DNS problem

Discuss your pilot or production implementation with other Zimbra admins or our engineers.
rcbrei
Posts: 11
Joined: Mon Feb 01, 2021 7:16 pm

DNS problem

Postby rcbrei » Sat Feb 13, 2021 6:22 am

Good day everyone.

I know there are tons of topics already about dns. but i still cant make my dns working. i want to practice installing zimbra and
have it up and working. so i ended up testing FOSS edition.
i hope someone can help me or spot what im missing or did something wrong.
here is my setup.

*i am behind a router/modem - home setup/fiber connection dynamic public IP
*centos 7 installed on vmware
*zimbra ver 8.7.1
*hostname mail.networthsolutions.tech
*public IP - 49.145.171.0
*domain - networthsolutions.tech
*BIND version - BIND 9.11.4-P2-RedHat-9.11.4-26.P2.el7_9.3 (Extended Support Version) <id:7107deb>
machine info.PNG
machine info.PNG (16.84 KiB) Viewed 1081 times


* /etc/named.conf

Code: Select all

[root@mail ~]# clear
[root@mail ~]# cat /etc/named.conf
//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
// See the BIND Administrator's Reference Manual (ARM) for details about the
// configuration located in /usr/share/doc/bind-{version}/Bv9ARM.html

options {
        listen-on port 53 { 127.0.0.1; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        recursing-file  "/var/named/data/named.recursing";
        secroots-file   "/var/named/data/named.secroots";
        allow-query     { localhost; };

        /*
         - If you are building an AUTHORITATIVE DNS server, do NOT enable recursion.
         - If you are building a RECURSIVE (caching) DNS server, you need to enable
           recursion.
         - If your recursive DNS server has a public IP address, you MUST enable access
           control to limit queries to your legitimate users. Failing to do so will
           cause your server to become part of large scale DNS amplification
           attacks. Implementing BCP38 within your network would greatly
           reduce such attack surface
        */
        recursion yes;

        dnssec-enable yes;
        dnssec-validation yes;
        forwarders {
        8.8.8.8;
        8.8.4.4;
        };


        /* Path to ISC DLV key */
        bindkeys-file "/etc/named.root.key";

        managed-keys-directory "/var/named/dynamic";

        pid-file "/run/named/named.pid";
        session-keyfile "/run/named/session.key";
};

logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};

zone "." IN {
        type hint;
        file "named.ca";
};

zone "NETWORTHSOLUTIONS.TECH" IN {
        type master;
        file "NETWORTHSOLUTIONS.TECH";
};


include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";

[root@mail ~]#


* /var/named/NETWORTHSOLUTIONS.TECH

Code: Select all

[root@mail ~]# clear
[root@mail ~]# cat /var/named/NETWORTHSOLUTIONS.TECH
$ORIGIN NETWORTHSOLUTIONS.TECH.
$TTL 38400
NETWORTHSOLUTIONS.TECH. IN SOA NS1 Administrator.NETWORTHSOLUTIONS.TECH (
 2010022801        ; Serial
 10800             ; Refresh
 3600              ; Retry
 604800            ; Expire
 86400             ; Minimum
)
NETWORTHSOLUTIONS.TECH.              IN NS     ns1
ns1                                  IN A      8.8.8.8
NETWORTHSOLUTIONS.TECH.              IN A      192.168.1.222
mail                                 IN A      192.168.1.222
mail.NETWORTHSOLUTIONS.TECH.         IN A      192.168.1.222
mail1.NETWORTHSOLUTIONS.TECH.        IN A      192.168.1.222
webmail                              IN A      192.168.1.222
@                                    IN MX     10 mail
NETWORTHSOLUTIONS.TECH.              IN MX     20 mail1
webmail.NETWORTHSOLUTIONS.TECH       IN MX     30 mail
[root@mail ~]#


