Security and privacy

 
 
Picture of Ken Task
Re: iptables firewall stops email messages to SMTP host
Group Particularly helpful Moodlers

What's your MTA (mail transfer agent) for local host (ie, the Moodle server)?  Sendmail? Postfix? Exim?

If using iptables, wouldn't one have to have the smtp port opened at least for outbound traffic?  One doesn't config a full blown mail server ... ie, one that both sends and receives - just the send part. ;)

'spirit of sharing', Ken

 
Average of ratings: -
Picture of Adrian Scarle
Re: iptables firewall stops email messages to SMTP host
 

I'm not entirely sure - it's a standard Moodle install on a dedicated Debian box. Sendmail?

I think I'm just going to go down the 

ACCEPT     all  --  anywhere             anywhere             state RELATED,ESTABLISHED
 
route in the INPUT rules.
 
As I mentioned, I'm behind a hardware firewall too, so this is a second line of defence.

 
Average of ratings: -
Picture of Adrian Scarle
Re: iptables firewall stops email messages to SMTP host
 

Thanks for your help guys. I can see I have much to learn.

 
Average of ratings: -
Picture of Ken Task
Re: iptables firewall stops email messages to SMTP host
Group Particularly helpful Moodlers

smtp uses port 25

the first URL is old but it does help explain:

http://www.debian.org/releases/stable/i386/ch08s05.html.en

Might also read:

http://wiki.debian.org/Postfix

Suggest installing something like pine/alpine to be able to test sending mail from Moodle server operating system (also handy if an account is setup to rec. notifications, etc. from Moodle).

And a comment/thought about local firewall ... what would protect the server from an inside attack ... either un-intentional (workstation contracted a worm) or intentional?

'spirit of sharing', Ken

 
Average of ratings:Useful (1)
Picture of Adrian Scarle
Re: iptables firewall stops email messages to SMTP host
 

Hi Ken,

Thanks for the additional info. I find the official Debian documentation well intentioned, but sometimes you're just not sure if it's relevant or out of date.

I'm not sure what package Moodle uses to send email when using another server as an SMTP host. But it's currently working OK for me now and I'm getting Moodle update notifications and user-to-user messages via email.

A quick look suggests that it's exim4, but I'm not sure that Moodle's using it.

I'm sure my iptables config is OK now (as in my last post) and not too open on the local network. I'm glad I'm not trying to do anything too complicated with it.

Thanks.

 
Average of ratings: -
Picture of Ken Task
Re: iptables firewall stops email messages to SMTP host
Group Particularly helpful Moodlers

Yes, tried to suggest that about the link found for Debian.  In your IP Tables config, you don't show port 25 (the smtp port) as being liberally allowed as the other ports ... last statement there denies all that are not listed.  Think that's why some messages not being received.  Moodle was attempting to send, but blocked by the local MTA/IP Tables.

Consider installing Webmin on your server.  Perl based so even if apache/mysql/moodle down, one has access. Has lots of tools to help admin a Linux server (including exim4, I think) - even helps one find things is not known ... like the mail logs, etc.. and backup DB. etc..

'spirit of sharing', Ken

 

 
Average of ratings: -