I followed the standard installation of iRedMail (Version 1.4.2)
and updated the SSH certificates following this guide: https://www.linuxbabe.com/mail-server/debian-10-buster-iredmail-email-server
After a succefull installation some of my services (such as an Express REST API) couldn’t be reached anymore because the assigned Port was blocked.
I checked iptables and ufw setup and disabled ufw all together aswell but nothing changed.
I also looked at every log from each service that got installed with iRedMail and tried some configurations with nginx to proxy_serve that port.
Nothing seemed to be working and it wasn’t specifically bound to that port aswell (any port which wasn’t related to Http, Https, smpt and so on did not work).
3
Answers
I found in a forum about fail2ban that
nftcould be the problem. For some reason thenftfirewall blocked every port.Executing
sudo nft flush rulesetwill remove every rule from nft and solved my problem.I searched hours to find this solution, so I figured I should share it here.
I’m learning I’m not a expert, I solved it by editing
sudo nano /etc/nftables.confJust add a your new port for example
sudo reboot.I searched a little more and found the blocking was done from /etc/firewalld/zones/iredmail.xml
in my case I wanted ports 2095 and 2096 so I just added
to the xml
rebooted the machine and viola.. ports are opened magically
the previous method of deleting all rules works only temporarily, once you reboot you lose the setting. The above change is persistent
just my 2¢