MX problems

Warren Bailey wbailey at gci.com
Tue May 19 18:24:04 CDT 2009


Or...

His provider is using dpi to drop packets destined for non provider mx servers.

This would certainly reduce spam from compromised hosts.

----- Original Message -----
From: Gregory McLean <gmclean at xilogix.net>
To: Polar Humenn <polar.humenn at gmail.com>
Cc: nanog at nanog.org <nanog at nanog.org>
Sent: Tue May 19 15:19:23 2009
Subject: Re: MX problems

On Tue, 2009-05-19 at 19:02 -0400, Polar Humenn wrote:
> >From my mail log. Geez, I can't even get to Cornell, which is just down the
> friggin road! (Yeah, I know, but really).
> What is going on?
> 
> May 19 18:58:26 greene postfix/smtp[5895]: connect to
> mailin-01.mx.AOL.COM[205.188.159.57]:
> No route to host (port 25)
> May 19 18:58:27 greene postfix/smtp[5904]: connect to
> penguin.cs.cornell.edu[128.84.96.11]:
> No route to host (port 25)
> May 19 18:58:27 greene postfix/smtp[5899]: connect to
> mx.vgs.untd.com[64.136.52.37]:
> No route to host (port 25)
> May 19 18:58:27 greene postfix/smtp[5919]: connect to
> incoming3.american.edu[147.9.1.250]:
> No route to host (port 25)
> May 19 18:58:30 greene postfix/smtp[5904]: connect to
> iago.cs.cornell.edu[128.84.96.10]:
> No route to host (port 25)
> May 19 18:58:30 greene postfix/smtp[5904]: 0992D8DDE: to=<
> simeon at cs.cornell.edu>, relay=none, delay=371744, status=deferred (connect
> to iago.cs.cornell.edu[128.84.96.10]: No route to host)
> May 19 18:58:30 greene postfix/smtp[5919]: connect to
> incoming2.american.edu[147.9.1.249]:
> No route to host (port 25)
> May 19 18:58:30 greene postfix/smtp[5919]: 5F6AC8C0E: to=<drshow at wamu.org>,
> relay=none, delay=116954, status=deferred (connect to
> incoming2.american.edu[147.9.1.249]:
> No route to host)
> May 19 18:58:33 greene postfix/smtp[5901]: connect to
> cisbec.net.s6a1.psmtp.com[64.18.5.10]: No route to host (port 25)
> May 19 18:58:33 greene postfix/smtp[5913]: connect to
> smtp-mx6.mac.com[17.148.20.69]:
> No route to host (port 25)
> May 19 18:58:35 greene postfix/smtp[5895]: connect to
> mailin-01.mx.AOL.COM[205.188.156.248]:
> No route to host (port 25)
> May 19 18:58:36 greene postfix/smtp[5899]: connect to
> mx.dca.untd.com[64.136.44.37]:
> No route to host (port 25)
> May 19 18:58:36 greene postfix/smtp[5899]: D3A158876: to=<becward at JUNO.COM>,
> relay=none, delay=183359, status=deferred (connect to
> mx.dca.untd.com[64.136.44.37]:
> No route to host)
> May 19 18:58:42 greene postfix/smtp[5901]: connect to
> cisbec.net.s6a2.psmtp.com[64.18.5.11]: No route to host (port 25)
> May 19 18:58:45 greene postfix/smtp[5901]: connect to
> cisbec.net.s6b1.psmtp.com[64.18.5.13]: No route to host (port 25)
> May 19 18:58:45 greene postfix/smtp[5910]: connect to
> hrndva-smtpin01.mail.rr.com[71.74.56.243]: No route to host (port 25)
> May 19 18:58:48 greene postfix/smtp[5901]: connect to
> cisbec.net.s6b2.psmtp.com[64.18.5.14]: No route to host (port 25)
> May 19 18:58:48 greene postfix/smtp[5901]: 0992D8DDE: to=<
> arahant1 at cisbec.net>, relay=none, delay=371762, status=deferred (connect to
> cisbec.net.s6b2.psmtp.com[64.18.5.14]: No route to host)
> 

I smell a port blocking going on... Or a mis config on a firewall. (A
firewall/router set to reject with icmp-host-prohibited)

That would be my guess.





More information about the NANOG mailing list