• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

intermittent mail retrieval issues via IPv6

D

dalydesign

Basic Pleskian
Pleask 12.5 (latest) running mail fine for several months.

Discovered that a client in Zurich is experiencing issues retrieving mail.

When he arrives in work in the morning, he is unable to receive mail, yet sending mail is ok.

I can reboot the server, and he will be able to receive mail. The following day he will arrive back in work and he is unable to receive mail again.

Logs show no errors.

he is on an IPv6 ip address which is a dynamic IP from his ISP.

He has reset his router and sometimes a new IP address is allocated and he can receive.

I question whether fail2ban supported IPv6 and was blocking all access to IPv6, but then surely it would block it 100% of the time?

Then there's magic spam, that would surely block SMTP, not POP3?

I'm scratching my head. If he had a blacklisted IP, surely he's be able to retrieve mail, but not send?

has anyone else seen anything like this?
 
Last edited:
I think I may have found the obvious solution.

open /etc/postfix/main.cf

change 'inet_protocols = ipv4'

to 'inet_protocols = all'
 
Hi dalydesign,

please consider to include log - files and configuration files, if you would like help with your investigations.
There are a lot of reasons which may cause your issue(s) and since nobody answered to your thread, you should be aware, that most people willing to help you don't want to guess things ( because this is very time-consuming and possible answers may absolutely not apply to your situation/configuration ).
 
Thanks for the response. I will dig up the logs and config files.

Meanwhile, I'm trying to understand the principle of how plesk works so before I go collating all the info, can I ask these questions:

If I have a server running a default plesk installation, and the server set up with a bunch of IPv4 addresses and server works fine, no issues sending receiving mail for 100 people all over the world connecting via ethernet/wifi/3G/4G, etc.

If I then walked into an small office that has an adsl router which has an ipv6 ip address assigned by their broadband provider, and I log onto to that router's, I am unable to connect to plesk server to send/receive emails via pop/imap/smtp.
  • is this normal behaviour?
  • would the adsl router type of IP address (IPv4 or IPV6) make a difference?
  • I understand IPV6 will support IPv6 and IPv4, but will a IPv4 configured server block a mobile phone connecting from a IPv6 router?

We use a fasthosts dedicated server that has multiple IPv4 assigned to it but no IPv6.
(I'm not a network guru, just a web developer tring to understand the logic behind IPv4/6 and a plesk based server)
 
Hi dalydesign,

dalydesign said:
If I then walked into an small office that has an adsl router which has an ipv6 ip address assigned by their broadband provider, and I log onto to that router's, I am unable to connect to plesk server to send/receive emails via pop/imap/smtp.
Click to expand...
If you experience this only at "your small office", while other users don't experience such issues, you should consider to investigate the issue from the router - side... again... log - files might help you to investigate the issue!

In addition, pls. make sure, that no firewall or IP-banning - software ( i.e.: Fail2Ban ) blocks your router - IP on the server.
 
I'm currently awaiting my client to come back to me with some info so I can pull off the logs based on when he's arriving in his office. I'm also awaiting a response from Fasthosts (where the server is hosted) to see if they can help, but to be honest, this forum is by far the best place for support.

At the moment I suspect that its an IP issue for the following reasons:
  • Everyone else is on IPv4 and has no issues, that is the only location I'm aware is assigned IPv6
  • When in that particular office. iphones on the wifi cannot send/receive mail, switch off wifi, activate 4G and mail sends/receives
  • Laptops going through router cannot send/receive, when tetherd to iphone via 4G, laptops can send/receive
  • We've had an engineer out to check the line and replace the router and its has not improved.
  • Ive disabled fail2ban as client was stating that when he arrived in the office, they could not connect to the server, but after several router reboots, mail starts to work
    (Initially I suspected blacklisted IP, but I've whitelisted them on the server and they are not receiving bounced emails)
  • Upon my inspection of mail logs, theres nothing listed in there showing that they atetmpted to connect to postfix or courier.
  • Checked system logs, no indication of any issues relating to mail, their IP or firewall. (My next step is to switch on firewall logging for dropped connections)
  • I do suspect there is an issue with the server setup as I have manually set Named to restart after all services have loaded after a reboot as it's was intermittant in starting up after reboot (Fasthosts server and early Plesk 12 install wasn't great, so I had to set it to re-load Named and the Firewall services last)
I'll upload some log files now...
 
