Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Probably simple, but i need help

    Scheduled Pinned Locked Moved Firewalling
    8 Posts 4 Posters 1.9k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • L
      luke240778
      last edited by

      So i have pfSense running.  My static IP address is: 189.54.110.10

      My pfsense has 1 WAN and 2 LAN.  On my LAN with ip range of 192.168.10.0 i have 3 servers. (1 FreeRADIUS, 1 Freeside, 1 Mail server)
      i want my mail server to be the main mail server for my business as i am not happy with where it is currently being hosted, so..

      I know with where my domain name is hosted i can shoot the mail to my IP address, but i have absolutely no idea how to setup firewall rules so that all email gets to the mail server on my LAN.. I want to use this mail server for us inside the business to send and receive email, and also to work when we are outside the office via Webmail or POP & IMAP.

      How do i do this?

      1 Reply Last reply Reply Quote 0
      • M
        Metu69salemi
        last edited by

        NAT reflection or split dns is techniques you can apply if you have both servers and clients in lan

        1 Reply Last reply Reply Quote 0
        • L
          luke240778
          last edited by

          Thanks alot for the reply.. i appreciate it.. but it may as well of beenin chinese.. didn't understand at all.

          I thought i was just going to need to know how to put a port forward to my mail server?

          As far as i understand, pfSense is my router.. in the past, with routers such as cisco pr SnapGear, i just needed to port forward the appropriate ports.. like 25 for exchange.. and so on for pop and IMAP.. is that not the case with pfSense?

          1 Reply Last reply Reply Quote 0
          • Cry HavokC
            Cry Havok
            last edited by

            It should just be a case of setting up a port forwarding for port 25/TCP to your mail server's LAN IP for SMTP. Then you can use the MXToolbox diagnostics to check that it is working.

            Once you've got that right create further rules for 110/TCP (POP3), 143/TCP (IMAP) and whatever port your webmail runs on (I'm guessing 80/TCP).

            You will however need to relay your outbound email through your ISP's mail server or a mail relay service. If you don't then most recipient's will refuse your email.

            1 Reply Last reply Reply Quote 0
            • L
              luke240778
              last edited by

              Thanks for that. I will see how it goes.

              In my case i am the ISP so i am not sure how i will sort out that mail relay.  I have a small WiSP and a direct fiber link from a wholesaler.

              1 Reply Last reply Reply Quote 0
              • Cry HavokC
                Cry Havok
                last edited by

                Ah, in that case you need to ensure that the IP range you've been allocated isn't on the various RBLs as being a dialup range. You can check here and here.

                1 Reply Last reply Reply Quote 0
                • L
                  luke240778
                  last edited by

                  My IP's are all good as far as spamhaus lookup

                  1 Reply Last reply Reply Quote 0
                  • P
                    pcbosrders
                    last edited by

                    i'm doing what you want to do
                    just set the rules  for the ports mentioned above and also make adjustment to your DNS file
                    so Your ips point to the right mail server.
                    and your mx record is set to the right level

                    don't fix it, if ain't broken !!!

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post
                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.