Topics

Web Server Using Postfix #networking


Don - W9JUN
 

Looking for some guidance with my postfix mail server:

Here we go-----

My email client will set up just fine using the local ip address for the server 192.168.1 using ports 110 and 25 ---- and there is not a problem sending and receiving emails.
However, if I use my full address, w9jun.ampr.org, the client will not set up. (no sending or receiving)

Interestingly enough, if I test with JuiceSSH (on home network) I can connect to ports 110, and 465 but not 25

If I switch to data on my cell I can connect to 25, 465, and 110.

ideas?


David Ranch <dranch@...>
 


Hello Don,

My email client will set up just fine using the local ip address for the server 192.168.1 using ports 110 and 25 ---- and there is not a problem sending and receiving emails.

Is the Raspberry Pi the email client or the email server?


However, if I use my full address, w9jun.ampr.org, the client will not set up. (no sending or receiving)

Are you saying that if you configure the email client to use the IP address vs. DNS name, that's the difference?  Or is the issue that one is the Internal IP address and the other is the external IP?


On the email client machine, what do the following commands give you?

   dig w9jun.ampr.org | grep w9jun.ampr.org

   dig w9jun.ampr.org mx | grep w9jun.ampr.org

I see the following:

   $ dig w9jun.ampr.org | grep w9jun.ampr.org
   ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6_10.1 <<>> w9jun.ampr.org
   ;w9jun.ampr.org.                        IN      A
   w9jun.ampr.org.         3584    IN      A       44.48.210.1


   $ dig w9jun.ampr.org mx | grep w9jun.ampr.org
   ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6_10.1 <<>> w9jun.ampr.org mx
   ;w9jun.ampr.org.                        IN      MX
   w9jun.ampr.org.         3600    IN      MX      5 w9jun.ampr.org.
   w9jun.ampr.org.         3578    IN      A       44.48.210.1



From my AMPR station, I can ping and connect to your host on ports 25 and 110:

   $ ping 44.48.210.1
   PING 44.48.210.1 (44.48.210.1) 56(84) bytes of data.
   64 bytes from 44.48.210.1: icmp_seq=1 ttl=64 time=78.7 ms
   ^C
   --- 44.48.210.1 ping statistics ---
   1 packets transmitted, 1 received, 0% packet loss, time 0ms
   rtt min/avg/max/mdev = 78.757/78.757/78.757/0.000 ms

   $ telnet 44.48.210.1 25
   Trying 44.48.210.1...
   Connected to 44.48.210.1.
   Escape character is '^]'.
   220 w9jun.ampr.org ESMTP Postfix (Debian/GNU)
   ^]close

   $ telnet 44.48.210.1 110
   Trying 44.48.210.1...
   Connected to 44.48.210.1.
   Escape character is '^]'.
   +OK Qpopper (version 4.1.0) at w9jun.ampr.org starting.
   ^]close
   telnet> close

   $ telnet 44.48.210.1 465
   Trying 44.48.210.1...
   Connected to 44.48.210.1.
   Escape character is '^]'.
   220 w9jun.ampr.org ESMTP Postfix (Debian/GNU)
   ^]close


Can you also do those same tests to confirm you're getting DNS resolution and IP forwarding?


--David
KI6ZHD


Don - W9JUN
 

Good day!

Is the Raspberry Pi the email client or the email server? server

Are you saying that if you configure the email client to use the IP address vs. DNS name, that's the difference?  Or is the issue that one is the Internal IP address and the other is the external IP? If I use the local lan address for the PI the email client (which is on my phone) everything works fine with ports 25 and 110. If I use w9jun.ampr.org (44.48.210.1), the client doesn't setup.

As far as the dig command, I'm using a windows computer but here is the telnet info: My laptop is connected to my local router:

C:\Users\June>telnet w9jun.ampr.org 25
Connecting To w9jun.ampr.org... NOTHING

Got a connection to port 465
220 w9jun.ampr.org ESMTP Postfix (Debian/GNU)
ehlo w9jun.ampr.org
250-w9jun.ampr.org
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN

Got a connection to port 110
+OK Qpopper (version 4.1.0) at w9jun.ampr.org starting.

If I switch to data on my cell I can connect to 25, 465, and 110.


