Hi all.
I think I just need a pointer on where to RTFM.
Sometime last night, my mail server (courier 0.42.2 on Gentoo Linux)
stopped accepting mail from our (that is, the University of Chicago's)
central mail cluster, or any machine on the 128.135.12.0/24 subnet as
far as I can tell.
I haven't touched my configuration in weeks.
Mail from other sites comes in fine; for example I am able to send
myself test messages from my Yahoo account. But mail forwarded to me
through the cluster is deferred.
One thought was that the U of C might have slipped into somebody's RBL;
it happens to us once in a while due to hacked or poorly configured
systems elsewhere on our network relaying spam through the central
cluster. But, my esmtpd file has an empty "BLACKLISTS" field, and
rblcheck doesn't list any of our cluster servers as being blocked by any
of the RBL's that I know of to check. (I'll include sample output from
rblcheck below as Appendix A.)
When I try to connect to Courier from one of the cluster machines via
telnet, I get this:
harper:~$ telnet heavy.uchicago.edu 25
Trying 128.135.0.56...
Connected to heavy.uchicago.edu (128.135.0.56).
Escape character is '^]'.
220 ************************
[odd... session continues:]
ehlo harper.uchicago.edu
502 ESMTP command error
I've tried this now from three different machines all on the same subnet,
with identical results.
Telnet to port 25 from systems not on 128.135.12.0/24 proceeds as expected.
A typical Courier log excerpt looks like this:
Jul 22 12:17:41 [courieresmtpd] started,ip=[128.135.12.12]
Jul 22 12:17:41 [courieresmtpd] error,relay=128.135.12.12,msg="502 ESMTP command
error",cmd: XXXX midway.uchicago.edu
Jul 22 12:19:05 [courieresmtpd] [128.135.12.6]: Connection timed out
...and that's where I'm stuck for now. If anybody knows what I'm missing,
please drop me a hint.
Thanks,
--michael
Appendix A: rblcheck for "midway.uchicago.edu", our main MX:
harper:~$ rblcheck -s blackholes.mail-abuse.org 128.135.12.12
128.135.12.12 not RBL filtered by list.dsbl.org
128.135.12.12 not RBL filtered by multihop.dsbl.org
128.135.12.12 not RBL filtered by unconfirmed.dsbl.org
128.135.12.12 not RBL filtered by blackholes.easynet.nl
128.135.12.12 not RBL filtered by dynablock.easynet.nl
128.135.12.12 not RBL filtered by proxies.relays.monkeys.com
128.135.12.12 not RBL filtered by dnsbl.njabl.org
128.135.12.12 not RBL filtered by relays.ordb.org
128.135.12.12 not RBL filtered by relays.osirusoft.com
128.135.12.12 not RBL filtered by dsn.rfc-ignorant.org
128.135.12.12 not RBL filtered by postmaster.rfc-ignorant.org
128.135.12.12 not RBL filtered by abuse.rfc-ignorant.org
128.135.12.12 not RBL filtered by whois.rfc-ignorant.org
128.135.12.12 not RBL filtered by ipwhois.rfc-ignorant.org
128.135.12.12 not RBL filtered by bl.spamcop.net
128.135.12.12 not RBL filtered by sbl.spamhaus.org
128.135.12.12 not RBL filtered by blackholes.mail-abuse.org
-------------------------------------------------------
This SF.net email is sponsored by: VM Ware
With VMware you can run multiple operating systems on a single machine.
WITHOUT REBOOTING! Mix Linux / Windows / Novell virtual machines at the
same time. Free trial click here: http://www.vmware.com/wl/offer/345/0
_______________________________________________
courier-users mailing list
[EMAIL PROTECTED]
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