Last edited:
Following connections from test22@ are from other home

Code: 
Oct  5 06:28:27 server88-777-666-555 courier-imaps: LOGIN, [email protected], ip=[::ffff:213.55.184.157], port=[18154], protocol=IMAP
Oct  5 06:28:31 server88-777-666-555 courier-imaps: LOGIN, [email protected], ip=[::ffff:213.55.184.157], port=[5717], protocol=IMAP
Oct  5 06:28:34 server88-777-666-555 courier-imaps: LOGIN, [email protected], ip=[::ffff:213.55.184.157], port=[25781], protocol=IMAP
Oct  5 06:28:36 server88-777-666-555 courier-imaps: LOGIN, [email protected], ip=[::ffff:213.55.184.157], port=[2047], protocol=IMAP
Oct  5 06:28:36 server88-777-666-555 courier-imaps: LOGOUT, [email protected], ip=[::ffff:213.55.184.157], headers=0, body=1137, rcvd=93, sent=2044, time=0, starttls=1
Oct  5 06:29:34 server88-777-666-555 courier-imaps: LOGOUT, [email protected], ip=[::ffff:213.55.184.157], headers=0, body=0, rcvd=305, sent=5435, time=67, starttls=1
Oct  5 06:29:34 server88-777-666-555 courier-imaps: LOGOUT, [email protected], ip=[::ffff:213.55.184.157], headers=0, body=0, rcvd=429, sent=6837, time=63, starttls=1
Oct  5 06:29:34 server88-777-666-555 courier-imaps: LOGOUT, [email protected], ip=[::ffff:213.55.184.157], headers=5667, body=255997, rcvd=2609, sent=297295, time=60, starttls=1
Oct  5 06:29:41 server88-777-666-555 courier-imaps: LOGIN, [email protected], ip=[::ffff:213.55.184.157], port=[22709], protocol=IMAP
Oct  5 06:36:49 server88-777-666-555 courier-imaps: LOGOUT, [email protected], ip=[::ffff:213.55.184.157], headers=0, body=0, rcvd=386, sent=10545, time=428, starttls=1

The following connections are incoming emails to the domain

Code: 
Oct  5 06:39:56 server88-777-666-555 postfix/smtpd[19532]: NOQUEUE: milter-reject: RCPT from unknown[112.215.65.78]: 550 5.7.0 HELO argument [[112.215.65.78]] is malformed. See http://spamauditor.org/best-practices/valid-helo-identifier/ for more information. Protection provided by MagicSpam 2.0.6-1 http://www.magicspam.com; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<[112.215.65.78]>
Oct  5 06:51:03 server88-777-666-555 postfix/smtpd[10459]: NOQUEUE: milter-reject: RCPT from bba190430.alshamil.net.ae[217.165.85.184]: 550 5.7.0 Server IP 217.165.85.184 listed as abusive. See http://spamauditor.org/best-practices/ip-reputation/ for more information. Protection provided by MagicSpam 2.0.6-1 http://www.magicspam.com; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<bba190430.alshamil.net.ae>
Oct  5 06:55:03 server88-777-666-555 postfix/smtpd[7665]: NOQUEUE: milter-reject: RCPT from unknown[197.210.226.97]: 550 5.7.0 HELO argument [[197.210.226.178]] is malformed. See http://spamauditor.org/best-practices/valid-helo-identifier/ for more information. Protection provided by MagicSpam 2.0.6-1 http://www.magicspam.com; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<[197.210.226.178]>
 
Then when they arrive in the office, the logs look like this (they are unable to send/receive).

