> Hi all,
>
> I have a strange question that is probably more a tcp thing than FreeBSD,
> but you all have helped me so much in the past that I thought I'd start
> here.
>
> I am running FreeBSD 5.2.1 at home with postfix-2.0.18,1 from ports. When
> I send an email from my work (red hat 9, qmail), which is behind a
> Watchguard Firebox 700 doing NAT and using their "smtp-filter" (i'm the
> sysadmin at work, so any bad there is all me), to my home address it
> causes the freebsd machine to sit in the the following state (from a
> netstat -an | grep 25):
>
> tcp4       0      0  192.168.1.2.25         61.XX.X.XX.28709       CLOSING
> tcp4       0      0  192.168.1.2.25         61.XX.X.XX.28708       CLOSING
>
> This ties up the smtp port and any further attempts to connect from
> anywhere on the net yield:
>
> 421 SMTP service not available, closing transmission channel
>
> To get this I have to send a bunch of emails (say 4 or more) and the first
> two always get through. When I send a bunch of emails from any other
> address (yahoo, etc) this does not happen.
>
> I did a tcpdump -i fxp0 and greped for the port of one of these sessions
> and see:
>
> 21:45:18.424512 chinook.myhost.com.smtp > 61.XX.X.XX.28709: F
> 2504912170:2504912170(0) ack 2923328197 win 65535 (DF)
> 21:47:26.436486 chinook.myhost.com.smtp > 61.XX.X.XX.28709: F
> 2504912170:2504912170(0) ack 2923328197 win 65535 (DF)
> 21:48:30.442449 chinook.myhost.com.smtp > 61.XX.X.XX.28709: R
> 2504912171:2504912171(0) ack 2923328197 win 65535 (DF)
>
> So ... what's going on here? To me it looks as if chinook.myhost.com is
> trying to ACK back to the server at my work and not getting an answer.
>>From what I googled the tcp connection takes 5 mins to die in the closing
> state. But in the meantime my mail server is not able to receive messages.
> Should it do this? This seems like a "bad thing" and an way of DOSing
> someone's mail system.
>
> Any thoughts? Any better places to post?
>
> Thanks in advance,
>
> August Simonelli
>
>

Follow up:

the outgoing mail was relayed through a Red Hat 9 / qmail box (hiding
exchange 2000). when i removed the relay, the problem went away. maybe i
missed a patch? maybe it's the private ip that the box is using (dmz -
screwed up nat rule?)? not sure ... but it'll be fun to test. as this is
probably not an issue for this list i won't post anymore follow-ups ...
please contact me directly if you are interested in any more info!

august

_______________________________________________
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to