Ping mail.domain.tld and see if your internal comes out or not
Donāt worry about the NAT reflection stuff yet.
Open the SSL/TLS ports and see if itāll work over WAN first.
Alright so thats 465 and 587 right ?
Not 587ā¦
587 shouldnāt be necessary, but it wonāt hurt anything.
Does it work?
No it does not
IIRC POP uses 587 for TLS though no one should really be using POP these days but old habitsā¦
Well yes, but I will also go on a limb and assume it will try to give you a external ip
Is the output of this the same:
Yes it works and gives me my public wan IP
The DNS resolution and ping look good to me.
Also changing those ports had to do something cause it was not working beforeā¦ Before it would fail to resolve locally for that.
You do need those ports open, so keep them open, but obviously something else is not right yet.
Could you check the mailing client settings and see if you are attempting to send with SMTP 25?
Not SMTP TLs
General question:
Does pfsense automatically configure the firewall when you configure port forwarding in NAT?
Iām assuming it does because it looked like basic SMTP traffic was going through.
I canāt connect to it with a mailing client like outlook eitherā¦ I have been using the online email portal that Axigen uses
Maybe, but letās get your mail server working on the WAN first. The reflection stuff is for accessing it from the LAN with the same domain name.
Based on the log you posted earlier, itās definitely trying to establish TLS and then failing. Now that we know the ports are all forwarding, do you have the certificate and everything set up for TLS to work?
Are you able to use the mail server locally using the IP address?