Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

can not telnet port 25

3,409 views
Skip to first unread message

Feel Zhou

unread,
Feb 20, 2014, 9:31:18 PM2/20/14
to
Hello, My friend
This is Tom, I'm sending my greeting from China.
Today, one of my postfix server can not telnet any other mail server's port 25. It's working before 9:00am(bejing time CHina), I have restart the mail server and reinstall the postfix. but it's looks like not working. How can I fix this problem. Thanks for your help
TOM

Venkat

unread,
Feb 20, 2014, 9:37:36 PM2/20/14
to
Check your firewall settings to see if the connection is being blocked.

Feel Zhou

unread,
Feb 20, 2014, 9:41:31 PM2/20/14
to

-A INPUT -m state --state NEW -m tcp -p tcp --dport 25 -j ACCEPT

firewall is ok

Mauricio Tavares

unread,
Feb 20, 2014, 9:52:54 PM2/20/14
to
On Thu, Feb 20, 2014 at 9:31 PM, Feel Zhou <feel...@gmail.com> wrote:
> Hello, My friend
> This is Tom, I'm sending my greeting from China.
> Today, one of my postfix server can not telnet any other mail server's port
> 25. It's working before 9:00am(bejing time CHina), I have restart the mail
> server and reinstall the postfix. but it's looks like not working. How can I
> fix this problem. Thanks for your help
> TOM

Did you check the logs?

Viktor Dukhovni

unread,
Feb 20, 2014, 10:12:53 PM2/20/14
to
On Fri, Feb 21, 2014 at 10:31:18AM +0800, Feel Zhou wrote:

> Today, one of my postfix server can not telnet any other mail server's port
> 25.

If you cannot make a TCP connection to port 25, your problem is
outside Postfix. Your ISP may have blocked port 25 outbound.

> It's working before 9:00am(bejing time CHina), I have restart the mail
> server and reinstall the postfix. but it's looks like not working. How can
> I fix this problem. Thanks for your help

Postfix relies on working TCP/IP infrastructure. Postfix cannot
configure away problems in the network stack.

--
Viktor.

Benny Pedersen

unread,
Feb 20, 2014, 10:48:30 PM2/20/14
to
On 2014-02-21 03:41, Feel Zhou wrote:
> -A INPUT -m state --state NEW -m tcp -p tcp --dport 25 -j ACCEPT

it might be geoip blocking you see to the recipient mailservers if you
not see it to all recipient ips

if that is it, then you can just remove recipient domain from dns with
bind9 rpz zone

until recipient domains begins to learn :=)

Eric Kimminau

unread,
Feb 20, 2014, 10:53:42 PM2/20/14
to
1) Postfix has NO impact on telnet. If you cannot telnet outbound to a remote port 25 the problem is that something on your host is blocking port 25 or something upstream from you is blocking port 25.

Can you perform the following:

telnet localhost 25

If this works, you CAN telnet to port 25 locally.

Then try a known Good SMTP server, such as Google:
# nslookup -q=MX gmail.com
Server:         209.172.41.202
Address:        209.172.41.202#53

Non-authoritative answer:
gmail.com       mail exchanger = 5 gmail-smtp-in.l.google.com.
gmail.com       mail exchanger = 30 alt3.gmail-smtp-in.l.google.com.
gmail.com       mail exchanger = 20 alt2.gmail-smtp-in.l.google.com.
gmail.com       mail exchanger = 10 alt1.gmail-smtp-in.l.google.com.
gmail.com       mail exchanger = 40 alt4.gmail-smtp-in.l.google.com.

Authoritative answers can be found from:
alt3.gmail-smtp-in.l.google.com internet address = 173.194.70.27
gmail-smtp-in.l.google.com      internet address = 173.194.76.26
alt4.gmail-smtp-in.l.google.com internet address = 173.194.69.27
alt1.gmail-smtp-in.l.google.com internet address = 173.194.66.27
alt2.gmail-smtp-in.l.google.com internet address = 74.125.136.27

[root@cl-t159-360cl ~]# telnet gmail-smtp-in.l.google.com 25
Trying 173.194.76.26...
Connected to gmail-smtp-in.l.google.com (173.194.76.26).
Escape character is '^]'.
220 mx.google.com ESMTP a3si2597941qao.15 - gsmtp
quit
Connection closed by foreign host.

Make sure you actually have a service sunning on port 25, i.e.:

netstat -an | grep 25
tcp        0      0 0.0.0.0:25                  0.0.0.0:*                   LISTEN
i

Make sure you do not have the inet service set to private in your master.cf:
When I first started troubleshooting I got an error in the /var/log/maillog
Jan 30 11:34:45 list postfix/master[20710]: fatal: /etc/postfix/master.cf: line 40: inet service cannot be private.
went into master.cf
found this
"smtp inet - - n - - smtp"
Changed first "-" to n
"smtp inet n - n - - smtp"
restarted post fix worked.

Hope it helps.




On 2/20/2014 9:31 PM, Feel Zhou wrote:
Hello, My friend
This is Tom, I'm sending my greeting from China.
Today, one of my postfix server can not telnet any other mail server's port 25. It's working before 9:00am(bejing time CHina), I have restart the mail server and reinstall the postfix. but it's looks like not working. How can I fix this problem. Thanks for your help
TOM

-- 
Eric Kimminau, Troop #284 Recruiting
e...@kimminau.org
cell: 248-766-5353
home: 248-393-8036

Feel Zhou

unread,
Feb 27, 2014, 2:00:13 AM2/27/14
to
Thanks for everyone
It's working after few hour..
My ISP may have blocked port 25 outbound
It' working well now
Sorry for answer so late, because of busy with my business
Thanks again
TOM
0 new messages