#1  
Old 30th January 2007, 17:49
Craig Craig is offline
Member
 
Join Date: Dec 2006
Posts: 56
Thanks: 1
Thanked 3 Times in 1 Post
Default Connection problem to smtp

1. Fedora Core 5 perfect setup with ISPConfig.
2. main.cf exactly as shown in the howto in #1 no additions or changes.
3. Postifx has no problem relaying mail from other servers.
4. nmap shows port 25 open.
5. localhost telnet to port 25 works as expected and replies quickly.
6. External telnet, if it works, takes a long time to reply.
7. Sending mail from my mail client, if it works, takes a long time to process even a single mail.
8. When sending mail from my local client times out, sometimes there is no mention of anything in /var/log/maillog and sometimes there is:
Code:
Jan 30 09:18:57 MY_HOST postfix/smtpd[17464]: connect from MY_HOST.DOMAIN_NAME.net[127.0.0.1]
Jan 30 09:18:57 MY_HOST postfix/smtpd[17464]: lost connection after CONNECT from MY_HOST.DOMAIN_NAME.net[127.0.0.1]
Jan 30 09:18:57 MY_HOST postfix/smtpd[17464]: disconnect from MY_HOST.DOMAIN_NAME.net[127.0.0.1]
9. When sending mail from my client fails, the web site hosted from the server is still served quickly.
10. I don't know if has anything to do with the problem or not or if it is a different problem but when sending mail from my mail client does work, although slow, there is this in maillog :
Code:
Jan 30 09:03:17 MY_HOST postfix/smtpd[17163]: setting up TLS connection from MY_HOST.DOMAIN_NAME.net[127.0.0.1]
Jan 30 09:03:17 MY_HOST postfix/smtpd[17163]: TLS connection established from MY_HOST.DOMAIN_NAME.net[127.0.0.1]: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)
Jan 30 09:03:17 MY_HOST sendmail[17176]: STARTTLS=client, relay=[127.0.0.1], version=TLSv1/SSLv3, verify=FAIL, cipher=DHE-RSA-AES256-SHA, bits=256/256
Jan 30 09:03:17 MY_HOST postfix/smtpd[17163]: 6B8111B7287: client=MY_HOST.DOMAIN_NAME.net[127.0.0.1], sasl_sender=web1_USER@MY_HOST.DOMAIN_NAME.net
11. I can connect with my mail client to receive email with no problems and receiving is fast.
12. It seems, although I am not sure, that it makes a difference where I am connecting from, i.e. work or home.
13. Although both connections, work and home are with different ISPs, they are both 100mbs fiber connections.

So, sending mail from my client works sometimes although slow, sometimes the connection times out with the server seeming to not see the connection at all and sometimes a connection is made but then dropped.

Any ideas?

[EDIT] I should mention, sending and receiving using web-mail on the server is no problem at all so worst case scenario, I just don't use a mail client. ;-) [/EDIT]
__________________
cass-hacks.com

Last edited by Craig; 30th January 2007 at 18:07. Reason: Minor additional info
Reply With Quote
Sponsored Links
  #2  
Old 30th January 2007, 23:09
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 37,036
Thanks: 841
Thanked 5,656 Times in 4,464 Posts
Default

Please check that the nameservers listed in the file:

/etc/resolv.conf

are correct and reachable from your server.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #3  
Old 31st January 2007, 03:07
Craig Craig is offline
Member
 
Join Date: Dec 2006
Posts: 56
Thanks: 1
Thanked 3 Times in 1 Post
Default

They are correct and reachable, unfortunately.

New information, or at least confirmation of what I had previously thought, I have no problems connecting to and sending/uploading mail from my work connection but can not send/upload nor telnet to port 25 from my home connection. Connecting to and downloading/receiving mail from either is uneffected.

I sure hope I haven't blacklisted my own home IP.
__________________
cass-hacks.com
Reply With Quote
  #4  
Old 31st January 2007, 17:16
martinfst martinfst is offline
Senior Member
 
Join Date: Dec 2006
Location: Hilversum, The Netherlands
Posts: 880
Thanks: 1
Thanked 18 Times in 17 Posts
Send a message via MSN to martinfst Send a message via Skype™ to martinfst
Default

Quote:
I sure hope I haven't blacklisted my own home IP
Almost every home IP is blacklisted by default nowadays.
Reply With Quote
  #5  
Old 31st January 2007, 21:38
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,752 Times in 2,582 Posts
Default

You can check here if your IP is blacklisted: http://www.mxtoolbox.com/blacklists.aspx
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #6  
Old 31st January 2007, 21:52
martinfst martinfst is offline
Senior Member
 
Join Date: Dec 2006
Location: Hilversum, The Netherlands
Posts: 880
Thanks: 1
Thanked 18 Times in 17 Posts
Send a message via MSN to martinfst Send a message via Skype™ to martinfst
Default

Sorry, what I meant to say was, that many MTA's block dynamic IP's at the server level anyway, including the semi static (A)DSL IP's which you get from your cable/Telco provider.

