On Apr 29, 2011, at 4:10 PM, aklist wrote: > On 4/29/2011 12:45 PM, TR Shaw wrote: >> >> On Apr 29, 2011, at 2:42 PM, aklist wrote: >> >>> On 4/29/2011 9:36 AM, aklist wrote: >>>> On 4/29/2011 8:57 AM, TR Shaw wrote: >>>>> >>>>> On Apr 29, 2011, at 11:08 AM, aklist wrote: >>>>> >>>>>> Hi All: Sorry if double-post... >>>>>> >>>>>> ASSP 1.7.5.5 on OSX 10.6.7 >>>>>> >>>>>> ASSP had been running fine, but suddenly started refusing connections. >>>>>> Restarted the machine, looked at the ASSP log, and don't see any >>>>>> problems. >>>>>> >>>>>> Here's a telnet session: >>>>>> >>>>>> [root@default root]# telnet 216.218.227.130 25 >>>>>> Trying 216.218.227.130... >>>>>> Connected to 216.218.227.130. >>>>>> Escape character is '^]'. >>>>>> Connection closed by foreign host. >>>>>> >>>>>> In the ASSP log, I see: >>>>>> >>>>>> Apr-29-11 07:32:19 Connected: 207.158.46.200:54344 -> 216.218.227.130:25 >>>>>> -> 127.0.0.1:125; >>>>>> Apr-29-11 07:32:19 Disconnected: 207.158.46.200; >>>>>> >>>>>> No connections seem to be being accepted? >>>>> >>>>> what does eims log look like >>>>> >>>> FWIW: I just updated to 1.8.5.9 (1.1.02) and I'm seeing the same results. >>>> >>>> EIMS connection settings are using "125" for smtp and "1587" for SMTP >>>> submit. >>>> >>>> Nothing shows up in the server console or logs? >>>> >>>> I'm able to send mail through the server on 587, but nothing seems to be >>>> allowed in on SMTP anymore. >>> >>> ClamAV is at 0.96.1 and freshclam is up to date...clamscan works so I don't >>> think it's a clamAV issue. >>> >>> I just don't know what's "supposed" to happen when a server tries to >>> connect on 25...it looks like ASSP starts to route it to the correct place, >>> but nothing else happens, I don't see the recipient lookup or anything else >>> happen in the ASSP log that usually follows the connection. >>> >>> I'm starting to get desperate since the server's been down for almost 24 >>> hrs. now! >> >> Well, set assp to do verbose logging. and try and look at both sets of logs; >> also check to make sure ports are open. Try to send through 125 directly >> using telnet. >> > Thanks Tom...I appreciate your help! > > I changed the connection log to "verbose", but I don't see any additional > data in the mail log...is that where it would appear? > > From terminal on the local box (mac mini), I tried to telnet to 127.0.0.1 > 125, and I got: > > sh-3.2# telnet 127.0.0.1 125 > Trying 127.0.0.1... > Connected to localhost. > Escape character is '^]'. > Connection closed by foreign host. > > So, maybe it's not ASSP after all? What would prevent EIMS from listening on > that port? > > Is it possible another process (or <gulp> trojan) has hijacked port 125? Probably not but it does sound like eims. check eims ip blocking and no greylisting for the assp ip; check firewall. YOu need to be able to connect locally via telenet once that works you should be fine. Might when perms and disk as well. TomCircle The Wagons manage: //www.freelists.org/list/ctw post: mailto:ctw@xxxxxxxxxxxxx unsubscribe: mailto:ctw-request@xxxxxxxxxxxxx?subject=unsubscribe search: //www.freelists.org/archives/ctw faq: //www.freelists.org/wiki/the_faq