# Question on networking



## satimis (Dec 8, 2008)

Hi folks,

I'm looking around for a solution allowing remote mail clients to connect their own mail servers of their own domain.

The network setup as follow;

On a Xen box (a virtual box)

Host - workstation connected to external IP (Only one external IP)

Guests;
guest1 - mail server for routing running postfix, mysql, courier-imap, etc.
guest2 - domain-1 mail server running postfix, courier-imap, etc.
guest3 - domain-2 mail server running postfix, courier-imap, etc.
guest4 - domain-3 mail server running postfix, courier-imap, etc.
etc.

The whole system is working nicely.  All incoming mails of different domain are routed by guest1 to their own mail server.  Mail clients, Evolution, running on workstations connected to the local network can send/receive mails via respective mail server without problem.

Now I'm trying to figure out how to allow remote clients to send/receive mails on their own server.  Because there is only ONE external IP.  

I tried perdition;
http://www.vergenet.net/linux/perdition/

Unfortunately I can't make it to work.

After heavy searching I found;

Rgnix:-
http://nginx.net/

MySQL Proxy project
http://forge.mysql.com/wiki/MySQL_Proxy

etc.

However I have no idea where to start.   Can any folk shed me some light?  Is there another solution?  TIA


Edit:

This host is NOT involved.  All ports are forwarded to the local IP of the routing mail server.


B.R.
satimis


----------



## catphish (Dec 11, 2008)

How picky are the users?  You could configure the servers on the guests to listen on alternate ports and instruct the users to configure their apps accordingly.

e.g.:

guest1 = pop/1110, imap/1143, smtp/1125
guest2 = pop/2110, imap/2143, smtp/2125
etc.


----------



## satimis (Dec 11, 2008)

catphish said:
			
		

> How picky are the users?  You could configure the servers on the guests to listen on alternate ports and instruct the users to configure their apps accordingly.
> 
> e.g.:
> 
> ...


Hi catphish,


Thanks for your advice.


How about if there are 100 guests and more?  

I suppose the users of each domains are controlled by system password to login?


TIA


B.R.
satimis


----------



## satimis (Dec 20, 2008)

catphish said:
			
		

> How picky are the users?  You could configure the servers on the guests to listen on alternate ports and instruct the users to configure their apps accordingly.
> 
> e.g.:
> 
> ...


Hi catphish,


Tried you advice but can't make it to work.


Performed following steps

1)
On router
forward port 1143 to local_IP of guest1

2)
On guest1

Edit /etc/courier/imapd making following change;

# grep -i port /etc/courier/imapd
	
	



```
##NAME: PORT:1
#  Port numbers that connections are accepted on.  The default is 143,
#  the standard IMAP port.
#  Multiple port numbers can be separated by commas.  When multiple port
#  given port as "ip.port".  For example, "127.0.0.1.900,192.68.0.1.900"
#  accepts connections on port 900 on IP addresses 127.0.0.1 and 192.68.0.1
#  The previous ADDRESS setting is a default for ports that do not have

PORT=1143

#  depending on the connection's port.  This only works with authentication
# When IMAP clients are used which support new mail indication, and when
# of the messages may be important.
# Setting IMAP_USELOCKS to 1 will use dot-locking to support concurrent
# IMPORTANT: IMAP_USELOCKS *MUST* also be set to 1, and IDLE must be included
# IMPORTANT:  If you change this, you must also change IMAP_EMPTYTRASH
# Important: the purging is controlled by CTIME, not MTIME (the file time
```


# /etc/init.d/courier-imap restart
	
	



```
Stopping Courier IMAP server: imapd.
Starting Courier IMAP server: imapd.
```


# postfix reload
	
	



```
postfix/postfix-script: refreshing the 
Postfix mail system
```


# postfix check
No complaint.


On remote workstation;

$ ping -c3 220.232.213.178:1143
	
	



```
ping: unknown host 220.232.213.178:1143
```

$ ping -c3 220.232.213.178:/1143
	
	



```
ping: unknown host 220.232.213.178:/1143
```

$ ping -c3 220.232.213.178/1143
	
	



```
ping: unknown host 220.232.213.178/1143
```


On mail client, Evolution;

Receiving Email
220.232.213.178:1143

Authenticate Type
Password 
Click "Check for support type"

```
Please wait.

Querying server for a list of supported authentication mechanisms.
```

Just hanging there.  


Please help.  TIA


B.R.
satimis


----------



## hark (Dec 20, 2008)

satimis said:
			
		

> $ ping -c3 220.232.213.178:1143
> ping: unknown host 220.232.213.178:1143
> 
> $ ping -c3 220.232.213.178:/1143
> ...


ping will always use ICMP -- it can't be used to check the status of a port. You can either use telnet as a makeshift portsniffer, or use a real one (like ports/security/nmap) to determine the status of services on the remote host.

I have a feeling you have something mis-configured. On the remote host, could you verify that the port is open with `netstat -anLf inet`?


----------



## satimis (Dec 21, 2008)

hark said:
			
		

> ping will always use ICMP -- it can't be used to check the status of a port. You can either use telnet as a makeshift portsniffer, or use a real one (like ports/security/nmap) to determine the status of services on the remote host.


