Groupwise 5.5 GWIA does not receive email 1

[jbilek]

Hi!

I have a strange problem and in need of help.

Have a GroupWise 5.5 mailserver on the inside LAN with GWIA running thru a new Symantec 5420 Firewall. On the internet we use a ISP mail host to receive mail on our behalf, and our GWIA sends/receives email thru it.

I have now configured our firewall rules and I cannot receive email.

I can:
- send email from the mailserver
- surf from clients (meaning DNS resolving works)
- receive email from a client testing against a different POP3 mailserver

I dont know anymore what can be wrong?

- I have opened port 25 (TCP) for the mailserver in&out.

Do I need port 110 to get email with GWIA?

any other tips?

Txs
Joe

 

[Lou0686]

Hi,

If you Telnet to port 25 of the GWIA, do you get a response?

Port 110 is for POP, unless your using it you don't need to open it.


Lou

 

[sstoppel]

Do you have a static NAT address for the mail server? When your external mail host tries to send mail in does it send to the NAT address, the internal address, or a hostname? If a hostname, make sure the DNS or host file the external server uses matches the firewall NAT address to the internal mail server name.

 

[juniperr]

Is the GWIA running on a seperate box then the post office? are messages building up in the queue on that server? I have seen where the messages come in but dont get delivered this was caused from speed and duplex issues at the switch setting them static fixed the problem and the secondary domain could then communicate with the post office correctly, the funny thing was it only affected incoming not outgoing.

 

[jbilek]

Hi again,

Thanks for your answers so far.

The GWIA is running on the same server as the GroupWise mailserver, this has 192.168.0.21. The mail host at our ISP is configured to receive all email for our domain.

The only change I´ve made is to swap the old BorderManager 3.0 firewall for a new SGS5420. I use all the same external and internal firewall IP adresses and everything else is working fine except for inbound email. Outbound email is working fine.

I am not an expert of Bordermanager or novell, is there anyway I can double check that I have set all IP adresses on the new firewall correcntly? + how can I get a complete printout of all firewall rules that apply to the old Bordermanager firewall?

Thanks again for you great help
Joe

 

[juniperr]

go into filtcfg and IP filters. did you configure gwia to recieve from mail host?

 

[jbilek]

Hi again (juniperr),

I will double check the filtcfg utility and all the ports.

I havent changed anything in the GWIA as it is still running on the same server after I swapped firewalls.

But yes, it does work with the old bordermanager firewall, meaning that something must be different?? (I guess).

Thanks mate
Joe

 

[jbilek]

Hi again,

Tonight I tried again after going thru the bordermanager filters again and verifying them.
Sad, it did not work anyways. I´ll try to describe again.

CURRENT WORKING SETUP:

- A LAN protected by a Bordermanager firewall with 2 NICS, one with external public IP and internal with 192.168.0.1.
- Novell NDS network.
- One Groupwise 5.5 mailserver running POA, MTA and GWIA.
- One external ISP that supplies us with a mail host receiving all email for our domain.


THE DESIRED CONFIG:

- A LAN protected by a new SGS 5420 firewall, configured with the same IP adresses as the old one.
- The same Gropwise mailserver, without changing any settings.
- The same external ISP mail host.

So the only thing I need to do is swap firewalls, everything else should be the same.

What ports need to be open then?

- DNS-tcp(53)?, in and out?
- DNS-udp(42)? in and out?
- SMTP(25)? in and out?
- Webaccess(7205)? in?
- Groupwise Async(1677)? in and out?
???? anything else?


Is there anyway I can check the GWIA settings (where, how?), how can i monitor outgoing/incoming traffic on both the GWIA and Bordermanager?

Thanks again for all your help so far!
Joe

 

[Lou0686]

Hi again,

I don't know why you would want to open port 1677. I'm sure it's not necessary.

Here is a thought. If I remember correctly, BM could be used as a mail proxy therefore you could actually be using BM as a relay server. Check your GWIA config through NWadmin - GroupWise View under tools. Verify there is no relay server configured.

Lou

 

[sstoppel]

Are there any bounces/error messages on the external mail host? Maybe your vendor could forward them to a hotmail account for you to review. I think if you can find out what the mail server is experiencing when it tries to send mail in you will have your answer.