From owner-freebsd-questions@FreeBSD.ORG Mon May 12 17:19:19 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 349921065678 for ; Mon, 12 May 2008 17:19:19 +0000 (UTC) (envelope-from dunc@lemonia.org) Received: from tang.lemonia.org (tang.lemonia.org [88.208.192.38]) by mx1.freebsd.org (Postfix) with ESMTP id EEA578FC28 for ; Mon, 12 May 2008 17:19:18 +0000 (UTC) (envelope-from dunc@lemonia.org) Received: from gateway.ash.thebunker.net ([213.129.64.4] helo=[172.16.3.10]) by tang.lemonia.org with esmtpsa (TLSv1:AES256-SHA:256) (Exim 4.62 (FreeBSD)) (envelope-from ) id 1JvawI-000PUi-Mw; Mon, 12 May 2008 17:31:53 +0100 Message-ID: <482871A1.6000404@lemonia.org> Date: Mon, 12 May 2008 17:34:41 +0100 From: Dunc User-Agent: Thunderbird 2.0.0.12 (X11/20080419) MIME-Version: 1.0 To: Vince Hoffman References: <20080512174741.U82158@wojtek.tensor.gdynia.pl> <48287054.8000408@unsane.co.uk> In-Reply-To: <48287054.8000408@unsane.co.uk> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-SA-Exim-Connect-IP: 213.129.64.4 X-Spam-Checker-Version: SpamAssassin 3.1.8 (2007-02-13) on tang.lemonia.org X-Spam-Level: X-Spam-Status: No, score=-3.7 required=5.0 tests=ALL_TRUSTED,AWL,BAYES_00, URI_NOVOWEL autolearn=ham version=3.1.8 X-SA-Exim-Version: 4.2 X-SA-Exim-Scanned: Yes (on tang.lemonia.org) Cc: brad davison , freebsd-questions@freebsd.org Subject: Re: telnet to mail server from outside does not get 220, telnet from inside works X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 12 May 2008 17:19:19 -0000 Vince Hoffman wrote: > brad davison wrote: > >> >>> Date: Mon, 12 May 2008 17:49:07 +0200 >>> From: wojtek@wojtek.tensor.gdynia.pl >>> To: demonichandextensions@hotmail.com >>> CC: freebsd-questions@freebsd.org >>> Subject: Re: telnet to mail server from outside does not get 220, telnet from inside works >>> >>> >>>> Trying ::1... >>>> Connected to localhost.xxxxxxxxx.com. >>>> Escape character is '^]'. >>>> 220 email.xxxxxxxxx.com ESMTP Sendmail 8.13.8/8.13.8; Mon, 12 May 2008 10:01:39 -0400 (EDT) >>>> >>>> >>>> >>>> But if I try the same thing from 'outside' the firewall I get: >>>> >>>> %telnet email.xxxxxxxxxxxx.com 25 >>>> Trying 67.x.x.x... >>>> Connected to email.xxxxxxxxxxx.com. >>>> Escape character is '^]'. >>>> Connection closed by foreign host. >>>> >>>> >>>> >>> sendmail try to connect to port auth of remote machine. your firewall >>> probably blocks it just by dropping packets, so it tries until timeout >>> >>> telnet from outside, wait few minutes and you will get a prompt. >>> >>> change your firewall rules to fix it >>> _______________________________________________ >>> >> You get the prize. >> >> We have a Cisco ASA, and everything works on port 587, but port 25 has cisco's 'Application Inspection' or something that I need to figure out how to turn off. >> >> > assuming its the same as for a pix (been a while since I used a cisco > firewall ;) then it should be > no fixup smtp > (its one of the first things I used to turn off ;) > vince > it's no inspect esmtp nowadays Dunc