Only incoming mail from external email addresses are abvailible

Code: 
Oct  5 07:57:15 server88-777-666-555 postfix-local[30153]: postfix-local: [email protected], [email protected], dirname=/var/qmail/mailnames
Oct  5 07:57:16 server88-777-666-555 spamd[11861]: spamd: using default config for [email protected]: /var/qmail/mailnames/example.com/test22/.spamassassin/user_prefs
Oct  5 07:57:16 server88-777-666-555 spamd[11861]: spamd: processing message <[email protected]> for [email protected]:30
Oct  5 07:57:16 server88-777-666-555 spamd[11861]: spamd: clean message (-0.9/7.0) for [email protected]:30 in 0.1 seconds, 5066 bytes.
Oct  5 07:57:16 server88-777-666-555 spamd[11861]: spamd: result: . 0 - BAYES_00,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,FREEMAIL_ENVFROM_END_DIGIT,FREEMAIL_FROM,HTML_MESSAGE,MIME_HTML_MOSTLY,RCVD_IN_DNSWL_NONE,RCVD_IN_SORBS_SPAM,URIBL_BLOCKED scantime=0.1,size=5066,[email protected],uid=30,required_score=7.0,rhost=server88-777-666-555.live-servers.net,raddr=127.0.0.1,rport=55660,mid=<[email protected]>,bayes=0.000000,autolearn=no
Oct  5 07:57:16 server88-777-666-555 postfix/pipe[30150]: DE60C1440350: to=<[email protected]>, relay=plesk_virtual, delay=1.9, delays=1.4/0/0/0.53, dsn=2.0.0, status=sent (delivered via plesk_virtual service)
Oct  5 08:01:12 server88-777-666-555 postfix-local[6582]: postfix-local: [email protected], [email protected], dirname=/var/qmail/mailnames
Oct  5 08:01:13 server88-777-666-555 spamd[11861]: spamd: using default config for [email protected]: /var/qmail/mailnames/example.com/test22/.spamassassin/user_prefs
Oct  5 08:01:13 server88-777-666-555 spamd[11861]: spamd: processing message <[email protected]> for [email protected]:30
Oct  5 08:01:15 server88-777-666-555 spamd[11861]: spamd: identified spam (10.9/7.0) for [email protected]:30 in 2.0 seconds, 8398 bytes.
Oct  5 08:01:15 server88-777-666-555 spamd[11861]: spamd: result: Y 10 - BAYES_99,BAYES_999,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HTML_MESSAGE,RDNS_NONE,T_REMOTE_IMAGE,URIBL_BLOCKED scantime=2.0,size=8398,[email protected],uid=30,required_score=7.0,rhost=server88-777-666-555.live-servers.net,raddr=127.0.0.1,rport=58272,mid=<[email protected]>,bayes=1.000000,autolearn=no
Oct  5 08:01:15 server88-777-666-555 postfix/pipe[6579]: 73F9D14403F8: to=<[email protected]>, relay=plesk_virtual, delay=3.1, delays=0.71/0/0/2.4, dsn=2.0.0, status=sent (delivered via plesk_virtual service)
Oct  5 08:06:39 server88-777-666-555 postfix/qmgr[21911]: E31FE144010E: from=<[email protected]>, size=1382, nrcpt=1 (queue active)
Oct  5 08:06:39 server88-777-666-555 postfix-local[18547]: postfix-local: [email protected], [email protected], dirname=/var/qmail/mailnames
Oct  5 08:06:40 server88-777-666-555 spamd[7226]: spamd: using default config for [email protected]: /var/qmail/mailnames/example.com/test22/.spamassassin/user_prefs
Oct  5 08:06:40 server88-777-666-555 spamd[7226]: spamd: processing message (unknown) for [email protected]:30
Oct  5 08:06:43 server88-777-666-555 spamd[7226]: spamd: clean message (0.9/7.0) for [email protected]:30 in 3.0 seconds, 2133 bytes.
Oct  5 08:06:43 server88-777-666-555 spamd[7226]: spamd: result: . 0 - BAYES_00,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HTML_MESSAGE,HTML_MIME_NO_HTML_TAG,MIME_HTML_ONLY,MISSING_DATE,MISSING_MID,RCVD_IN_DNSWL_NONE,URIBL_BLOCKED scantime=3.0,size=2133,[email protected],uid=30,required_score=7.0,rhost=server88-777-666-555.live-servers.net,raddr=127.0.0.1,rport=35114,mid=(unknown),bayes=0.000000,autolearn=no
Oct  5 08:06:43 server88-777-666-555 postfix/pipe[7158]: E31FE144010E: to=<[email protected]>, relay=plesk_virtual, delay=12, delays=7.5/0.53/0/4.4, dsn=2.0.0, status=sent (delivered via plesk_virtual service)

