Re: [exim] Missing E-mail

Pàgina inicial
Aquest missatge és part del següent fil:
Ml'arbre de fils complet ordenat per data
M\Torry Crass en <-
MMDave Lugo en ->
Delete this message
Reply to this message
Autor: Dave Lugo
Data:  
A: exim-users
Assumpte: Re: [exim] Missing E-mail
The IP is on the PBL:

http://www.spamhaus.org/query/bl?ip=65.27.41.37

If the IP is 'consumer class', it's not unusual for an ISP
to block some inbound ports used for spamming and other
nefarious purposes (fast-flux dns, botnets, etc...). And
I'm thankful for that, else things would be worse than they
already are in the email space.



On Sat, 29 Mar 2008, Torry Crass wrote:

> Date: Sat, 29 Mar 2008 10:06:25 -0500
> From: Torry Crass <tcrass@???>
> To: exim-users@???
> Subject: Re: [exim] Missing E-mail
>
> The weirdest thing out of that information right now is that I have turned
> off "ALL" filtering, including iptables.
>
> lyra:~# iptables -L -n
> Chain INPUT (policy ACCEPT)
> target     prot opt source               destination

>
> Chain FORWARD (policy ACCEPT)
> target     prot opt source               destination

>
> Chain OUTPUT (policy ACCEPT)
> target     prot opt source               destination

>
> And I did that before sending my last message... So anything that I 'might'
> have been blocking should have been allowed through with that. That's so
> weird, I wouldn't expect my co-lo host to be firewalling anything above me,
> that would be...kind of retarded of them, but stranger things have happened
> I'd imagine. But I decided to run just a hypothetical traceroute back the
> other way on those addresses.
>
> lyra:~# traceroute 202.7.0.1
> traceroute to 202.7.0.1 (202.7.0.1), 30 hops max, 40 byte packets
> 1 69.30.204.73 (69.30.204.73) 0.599 ms 0.480 ms 0.420 ms
> 2 69.30.235.45 (69.30.235.45) 1.144 ms 1.088 ms 2.436 ms
> 3 69.30.235.1 (69.30.235.1) 1.532 ms 1.703 ms 1.061 ms
> 4 69.30.235.210 (69.30.235.210) 1.536 ms 1.691 ms 1.279 ms
> 5 *
>
> And a trace to one of the places having issues sending me mail:
>
> lyra:~# traceroute bakeru.edu
> traceroute: Warning: bakeru.edu has multiple addresses; using 10.1.254.128
> traceroute to bakeru.edu (10.1.254.128), 30 hops max, 40 byte packets
> 1 69.30.204.73 (69.30.204.73) 0.548 ms 0.438 ms 0.416 ms
> 2 69.30.235.45 (69.30.235.45) 1.518 ms 1.069 ms 1.011 ms
> 3 69.30.235.1 (69.30.235.1) 6.242 ms 1.064 ms 1.006 ms
> 4 69.30.235.210 (69.30.235.210) 1.579 ms 1.305 ms 1.228 ms
> 5 * *
>
> To me that seemed a bit like a block since it didn't even jump to the next
> network and I'm fairly sure that the adjacent network is not the end-point
> since the other traceroutes turned out something like this:
>
> lyra:~# traceroute 203.211.0.1
> traceroute to 203.211.0.1 (203.211.0.1), 30 hops max, 40 byte packets
> 1 69.30.204.73 (69.30.204.73) 0.507 ms 0.461 ms 0.413 ms
> 2 69.30.235.45 (69.30.235.45) 1.420 ms 1.190 ms 1.446 ms
> 3 69.30.235.1 (69.30.235.1) 15.555 ms 1.088 ms 0.995 ms
> 4 69.30.235.210 (69.30.235.210) 1.356 ms 1.192 ms 1.146 ms
> 5 rrcs-67-53-162-197.west.biz.rr.com (67.53.162.197) 2.214 ms 2.006 ms
> 1.566 ms
> 6 gig1-0-6.kscymordc-rtr1.rdc-kc.rr.com (24.94.160.41) 1.635 ms 1.957 ms
> 1.561 ms
> 7 so5-1-1-CHCGILL3-RTR1.kc.rr.com (24.94.160.81) 12.833 ms 12.773 ms
> 12.994 ms
> 8 xe-9-1-0.edge1.Chicago2.Level3.net (4.71.248.1) 12.405 ms
> xe-11-2-0.edge1.Chicago2.Level3.net (4.71.248.13) 12.623 ms
> xe-9-1-0.edge1.Chicago2.Level3.net (4.71.248.1) 12.499 ms
> ....
>
> Apparently it might not be a configuration issue on my end after all. That
> would be nice. I do appreciate the help greatly, if anyone has any other
> insight, by all means let me know. Thanks!
>
> ~Torry
>
>
> -----Original Message-----
> From: exim-users-bounces@??? [mailto:exim-users-bounces@exim.org] On
> Behalf Of Ted Cooper
> Sent: Saturday, March 29, 2008 2:53 AM
> To: exim-users@???
> Subject: Re: [exim] Missing E-mail
>
> Torry Crass wrote:
> > Well crap... That's kind of what I've been afraid of was that my issue
> > with mail "may" be DNS related. What I don't understand is why it's
> > not working for you when it works for me. The only thing that I have
> > presently set up on the machine is iptables...maybe I've got something set
> up wrong there.
> > I'll turn it off and if you could run the same test I'd appreciate it.
>
> I'd say you've firewalled out large sections of the internet. I can access
> your server from only 6/9 locations/data centers. The other locations get
> their packets dropped on the cold cold ground.
>
> 125.254.X.X yes
> 203.194.X.X yes
> 125.255.X.X no
> 202.7.X.X no
> 203.211.X.X no
> 203.221.X.X yes
> 210.193.2.X yes
> 218.214.X.X yes
> 121.210.X.X yes
>
> I can't really spot a pattern in that lot. Do you drag in an iptables drop
> list from somewhere? Or are you dropping packets based on some obscure IP
> flags?
>
> --
> The Exim Manual
> http://www.exim.org/docs.html
> http://www.exim.org/exim-html-current/doc/html/spec_html/index.html
>
> --
> ## List details at http://lists.exim.org/mailman/listinfo/exim-users
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://wiki.exim.org/
>
>
> 

-- 
--------------------------------------------------------
Dave Lugo   dlugo@???    LC Unit #260   TINLC
Have you hugged your firewall today?   No spam, thanks.
--------------------------------------------------------
Are you the police?  . . . .  No ma'am, we're sysadmins.


Aquest missatge es va enviar a les següents llistes de correu:
Exim-users
Informació sobre la llista de correu | Missatges propers		<-Re: [exim] Missing E-mailRe: [exim] Missing E-mail->
Tahini and Hummus and Cumin Development Archives administrat per cumin AdminsLurker (versió 2.3)