Join Log in
Score:0
Colin Dawson avatar Server

Mail server woes

do flag
Colin Dawson

A problem has cropped up on my network today and I'm rather confused. Firstly here's the setup of my network....

  1. Internet traffic comes in via static ip.
  2. Ubiquiti Dream Machine Pro forwards mail server ports to mail server VM (ports 25,465,587,143,993 all routed to mail server's internal IP Address)
  3. Mail clients connect to mail server using domain name. Domain is set to static IP.

I have several mail clients: Windows (Outlook), iPhone (Mail), iPad (Mail), Linux (Claws on Raspberry PI)

When I have the device connected to an external network, everything is working just fine. I can connect to the mail server, download my e-mail, send emails everything is great.

However, when I'm connected to the same network (via Lan or Wifi makes no difference) my mail clients are unable to connect to the mail server.

I'm rather confused about this, as it was working as expected, then today it simply stopped routing internal network traffic to the e-mail server properly.

I do have other services, (web applications) running on the same domain, and they're still working just fine from inside or outside my local network.

Can anyone help to get this sorted out? I'd rather not have to connect to a different network, just to pick up my own e-mail.

And before anyone states the obvious, no, I have not been making changes to my network configuration. In fact nothing changed between it working and not working, not even a reboot of anything.

39
1 + 0
Score:1
Massimo avatar Server
ng flag
Massimo

Assuming you are not running an internal DNS server to shadow/mask your public domain name, in this scenario internal clients will try to contact your mail server using your firewall's external (public) IP address. The firewall will need to allow them to exit and re-enter your network on the same interface, and then it will need to re-route the traffic back to your server's internal IP address. This double back-and-forward NAT can be a problem for some firewalls, and it will often require special configuration.

Of course, this doesn't explain why it was working yesterday and it's not working today... but at least it should help you understand what the issue is.

+ 1
ws flag
symcbean
If it was working previously with this configuration, it suggests that previously the router was allowing the looped back connection but this has been lost. But there's lots of ways to achieve the desired result. Running a split DNS with something which can override specific records (e.g. DNSmasq) is the perhaps the most sensible approach.
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.