Article <868qukw4b4.fsf@linuxsc.com>

Deutsch English Français Italiano
<868qukw4b4.fsf@linuxsc.com>

View for Bookmarking (what is this?)
Look up another Usenet article
Path: ...!2.eu.feeder.erje.net!3.eu.feeder.erje.net!feeder.erje.net!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: Tim Rentsch <tr.17687@z991.linuxsc.com>
Newsgroups: comp.unix.programmer
Subject: Re: outgoing tcp port 25 blocked? how to prove it?
Date: Sat, 19 Oct 2024 07:33:19 -0700
Organization: A noiseless patient Spider
Lines: 49
Message-ID: <868qukw4b4.fsf@linuxsc.com>
References: <87o73h4if7.fsf@tudado.org> <yded4dhrmr.fsf@UBEblock.psr.com> <87plnwz40w.fsf@wimezu.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Injection-Date: Sat, 19 Oct 2024 16:33:20 +0200 (CEST)
Injection-Info: dont-email.me; posting-host="5d81efbb14b8749428a0c4712d168d03";
	logging-data="4125498"; mail-complaints-to="abuse@eternal-september.org";	posting-account="U2FsdGVkX1+hasWFvKDNGYZ8wQiWOOqPlmLPTZPKJUM="
User-Agent: Gnus/5.11 (Gnus v5.11) Emacs/22.4 (gnu/linux)
Cancel-Lock: sha1:xLtJSAbuenjPIKAFeNFTXJNnztA=
	sha1:hgJPfWadYM6PW+rZwmp3X8kt7yw=
Bytes: 3153

Lesley Esen <lesen@wimezu.com> writes:

> Winston <wbe@UBEBLOCK.psr.com.invalid> writes:
>
>> Lesley Esen <lesen@wimezu.com> writes:
>>
>>> # tcpdump -n port 25
>>> tcpdump:  verbose output suppressed, use -v or -vv for full protocol decode
>>> listening on ena0, link-type EN10MB (Ethernet), capture size 262144 bytes
>>> 09:01:45.939473 IP 172.26.5.226.37963 > 69.164.210.174.25:  Flags
>>> [S], seq 1665376094, win 65535,
>>
>> 172.26.*.* is private, not public, IP address space.  If that's the TCP
>> source address being sent to the remote hosts, it's not surprising
>> you're not getting an answer.  If I'm reading your article right, the
>> public IP address 34.197.192.71.
>
> That's the public IP address, yes.  This is typical on the AWS network.
> Each instance gets a private and a public IP address.  I never see the
> public IP address in the instance, but the packets must be being
> rewritten by the AWS network because I can communicate with the outside
> world just fine.
>
>> If you can't solve the problem directly, you may need to relay outbound
>> mail via some AWS mail forwarder, if they have them.
>
> I think that's also possible.
>
>>> The host 69.164.210.174 also runs an SMTP server, but someone seems to
>>> block my path to it.  It might not AWS as I also can't reach it from my
>>> personal computer (with a dynamic IP address).
>>
>> Try "netstat -an4" on 69.164.210.174 to verify that the mail server is
>> indeed listening on port 25.
>
> %netstat -an4 | grep 25
> tcp        0      0 0.0.0.0:25              0.0.0.0:*               LISTEN
> tcp        0      0 69.164.210.174:25       194.169.175.47:34740    TIME_WAIT
> tcp        0      0 69.164.210.174:25       194.169.175.47:40116    TIME_WAIT

Can you try running a traceroute?  I did this:

    sudo traceroute -n --tcp -p 25 69.164.210.174

and was able to see the path (with 13 stops along the way) from my
colo server to 69.164.210.174.

If you are being blocked I would expect the traceroute to stall
at some point along the path.