I'm having some issues with hosting a virtual mail server behind 2 NAT layers.
I don't understand why external mail servers are trying to connect on port 25 of the host.
Let me explain my situation:
I've got a rented server with one public IPv4 running Proxmox VE 3.4.
It has a first NAT network on 10.0.0.0/8. There is a PfSense VM on 10.0.0.2 acting as a router/dhcp server for the rest of my VM-s on the 172.16.0.0/12 network.
I have to resort to this as Proxmox can't port-forward without reboot or restarting network interfaces which kill "routes" to my NAT vm-s.
So I've got the mail server on 172.16.0.0/24 and I can send email as sender to where my server's IP isn't blocked(hmpf Microsoft), but I can't receive mail as recipient.
I really don't care about IP reputation(my IP isn't on blacklists according to Mxtoolbox) as of now as I'm not mailing anyone, just want to self-host my emails for some applications. That's all.
My mail client(Icedove/Thunderbird) can connect to the mail VM, but externals servers can't deliver mail.
External mail servers try to connect to the host's port 25 which is firewalled off/not port forwarded. Isn't port 25 used to send mail FROM and NOT TO?
I know this as I've been watching Proxmox's firewall log and reverse IP look-ups show Microsoft IPs and Zoho IPs(I've got emails at both companies and have been sending test emails to see what's up).
It sounds to me as they are trying to use my mail server as an smtp server to send unencrypted mail from, which doesn't make sense to me.
Here's the mail server's DNS config(123.123.123.123 replacing my public IP):
http://beta.pastee.com/api/get/zvbr5/raw
Sorry for the formatting, but I don't think I can post hyperlinks as a new account or reddit shadowban/automod will eat me for breakfast.
[link] [comments]