what i need only to solve the problem
MAIN PROBLEM :
NO INTERNET ACCESS TO MAIL SERVER SO THAT CANNOT SEND OR RECIEVE
ONLY NEED SOLVE THIS PROBLEM
i don't need now to change my work to server and gateway mode
my data as following
I have mail server 7.5
Primary domain name altawi.com.sa
name of server mserver
Local ip 192.168.1.4
Subnetmask:255.255.255.0
operation mode server only
gateway ip 192.168.1.254(cisco 800 series firewall)
DHCP SERVER dont provide dhcp
corporate dns server 212.93.192.5
No port forwarding for mail server CREATED
Primary corporate dns 212.93.192.5
Secondary corporate dns 84.22.224.11
email retrival mode multidrop
smtp authuntication allow ssmtp(secure)
smtp for internet provider disabled
-----------------
email settings
POP3 server access Allow private and public (secure POP3S)
IMAP server access Allow private and public (secure IMAPS)
Webmail access Allow HTTPS (secure)
---------------
Virus scanning Disabled
Spam filtering Disabled
Executable content blocking Disabled
---------------
E-mail retrieval mode multi-drop
SMTP authentication Allow SSMTP (secure)
---------------
E-mail to unknown users Reject
Address of internal mail server
Address of Internet provider's mail server
----------------
diagram for my network
----------
I have 40 computeres connected to switch panel1
this switch panel connected to main switch panel
you can consider switch panel2
----------
switch panel2 have the following
1- cable for mail server 192.168.1.4
2- cable come from switch panel1(include 40 computer)
3- cisco router 800 series firewall
4- linksys router wag 200g anntena A(gateway 192.168.1.1 to all local network)
5- domain controller 192.168.1.2
6- computer for antivirus eset end point 192.168.1.10 related to domain and all
computer in network updated antivirus from this computer
7- Server for ERP SOLUTION dynamic nav 192.168.1.3 workgroup not related to domain
------------
when we ping to public ip 78.93.244.61 from network or outside network
it is ok working
when i make ping to public ip 78.93.244.61 from mail server
it give me hosted unreachable
when ping from mail server to 8.8.8.8 it give us
hosted unreachable
when ping from local network to mail server 192.168.1.4
it ping and give reply without any problem
-----------
test internet access to mail server failed
---------
settings for computers in network(40 computer)
ip 192.168.1.no from 1 to 254
subnet mask 255.255.255.0
gateway 192.168.1.1 linksys router gateway
prefered dns : 192.168.1.2 domain controller
alternative dns:192.168.1.1 linksys router gateway
i have linksys router only for internet to local networks
and cisco firewall have another internet line dsl
take from awal net company with speed 2mg
TELEPHONE LINE CONNECTED TO CISCO FIREWALL ROUTER WORKING GOOD WITHOUT PROBLEM
----------------
cisco firewall router 800 series
ppp light is green stable
cd light is greeen stable
adsl light green flushing
---------
when connect any computer direct to cisco firewall router
it can get internet from cisco router as following
ip 192.168.1.105
subnetmask 255.255.255.0
gateway 192.168.1.254
it work and can access internet but why not access mail server
this is my question
-----------
and tell us this is problem in your network
not from other side check your network firewall
i check every thing cables and nothing done
i make port scanner for public ip 78.93.244.61 by nmap
it give me as following
[root@e-smith ~]# nmap -O 78.93.244.61
Starting Nmap 6.25 ( ) at 2015-11-18 09:07 EST
Nmap scan report for mserver.altawi.com.sa (78.93.244.61)
Host is up (0.27s latency).
Not shown: 990 closed ports
PORT STATE SERVICE
23/tcp filtered telnet
113/tcp filtered ident
135/tcp filtered msrpc
139/tcp filtered netbios-ssn
445/tcp filtered microsoft-ds
593/tcp filtered http-rpc-epmap
4444/tcp filtered krb524
6667/tcp filtered irc
6881/tcp filtered bittorrent-tracker
12345/tcp filtered netbus
Device type: router|switch
Running: Cisco IOS 12.X
OS CPE: cpe:/h:cisco:2500_router cpe:/o:cisco:ios:12.1 cpe:/h:cisco:catalyst_2950 cpe:/h:cisco:catalyst_2960 cpe:/h:cisco:catalyst_3550 cpe:/h:cisco:catalyst_3560 cpe:/h:cisco:catalyst_3750 cpe:/o:cisco:ios:12
Too many fingerprints match this host to give specific OS details
OS detection performed. Please report any incorrect results at .