Hi hark,


On remote mail client

$ telnet 220.232.213.178:1143
	
	



```
telnet: could not resolve 220.232.213.178:1143/telnet: Name or service not known
```


$ telnet localhost 220.232.213.178:1143
	
	



```
telnet: could not resolve localhost/220.232.213.178:1143: Servname not supported for ai_socktype
```




> I have a feeling you have something mis-configured. On the remote host, could you verify that the port is open with `netstat -anLf inet`?


I assume "remote host" referring to the routing mail server.


# netstat -anLf inet

It complained


# netstat -anlF inet
	
	



```
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State
tcp        0      0 127.0.0.1:608           0.0.0.0:*               LISTEN
tcp        0      0 127.0.0.1:60000         0.0.0.0:*               LISTEN
tcp        0      0 127.0.0.1:10024         0.0.0.0:*               LISTEN
tcp        0      0 127.0.0.1:10025         0.0.0.0:*               LISTEN
tcp        0      0 127.0.0.1:3306          0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:587             0.0.0.0:*               LISTEN
tcp        0      0 127.0.0.1:783           0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:111             0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:465             0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:25              0.0.0.0:*               LISTEN
tcp6       0      0 :::993                  :::*                    LISTEN
tcp6       0      0 :::143                  :::*                    LISTEN
tcp6       0      0 :::80                   :::*                    LISTEN
tcp6       0      0 :::22                   :::*                    LISTEN
tcp6       0      0 ::ffff:192.168.0.212:22 ::ffff:192.168.0.:43739 ESTABLISHED
udp        0      0 0.0.0.0:111             0.0.0.0:*
Active UNIX domain sockets (servers and established)
Proto RefCnt Flags       Type       State         I-Node Path
unix  16     [ ]         DGRAM                    3226     /dev/log
unix  2      [ ACC ]     STREAM     LISTENING     4174     /var/run/courier/authdaemon/socket.tmp
unix  2      [ ACC ]     STREAM     LISTENING     3413     /var/run/mysqld/mysqld.sock
unix  2      [ ACC ]     STREAM     LISTENING     4450     public/cleanup
unix  2      [ ACC ]     STREAM     LISTENING     4457     private/tlsmgr
unix  2      [ ACC ]     STREAM     LISTENING     4462     private/rewrite
unix  2      [ ACC ]     STREAM     LISTENING     4466     private/bounce
unix  2      [ ACC ]     STREAM     LISTENING     4470     private/defer
unix  2      [ ACC ]     STREAM     LISTENING     4474     private/trace
unix  2      [ ACC ]     STREAM     LISTENING     4478     private/verify
unix  2      [ ACC ]     STREAM     LISTENING     4482     public/flush
unix  2      [ ACC ]     STREAM     LISTENING     4486     private/proxymap
unix  2      [ ACC ]     STREAM     LISTENING     4490     private/smtp
unix  2      [ ACC ]     STREAM     LISTENING     4494     private/relay
unix  2      [ ACC ]     STREAM     LISTENING     4498     public/showq
unix  2      [ ACC ]     STREAM     LISTENING     4502     private/error
unix  2      [ ACC ]     STREAM     LISTENING     4506     private/discard
unix  2      [ ACC ]     STREAM     LISTENING     4510     private/local
unix  2      [ ACC ]     STREAM     LISTENING     4514     private/virtual
unix  2      [ ACC ]     STREAM     LISTENING     4518     private/lmtp
unix  2      [ ACC ]     STREAM     LISTENING     4522     private/anvil
unix  2      [ ACC ]     STREAM     LISTENING     4526     private/scache
unix  2      [ ACC ]     STREAM     LISTENING     4530     private/maildrop
unix  2      [ ACC ]     STREAM     LISTENING     4534     private/uucp
unix  2      [ ACC ]     STREAM     LISTENING     4538     private/ifmail
unix  2      [ ACC ]     STREAM     LISTENING     4542     private/bsmtp
unix  2      [ ACC ]     STREAM     LISTENING     4546     private/scalemail-backend
unix  2      [ ACC ]     STREAM     LISTENING     4550     private/mailman
unix  2      [ ACC ]     STREAM     LISTENING     4554     private/amavis
unix  2      [ ACC ]     STREAM     LISTENING     4563     public/pre-cleanup
unix  2      [ ACC ]     STREAM     LISTENING     3333     /var/run/amavis/amavisd.sock
unix  2      [ ]         DGRAM                    4571
unix  2      [ ]         DGRAM                    4570
unix  2      [ ]         DGRAM                    4569
unix  3      [ ]         STREAM     CONNECTED     4566
unix  3      [ ]         STREAM     CONNECTED     4565
unix  3      [ ]         STREAM     CONNECTED     4562
unix  3      [ ]         STREAM     CONNECTED     4561
unix  3      [ ]         STREAM     CONNECTED     4557
