On 4/29/2011 12:45 PM, TR Shaw wrote:
On Apr 29, 2011, at 2:42 PM, aklist wrote:On 4/29/2011 9:36 AM, aklist wrote:On 4/29/2011 8:57 AM, TR Shaw wrote:On Apr 29, 2011, at 11:08 AM, aklist wrote:Hi All: Sorry if double-post... ASSP 1.7.5.5 on OSX 10.6.7 ASSP had been running fine, but suddenly started refusing connections. Restarted the machine, looked at the ASSP log, and don't see any problems. Here's a telnet session: [root@default root]# telnet 216.218.227.130 25 Trying 216.218.227.130... Connected to 216.218.227.130. Escape character is '^]'. Connection closed by foreign host. In the ASSP log, I see: Apr-29-11 07:32:19 Connected: 207.158.46.200:54344 -> 216.218.227.130:25 -> 127.0.0.1:125; Apr-29-11 07:32:19 Disconnected: 207.158.46.200; No connections seem to be being accepted?what does eims log look likeFWIW: I just updated to 1.8.5.9 (1.1.02) and I'm seeing the same results. EIMS connection settings are using "125" for smtp and "1587" for SMTP submit. Nothing shows up in the server console or logs? I'm able to send mail through the server on 587, but nothing seems to be allowed in on SMTP anymore.ClamAV is at 0.96.1 and freshclam is up to date...clamscan works so I don't think it's a clamAV issue. I just don't know what's "supposed" to happen when a server tries to connect on 25...it looks like ASSP starts to route it to the correct place, but nothing else happens, I don't see the recipient lookup or anything else happen in the ASSP log that usually follows the connection. I'm starting to get desperate since the server's been down for almost 24 hrs. now!Well, set assp to do verbose logging. and try and look at both sets of logs; also check to make sure ports are open. Try to send through 125 directly using telnet.
Thanks Tom...I appreciate your help!I changed the connection log to "verbose", but I don't see any additional data in the mail log...is that where it would appear?
From terminal on the local box (mac mini), I tried to telnet to 127.0.0.1 125, and I got:
sh-3.2# telnet 127.0.0.1 125 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. Connection closed by foreign host.So, maybe it's not ASSP after all? What would prevent EIMS from listening on that port?
Is it possible another process (or <gulp> trojan) has hijacked port 125? Andrew Circle The Wagonsmanage: //www.freelists.org/list/ctw post: mailto:ctw@xxxxxxxxxxxxx
unsubscribe: mailto:ctw-request@xxxxxxxxxxxxx?subject=unsubscribe search: //www.freelists.org/archives/ctw faq: //www.freelists.org/wiki/the_faq