|
Home > Archive > IIS and SMTP > April 2007 > DNSReport.com connection failure
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
DNSReport.com connection failure
|
|
| JC Creque 2007-04-06, 7:17 pm |
| I just started using IIS 6.0 for routing of my internet mail. When I checked
dnsreport.com for my domain (rlshospital.org) i am getting the following
error message:
ERROR: I could not complete a connection to any of your mailservers!
I did some research and it seems to be a problem with the relay setup. Once
I disable relay dnsreport.com states it can connect but then it lists my mail
server as an open relay.
I also get the same problem with www.abuse.net/relay.html. It is supposed
to connect and return a 550 relay not permitted error message. Instead it
does not allow a connection. Please advise.
| |
| Steve Schofield 2007-04-08, 1:18 pm |
| Port 25 is probably not accessible from the outside. Try telneting to port
25 from outside your network.
--
Thank you,
Steve Schofield
Windows Server MVP - IIS
ASPInsider Member - MCP
http://www.orcsweb.com/
Managed Complex Hosting
#1 in Service and Support
"JC Creque" <JCCreque@discussions.microsoft.com> wrote in message
news:DE2EDA18-97AD-4094-BD90-4D97BCBC3153@microsoft.com...
>I just started using IIS 6.0 for routing of my internet mail. When I
>checked
> dnsreport.com for my domain (rlshospital.org) i am getting the following
> error message:
>
> ERROR: I could not complete a connection to any of your mailservers!
>
> I did some research and it seems to be a problem with the relay setup.
> Once
> I disable relay dnsreport.com states it can connect but then it lists my
> mail
> server as an open relay.
>
> I also get the same problem with www.abuse.net/relay.html. It is supposed
> to connect and return a 550 relay not permitted error message. Instead it
> does not allow a connection. Please advise.
| |
| JC Creque 2007-04-09, 1:17 am |
| My mail is working fine. The aforemetioned internet tools I am using are
stating that it is down. There are no problems with telneting to port 25.
"Steve Schofield" wrote:
> Port 25 is probably not accessible from the outside. Try telneting to port
> 25 from outside your network.
>
> --
>
> Thank you,
>
> Steve Schofield
> Windows Server MVP - IIS
> ASPInsider Member - MCP
>
> http://www.orcsweb.com/
> Managed Complex Hosting
> #1 in Service and Support
>
> "JC Creque" <JCCreque@discussions.microsoft.com> wrote in message
> news:DE2EDA18-97AD-4094-BD90-4D97BCBC3153@microsoft.com...
>
>
| |
| Steve Schofield 2007-04-09, 1:19 pm |
| I see what you mean. I looked up your MX record and can telnet to port 25.
Hmm, I'm not sure why DNSReport is having an issue. I'd ask in their forums
to see if they have any input. If you are receiving email, then it could be
an issue with their tool. Everything else looks clean.
--
Thank you,
Steve Schofield
Windows Server MVP - IIS
ASPInsider Member - MCP
http://www.orcsweb.com/
Managed Complex Hosting
#1 in Service and Support
"JC Creque" <JCCreque@discussions.microsoft.com> wrote in message
news:32A6BE02-CC16-41B4-8902-280012734AAD@microsoft.com...[vbcol=seagreen]
> My mail is working fine. The aforemetioned internet tools I am using are
> stating that it is down. There are no problems with telneting to port 25.
>
> "Steve Schofield" wrote:
>
| |
| Sanford Whiteman 2007-04-11, 1:21 am |
| > I see what you mean. I looked up your MX record and can telnet to port
> 25. Hmm, I'm not sure why DNSReport is having an issue. I'd ask in
> their forums to see if they have any input. If you are receiving email,
> then it could be an issue with their tool. Everything else looks clean.
It is, in a sense, an issue with their tool. DNSReport "signs off" their
probe sessions with a somewhat useless disclaimer encoded in a standard
RCPT TO:<Not.abuse.see.DNSReport...@DNSReport.com>. They expect you to
just 5xx this RCPT and allow them to QUIT gracefully (then, later, if
you're looking in your logs, you'd presumably ignore their sessions, kinda
like you'd ignore web hits from a well-known search spider).
If you TCP RST the connection before they can issue a QUIT, the whole
session is deemed a failure. This is consistent with SMTP RFC rules in
its own right... but since their "just looking, don't hate us" RCPT
happens to be at a totally remote domain, it's not too punitive for you to
drop the whole session based on that very aberrant, spammer-like
behavior. And indeed, your server resets a connection promptly when it
sees such a strange RCPT. Shooting themselves in the foot there, eh?
Contrariwise, when you open yourself as a relay, your box accepts mail to
@DNSReport.com, so you don't fail that test anymore, but obvs. you have
other problems.
--Sandy
|
|
|
|
|