Quantcast

RE : Connection refused

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

RE : Connection refused

aziz knina-2
here the response of nmap:
Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2008-04-30 16:14 WET
DNS resolution of 1 IPs took 0.18s.
Initiating SYN Stealth Scan against <A onclick="return ShowLinkWarning()" href="http://1.192.52.65/" target=_blank rel=nofollow>1.192.52.65 [1 port] at 16:14
The SYN Stealth Scan took 2.01s to scan 1 total ports.
Host <A onclick="return ShowLinkWarning()" href="http://1.192.52.65/" target=_blank rel=nofollow>1.192.52.65 appears to be up ... good.
Interesting ports on <A onclick="return ShowLinkWarning()" href="http://1.192.52.65/" target=_blank rel=nofollow>1.192.52.65:
PORT   STATE    SERVICE
25/tcp filtered smtp
Nmap finished: 1 IP address (1 host up) scanned in 2.205 seconds
               Raw packets sent: 2 (88B) | Rcvd: 0 (0B)


 
- Hide quoted text -
On 4/30/08, Randy Ramsdell <rramsdell@...> wrote:
aziz knina wrote:
Hi,

I'm a new user of postfix.
my case is a little bit particular: my company have rent a server at
an ISP.
this machine is located at a datacenter of this ISP, in which we have
installed RHEL 5 and postfix.

the ISP had opened all necessary port: SMTP, POP3, IMAP, WWW...
here below the postconf of the server:
------------------------------
alias_database = hash:/etc/postfix/aliases
alias_maps = hash:/etc/aliases
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
debug_peer_level = 2
html_directory = no
inet_interfaces = all
mail_owner = postfix
mail_spool_directory = /var/spool/mail
mailbox_command = /usr/bin/procmail -a "$EXTENSION"
mailq_path = /usr/bin/mailq
manpage_directory = /usr/local/man
mydestination = $myhostname, localhost.$mydomain,$mydomain ,localhost
mydomain = mydomain.com <http://mydomain.com/>
myhostname = hostname.mydomain.com <http://hostname.mydomain.com/>

Hopefully  these are set to  the domain you are accepting mail for.
mynetworks = <A onclick="return ShowLinkWarning()" href="http://168.100.189.0/28,127.0.0.0/8,0" target=_blank rel=nofollow>168.100.189.0/28,127.0.0.0/8,0 .0.0.0/32 <<A onclick="return ShowLinkWarning()" href="http://168.100.189.0/28,127.0.0.0/8,0.0.0.0/32" target=_blank rel=nofollow>http://168.100.189.0/28,127.0 .0.0/8,0.0.0.0/32>
myorigin = $mydomain
newaliases_path = /usr/bin/newaliases
queue_directory = /var/spool/postfix
readme_directory = no
sample_directory = /etc/postfix
sendmail_path = /usr/sbin/sendmail
setgid_group = postdrop
unknown_local_recipient_reject _code = 450
------------------------------ ---

My problem is tha I can send emails to outside but I cannot receive
emails from outside: I get the error:
Technical details of permanent failure:

TEMP_FAILURE: The recipient server did not accept our requests to
connect. Learn more at http://mail.google.com/support /bin/answer.py <http://mail.google.com/support /bin/answer.py>?
answer=7720
[mail.mydomain.com <http://mail.mydomain.com/>. (10): Connection refused]

the ISP says that there is no problem in his side.

is there any thing that I can check/change in my configuration?

Thank at advance for your help.

Regards,
Aziz

______________________________ ___________________


telnet $yourmailserver 25

Then send a message.


or nmap -v -p 25 -P0 -sS $yourmailserver

Is port 25 open?

__________________________________________________
Do You Yahoo!?
En finir avec le spam? Yahoo! Mail vous offre la meilleure protection possible contre les messages non sollicités
http://mail.yahoo.fr Yahoo! Mail

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Connection refused

/dev/rob0
On Wed April 30 2008 11:21:20 aziz knina wrote:
> Initiating SYN Stealth Scan against 1.192.52.65 [1 port] at 16:14

Enough with the munging. No one can help, because you leave out
essential details. Also, IMO basic network troubleshooting skills are
necessary for would-be postmasters. I suggest you take some time to
learn some basics, or hire a qualified professional to help.
--
    Offlist mail to this address is discarded unless
    "/dev/rob0" or "not-spam" is in Subject: header
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: RE : Connection refused

Paweł Leśniak
In reply to this post by aziz knina-2
aziz knina pisze:

> here the response of nmap:
> Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2008-04-30
> 16:14 WET
> DNS resolution of 1 IPs took 0.18s.
> Initiating SYN Stealth Scan against 1.192.52.65 <http://1.192.52.65/>
> [1 port] at 16:14
> The SYN Stealth Scan took 2.01s to scan 1 total ports.
> Host 1.192.52.65 <http://1.192.52.65/> appears to be up ... good.
> Interesting ports on 1.192.52.65 <http://1.192.52.65/>:
> PORT   STATE    SERVICE
> 25/tcp filtered smtp
> Nmap finished: 1 IP address (1 host up) scanned in 2.205 seconds
>                Raw packets sent: 2 (88B) | Rcvd: 0 (0B)
>

And why do you actually scan 1.192.52.65 <http://1.192.52.65/> ? I
believe your IP is 81.192.52.65

Did you correct permissions for writing in /var/mail directory?

Check it out if it helps. If not, then try nmap with correct IP.

P.

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: RE : Connection refused

Bill Weiss-5
In reply to this post by aziz knina-2
aziz knina([hidden email])@Wed, Apr 30, 2008 at 06:21:20PM +0200:

> here the response of nmap:
>     Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2008-04-30 16:14 WET
> DNS resolution of 1 IPs took 0.18s.
> Initiating SYN Stealth Scan against 1.192.52.65 [1 port] at 16:14
> The SYN Stealth Scan took 2.01s to scan 1 total ports.
> Host 1.192.52.65 appears to be up ... good.
> Interesting ports on 1.192.52.65:
> PORT   STATE    SERVICE
> 25/tcp filtered smtp
>   Nmap finished: 1 IP address (1 host up) scanned in 2.205 seconds
>                Raw packets sent: 2 (88B) | Rcvd: 0 (0B)

That says that your port 25 is filtered from the network.  Talk to your
ISP and/or check your iptables rules.

Also, if your machine is on a public-facing IP, it's probably worth it to
stop changing it in your output.  People here are pretty good at finding
problems if you just let them.

--
Bill Weiss
 
We are not mentally unsound [...] We just want a quiet place to finish
working while God eats our brains.
    -- Bruce Sterling, Twenty Evocations

Loading...