Can't connect to port 25 from another system

Jeff Vian jvian10 at charter.net
Sat Apr 22 02:28:01 UTC 2006 

On Fri, 2006-04-21 at 18:50 -0700, Filippos Klironomos wrote:
> Only thing I can think of is /etc/hosts.allow and /etc/hosts.deny file
> that the tcpd daemon uses for
> additional security. Maybe there is a strict definition on which
> connections should go through.
> 
> Also why don't you use tcpdump to see what is going on in the incoming
> traffic on the machine. Maybe 
> increase the log level of the kernel by
> 
> /sbin/sysctl -w net.ipv4.netfilter.ip_conntrack_log_invalid=1
> 
> to see what is dropped and why.
> 
> Filippos
> 

Is there a reason you are sending what appears to be encoded binary to
the mailing list?  The below is only a part of your message.

Jeff

--===============1981184131==
Content-Type: multipart/alternative;
boundary="----=_Part_31304_3263355.1145670621599"


------=_Part_31304_3263355.1145670621599
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: base64
Content-Disposition: inline

T25seSB0aGluZyBJIGNhbiB0aGluayBvZiBpcyAvZXRjL2hvc3RzLmFsbG93IGFuZCAvZXRjL2hv
c3RzLmRlbnkgZmlsZSB0aGF0CnRoZSB0Y3BkIGRhZW1vbiB1c2VzIGZvcgphZGRpdGlvbmFsIHNl
Y3VyaXR5LiBNYXliZSB0aGVyZSBpcyBhIHN0cmljdCBkZWZpbml0aW9uIG9uIHdoaWNoIGNvbm5l
Y3Rpb25zCnNob3VsZCBnbyB0aHJvdWdoLgoKQWxzbyB3aHkgZG9uJ3QgeW91IHVzZSB0Y3BkdW1w
IHRvIHNlZSB3aGF0IGlzIGdvaW5nIG9uIGluIHRoZSBpbmNvbWluZwp0cmFmZmljIG9uIHRoZSBt
YWNoaW5lLiBNYXliZQppbmNyZWFzZSB0aGUgbG9nIGxldmVsIG9mIHRoZSBrZXJuZWwgYnkKCi9z
YmluL3N5c2N0bCAtdyBuZXQuaXB2NC5uZXRmaWx0ZXIuaXBfY29ubnRyYWNrX2xvZ19pbnZhbGlk
PTEKCnRvIHNlZSB3aGF0IGlzIGRyb3BwZWQgYW5kIHdoeS4KCkZpbGlwcG9zCgpPbiA0LzIxLzA2
LCBEZWJiaWUgRGV1dHNjaCA8ZmVkb3JhbGlzdEBkZGV1dHNjaC5vcmc+IHdyb3RlOgo
+Cj4gUGVy

Jeff


> On 4/21/06, Debbie Deutsch <fedoralist at ddeutsch.org> wrote:
>         Perhaps someone can help me with this problem.  I have
>         sendmail running
>         on an FC5 system.*  It works to the extent that I can send
>         email from
>         that system to other systems in other domains.  The problem is
>         that
>         other systems cannot initiate a connection to it.  Here are
>         the key 
>         facts that I have been able to confirm:
>         
>         
>         - I previously edited the sendmail.mc file to be sure it is
>         listening on
>         port 25 and did a make to update sendmail.cf.  Then I stopped
>         and
>         restarted sendmail.
>         
>         - Sendmail is definitely running.
>         
>         - Both netstat and nmap confirm that the system *is* listening
>         on port
>         25, as it should be.
>         
>         - When I attempt to telnet to port 25 the connection fails.
>         However, 
>         telnet definitely is running.  I can telnet to the host
>         without
>         specifying a port and successfully communicate with the telnet
>         server.
>         On the other hand, when I try to telnet to port 23 (where
>         netstat and
>         nmap confirm that the telnet server is listening), I get the
>         same error 
>         as when I try to telnet to port 25.  I have tried this from
>         multiple
>         hosts on my LAN, all with the same results.
>         
>         - In an effort to rule out firewalls as a possible source of
>         the
>         problem, I disabled selinux completely and stopped
>         iptables.  (I did not 
>         see anything in iptables that should block port 25 but I
>         wanted to be
>         sure it was not the source of the problem.)
>         
>         - All of the above testing was done on my LAN.  The traffic
>         did not
>         traverse my hardware router/firewall.  In any case, the
>         firewall is 
>         configured to not block port 25.  (I had sendmail running
>         successfully
>         before, on an old system that finally went belly-up.)
>         
>         - As noted above, I can successfully send mail that requires
>         sendmail to
>         connect to another smtp server that is outside my LAN. 
>         
>         All of this makes me think that there is some firewall-like
>         thing going
>         on where outbound smtp connections are okay but smtp sessions
>         that are
>         initiated by another host are not.  The behavior with telnet
>         connections 
>         only working if the port is not specified baffles me.  With
>         selinux and
>         iptables turned off, I am out of ideas.  Any suggestions?
>         
>         TIA,
>         
>         Debbie
>         
>         *32-bit FC5 running on a 64-bit system because 54-bit FC5
>         installs but 
>         won't boot completely.  You may remember the recent thread...
>         
>         --
>         fedora-list mailing list
>         fedora-list at redhat.com
>         To unsubscribe:
>         https://www.redhat.com/mailman/listinfo/fedora-list
> 
> -- 
> fedora-list mailing list
> fedora-list at redhat.com
> To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list

More information about the users mailing list