[NBLUG/talk] Sending to Comcast mailserver woes....
Mark Street
mark at oswizards.com
Mon Nov 19 18:02:24 PST 2007
Hi,
I am still having fits with sending mail to comcast and a few other domains
for the past month. Nothing has changed in my firewall in the past year or
so..... but I believe I have narrowed it down to my firewall - iptables - one
on a Red Hat 9 box and one on a CentOS 5 box. If I turn off my firewall I
can send mail to comcast.net. If I turn it back on and try to send I get
entries in /var/log/messages that show mx2.comcast.net or mx1.comcast.net
sending an ACK SYN to a random high port on my machine. It does this for
about 15 seconds, then sends a ACK RST. The mail never goes out.
I have edited my firewall script and turned off all ICMP filtering with no
positive effect. Can anyone give me a clue as to why comcast insists on
coming back with a 3 way handshake and how I can tweak my firewall to
accomodate?
TIA
---------------
Nov 19 10:19:21
penguin kernel: Inbound IN=eth1 OUT=
MAC=00:a0:d1:e4:5c:75:00:60:49:80:24:6e:08:00 SRC=76.96.30.116
DST=XXX.XXX.XXX.XXX LEN=44 TOS=0x00 PREC=0x00 TTL=54 ID=0 DF PROTO=TCP SPT=25
DPT=47704 WINDOW=5840 RES=0x00 ACK SYN URGP=0
Nov 19 10:19:24 penguin kernel: Inbound IN=eth1 OUT=
MAC=00:a0:d1:e4:5c:75:00:60:49:80:24:6e:08:00 SRC=76.96.30.116
DST=XXX.XXX.XXX.XXX LEN=44 TOS=0x00 PREC=0x00 TTL=54 ID=0 DF PROTO=TCP SPT=25
DPT=47704 WINDOW=5840 RES=0x00 ACK SYN URGP=0
Nov 19 10:19:24 penguin kernel: Inbound IN=eth1 OUT=
MAC=00:a0:d1:e4:5c:75:00:60:49:80:24:6e:08:00 SRC=76.96.30.116
DST=XXX.XXX.XXX.XXX LEN=44 TOS=0x00 PREC=0x00 TTL=54 ID=0 DF PROTO=TCP SPT=25
DPT=47704 WINDOW=5840 RES=0x00 ACK SYN URGP=0
Nov 19 10:19:30 penguin kernel: Inbound IN=eth1 OUT=
MAC=00:a0:d1:e4:5c:75:00:60:49:80:24:6e:08:00 SRC=76.96.30.116
DST=XXX.XXX.XXX.XXX LEN=44 TOS=0x00 PREC=0x00 TTL=54 ID=0 DF PROTO=TCP SPT=25
DPT=47704 WINDOW=5840 RES=0x00 ACK SYN URGP=0
Nov 19 10:19:30 penguin kernel: Inbound IN=eth1 OUT=
MAC=00:a0:d1:e4:5c:75:00:60:49:80:24:6e:08:00 SRC=76.96.30.116
DST=XXX.XXX.XXX.XXX LEN=44 TOS=0x00 PREC=0x00 TTL=54 ID=0 DF PROTO=TCP SPT=25
DPT=47704 WINDOW=5840 RES=0x00 ACK SYN URGP=0
Nov 19 10:19:35 penguin kernel: Inbound IN=eth1 OUT=
MAC=00:a0:d1:e4:5c:75:00:60:49:80:24:6e:08:00 SRC=76.96.30.116
DST=XXX.XXX.XXX.XXX LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=58685 PROTO=TCP
SPT=25 DPT=47704 WINDOW=5840 RES=0x00 ACK RST URGP=0
--
Mark Street, D.C., RHCE
CTO Alliance Medical Center
http://www.oswizards.com
http://www.alliancemed.org
--
"First they ignore you, then they ridicule you, then they fight you, then you
win" - Gandhi
"If you want truly to understand something, try to change it" - Kurt Lewin
--
Key fingerprint = 3949 39E4 6317 7C3C 023E 2B1F 6FB3 06E7 D109 56C0
GPG key http://www.oswizards.com/pubkey.asc
More information about the talk
mailing list