Help climbing the mountain of a linux mail server...

I have finally taken on the task of trying to configure a mail server
on Linux. I did it using qmail and various add-ons for pop3 and
web-admin. I worked nice at home and I could send email to myself
(yea!). I have a set up a transparent caching server at the computer
workshop where I work to speed up the *THOUSANDS* of windows updates we
do weekly, so I because of that I have something to play with at work
aswell. Having a 384 DSL connection at work, it has a registered DNS
name: telkom-dsl-645-456-55.saix.net or something like that.

I found a site to create a nices alias to that hostname aka.
www.icesslinux.net.tf and icesslinux.net.tf. Everything works, I could
access my apache test page and everything remotely (I configured the
router for port forwarding to port 80 to the linux box). I then set up
a qmail server on it and everything seems to work. Telnet to 25 and 110
works, port forwarding to port 25 en 110 on the linux box is enabled on
the router and everything.

Now here comes the problem. I can't send mail to
(E-Mail Removed) or any account I created. Do I need to set
up a MX server and how do I do it (and where do I point the MX record?)

Please help!
Sorry about all the violations I have made on posting standards...

Constant Meiring wrote:
> I have finally taken on the task of trying to configure a mail server
> on Linux. I did it using qmail and various add-ons for pop3 and
> web-admin. I worked nice at home and I could send email to myself
> (yea!). I have a set up a transparent caching server at the computer
> workshop where I work to speed up the *THOUSANDS* of windows updates we
> do weekly, so I because of that I have something to play with at work
> aswell. Having a 384 DSL connection at work, it has a registered DNS
> name: telkom-dsl-645-456-55.saix.net or something like that.
>
> I found a site to create a nices alias to that hostname aka.
> www.icesslinux.net.tf and icesslinux.net.tf. Everything works, I could
> access my apache test page and everything remotely (I configured the
> router for port forwarding to port 80 to the linux box). I then set up
> a qmail server on it and everything seems to work. Telnet to 25 and 110
> works, port forwarding to port 25 en 110 on the linux box is enabled on
> the router and everything.
>
> Now here comes the problem. I can't send mail to
> (E-Mail Removed) or any account I created. Do I need to set
> up a MX server and how do I do it (and where do I point the MX record?)
>
> Please help!
> Sorry about all the violations I have made on posting standards...
>
First of all, a mail server should have a permanent IP address. Telkom
has the annoying habit of changing the IP address every couple of days.
So unless you have a permanent address set up, don't bother.

To be able to send mail to a domain from the outside, the sender needs
to know which mail server handles mail for that domain. It does that by
looking at the MX record in the DNS. So you have to set up a domain,
nameserver(s), and in the nameserver configure the MX record to point to
the IP of your mailserver.

J.

jack wrote:

>
>
> Constant Meiring wrote:
>> I have finally taken on the task of trying to configure a mail server
>> on Linux. I did it using qmail and various add-ons for pop3 and
>> web-admin. I worked nice at home and I could send email to myself
>> (yea!). I have a set up a transparent caching server at the computer
>> workshop where I work to speed up the *THOUSANDS* of windows updates we
>> do weekly, so I because of that I have something to play with at work
>> aswell. Having a 384 DSL connection at work, it has a registered DNS
>> name: telkom-dsl-645-456-55.saix.net or something like that.
>>
>> I found a site to create a nices alias to that hostname aka.
>> www.icesslinux.net.tf and icesslinux.net.tf. Everything works, I could
>> access my apache test page and everything remotely (I configured the
>> router for port forwarding to port 80 to the linux box). I then set up
>> a qmail server on it and everything seems to work. Telnet to 25 and 110
>> works, port forwarding to port 25 en 110 on the linux box is enabled on
>> the router and everything.
>>
>> Now here comes the problem. I can't send mail to
>> (E-Mail Removed) or any account I created. Do I need to set
>> up a MX server and how do I do it (and where do I point the MX record?)
>>
>> Please help!
>> Sorry about all the violations I have made on posting standards...
>>
> First of all, a mail server should have a permanent IP address. Telkom
> has the annoying habit of changing the IP address every couple of days.
> So unless you have a permanent address set up, don't bother.
>
> To be able to send mail to a domain from the outside, the sender needs
> to know which mail server handles mail for that domain. It does that by
> looking at the MX record in the DNS. So you have to set up a domain,
> nameserver(s), and in the nameserver configure the MX record to point to
> the IP of your mailserver.
>
> J.


