Pegasus Mail & Mercury

Welcome to the Community for Pegasus Mail and
The Mercury Mail Transport System, the Internet's longest-serving PC e-mail system!
Welcome to Pegasus Mail & Mercury Sign in | Join | Help
in
Home Blogs Forums Downloads Pegasus Mail Overview Mercury Overview Wiki

DNS or Firewall?

Last post 06-28-2016, 16:46 by Greenman. 23 replies.
Page 1 of 2 (24 items)   1 2 Next >
Sort Posts: Previous Next
  •  02-20-2009, 20:44

    • cynist is not online. Last active: 01-28-2014, 15:07 cynist
    • Top 50 Contributor
    • Joined on 01-09-2009
    • US
    • Participant
    • Points 2,165

    DNS or Firewall?

    Does this sound like a DNS routing problem or firewall routing problem?

    The host 'pop.neocap.org' could not be found. Please verify that you have entered the server name correctly. Account: 'NEOCAP POP', Server: 'pop.neocap.org', Protocol: POP3, Port: 995, Secure(SSL): Yes, Socket Error: 11001, Error Number: 0x800CCC0D

     I have an A record named pop.neocap.org pointing to my static IP.

  •  02-20-2009, 22:05

    Re: DNS or Firewall?

    cynist:
    Does this sound like a DNS routing problem or firewall routing problem?

    The host 'pop.neocap.org' could not be found. Please verify that you have entered the server name correctly. Account: 'NEOCAP POP', Server: 'pop.neocap.org', Protocol: POP3, Port: 995, Secure(SSL): Yes, Socket Error: 11001, Error Number: 0x800CCC0D

     I have an A record named pop.neocap.org pointing to my static IP.

    Not sure what to tell you but I do not see an A record for this host name only a CNAME and the CNAME is the same.  This CNAME probsably should point to neocap.org. 

    This might also be a router/firewall problem as well but it's definitely a problem in the DNS.  FWIW, I can connect to port 25 of either neocap.org or 71.2.1.226 so at least we know port 25 is open to the Mercury server.

     Answer Section:
        pop.neocap.org, CNAME, pop.neocap.org
    Authority Records Section:
        neocap.org, NS, ns24.domaincontrol.com
        neocap.org, NS, ns23.domaincontrol.com
    Additional Records Section:
        ns23.domaincontrol.com, A, 216.69.185.12
        ns24.domaincontrol.com, A, 208.109.255.12

    The domain also has a problem in that the MX host record points to a IP address and that makes it invalid.  The MX record should probably be

    neocap.org, MX, 10, neocap.org

    if the IP address 71.2.1.226 is a fixed IP address.

    Answer Section:
        neocap.org, MX, 0, 71.2.1.226
        neocap.org, A, 71.2.1.226 

    The mail.neocap.org is also bad.  Normally this would have a A record pointing at 71.2.1.226

    Answer Section:
        mail.neocap.org, CNAME, mail.neocap.org


    Thomas R. Stephenson
    San Jose, California
    Member of Pegasus Mail Support Team

    I do not answer private messages from the forum. If you want to contact me use email to techsupp@tstephenson.com.
  •  02-23-2009, 16:03

    • cynist is not online. Last active: 01-28-2014, 15:07 cynist
    • Top 50 Contributor
    • Joined on 01-09-2009
    • US
    • Participant
    • Points 2,165

    Re: DNS or Firewall?

    I made the MX change and left pop.neocap.org and smtp.neocap.org CNAMES since they both point to the same ip as the main A record.  Everything still seems to be working from behind the firewall.  I'm just not able to connect from outside client.  Are my DNS setting correct now?

  •  02-23-2009, 17:44

    Re: DNS or Firewall?

    cynist:

    I'm a little confused because Godaddy's DNS Control Panel gives these specific instructions for the MX record.

    To create a new MX record for your domain; enter the priority value (0 - 9999) and complete the Host Name, "Goes To. IP Address, and TTL Value fields; then click "Continue."

    Note: The "Host Name" should be defined as your domain name (i.e., "domainnamegoeshere.com") or "@" (Entering "@" will automatically insert your domain name as the host name for the MX Record). If the MX Record is for the domain "www.domainnamegoeshere.com," the host name should be entered as "www."

    Do not enter "www.domainnamegoeshere.com" as the host name.

    Not sure what to tell you.  I use Godaddy with two of my domain names and I'm using full host names for the MX hosts without any problem.  The primary MX points to my host name and the secondary goes to an off site MX host provided by my ISP.

    I can send and receive extermal SMTP mail through Mercury from behind my firewall with no problem.  I just can't connect from a client outside of the firewall to Mercury.  I'll make the MX change per your suggestion and see what happens.  Also, maybe I need to delete the CNAME entries if I put A records with the same?  If I have both would that confuse DNS?

    A CNAME should only be used if you want  to create a different host name for an existing host name.  For example if you want to create a POP.domain.com and point it to domain.com to make it easier for the users then a CNAME entry would be useful.  The host name pointed to by the CNAME record must have an A record.


    Thomas R. Stephenson
    San Jose, California
    Member of Pegasus Mail Support Team

    I do not answer private messages from the forum. If you want to contact me use email to techsupp@tstephenson.com.
  •  02-23-2009, 20:02

    • cynist is not online. Last active: 01-28-2014, 15:07 cynist
    • Top 50 Contributor
    • Joined on 01-09-2009
    • US
    • Participant
    • Points 2,165

    Re: DNS or Firewall?

    Thomas R. Stephenson:

    A CNAME should only be used if you want  to create a different host name for an existing host name.  For example if you want to create a POP.domain.com and point it to domain.com to make it easier for the users then a CNAME entry would be useful.  The host name pointed to by the CNAME record must have an A record.

    But all three are pointing to the same IP because this IP is my static firewall IP: neocap.org, pop.neocap.org, and smtp.neocap.org.  In this scenario what should my pop and smtp setting in the client be set to?  Do I delete the CNAMES insert pop.neocap.org and smtp.neocap.org as A records and then use these in my settings to point the client in the correct direction?

  •  02-23-2009, 21:56

    Re: DNS or Firewall?

    In this scenario what should my pop and smtp setting in the client be set to?

    Whatever works. You can even use just the IP address.

    For the sake of simplicity, you could just forget using 'pop.neocap.org' & 'smtp.neocap.org' and in your mail client enter 'neocap.org' as the servername for both POP & SMTP.

  •  02-23-2009, 22:19

    • cynist is not online. Last active: 01-28-2014, 15:07 cynist
    • Top 50 Contributor
    • Joined on 01-09-2009
    • US
    • Participant
    • Points 2,165

    Re: DNS or Firewall?

    Thanks.

  •  02-24-2009, 21:07

    • cynist is not online. Last active: 01-28-2014, 15:07 cynist
    • Top 50 Contributor
    • Joined on 01-09-2009
    • US
    • Participant
    • Points 2,165

    Re: DNS or Firewall?

    With your help I was able to get through to Mercury.  Now when trying to access the server via POP it is asking me for a username and password.  I tried my Mercury username and password but it didn't like that. 

    1. Is there a different area that I need to populate with a user list so I can log in?
    2. What does the POP3 aliasing file do?  It's not listed in the help file.
  •  02-24-2009, 21:40

    Re: DNS or Firewall?

    cynist:

    With your help I was able to get through to Mercury.  Now when trying to access the server via POP it is asking me for a username and password.  I tried my Mercury username and password but it didn't like that. 

    1.  Is there a different area that I need to populate with a user list so I can log in?

    Nope, the username is the name of the directory of the user and the password is what is set in the passwd.pm file in that directory.  When you setup or change data using the Manage local users you need to use the CTRL+Configuration + Manage local users or reboot Mercury/32 to make them active.

    2.  What does the POP3 aliasing file do?  It's not listed in the help file.
    Not sure what POP3 aliasing you are talking about.  There are aliases that convert an email address as received by MercuryD or MercuryS to a local email address of a user but other than that nothing comes to mind.

    In any case, turn on the MercuryP session logging to see exactly what is going on.