Too many infected clueless Windowze boxes ........
Reply With Quote
  #7  
Old 1st February 2007, 03:27
Craig Craig is offline
Member
 
Join Date: Dec 2006
Posts: 56
Thanks: 1
Thanked 3 Times in 1 Post
Default

I found out my new server, that I have had for all of about 2 weeks, is indeed on a blacklist but the blacklist is "maintained" by a crackpot who openly admits using his blacklist for attacking anyone he disagrees with and, the reason my server is blacklisted is because I happen to have an IP in a /24 block of IPs that just so happens to have a server supposedly sending bulk mail.

So, his reputation isn't all that great but considering the state of the RBL community and people's lack of understanding of what goes on there, he could be a raging anti-christ and people not exactly knowing what they are doing or desparate for ANY solution and still get people using his blacklist.

I don't yet know if my home ISP is using that blacklist but I should find out from them later today what is going on although if they are using that blacklist, they soon won't be.

I do know though that I also have another mail server on port 25 that does work although that server is in Japan while the one I am having problems with is outside Japan so there might be something to that. But, like I said, I should be able to have a better idea of what is going on later today.

One thing that is strange though, I added port 2525 to the ports smtpd is to use and although I could then tellnet in on port 2525, which I couldn't on port 25, I was getting auth errors from sasl.

But, after a reboot and trying 2525 again from here at work, it works. But then again so does using port 25.

Now we'll see what happens when I get home later today and seeing what works, and doesn't from there.
__________________
cass-hacks.com
Reply With Quote
  #8  
Old 1st February 2007, 09:17
Craig Craig is offline
Member
 
Join Date: Dec 2006
Posts: 56
Thanks: 1
Thanked 3 Times in 1 Post
Default UPDATE : Two steps forward, one step back!

I went to visit the ISP I use at my home. They were using the blacklist that my server is on. They are NO LONGER USING that blacklist.

I realize though that my server being on a blacklist would not prevent me from sending mail to it from my laptop, the server would just have mail rejected from it if it tried to forward mail a recipient's server using the block list so, something else was wrong.

Yep, they are also filtering all outbound traffic on port 25!

I can deal with that though, just use port 2525!

But, although I thought using port 2525 was working, I realized that due to the timing of my changing the port that my client was using, it was actually using port 25 to send the mail, through my ISP at work so, it worked on port 25 and NOT on port 2525 as I had thought it had.

So, a reboot and all that I had done thinking that I had gotten it to work actually did nothing because it still doesn't work on port 2525.

But, to my rescue comes http://www.howtoforge.com/antispam_smtp_proxy

I performed the steps there setting "Another Listen Port" to 2525 and as far as I am concerned, port 25 can now be removed from the face of this earth because I now have port 2525 working in all its beautiful glory!!!!
__________________
cass-hacks.com
Reply With Quote
  #9  
Old 27th February 2007, 14:38
wr19026 wr19026 is offline
Senior Member
 
Join Date: Jan 2006
Posts: 172
Thanks: 7
Thanked 1 Time in 1 Post
Default Now this is weird...

Here's the thing; I can receive / read mail anywhere without a problem. Sending is a different thing though...

Webmail again does not have any problems, I can send without problems.

Trying to send from my mail client is a problem; I keep getting the error message that I cannot connect to the mailserver. And indeed, telnet mail.myclientsserver.dom 25 times out

I have been toying with SPF settings, so I removed those first. Still no change.

And it just got weirder. The setup is as follows
Client has his own LAN
Client's server is on a seperate LAN
I have my own LAN (with public IP and ISPConf server)

From the client's LAN it's not a problem to connect to the (remote) mail server and send mail using a mail client. From my LAN it just doesn't seem to work as I can't connect to the client's SMTP. I have checked any my server is not blacklisted (although I'm not sure how that would cause the connection to the SMTP server to be refused)

Any ideas?

Edit: it's probably caused by my ISP blocking port 25 outbound as well. Funny, because the only difference between me and my client is that although we have the same ISP (KPN in the Netherlands) I have a private subscription and they have a business one...

Last edited by wr19026; 27th February 2007 at 16:20.
Reply With Quote
  #10  
Old 28th February 2007, 19:37
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,752 Times in 2,582 Posts
 
Default

Quote:
Originally Posted by wr19026
Edit: it's probably caused by my ISP blocking port 25 outbound as well.
That's what I think, too.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
sending e-mail using mail() function linuxuser1 HOWTO-Related Questions 38 21st April 2009 13:20
Getting e-mail working hansoffate Installation/Configuration 29 13th August 2008 17:33
Centos 4.4 32bit Hangs, High Server load 3cwired_com Server Operation 11 16th November 2006 16:47
E-mail problem MateKrisz Installation/Configuration 9 2nd June 2006 10:48
Perfect Xen 3.0 setup for Debian gurneyzap HOWTO-Related Questions 4 26th March 2006 12:30


All times are GMT +2. The time now is 09:19.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.