| Main Archive Page > Month Archives > postfix-users archives |
Re: Iptables stopping smtp_bind_address from working properly
From: Jeffrey Starin <jeffrey.starin_at_nospam>Date: Fri Jul 08 2011 - 20:43:57 GMT
To: Jeroen Geilman <jeroen@adaptr.nl>
On 7/8/2011 4:39 PM, Jeroen Geilman wrote:
> On 2011-07-08 22:37, Jeffrey Starin wrote:
>> On 7/8/2011 4:21 PM, Jeroen Geilman wrote:
>>> On 2011-07-08 21:06, Jeffrey Starin wrote:
>>>> When I turn off the firewall (which I am loath to do) to my VPS I
>>>> am able to use the command smtp_bind_address just fine.
>>>>
>>>> Otherwise, with firewall turned on, I am getting these time out
>>>> errors in my maillog files:
>>>>
>>>> Jul 7 13:00:34 who postfix/smtp[40187]: connect to
>>>> 127.0.0.1[127.0.0.1]: Connection timed out (port 10027)
>>>
>>> You will have to allow access from localhost to port 10027 on
>>> localhost.
>>>
>>> --
>>> J.
>>>
>>>
>> The following is in there. I'm certainly no iptables expert but
>> don't the following rules cover that?
>>
>> Chain INPUT (policy ACCEPT):
>> . . .
>> ACCEPT all -- localhost.localdomain anywhere
>> . . .
>>
>> and in Chain OUTPUT (policy ACCEPT):
>> . . .
>> ACCEPT all -- anywhere localhost.localdomain
>> . . .
>
> That depends entirely on what localhost.localdomain stands for.
>
> DNS names have no place in iptables rules - they slow it to a crawl,
> for one thing.
>
> --
> J.
>
>
more /etc/hosts:
127.0.0.1 localhost.localdomain localhost
the_ip_address_listed_in_smpt_bind_address the_TLD
the_host_name
I would think that would work but it's not. . .