Re: OT: unable to open port 25 on remote servers - SOLVED
Hi all,
I managed to solve the problem described below, with TCP connections to
port 25.
The solution is to disable IP Explicit Congestion Notification (ECN) in
the kernel:
echo 0 > /proc/sys/net/ipv4/tcp_ecn
Stick this in sysctl.conf to make it permanent:
echo 'net/ipv4/tcp_ecn = 0' >> /etc/sysctl.conf
sysctl -p
On the machines where I had the SMTP connection problem, I'd been
running a locally-compiled kernel with
IP: disable ECN support by default (CONFIG_INET_ECN_DISABLED)
not set. I only caught it because the machines that worked were running
the stock woody bf2.4 kernel and that was the only difference I could
think of. Running a diff of the kernel config files quickly revealed
the source of my puzzlement.
OTOH, I was unable to find this item in menuconfig...
> Hi all,
>
> I realise this is OT but the mailserver I'm running is built on woody,
> and this list has been very helpful in the past so...
>
> I am running a postfix mailserver on debian woody.
>
> I am also running several other woody machines on the same network.
>
> I am getting complaints from users that outgoing emails to several
> domains are bouncing with "unable to connect".
>
> For each primary MX in each of the recipients' domains that have a
> problem, I try telnet to port 25.
>
> This is where it gets really weird: it works from some of the woody
> machines on the network, and not from others. The machines are all on
> the same physical network, and in the same /24 IP subnet.
>
> On the machines where it doesn't work, nothing is returned. netstat -n
> shows SYN_SENT, and that is as far as the connection goes.
>
> All machines run woody.
-
Best regards,
| George Karaolides Planitis Communications Ltd.,
|
| tel: +357 22 45 65 00 Office 102, 11 Florinis Street,
|
| web: www.planitis.net Nicosia CY 1065,
|
| email: george.karaolides@planitis.net Republic of Cyprus.
|
Reply to: