0

Long configured, stable Postfix mail server on internal system with greylisting, a long list of restrictions and real-time black-listing, reachable through a gateway / firewall via forwarded port worked fine inbound and outbound following the upgrade of the firewall/gateway system and I moved on to other upgrade issues. About 5 hours later, I found that /var/log/maillog was going bananas with activity - the spammers had taken over.

The environment was upgraded (unadvisedly) with Fedora Core 19 and have had lots of networking problems, and this was one of them. I researched it thoroughly. All the articles I've seen overlook the cause that happened to me...

I figured it out already and it has a less than completely obvious cause. I'm taking the time to "leave breadcrumbs" for others. The question is: What can cause this, when one has every reason to believe the mail server's configuration is correct?!

Richard T
  • 1,206
  • 12
  • 29

1 Answers1

1

Dispte the fact that one interface's address is non-routing and another's is routing, the new firewalld puts BOTH in the public zone and masquerades both of them.

The solution is to run ifconfig to discover which interface is which, and then plug the internal interface's name into the following commands where they presently read 'em1':

firewall-cmd --permanent --zone=public --remove-interface=em1

firewall-cmd --zone=public --remove-interface=em1

firewall-cmd --permanent --zone=internal --add-interface=em1

firewall-cmd --zone=internal --add-interface=em1

What was happening is that the masquerading of the INTERNAL interface made all the inbound email look like they were coming from an internal system.

Community
  • 1
Richard T
  • 1,206
  • 12
  • 29