CSF blocking mail client connection

A

ArashiInteractive

Verified User
Joined
May 25, 2021
Messages
27
On a new DA install, I've got csf running with its default settings. This evening I made several email accounts, but was unable to add these accounts to either Thunderbird or Outlook. I kept getting incorrect configuration, username, or password errors. On a whim, I tried to temporarily disable csf firewall to see what happened - magically I was able to instantly configure both Thunderbird and Outlook with the new email accounts.

I'm quite new to CSF, the email accounts are IMAP 993 and SMTP 587; what do I need to change in CSF to allow this to work?
 
I don't know what the defaults are with CSF when installed automatically with Directadmin.

Check if these settings are like this.

Ports, incoming and outgoing, shoudl contain ports 25, 110, 143, 993, 995, 465 and 587 at least for mail.
If you are using ipv6, also check the # Allow incoming IPv6 TCP ports setting.

If those are set to be allowed, check that the following settings are like this:
SMTP_BLOCK = "1"
SMTP_ALLOWLOCAL = "1"
SMTP_PORTS = "25,465,587"

Normally with these settings, things should work without issues.
 
Hmm, that's less encouraging. TCP_IN is allowing 143, 465, 587, and 993 among others. TCP_OUT allows 587 and 993 among others. This is for both IPv4 and IPv6. SMTP_BLOCK and SMTP_ALLOWLOCAL are both On, SMTP_REDIRECT is Off, and SMTP_PORTS are 25,465,587.

SMTP_ALLOWUSER has nothing, and SMTP_ALLOWGROUP is mail,mailman.

Any other thoughts? The curve ball here, for me at least, is if I had an existing account already setup in Thunderbird or Outlook, then updated DNS records to point to the new server, all is fine. It's creating a new account that has the problem.
 
ArashiInteractive said:
SMTP_ALLOWUSER has nothing, and SMTP_ALLOWGROUP is mail,mailman.
Click to expand...
That is default, I've got the same here on my servers.

I don't have another thought at this moment (maybe somebody else has), however it could be good to backtrace where it's coming from.
This would mean enabling CSF again, trying the same you did before and then look at what the logs are saying at that moment.

I presume you are using port 587 or 465 for outgoing mail?
Another way to test is to use port 25 for outgoing mail (if possible) or 587 but without any tls or ssl encryption with CSF enabled, maybe it's possible some SSL configuration might raise issues.
However, best is to have a look at the logs since that might reveal already what might be wrong.
 
I'll start digging through the logs, was hoping there was an obvious - you shouldn't have pressed this button here.

Yes, ideally 587 or 465 for outgoing mail. I'd only disabled CSF long enough to test with Thunderbird and Outlook. The only users I have on the server at the moment are using 3rd party email, so this is just some trial stuff.

The domain I'm working with is managed through Cloudflare, would that have anything to do with it in this case? The A records I have set for mail.domain.com are set to DNS only, so no proxy happening through Cloudflare. I'm also running Comodo WAF 2.24.5 on this server; but my understanding was that was more an Apache thing than email.

Thanks for your help thus far ;)
 
For things to work correctly, even a testdomain must have correct A records and MX records on the server itself. Since you say you have A records, i presume you also created the MX record?
Using Cloudflare might have something to do with it. I'm not familiar with Comodo, I don't use that, but I also thought this was only for apache and websites and not for mail.

As for the help so far, you're welcome. I hope you can find something via the logfiles, I don't think there is a "you pressed the wrong button" issue in this case. If you want, I could do some further investigation, but then I need the real domain name which is tested and maybe a test email address.
I can test with outlook. If you would like that, you can send me necessary info per pm.
 
Everything seems to be working correctly now. After rebooting the server to apply some OS updates, I checked the logs to find my IP address had been temp blocked for too many failed login attempts. Cleared my address out, restarted email program and tada, everything working again.

Thanks again for your help and pointers.
 
Ah glad to see you found it. Since you were able to use the control panel I didn't think of a blocked ip. Glad it's fixed.
As for the help, you're welcome.
 
You must log in or register to reply here.
Back
Top