[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: What's blocking Port 25?



On Thu, 29 Jul 2004 21:39:44 -0700 (PDT)
Griffin Palmer <griffjo@pacbell.net> spake thus:

> This may be one for the firewalls list, but I'm not
> entirely sure this is a firewall issue, or, at least,
> *entirely* a firewall issue. I'm pretty sure it's not
> an exim issue.
> 
> I thought I'd see if there are any troubleshooting
> suggestions from this obviously very experienced user
> base, before trying more specialized lists.
> 
> I've just installed testing/unstable on my machine. 
> 
> I'm running behind a NAT DSL router, with iptables on
> my machine.
> 
> I have my own domain, running its own DNS, smtp host,
> http host, etc. 
> 
> I'm using exim 4.41, compiled from source, as my MTA.
> 
> I was earlier running exim 3.36-11 on another box,
> behind the same router, using identical port
> forwarding. But in the fresh install on more robust
> hardware, something has gone amiss.
> 
> I'm pretty sure it's not exim. All the diagnostics
> check out for exim. I can send from and reply to
> local-domain addresses, using either mutt or mail.
> 
> I can also send messages to the outside world. But
> replies (or original messages) from the outside world
> fall on deaf ears. Eventually, I get an "I've given up
> trying" message from my ISP's MTA -- except in one
> instance (more on that below). 
> 
> Here's where it gets confusing. Running nmap against
> my machine from outside the domain shows it is
> answering that Port 25 is closed. This even though,
> using FireStarter, I've explicitly opened Port 25.
> 
> I'm *certain* I've properly forwarded Port 25 to the
> correct IP address for my new machine. 
> 
> Here's another oddity: Even though my machine replies
> 'closed' to Port 25 scans, I got one error reply with
> one message attempt from my ISP account that suggests
> the port isn't *entirely* closed.
> 
> Thinking I might have DNS configuration problems, I
> tried sending a message to myself@123.457.789.012 (my
> user name and IP address substituted for this dummy
> address). I didn't realize at the time you had to
> configure exim to accept mail addressed in this
> fashion.  
> 
> I got an error message back informing me that exim had
> refused to forward the dotted-quad-addressed message
> to my account on my host.
> 
> So it seems as if *something* is getting through on
> Port 25. 
> 
> It doesn't seem, though, that it's a matter of
> messages reaching my host and then exim failing to
> properly forward them locally: There are no
> unforwarded messages languishing on exim's input
> queue.
> 
> Any troubleshooting ideas would be appreciated.
> 
>                               Griff Palmer

is it feasible that your ISP now filters inbound smtp possibly as an
anti-spam or anti-virus measure?

HTH
LukeK
-- 
Luke Kearney <lukek@meibin.net>



Reply to: