On 11 Jul 2005, at 20:45, Jakob Hirsch wrote:
Frank S. Bernhardt wrote:
3) When they do a telnet to us on port 25 they complain about a 'long'
delay and then the 554 message.
Most probably they block your ident lookup and send no reject packet
(tcp RST or icmp port-unreachable). So it's not your fault, but you
could surely lower your timeout (rfc1413_query_timeout) from the 30s
default (I have 2s).
yes, this is a good advice, but how do we explain the:
I have e-mailed them and offered to do this for them. Does doing this
have any downsides to it, say security wise for 'others' connecting to
us? It's interesting to note that this problem only happens when they
are testing their connection to us from their 'new' bank of towers. Any
mail coming to us form their regular servers or any other server works
just fine.
4) From a supposed print screen I see that they get this [a 554
error] right after the 'Escape character is...' message with no
greeting message displayed.
I must say that I do not believe their claim.
g
Heh, I kinda thought the same thing, here is what they actually sent me:
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
With regards to my telnet sessions, these appears to connect
intermittently, giving a 554 Error and being very slow in response.
Please find below an example of a failed telnet session:
[EMAIL PROTECTED] netstar]$ telnet xx.xx.xx.xx 25
Trying xx.xx.xx.xx...
Connected to xx.xx.xx.xx.
Escape character is '^]'.
554 SMTP synchronization error
Connection closed by foreign host
I am obviously able to connect to something, but then the connection is
terminated.
If the firewall is not blocking any IP addresses, please take a look at
your mailserver settings.
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
Those are my x's. Is this a cut and paste job or a retype? Who knows. I
do think however that the actual testing is done by a program and not by
a human. They sent me the output (cut and paste?) which looks like some
kind of program output.
And this is what I see in the reject log:
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
2005-07-11 05:57:49 SMTP protocol violation: synchronization error
(input sent without waiting for greeting): rejected connection from
H=[194.106.220.35] input=""
2005-07-11 05:58:03 SMTP protocol violation: synchronization error
(input sent without waiting for greeting): rejected connection from
H=[194.106.220.51] input=""
2005-07-11 05:58:17 SMTP protocol violation: synchronization error
(input sent without waiting for greeting): rejected connection from
H=[195.245.231.163] input=""
2005-07-11 05:58:31 SMTP protocol violation: synchronization error
(input sent without waiting for greeting): rejected connection from
H=[195.245.231.211] input=""
2005-07-11 06:16:52 SMTP protocol violation: synchronization error
(input sent without waiting for greeting): rejected connection from
H=[70.110.139.37] input=""
2005-07-11 06:19:11 SMTP protocol violation: synchronization error
(input sent without waiting for greeting): rejected connection from
H=[81.204.146.185] input=""
2005-07-11 06:19:41 SMTP protocol violation: synchronization error
(input sent without waiting for greeting): rejected connection from
H=[81.204.146.185] input=""
2005-07-11 06:25:26 SMTP protocol violation: synchronization error
(input sent without waiting for greeting): rejected connection from
H=[80.5.230.225] input=""
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
The time between each test would also lead me to believe that it is being done
by a program.
These are definitely being generated by them as shown by their list of servers
they used for the test:
Tower 91 - 194.106.220.35
Tower 92 - 194.106.220.51
Tower 114 - 195.245.231.163
Tower 117 - 195.245.231.211
Tower 123 - 85.158.136.3
Tower 134 - 85.158.137.35
at least for the first 4 tests are. Not sure where the last 4 connections came
from.
Well, at least I'm not totaly inept, err maybe. I admire you guys for doing
this kinda stuff full time.
Thanks for your feedback. I'll inform you of the outcome.
--
Regards
Frank S. Bernhardt
b.c.s.i.
14 Halton Court
Markham, ON. Canada
L3P 6R3
905-471-1691 Voice
905-471-3016 FAX
[EMAIL PROTECTED]
Registered Linux-User #312398 with the Linux Counter, http://counter.li.org.
--
## List details at http://www.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://www.exim.org/eximwiki/
