|
||||||||
On 4/18/05, Ugo Bellavance <ugob at camo dash route dot com> wrote: > Chris Buechler wrote: > > On 4/18/05, Ugo Bellavance <ugob at camo dash route dot com> wrote: > > > >>My internal mail server sends a message to the filtering gateway, which > >>processes it. Then the filtering gatway tries to send the message to > >>the destination mail server (say 24.24.24.24), it gets redirected to my > >>internal mail server in an infinite loop. > > > > > I doubt if this is a firewall issue. To verify that, run 'telnet > > s0.m0n0.ch 25' on your gateway. If you don't get an answer, there's a > > network problem. It's a sendmail configuration problem if the port > > does answer with something like the following. > > > > Trying 80.238.135.125... > > Connected to s0.m0n0.ch. > > Escape character is '^]'. > > This is why I think it is a firewall issue: > > [ugob@mail ugob]$ telnet 80.238.135.125 25 > Trying 80.238.135.125... > Connected to 80.238.135.125. > Escape character is '^]'. > 220 my.internal.com ESMTP MAIL Service, Version: 5.0.2195.6713 ready at > Mon, 18 Apr 2005 15:04:06 -0400 > Wow, what the... Enable logging for the rule on the interface with the mail server that permits SMTP outbound. See what traffic it logs. m0n0wall has no capabilities to redirect traffic, so I'm guessing sendmail is picking up outbound port 25 traffic somehow. Logging the traffic and seeing what m0n0wall sees will confirm or deny that. If it's trying to get out to 80.238.135.125, then m0n0wall is doing something weird. My guess is the first SMTP packet that goes out is going to your LAN server's IP address, in which case we know something local to the box is causing this behavior. Alternatively, run tcpdump on the filtering server itself and telnet to 25 on s0.m0n0.ch and see what it sees. Or try both that and logging. -Chris |