Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    PFsense 2.2.2 pop3

    Scheduled Pinned Locked Moved Problems Installing or Upgrading pfSense Software
    15 Posts 6 Posters 1.9k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      doktornotor Banned
      last edited by

      @almabes:

      Post a screen capture of your LAN and WAN rules.

      And post the error… verbatim.

      1 Reply Last reply Reply Quote 0
      • GertjanG
        Gertjan
        last edited by

        @damithudayangakumara:

        from LAN i can't connect to the pop3…..

        By default pfSEnse setup will not block [any destination - port 110].
        So, please communicate your settings.

        Also: remove squid and everything starts to work, right ?

        @damithudayangakumara:

        ….but when try to sending a mail ,that mail  shown a pop3 error..how do i slove this error?

        retrieving mail (pop3 = destination port 110) has NOTHING to do with sending mails (smtp, on destination port 25 or 587, 465 (smtp ssl))
        … except if you are using an ancient protocol (last century ?!) called pop-before-smtp which is currently being kept alive in military laboratories.

        No "help me" PM's please. Use the forum, the community will thank you.
        Edit : and where are the logs ??

        1 Reply Last reply Reply Quote 0
        • D
          damithudayangakumara
          last edited by

          thank you guys reply to me… i posted the LAN & WAN rules and pop3 error.

          Captureasda.PNG_thumb
          Captureasda.PNG
          firewallrule1.PNG_thumb
          firewallrule1.PNG
          Capture21.PNG_thumb
          Capture21.PNG

          1 Reply Last reply Reply Quote 0
          • N
            NOYB
            last edited by

            From that same client…

            1. Can the POP3 server name be resolved to IP address?  nslookup mail.mi-synergy.com
            2. Can the POP3 server be pinged?  ping mail.mi-synergy.com
            3. Can the POP3 server be connected to on port 110?  telnet mail.mi-synergy.com 110

            If the client is Windows 8, the telnet client may not be active by default.  To activate it go to Control Panel - Programs - Turn Windows Features on or off.  Once there find Telnet Client.

            1 Reply Last reply Reply Quote 0
            • D
              damithudayangakumara
              last edited by

              From that same client POP3 server name can't resolved ,can't ping and can't telnet. but i can browse the internet…
              when disconnect LAN and plug a usb dongle i can send and receive mails..

              1 Reply Last reply Reply Quote 0
              • D
                doktornotor Banned
                last edited by

                You need to allow UDP for DNS to work. You need to allow ICMP to ping. The last LAN rule should be ANY as protocol, not TCP!

                1 Reply Last reply Reply Quote 0
                • D
                  damithudayangakumara
                  last edited by

                  At this moment i can't add any rules for pfsense because now our working hours.  i'll informed you after i adding that rules
                  thank you doktornotor,

                  1 Reply Last reply Reply Quote 0
                  • GertjanG
                    Gertjan
                    last edited by

                    @doktornotor:

                    You need to allow UDP for DNS to work. You need to allow ICMP to ping. The last LAN rule should be ANY as protocol, not TCP!

                    Good shot !
                    DNS is completely out - ping also.
                    I wonder what the meaning is of that "TCP only rule" (except break an Internet connection).

                    @damithudayangakumara : you blocked the web GUI access, are you using https ? Do you have people on your LAN that you do NOT trust ?

                    No "help me" PM's please. Use the forum, the community will thank you.
                    Edit : and where are the logs ??

                    1 Reply Last reply Reply Quote 0
                    • D
                      doktornotor Banned
                      last edited by

                      @Gertjan:

                      I wonder what the meaning is of that "TCP only rule" (except break an Internet connection).

                      I think it has no meaning, except for being poorly chosen default for new rules for some reason which users forget to change.

                      1 Reply Last reply Reply Quote 0
                      • D
                        damithudayangakumara
                        last edited by

                        @Gertjan:

                        @doktornotor:

                        You need to allow UDP for DNS to work. You need to allow ICMP to ping. The last LAN rule should be ANY as protocol, not TCP!

                        Good shot !
                        DNS is completely out - ping also.
                        I wonder what the meaning is of that "TCP only rule" (except break an Internet connection).

                        @damithudayangakumara : you blocked the web GUI access, are you using https ? Do you have people on your LAN that you do NOT trust ?

                        no i want to monitor what are they access and there usages..

                        1 Reply Last reply Reply Quote 0
                        • D
                          damithudayangakumara
                          last edited by

                          @doktornotor:

                          You need to allow UDP for DNS to work. You need to allow ICMP to ping. The last LAN rule should be ANY as protocol, not TCP!

                          after adding this  "IPv4  *    *  *  *  *  *  none"
                          guys pop3 error has been solved..

                          thank you all …

                          Capture.PNG
                          Capture.PNG_thumb

                          1 Reply Last reply Reply Quote 0
                          • D
                            doktornotor Banned
                            last edited by

                            You just need the second rule. That TCP/UDP and ICMP one is completely redundant when you have the (default) allow all on top of them.

                            1 Reply Last reply Reply Quote 0
                            • stephenw10S
                              stephenw10 Netgate Administrator
                              last edited by

                              I'll just point out that your WAN side rules are similarly flawed.
                              Your NAT rules to allow IPSec traffic to a server at 192.168.0.9 will not pass the required UDP traffic.

                              Steve

                              1 Reply Last reply Reply Quote 0
                              • First post
                                Last post
                              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.