Nmap done: 1 IP address (1 host up) scanned in 158.45 seconds
------------
WHEN I WRITE TO GET LOG FILE SME :
----------
when i try to send from my domain ahmedb@ltawi.com.sa
to outside email yahoo ahmed_elbarbary.2010@yahoo.com write this command in sme mail server
and write the following tail -f /var/log/qmail/current | tai64nlocal
Last login: Mon Nov 23 01:35:17 2015 from 192.168.1.105
[root@mserver ~]# tail -f /var/log/qmail/current | tai64nlocal
2015-11-23 10:38:07.003125500 new msg 4576081
2015-11-23 10:38:07.003131500 info msg 4576081: bytes 2598 from <ahmedb@altawi.com.sa> qp 15156 uid 453
2015-11-23 10:38:07.014118500 starting delivery 332: msg 4576081 to remote ahmed_elbarbary.2010@yahoo.com
2015-11-23 10:38:07.014125500 status: local 0/10 remote 1/20
2015-11-23 10:38:07.014129500 new msg 4575033
2015-11-23 10:38:07.014133500 warning: unknown record type in todo/4575033
2015-11-23 10:38:07.014136500 new msg 4575033
2015-11-23 10:38:07.014140500 warning: unknown record type in todo/4575033
2015-11-23 10:38:27.016877500 delivery 332: deferral: CNAME_lookup_failed_temporarily._(#4.4.3)/
2015-11-23 10:38:27.016882500 status: local 0/10 remote 0/20
in above i try to send from my altawi domain to outside as yahoo
it give me delivery 332: deferral: CNAME_lookup_failed_temporarily._(#4.4.3)/
what this problem
----------
as above firewall close port 25
i send this message for awal net company
it reply for me as following:
from awal net it access cisco outer and tell me
--------
I call awal net company told him please check port 25 and 110 is working
it answer to me as following:
By default all ports are opened from outside except port 162, 22, 23.
In customer case; He’s NAtting local IP 192.168.1.4 to public 78.93.244.62
ip nat inside source static 192.168.1.4 78.93.244.62
telnet 192.168.1.4 25
Trying 192.168.1.4, 25 ...
% Connection timed out; remote host not responding
telnet 192.168.1.4 110
Trying 192.168.1.4, 110 ...
% Connection timed out; remote host not responding
telnet 78.93.244.61 25
Trying 78.93.244.61, 25 ...
% Connection refused by remote host
telnet 78.93.244.61 110
Trying 78.93.244.61, 110 ...
% Connection refused by remote host
------
from my network
PING 192.168.1.4
GIVE REPLY WITHOUT PROBLEM
telnet 192.168.1.4 25
220 mserver.altawi.com.sa ESMTP
TELNET 192.168.1.4 110
OK <6721.1448292168@MSERVER.ALTAWI.COM.SA>
TELNET 78.93.244.61 25
CANNOT OPEN CONNECTION TO HOST
TELNET 78.93.244.61 110
GIVE ME BLANK SCREEN
PING 78.93.244.61
GIVE ME REPLY WITHOUT PROBLEM
PING 192.168.1.254 FROM MAIL SERVER
64 bytes from 192.168.1.254: icmp_seq=2168 ttl=64 time=0.735 ms
64 bytes from 192.168.1.254: icmp_seq=2169 ttl=64 time=0.765 ms
64 bytes from 192.168.1.254: icmp_seq=2170 ttl=64 time=0.796 ms
[root@mserver ~]# telnet 192.168.1.254 23
Trying 192.168.1.254...
Connected to 192.168.1.254.
Escape character is '^]'.
root@mserver ~]# telnet 192.168.1.254 25
Trying 192.168.1.254...