* /etc/resolv.conf

Code: Select all

[root@mail ~]#
[root@mail ~]#
[root@mail ~]# clear
[root@mail ~]#
[root@mail ~]#
[root@mail ~]#
[root@mail ~]# cat /etc/resolv.conf
# Generated by NetworkManager
search networthsolutions.tech
nameserver 192.168.1.222
nameserver 8.8.8.8
[root@mail ~]#


* /etc/hosts

Code: Select all

[root@mail ~]# clear
[root@mail ~]#
[root@mail ~]#
[root@mail ~]#
[root@mail ~]# cat /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.1.222 mail.networthsolutions.tech networthsolutions.tech
[root@mail ~]#


* dig networthsolutions.tech any

Code: Select all

[root@mail ~]# clear
[root@mail ~]#
[root@mail ~]#
[root@mail ~]# dig networthsolutions.tech

; <<>> DiG 9.11.4-P2-RedHat-9.11.4-26.P2.el7_9.3 <<>> networthsolutions.tech
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 7378
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;networthsolutions.tech.                IN      A

;; AUTHORITY SECTION:
networthsolutions.tech. 1799    IN      SOA     ns1.dns-parking.com. dns.hostinger.com. 2021021307 10000 2400 604800 3600

;; Query time: 289 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Sat Feb 13 14:21:12 PST 2021
;; MSG SIZE  rcvd: 120

[root@mail ~]# dig networthsolutions.tech any
;; Connection to 192.168.1.222#53(192.168.1.222) for networthsolutions.tech failed: connection refused.

; <<>> DiG 9.11.4-P2-RedHat-9.11.4-26.P2.el7_9.3 <<>> networthsolutions.tech any
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 350
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;networthsolutions.tech.                IN      ANY

;; ANSWER SECTION:
networthsolutions.tech. 3788    IN      HINFO   "RFC8482" ""

;; Query time: 66 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Sat Feb 13 14:21:16 PST 2021
;; MSG SIZE  rcvd: 72

[root@mail ~]#



* nmcli device show

Code: Select all

[root@mail ~]#
[root@mail ~]#
[root@mail ~]# clear
[root@mail ~]#
[root@mail ~]#
[root@mail ~]# nmcli device show
GENERAL.DEVICE:                         ens33
GENERAL.TYPE:                           ethernet
GENERAL.HWADDR:                         00:0C:29:5B:0E:11
GENERAL.MTU:                            1500
GENERAL.STATE:                          100 (connected)
GENERAL.CONNECTION:                     ens33
GENERAL.CON-PATH:                       /org/freedesktop/NetworkManager/ActiveConnection/1
WIRED-PROPERTIES.CARRIER:               on
IP4.ADDRESS[1]:                         192.168.1.222/24
IP4.GATEWAY:                            192.168.1.1
IP4.ROUTE[1]:                           dst = 192.168.1.0/24, nh = 0.0.0.0, mt = 100
IP4.ROUTE[2]:                           dst = 0.0.0.0/0, nh = 192.168.1.1, mt = 100
IP4.DNS[1]:                             192.168.1.222
IP4.DNS[2]:                             8.8.8.8
IP6.ADDRESS[1]:                         fe80::548c:85da:7f45:1d70/64
IP6.GATEWAY:                            --
IP6.ROUTE[1]:                           dst = fe80::/64, nh = ::, mt = 100
IP6.ROUTE[2]:                           dst = ff00::/8, nh = ::, mt = 256, table=255

GENERAL.DEVICE:                         lo
GENERAL.TYPE:                           loopback
GENERAL.HWADDR:                         00:00:00:00:00:00
GENERAL.MTU:                            65536
GENERAL.STATE:                          10 (unmanaged)
GENERAL.CONNECTION:                     --
GENERAL.CON-PATH:                       --
IP4.ADDRESS[1]:                         127.0.0.1/8
IP4.GATEWAY:                            --
IP6.ADDRESS[1]:                         ::1/128
IP6.GATEWAY:                            --
[root@mail ~]#


