nanog mailing list archives
Re: Blocked port 25?
From: Byron L.Hicks <bhicks () nmsu edu>
Date: Thu, 19 Aug 2004 06:58:44 -0600
If I understand you correctly, you are saying that these sites are not able to send mail to you. Assuming that they are diverse sites that don't have significant similarities, this suggests that the problem is on your end.
In theory, I agree. But I'm running out of options in my troubleshooting and I'm looking for some wisdom from some of the experts.
From these sites, I can't connect to our mail server, on other sites, I can.I don't understand what this is supposed to mean. It's their mail serversthat are supposed to try to connect to your mail server.
I understand that. I have unix account access at one of the sites that cannot connect to our mail servers. I have sent test email, and I have tried to telnet to port 25 on the mail server, and the connection times out. I have put a Finisar network analyzer on the ethernet port of our border router, and I don't see the traffic even crossing the router. We have no firewall, and the access-list is right on the router (we are receiving mail from other sites). What else can I look at?
When you say you can't connect to your server on port 25, where exactly areyou trying from?
I have a unix account on a server at one of the remote sites that cannot send email to NMSU.
Did you try emailing (or calling) the administrators of those sites?
They just point to me and say "The problem is on your end, fix it." Much like you are saying in this email.
If you use SPF, are your records valid? Do the senders get any bounces?
We aren't getting bounces from our mail server. Their mail servers are bouncing the messages because the connection to our mail server timed out.
Your statement of the problem is lack of specifics. We can't check your SPFrecords. We can't check if those domains have a common provider.
The domains in question do not have a common provider. We are not using SPF.
So all we can do is tell you to troubleshoot.
I understand that. Let me restate my request: If anyone on nanog cannot send email to nmsu.edu, please send me a tcptraceroute on port 25 to our mail server. I need some forensics to help me diagnose this problem. You will have to reply to me at byronhicks () byronhicks com to keep the noise level down on the list. Thanks in advance for any help that I will receive.
-- Byron L. Hicks Network Engineer NMSU ICT
Attachment:
PGP.sig
Description: This is a digitally signed message part
Current thread:
- Blocked port 25? Byron L . Hicks (Aug 18)
- RE: Blocked port 25? David Schwartz (Aug 18)
- Re: Blocked port 25? Byron L . Hicks (Aug 19)
- Re: Blocked port 25? Gary E. Miller (Aug 19)
- Re: Blocked port 25? David Lesher (Aug 19)
- Re: Blocked port 25? Byron L . Hicks (Aug 19)
- RE: Blocked port 25? David Schwartz (Aug 18)
- Re: Blocked port 25? Ken Gilmour (Aug 20)
- Re: Blocked port 25? Michael . Dillon (Aug 20)
- <Possible follow-ups>
- RE: Blocked port 25? Michel Py (Aug 19)