That is incorrect, a MX record is only needed if you have more that one
mail server.


--
Dancin' in the ruins tonight
mail: echo onub-(E-Mail Removed) | perl -pe 'y/a-z/n-za-m/'
Tayo'y Mga Pinoy

> First of all, a mail server should have a permanent IP address. Telkom
> has the annoying habit of changing the IP address every couple of days.
> So unless you have a permanent address set up, don't bother.

What if I use something like no-ip? My IP changes but my DNS names
constantly changes to point to my IP. This would work wouldn't it?
Anyway, it doesn't really matter bcoz you still have that DNS name that
telkom gives you and it looks as if this stays pretty much the same.
(In the form of dsl-xxx-xxx-xx.telkomadsl.co.za)

> To be able to send mail to a domain from the outside, the sender needs
> to know which mail server handles mail for that domain. It does that by
> looking at the MX record in the DNS. So you have to set up a domain,
> nameserver(s), and in the nameserver configure the MX record to point to
> the IP of your mailserver.

Ok, but if I send mail to (E-Mail Removed) and the mail server is piet.net,
mail should go to piet.net regardless of an MX record?? As I understand
it, a MX record is only needed when your domain is blahblah.net and
your mail exchange is mail.foobar.com or something like that. An MX
record just points out the mail handler for a certain domain. Am I
right here?

I have registered a CName (eg. test.net.tf) that points to that telkom
address (dsl-xxx-xxx-xx.telkomadsl.co.za). Do I need to register a MX
record for test.net.tf aswell to point for that domain to
dsl-146-233-60.telkomadsl.co.za?

Constant Meiring wrote:
>
> Ok, but if I send mail to (E-Mail Removed) and the mail server is piet.net,
> mail should go to piet.net regardless of an MX record?? As I understand
> it, a MX record is only needed when your domain is blahblah.net and
> your mail exchange is mail.foobar.com or something like that. An MX
> record just points out the mail handler for a certain domain. Am I
> right here?

Yes, provided there are no MX records defined anywhere.

> I have registered a CName (eg. test.net.tf) that points to that telkom
> address (dsl-xxx-xxx-xx.telkomadsl.co.za). Do I need to register a MX
> record for test.net.tf aswell to point for that domain to
> dsl-146-233-60.telkomadsl.co.za?
>

a CNAME should work as long as the dsl name is correct. Mailers should
keep resolving CNAME records until they find an A record. I would point
the CNAME to something from no-ip though, Telkom sometimes leaves the IP
address intact for days or even weeks at a time, and then suddenly goes
back to its 'one change per 24 hours' mode. Whenever it changes, your
mail server might be unavailable for a while until the records expire
from various DNS caches.

J.

On Tue, 11 Jul 2006 00:22:48 +0200, jack wrote:

> First of all, a mail server should have a permanent IP address. Telkom has
> the annoying habit of changing the IP address every couple of days. So
> unless you have a permanent address set up, don't bother.

Not true at all, I've been running a mail server for years without a
fixed address. Dynamic DNS works fine. Have a look at www.zoneedit.com.

Dan

On Tue, 11 Jul 2006 22:00:52 +0800, Dan N wrote:

> On Tue, 11 Jul 2006 00:22:48 +0200, jack wrote:
>
>> First of all, a mail server should have a permanent IP address. Telkom has
>> the annoying habit of changing the IP address every couple of days. So
>> unless you have a permanent address set up, don't bother.
>
> Not true at all, I've been running a mail server for years without a
> fixed address. Dynamic DNS works fine. Have a look at www.zoneedit.com.
>

Yabut.... Many servers will automatically reject email from servers on
dynamic blocks. I've had to fight this; my server has a fixed IP but my
ISP assigned it from a pool of dynamic IPs and I've had my email rejected
a bunch of times because of that.

I think it's a stupid policy on the part of the admins, but it is a
reality...

--Yan

--
o__
,>/'_ o__
(_)\(_) ,>/'_ o__
Yan Seiner, PE (_)\(_) ,>/'_ o__
Certified Personal Trainer (_)\(_) ,>/'_ o__
Licensed Professional Engineer (_)\(_) ,>/'_
Who says engineers have to be pencil necked geeks? (_)\(_)

Captain Dondo wrote:

> Yabut.... Many servers will automatically reject email from servers on
> dynamic blocks. I've had to fight this; my server has a fixed IP but my
> ISP assigned it from a pool of dynamic IPs and I've had my email rejected
> a bunch of times because of that.

Ok, but what if I use another smtp server like smtp.saix.net (South-Africa
Internet Exchange) and just use my pop3? Would that work? I'm still
figuring out the ins and outs of mail servers and stuff.
--
----------------------------
Slackware - bcoz we can
----------------------------

On Tue, 11 Jul 2006, in the Usenet newsgroup comp.os.linux.networking, in
article <(E-Mail Removed) >, Captain Dondo wrote:

>Yabut.... Many servers will automatically reject email from servers on
>dynamic blocks.

Yup - been doing so for years. Also rejecting mail from IP addresses
that don't resolve.

>I've had to fight this; my server has a fixed IP but my ISP assigned it
>from a pool of dynamic IPs and I've had my email rejected a bunch of
>times because of that.

news://news.admin.net-abuse.blocklisting

The common advice is to discuss this with your ISP, and get them to put
you into a non-dynamic address block. One of the common/popular blocklists
considers a block to be dynamic is more than a percentage (I think it's 50%)
of the addresses in a /24 are dynamic or generic looking. The general
solutions are to either smart-host your mail through the ISP's outbound
mail servers (or a mail forwarding system elsewhere), and/or have your
correspondents whitelist your IP address.

>I think it's a stupid policy on the part of the admins, but it is a
>reality...

I haven't done stats in a while but the last time I did, about a third of
the spam was from addresses that were readily identifiable as dynamic -
generally cable/DSL systems that have been zombied. Some of the bigger
residential providers are _finally_ starting to block outbound to port 25.
For some, that's to late, as they're already in blocklists - both public
_and_ private. The private lists (often just firewall rules) are next to
impossible to get out of.

Another common problem is name/IP resolution. You look up mail.example.com,
and are told that it's 192.0.2.51, and you then look up that address, and
(if it even resolves - an all to common problem) the address resolves to
bar.baz.com, or 192.0.2.51.dumb.isp.com. This often causes problems with
users of dynamic DNS services like noip.com and zoneedit.com. Given the
pickyness of admins now, your mailserver's PTR record should reflect it's
mailserver name, even if it has other names like www, ftp, or whatever.
That also is a problem when the system is the mail server for multiple
seemingly unrelated domain. Remember, an MTA or a milter doesn't know
how to use whois - it has to make the decision on DNS data. (Yan, that
may be another part of your problem.)

Another thing the blocklists are looking at is the TTLs of your DNS records.
There was a rather lengthy thread in news.admin.net-abuse.blocklisting on
this subject recently.

Old guy

jack wrote:

> First of all, a mail server should have a permanent IP address. Telkom
> has the annoying habit of changing the IP address every couple of days.
> So unless you have a permanent address set up, don't bother.
>
> To be able to send mail to a domain from the outside, the sender needs
> to know which mail server handles mail for that domain. It does that by
> looking at the MX record in the DNS. So you have to set up a domain,
> nameserver(s), and in the nameserver configure the MX record to point to
> the IP of your mailserver.
>
> J.

After a bit of experimenting, it looks like there isn't port forwarding for
pop3 and smtp ports to my DSL. It looks like a SAIX caching server in
Bellville - Cape Town, does SNAT on everything and doesn't return all the
packets. Port 80 works, and that's about it. It looks like
rba-cache2-vif0.saix.net

Telkom is a PAIN! Most of South-Africa is a PAIN!

--
----------------------------
Slackware - bcoz we can
----------------------------