* DNS Records
dns records 1.PNG
dns records 1.PNG (8.92 KiB) Viewed 1081 times

dns records 2.PNG
dns records 2.PNG (8.58 KiB) Viewed 1081 times

mx toolbox.PNG
mx toolbox.PNG (189.37 KiB) Viewed 1081 times


phoenix
Ambassador
Ambassador
Posts: 26778
Joined: Fri Sep 12, 2014 9:56 pm
Location: Liverpool, England

Re: DNS problem

Postby phoenix » Sat Feb 13, 2021 6:48 am

The quick answer is your hosts file and resolv.conf are both incorrect. In this scenario you need a split DNS, I'd suggest you review the wiki article on the subject and correct the errors: https://wiki.zimbra.com/wiki/Split_DNS# ... .conf_file
Regards

Bill

Rspamd: A high performance spamassassin replacement

Per ardua ad astra
rcbrei
Posts: 11
Joined: Mon Feb 01, 2021 7:16 pm

Re: DNS problem

Postby rcbrei » Sat Feb 13, 2021 10:08 am

phoenix wrote:The quick answer is your hosts file and resolv.conf are both incorrect. In this scenario you need a split DNS, I'd suggest you review the wiki article on the subject and correct the errors: https://wiki.zimbra.com/wiki/Split_DNS# ... .conf_file


Thanks Bill! It worked, though i can only send internal.

I cannot send outside my domain.

Code: Select all

Feb 13 16:31:38 mail postfix/smtp[93852]: connect to gmail-smtp-in.l.google.com[74.125.204.26]:25: Connection timed out
Feb 13 16:31:38 mail postfix/smtp[93853]: connect to mta5.am0.yahoodns.net[67.195.228.106]:25: Connection timed out
Feb 13 16:31:39 mail postfix/smtp[93853]: connect to mta5.am0.yahoodns.net[98.136.96.74]:25: No route to host


could this be a dns problem still?
phoenix
Ambassador
Ambassador
Posts: 26778
Joined: Fri Sep 12, 2014 9:56 pm
Location: Liverpool, England

Re: DNS problem

Postby phoenix » Sat Feb 13, 2021 10:39 am

Please post the contents of the hosts & resolv.conf files and check your DNS is OK with the commands from the 'Verify' section of the Split DNS article, that will give a clue about what's going on.
Regards

Bill

Rspamd: A high performance spamassassin replacement

Per ardua ad astra
rcbrei
Posts: 11
Joined: Mon Feb 01, 2021 7:16 pm

Re: DNS problem

Postby rcbrei » Sat Feb 13, 2021 12:07 pm

phoenix wrote:Please post the contents of the hosts & resolv.conf files and check your DNS is OK with the commands from the 'Verify' section of the Split DNS article, that will give a clue about what's going on.


Hi Bill,

below are the details

Code: Select all

[zimbra@mail root]$ clear
[zimbra@mail root]$ su root
Password:
[root@mail ~]#
[root@mail ~]#
[root@mail ~]#
[root@mail ~]# cat /etc/hosts
127.0.0.1     localhost.localdomain localhost
192.168.1.222 mail.networthsolutions.tech mail
[root@mail ~]#
[root@mail ~]# cat /etc/resolv.conf
# Generated by NetworkManager
search networthsolutions.tech
nameserver 127.0.0.1
[root@mail ~]#
[root@mail ~]# dig networthsolutions.tech mx

; <<>> DiG 9.11.4-P2-RedHat-9.11.4-26.P2.el7_9.3 <<>> networthsolutions.tech mx
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 37955
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 4

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;networthsolutions.tech.                IN      MX

;; ANSWER SECTION:
NETWORTHSOLUTIONS.TECH. 38400   IN      MX      10 mail.NETWORTHSOLUTIONS.TECH.
NETWORTHSOLUTIONS.TECH. 38400   IN      MX      20 mail1.NETWORTHSOLUTIONS.TECH.

;; AUTHORITY SECTION:
NETWORTHSOLUTIONS.TECH. 38400   IN      NS      ns1.NETWORTHSOLUTIONS.TECH.

