POP3 port not getting through firewall(m0n0wall). can't receive mail

D

doh-nut

Supreme [H]ardness
Joined
Dec 7, 2000
Messages
5,409
im trying out a firewall called m0n0wall. and its not letting incoming mail in, everyones getting failed send.

I made a NAT rule to let port 110 come in to my address. but its still not working. outgoing mail works fine though.

any ideas? but even if this does work, how is this firewall supposed to allow multiple clients on my LAN use outlook if i have to specify a single address for port 110?
 
oops, i feel like a multi-purpose tool. it wasn't related to the firewall, i dont know why i thought it was. a dynamic dns provider changed my MX records when i switched to them recently, and I assumed that they wouldn't do that. doh

now that lets me receive mail, but only when i have port 110 forwarded. im still wondering what im supposed to do to let other clients receive email?
 
Do you house the POP3 server on your local lan? If so, then anything forwarded to that box (IE your mail server) should then be forwarded to your clients if they are pointing directly at your POP3 mail server for their mail, and of course are directly behind the Firewall with the mail server.
 
no,. my pop and smtp servers i use are on the WAN, but i had a strange notion that when you get incoming mail in outlook, that the pop server connects to you to give you the mail. its all good now though :)
 
Dont set up any forwarding rules. Set the router to do NAT and let it work its magic.

When you connect to a POP3 server (tcp/110) you're connecting to _destination_ port 110 (the server's port). Port forwarding is most commonly used for listening ports on your side.

How does it work? Well, PC makes a request and uses a source-port greater than 1024, destination port 110. Nat'd firewall sees this request and automagically lets its go thru. Client 2 does the same thing, and picks random source-port greater than 1024, firewall sees this and lets it go thru. Now you have 2 people trying to connect to the email port, what happens, why dont they cause some huge-assed foulup? well, the router sees the source port and destination port, and either lets it go thru or re-addresses it for another source port. When the response comes back, its destined for the same source port. the router sees this and knows which machine requested it, and sends the correct info to the correct PC behind the router.


n/m you figured it out and I am crosseyed again... :D
My advice, enable NAT and forget any port forwarding rules you have set up. They are more commonly meant for listening ports on YOUR side of the router, not the WAN side.
 
You must log in or register to reply here.
Back
Top