When they switch over to 4G, theyre able to send/receive mail again:
Code: 
Oct  5 08:11:33 server88-777-666-555 courier-imaps: LOGIN, [email protected], ip=[::ffff:213.55.184.157], port=[22220], protocol=IMAP
Oct  5 08:11:34 server88-777-666-555 courier-imaps: LOGIN, [email protected], ip=[::ffff:213.55.184.157], port=[24858], protocol=IMAP
Oct  5 08:11:35 server88-777-666-555 courier-imaps: LOGIN, [email protected], ip=[::ffff:213.55.184.157], port=[28663], protocol=IMAP
Oct  5 08:11:36 server88-777-666-555 courier-imaps: LOGOUT, [email protected], ip=[::ffff:213.55.184.157], headers=0, body=5430, rcvd=95, sent=6216, time=1, starttls=1
Oct  5 08:18:18 server88-777-666-555 courier-imaps: LOGOUT, [email protected], ip=[::ffff:213.55.184.157], headers=539, body=2480, rcvd=879, sent=16977, time=404, starttls=1
Oct  5 08:18:18 server88-777-666-555 courier-imaps: LOGOUT, [email protected], ip=[::ffff:213.55.184.157], headers=0, body=0, rcvd=207, sent=4824, time=431, starttls=1
Oct  5 08:18:19 server88-777-666-555 courier-imaps: LOGIN, [email protected], ip=[::ffff:213.55.184.157], port=[31681], protocol=IMAP
Oct  5 08:18:22 server88-777-666-555 courier-imaps: LOGIN, [email protected], ip=[::ffff:213.55.184.157], port=[29545], protocol=IMAP
Oct  5 08:18:55 server88-777-666-555 courier-imaps: LOGOUT, [email protected], ip=[::ffff:213.55.184.157], headers=0, body=0, rcvd=319, sent=6857, time=33, starttls=1
Oct  5 08:18:55 server88-777-666-555 courier-imaps: LOGOUT, [email protected], ip=[::ffff:213.55.184.157], headers=0, body=0, rcvd=207, sent=4824, time=36, starttls=1
Oct  5 08:22:22 server88-777-666-555 courier-imapd: LOGIN, [email protected], ip=[::ffff:213.55.184.157], port=[11064], protocol=IMAP
Oct  5 08:22:24 server88-777-666-555 courier-imapd: LOGIN, [email protected], ip=[::ffff:213.55.184.157], port=[25200], protocol=IMAP
Oct  5 08:22:49 server88-777-666-555 courier-imaps: LOGIN, [email protected], ip=[::ffff:213.55.184.157], port=[26591], protocol=IMAP
 
Here's the iptables status (with fail2ban running):
Code: 
Table: nat
Chain PREROUTING (policy ACCEPT)
num  target     prot opt source               destination