telnet: connect to address 192.168.1.254: Connection timed out
-----------
After that awal net company TELL ME OUR job only to connect internet
to cisco router check your side
i check every thing in my network nothing wrong and no internet access to mail server
--------------
After that i check mx record
it can as following
Pref Hostname IP Address TTL
0 mserver.altawi.com.sa 78.93.244.61 4 hrs
1 altawi.com.sa 212.93.222.10 4 hrs
i call company of hosting my site it is awal net company
this company awal net company for hosting because service finished for hosting and no technical support good
i changed to company top line for hosting from 2 days because i doubt may be hosting problem and remove mx record
mx record now nothing registered in mx record
what i do now to send and recieve email
----------------
This is all data about my network
MAIN PROBLEM :
NO INTERNET ACCESS TO MAIL SERVER SO THAT CANNOT SEND OR RECIEVE
ONLY NEED SOLVE THIS PROBLEM
i don't need now to change my work to server and gateway mode
my data as following
I have mail server 7.5
Primary domain name altawi.com.sa
name of server mserver
Local ip 192.168.1.4
Subnetmask:255.255.255.0
operation mode server only
gateway ip 192.168.1.254(cisco 800 series firewall)
DHCP SERVER dont provide dhcp
corporate dns server 212.93.192.5
No port forwarding for mail server CREATED
Primary corporate dns 212.93.192.5
Secondary corporate dns 84.22.224.11
email retrival mode multidrop
smtp authuntication allow ssmtp(secure)
smtp for internet provider disabled
-----------------
email settings
POP3 server access Allow private and public (secure POP3S)
IMAP server access Allow private and public (secure IMAPS)
Webmail access Allow HTTPS (secure)
---------------
Virus scanning Disabled
Spam filtering Disabled
Executable content blocking Disabled
---------------
E-mail retrieval mode multi-drop
SMTP authentication Allow SSMTP (secure)
---------------
E-mail to unknown users Reject
Address of internal mail server
Address of Internet provider's mail server
----------------
diagram for my network
----------
I have 40 computeres connected to switch panel1
this switch panel connected to main switch panel
you can consider switch panel2
----------
switch panel2 have the following
1- cable for mail server 192.168.1.4
2- cable come from switch panel1(include 40 computer)
3- cisco router 800 series firewall
4- linksys router wag 200g anntena A(gateway 192.168.1.1 to all local network)
5- domain controller 192.168.1.2
6- computer for antivirus eset end point 192.168.1.10 related to domain and all
computer in network updated antivirus from this computer
7- Server for ERP SOLUTION dynamic nav 192.168.1.3 workgroup not related to domain
------------
when we ping to public ip 78.93.244.61 from network or outside network
it is ok working
when i make ping to public ip 78.93.244.61 from mail server
it give me hosted unreachable
when ping from mail server to 8.8.8.8 it give us
hosted unreachable
when ping from local network to mail server 192.168.1.4
it ping and give reply without any problem
-----------
test internet access to mail server failed
---------
settings for computers in network(40 computer)
ip 192.168.1.no from 1 to 254
subnet mask 255.255.255.0
gateway 192.168.1.1 linksys router gateway
prefered dns : 192.168.1.2 domain controller
alternative dns:192.168.1.1 linksys router gateway
i have linksys router only for internet to local networks
and cisco firewall have another internet line dsl
take from awal net company with speed 2mg
TELEPHONE LINE CONNECTED TO CISCO FIREWALL ROUTER WORKING GOOD WITHOUT PROBLEM
----------------
cisco firewall router 800 series
ppp light is green stable
cd light is greeen stable
adsl light green flushing
---------
when connect any computer direct to cisco firewall router
it can get internet from cisco router as following
ip 192.168.1.105
subnetmask 255.255.255.0
gateway 192.168.1.254
it work and can access internet but why not access mail server
this is my question
-----------
and tell us this is problem in your network
not from other side check your network firewall
i check every thing cables and nothing done
i make port scanner for public ip 78.93.244.61 by nmap
it give me as following
[root@e-smith ~]# nmap -O 78.93.244.61
Starting Nmap 6.25 ( ) at 2015-11-18 09:07 EST
Nmap scan report for mserver.altawi.com.sa (78.93.244.61)
Host is up (0.27s latency).
Not shown: 990 closed ports
PORT STATE SERVICE
23/tcp filtered telnet
113/tcp filtered ident
135/tcp filtered msrpc
139/tcp filtered netbios-ssn
445/tcp filtered microsoft-ds
593/tcp filtered http-rpc-epmap
4444/tcp filtered krb524
6667/tcp filtered irc
6881/tcp filtered bittorrent-tracker
12345/tcp filtered netbus
Device type: router|switch
Running: Cisco IOS 12.X
OS CPE: cpe:/h:cisco:2500_router cpe:/o:cisco:ios:12.1 cpe:/h:cisco:catalyst_2950 cpe:/h:cisco:catalyst_2960 cpe:/h:cisco:catalyst_3550 cpe:/h:cisco:catalyst_3560 cpe:/h:cisco:catalyst_3750 cpe:/o:cisco:ios:12
Too many fingerprints match this host to give specific OS details
OS detection performed. Please report any incorrect results at .
