Bookmarks

Yahoo Gmail Google Facebook Delicious Twitter Reddit Stumpleupon Myspace Digg

Search queries

nrao wwwxxx, xxxxxdup, procmail change subject header, wwwXxx not20, Wwwxxx.doks sas, linux raid resync after reboot, bind-address mysql multiple, sanibleone xxxx, ftp://192.168.100.100/, www.xxxcon

Links

XODOX
Impressum

#1: 25/tcp filtered what is blocking my access to sendmail

Posted on 2007-01-20 17:03:07 by cristiangeorge1

Guys,
This is really getting crazy: I've got sendmail 8.13.8 running on FC 6,
starttls configured. I can use whatever SMTP clients from inside LAN,
but no access from outside is getting through to port 25. I can't
telnet serverhost port 25. I did an NMAP scan from outside with my
firewall down I got the following:

Starting Nmap 4.11 ( http://www.insecure.org/nmap ) at 2007-01-20 17:52
E. Europe Standard Time
Interesting ports on XXXXXXXXXXX
Not shown: 1671 closed ports
PORT STATE SERVICE
25/tcp filtered smtp
111/tcp open rpcbind
135/tcp filtered msrpc
136/tcp filtered profile
137/tcp filtered netbios-ns
138/tcp filtered netbios-dgm
139/tcp filtered netbios-ssn
445/tcp filtered microsoft-ds
1720/tcp filtered H.323/Q.931

Question: What is filtering my SMTP port? Could it be my ISP? I have
another email server running at my company and guess what? I can't
access that one either from outside, although emails come and go with
no problems. I've got my PC firewall down at the moment, no antivirus
running, still nothing.

And YES, sednmail is listening on all interfaces:

dnl # address restriction to accept email from the internet or
intranet.
dnl #
DAEMON_OPTIONS(`Port=smtp,Addr=0.0.0.0, Name=MTA')dnl
dnl #
dnl # The following causes sendmail to additionally listen to port 587
for
dnl # mail from MUAs that authenticate. Roaming users who can't reach
their
dnl # preferred sendmail daemon due to port 25 being blocked or
redirected find
dnl # this useful.
dnl #
dnl DAEMON_OPTIONS(`Port=submission, Name=MSA, M=Ea')dnl


------------------------------------------------------------ ------------------------------------------------------------ -

Just for the record, here are my iptables rules:

Nmap finished: 1 IP address (1 host up) scanned in 12.063 seconds

Chain INPUT (policy DROP 3359 packets, 186K bytes)
pkts bytes target prot opt in out source
destination
59 3932 ACCEPT all -- eth0 * 0.0.0.0/0
0.0.0.0/0 state RELATED,ESTABLISHED
100 16969 ACCEPT all -- eth1 * 0.0.0.0/0
0.0.0.0/0
0 0 ACCEPT all -- lo * 0.0.0.0/0
0.0.0.0/0
27 3780 DROP all -- eth0 * X.X.X.X/24
0.0.0.0/0
0 0 ACCEPT tcp -- * * 0.0.0.0/0
XXXXXXXX tcp dpt:25 flags:0x17/0x02
0 0 ACCEPT tcp -- * * 0.0.0.0/0
XXXXXXXX tcp dpt:3235 flags:0x17/0x02
0 0 ACCEPT tcp -- * * 0.0.0.0/0
XXXXXXXX tcp dpt:143
0 0 ACCEPT tcp -- * * 0.0.0.0/0
XXXXXXXX tcp dpt:110
0 0 ACCEPT udp -- * * 194.102.255.2
0.0.0.0/0 udp spt:53
0 0 ACCEPT udp -- * * 194.102.255.3
0.0.0.0/0 udp spt:53
6937 843K LOG all -- * * 0.0.0.0/0
0.0.0.0/0 LOG flags 0 level 4
3567 656K DROP udp -- * * 0.0.0.0/0
0.0.0.0/0
11 528 DROP tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp flags:0x17/0x02

Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source
destination
0 0 ACCEPT all -- eth1 eth0 0.0.0.0/0
0.0.0.0/0
0 0 ACCEPT tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp dpt:80
0 0 ACCEPT tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp dpt:443
0 0 ACCEPT tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp dpt:4125
0 0 ACCEPT tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp dpt:1723
0 0 LOG tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp dpt:25 LOG flags 0 level 4
0 0 DROP tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp dpt:25
0 0 ACCEPT all -- eth0 eth1 0.0.0.0/0
0.0.0.0/0 state RELATED,ESTABLISHED

Chain OUTPUT (policy ACCEPT 40 packets, 4176 bytes)
pkts bytes target prot opt in out source
destination

Report this message

#2: Re: 25/tcp filtered what is blocking my access to sendmail

Posted on 2007-01-20 17:55:11 by Shion

cristiangeorge1@yahoo.com wrote:

> Starting Nmap 4.11 ( http://www.insecure.org/nmap ) at 2007-01-20 17:52
> E. Europe Standard Time
> Interesting ports on XXXXXXXXXXX
> Not shown: 1671 closed ports
> PORT STATE SERVICE
> 25/tcp filtered smtp
> Question: What is filtering my SMTP port?

Your ISP has set filtering on their gateways.
If you are lucky you can get the ISP to remove the filtering for you, but I
doubt you would be that lucky as those who decided to have those filters don't
want to drop them.



--

//Aho

Report this message

#3: Re: 25/tcp filtered what is blocking my access to sendmail

Posted on 2007-01-20 21:22:43 by Dick Hoogendijk

quoting cristiangeorge1@yahoo.com (20 Jan 2007 08:03:07 -0800):
> PORT STATE SERVICE
> Question: What is filtering my SMTP port? Could it be my ISP?

Your ISP blocks port 25. If you insist on having your own mailserver
than you might consider a mailhop account from DynDNS. Not too expensive
and works like a charm. Mail is delivered on port 587 if you want ;-)

www.dyndns.com

--
Dick Hoogendijk -- PGP/GnuPG key: F86289CE
++ http://nagual.nl/ + Solaris 10 11/06 ++

Report this message