I can send emails from my mail server but not receive from Hotmail.
-
Hi,
I recently moved a server from one connection to another. Upon moving everything has come back online (change of IPs and nameservers) but I cannot receive emails from Hotmail (sending it fine and receiving it fine from literally everywhere I test but Hotmail).
At first I thought this was a propagation issue because all other mail providers are coming through fine and every DNS/Mail Server Test I do is reporting it as fine. Also the bounced email from Hotmail shows the new server IP and saying it cannot connect/refused.
I am also not on any blacklists (I know this is for outgoing generally but thought it best to check).
I cannot find anything in the logs which would indicate it's not even reaching the server and I also cannot find anything in CSF (The servers firewall) or the routers firewall logs saying it's being blocked. There's absolutely nothing in the servers logs, CSF doesn't show anything on a search and my pfSense only shows the IP being passed/allowed.
My suspicions are this is something to do with pfSense as the server is the same and the main change is pfSense. But I don't know enough about pfSense to check if Hotmail is blocked in some way.
I'm not running pfBlocker or Snort but have done in the past, they are uninstalled now though.
I am completely stumped if anyone can help please?
-
I noticed under "States" there's a load of Microsoft IPs on Port 25 so I know it's reaching the firewall. It shows not all packets though so I wonder if that helps resolve the issue?
-
Hmm, that's internal interface I assume? And it has public IPs?
pfSense appears to be routing that correctly. It would only block anything if you have firewall rules or something dynamic like Snort or pfBlocker.
Steve
-
Hey. thank you for replying.
Yes it's an internal vLAN with public IPs. I only block access to the firewall, other vLANs and a "sh*t list" I have which I've tried disabling.
I don't have pfBlocker installed or Snort but used to. I can only think maybe they left some rules behind maybe? I don't know. I've been at this for 24 hours now and am pretty darn stumped.
-
That block from the sh*tlist alias can never match anything because it's on the wrong interface. It should be on WAN if it's blocking connections to the vlan 200 servers.
And it's on the WAN you should look for other rules that might be blocking. Also check the floating rules tab. -
Damn you've cracked it!!! I'm so happy lol That's driven me mad for ages! I disabled the "sh*t list" rule on the lan and floating rules and they are all flooding through now. Strange again though how it's just blocked Hotmail.
So a couple of questions... are you sure that "sh*t list" won't work on there? I tested it with my phone on an external IP and it worked, as in I couldn't connect to the server?
Can you see what was wrong with the floating rules? Maybe one of the IPs? I don't think so though as I checked they weren't Microsoft ones.
Thanks again so much!
-
@dwren78 said in I can send emails from my mail server but not receive from Hotmail.:
are you sure that "sh*t list" won't work on there?
It could work on VLAN200 but not with the VLAN200 subnet as destination. Connections hitting the rules there will always be coming from there. You would need to swap the source/destination so it looks like the other rules there.
It's the correct way round in the floating rules and clearly was blocking the traffic.
I would enable logging on those floating rules so you see which rule is blocking and then enable them again to test. One of those alises contains the hosts that were being blocked.
Steve
-
Thanks Stephen, I'll be okay from here... really appreciate the help!
