No announcement yet.

Can send emails but not recieving in Exchange 2003

  • Filter
  • Time
  • Show
Clear All
new posts

  • Can send emails but not recieving in Exchange 2003

    Hi all,
    I have setup an exchange 2003 setup successfully I was able to send and receive emails but after a reverse NDR attack I am unable to recieve emails but can't send.
    Here is my setup:

    Red Hat Linux EL4 iptables firewall with the following config:
    # Load Modules
    modprobe ip_tables
    modprobe ip_conntrack
    modprobe ip_conntrack_ftp
    modprobe ipt_state
    modprobe iptable_nat
    modprobe iptable_filter

    $iptables --flush -t nat

    # Drop illegal packet
    iptables -A INPUT -p tcp --tcp-flags ALL FIN,URG,PSH -j DROP
    iptables -A INPUT -p tcp --tcp-flags ALL ALL -j DROP
    iptables -A INPUT -p tcp --tcp-flags ALL NONE -j DROP # NULL packets
    iptables -A INPUT -p tcp --tcp-flags SYN,RST SYN,RST -j DROP
    iptables -A INPUT -p tcp --tcp-flags SYN,FIN SYN,FIN -j DROP #XMAS
    iptables -A INPUT -p tcp --tcp-flags FIN,ACK FIN -j DROP # FIN packet scans
    iptables -A INPUT -p tcp --tcp-flags ALL SYN,RST,ACK,FIN,URG -j DROP

    # DansGuardian, Squid Redirection
    iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8080
    iptables -t nat -A PREROUTING -p tcp --dport 3128 -j REDIRECT --to-port 8080

    # LAN Access to the Internet
    iptables --table nat --append POSTROUTING --out-interface ppp0 -j MASQUERADE
    iptables --append FORWARD --in-interface eth0 -j ACCEPT
    iptables --append FORWARD --in-interface eth2 -j ACCEPT

    # Allowing SMTP
    iptables -t nat -A PREROUTING -s 0/0 -p tcp --dport 25 -d -j DNAT --to-destination

    DNS setup as follows:
    Forward zone
    $TTL 3600
    @ IN SOA root.linuxhostname. (
    20070730 ; Serial
    1D ; Refresh
    1H ; Retry
    1W ; Expiration
    86400 ) ; Min
    IN NS

    IN MX
    linuxhostname IN A
    exchangehostname IN A

    No reverse zone was created.

    The IP is a public IP mapped to which is being hosted by ISP DNS and also IP of eth1 interface connected to the internet.

    Please any advice on how to harden the firewall and how to be able to recieve emails.

    Thank you in advance
    Last edited by dav_y2k; 2nd August 2007, 18:45.

  • #2
    Re: Can send emails but not recieving in Exchange 2003

    Have you checked that your not blacklisted??

    Can you connect to your email server from external sources using telnet??

    Do you MX records point to the correct place??

    BTW this should be in the Exchange forum.


    • #3
      Re: Can send emails but not recieving in Exchange 2003

      Thread moved


      Michael Armstrong
      MCITP: EA, MCTS, MCSE 2003, MCSA 2003: Messaging, CCA, VCP 3.5, 4, 5, VCAP5-DCD, VCAP5-DCA, ITIL, MCP, PGP Certified Technician

      ** Remember to give credit where credit is due and leave reputation points sigpic where appropriate **