Check to see if firewall is blocking emails

Hello,

First of all I am a newbie so please bare with me :). Still learning.

I have followed instructions to set up email access via Postfix, Dovecot, MySQL through linode's tutorial. I can send an email out using mailx to my yahoo account however when I reply back from yahoo, the email bounces back. I tried accessing my linode via telnet on port 25, but got no response. I wanted to rule out the firewall before looking into my setup for postfix. Also from what I have read I do have a MX record in DNS Manager which points to mail.domainname.com. I was wondering if someone can tell me if my firewall is blocking emails. Below is the output of my iptables. Any help in this matter would be appreciated.

user@servername:~$ sudo iptables -L

Chain INPUT (policy ACCEPT)

target prot opt source destination

ACCEPT all – anywhere anywhere

REJECT all -- anywhere 127.0.0.0/8 reject-with icmp-port-unreachable

ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED

ACCEPT tcp -- anywhere anywhere tcp dpt:http

ACCEPT tcp -- anywhere anywhere tcp dpt:https

ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh

ACCEPT icmp -- anywhere anywhere

LOG all -- anywhere anywhere limit: avg 5/min burst 5 LOG level debug prefix "iptables denied: "

DROP all -- anywhere anywhere

ACCEPT tcp -- anywhere anywhere tcp dpt:smtp

ACCEPT tcp -- anywhere anywhere tcp dpt:ssmtp

ACCEPT tcp -- anywhere anywhere tcp dpt:pop3

ACCEPT tcp -- anywhere anywhere tcp dpt:imap2

ACCEPT tcp -- anywhere anywhere tcp dpt:pop3s

ACCEPT tcp -- anywhere anywhere tcp dpt:imaps

Chain FORWARD (policy ACCEPT)

target prot opt source destination

DROP all -- anywhere anywhere

Chain OUTPUT (policy ACCEPT)

target prot opt source destination

ACCEPT all -- anywhere anywhere

2 Replies

Wanted to add more information. Also netstat -tuplen results in below. To me it seems like port 25 is good

Active Internet connections (only servers)

Proto Recv-Q Send-Q Local Address Foreign Address State User Inode PID/Program name

tcp 0 0 0.0.0.0:993 0.0.0.0:* LISTEN 0 2001 2301/dovecot

tcp 0 0 0.0.0.0:995 0.0.0.0:* LISTEN 0 1985 2301/dovecot

tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN 106 5454 2323/mysqld

tcp 0 0 0.0.0.0:110 0.0.0.0:* LISTEN 0 1983 2301/dovecot

tcp 0 0 0.0.0.0:143 0.0.0.0:* LISTEN 0 1999 2301/dovecot

tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 0 301 2188/sshd

tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 0 6495 2456/master

tcp6 0 0 :::993 :::* LISTEN 0 2002 2301/dovecot

tcp6 0 0 :::995 :::* LISTEN 0 1986 2301/dovecot

tcp6 0 0 :::110 :::* LISTEN 0 1984 2301/dovecot

tcp6 0 0 :::143 :::* LISTEN 0 2000 2301/dovecot

tcp6 0 0 :::22 :::* LISTEN 0 303 2188/sshd

tcp6 0 0 :::25 :::* LISTEN 0 6496 2456/master

udp 0 0 0.0.0.0:68 0.0.0.0:* 0 5340 2125/dhclient

udp 0 0 0.0.0.0:65114 0.0.0.0:* 0 242 2125/dhclient

udp 0 0 192.168.1.116:123 0.0.0.0:* 0 972 2821/ntpd

udp 0 0 127.0.0.1:123 0.0.0.0:* 0 971 2821/ntpd

udp 0 0 0.0.0.0:123 0.0.0.0:* 0 964 2821/ntpd

udp6 0 0 de90::f05c:91jf:fe7:123 :::* 0 975 2821/ntpd

udp6 0 0 ::1:123 :::* 0 974 2821/ntpd

udp6 0 0 2610:3c04::z09c:91j:123 :::* 0 973 2821/ntpd

udp6 0 0 :::123 :::* 0 965 2821/ntpd

udp6 0 0 :::34579 :::* 0 243 2125/dhclient

FYI Got the it to work. I was able to receive email from my yahoo account.

It turns out it was the way I opened up the ports. Putting up the solution incase someone runs into the same issue.

I commented out the below from my firewall rules:

-A INPUT -p tcp –dport 25 -j ACCEPT

-A INPUT -p tcp --dport 110 -j ACCEPT

-A INPUT -p tcp --dport 587 -j ACCEPT

and added:

-A INPUT -p tcp -m state --state NEW --dport 25 -j ACCEPT

-A INPUT -p tcp -m state --state NEW --dport 110 -j ACCEPT

-A INPUT -p tcp -m state --state NEW --dport 587 -j ACCEPT

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct