UFW VPS Cannot Authenticate TLS Mail

Posted on February 25, 2010

Today I was setting up UFW in my Ubuntu VPS server and discovered that even with port 993 open I wasn't able to authenticate into my mail.

After some investigation I realized that UFW was blocking local requests to itself! This was a problem because while I was connecting successfully to 993 from outside, the VM was trying to connect to itself to authenticate with the TLS server and database.

The solution was a simple UFW rule:

ufw allow 127.0.0.1

Or, allow me to talk to myself on any port. Works!

I also had to explicitly allow pings for some reason as an after filter to UFW. Otherwise performance was terrible.

In /etc/ufw/after.rules:

-A ufw-after-input -p icmp --icmp-type echo-request -j ACCEPT
comments powered by Disqus