Don - W9JUN
 

Here's some dig info using my windows laptop

C:\Users\June>dig w9jun.ampr.org mx
; <<>> DiG 9.11.8 <<>> w9jun.ampr.org mx
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44150
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;w9jun.ampr.org.                        IN      MX
;; ANSWER SECTION:
w9jun.ampr.org.         3600    IN      MX      5 w9jun.ampr.org.
;; Query time: 143 msec
;; SERVER: 208.67.222.222#53(208.67.222.222)
;; WHEN: Thu Jun 20 09:02:58 Eastern Daylight Time 2019
;; MSG SIZE  rcvd: 59


C:\Users\June>dig w9jun.ampr.org
; <<>> DiG 9.11.8 <<>> w9jun.ampr.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 23976
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;w9jun.ampr.org.                        IN      A
;; ANSWER SECTION:
w9jun.ampr.org.         3600    IN      A       44.48.210.1
;; Query time: 272 msec
;; SERVER: 208.67.222.222#53(208.67.222.222)
;; WHEN: Thu Jun 20 09:04:59 Eastern Daylight Time 2019
;; MSG SIZE  rcvd: 59


David Ranch <dranch@...>
 


Hello Don,

Ok.. the Rpi is the email server and your phone is the client. 

What kind of phone?  Android?  iPhone?  When you're trying to have your phone get email from the Rpi, I assume your phone is on your home wifi.



If I use the local lan address for the PI the email client (which is on my phone) everything works fine with ports 25 and 110. If I use w9jun.ampr.org (44.48.210.1), the client doesn't setup.

You didn't provide any DNS test results from your phone which is what matters but assuming your Windows laptop is on the same Wifi network, it seems like you can resolve things.

You have also shown that you can connection to port 465 (smtps) [encrypted smtp] and port 110 (pop3) [non-encrypted pop3].  Technically speaking, you should be fine at this point.  Configure your email client on the phone to use port 465 for SMTP and it should work.  If it MUST have port 25, then try the following in the raspberry pi:

   - run the command:

       netstat -an | grep -e 25 -e 465


I see:
      $ netstat -an | grep -e 25 -e 465
      tcp        0      0 192.168.0.11:465            0.0.0.0:*                   LISTEN
      tcp        0      0 127.0.0.1:465               0.0.0.0:*                   LISTEN
      tcp        0      0 192.168.0.11:25             0.0.0.0:*                   LISTEN
      tcp        0      0 127.0.0.1:25                0.0.0.0:*                   LISTEN

What the above shows is that I have both port 465 and 25 listening on IP address 192.168.0.11 and 127.0.0.1.  What you need on your machine to show is 44.48.210.1 and 127.0.0.1.  You would configure that in the /etc/postfix/main.cf file under the inet_interfaces stanza.  It would look like:

   inet_interfaces = 44.48.210.1, localhost

Then run:

   /etc/init.d/postfix restart


and try the "netstat -an | grep -e 25 -e 465" command again.


If I switch to data on my cell I can connect to 25, 465, and 110.

If the testing above was all correct in the first place, all that and be left is a forwarding or filtering issue.  What is the output of the following commands:

   #Should be a 0
   cat /proc/sys/net/ipv4/ip_forward

   sudo /sbin/iptables -L

--David
KI6ZHD


Don - W9JUN
 

On Thu, Jun 20, 2019 at 10:43 AM, David Ranch wrote:
netstat -an | grep -e 25 -e 465

Thank you for your feedback!!!!!!

 netstat -an | grep -e 25 -e 465
tcp        0      0 0.0.0.0:465             0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:25              0.0.0.0:*               LISTEN
unix  2      [ ACC ]     STREAM     LISTENING     3025     private/proxywrite
unix  2      [ ACC ]     STREAM     LISTENING     2465     /var/run/dbus/system_bus_socket
-----------------------------------------------------------------------------------
cat /proc/sys/net/ipv4/ip_forward
1
-----------------------------------------------------------------------------------
sudo /sbin/iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination
ACCEPT     ax.25--  anywhere             anywhere
ACCEPT     ipencap--  anywhere             anywhere
DROP       all  -- !44.0.0.0/8           anywhere
DROP       tcp  --  anywhere             anywhere             tcp dpt:chargen
DROP       udp  --  anywhere             anywhere             udp dpt:chargen
           tcp  --  anywhere             anywhere             tcpflags:! FIN,SYN,RST,ACK/SYN recent: REMOVE name: tcp side: source
           tcp  --  anywhere             anywhere             tcpflags: FIN,SYN,RST,ACK/SYN recent: SET name: tcp side: source
DROP       tcp  --  anywhere             anywhere             tcpflags: FIN,SYN,RST,ACK/SYN recent: UPDATE seconds: 60 hit_count: 5 name: tcp side: source
 
Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
ACCEPT     all  --  anywhere             44.0.0.0/8
ACCEPT     ax.25--  anywhere             anywhere
ACCEPT     ipencap--  anywhere             anywhere
DROP       all  -- !44.0.0.0/8           anywhere
DROP       tcp  --  anywhere             anywhere             tcp dpt:chargen
DROP       udp  --  anywhere             anywhere             udp dpt:chargen
           tcp  --  anywhere             anywhere             tcpflags:! FIN,SYN,RST,ACK/SYN recent: REMOVE name: tcp side: source
           tcp  --  anywhere             anywhere             tcpflags: FIN,SYN,RST,ACK/SYN recent: SET name: tcp side: source
DROP       tcp  --  anywhere             anywhere             tcpflags: FIN,SYN,RST,ACK/SYN recent: UPDATE seconds: 60 hit_count: 5 name: tcp side: source
ACCEPT     all  --  192.168.1.0/24       44.0.0.0/8           state RELATED,ESTABLISHED
ACCEPT     all  --  192.168.1.0/24       44.0.0.0/8
 
Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
ACCEPT     ax.25--  anywhere             anywhere
ACCEPT     ipencap--  anywhere             anywhere
 
 
 


William Kimber
 

Hi all,


If I can stick a very rusty oar in here. Many years ago I had a PC running as a server, open to internet via router.  All on wired lan.

On that server from inside the lan it was not possible to use the Internet IP address.  From inside the lan you had to use the internal server IP address.


The reason I believe is that the server doesn't know or use the internet address, that is done by the router which translates requests from internet to local lan address.  It doesn't sent requests for the local server using the internet address  from the local lan/wifi out to the internent and expect to get it echoed back.


Please forgive if I have misunderstood the problem.


Cheers,

Will

ZL1TAO


On 21/06/19 9:02 AM, Don - W9JUN wrote:
On Thu, Jun 20, 2019 at 10:43 AM, David Ranch wrote:
netstat -an | grep -e 25 -e 465

Thank you for your feedback!!!!!!

 netstat -an | grep -e 25 -e 465
tcp        0      0 0.0.0.0:465             0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:25              0.0.0.0:*               LISTEN
unix  2      [ ACC ]     STREAM     LISTENING     3025     private/proxywrite
unix  2      [ ACC ]     STREAM     LISTENING     2465     /var/run/dbus/system_bus_socket
-----------------------------------------------------------------------------------
cat /proc/sys/net/ipv4/ip_forward
1
-----------------------------------------------------------------------------------
sudo /sbin/iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination
ACCEPT     ax.25--  anywhere             anywhere
ACCEPT     ipencap--  anywhere             anywhere
DROP       all  -- !44.0.0.0/8           anywhere
DROP       tcp  --  anywhere             anywhere             tcp dpt:chargen
DROP       udp  --  anywhere             anywhere             udp dpt:chargen
           tcp  --  anywhere             anywhere             tcpflags:! FIN,SYN,RST,ACK/SYN recent: REMOVE name: tcp side: source
           tcp  --  anywhere             anywhere             tcpflags: FIN,SYN,RST,ACK/SYN recent: SET name: tcp side: source
DROP       tcp  --  anywhere             anywhere             tcpflags: FIN,SYN,RST,ACK/SYN recent: UPDATE seconds: 60 hit_count: 5 name: tcp side: source
 
Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
ACCEPT     all  --  anywhere             44.0.0.0/8
ACCEPT     ax.25--  anywhere             anywhere
ACCEPT     ipencap--  anywhere             anywhere
DROP       all  -- !44.0.0.0/8           anywhere
DROP       tcp  --  anywhere             anywhere             tcp dpt:chargen
DROP       udp  --  anywhere             anywhere             udp dpt:chargen
           tcp  --  anywhere             anywhere             tcpflags:! FIN,SYN,RST,ACK/SYN recent: REMOVE name: tcp side: source
           tcp  --  anywhere             anywhere             tcpflags: FIN,SYN,RST,ACK/SYN recent: SET name: tcp side: source
DROP       tcp  --  anywhere             anywhere             tcpflags: FIN,SYN,RST,ACK/SYN recent: UPDATE seconds: 60 hit_count: 5 name: tcp side: source
ACCEPT     all  --  192.168.1.0/24       44.0.0.0/8           state RELATED,ESTABLISHED
ACCEPT     all  --  192.168.1.0/24       44.0.0.0/8
 
Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
ACCEPT     ax.25--  anywhere             anywhere
ACCEPT     ipencap--  anywhere             anywhere
 
 
 


Perry Ogletree
 

That’s a form of loop back protection. It helps keep nasties out of your network.

 

Perry K4PWO

 

From: RaspberryPi-4-HamRadio@groups.io <RaspberryPi-4-HamRadio@groups.io> On Behalf Of William Kimber
Sent: Thursday, June 20, 2019 05:20 PM
To: RaspberryPi-4-HamRadio@groups.io
Subject: Re: [RaspberryPi-4-HamRadio] Web Server Using Postfix #networking

 

Hi all,

 

If I can stick a very rusty oar in here. Many years ago I had a PC running as a server, open to internet via router.  All on wired lan.

On that server from inside the lan it was not possible to use the Internet IP address.  From inside the lan you had to use the internal server IP address.

 

The reason I believe is that the server doesn't know or use the internet address, that is done by the router which translates requests from internet to local lan address.  It doesn't sent requests for the local server using the internet address  from the local lan/wifi out to the internent and expect to get it echoed back.

 

Please forgive if I have misunderstood the problem.

 

Cheers,

Will

ZL1TAO

 

On 21/06/19 9:02 AM, Don - W9JUN wrote:

On Thu, Jun 20, 2019 at 10:43 AM, David Ranch wrote:

netstat -an | grep -e 25 -e 465


Thank you for your feedback!!!!!!

 netstat -an | grep -e 25 -e 465

tcp        0      0 0.0.0.0:465             0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:25              0.0.0.0:*               LISTEN

unix  2      [ ACC ]     STREAM     LISTENING     3025     private/proxywrite

unix  2      [ ACC ]     STREAM     LISTENING     2465     /var/run/dbus/system_bus_socket
-----------------------------------------------------------------------------------

cat /proc/sys/net/ipv4/ip_forward

1
-----------------------------------------------------------------------------------

sudo /sbin/iptables -L

Chain INPUT (policy ACCEPT)

target     prot opt source               destination

ACCEPT     ax.25--  anywhere             anywhere

ACCEPT     ipencap--  anywhere             anywhere

DROP       all  -- !44.0.0.0/8           anywhere

DROP       tcp  --  anywhere             anywhere             tcp dpt:chargen

DROP       udp  --  anywhere             anywhere             udp dpt:chargen

           tcp  --  anywhere             anywhere             tcpflags:! FIN,SYN,RST,ACK/SYN recent: REMOVE name: tcp side: source

           tcp  --  anywhere             anywhere             tcpflags: FIN,SYN,RST,ACK/SYN recent: SET name: tcp side: source

DROP       tcp  --  anywhere             anywhere             tcpflags: FIN,SYN,RST,ACK/SYN recent: UPDATE seconds: 60 hit_count: 5 name: tcp side: source

 

Chain FORWARD (policy ACCEPT)

target     prot opt source               destination

ACCEPT     all  --  anywhere             44.0.0.0/8

ACCEPT     ax.25--  anywhere             anywhere

ACCEPT     ipencap--  anywhere             anywhere

DROP       all  -- !44.0.0.0/8           anywhere

DROP       tcp  --  anywhere             anywhere             tcp dpt:chargen

DROP       udp  --  anywhere             anywhere             udp dpt:chargen

           tcp  --  anywhere             anywhere             tcpflags:! FIN,SYN,RST,ACK/SYN recent: REMOVE name: tcp side: source

           tcp  --  anywhere             anywhere             tcpflags: FIN,SYN,RST,ACK/SYN recent: SET name: tcp side: source

DROP       tcp  --  anywhere             anywhere             tcpflags: FIN,SYN,RST,ACK/SYN recent: UPDATE seconds: 60 hit_count: 5 name: tcp side: source

ACCEPT     all  --  192.168.1.0/24       44.0.0.0/8           state RELATED,ESTABLISHED

ACCEPT     all  --  192.168.1.0/24       44.0.0.0/8

 

Chain OUTPUT (policy ACCEPT)

target     prot opt source               destination

ACCEPT     ax.25--  anywhere             anywhere

ACCEPT     ipencap--  anywhere             anywhere

 

 

 


bbillp
 

For an internet IP DNS connection to your local server see no-ip.com . Read their information, it worked for my special control server. Bill acj


David Ranch <dranch@...>
 


Hello Don,

 netstat -an | grep -e 25 -e 465
Proto Recv-Q Send-Q Local Address        Foreign Address     State
tcp        0      0 0.0.0.0:465             0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:25              0.0.0.0:*                LISTEN

Ok, the key detail here is when netstat shows a local address of "0.0.0.0:something", that means it's listening on all interfaces.  If it's not listening on all interfaces, it would show something like "127.0.0.1:465" or "192.168.0.22:465".


cat /proc/sys/net/ipv4/ip_forward
1

Ok, you have forwarding on.  Ok.


-----------------------------------------------------------------------------------
sudo /sbin/iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination
ACCEPT     ax.25--  anywhere             anywhere
ACCEPT     ipencap--  anywhere             anywhere
DROP       all  -- !44.0.0.0/8           anywhere
DROP       tcp  --  anywhere             anywhere             tcp dpt:chargen
DROP       udp  --  anywhere             anywhere             udp dpt:chargen
           tcp  --  anywhere             anywhere             tcpflags:! FIN,SYN,RST,ACK/SYN recent: REMOVE name: tcp side: source
           tcp  --  anywhere             anywhere             tcpflags: FIN,SYN,RST,ACK/SYN recent: SET name: tcp side: source
DROP       tcp  --  anywhere             anywhere             tcpflags: FIN,SYN,RST,ACK/SYN recent: UPDATE seconds: 60 hit_count: 5 name: tcp side: source
 
Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
ACCEPT     all  --  anywhere             44.0.0.0/8
ACCEPT     ax.25--  anywhere             anywhere
ACCEPT     ipencap--  anywhere             anywhere
DROP       all  -- !44.0.0.0/8           anywhere
DROP       tcp  --  anywhere             anywhere             tcp dpt:chargen
DROP       udp  --  anywhere             anywhere             udp dpt:chargen
           tcp  --  anywhere             anywhere             tcpflags:! FIN,SYN,RST,ACK/SYN recent: REMOVE name: tcp side: source
           tcp  --  anywhere             anywhere             tcpflags: FIN,SYN,RST,ACK/SYN recent: SET name: tcp side: source
DROP       tcp  --  anywhere             anywhere             tcpflags: FIN,SYN,RST,ACK/SYN recent: UPDATE seconds: 60 hit_count: 5 name: tcp side: source
ACCEPT     all  --  192.168.1.0/24       44.0.0.0/8           state RELATED,ESTABLISHED
ACCEPT     all  --  192.168.1.0/24       44.0.0.0/8
 
Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
ACCEPT     ax.25--  anywhere             anywhere
ACCEPT     ipencap--  anywhere             anywhere

You don't to be masquerading (NATing) your traffic here which is ok.  Overall, I don't see anything glaring there.

It's still strange your smartphone can successfully connect to your Rpi via IP address but doesn't work via DNS name.  Per my previous emails, please try connecting to all of the TCP ports from your phone to your Raspberry Pi:

  port 25
  port 110
  port 465

and specifically note if you get a connection or not like how I gave in my previous email.


If this is a DNS issue, I have a few ideas to look at things:

   - What is in your Raspberry PI's /etc/resolv.conf?
   - What is the wifi IP address of your smartphone?
   - On the Raspberry Pi, if you do a "dig" on that smartphone IP address, what is it's response?

