-----BEGIN PGP SIGNED MESSAGE-----
Quick abstract for Jeff:
1) Your NAT box is not forwarding port 25 connections to the mail server.
That's why you're not getting email.
2) All email for the domain should be being queued on
evnsrv2.computernerds.com.au, your backup mailserver.
Now onto why that is so:
On Tuesday 04 Feb 2003 9:52 am, Peter Rundle wrote:
> You're right, it was late and I was having a poke (hence the emoticon
> in the original posting).
:-)
> Back to the problem,
>
> Jeff,
>
> The server (203.219.50.38) is accessible to the outside world for port
> 110 but not 25. Until this is fixed there is no hope of getting mail
> inbound to it.
Correct. The question then is where is it being blocked.
I believe that it is the NAT box not forwarding on SMTP connections to the
mail server correctly. Here's why...
Using tcptraceroute to the server for port 110 shows:
Tracing the path to 203.219.50.38 on TCP port 110, 30 hops max
1 dialup.pacific.net.au (203.9.190.192) 167.371 ms 118.381 ms 102.842 ms
2 Ethernet0.wol001.pacific.net.au (61.8.31.4) 112.793 ms 106.762 ms
104.911 ms
3 lns-1.pacific.net.au (203.9.190.190) 145.711 ms 192.781 ms 189.793 ms
4 f0-0-100.syd004.pacific.net.au (210.23.140.244) 158.827 ms 189.537 ms
155.813 ms
5 ge-2-0-0-500.ar1.SYD1.gblx.net (203.192.130.81) 168.869 ms 178.804 ms
158.613 ms
6 TPG-Internet.ar1.SYD1.gblx.net (203.192.130.222) 174.769 ms 200.697 ms
167.887 ms
7 syd4-7206.tpgi.com.au (203.12.160.80) 187.863 ms 181.823 ms 206.817 ms
8 * * *
9 * * *
10 free-tpg-038.tpgi.com.au (203.219.50.38) 406.823 ms 405.758 ms 235.680
ms
11 free-tpg-038.tpgi.com.au (203.219.50.38) [open] 222.988 ms 414.935 ms
265.545 ms
Using tcptraceroute to the server for port 25 shows:
Tracing the path to 203.219.50.38 on TCP port 25, 30 hops max
1 dialup.pacific.net.au (203.9.190.192) 107.497 ms 111.405 ms 103.809 ms
2 Ethernet0.wol001.pacific.net.au (61.8.31.4) 105.829 ms 103.746 ms
116.931 ms
3 lns-1.pacific.net.au (203.9.190.190) 204.764 ms 213.834 ms 205.727 ms
4 f0-0-100.syd004.pacific.net.au (210.23.140.244) 166.904 ms 159.575 ms
178.625 ms
5 ge-2-0-0-500.ar1.SYD1.gblx.net (203.192.130.81) 183.867 ms 261.649 ms
170.784 ms
6 TPG-Internet.ar1.SYD1.gblx.net (203.192.130.222) 200.845 ms 151.841 ms
154.756 ms
7 syd4-7206.tpgi.com.au (203.12.160.80) 161.791 ms 190.722 ms 169.843 ms
8 * * *
9 * * *
10 free-tpg-038.tpgi.com.au (203.219.50.38) [closed] 370.107 ms 337.598 ms
401.727 ms
Now, notice that there are 10 hops to find that the SMTP port is closed, but
11 to find that the POP3 port is open. This indicates that the system doing
NAT for the server is forwarding port 110, but not forwarding port 25. Thus I
suspect it is the NAT box returning the RST (rather than an "administratively
prohibited" ICMP message you may expect from a firewall, or just disappearing
into a black hole), not the email server.
> However a reverse lookup of that server returns
>
> 38.50.219.203.in-addr.arpa name = free-tpg-038.tpgi.com.au.
>
> And a subsequent MX search of the domain tpgi.com.au returns three
> servers each with 3 addresses overlapping each other but none of
> which are the above server.
tpgi.com.au is the ISP that he is connected to.
Look at the POP3 banner - it says:
+OK POP3 lister.crdc.com.au v2001.78rh server ready
Thus his domain is likely to be crdc.com.au - now using dig for that domain
shows:
;; QUESTION SECTION:
;crdc.com.au. IN MX
;; ANSWER SECTION:
crdc.com.au. 2303 IN MX 10 mail.crdc.com.au.
crdc.com.au. 2303 IN MX 20
evnsrv2.computernerds.com.au.
;; AUTHORITY SECTION:
crdc.com.au. 2303 IN NS ns0.computernerds.com.au.
crdc.com.au. 2303 IN NS ns1.computernerds.com.au.
;; ADDITIONAL SECTION:
mail.crdc.com.au. 2303 IN A 203.219.50.38
ns0.computernerds.com.au. 1746 IN A 203.41.103.170
ns1.computernerds.com.au. 1746 IN A 203.41.103.171
Notice that the A record for the first MX (mail.crdc.com.au) points to the IP
address we've been wondering about.
Secondly, this shows that all his mail should be being queued on his secondary
MX, evnsrv2.computernerds.com.au, where it will probably sit until the NAT is
fixed or it decides to give up and return the mail.
- --
Chris Samuel Wollongong, NSW
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
iQEVAwUBPj8Dy41yjaOTJg85AQEYaAgAhG8qPWHSwUqXn5GjgXVru0Eg2xhZBPEP
QHkl0gqBkP7g77/AkgxkU7aKdbF4DEThLmOB58N4ry1jGg8K9PlCv2Wwrolt93TM
mME/WAzx0cKD8AdSLPdvJBwaz92Eeo9F2VaxBjy6XCpqS+9JTP6E4hsv4YV3EyLY
GIo0kJZPlh39+Wku8ZQQ0IQ3ibOgT9Qxo5nXX3XKsGBc2HkWeOGLNRTh0nDHlXiu
N9E2ESHHE0w94qIHkQ/otyReKtIZjTcxxom59KfPsw7W4CIn22PHbU5unpopeC0r
SnPyLiU0enBMT5WgK758uN8rMDbFZNAN8JYaj/N/h0wKtdxRgQ/MeQ==
=DYAR
-----END PGP SIGNATURE-----
--
SLUG - Sydney Linux User's Group - http://slug.org.au/
More Info: http://lists.slug.org.au/listinfo/slug