;; ADDITIONAL SECTION:
mail.NETWORTHSOLUTIONS.TECH. 38400 IN   A       192.168.1.222
mail1.NETWORTHSOLUTIONS.TECH. 38400 IN  A       192.168.1.222
ns1.NETWORTHSOLUTIONS.TECH. 38400 IN    A       8.8.8.8

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sat Feb 13 20:05:56 PST 2021
;; MSG SIZE  rcvd: 182

[root@mail ~]#
[root@mail ~]#
[root@mail ~]# dig networthsolutions.tech any

; <<>> DiG 9.11.4-P2-RedHat-9.11.4-26.P2.el7_9.3 <<>> networthsolutions.tech any
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 14945
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 4

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;networthsolutions.tech.                IN      ANY

;; ANSWER SECTION:
NETWORTHSOLUTIONS.TECH. 38400   IN      MX      10 mail.NETWORTHSOLUTIONS.TECH.
NETWORTHSOLUTIONS.TECH. 38400   IN      MX      20 mail1.NETWORTHSOLUTIONS.TECH.
NETWORTHSOLUTIONS.TECH. 38400   IN      SOA     NS1.NETWORTHSOLUTIONS.TECH. Administrator.NETWORTHSOLUTIONS.TECH.NETWORTHSOLUTIONS.TECH. 2010022801 10800 3600 604800 86400
NETWORTHSOLUTIONS.TECH. 38400   IN      NS      ns1.NETWORTHSOLUTIONS.TECH.
NETWORTHSOLUTIONS.TECH. 38400   IN      A       192.168.1.222

;; ADDITIONAL SECTION:
mail.NETWORTHSOLUTIONS.TECH. 38400 IN   A       192.168.1.222
mail1.NETWORTHSOLUTIONS.TECH. 38400 IN  A       192.168.1.222
ns1.NETWORTHSOLUTIONS.TECH. 38400 IN    A       8.8.8.8

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sat Feb 13 20:06:15 PST 2021
;; MSG SIZE  rcvd: 275

[root@mail ~]#
[root@mail ~]#
[root@mail ~]# host $(hostname)
mail.NETWORTHSOLUTIONS.TECH has address 192.168.1.222
[root@mail ~]#
[root@mail ~]#
[root@mail ~]# systemctl status named
● named.service - Berkeley Internet Name Domain (DNS)
   Loaded: loaded (/usr/lib/systemd/system/named.service; enabled; vendor preset: disabled)
   Active: active (running) since Sat 2021-02-13 20:03:06 PST; 3min 26s ago
  Process: 41559 ExecStop=/bin/sh -c /usr/sbin/rndc stop > /dev/null 2>&1 || /bin/kill -TERM $MAINPID (code=exited, status=0/SUCCESS)
  Process: 41572 ExecStart=/usr/sbin/named -u named -c ${NAMEDCONF} $OPTIONS (code=exited, status=0/SUCCESS)
  Process: 41570 ExecStartPre=/bin/bash -c if [ ! "$DISABLE_ZONE_CHECKING" == "yes" ]; then /usr/sbin/named-checkconf -z "$NAMEDCONF"; else echo "Checking of zone files is disabled"; fi (code=exited, status=0/SUCCESS)
 Main PID: 41574 (named)
   CGroup: /system.slice/named.service
           └─41574 /usr/sbin/named -u named -c /etc/named.conf

