telnet 192.168.0.7 25, I saw a
"no route to host" message.
$ telnet 192.168.1.7 25 Trying 192.168.1.7... telnet: connect to address 192.168.1.7: No route to host $
So I used the debug command on the NetScreen firewall to view traffic to the SMTP port, which showed me it was passing the traffic to the email server behind it. So I then checked the host-based software on the CentOS server. Since it was running CentOS 7, the default firewall management software on it is FirewallD. I first checked to see what services the firewall was allowing through and saw that SMTP wasn't included, so I added that to the allowed services and made it a permanent rather than temporary change. For permanent changes, the firewall software must be reloaded, so I then issued a reload command. Since I ran the commands from a normal user account, I was prompted to provide the root account password to add the service and reload the firewall software.
$ firewall-cmd --list-services dhcpv6-client ssh $ firewall-cmd --add-service=smtp --permanent success $ firewall-cmd --reload success $ firewall-cmd --list-services dhcpv6-client smtp ssh $
Then when I tried connecting from the external system, I saw a different result, but still did not see the banner from the Postfix email software running on the server.
$ telnet 192.168.0.7 25 Trying 192.168.0.7... telnet: connect to address 192.168.0.7: Connection refused $
So I checked the Postfix configuration file to see what interface(s) it was configured to accept email on.
$ cat /etc/postfix/main.cf | grep inet_interfaces # The inet_interfaces parameter specifies the network interface #inet_interfaces = all #inet_interfaces = $myhostname #inet_interfaces = $myhostname, localhost inet_interfaces = localhost # the address list specified with the inet_interfaces parameter. # receives mail on (see the inet_interfaces parameter). # to $mydestination, $inet_interfaces or $proxy_interfaces. # - destinations that match $inet_interfaces or $proxy_interfaces, # unknown@[$inet_interfaces] or unknown@[$proxy_interfaces] is returned $
Since the inet_interfaces line without a "#" sign at the
beginning of the line, which indicates the line is commented out, was
inet_interfaces = localhost, it was configured to only accept
email on the localhost
address, i.e., it would only accept email sent from accounts on the system
itself and would not accept email from other servers. That is the default
configuration for Postfix on CentOS systems and
Red Hat Enterprise Linux (RHEL), from which CentOS derives, systems.
I had two options in this case. I could put a
number sign, i.e., a #, in front of the inet_interfaces
= localhost to make that line a comment and remove the "#" from
the inet_interfaces = all line to have Postfix accept
email on all network interfaces or I could add the specific IP address
for the system, in this case 192.168.0.7, to the inet_interfaces =
localhost line, so that Postfix would accept locally generated email,
but would also accept email from other systems on the 192.168.0.7 address.
I chose that option and changed the line as shown below:
inet_interfaces = localhost 192.168.0.7
I then restarted Postfix.
# service postfix restart Redirecting to /bin/systemctl restart postfix.service #
After I did so, I was able to connect successfully to port 25 on the
email server from an external system and I saw the Postfix banner from
the email server displayed at which point I entered the quit
command to terminate the connection - see
Postfix commands for other SMTP commands that can be given to Postfix.
$ telnet 192.168.1.7 25 Trying 192.168.0.7... Connected to 192.168.0.7. Escape character is '^]'. 220 hugo.localdomain ESMTP Postfix quit 221 2.0.0 Bye Connection closed by foreign host. $