1 (edited by amlamarra 2020-01-02 22:14:05)

Topic: PiHole no longer working after iRedMail installation

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 1.0 MARIADB edition
- Deployed with iRedMail Easy or the downloadable installer? Yes
- Linux/BSD distribution name and version: Raspbian (Debian) 10
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? No
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

Hello. I have a Raspberry Pi 4 model b that I installed iRedMail on. I know it's recommended to start with a fresh OS installation, but all I had was Pi-Hole installed to use this as a DNS server. I figured, what's the harm?

All of the iRedMail stuff works great! However, since installing iRedMail, the Pi has stopped responding to DNS queries. But watching tcpdump, I can see queries being made from other devices on my network (it sees the traffic), yet it never responds.

root ~ # tcpdump -nnvi eth0 host 192.168.1.4 and udp port 53                                                                                                                                              
tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes
09:06:11.286247 IP (tos 0x0, ttl 64, id 10101, offset 0, flags [none], proto UDP (17), length 50)
    192.168.1.4.40099 > 192.168.1.2.53: 35734+ A? mail. (22)
09:06:16.286462 IP (tos 0x0, ttl 64, id 10200, offset 0, flags [none], proto UDP (17), length 50)
    192.168.1.4.40099 > 192.168.1.2.53: 35734+ A? mail. (22)
09:06:21.286555 IP (tos 0x0, ttl 64, id 10523, offset 0, flags [none], proto UDP (17), length 50)
    192.168.1.4.40099 > 192.168.1.2.53: 35734+ A? mail. (22)

It only responds to queries on the localhost interface (127.0.0.1). However, I can see that the pi is listening to port 53/udp on all interfaces:

root ~ # ss -nulp | grep pihole                                                                                                                                                                           
UNCONN    0         0                  0.0.0.0:53               0.0.0.0:*        users:(("pihole-FTL",pid=13505,fd=4))                                          
UNCONN    0         0                        *:53                     *:*        users:(("pihole-FTL",pid=13505,fd=6))

I've already tried uninstalling & reinstalling Pi-Hole. I was using UFW to manage iptables rules, but I disabled that & set my firewall wide open:

root ~ # iptables -nvL
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination

I'm wondering if anyone knows of some component of the install that may cause this issue. Thanks for the help!

Edit: I'm not sure why, but it looks like the "code" tags are not using a monospaced font.

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: PiHole no longer working after iRedMail installation

iRedMail ships a firewall rules, port 53 is not open by default. You need to check file /etc/default/iptables (if you're running "iptables" service) or /etc/nftables.conf (if you're running "nftables").

3

Re: PiHole no longer working after iRedMail installation

Thank you for the reply. I did check the iptables rules, and made sure to flush them with the following:

iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT
iptables -t nat -F
iptables -t mangle -F
iptables -F
iptables -X

After that, my firewall was wide open (as shown in the iptables output in the first post). I think I'm going to try installing iRedMail on a fresh OS image first, then PiHole on top of that.

4

Re: PiHole no longer working after iRedMail installation

Not that complicated, just update firewall rules to fix it.