Path: ...!2.eu.feeder.erje.net!3.eu.feeder.erje.net!feeder.erje.net!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail From: Tim Rentsch Newsgroups: comp.unix.programmer Subject: Re: outgoing tcp port 25 blocked? how to prove it? Date: Sat, 19 Oct 2024 07:33:19 -0700 Organization: A noiseless patient Spider Lines: 49 Message-ID: <868qukw4b4.fsf@linuxsc.com> References: <87o73h4if7.fsf@tudado.org> <87plnwz40w.fsf@wimezu.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Injection-Date: Sat, 19 Oct 2024 16:33:20 +0200 (CEST) Injection-Info: dont-email.me; posting-host="5d81efbb14b8749428a0c4712d168d03"; logging-data="4125498"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1+hasWFvKDNGYZ8wQiWOOqPlmLPTZPKJUM=" User-Agent: Gnus/5.11 (Gnus v5.11) Emacs/22.4 (gnu/linux) Cancel-Lock: sha1:xLtJSAbuenjPIKAFeNFTXJNnztA= sha1:hgJPfWadYM6PW+rZwmp3X8kt7yw= Bytes: 3153 Lesley Esen writes: > Winston writes: > >> Lesley Esen writes: >> >>> # tcpdump -n port 25 >>> tcpdump: verbose output suppressed, use -v or -vv for full protocol decode >>> listening on ena0, link-type EN10MB (Ethernet), capture size 262144 bytes >>> 09:01:45.939473 IP 172.26.5.226.37963 > 69.164.210.174.25: Flags >>> [S], seq 1665376094, win 65535, >> >> 172.26.*.* is private, not public, IP address space. If that's the TCP >> source address being sent to the remote hosts, it's not surprising >> you're not getting an answer. If I'm reading your article right, the >> public IP address 34.197.192.71. > > That's the public IP address, yes. This is typical on the AWS network. > Each instance gets a private and a public IP address. I never see the > public IP address in the instance, but the packets must be being > rewritten by the AWS network because I can communicate with the outside > world just fine. > >> If you can't solve the problem directly, you may need to relay outbound >> mail via some AWS mail forwarder, if they have them. > > I think that's also possible. > >>> The host 69.164.210.174 also runs an SMTP server, but someone seems to >>> block my path to it. It might not AWS as I also can't reach it from my >>> personal computer (with a dynamic IP address). >> >> Try "netstat -an4" on 69.164.210.174 to verify that the mail server is >> indeed listening on port 25. > > %netstat -an4 | grep 25 > tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN > tcp 0 0 69.164.210.174:25 194.169.175.47:34740 TIME_WAIT > tcp 0 0 69.164.210.174:25 194.169.175.47:40116 TIME_WAIT Can you try running a traceroute? I did this: sudo traceroute -n --tcp -p 25 69.164.210.174 and was able to see the path (with 13 stops along the way) from my colo server to 69.164.210.174. If you are being blocked I would expect the traceroute to stall at some point along the path.