Chain POSTROUTING (policy ACCEPT)
num  target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
num  target     prot opt source               destination

Table: mangle
Chain PREROUTING (policy ACCEPT)
num  target     prot opt source               destination

Chain INPUT (policy ACCEPT)
num  target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
num  target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
num  target     prot opt source               destination

Chain POSTROUTING (policy ACCEPT)
num  target     prot opt source               destination

Table: filter
Chain INPUT (policy DROP)
num  target     prot opt source               destination
1    f2b-http-get-dos  tcp  --  0.0.0.0/0            0.0.0.0/0           multiport dports 80,443,7080,7081
2    f2b-plesk-wordpress  tcp  --  0.0.0.0/0            0.0.0.0/0           multiport dports 80,443,7080,7081
3    f2b-BadBots  tcp  --  0.0.0.0/0            0.0.0.0/0           multiport dports 80,443,7080,7081
4    f2b-apache  tcp  --  0.0.0.0/0            0.0.0.0/0           multiport dports 80,443,7080,7081
5    f2b-plesk-roundcube  tcp  --  0.0.0.0/0            0.0.0.0/0           multiport dports 80,443,7080,7081
6    f2b-plesk-horde  tcp  --  0.0.0.0/0            0.0.0.0/0           multiport dports 80,443,7080,7081
7    f2b-plesk-proftpd  tcp  --  0.0.0.0/0            0.0.0.0/0           multiport dports 21,20,990,989
8    f2b-recidive  tcp  --  0.0.0.0/0            0.0.0.0/0
9    f2b-SSH    tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:22
10   ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED
11   REJECT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp flags:!0x17/0x02 state NEW reject-with tcp-reset
12   DROP       all  --  0.0.0.0/0            0.0.0.0/0           state INVALID
13   ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0
14   ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:8447
15   ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpts:49152:65534
16   ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:12443
17   ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:11443
18   ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:11444
19   ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:8447
20   ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:8443
21   ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:8880
22   ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:80
23   ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:443
24   ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:21
25   ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:22
26   ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:587
27   ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:25
28   ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:465
29   ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:110
30   ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:995
31   ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:143
32   ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:993
33   ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:106
34   ACCEPT     tcp  --  81.136.207.117       0.0.0.0/0           tcp dpt:3306
35   DROP       tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:3306
36   ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:5432
37   ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:9008
38   ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:9080
39   ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0           udp dpt:137
40   ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0           udp dpt:138
41   ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:139
42   ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:445
43   ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0           udp dpt:1194
44   ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0           udp dpt:53
45   ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:53
46   ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 8 code 0
47   DROP       all  --  0.0.0.0/0            0.0.0.0/0

Chain FORWARD (policy DROP)
num  target     prot opt source               destination
1    ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED
2    REJECT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp flags:!0x17/0x02 state NEW reject-with tcp-reset
3    DROP       all  --  0.0.0.0/0            0.0.0.0/0           state INVALID
4    ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0
5    DROP       all  --  0.0.0.0/0            0.0.0.0/0

Chain OUTPUT (policy DROP)
num  target     prot opt source               destination
1    ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED
2    REJECT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp flags:!0x17/0x02 state NEW reject-with tcp-reset
3    DROP       all  --  0.0.0.0/0            0.0.0.0/0           state INVALID
4    ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0
5    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:8651
6    ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0

Chain f2b-BadBots (1 references)
num  target     prot opt source               destination
1    REJECT     all  --  41.83.43.165         0.0.0.0/0           reject-with icmp-port-unreachable
2    RETURN     all  --  0.0.0.0/0            0.0.0.0/0

Chain f2b-SSH (1 references)
num  target     prot opt source               destination
1    RETURN     all  --  0.0.0.0/0            0.0.0.0/0

Chain f2b-apache (1 references)
num  target     prot opt source               destination
1    RETURN     all  --  0.0.0.0/0            0.0.0.0/0