unix  3      [ ]         STREAM     CONNECTED     4556
unix  3      [ ]         STREAM     CONNECTED     4553
unix  3      [ ]         STREAM     CONNECTED     4552
unix  3      [ ]         STREAM     CONNECTED     4549
unix  3      [ ]         STREAM     CONNECTED     4548
unix  3      [ ]         STREAM     CONNECTED     4545
unix  3      [ ]         STREAM     CONNECTED     4544
unix  3      [ ]         STREAM     CONNECTED     4541
unix  3      [ ]         STREAM     CONNECTED     4540
unix  3      [ ]         STREAM     CONNECTED     4537
unix  3      [ ]         STREAM     CONNECTED     4536
unix  3      [ ]         STREAM     CONNECTED     4533
unix  3      [ ]         STREAM     CONNECTED     4532
unix  3      [ ]         STREAM     CONNECTED     4529
unix  3      [ ]         STREAM     CONNECTED     4528
unix  3      [ ]         STREAM     CONNECTED     4525
unix  3      [ ]         STREAM     CONNECTED     4524
unix  3      [ ]         STREAM     CONNECTED     4521
unix  3      [ ]         STREAM     CONNECTED     4520
unix  3      [ ]         STREAM     CONNECTED     4517
unix  3      [ ]         STREAM     CONNECTED     4516
unix  3      [ ]         STREAM     CONNECTED     4513
unix  3      [ ]         STREAM     CONNECTED     4512
unix  3      [ ]         STREAM     CONNECTED     4509
unix  3      [ ]         STREAM     CONNECTED     4508
unix  3      [ ]         STREAM     CONNECTED     4505
unix  3      [ ]         STREAM     CONNECTED     4504
unix  3      [ ]         STREAM     CONNECTED     4501
unix  3      [ ]         STREAM     CONNECTED     4500
unix  3      [ ]         STREAM     CONNECTED     4497
unix  3      [ ]         STREAM     CONNECTED     4496
unix  3      [ ]         STREAM     CONNECTED     4493
unix  3      [ ]         STREAM     CONNECTED     4492
unix  3      [ ]         STREAM     CONNECTED     4489
unix  3      [ ]         STREAM     CONNECTED     4488
unix  3      [ ]         STREAM     CONNECTED     4485
unix  3      [ ]         STREAM     CONNECTED     4484
unix  3      [ ]         STREAM     CONNECTED     4481
unix  3      [ ]         STREAM     CONNECTED     4480
unix  3      [ ]         STREAM     CONNECTED     4477
unix  3      [ ]         STREAM     CONNECTED     4476
unix  3      [ ]         STREAM     CONNECTED     4473
unix  3      [ ]         STREAM     CONNECTED     4472
unix  3      [ ]         STREAM     CONNECTED     4469
unix  3      [ ]         STREAM     CONNECTED     4468
unix  3      [ ]         STREAM     CONNECTED     4465
unix  3      [ ]         STREAM     CONNECTED     4464
unix  3      [ ]         STREAM     CONNECTED     4460
unix  3      [ ]         STREAM     CONNECTED     4459
unix  3      [ ]         STREAM     CONNECTED     4456
unix  3      [ ]         STREAM     CONNECTED     4455
unix  3      [ ]         STREAM     CONNECTED     4453
unix  3      [ ]         STREAM     CONNECTED     4452
unix  3      [ ]         STREAM     CONNECTED     4449
unix  3      [ ]         STREAM     CONNECTED     4448
unix  3      [ ]         STREAM     CONNECTED     4446
unix  3      [ ]         STREAM     CONNECTED     4445
unix  3      [ ]         STREAM     CONNECTED     4443
unix  3      [ ]         STREAM     CONNECTED     4442
unix  3      [ ]         STREAM     CONNECTED     4436
unix  3      [ ]         STREAM     CONNECTED     4435
unix  2      [ ]         DGRAM                    4420
unix  2      [ ]         DGRAM                    4180
unix  2      [ ]         DGRAM                    4148
unix  2      [ ]         DGRAM                    4123
unix  3      [ ]         STREAM     CONNECTED     3909
unix  3      [ ]         STREAM     CONNECTED     3908
unix  3      [ ]         STREAM     CONNECTED     3902
unix  3      [ ]         STREAM     CONNECTED     3901
unix  2      [ ]         DGRAM                    3731
unix  2      [ ]         DGRAM                    3704
unix  2      [ ]         DGRAM                    3409
unix  2      [ ]         DGRAM                    3359
unix  2      [ ]         DGRAM                    3358
unix  2      [ ]         DGRAM                    3331
unix  2      [ ]         DGRAM                    3241
```

B.R.
satimis


----------



## SirDice (Dec 21, 2008)

satimis said:
			
		

> $ telnet 220.232.213.178:1143
> 
> 
> 
> ...


Loose the colon.

It's telnet 220.232.213.178 1143


----------



## satimis (Dec 21, 2008)

SirDice said:
			
		

> Loose the colon.
> 
> It's telnet 220.232.213.178 1143


Hi SirDice,

# telnet 220.232.213.178 1143
Trying 220.232.213.178...
just waiting for input

ehlo localhost
also waiting for input


Finally;
	
	



```
telnet: Unable to connect to remote host: Connection timed out
```


B.R.
satimis


----------