--David


Don - W9JUN
 

- What is in your Raspberry PI's /etc/resolv.conf?
search ampr.org
nameserver 44.88.0.1
nameserver 44.88.0.9
nameserver 8.8.4.4
 

- What is the wifi IP address of your smartphone?
192.168.1.8

- On the Raspberry Pi, if you do a "dig" on that smartphone IP address, what is it's response?

dig 192.168.1.8
 
; <<>> DiG 9.10.3-P4-Raspbian <<>> 192.168.1.8
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1559
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
 
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;192.168.1.8.                   IN      A
 
;; AUTHORITY SECTION:
.                       3600    IN      SOA     a.root-servers.net. nstld.verisign-grs.com. 2019062101 1800 900 604800 86400
 
;; Query time: 70 msec
;; SERVER: 208.67.222.222#53(208.67.222.222)
;; WHEN: Fri Jun 21 20:53:33 EDT 2019
;; MSG SIZE  rcvd: 115
 


Don - W9JUN
 

On Fri, Jun 21, 2019 at 10:31 AM, David Ranch wrote:
It's still strange your smartphone can successfully connect to your Rpi via IP address but doesn't work via DNS name.  Per my previous emails, please try connecting to all of the TCP ports from your phone to your Raspberry Pi:

  port 25
  port 110
  port 465
From the cell local lan (192.168.1.8) I can connect to 110 and 465 using w9jun.ampr.org and 25, 110, 465 using 192.168.1.43 (local ip of PI)


Don - W9JUN
 

I have the opendns servers in my router...will that affect the resolv.conf

search ampr.org
nameserver 44.88.0.1
nameserver 44.88.0.9
nameserver 8.8.4.4
 


Jonathan Magee
 

Hi,
when trying to use the ampr.org address I think the connection will be routed over the internet. Some ISPs block connections to port 25 on unknown machines to reduce spam.
73 de Jonathan GI7KMC

On Sat, 22 Jun 2019, 02:05 Don - W9JUN, <radio.w9jun@...> wrote:
On Fri, Jun 21, 2019 at 10:31 AM, David Ranch wrote:
It's still strange your smartphone can successfully connect to your Rpi via IP address but doesn't work via DNS name.  Per my previous emails, please try connecting to all of the TCP ports from your phone to your Raspberry Pi:

  port 25
  port 110
  port 465
From the cell local lan (192.168.1.8) I can connect to 110 and 465 using w9jun.ampr.org and 25, 110, 465 using 192.168.1.43 (local ip of PI)


Don - W9JUN
 

The ISP indicated no port 25 blocking, but who knows? This has turned out to be a real stumper.


Don - W9JUN
 

Update: my ampr.org address works fine when on my lan, but does not work away from the house or over cellular.


Sean Bohanan
 

When I do an nslookup for ampr.org I get:

 

nslookup ampr.org

Server:  UnKnown

Address:  192.168.0.1

 

Non-authoritative answer:

Name:    ampr.org

Address:  44.0.0.1

 

 

If that’s not the IP address it should be, you might want to look into your DNS settings. That’s your problem.

 

 

Sean Bohanan

 

 

 

From: RaspberryPi-4-HamRadio@groups.io <RaspberryPi-4-HamRadio@groups.io> On Behalf Of Don - W9JUN
Sent: Wednesday, June 26, 2019 11:06 AM
To: RaspberryPi-4-HamRadio@groups.io
Subject: Re: [RaspberryPi-4-HamRadio] Web Server Using Postfix #networking

 

Update: my ampr.org address works fine when on my lan, but does not work away from the house or over cellular.


Don - W9JUN
 

DNS server handling your query: localhost
 DNS server's address:	127.0.0.1#53
 
 Non-authoritative answer:
 Name:	w9jun.ampr.org
 Address: 44.48.210.1


Don - W9JUN
 

Well, progress has been made. However, I can't reach the mail server using cell data. As of now, contacting the mail server using w9jun.ampr.org from a LAN is going well.


David Ranch <dranch@...>
 


What was the fix?

--David
KI6ZHD


On 07/03/2019 02:54 PM, Don - W9JUN wrote:
Well, progress has been made. However, I can't reach the mail server using cell data. As of now, contacting the mail server using w9jun.ampr.org from a LAN is going well.