Ports SMTP, IMAP, POP3

beezer1424 · Sep 28, 2010, 3:24 AM

Could someone please sum up how to enable these ports to be forwarded on pfsense 2.0

Let's make this basic 1 WAN 1 LAN
I also setup the outbound rule for the LAN subnet to pass any port to any destination

I have been able to forward most ports no problem (remote desktop, DNS …) but my SMTP IMAP and POP3 port forwarding does not work. When i use an outside program to see which ports are open i get a response that pfsense is actively blocking these ports, and these ports only, on my system. the rest of the ports are timing out becuase i don't have them forwarded I am able to successfully send emails, but I am not able to receive them. I can not telnet on port 25 to my mailserver from an external site either.

please someone show me these screens (see attached) and any other outbound rules I need! thank you.

jimp · Sep 28, 2010, 2:06 PM

That looks correct, but we'd need to see the contents of the WAN firewall rules as a whole (the list view is fine) and check the firewall logs to see if entries are being blocked there.

If nothing shows up in the firewall log, check that the target box's gateway is set for pfSense, and also that there is not a local firewall on that box that is blocking the traffic.

You can also do some packet captures for traffic to those ports to see if it's leaving the LAN side like it should be.

beezer1424 · Sep 29, 2010, 3:16 AM

Here are the screenshots of the WAN rule, the firewall log (the port 25 scan never even makes it to the log), and the a copy of the response from the port scanner itself. I have called my ISP and they are not blocking port 25. I have comcast business connection.

thanks for any and all your help!

Efonnes · Sep 29, 2010, 3:26 AM

That sounds like the connection to the SMTP port is getting through to the machine but it is refusing it. Nothing like that is going to happen on pfSense unless you specifically configure a rule that rejects the connection instead of the default of blocking/ignoring it, and you likely wouldn't have done that specifically for SMTP without knowing it.

Make sure your SMTP server is actually accepting the connection rather than refusing it, either the SMTP server itself or the firewall on the system (if any), and that the SMTP server is actually running on the machine you are forwarding it to.

beezer1424 · Sep 29, 2010, 1:30 PM

I thought I did the pfsense part correct! I know there is no firewall on the machine itself, I will check the smtp to see if it is refusing it.

thanks!

beezer1424 · Sep 29, 2010, 11:11 PM

It was my mal server…. pfsense is the ballz