Chain f2b-http-get-dos (1 references)
num  target     prot opt source               destination
1    RETURN     all  --  0.0.0.0/0            0.0.0.0/0

Chain f2b-plesk-horde (1 references)
num  target     prot opt source               destination
1    RETURN     all  --  0.0.0.0/0            0.0.0.0/0

Chain f2b-plesk-proftpd (1 references)
num  target     prot opt source               destination
1    RETURN     all  --  0.0.0.0/0            0.0.0.0/0

Chain f2b-plesk-roundcube (1 references)
num  target     prot opt source               destination
1    RETURN     all  --  0.0.0.0/0            0.0.0.0/0

Chain f2b-plesk-wordpress (1 references)
num  target     prot opt source               destination
1    RETURN     all  --  0.0.0.0/0            0.0.0.0/0

Chain f2b-recidive (1 references)
num  target     prot opt source               destination
1    REJECT     all  --  91.200.12.114        0.0.0.0/0           reject-with icmp-port-unreachable
2    REJECT     all  --  91.108.183.42        0.0.0.0/0           reject-with icmp-port-unreachable
3    REJECT     all  --  222.186.56.170       0.0.0.0/0           reject-with icmp-port-unreachable
4    REJECT     all  --  203.135.20.30        0.0.0.0/0           reject-with icmp-port-unreachable
5    REJECT     all  --  80.82.64.239         0.0.0.0/0           reject-with icmp-port-unreachable
6    REJECT     all  --  85.4.85.247          0.0.0.0/0           reject-with icmp-port-unreachable
7    REJECT     all  --  85.3.28.47           0.0.0.0/0           reject-with icmp-port-unreachable
8    REJECT     all  --  58.137.112.204       0.0.0.0/0           reject-with icmp-port-unreachable
9    REJECT     all  --  122.155.89.162       0.0.0.0/0           reject-with icmp-port-unreachable
10   REJECT     all  --  119.249.54.88        0.0.0.0/0           reject-with icmp-port-unreachable
11   REJECT     all  --  121.18.238.98        0.0.0.0/0           reject-with icmp-port-unreachable
12   REJECT     all  --  119.249.54.68        0.0.0.0/0           reject-with icmp-port-unreachable
13   REJECT     all  --  116.31.116.10        0.0.0.0/0           reject-with icmp-port-unreachable
14   REJECT     all  --  85.3.29.109          0.0.0.0/0           reject-with icmp-port-unreachable
15   REJECT     all  --  221.194.47.208       0.0.0.0/0           reject-with icmp-port-unreachable
16   REJECT     all  --  221.194.47.224       0.0.0.0/0           reject-with icmp-port-unreachable
17   REJECT     all  --  119.249.54.75        0.0.0.0/0           reject-with icmp-port-unreachable
18   REJECT     all  --  195.22.126.189       0.0.0.0/0           reject-with icmp-port-unreachable
19   REJECT     all  --  85.3.122.86          0.0.0.0/0           reject-with icmp-port-unreachable
20   REJECT     all  --  119.254.90.241       0.0.0.0/0           reject-with icmp-port-unreachable
 
Not sure if its related, but if I restart the firewall I do get this error:
Code: 
cat: /proc/net/if_inet6: No such file or directory

Here is etc/sysctl.conf

Code: 
# Kernel sysctl configuration file for Red Hat Linux
#
# For binary values, 0 is disabled, 1 is enabled.  See sysctl(8) and
# sysctl.conf(5) for more details.
#
# Use '/sbin/sysctl -a' to list all possible parameters.

