Connection problem to smtp

Discussion in 'Installation/Configuration' started by Craig, Jan 30, 2007.

  1. Craig

    Craig New Member

    1. Fedora Core 5 perfect setup with ISPConfig.
    2. exactly as shown in the howto in #1 no additions or changes.
    3. Postifx has no problem relaying mail from other servers.
    4. nmap shows port 25 open.
    5. localhost telnet to port 25 works as expected and replies quickly.
    6. External telnet, if it works, takes a long time to reply.
    7. Sending mail from my mail client, if it works, takes a long time to process even a single mail.
    8. When sending mail from my local client times out, sometimes there is no mention of anything in /var/log/maillog and sometimes there is:
    Jan 30 09:18:57 MY_HOST postfix/smtpd[17464]: connect from[]
    Jan 30 09:18:57 MY_HOST postfix/smtpd[17464]: lost connection after CONNECT from[]
    Jan 30 09:18:57 MY_HOST postfix/smtpd[17464]: disconnect from[]
    9. When sending mail from my client fails, the web site hosted from the server is still served quickly.
    10. I don't know if has anything to do with the problem or not or if it is a different problem but when sending mail from my mail client does work, although slow, there is this in maillog :
    Jan 30 09:03:17 MY_HOST postfix/smtpd[17163]: setting up TLS connection from[]
    Jan 30 09:03:17 MY_HOST postfix/smtpd[17163]: TLS connection established from[]: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)
    Jan 30 09:03:17 MY_HOST sendmail[17176]: STARTTLS=client, relay=[], version=TLSv1/SSLv3, verify=FAIL, cipher=DHE-RSA-AES256-SHA, bits=256/256
    Jan 30 09:03:17 MY_HOST postfix/smtpd[17163]: 6B8111B7287:[], [email protected]
    11. I can connect with my mail client to receive email with no problems and receiving is fast.
    12. It seems, although I am not sure, that it makes a difference where I am connecting from, i.e. work or home.
    13. Although both connections, work and home are with different ISPs, they are both 100mbs fiber connections.

    So, sending mail from my client works sometimes although slow, sometimes the connection times out with the server seeming to not see the connection at all and sometimes a connection is made but then dropped.

    Any ideas?

    [EDIT] I should mention, sending and receiving using web-mail on the server is no problem at all so worst case scenario, I just don't use a mail client. ;-) [/EDIT]
    Last edited: Jan 30, 2007
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    Please check that the nameservers listed in the file:


    are correct and reachable from your server.
  3. Craig

    Craig New Member

    They are correct and reachable, unfortunately. :(

    New information, or at least confirmation of what I had previously thought, I have no problems connecting to and sending/uploading mail from my work connection but can not send/upload nor telnet to port 25 from my home connection. Connecting to and downloading/receiving mail from either is uneffected.

    I sure hope I haven't blacklisted my own home IP. :D
  4. martinfst

    martinfst ISPConfig Developer ISPConfig Developer

    Almost every home IP is blacklisted by default nowadays. :D
  5. falko

    falko Super Moderator ISPConfig Developer

  6. martinfst

    martinfst ISPConfig Developer ISPConfig Developer

    Sorry, what I meant to say was, that many MTA's block dynamic IP's at the server level anyway, including the semi static (A)DSL IP's which you get from your cable/Telco provider.

    Too many infected clueless Windowze boxes ........:(
  7. Craig

    Craig New Member

    I found out my new server, that I have had for all of about 2 weeks, is indeed on a blacklist but the blacklist is "maintained" by a crackpot who openly admits using his blacklist for attacking anyone he disagrees with and, the reason my server is blacklisted is because I happen to have an IP in a /24 block of IPs that just so happens to have a server supposedly sending bulk mail.

    So, his reputation isn't all that great but considering the state of the RBL community and people's lack of understanding of what goes on there, he could be a raging anti-christ and people not exactly knowing what they are doing or desparate for ANY solution and still get people using his blacklist.

    I don't yet know if my home ISP is using that blacklist but I should find out from them later today what is going on although if they are using that blacklist, they soon won't be. ;)

    I do know though that I also have another mail server on port 25 that does work although that server is in Japan while the one I am having problems with is outside Japan so there might be something to that. But, like I said, I should be able to have a better idea of what is going on later today.

    One thing that is strange though, I added port 2525 to the ports smtpd is to use and although I could then tellnet in on port 2525, which I couldn't on port 25, I was getting auth errors from sasl.

    But, after a reboot and trying 2525 again from here at work, it works. But then again so does using port 25. :D

    Now we'll see what happens when I get home later today and seeing what works, and doesn't from there.
  8. Craig

    Craig New Member

    UPDATE : Two steps forward, one step back!

    I went to visit the ISP I use at my home. They were using the blacklist that my server is on. They are NO LONGER USING that blacklist. :)

    I realize though that my server being on a blacklist would not prevent me from sending mail to it from my laptop, the server would just have mail rejected from it if it tried to forward mail a recipient's server using the block list so, something else was wrong.

    Yep, they are also filtering all outbound traffic on port 25! :D

    I can deal with that though, just use port 2525!

    But, although I thought using port 2525 was working, I realized that due to the timing of my changing the port that my client was using, it was actually using port 25 to send the mail, through my ISP at work so, it worked on port 25 and NOT on port 2525 as I had thought it had.

    So, a reboot and all that I had done thinking that I had gotten it to work actually did nothing because it still doesn't work on port 2525. :(

    But, to my rescue comes

    I performed the steps there setting "Another Listen Port" to 2525 and as far as I am concerned, port 25 can now be removed from the face of this earth because I now have port 2525 working in all its beautiful glory!!!! :D
  9. wr19026

    wr19026 New Member

    Now this is weird...

    Here's the thing; I can receive / read mail anywhere without a problem. Sending is a different thing though...

    Webmail again does not have any problems, I can send without problems.

    Trying to send from my mail client is a problem; I keep getting the error message that I cannot connect to the mailserver. And indeed, telnet mail.myclientsserver.dom 25 times out

    I have been toying with SPF settings, so I removed those first. Still no change.

    And it just got weirder. The setup is as follows
    Client has his own LAN
    Client's server is on a seperate LAN
    I have my own LAN (with public IP and ISPConf server)

    From the client's LAN it's not a problem to connect to the (remote) mail server and send mail using a mail client. From my LAN it just doesn't seem to work as I can't connect to the client's SMTP. I have checked any my server is not blacklisted (although I'm not sure how that would cause the connection to the SMTP server to be refused)

    Any ideas?

    Edit: it's probably caused by my ISP blocking port 25 outbound as well. Funny, because the only difference between me and my client is that although we have the same ISP (KPN in the Netherlands) I have a private subscription and they have a business one...
    Last edited: Feb 27, 2007
  10. falko

    falko Super Moderator ISPConfig Developer

    That's what I think, too.

Share This Page