Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Cannot send mail from my digital scanner since pfSense install, using port 587

    Scheduled Pinned Locked Moved Firewalling
    12 Posts 5 Posters 1.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N
      nelsonsaenz
      last edited by

      Hi Jeff,
      Thanks for the reply. The only packages I have installed are ntop and BandwidthD, neither of which are blocking anything AFAIK. My LAN is 1 flat network, no VLANs, and I do have the default any to any LAN rule. The only other LAN rule I set up is the one to allow my scanner to send to port 589.

      My box is installed on an HP Microserver Gen 10.

      Odd thing is, I don't see the ip address anywhere on my logs so it's hard to troubleshoot the issue.

      viktor_gV 1 Reply Last reply Reply Quote 0
      • viktor_gV
        viktor_g Netgate @nelsonsaenz
        last edited by

        @nelsonsaenz port 587 or 589?

        Please show LAN tab firewall rules

        1 Reply Last reply Reply Quote 0
        • N
          nelsonsaenz
          last edited by

          Here you go... Thanks.

          Screen Shot 2020-05-13 at 12.33.00 PM.png

          1 Reply Last reply Reply Quote 0
          • A
            akuma1x
            last edited by akuma1x

            @nelsonsaenz You can tweak that 587 pass rule slightly by setting the source to LAN net. Since you state you've got a flat LAN network, and the scanner is on the LAN network, that's where you want to set the source as.

            You say you don't see the scanner getting an IP address. Do you have DHCP enabled for the LAN network, and does the DHCP server show the scanner getting assigned an IP address?

            Also, what happens if you disable this rule, reboot the pfsense box, and try the scanner again? I know you said you did some troubleshooting already, but the scanner should successfully communicate over the internet using the default allow LAN rule; the one directly under your 587 rule in your screenshot.

            Jeff

            1 Reply Last reply Reply Quote 0
            • N
              nelsonsaenz
              last edited by

              I explained that badly. Yes, the scanner does have an IP and I do see it in my DHCP leases. I was saying I don't see the ip address when I go through the firewall logs.

              viktor_gV GertjanG 2 Replies Last reply Reply Quote 0
              • viktor_gV
                viktor_g Netgate @nelsonsaenz
                last edited by

                @nelsonsaenz are you sure that it uses 587 port? maybe 25?
                and Submission uses 587 TCP port not UDP/TCP, please fix it

                1 Reply Last reply Reply Quote 0
                • GertjanG
                  Gertjan @nelsonsaenz
                  last edited by

                  @nelsonsaenz said in Cannot send mail from my digital scanner since pfSense install, using port 587:

                  I do see it in my DHCP leases. I was saying I don't see the ip address when I go through the firewall logs.

                  Your scanner receives an IP .... and also (check this) the correct network mask, a DNS, a Gateway.
                  Example : no or bad DNS : scanner can't resolve URL ...
                  Or : no gateway : scanner can't find it's way out ...

                  Btw : the default LAN rules passes all traffic, all protocols.
                  But you can see that this rule (it matches) is actually used by traffic coming from your LAN devices.

                  719be5a6-ba8d-4509-8323-263375de0a56-image.png

                  This :

                  4ed7923d-9bc7-41e8-9cfa-86ce7a55e4d1-image.png

                  just above the general LAN pass rule is oj, it shows you if some IPv4 device is communicating to some device using port 587. The fact that it shows 0/0 for the counter means that the rule never matches. Also, this rule is logging if it matches.
                  This is pretty solid prove that the 'TCP 587'mail traffic from the scanner never reaches the router (pfSense).

                  Also : on some device on your LAN, a PC, open a command line, use Putty or telnet, and open a connection to the URL of smtp server - port 587. Do you see the SMTP banner of the remote Office mail server ?

                  No "help me" PM's please. Use the forum, the community will thank you.
                  Edit : and where are the logs ??

                  1 Reply Last reply Reply Quote 0
                  • Bob.DigB
                    Bob.Dig LAYER 8 @nelsonsaenz
                    last edited by Bob.Dig

                    @nelsonsaenz said in Cannot send mail from my digital scanner since pfSense install, using port 587:

                    It sends out via my Office 365 SMTP using port 587. Immediately when I try to send, I get a Cannot contact SMTP host error and it never sends.

                    So it it is probably related to that entirely. No problem here with a local email-server.

                    GertjanG 1 Reply Last reply Reply Quote 0
                    • GertjanG
                      Gertjan @Bob.Dig
                      last edited by

                      @Bob-Dig said in Cannot send mail from my digital scanner since pfSense install, using port 587:

                      Cannot contact SMTP host erro

                      I'll place my bet : a DNS issue.

                      No "help me" PM's please. Use the forum, the community will thank you.
                      Edit : and where are the logs ??

                      1 Reply Last reply Reply Quote 0
                      • N
                        nelsonsaenz
                        last edited by

                        Once I read the DNS suggestion, I realized I hadn't checked those settings on the scanner. Went into it and saw that it was still pointing to the old, non existent WiFi router for DNS. Changed it and now I was just able to send a test successfully.

                        Greatly appreciate everyone's help!!!!!!

                        1 Reply Last reply Reply Quote 1
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.