Nmap done: 1 IP address (1 host up) scanned in 158.45 seconds
------------
WHEN I WRITE TO GET LOG FILE SME :
----------
when i try to send from my domain ahmedb@ltawi.com.sa
to outside email yahoo ahmed_elbarbary.2010@yahoo.com write this command in sme mail server
and write the following tail -f /var/log/qmail/current | tai64nlocal
Last login: Mon Nov 23 01:35:17 2015 from 192.168.1.105
[root@mserver ~]# tail -f /var/log/qmail/current | tai64nlocal
2015-11-23 10:38:07.003125500 new msg 4576081
2015-11-23 10:38:07.003131500 info msg 4576081: bytes 2598 from <ahmedb@altawi.com.sa> qp 15156 uid 453
2015-11-23 10:38:07.014118500 starting delivery 332: msg 4576081 to remote ahmed_elbarbary.2010@yahoo.com
2015-11-23 10:38:07.014125500 status: local 0/10 remote 1/20
2015-11-23 10:38:07.014129500 new msg 4575033
2015-11-23 10:38:07.014133500 warning: unknown record type in todo/4575033
2015-11-23 10:38:07.014136500 new msg 4575033
2015-11-23 10:38:07.014140500 warning: unknown record type in todo/4575033
2015-11-23 10:38:27.016877500 delivery 332: deferral: CNAME_lookup_failed_temporarily._(#4.4.3)/
2015-11-23 10:38:27.016882500 status: local 0/10 remote 0/20
in above i try to send from my altawi domain to outside as yahoo
it give me delivery 332: deferral: CNAME_lookup_failed_temporarily._(#4.4.3)/
what this problem
----------
as above firewall close port 25
i send this message for awal net company
it reply for me as following:
from awal net it access cisco outer and tell me
--------
I call awal net company told him please check port 25 and 110 is working
it answer to me as following:
By default all ports are opened from outside except port 162, 22, 23.
In customer case; He’s NAtting local IP 192.168.1.4 to public 78.93.244.62
ip nat inside source static 192.168.1.4 78.93.244.62
telnet 192.168.1.4 25
Trying 192.168.1.4, 25 ...
% Connection timed out; remote host not responding
telnet 192.168.1.4 110
Trying 192.168.1.4, 110 ...
% Connection timed out; remote host not responding
telnet 78.93.244.61 25
Trying 78.93.244.61, 25 ...
% Connection refused by remote host
telnet 78.93.244.61 110
Trying 78.93.244.61, 110 ...
% Connection refused by remote host
------
from my network
PING 192.168.1.4
GIVE REPLY WITHOUT PROBLEM
telnet 192.168.1.4 25
220 mserver.altawi.com.sa ESMTP
TELNET 192.168.1.4 110
OK <6721.1448292168@MSERVER.ALTAWI.COM.SA>
TELNET 78.93.244.61 25
CANNOT OPEN CONNECTION TO HOST
TELNET 78.93.244.61 110
GIVE ME BLANK SCREEN
PING 78.93.244.61
GIVE ME REPLY WITHOUT PROBLEM
PING 192.168.1.254 FROM MAIL SERVER
64 bytes from 192.168.1.254: icmp_seq=2168 ttl=64 time=0.735 ms
64 bytes from 192.168.1.254: icmp_seq=2169 ttl=64 time=0.765 ms
64 bytes from 192.168.1.254: icmp_seq=2170 ttl=64 time=0.796 ms
[root@mserver ~]# telnet 192.168.1.254 23
Trying 192.168.1.254...
Connected to 192.168.1.254.
Escape character is '^]'.
root@mserver ~]# telnet 192.168.1.254 25
Trying 192.168.1.254...
telnet: connect to address 192.168.1.254: Connection timed out
-----------
After that awal net company TELL ME OUR job only to connect internet
to cisco router check your side
i check every thing in my network nothing wrong and no internet access to mail server
--------------
After that i check mx record
it can as following
Pref Hostname IP Address TTL
0 mserver.altawi.com.sa 78.93.244.61 4 hrs
1 altawi.com.sa 212.93.222.10 4 hrs
i call company of hosting my site it is awal net company
this company awal net company for hosting because service finished for hosting and no technical support good
i changed to company top line for hosting from 2 days because i doubt may be hosting problem and remove mx record
mx record now nothing registered in mx record
what i do now to send and recieve email
----------------
This is all data about my network