Feb 13 20:03:06 mail.networthsolutions.tech named[41574]: network unreachable resolving './NS/IN': 2001:500:2f::f#53
Feb 13 20:03:06 mail.networthsolutions.tech named[41574]: network unreachable resolving './NS/IN': 2001:500:1::53#53
Feb 13 20:03:06 mail.networthsolutions.tech named[41574]: network unreachable resolving './NS/IN': 2001:dc3::35#53
Feb 13 20:03:06 mail.networthsolutions.tech named[41574]: network unreachable resolving './NS/IN': 2001:503:c27::2:30#53
Feb 13 20:03:06 mail.networthsolutions.tech named[41574]: network unreachable resolving './NS/IN': 2001:500:200::b#53
Feb 13 20:03:06 mail.networthsolutions.tech named[41574]: network unreachable resolving './NS/IN': 2001:500:2::c#53
Feb 13 20:03:06 mail.networthsolutions.tech named[41574]: network unreachable resolving './NS/IN': 2001:7fd::1#53
Feb 13 20:03:06 mail.networthsolutions.tech named[41574]: network unreachable resolving './NS/IN': 2001:500:a8::e#53
Feb 13 20:03:06 mail.networthsolutions.tech named[41574]: managed-keys-zone: Key 20326 for zone . acceptance timer complete: key now trusted
Feb 13 20:03:07 mail.networthsolutions.tech named[41574]: resolver priming query complete
[root@mail ~]#
[root@mail ~]# cat /var/named/NETWORTHSOLUTIONS.TECH
$ORIGIN NETWORTHSOLUTIONS.TECH.
$TTL 38400
NETWORTHSOLUTIONS.TECH. IN SOA NS1 Administrator.NETWORTHSOLUTIONS.TECH (
 2010022801        ; Serial
 10800             ; Refresh
 3600              ; Retry
 604800            ; Expire
 86400             ; Minimum
)
NETWORTHSOLUTIONS.TECH.              IN NS     ns1
ns1                                  IN A      8.8.8.8
NETWORTHSOLUTIONS.TECH.              IN A      192.168.1.222
mail                                 IN A      192.168.1.222
mail.NETWORTHSOLUTIONS.TECH.         IN A      192.168.1.222
mail1.NETWORTHSOLUTIONS.TECH.        IN A      192.168.1.222
webmail                              IN A      192.168.1.222
@                                    IN MX     10 mail
NETWORTHSOLUTIONS.TECH.              IN MX     20 mail1
webmail.NETWORTHSOLUTIONS.TECH       IN MX     30 mail
[root@mail ~]#
phoenix
Ambassador
Ambassador
Posts: 26778
Joined: Fri Sep 12, 2014 9:56 pm
Location: Liverpool, England

Re: DNS problem

Postby phoenix » Sat Feb 13, 2021 12:46 pm

You appear not to have a public DNS A record configured for your domain:

Code: Select all

dig networthsolutions.tech

; <<>> DiG 9.16.6 <<>> networthsolutions.tech
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54431
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;networthsolutions.tech.                IN      A

;; AUTHORITY SECTION:
networthsolutions.tech. 3600    IN      SOA     ns1.dns-parking.com. dns.hostinger.com. 2021021307 10000 2400 604800 3600

;; Query time: 187 msec
;; SERVER: 192.168.1.220#53(192.168.1.220)
;; WHEN: Sat Feb 13 12:43:41 GMT 2021
;; MSG SIZE  rcvd: 120


Without that A record you will never receive email.
Regards

Bill

Rspamd: A high performance spamassassin replacement

Per ardua ad astra
rcbrei
Posts: 11
Joined: Mon Feb 01, 2021 7:16 pm

Re: DNS problem

Postby rcbrei » Sun Feb 14, 2021 1:43 am

DNS Records from my domain provider
dns record networthsolutions.tech.png
dns record networthsolutions.tech.png (19.93 KiB) Viewed 847 times



A record from whatsmydns.net
a record.PNG
a record.PNG (64.08 KiB) Viewed 847 times


dig networthsolutions.tech any

Code: Select all

[root@mail ~]# clear
[root@mail ~]#
[root@mail ~]#
[root@mail ~]#
[root@mail ~]# dig networthsolutions.tech

; <<>> DiG 9.11.4-P2-RedHat-9.11.4-26.P2.el7_9.3 <<>> networthsolutions.tech
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 266
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;networthsolutions.tech.                IN      A

;; ANSWER SECTION:
NETWORTHSOLUTIONS.TECH. 38400   IN      A       192.168.1.222

;; AUTHORITY SECTION:
NETWORTHSOLUTIONS.TECH. 38400   IN      NS      ns1.NETWORTHSOLUTIONS.TECH.

