telnet to mail server from outside does not get 220, telnet from inside works

[Vince Hoffman]

brad davison wrote:
> 
> 
>> Date: Mon, 12 May 2008 17:49:07 +0200
>> From: wojtek at wojtek.tensor.gdynia.pl
>> To: demonichandextensions at hotmail.com
>> CC: freebsd-questions at freebsd.org
>> Subject: Re: telnet to mail server from outside does not get 220, telnet from inside works
>>
>>> Trying ::1...
>>> Connected to localhost.xxxxxxxxx.com.
>>> Escape character is '^]'.
>>> 220 email.xxxxxxxxx.com ESMTP Sendmail 8.13.8/8.13.8; Mon, 12 May 2008 10:01:39 -0400 (EDT)
>>>
>>>
>>>
>>> But if I try the same thing from 'outside' the firewall I get:
>>>
>>> %telnet email.xxxxxxxxxxxx.com 25
>>> Trying 67.x.x.x...
>>> Connected to email.xxxxxxxxxxx.com.
>>> Escape character is '^]'.
>>> Connection closed by foreign host.
>>>
>>>
>> sendmail try to connect to port auth of remote machine. your firewall 
>> probably blocks it just by dropping packets, so it tries until timeout
>>
>> telnet from outside, wait few minutes and you will get a prompt.
>>
>> change your firewall rules to fix it
>> _______________________________________________
> 
> 
> You get the prize.  
> 
> We have a Cisco ASA, and everything works on port 587, but port 25 has cisco's 'Application Inspection' or something that I need to figure out how to turn off.
> 
assuming its the same as for a pix (been a while since I used a cisco
firewall ;) then it should be
no fixup smtp
(its one of the first things I used to turn off ;)
vince


> Thanks for the attention.
> 
> _________________________________________________________________
> Make Windows Vista more reliable and secure with Windows Vista Service Pack 1.
> http://www.windowsvista.com/SP1?WT.mc_id=hotmailvistasp1banner_______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"