# Incoming mail server connection refused



## gpatrick (Aug 13, 2011)

I have a mail server setup for my domain, and I can successfully send mail to any destination.  However, I cannot receive any mail.  When I do a telnet to port 25 it replies with connection refused.

In my pf.conf I have:

```
rdr on $ext_if inet proto tcp from any to $ext_if port 25 -> $dmz_smtp
```
and I'm passing all connection for SMTP:

```
pass in on $ext_if proto tcp from any to $dmz_smtp port 25 flags S/SA synproxy state
```

The dmz_smtp IP is the internal lan 192.168.2.22/32.

It is listening on port 25 and connects for localhost, but not externally.  My DAEMON_OPTIONS have for address:

```
Address=0.0.0.0
```
Does that need to be changed to the external IP or remove Address from DAEMON_OPTIONS entirely since the default is to listen on all?


----------



## DutchDaemon (Aug 14, 2011)

See what [cmd=]sockstat -l4p25[/cmd] gives you on 192.168.2.22/32. If port 25 is open on the interface with IP 192.168.2.22, try setting a specific pass out rule to the DMZ interface on the firewall. If port 25 is not open, simply remove any Address setting from DAEMON_OPTIONS, so it binds to all interfaces. You don't really need DAEMON_OPTIONS for anything, only to override defaults.


----------



## wblock@ (Aug 14, 2011)

Is your ISP blocking port 25? Here's a Postfix solution.


----------



## wblock@ (Aug 15, 2011)

On the firewall rules, try this:


```
# redirect connections to port 25 (SMTP) to DMZ
rdr pass on $ext_if proto tcp from any to $ext_if port 25 -> $dmz_smtp port 25
```

The .mc file wasn't generated from the FreeBSD default version.  Rather than creating a custom one from scratch, I'd suggest generating the FreeBSD generic version and then modifying it for the features and other settings needed.


----------

