have local firewalling / filtering
> issues that are permitting traffic from the TsoHost servers but nowhere
> else? Are you running fail2ban and it has been a bit enthusiastic (this has

Spot on!  :-)

> Hope this helps,

Absolutely, thank you, I can sleep peacefully now!  :-)

Chris Green

