some info:
I use another computer running win 2000 adv server for DNS.
I have iptables running with everything open for the output chain and
forward chain. and the input chain has port 25 ACCEPT.
please let me know if there is any other info you might need.
Thanks in advance for your help.
Jack
BTW: these messeges are in the queue for more then a week now, so I
know something is wrong.
From the same box qmail is running from: Type
dig mx somedomain.com
where somedomain.com is one of the domain names of the messages that isn't
going anywhere-- lets say, planetms.com. Do you get a response of
"imap.mistriel.com"? If you don't, then your DNS server is either jacked or
your Linux box isn't configured to resolve names correctly (see
/etc/resolv.conf).
If yes to above, now try:
telnet imap.mistriel.com 25
Do you connect and get the 220 greeting line? If no, then your Linux box is
either unable to get out on port 25 or the return traffic is being eaten, or
the host happened to be dead at that particular moment in time.
--
| Bob Maple | bobm_at_burner_dot_com | [http] burner.com
|
| Thom Yorke: "Here's to getting hitched, Space Ghost."
| "Yeah.. Lets drink until our hearts stop."
[root@linux root]# dig mx planetms.com
; <<>> DiG 9.2.0 <<>> mx planetms.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 3758
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; QUESTION SECTION:
;planetms.com. IN MX
;; ANSWER SECTION:
planetms.com. 3600 IN MX 10 imap.mistriel.com.
;; ADDITIONAL SECTION:
imap.mistriel.com. 86400 IN A 66.234.233.90
;; Query time: 46 msec
;; SERVER: 66.234.233.90#53(66.234.233.90)
;; WHEN: Tue Nov 26 12:46:33 2002
;; MSG SIZE rcvd: 76
[root@linux root]# telnet imap.mistriel.com 25
Trying 66.234.233.90...
these are my iptables -L results.
[root@linux root]# iptables -L
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT udp -- anywhere anywhere udp spt:domain
ACCEPT tcp -- anywhere anywhere tcp dpt:pop3
ACCEPT tcp -- anywhere anywhere tcp dpt:imap
ACCEPT tcp -- anywhere anywhere tcp dpt:smtp
ACCEPT tcp -- anywhere anywhere tcp dpt:http
ACCEPT tcp -- anywhere anywhere tcp dpt:https
ACCEPT tcp -- anywhere anywhere tcp dpt:smtp
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
ACCEPT tcp -- anywhere anywhere tcp dpt:10000
ACCEPT icmp -- anywhere anywhere
DROP all -- anywhere anywhere
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain denylog (0 references)
target prot opt source destination
LOG all -- anywhere anywhere LOG level warning
DROP all -- anywhere anywhere
"Bob Maple" <bob...@nospamburner.com> wrote in message news:<3de2ced5$1...@omega.dimensional.com>...
Does your server's IP appear on www.openrbl.org?
copy and paste the process when a telnet imap.mistriel.com 25 is done.
AK
Actually I have figured it out.
Thank you all.
Turns out that the problem was not qmail related. It was my iptables
firewall script. When I flushed all the tables and set me default
policy to ACCEPT, telnet worked and the queue emptied.
Now I have to create a good secure firewall script. (Any
recommendations???)