;; ADDITIONAL SECTION:
ns1.NETWORTHSOLUTIONS.TECH. 38400 IN    A       8.8.8.8

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sun Feb 14 09:39:59 PST 2021
;; MSG SIZE  rcvd: 123

[root@mail ~]#



what am i missing, Bill?
or did i set my public A record right?


Best,

RC
phoenix
Ambassador
Ambassador
Posts: 26778
Joined: Fri Sep 12, 2014 9:56 pm
Location: Liverpool, England

Re: DNS problem

Postby phoenix » Sun Feb 14, 2021 3:47 pm

Sorry, I was somewhat distracted yesterday and gave you the wrong answer earlier. Your problem is that there is no connection to your mail server, take a look here:

https://mxtoolbox.com/SuperTool.aspx?action=mx%3anetworthsolutions.tech&run=toolpage# - click on the SMTP test and you should see there's no connection. Do you have a firewall or NAT router blocking access or not forwarding port 25?
Regards

Bill

Rspamd: A high performance spamassassin replacement

Per ardua ad astra
Klug
Elite member
Elite member
Posts: 2415
Joined: Mon Dec 16, 2013 11:35 am
Contact:

Re: DNS problem

Postby Klug » Sun Feb 14, 2021 4:38 pm

rcbrei wrote:I cannot send outside my domain.

Code: Select all

Feb 13 16:31:38 mail postfix/smtp[93852]: connect to gmail-smtp-in.l.google.com[74.125.204.26]:25: Connection timed out
Feb 13 16:31:38 mail postfix/smtp[93853]: connect to mta5.am0.yahoodns.net[67.195.228.106]:25: Connection timed out
Feb 13 16:31:39 mail postfix/smtp[93853]: connect to mta5.am0.yahoodns.net[98.136.96.74]:25: No route to host

could this be a dns problem still?

Looks like there's a firewall (or NAT) rule that blocks your server to connect to servers on the internet.
rcbrei
Posts: 11
Joined: Mon Feb 01, 2021 7:16 pm

Re: DNS problem

Postby rcbrei » Fri Feb 19, 2021 12:56 am

phoenix wrote:Sorry, I was somewhat distracted yesterday and gave you the wrong answer earlier. Your problem is that there is no connection to your mail server, take a look here:

https://mxtoolbox.com/SuperTool.aspx?action=mx%3anetworthsolutions.tech&run=toolpage# - click on the SMTP test and you should see there's no connection. Do you have a firewall or NAT router blocking access or not forwarding port 25?

Thanks Bill for all the help! very much appreciated!

Klug wrote:
rcbrei wrote:I cannot send outside my domain.

Code: Select all

Feb 13 16:31:38 mail postfix/smtp[93852]: connect to gmail-smtp-in.l.google.com[74.125.204.26]:25: Connection timed out
Feb 13 16:31:38 mail postfix/smtp[93853]: connect to mta5.am0.yahoodns.net[67.195.228.106]:25: Connection timed out
Feb 13 16:31:39 mail postfix/smtp[93853]: connect to mta5.am0.yahoodns.net[98.136.96.74]:25: No route to host

could this be a dns problem still?

Looks like there's a firewall (or NAT) rule that blocks your server to connect to servers on the internet.

Thanks Klug!


Right now, i am not yet able to send. upon checking my port forwarding, our connection is by default blocked in an ISP level. since it is only residential fiber subscription.
a lot of papers needed to request to open ports and to remove us from cgnat.

anyway, i learned a lot about the installation and DNS, thanks for all the help! i think opening port 25 is the last problem, more or less.

Return to “Administrators”

Who is online

Users browsing this forum: No registered users and 17 guests