Tuesday, September 30, 2008

More Adventures with SME server and Friends

Yep - I'm still alive :-)

The spouse called me from home trying to send an email - and Thunderbird was telling her the mail server was temporarily unavailable, and she was on a deadline :-/

My first thought was to ssh in and try to send mail from my linux box on the LAN. Problem was, the DynDNS updater built into the SME server doesn't handle the possibility of being behind a NAT of it's own.

Instead I got her to turn on the LogMeIn service which is on that machine but always disabled, and I got in and started poking around. It was weird. I set up gmail as an smtp server and sent the message that way - which put the gmail account as the reply to on the message. Not a big problem since her gmail account (which she never uses) auto forwards to her 'real' POP account anyway, but an indication it was only a temporary fix.

Called the ISP, talked to first level support (much better than you'd expect - polite, friendly and helpful - gotta love my ISP!) who didn't have any insight into the issue and promised to get second level support to call me. They did - within about a half an hour, and we poked at it for a couple of minutes. Oddly, he couldn't see my attempts at sending an email show up at his end at all (he's watching the mail server logs as he's talking to me). He suggests swapping to port 587 and lo and behold it works fine. He's pretty convinced the problem is mine. I let him go and after a bit it comes to me - the SME server is blocking port 25 outbound I bet. Later on I prove it out

==> telnet smtp.myisp.com 25
Trying the.ip.of.that.server...
Connected to smtp.myisp.com.
Escape character is '^]'.
220 mySMEserver.notTheISP.com ESMTP

So, while it was nice that LogMeIn got me in, I wanted to get remote ssh up and going again.

A quick google didn't reveal a fix for the built in DynDNS software (I didn't look very hard) so I grabbed ddclient from dyndns.org and followed the Red Hat installation instructions. Worked perfect first try. (If you know of an 'official' package to do this, by all means let me know)

It really points out both edges of the SME sword. If you use DynDNS the way most people do, then their prebuilt config is perfect - easy, helpful and exactly what you want. If you don't want that, you have to start working 'around' the software instead of with it. It's still RedHat, so it's not a big deal in this case, but it's a good example.

Next up I went to forward port 22 thru the modem, thru the SME to my personal linux box. Thru the SME server was easy. Thru that modem was not. I don't find that firewall config easy or intuitive, and I don't like a firewall I'm not comfortable with. I'm really reconsidering the setup.

No comments:

Post a Comment