On Fri, 21 Nov 2003, Charles Sprickman wrote:
On Fri, 21 Nov 2003, Jay Hennigan wrote:
In our case it's at the IP level. Our mailserver gets "connection refused" from their "business" mail servers at "bizmailsrvcs.net". We got someone on the phone who was supposed to look into it a week or so ago.
Have a look at the logs on your primary MX. Part of their "anti-spam" solution seems to be a connection back to your primary MXer to check if the envelope from is valid or not. If you don't reply in the (very short) timeout period, the mail is rejected with a *permanent* failure.
Hmmm... Our primary MX is Postini. And they won't even open a socket on TCP 25 so we don't get far enough to give them an envelope from. beach% telnet mta1.bizmailsrvcs.net 25 Trying 206.46.164.22... Connected to mta1.bizmailsrvcs.net. Escape character is '^]'. 421 oe-mp1.bizmailsrvcs.net connection refused from [199.201.128.19] Connection closed by foreign host. What's weird is that any random dialup or DSL can connect to them just fine. It seems like they've put our mail sender in a local blacklist but we truly hate and kill what few spammers crop up here on sight.
It's a horrible design. It's useless for them on MTAs that just accept everything into the queue and work it from there (qmail, ?) and a pain to the sender if you happen to have your primary mx swamped in a spam attack when they try to query it. From what I can see, the timeout is *very* short and they do not try anything other than the primary mxer.
I think it's two different issues, as ours is at a lower level. -- Jay Hennigan - CCIE #7880 - Network Administration - jay@west.net WestNet: Connecting you to the planet. 805 884-6323 WB6RDV NetLojix Communications, Inc. - http://www.netlojix.com/