Firewalling based on a static port number is now DPI? - S -----Original Message----- From: Warren Bailey <wbailey@gci.com> Sent: Tuesday, May 19, 2009 16:25 To: gmclean@xilogix.net <gmclean@xilogix.net>; polar.humenn@gmail.com <polar.humenn@gmail.com> Cc: nanog@nanog.org <nanog@nanog.org> Subject: Re: MX problems Or... His provider is using dpi to drop packets destined for non provider mx servers. This would certainly reduce spam from compromised hosts. ----- Original Message ----- From: Gregory McLean <gmclean@xilogix.net> To: Polar Humenn <polar.humenn@gmail.com> Cc: nanog@nanog.org <nanog@nanog.org> Sent: Tue May 19 15:19:23 2009 Subject: Re: MX problems On Tue, 2009-05-19 at 19:02 -0400, Polar Humenn wrote:
From my mail log. Geez, I can't even get to Cornell, which is just down the friggin road! (Yeah, I know, but really). What is going on?
May 19 18:58:26 greene postfix/smtp[5895]: connect to mailin-01.mx.AOL.COM[205.188.159.57]: No route to host (port 25) May 19 18:58:27 greene postfix/smtp[5904]: connect to penguin.cs.cornell.edu[128.84.96.11]: No route to host (port 25) May 19 18:58:27 greene postfix/smtp[5899]: connect to mx.vgs.untd.com[64.136.52.37]: No route to host (port 25) May 19 18:58:27 greene postfix/smtp[5919]: connect to incoming3.american.edu[147.9.1.250]: No route to host (port 25) May 19 18:58:30 greene postfix/smtp[5904]: connect to iago.cs.cornell.edu[128.84.96.10]: No route to host (port 25) May 19 18:58:30 greene postfix/smtp[5904]: 0992D8DDE: to=< simeon@cs.cornell.edu>, relay=none, delay=371744, status=deferred (connect to iago.cs.cornell.edu[128.84.96.10]: No route to host) May 19 18:58:30 greene postfix/smtp[5919]: connect to incoming2.american.edu[147.9.1.249]: No route to host (port 25) May 19 18:58:30 greene postfix/smtp[5919]: 5F6AC8C0E: to=<drshow@wamu.org>, relay=none, delay=116954, status=deferred (connect to incoming2.american.edu[147.9.1.249]: No route to host) May 19 18:58:33 greene postfix/smtp[5901]: connect to cisbec.net.s6a1.psmtp.com[64.18.5.10]: No route to host (port 25) May 19 18:58:33 greene postfix/smtp[5913]: connect to smtp-mx6.mac.com[17.148.20.69]: No route to host (port 25) May 19 18:58:35 greene postfix/smtp[5895]: connect to mailin-01.mx.AOL.COM[205.188.156.248]: No route to host (port 25) May 19 18:58:36 greene postfix/smtp[5899]: connect to mx.dca.untd.com[64.136.44.37]: No route to host (port 25) May 19 18:58:36 greene postfix/smtp[5899]: D3A158876: to=<becward@JUNO.COM>, relay=none, delay=183359, status=deferred (connect to mx.dca.untd.com[64.136.44.37]: No route to host) May 19 18:58:42 greene postfix/smtp[5901]: connect to cisbec.net.s6a2.psmtp.com[64.18.5.11]: No route to host (port 25) May 19 18:58:45 greene postfix/smtp[5901]: connect to cisbec.net.s6b1.psmtp.com[64.18.5.13]: No route to host (port 25) May 19 18:58:45 greene postfix/smtp[5910]: connect to hrndva-smtpin01.mail.rr.com[71.74.56.243]: No route to host (port 25) May 19 18:58:48 greene postfix/smtp[5901]: connect to cisbec.net.s6b2.psmtp.com[64.18.5.14]: No route to host (port 25) May 19 18:58:48 greene postfix/smtp[5901]: 0992D8DDE: to=< arahant1@cisbec.net>, relay=none, delay=371762, status=deferred (connect to cisbec.net.s6b2.psmtp.com[64.18.5.14]: No route to host)
I smell a port blocking going on... Or a mis config on a firewall. (A firewall/router set to reject with icmp-host-prohibited) That would be my guess.