# Can't recieve email behind firewall

## pharmboy

OK. I'm at the end of my rope, have googled until I'm all googled out.

Up until 2 or 3 days ago, my network consisting of a Gentoo box acting as a firewall and gateway with 2 computers behind it  has functioned perfectly. This evening I noticed I had no new email messages for the third day in a row and I got suspicious. I use roadrunner. Upon checking roadrunner's web-based email, I discovered that indeed I did have 8 new messages. I use mozilla as my browser on my win xp box behind the gentoo box's firewall. Again, this has worked flawlessly up until I'm guessing about 2 or 3 days ago.

When I check my email in mozilla (on the XP box), I can see it check the server, and then tell me "No new messages" in the status bar. There are no error messages. 

I send a "test" message to myself using mozilla on my XP box. I then hit the "Get messages" button, and get the same, "No new messages" info. 

I shut down the linux box and hook the XP box directly to my cable modem, and sure enough, it downloads the test message I sent just fine. 

If I check my email using mozilla installed on the linux box, it downloads it fine as well. 

So something in the netfilter configuration of my linux box has gone horribly wrong, or....what??? I have NOT changed the firewall script in my linux box so that is not the issue here. I read on roadrunner's local page http://help.rr.com/getpage.asp?/faqs/e_mailconv_sms.html?topic=E%2Dmail,selfhelp that they have changed their back-end email software. I am wondering if this is the issue, or if my recent emerge -uD world and my subsequent etc-update has hosed something. I'm certain that iptables WAS updated during this update.

Also, just for fun, I created a new email account on my roadrunner account. When I plug the info into mozilla for the newly created account, roadrunner's email server tells me invalid user or password. But again, when I eliminate the linux box from the loop (shut it down and connect the XP box directly to the cable modem), the info I supplied to mozilla for this new account works perfectly and downloads the test message just fine. 

I can usually find the answers to my problems by searching, but this one I am stumped. I am at a total loss here, can anyone help?

----------

## sburnett

I would suggest using a sniffer, such as ethereal (emerge ethereal) to monitor the conversation between the XP machine and the mail server. If no packets are getting through to the other side of the firewall, then you know your problem. Also, if packets coming from the mail server never get to the XP box, then you also know the problem. Other than that, try and look for error messages (both in packet data and in your error logs).

It is possible that your mail provider is using some sort of technology to prevent its users from operating home networks. If that is the case, then you can set up an intermediery (sp.) mail server on the gentoo server to get the mail for you. There are several threads that discuss this topic (try searching for "courier-imap" or "fetchmail").

Good look.

----------

## steveb

are you able to get the mail if you use a mailapplication directly on your gentoo box (the firewall)?

cheers

SteveB

----------

## pharmboy

When I use my Mozilla on the gentoo box, yes, I am able to recieve my mail. Mozilla on the Gentoo box downloads it just fine. Just any boxes BEHIND the firewall cannot recieve email anymore (it was working fine 3 days ago). I'm emerging ethereal to see if that sheds any light on the situation as I type. I'll post back with any info I gather, or with any difficulties I encounter in using/understanding the information provided by ethereal. =)

The difficult part of this is not really knowing whether it is something Roadrunner has done recently on their end, or if it is something that happened during my recent emerge -uD world.

----------

## pharmboy

OK from what I can see in ethereal when requesting my email from the XP box, it appears that the packets are getting through and being processed by the mail server: (edited for obvious reasons)

 *Quote:*   

> Transmission Control Protocol, Src Port: 1467 (1467), Dst Port: pop-3 (110), Seq: 868745847, Ack: 0, Len: 0
> 
>     Source port: 1467 (1467)
> 
>     Destination port: pop-3 (110)
> ...

 

I took this from a file I created with ethereal, it is only the packet data from the file that seemed relevant to my XP box's communication with the mail server. And it is edited to replace my actual username and password with my_username and my_password. Looks to me like packets arent being blocked by firewall. Perhaps somehow something is getting NAT'd incorrectly? 

(BTW there WAS email on the server to download when I did the above test, I checked via Webmail)

Wonder if recompiling iptables would help...I know I emerged a new version when I recently did a complete emerge -uD world...

Thanks for the help so far, I really appreciate the responses!

----------

## pharmboy

I tried something to narrow the possibliities. I re-attached an old hard drive with RedHat 7.1 on it, which I havent used in approximately 6 months, and never had this problem with. Tried getting my email after it booted, and the same thing happened, Mozilla simply reports no new mail on the server (there  IS mail on the server, I know this from using web-based mail program offered by Roadrunner.) 

This tells me that it is NOT anything I've done to Gentoo with my recent updates to it, since the same thing that NEVER happened with my old RedHat install NOW happens with it. So it appears that RR in my area is now blocking email checks from behind a firewall using NAT. Don't know if this is on purpose or an accidental side-effect of the new mail backend they recently installed. 

In a way, this makes sense as I now recall being unable to retrieve my Roadrunner email from work via Outlook Express or Mozilla the other day as well.  (It was working fine before this happened)

Guess I'll have to look into setting up an intermediary mail server on the gentoo box.

----------

## w00t

Is it possible that somewhere in there a port is being blocked for security?  That might be worth investigating

----------

## pharmboy

I would say that yes, RR has changed their email software, and with it their default security. I've read that you used to not be able to access your email from outside the RR network (ie you couldnt be on a PC not connected via RR and get your email). It would appear that this is again the case, and as a side effect it blocks masqueraded PCs as well.  I'll know more this morning when I try to check my email from work, (which isn't connected via Roadrunner). 

This is kinda annoying.

----------