    Thomas R. Stephenson
    San Jose, California
    Member of Pegasus Mail Support Team

    I do not answer private messages from the forum. If you want to contact me use email to techsupp@tstephenson.com.
  •  02-24-2009, 21:50

    • cynist is not online. Last active: 01-28-2014, 15:07 cynist
    • Top 50 Contributor
    • Joined on 01-09-2009
    • US
    • Participant
    • Points 2,165

    Re: DNS or Firewall?

    In Mercury32 go to Configuration\POP3 Server\Connection Control and at the bottom there is an option to edit POP3 Alias File.

  •  02-24-2009, 22:08

    Re: DNS or Firewall?

    This is so a user can log in to the POP3 server as 'jimbob' and this name is translated to the real username of 'user_2315'.

     

  •  02-25-2009, 15:03

    • cynist is not online. Last active: 01-28-2014, 15:07 cynist
    • Top 50 Contributor
    • Joined on 01-09-2009
    • US
    • Participant
    • Points 2,165

    Re: DNS or Firewall?

    Thanks for the explaination.

    I am able to connect to Mercury through IMAP from a client on the internet but not through POP.  It keeps asking me for a username and password.  Any ideas as to why one works and not the other?

  •  02-25-2009, 19:10

    Re: DNS or Firewall?

    cynist:

    Thanks for the explaination.

    I am able to connect to Mercury through IMAP from a client on the internet but not through POP.  It keeps asking me for a username and password.  Any ideas as to why one works and not the other?

    The only thing I can think of that would do this is that you have used a bad user name and password that was bad and the POP3 account is in the temporary block list.  Try turning on session logging in MercuryP  to see exactly why you cannot connect.  You also may be trying to use a non-SSL connection and the POP3 is set for SSL or vice-versa.


    Thomas R. Stephenson
    San Jose, California
    Member of Pegasus Mail Support Team

    I do not answer private messages from the forum. If you want to contact me use email to techsupp@tstephenson.com.
  •  02-26-2009, 15:44

    • cynist is not online. Last active: 01-28-2014, 15:07 cynist
    • Top 50 Contributor
    • Joined on 01-09-2009
    • US
    • Participant
    • Points 2,165

    Re: DNS or Firewall?

    Update:

    Last night I was able to retrieve POP mail but still not able to send SMTP from home. 

    1. Could this be a relay problem?  I have the server set to not relay and I know Mercury doesn't recognize my dynamic home dsl ip.  How would I correct this?
    2. To secure the transmission of IMAP, POP, and SMTP all I need to do is check the SSL/TLS in mercury and then check the "This server requires a secure connection" in the client?  Do I need to do anything with the cert on the client side?
  •  02-26-2009, 18:57

    Re: DNS or Firewall?

    cynist:

    Update:

    Last night I was able to retrieve POP mail but still not able to send SMTP from home. 

    What mail client are you using?  

    1.  Could this be a relay problem?  I have the server set to not relay and I know Mercury doesn't recognize my dynamic home dsl ip.  How would I correct this?
    Could be.  You can turn on the ESMTP AUTH in MercuryS  and then setup the auth file with the usernames and passwords.  In any case you can turn on session logging to verify what you are sending to the server and the related error messages.
    2.  To secure the transmission of IMAP, POP, and SMTP all I need to do is check the SSL/TLS in mercury and then check the "This server requires a secure connection" in the client?  Do I need to do anything with the cert on the client side?
    Should not have to do anything except turn on the proper SSL/TLS in the client.  That said if you are using Outlook or OE they can't do the correct SSL/TLS.  With these you cannot send using SSL/TLS

    Thomas R. Stephenson
    San Jose, California
    Member of Pegasus Mail Support Team

    I do not answer private messages from the forum. If you want to contact me use email to techsupp@tstephenson.com.
Page 1 of 2 (24 items)   1 2 Next >
View as RSS news feed in XML

Contact | Advertise | Host provider: PraktIT | Terms of Use | Privacy Statement
Copyright © 2007-2011 David Harris / Peter Strömblad. | Pegasus Mail Home Page