[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [suse-security] Mailing Trouble ?!
The Wednesday 2004-09-08 at 10:33 +0200, remote wrote:
> I posted it to SuSE-security because it´s the only SuSE forum I
> subscribe to, also I believed that my problem might be the result of
> either an over-eager anti-spam software or my firewall.
But you would get more answers at other list. I'm the only one answering
(at list on-list), and I'm not an expert on sendmail.
> > Your mx records show
> > 0 router.leat.ruhr-uni-bochum.de
> > 20 mi.ruhr-uni-bochum.de
> > router.leat.ruhr-uni-bochum.de points to two A records 126.96.36.199 and
> > 188.8.131.52, both of which accept connections on port 25, but just timeout,
> > no error message or anything.
> 184.108.40.206 is my external NIC, 220.127.116.11 my internal NIC.
> Communication from outside my domain to 18.104.22.168 is blocked by the
> firewall, this is intended.
Then you should remove 22.214.171.124 from the DNS - at least, the one
reachable from outside. If you want to receive mail at
'leat.ruhr-uni-bochum.de', the IPs listed there should all respond.
As your correspondent did not post to the list, I don't know what he said,
and I'm probably repeating info.
cer@nimrodel:~> host -t MX leat.ruhr-uni-bochum.de
leat.ruhr-uni-bochum.de mail is handled by 20 mi.ruhr-uni-bochum.de.
leat.ruhr-uni-bochum.de mail is handled by 0 router.leat.ruhr-uni-bochum.de.
Ie, both 'mi.ruhr-uni-bochum.de' and 'router.leat.ruhr-uni-bochum.de' are
reported to handle your incoming mail, with different priorities: the
router is the primary server, 'mi' is the secondary (I assume 0 is a valid
Lets find the IPs:
cer@nimrodel:~> host -t MX mi.ruhr-uni-bochum.de.
cer@nimrodel:~> host -t MX router.leat.ruhr-uni-bochum.de
router.leat.ruhr-uni-bochum.de mail is handled by 20 mi.ruhr-uni-bochum.de.
router.leat.ruhr-uni-bochum.de mail is handled by 0 router.leat.ruhr-uni-bochum.de.
cer@nimrodel:~> host mi.ruhr-uni-bochum.de.
mi.ruhr-uni-bochum.de has address 126.96.36.199
mi.ruhr-uni-bochum.de has address 188.8.131.52
cer@nimrodel:~> host router.leat.ruhr-uni-bochum.de
router.leat.ruhr-uni-bochum.de has address 184.108.40.206
router.leat.ruhr-uni-bochum.de has address 220.127.116.11
In my opinion, all those four IP addresses should be able to handle mail
requests (SMTP) to your domain, although with different priorities - ie,
both your router addresses should answer (primary mail server). If any
one fails, you may have problems. If any one is not intended to handle
mail, you have to remove it from the name chain.
I'm not a DNS expert, I can not recommend how you should define your DNS
entries. But I don't think they are correct.
> So, how come I sometimes have mail communications from and to that specific
> site, and sometimes don´t ? Also, this mail server has been running
> continuously for two years now, and I never missed any mail that I know of.
Probably because it works if they get the first IP listed for your primary
mail server, they get your external router address. But some times they
might prefer the second address listed, ie, the internal.
> > One other quick question, what does this problem have to do with Suse
> > Security???
> See above :)
He is right. If you want more answers, this is not the correct place. We
are disturbing others.
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here