# Controls IP packet forwarding
net.ipv4.ip_forward = 0

# Controls source route verification
net.ipv4.conf.default.rp_filter = 1

# Do not accept source routing
net.ipv4.conf.default.accept_source_route = 0

# Controls the System Request debugging functionality of the kernel
kernel.sysrq = 0

# Controls whether core dumps will append the PID to the core filename.
# Useful for debugging multi-threaded applications.
kernel.core_uses_pid = 1

# Controls the use of TCP syncookies
net.ipv4.tcp_syncookies = 1

# Controls the default maxmimum size of a mesage queue
kernel.msgmnb = 65536

# Controls the maximum size of a message, in bytes
kernel.msgmax = 65536

# Controls the maximum shared segment size, in bytes
kernel.shmmax = 68719476736

# Controls the maximum number of shared memory segments, in pages
kernel.shmall = 4294967296
 
Last edited:
Your logs don't contain any errors/issues/problems.

Consider to FLUSH your iptables completely ( don't rebuild them, pls. !!! ) and see, if any of your firewall rules ( or/and Fail2Ban ) are causing the issues. If not, the root issue seems to be on THEIR side... not on the server side.

Commands to use:

/sbin/iptables -F
/sbin/ip6tables -F
/sbin/ipset flush


Pls. be as well informed, that this is a PLESK - related forum. Issues with routers or misconfigured firewalls are not discussed in this forum and I can't see anything wrong, mis- or unconfigured for Plesk and it's components.
 
Thanks. I'll keep digging.

I'm trying to rule out that it is not Plesk thats causing it. Hence I'm trying to ensure theres no issue with my server setup. We've changed his router connected via ethernet and wifi at his location. I've asked fasthosts to investigate too, just in case theres a misconfiguration with their connection to the traffic (maybe they only support ipv4 traffic - but I'd doubt it, or block traffic from swisscom).

I may be wrong with what I'm doing here, but can I create an ipv6 address on the plesk control panel using an standard IP address? If so, I used an online calculator to convert the IPv4 addresss to IPv6 and then added it to plesk, but plesk returned the following error:

Code: 
Error: ifmng failed: No support for INET6 on this system. /sbin/ifconfig eth0 add ::ffff:88.208.223.23/128 exited with non-zero status 1

When I ran the following its returned nothing.
test -f /proc/net/if_inet6 && echo "Running kernel is IPv6 ready"
So the kernal doesn't support IPv6?

If I try to start /etc/init.d/ip6tables it fails with a 'no config file' error.

As I've customised and maintained the server most technologies i'm familiar with, but i've not had to worry about IPv4/6 until this issue occurred. I'm starting to suspect that this issue is down to the server's ipv6 may be broken this only happens when he's on ipv6? What do you think? I'm open to opinion if you think I'm concentrating on the wrong area.
 
Fasthosts say that their servers don't support IPv6:

Whilst our servers have the ability to utilize the Ipv6 we have not yet adopted it as we have ipv4 addresses still available to purchase and assign to the server.
Unfortunately I do not know of a way to access the server if they are on a strict ipv6 network but I hope this guide I located assists.
http://serverfault.com/questions/596616/how-do-i-reach-ipv4-addresses-from-an-ipv6-only-network
Click to expand...
http://serverfault.com/questions/596616/how-do-i-reach-ipv4-addresses-from-an-ipv6-only-network

But my logic is thinking that if the customer can view their website on the same server via port 80, then I assume they can connect to the server via IPv6 to IPv4 translation routing with my customers ISP? which then suggests that its possible that they are connecting to the server but postfix may not be accepting connections from it, but surely that would show in the maillog?

I'll keep digging... :O)
 
Last edited:
You must log in or register to reply here.

Similar threads

A
Issue Mail of some Domains go to Spam
Replies
5
Views
2K
weltonw
W
A
Issue Unable to send mails
Replies
1
Views
2K
andersonjosephine
andersonjosephine
D
Issue Outbound Mail Resolving to Local IP
Replies
2
Views
1K
Dome1990
D
T
Plesk Default Page when entering Domain in Facebook-Thread
Replies
4
Views
2K
Torte
T
D
Mail from one server being rejected
Replies
4
Views
5K
Dean_Collins
D
Back
Top