[EMAIL PROTECTED] wrote:
>
> On Wed, Dec 30, 1998 at 05:54:50PM -0600, Randy Cain wrote:
> > However, we have a slight problem. We have between our email server and
> > the Internet a firewall. Someone sent an email to a remote destination
> > that has multiple MX records. The preference 10 machine does not accept
> > a connection on port 25 for awhile, and it takes some time for the
> > preference 20 machine to cycle in. However, since qmail has received a
> > connection from the trusted side of the firewall, it thinks that the
> > preference 10 machine has established a connection, yet it never
> > receives a welcome greeting. Therefore, it puts the outbound message
> > back in the queue for later delivery.
> >
> > I have had a significant exchange of email with the admin of the ISP
> > that is hosting the domain. I started out suggesting that their DNS
> > records where not correct, since the preference 10 machine NEVER
> > answers, and it takes some time for the preference 20 machine to cycle
> > in. They maintain that it is a problem with qmail, and that other mail
> > servers handle this more efficiently.
>
> Well... not quite.
>
> Randy tells me the domain in question is statesource.com.
>
> statesource.com. 1h50m30s IN MX 30 mail3.webzone.net.
> statesource.com. 1h50m30s IN MX 10 mail.webzone.net.
> statesource.com. 1h50m30s IN MX 20 mail2.webzone.net.
>
> mail.webzone.net. 1h51m26s IN A 205.219.23.67
>
> telnet 205.219.23.67
> Trying 205.219.23.67...
> Connected to 205.219.23.67....
>
> telnet 205.219.23.67 smtp
> Trying 205.219.23.67...
> telnet: Unable to connect to remote host: No route to host
Actually, the error message I get this morning is this:
boss 69# telnet 205.219.23.67
Trying 205.219.23.67 ...
telnet: Unable to connect to remote host: Connection timed out
boss 70#
This is on a machine that is NOT behind the firewall.
>
> Which implies to me that they're using some service to filter
> smtp connections on the primary MX. Not a smart thing to do.
>
> Something is broken. Either their packet forwarding or firewall.
Actually, mail.webzone.net is not behind a firewall. If you do a
traceroute to mail.webzone.net, it does respond to the traceroute.
Anytime you try to traceroute to a machine behind a firewall, the
traceroute stops at the firewall.
I still maintain that it is a problem in the DNS. Granted they may be
trying something, but it boils down to, IMHO, a faulty entry in the DNS
for statesource.com.
Randy Cain
[EMAIL PROTECTED]
>
> --
> John White
> [EMAIL PROTECTED]
> PGP Public Key: http://www.triceratops.com/john/public-key.pgp
