Sending emails behind NAT thourgh port 587

[ISouldatos]

Hello,
I have the following problem: I am using Ubuntu 12.04 in virtual box with Windows 7 host. The email client is Thunderbird 24.2.0 in the guest and Thunderbird portable 24.3.0 in the host. Up to a few weeks ago I was using the virtualbox with the bridged adapter and I had no trouble sending emails from Thunderbird. The bridged adapter gives the guest a separate address in the LAN than the host.

Then the wireless network at work was updated (to be more secure) and I couldn't use the birdged adapter anymore. The virtualbox wouldn't get its own separate address. So, I had to switch to the NAT adapter and this is when the problem started. I am in the following situation now:

From the host: I can send and receive emails.
From the guest when using NAT: I can receive emails, but I can't send.
From the guest when using bridged connection (can not do that at work): I can send and receive emails.

The email server I am using is through work and it requires to use port 587.

My thought was that Thunderbird in the guest uses port 587, but then the NAT adapter uses a different port in the host and the email server does not respond. The message I am getting is that "the connection timed out".

I looked the manual for the virtual box and it says that ports <1024 can not be forwarded. Just in case, I tried the port forwarding, but it did not work. Protocol: TCP, Host IP: (empty), Host Port: 587, Guest IP: (empty), Guest Port: 587. Then I tried with Guest IP: 10.0.2.15 (the address assigned to the virtual box) and it did not work either.

So, I am in need of some help of what to do. Any ideas?

[Perryg]

add a host-only adapter to the guest.

[ISouldatos]

add a host-only adapter to the guest.

I am a little puzzled. With host-only adapter "the virtual machines cannot talk to the world outside the host" (quote from the VirtualBox manual). I want to use the virtual machine to connect to the email server.

[Perryg]

Well now I am confused. NAT should be able to talk to an email server on the Internet. The only reason for forwarding in VBox is because the host and guest can't see each other.

[ISouldatos]

Well now I am confused. NAT should be able to talk to an email server on the Internet. The only reason for forwarding in VBox is because the host and guest can't see each other.

1) I am not sure if this is the problem, but my thought was that Thunderbird in the guest uses port 587, but then the NAT adapter uses a different port in the host and for that reason the email server does not respond.
This may very well not be the case.
2) Port forwarding "means that VirtualBox listens to certain ports on the host and resends all packets which arrive there to the guest, on the same or a different port." Even if my idea from (1) is correct, port forwarding may not apply. I am not an expert here, but I understand that port forwarding will redirect traffic from the Internet which arrives to the host, to the guest. My goal was to redirect certain traffic from the guest to the Internet, in order to use a specific port on the host. As I said, I am not an expert. So I tried, just in case, and it did not work.

[Perryg]

Port forwarding only works one way ( host to guest ) in VBox port forwarding. So it will not reverse forward.
But like I said that should not be your issue anyway. Something is blocking you from receiving information on that port in the guest. Probably a corp firewall or similar. See your tech department.

[ISouldatos]

Something is blocking you from receiving information on that port in the guest.

If this were the case, wouldn't the emails go out, but not in?

[Perryg]

NAT is a request only. Meaning nothing can get to the guest but things the guest asks for. It's a one way protocol.
If the guest asks for a connection to pop3 and presents the credentials if needed it should be able to send and SMTP should always work if not blocked.

[ISouldatos]

I will ask the IT department and see what I found. The firewall has a ton of rules in it. I don't want to go over all of them.

[ISouldatos]

Something is blocking you from receiving information on that port in the guest.

It is still confusing to me. Thunderbird in the host can send emails through port 587. Why the VBox shouldn't be able to do the same?

[Perryg]

Something is blocking you from receiving information on that port in the guest.

It is still confusing to me. Thunderbird in the host can send emails through port 587. Why the VBox shouldn't be able to do the same?

Not the first time I have heard about this, and it has always been because of restrictions on the LAN. Question, can the guest actually get to the Internet?

[ISouldatos]

Question, can the guest actually get to the Internet?

Yes, the guest can access the Internet and can receive emails too. I can even write an email and save it as a draft on the server. The problem is sending emails.

[noteirak]

Remove the port forwarding you've put in place, first of all. It servers no purpose and can only mess things up.
Next, try to telnet to your smtp server on the port 587 and see if you get an answer.

[ISouldatos]

Remove the port forwarding you've put in place, first of all.
Next, try to telnet to your smtp server on the port 587 and see if you get an answer.

1) The rule was removed.
2) I could telnet to the imap server at port 993, but the telnet command to the smtp server at port 587 timed out.
3) Out of curiosity, I tried nmap to the smtp server and all ports came back filtered.
I will have to talk to the IT people, but usually they are not happy helping people with requests like this.
If I find anything useful, I will post it here.
Thanks for the help.

[alvarogmj]

Hi,
I wonder if you ever found the reason for this behavior? just now I'm facing exactly the same problem: Host can talk to the SMTP server, as can the guest in bridged mode, but in NAT mode the SMTP server is invisible.

sendmail listens on ports 25 and 587 (0.0.0.0), and works just fine for the host and the guest in bridged mode.

nmap from the guest against the server shows several open ports, but in NAT mode 25 and 587 are not shown.

iptables rules are empty on the guest, and the server is running with its default configuration (it is a home network, the router is the one protecting the machines from the outside world)

This happens only for ports 25 and 587, the rest of the services (smbd, ssh, apache) work flawlessly

Any ideas will be welcome.


Thanks & Regards.