Scalix Forums

I have two servers in two locations.
Everything seems fine.
I have set up IPTables on both with the same config.
Ports 80 8080 443 8443 25 110 143 53(udp) 8009 8005 5768 5432 8082 10000 11000 and all internal networks
all are oppened.
Webmail works fine
SAC works fine
Sending and receiving external works fine.
Outlook client works, IMAP client works.

The ONLY problem I'm getting is sending mail between the two servers. That doesn't work for some reason. The servers can talk to the other servers on the internet, but cannot talk to eachother if IpTables is turned on.

WHat port/protocol am I missing for that to work?

Thanks.

Go to server1 and type

dig FQDN.server2.com

then on server 2:

DIG fqdn.server1.com

That should show resolution. If it's correct, can you send via telnet:

from server 1

telnet fqdn.server2.com 25
helo fqdn.server1.com
mail from: testsender@domain.com
rcpt to: testrecipient@domain.com
data
this is a test
.
quit

What are the results from that?

Kev.

I have Bind running on one of the servers for performance purposes with spam filtering.
Since Dig does not look in the hosts file, this server gives me the external IP address of the remote server instead of the internal one when runnig dig. but a ping of a telnet reaches the proper address.
(My servers are natted outside, but see eachother through a site-to-site VPN)

That being said.
I have site1 and site2

both firewalls have pretty much the same configuration

With site1 on and site 2 on , no emails in between
With site1 off and site 2 on, emails work in between
with site1 on and site2 off, no email in between.

So that would have to mean the problem is with IPTables at site 1.
Also, while both site1 and site2 have firewall on, telnet port 25 and manually sending an email works perfectly fine on both sides.

Use the /etc/mail/mailertable to add entries for each server's partner. This will stop sendmail from sending to the external IP rather than the internal, and I suspect it'll resolve your issue.

Kev.

Wont that cause a problem because both servers serve the same domain?

Not usually. It depends on how you're sending mail between them.

Lets start with some docs. Did you set it up according to the instructions here?

http://www.scalix.com/wiki/index.php?ti ... alixServer

Thanks
Kev.

Yes. The servers have been up and running for a few months. But I had the firewalls down. They are behind a NAT which has it's own rules to protect from the Internet.

Now I'm working on improving internal security, so I'd like to configure the firewalls.
One thing is, since my first server started at 9.1, spamassassin is configured differently on it. It has 2 IP addresses with sendmail listening on one and scalix on the other.

That may also be a problem. The thing I don't get is, addresses do not change weather the firewall is up or down. If emails don't get through because the IP's are somehow wrong, wouldn't I be having this problem independently of the firewall state?

I looked closely at the rules again. Both servers are exactly the same.