I am using axigen to setup my own mailserver but trying to set it up I encountered a rather weird problem:
Using nmap -P0 0.0.0.0
on my Mailserver to check if all ports that are necessary for the server to work gives this output:
Starting Nmap 7.80 ( https://nmap.org ) at 2024-01-14 16:35 CET
Nmap scan report for 0.0.0.0
Host is up (0.000022s latency).
Not shown: 986 filtered ports
PORT STATE SERVICE
21/tcp open ftp
22/tcp open ssh
25/tcp open smtp
80/tcp open http
110/tcp open pop3
143/tcp open imap
443/tcp open https
465/tcp open smtps
993/tcp open imaps
995/tcp open pop3s
1443/tcp open ies-lm
7000/tcp open afs3-fileserver
8080/tcp open http-proxy
9000/tcp open cslistener
However, if I try to scan it from another device, again using nmap, that isn’t the Mailserver (any device, doesn’t matter if it is another server in the network of the Mailserver or my own PC) returns this:
Starting Nmap 7.80 ( https://nmap.org ) at 2024-01-14 16:34 CET
Nmap scan report for my-domain.net (45.88.xxx.xxx)
Host is up (0.00069s latency).
Not shown: 988 filtered ports
PORT STATE SERVICE
21/tcp open ftp
22/tcp open ssh
80/tcp open http
110/tcp open pop3
143/tcp open imap
443/tcp open https
993/tcp open imaps
995/tcp open pop3s
1443/tcp open ies-lm
7000/tcp open afs3-fileserver
8080/tcp open http-proxy
9000/tcp open cslistener
As seen above the ports 25 (smtp) and 465 (smtps) are both not showing as open on the external device which pretty much renders the whole Mailserver useless.
I use ufw as my firewall, the rules are pretty simple as of right now, none of the ports I need are blocked:
Status: active
To Action From
-- ------ ----
21 ALLOW Anywhere
22 ALLOW Anywhere
25 ALLOW Anywhere
80 ALLOW Anywhere
110 ALLOW Anywhere
143 ALLOW Anywhere
443 ALLOW Anywhere
465 ALLOW Anywhere
993 ALLOW Anywhere
995 ALLOW Anywhere
1443 ALLOW Anywhere
7000 ALLOW Anywhere
8080 ALLOW Anywhere
9000 ALLOW Anywhere
21 (v6) ALLOW Anywhere (v6)
22 (v6) ALLOW Anywhere (v6)
25 (v6) ALLOW Anywhere (v6)
80 (v6) ALLOW Anywhere (v6)
110 (v6) ALLOW Anywhere (v6)
143 (v6) ALLOW Anywhere (v6)
443 (v6) ALLOW Anywhere (v6)
465 (v6) ALLOW Anywhere (v6)
993 (v6) ALLOW Anywhere (v6)
995 (v6) ALLOW Anywhere (v6)
1443 (v6) ALLOW Anywhere (v6)
7000 (v6) ALLOW Anywhere (v6)
8080 (v6) ALLOW Anywhere (v6)
9000 (v6) ALLOW Anywhere (v6)
If I disable the firewall and scan the Mailserver from an external host again I get this output which basically tells me no service is listening on said filtered ports:
Starting Nmap 7.80 ( https://nmap.org ) at 2024-01-14 16:13 CET
Nmap scan report for Array.living-bots.net (45.88.109.169)
Host is up (0.00067s latency).
Not shown: 985 closed ports
PORT STATE SERVICE
21/tcp open ftp
22/tcp open ssh
25/tcp filtered smtp
80/tcp open http
110/tcp open pop3
143/tcp open imap
443/tcp open https
465/tcp filtered smtps
587/tcp filtered submission
993/tcp open imaps
995/tcp open pop3s
1443/tcp open ies-lm
7000/tcp open afs3-fileserver
8080/tcp open http-proxy
9000/tcp open cslistener
And just to have everything that might be needed in here, this is the output of netstat -tuplen | grep axigen
:
tcp 0 0 0.0.0.0:993 0.0.0.0:* LISTEN 220 9707034 467817/axigen
tcp 0 0 0.0.0.0:9443 0.0.0.0:* LISTEN 220 9707044 467817/axigen
tcp 0 0 0.0.0.0:1443 0.0.0.0:* LISTEN 220 9707038 467817/axigen
tcp 0 0 0.0.0.0:995 0.0.0.0:* LISTEN 220 9707029 467817/axigen
tcp 0 0 0.0.0.0:9000 0.0.0.0:* LISTEN 220 9707043 467817/axigen
tcp 0 0 0.0.0.0:110 0.0.0.0:* LISTEN 220 9707028 467817/axigen
tcp 0 0 0.0.0.0:143 0.0.0.0:* LISTEN 220 9707033 467817/axigen
tcp 0 0 0.0.0.0:8080 0.0.0.0:* LISTEN 220 9707039 467817/axigen
tcp 0 0 0.0.0.0:465 0.0.0.0:* LISTEN 220 9707020 467817/axigen
tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN 220 9707048 467817/axigen
tcp 0 0 0.0.0.0:7000 0.0.0.0:* LISTEN 220 9707025 467817/axigen
tcp 0 0 127.0.0.1:8888 0.0.0.0:* LISTEN 220 9707003 467830/axigen-tnef
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 220 9706040 467817/axigen
tcp6 0 0 :::993 :::* LISTEN 220 9707036 467817/axigen
tcp6 0 0 :::9443 :::* LISTEN 220 9707046 467817/axigen
tcp6 0 0 :::1443 :::* LISTEN 220 9707040 467817/axigen
tcp6 0 0 :::995 :::* LISTEN 220 9707031 467817/axigen
tcp6 0 0 :::9000 :::* LISTEN 220 9707045 467817/axigen
tcp6 0 0 :::110 :::* LISTEN 220 9707030 467817/axigen
tcp6 0 0 :::143 :::* LISTEN 220 9707035 467817/axigen
tcp6 0 0 :::8080 :::* LISTEN 220 9707041 467817/axigen
tcp6 0 0 :::465 :::* LISTEN 220 9707022 467817/axigen
tcp6 0 0 :::7000 :::* LISTEN 220 9707026 467817/axigen
tcp6 0 0 :::25 :::* LISTEN 220 9707021 467817/axigen
udp 0 0 127.0.0.1:2000 0.0.0.0:* 220 9707007 467817/axigen
I have been trying for an hour now so either it is something complicated or really simple that I overlooked, any suggestions how I can enable my other devices to be able to access the smtp/s ports?
I tried turning the firewall off, tried using another firewall (firewalld), tried clearing and reconfiguring the firewall and tried to reinstall axigen.