At 7:10 AM -0700 7/31/02, NetHead imposed structure on a stream of
electrons, yielding:
>HELP!
>
>I am new to the group, so maybe this has been addressed somewhere,
>somehow, but I am pulling my hair out over this one. We are having
>trouble sending mail to our subsidiary company in the UK. The SMTP
>monitor shows that SIMS is finding their mail exchanger and attempting to
>send the mail... but it just sits there and finally it gives up, saying
>"Connection is broken". I have set the SMTP log to log everything and the
>following is a pretty typical example of what the SMTP log is reporting:
>-----begin log excerpt-----
>08:26:49 5 SYSTEM Line Read: To: "Adam McKenna" <[EMAIL PROTECTED]>,
><[EMAIL PROTECTED]>, "'Shirley Hudson (E-mail)'"
><shirley_hudson@pecande
>08:26:49 5 SYSTEM Line Read: cc: "'Julie Mair (E-mail)'"
><[EMAIL PROTECTED]>, "'Ernie (E-mail)'"
><[EMAIL PROTECTED]>, "'Nicki (E-mail)
>08:26:49 4 SMTP Line 4967 created for pecandeluxe.co.uk, [S.0000015506]
>08:26:49 4 SMTP-967(pecandeluxe.co.uk) Got 1 relay(s)
>08:26:49 5 SMTP-967(pecandeluxe.co.uk) *Status=7
>08:26:49 4 SMTP-967(pecandeluxe.co.uk) Looking for mx.legend.co.uk.
>08:26:49 5 SMTP-967(pecandeluxe.co.uk) *Status=9
>08:26:49 5 SMTP-967(pecandeluxe.co.uk) *Status=8
>08:30:35 3 SMTP-967(pecandeluxe.co.uk) Failed to connect to
>[212.69.225.52:25]. reason=60
>08:30:35 5 SMTP-967(pecandeluxe.co.uk) *Status=9
>08:30:35 5 SMTP-967(pecandeluxe.co.uk) *Status=7
>08:30:35 3 SMTP-967(pecandeluxe.co.uk) No relay address is accessable.
>Error Code=-25010
>08:30:35 5 SMTP-967(pecandeluxe.co.uk) *Status=2
>-----end log excerpt-----
>I'm guessing the "key" line here is "Failed to connect ot
>[212.69.225.52:25]. reason=60".
Certainly. It means that your machine can't open a connection to
212.69.225.52 on port 25. 212.69.225.52 is the mail exchanger for
pecandeluxe.co.uk. It looks like SIMS gave it a serious try, taking
over 3 minutes to fail.
>Now, can anybody tell me what "reason=60"
>is? Do the "*Status=" statements mean anything significant?
Stalker has never documented those numbers, but I suspect that the
'reason' code probably equates to some standard Open Transport return
code (probably in this case a timeout) and the Status codes are
likely SIMS states denoting what phase of a transaction the SMTP
module is in. My guesses:
7=getting the next MX record
9=attempting to connect
8=waiting for a connection to open
2=finishing up an attempted send
>This is very troublesom. I have contacted both my isp and our UK
>subsidiary's isp. Both indicate that everything is okay in terms of DNS
>issues.
Well, DNS looks reasonable except for an absurdly short TTL on the
records for your end and no PTR record (aka 'reverse DNS') for your
primary MX. I can connect to both your SIMS machine and the UK
machine on port 25 without a problem.
This looks like a connectivity issue, probably a transient one. The
definitive test would be to attempt to connect to 212.69.225.52 port
25 from the SIMS machine. You can do this with any telnet client by
pointing it at the IP and port. If you can connect with the telnet
client and SIMS is still failing, it's a SIMS issue. If you can't
connect with the telnet client you may need to do more extensive
testing with a traceroute tool and get your provider involved.
>Any ideas? Some setting I should check? Has MY domain (pecandeluxe.com)
>been blacklisted somehow?
It's unlikely that your domain has been blacklisted, but the IP space
that you are in could be. (note the distinction between domains, i.e.
'pecandeluxe.com' and the IP address, which is 67.105.93.126 for
your own primary MX) However, most blacklisting is applied at the
application level, not the transport level, and this is clearly a
failure at the transport level: you can't even get a TCP connection
open to the other end. Generally speaking, if you are blacklisted
you'll get the connection and try to send mail, and the other end
will send rejection responses to SMTP commands.
One outside possibility is that the other end is doing a rather dumb
trick and attempting to do a reverse DNS lookup on your IP address
before it even accepts the connection at the TCP level. It looks like
the geniuses at XO are not providing any rDNS for 67.105.93.126 and
this WILL impact your ability to send mail from that machine. In most
cases the impact will be seen at the application layer (i.e. explicit
rejections in SMTP) but there are some people out there who push such
checks down into the transport layer (dumb dumb dumb) and the result
of that would be failed connections.
So, my suggestions:
1. Check if this is transient and/or strictly a SIMS problem. I
suspect that it is NOT a SIMS issue, and that it IS transient (i.e.
it has probably already gone away.) If it is permanent, it is almost
certainly NOT limited to SIMS. The steps:
a. Confirm that SIMS is still having the problem by trying to send
mail.
b. Confirm that SIMS can get mail to go out at all. Anywhere else.
c. If SIMS is having this problem with all mail, reboot. It's
a Mac after all, and bad stuff can happen to the networking.
d. If SIMS can't get to that machine but can get to others, try
using something like BetterTelnet, MacSSH, or whatever your
favorite telnet client is to connect to port 25 on that IP.
If a telnet client can connect while SIMS can't, there's a
problem with SIMS itself, and your only hope is to try to get
help from Stalker.
e. If SIMS can't deliver mail anywhere and the telnet test fails
as well, it could be that your ISP is filtering your connectivity.
Many ISP's don't allow outbound port 25 traffic from accounts that
they sell as consumer-grade retail connections. If you don't have a
business-class connection, you may be unable to send mail out
directly, and may instead need to funnel mail through their servers.
f. If this is solely a problem with that remote site, but SIMS can get
mail to go elsewhere AND telnet can't get to that site, the problem
is with that site in particular.
2. Talk to the people handling the other end and see what sort of
firewalling and SMTP blacklisting they are using.
3. Get XO to tweak your DNS:
a. Set a reasonable TTL on the MX record for pecandeluxe.com and the
A record for bigbrother.pecandeluxe.com. 15 minutes is silly for
anything other than dynamic DNS. (and you really shouldn't even try
to run a mail server without a static IP address.) This is not
likely to be the source of this problem, but it could interfere with
your ability to receive mail reliably and quickly.
b. Provide a reasonable PTR record for 67.105.93.126. The best
choice would be bigbrother.pecandeluxe.com (or whatever your SIMS
server uses as a primary name, as long as it resolves to that
address,) but if they insist on something under their domain, that
would be a lot better than having no rDNS at all. This COULD be the
source of this particular problem and not fixing it WILL cause some
sites to decline to accept your mail.
--
Bill Cole
[EMAIL PROTECTED]
#############################################################
This message is sent to you because you are subscribed to
the mailing list <[EMAIL PROTECTED]>.
To unsubscribe, E-mail to: <[EMAIL PROTECTED]>
To switch to the DIGEST mode, E-mail to <[EMAIL PROTECTED]>
To switch to the INDEX mode, E-mail to <[EMAIL PROTECTED]>
Send administrative queries to <[EMAIL PROTECTED]>
