Some things to consider:
- Have you established whether the IPs configured inside your host are actually reachable from the outside? (And whether they reach your host and not something else?)
You could check this using SSH which you say is working. Can you connect using both IPv4 and IPv6?
- Are you using pf(4) in any non-default setup?
- According to their website Vultr has a firewall which you can configure. Have you allowed incoming traffic to your services?
- According to their website Vultr allows you to configure the reverse DNS entries for your host. Currently your cited IPs seem to have only default reverse entries.
- According to their website Vultr blocks port 25 traffic. You will need to ask them to allow this for your mail server.
- You seem to indicate that resolving DNS is not working correctly? You need to get that fixed.
- I did a a quick nmap scan of your host:
$ nmap agroena.org
Starting Nmap 7.91 ( https://nmap.org ) at 2022-01-31 13:13 CET
Nmap scan report for agroena.org (8.9.36.198)
Host is up (0.11s latency).
Other addresses for agroena.org (not scanned): 2001:19f0:5:f8c:5400:3ff:fea5:c615
rDNS record for 8.9.36.198: 198.36.9.8.in-addr.arpa
Not shown: 995 closed ports
PORT STATE SERVICE
22/tcp open ssh
135/tcp filtered msrpc
139/tcp filtered netbios-ssn
445/tcp filtered microsoft-ds
1688/tcp filtered nsjtp-data
Nmap done: 1 IP address (1 host up) scanned in 16.34 seconds
$ nmap -6 agroena.org
Starting Nmap 7.91 ( https://nmap.org ) at 2022-01-31 13:13 CET
Nmap scan report for agroena.org (2001:19f0:5:f8c:5400:3ff:fea5:c615)
Host is up (0.100s latency).
Other addresses for agroena.org (not scanned): 8.9.36.198
rDNS record for 2001:19f0:5:f8c:5400:3ff:fea5:c615: c.8.f.0.5.0.0.0.0.f.9.1.1.0.0.2.ip6.arpa
Not shown: 996 closed ports
PORT STATE SERVICE
22/tcp open ssh
139/tcp filtered netbios-ssn
445/tcp filtered microsoft-ds
1688/tcp filtered nsjtp-data
Nmap done: 1 IP address (1 host up) scanned in 17.26 seconds
$
That does not show a working mail server (or web/ftp server). In fact only SSH seems to be working. And it shows that reverse DNS is not set up other than a default entry.
Things that may help others evaluate whether your host is configured correctly w.r.t. network settings:
$ cat /etc/hostname.*
$ cat /etc/resolv.conf
$ ifconfig -a
# netstat -an|grep LISTEN
$ ping dns.google.com
$ ping6 dns.google.com
# rcctl ls started
# cat /etc/pf.conf (if you have modified the pf(4) configuration)
But: Even if your host is perfectly configured, if the Vultr setup prevents packets from moving to or from your host it will not work.
HTH
Mike
> Am 30.01.2022 um 15:17 schrieb latincom@vcn.bc.ca:
>
> Openbsd 7.0 at Vultr:
>
> I have a new server at Vultr, everything was working correctly; except
> mail rdns; e-mails were rejected by receiver.
>
> The problem began because the ipv6 assigned was wrong ifconfig gave me a
> different ip at the beginning and they did the change.
>
> they changed the ipv6 to original and i configured the server with httpd,
> smtpd, dovecot, dkimsign, icecast and ftp correctly, all them were
> working.
>
> They are insisting that the error is in the configuration system, and i
> think that the error is because the IPs pass for another Vultr server that
> is not configured for rdns.
>
> Please, how might discover an error in the system or configuration? How to
> identify it? and of course, how to repair it if it is in my hands?
>
> # ifconfig vio0
> vio0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
> lladdr 56:00:03:a5:c6:15
> index 1 priority 0 llprio 3
> groups: egress
> media: Ethernet autoselect
> status: active
> inet 8.9.36.198 netmask 0xffffff00 broadcast 8.9.36.255
> inet6 fe80::5400:3ff:fea5:c615%vio0 prefixlen 64 scopeid 0x1
> inet6 2001:19f0:5:f8c:5400:3ff:fea5:c615 prefixlen 64
>
> # host agroena.org
> ;; connection timed out; no servers could be reached
>
>
>
> # ping6 2001:19f0:5:f8c:5400:3ff:fea5:c615
> PING 2001:19f0:5:f8c:5400:3ff:fea5:c615
> (2001:19f0:5:f8c:5400:3ff:fea5:c615): 56 data bytes
> 64 bytes from 2001:19f0:5:f8c:5400:3ff:fea5:c615: icmp_seq=0 hlim=64
> time=0.182 ms
> 64 bytes from 2001:19f0:5:f8c:5400:3ff:fea5:c615: icmp_seq=1 hlim=64
> time=0.082 ms
>
> # dig agroena.org
>
> ; <<>> dig 9.10.8-P1 <<>> agroena.org
> ;; global options: +cmd
> ;; connection timed out; no servers could be reached
>
> # ping agroena.org
> PING agroena.org (8.9.36.198): 56 data bytes
> 64 bytes from 8.9.36.198: icmp_seq=0 ttl=255 time=0.108 ms
> 64 bytes from 8.9.36.198: icmp_seq=1 ttl=255 time=0.054 ms
> 64 bytes from 8.9.36.198: icmp_seq=2 ttl=255 time=0.056 ms
>
> I do not have idea, what files should i show you.
>
> Thanks for your attention.
>
> PD:
> Actually i can access the server using ssh and console.
>
>
No comments:
Post a Comment