Advertisement

Seems no one really reads the Unix section anymore...

Started by March 18, 2005 12:17 PM
14 comments, last by markr 19 years, 8 months ago
I have a question. Qmail won't send out any messages to external addresses. I get this Sorry,_I_wasn't_able_to_establish_an_SMTP_connection._(#4.4.1) in my logs. It's not a DNS problem because dig outputs are correct It's not a port problem as far as I know because I can telnet to port 25 I can send mail to local addresses just fine (my hosted domains) I can recieve messages just fine also. Any ideas?
[Sorry about that. Our overefficient moderators had a slight crossing of the wires there, Mushu.]
Advertisement
Have you tried manually connecting out to the mailserver in question from your server box?

This sounds like a networking issue and not specifically to do with Qmail.

If your machine is connected using a home or business (non-hosting) client-style connection (for example, Cable, DSL, ADSL, Modem, IDSN), then your ISP may be doing things to SMTP to make it deliberately fail from your machine (like NAT'ing it to a box which doesn't accept it, or just plain firewalling it)

You should instruct qmail to send to your ISP's smart host instead, some ISPs will require authentication before, or will only accept mail which appears to come from certain domains.

These are common things to stop spam. If you have a legitimate reason to run your own relay, contact your ISP and ask them to enable you to do so.

Cheers
Mark
Quote: Original post by markr
Have you tried manually connecting out to the mailserver in question from your server box?

This sounds like a networking issue and not specifically to do with Qmail.

If your machine is connected using a home or business (non-hosting) client-style connection (for example, Cable, DSL, ADSL, Modem, IDSN), then your ISP may be doing things to SMTP to make it deliberately fail from your machine (like NAT'ing it to a box which doesn't accept it, or just plain firewalling it)

You should instruct qmail to send to your ISP's smart host instead, some ISPs will require authentication before, or will only accept mail which appears to come from certain domains.

These are common things to stop spam. If you have a legitimate reason to run your own relay, contact your ISP and ask them to enable you to do so.

Cheers
Mark


It's a virtual dedicated server.

How would I try manually connecting? Telnet probably won't work (I tried it on hotmail.com as a test.. no route to host)
Quote: Original post by Maega

It's a virtual dedicated server.

How would I try manually connecting? Telnet probably won't work (I tried it on hotmail.com as a test.. no route to host)


ssh into your dedicated server, then telnet out to the MX of the domain you're interested in, on port 25.

Most domains have an "A" record which is different from the "MX" records. Don't use the "A" record if an MX is available (as per the SMTP spec).

So dig -t mx targetdomain.com

then try telnetting to those hosts on port 25

Mark
telnet mail.hotmail.com 25

Have you tried it?

From,
Nice coder
Click here to patch the mozilla IDN exploit, or click Here then type in Network.enableidn and set its value to false. Restart the browser for the patches to work.
Advertisement
I don't believe that will work anyway. I'm sure they've turned off telnet :)


Using an external SMTP server works. It can connect via telnet and send mail from it.

Is there something in the logs of qmail-smtpd that I should be looking for? Nothing stands out.
Quote: Original post by Maega
I don't believe that will work anyway. I'm sure they've turned off telnet :)


port 25 is the SMTP port, not the standard telnet port... try it. If it works, then you should be able to connect.
Well, I know.. I assumed hotmail locked out external connections to their SMTP.


It does not connect to it from telnet. No route to host.
Quote: Original post by Maega
It does not connect to it from telnet. No route to host.


"No route to host" wouldn't be specific to hotmail though... try a traceroute and see how far it gets... perhaps there's a firewall somewhere stopping you from getting to it.

This topic is closed to new replies.

Advertisement