[isalist] Re: SMTP Connection Closed - Solved
- From: "Thor (Hammer of God)" <thor@xxxxxxxxxxxxxxx>
- To: "isalist@xxxxxxxxxxxxx" <isalist@xxxxxxxxxxxxx>
- Date: Tue, 06 Feb 2007 07:59:35 -0800
The reverse DNS entry was for your client or you? (I¹m assuming the client
as you said ³client¹s ISP² but you never know- I¹ve seen some strange things
done.) If it was for your client, someone had to be dropping the mail for
you, but that still doesn¹t make sense. If your ISP (or theirs) was
blocking it, you wouldn¹t see it at all. Your system made the connect and
dropped it, which leads one to believe that something on your side was
verifying the sending domain based on reverse lookup. Still doesn¹t make a
lot of sense. The captures would tell you, tho ;)
T
On 2/6/07 7:23 AM, "ISA" <ISA@xxxxxxxxxxxxxxxx> spoketh to all:
> Everyone I just wanted to thank everyone for all your help. It appears as
> the problem was solved, but the solution is still a bit mysterious.
>
> To recap the problem:
> 1) I have a new client that I setup a new network for including the domain, T1
> line, SBS 2003 RS etc. After I was done I tested the mail which worked fine
> inbound/outbound EXCEPT when sending to MY server.
>
> 2) My server is an Exchange 2003 (fully patched) running GFI MailEssentials
> and behind an ISA 2004 (fully patched). During my troubleshooting I SHUT OFF
> MailEssentials and all Exchange filtering still no good.
>
> I checked the ISA real time logs and watched as the SMTP connection was
> created, the broken down (within 5 seconds).
>
> Long story short, I submitted a Reverse DNS zone entry to my client¹s ISP on
> Friday and by Sunday mail was coming in with lightning speed.
>
> QUESTION: what was blocking the mail from coming in? ISP?
>
>
>
>
>
>
> From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On
> Behalf Of Jim Harrison
> Posted At: Friday, January 19, 2007 11:44 AM
> Posted To: ISA
> Conversation: [isalist] Re: SMTP Connection Closed
> Subject: [isalist] Re: SMTP Connection Closed
>
> Captures
> Isa live logging
>
> Get it
> Quit guessing
>
>
> From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On
> Behalf Of Gerald G. Young
> Sent: Friday, January 19, 2007 6:51 AM
> To: isalist@xxxxxxxxxxxxx
> Subject: [isalist] Re: SMTP Connection Closed
>
> Resending since the first message got garbled.
>
>> > I enter telnet mail.domain.com 25 (hit enter) the line disappears and
>
>> > the curser just sits there and blinks - no banner - nothing. If I hit
>
>> > enter again it goes back to the C:\ prompt.
>
> This is a half pipe opening but not being able to complete the connection, as
> your ISA logs also seem to be indicating. Is this occurring only from one
> location? What happens if you telnet to the ISA box from a source on the same
> subnet as it is? Do you still see these half pipes?
>
> Several other people reported being able to connect to your system without
> problems, so continue to validate the scope of the issue. Is it just a single
> remote location that is having the problem or are there many?
>
> I was also able to successfully connect.
>
> In the past one cause of this behavior was a asymmetric route; a member of a
> firewall (CheckPoint) pair died without dying (accepted traffic but didn't
> process any) and because of that, traffic would come in through one member and
> attempt to go back out through the other.
>
> If this is only occurring from one location, you may want to see what kind of
> network devices they have sitting between the client you are telnetting from
> and the server to which you are telnetting.
>
> HTH.
>
> Cordially yours,
>
> Jerry G. Young II
>
> Product Engineer - Senior
>
> Platform Engineering, Enterprise Hosting
>
> NTT America, an NTT Communications Company
>
> 22451 Shaw Rd.
>
> Sterling, VA 20166
>
> Office: 571-434-1319
>
> Fax: 703-333-6749
>
> Email: g.young@xxxxxxxx
>
> All mail to and from this domain is GFI-scanned.
>
Other related posts:
