I have a very difficult problem that I can't seen to solve.
I have an Ubuntu Server 20.04.5 LTS set up as a firewall/ router, so it has two interfaces. One internet connected and the other lan connected. I use iptables nat table and ufw to forward incoming allowed services to the relevant lan destinations. For a long time the rules below have worked to allow our isp to send our domain email to our email server:
before.rules
-A PREROUTING -i enp2s0 -s 196.44.176.11/32 -p tcp --dport 25 -j DNAT --to-destination 192.168.50.4:25
user.rules
-A ufw-user-forward -i enp2s0 -o enp1s0 -p tcp -d 192.168.50.4 --dport 25 -s 196.44.176.11/32 -j ACCEPT
recently we upgraded our internet service which entailed a new modem and a new public ip address. The isp then redirected the delivery of the mail to the new public ip. Since that time, we cannot receive email. Our mail server sees the connection from the isp and the logs show the starttls and that the ssl/ tls session is establish. It ends with
DATA
354 OK, send data, end with CRLF
but from there the email data never arrives and eventually it times out.
If I bypass the firewall and connect the modem directly with the mail server the email arrives correctly.
All other forwarded services work properly. Even a branch office can connect and send us email in the same way and that works fine!
The only ufw logs I can find are:
[UFW AUDIT] IN=enp2s0 OUT=enp1s0
MAC=00:1f:c6:e1:58:94:68:72:51:8b:36:2d:08:00 SRC=196.44.176.11
DST=192.168.50.4 LEN=60 TOS=0x00 PREC=0x00 TTL=57 ID=18623 DF PROTO=TCP
SPT=38418 DPT=25 WINDOW=29200 RES=0x00 SYN URGP=0
Please could someone help
