Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Postfix issue behind pfsense

    Scheduled Pinned Locked Moved NAT
    12 Posts 3 Posters 2.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N
      nikkon
      last edited by

      Hi all,

      I have a mail server in lan behind pfsense.
      i use nat for pop3/imap redirected to lan ip.
      from server-cli works fine…i can connect and send mails. from the network or outside...nothing.able to send, not able to receive anything.
      Any clue?

      postix/dovecot as MTA.

      Thanks
      pop3.png
      pop3.png_thumb

      pfsense 2.3.4 on Supermicro A1SRi-2758F + 8GB ECC + SSD

      Happy PfSense user :)

      1 Reply Last reply Reply Quote 0
      • D
        divsys
        last edited by

        Do the logs show any attempted traffic to the server?

        Have you tried to Telnet in for testing?

        Possibility your ISP is blocking ports?

        -jfp

        1 Reply Last reply Reply Quote 0
        • N
          nikkon
          last edited by

          on the server side all seems ok.
          via cli i can log and all seems fine.ISP works as before.I just changed clearos (which used a port forwarding before) with pfsense nat.
          problem is i can't reach my mail server via mai. <domain>or external ip address.
          if i use the internal ip as incomming/outgoing server it works</domain>

          pfsense 2.3.4 on Supermicro A1SRi-2758F + 8GB ECC + SSD

          Happy PfSense user :)

          1 Reply Last reply Reply Quote 0
          • D
            doktornotor Banned
            last edited by

            @nikkon:

            problem is i can't reach my mail server via mai. <domain>or external ip address.
            if i use the internal ip as incomming/outgoing server it works</domain>

            https://doc.pfsense.org/index.php/Why_can%27t_I_access_forwarded_ports_on_my_WAN_IP_from_my_LAN/OPTx_networks

            1 Reply Last reply Reply Quote 0
            • N
              nikkon
              last edited by

              tried this…still not working.
              by now i have web working from outside.from internal network/vpn if i try to load any web site hosted it goes to pfsense intern ip.
              I belive that there is an issue first of all.

              pfsense 2.3.4 on Supermicro A1SRi-2758F + 8GB ECC + SSD

              Happy PfSense user :)

              1 Reply Last reply Reply Quote 0
              • D
                doktornotor Banned
                last edited by

                Yeah, already answered above. Fix your DNS.

                1 Reply Last reply Reply Quote 0
                • N
                  nikkon
                  last edited by

                  I try to use the link you sent me and add for each domain i have a record in DNS forwarder @ Domain Overrides section
                  coridor.ro 172.26.10.2 coridor forwarder
                  as test…i try to ping the domain...it sees the correct wan ip still...no ping / same for smtp/pop3

                  pfsense 2.3.4 on Supermicro A1SRi-2758F + 8GB ECC + SSD

                  Happy PfSense user :)

                  1 Reply Last reply Reply Quote 0
                  • D
                    doktornotor Banned
                    last edited by

                    Sigh… maybe you should re-read the above a couple of times? You set up a HOST override for the HOSTNAME(S) of the mailserver so that it points to the INTERNAL IP (and NOT WAN IP).

                    1 Reply Last reply Reply Quote 0
                    • N
                      nikkon
                      last edited by

                      ok it seems i got it wrong.
                      do i still need a DNS resolver? I belive i do for the other requests and lan clients.
                      172.26.10.x is internal ip.
                      194.xxx is wan

                      fw.png
                      fw.png_thumb

                      pfsense 2.3.4 on Supermicro A1SRi-2758F + 8GB ECC + SSD

                      Happy PfSense user :)

                      1 Reply Last reply Reply Quote 0
                      • D
                        doktornotor Banned
                        last edited by

                        Dunno, are you actually reading what's said above? And reading what's written in the GUI? You are setting the WRONG thing. Read the GUI description of Domain Overrides.

                        P.S. If you are using DNS Resolver, then configure the same HOST overrides in DNS Resolver instead of Forwarder! You cannot use both of them at the same time.

                        1 Reply Last reply Reply Quote 0
                        • N
                          nikkon
                          last edited by

                          problem solved.all seems better now. thx for all support.

                          btw. still have an issue with the ftp service behind nat.
                          client error: "Server sent passive reply with unroutable address." I can log in but nothing came back.
                          I installed FTP client Proxy app and config looks like:
                          Local Interface : LAN,loopback
                          Source address : any
                          Proxy Bypass Source : any
                          Proxy ByPass Destination: 192.168.1.5 (ftp server address)
                          BindPort : 2121
                          –-------------
                          proftpd listen port 2121.

                          Any clue?

                          pfsense 2.3.4 on Supermicro A1SRi-2758F + 8GB ECC + SSD

                          Happy PfSense user :)

                          1 Reply Last reply Reply Quote 0
                          • D
                            doktornotor Banned
                            last edited by

                            No, not here. Totally OT plus wrong forum.

                            1 Reply Last reply Reply Quote 0
                            • First post
                              Last post
                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.