So I've been working on this problem for a few days and I'm at a loss. I have installed postfix on Debian with the intent of setting up some forwarding addresses for a specific domain. I believe that postfix is setup correctly, but I can't validate yet as I am not able to connect to the server on port 25.
I've updated the iptables to allow for port 25, and still nothing. I realized today that the iptable records were in the wrong order, so I updated them and restarted networking, but I remain unable to connect.
Can you suggest anything else I can test for? I ran mtr tests, but everything comes back positive - no dropped packets. I can't figure out how to run an mtr for port 25, specifically.
Current iptables -L read as such:
Chain INPUT (policy ACCEPT)
target prot opt source destination
fail2ban-ssh tcp -- anywhere anywhere multiport dports ssh
fail2ban-ssh tcp -- anywhere anywhere multiport dports ssh
ACCEPT all -- anywhere anywhere
REJECT all -- anywhere loopback/8 reject-with icmp-port-unreachable
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp dpt:smtp
ACCEPT tcp -- anywhere anywhere tcp dpt:imaps
ACCEPT tcp -- anywhere anywhere tcp dpt:http
ACCEPT tcp -- anywhere anywhere tcp dpt:https
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh
ACCEPT icmp -- anywhere anywhere icmp echo-request
LOG all -- anywhere anywhere limit: avg 5/min burst 5 LOG level debug prefix "iptables denied: "
DROP all -- anywhere anywhere
Chain FORWARD (policy ACCEPT)
target prot opt source destination
DROP all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere
Chain fail2ban-ssh (2 references)
target prot opt source destination
REJECT all -- 116.31.116.11 anywhere reject-with icmp-port-unreachable
REJECT all -- 221.229.172.111 anywhere reject-with icmp-port-unreachable
RETURN all -- anywhere anywhere
RETURN all -- anywhere anywhere
Could Fail2Ban be part of my problem?
