Can't connect to port 25 from another system

Filippos Klironomos presariod at gmail.com
Sat Apr 22 01:50:21 UTC 2006 

Only thing I can think of is /etc/hosts.allow and /etc/hosts.deny file that
the tcpd daemon uses for
additional security. Maybe there is a strict definition on which connections
should go through.

Also why don't you use tcpdump to see what is going on in the incoming
traffic on the machine. Maybe
increase the log level of the kernel by

/sbin/sysctl -w net.ipv4.netfilter.ip_conntrack_log_invalid=1

to see what is dropped and why.

Filippos

On 4/21/06, Debbie Deutsch <fedoralist at ddeutsch.org> wrote:
>
> Perhaps someone can help me with this problem.  I have sendmail running
> on an FC5 system.*  It works to the extent that I can send email from
> that system to other systems in other domains.  The problem is that
> other systems cannot initiate a connection to it.  Here are the key
> facts that I have been able to confirm:
>
>
> - I previously edited the sendmail.mc file to be sure it is listening on
> port 25 and did a make to update sendmail.cf.  Then I stopped and
> restarted sendmail.
>
> - Sendmail is definitely running.
>
> - Both netstat and nmap confirm that the system *is* listening on port
> 25, as it should be.
>
> - When I attempt to telnet to port 25 the connection fails. However,
> telnet definitely is running.  I can telnet to the host without
> specifying a port and successfully communicate with the telnet server.
> On the other hand, when I try to telnet to port 23 (where netstat and
> nmap confirm that the telnet server is listening), I get the same error
> as when I try to telnet to port 25.  I have tried this from multiple
> hosts on my LAN, all with the same results.
>
> - In an effort to rule out firewalls as a possible source of the
> problem, I disabled selinux completely and stopped iptables.  (I did not
> see anything in iptables that should block port 25 but I wanted to be
> sure it was not the source of the problem.)
>
> - All of the above testing was done on my LAN.  The traffic did not
> traverse my hardware router/firewall.  In any case, the firewall is
> configured to not block port 25.  (I had sendmail running successfully
> before, on an old system that finally went belly-up.)
>
> - As noted above, I can successfully send mail that requires sendmail to
> connect to another smtp server that is outside my LAN.
>
> All of this makes me think that there is some firewall-like thing going
> on where outbound smtp connections are okay but smtp sessions that are
> initiated by another host are not.  The behavior with telnet connections
> only working if the port is not specified baffles me.  With selinux and
> iptables turned off, I am out of ideas.  Any suggestions?
>
> TIA,
>
> Debbie
>
> *32-bit FC5 running on a 64-bit system because 54-bit FC5 installs but
> won't boot completely.  You may remember the recent thread...
>
> --
> fedora-list mailing list
> fedora-list at redhat.com
> To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.fedoraproject.org/pipermail/users/attachments/20060421/525dd3af/attachment-0002.html

More information about the users mailing list