On Thu, Dec 08, 2022 at 09:24:19PM +0300, Odhiambo Washington via Exim-users wrote: > On Thu, Dec 8, 2022 at 8:47 PM The Doctor via Exim-users < > exim-users@exim.org> wrote: > > > On Thu, Dec 08, 2022 at 02:33:01PM +0000, Jeremy Harris via Exim-users > > wrote: > > > On 08/12/2022 13:26, The Doctor via Exim-users wrote: > > > > tcp4 0 0 midwest.ab.ca.smtps 5.34.207.58.62078 > > SYN_RCVD > > > > tcp4 0 0 204.209.81.122.smtps 5.34.207.77.62962 > > SYN_RCVD > > > > tcp4 0 0 204.209.81.102.smtps 5.34.207.195.9246 > > ESTABLISHED > > > > tcp4 0 0 stagehypnotistco.smtps 5.34.207.114.55268 > > ESTABLISHED > > > > tcp4 0 0 204.209.81.97.smtps 5.34.207.198.63598 > > ESTABLISHED > > > > tcp4 0 6153 204.209.81.174.smtps 5.34.207.114.4726 > > ESTABLISHED > > > > tcp4 0 6153 dwellmodern.ca.smtps 5.34.207.190.48444 > > ESTABLISHED > > > > tcp4 0 0 204.209.81.110.smtps 5.34.207.198.63764 > > ESTABLISHED > > > > tcp4 0 0 204.209.81.51.smtps 5.34.207.198.38686 > > ESTABLISHED > > > > tcp4 0 0 204.209.81.87.smtps 5.34.207.77.43412 > > ESTABLISHED > > > > tcp4 0 0 environmental-so.smtps 5.34.207.49.53302 > > ESTABLISHED > > > > tcp4 0 0 204.209.81.51.smtps 5.34.207.153.61228 > > ESTABLISHED > > > > tcp4 0 0 lpeser.ca.smtps 5.34.207.198.43508 > > ESTABLISHED > > > > tcp4 0 0 204.209.81.142.smtps 5.34.207.198.4664 > > ESTABLISHED > > > > tcp4 0 0 gibb.ab.ca.smtps 5.34.207.189.8904 > > ESTABLISHED > > > > tcp4 0 0 robertsonsplumbi.smtps 5.34.207.189.1834 > > ESTABLISHED > > > > tcp4 0 151 attilahypnotist..smtps 5.34.207.198.5432 > > ESTABLISHED > > > > tcp4 0 0 techsupplies.ca.smtps 5.34.207.58.62492 > > ESTABLISHED > > > > tcp4 0 0 proflamefireplac.smtps 5.34.207.198.56078 > > ESTABLISHED > > > > tcp4 0 0 204.209.81.97.smtps 5.34.207.191.21406 > > ESTABLISHED > > > > tcp4 0 0 204.209.81.151.smtps 5.34.207.95.43326 > > ESTABLISHED > > > > tcp4 0 0 unityintegration.smtps 5.34.207.191.29918 > > ESTABLISHED > > > > tcp4 0 47 albertadogs.com.smtps 5.34.207.77.59246 > > ESTABLISHED > > > > tcp4 0 0 lpeser.ca.smtps 5.34.207.153.16136 > > ESTABLISHED > > > > tcp4 0 0 valpy.com.smtps 5.34.207.153.7492 > > ESTABLISHED > > > > tcp4 0 0 travelersfirstch.smtps 5.34.207.153.45748 > > ESTABLISHED > > > > tcp4 0 43 massageresultsco.smtps 5.34.207.185.20282 > > ESTABLISHED > > > > tcp4 0 0 204.209.81.102.smtps 5.34.207.186.47794 > > ESTABLISHED > > > > tcp4 0 0 204.209.81.110.smtps 5.34.207.193.51362 > > ESTABLISHED > > > > tcp4 0 0 valpy.com.smtps 5.34.207.198.50486 > > ESTABLISHED > > > > tcp4 0 64 204.209.81.167.smtps 5.34.207.198.34662 > > ESTABLISHED > > > > tcp4 0 64 stage-hypnosis-c.smtps 5.34.207.198.64002 > > ESTABLISHED > > > > tcp4 0 64 204.209.81.102.smtps 5.34.207.198.23784 > > ESTABLISHED > > > > tcp4 0 64 promoteyourbusin.smtps 5.34.207.198.51544 > > ESTABLISHED > > > > tcp4 0 64 fortchipewyanlod.smtps 5.34.207.198.21030 > > ESTABLISHED > > > > > > > > I am using exim-4.95 from FreeBSD ports. > > > > > > > > > Ah, those are all ".smtps" - I suspect netstat on FreeBSD means "port > > 465" there. > > > If those are hung waiting to complete TLS negotiation, you'd see that. > > > > > > For those, use the main-config option "host_reject_connection" rather > > than the > > > connect ACL - it operates before the TLS startup for TLS-on-connect > > ports, > > > while the ACL is run after. > > > > > > > > > I'm considering changing that, even though it's an incompatible change. > > > Having the ACL operate before TLS startup (for TLS-on-connect) would > > align > > > with the operation for STARTTLS, and possibly cause less surprise. > > > Anybody want to comment? > > > > Just reading this. > > > > Tried > > > > host_reject_connection = 5.34.207.* > > > > Still not doing the rejection job. > > > > hostlist host_rejects = 5.34.207.0/24 > host_reject_connection = +host_rejects > > host_reject_connection = +host_reject > > root@gw:/usr/home/wash # exim -bh 5.34.207.3 > > **** SMTP testing session as if from host 5.34.207.3 > **** but without any ident (RFC 1413) callback. > **** This is not for real! > > >>> host in hosts_connection_nolog? no (option unset) > LOG: SMTP connection from [5.34.207.3] > >>> host in host_lookup? yes (matched "*") > >>> looking up host name for 5.34.207.3 > >>> IP address lookup using gethostbyaddr() > >>> IP address lookup failed: h_errno=1 > >>> host in "5.34.207.0/24"? yes (matched "5.34.207.0/24") > >>> host in host_reject_connection? yes (matched "+host_rejects") > LOG: refused connection from [5.34.207.3] (host_reject_connection) > 554 SMTP service not available > root@gw:/usr/home/wash # > > >
Still seeing netstat -a | egrep smtp tcp4 0 0 exploreedmonton..smtps 5.34.207.189.26526 SYN_RCVD tcp4 0 0 comparealbertapo.smtps 5.34.207.190.30872 FIN_WAIT_2 tcp4 0 0 204.209.81.148.smtps 5.34.207.114.57546 FIN_WAIT_2 Member - Liberal International This is doc...@nk.ca Ici doc...@nk.ca Yahweh, King & country!Never Satan President Republic!Beware AntiChrist rising! Look at Psalms 14 and 53 on Atheism https://www.empire.kred/ROOTNK?t=94a1f39b Happy Christmas 2022 and Merry New Year 2023 Beware https://mindspring.com -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
