Most Odd

SteveA · ‎17-06-2007

My email server threw some odd wobblies this morning:
[tt]
Aug 14 08:18:45 kodaly postfix/smtpd[4823]: warning: 212.159.7.105: address not listed for hostname relay.pcl-ipout02.plus.net
Aug 14 08:18:45 kodaly postfix/smtpd[4823]: connect from unknown[212.159.7.105]
Aug 14 08:18:45 kodaly postfix/smtpd[4823]: setting up TLS connection from unknown[212.159.7.105]
Aug 14 08:18:45 kodaly postfix/smtpd[4823]: Anonymous TLS connection established from unknown[212.159.7.105]: TLSv1 with cipher RC4-SHA (128/128 bits)
Aug 14 08:18:45 kodaly postfix/smtpd[4823]: NOQUEUE: reject: RCPT from unknown[212.159.7.105]: 450 4.7.1 Client host rejected: cannot find your hostname, [212.159.7.105]; from=<JobAlerts@mail.jobserve.com> to=<xxxx@xxxx.xxxx.> proto=ESMTP helo=<PCL-iptrial02.plus.net>[/tt]

and then top it all off for some reason the connecting server identifies itself as PCL-iptrial02.plus.net
Now I could turn off reject_unknown_client in the client restrictions but I'm trying to work out why this happened. I wonder if this was actually a DNS lookup failure?
BTW - if anyone can give me any hints on setting postfix to always allow connections from the PN email servers so this doesn't happen again (and so fail2ban doesn't shove them into the blacklist) then that would be good. I think the obvious way to do this is use a subnet and add it to the mynetworks list and also into the list of unblockable addresses in fail2ban
Also as autoturn is still basically refusing connections I've now got mail queued and can't get at it.

Feel free to move this to another part of the forum if this isn't the right place.

csogilvie · ‎04-04-2007

There were new triial servers addeed this morning, which might be the reason - http://usertools.plus.net/status/archive/1250172737.htm
As for the rest I have no idea, as I don't use fail2ban etc.

SteveA · ‎17-06-2007

So it could have been new servers in the pool and DNS updates just hadn't rippled out then?
Which means that any downstream server that enforces client restrictions could have rejected connections from them...

csogilvie · ‎04-04-2007

Either that, or you were suffering from DNS problems at the time - as I'm not sure what 'cnnot find your hostname' means, I'm only guessing... but:
[colin@colino ~ $] host 212.159.7.105
105.7.159.212.in-addr.arpa domain name pointer relay.pcl-ipout02.plus.net.
which would imply to me that it does have a hostname?
[me=csogilvie]must finish posts first.[/me]

SteveA · ‎17-06-2007

# host 212.159.7.105
105.7.159.212.in-addr.arpa domain name pointer relay.pcl-ipout02.plus.net
#host relay.pcl-ipout02.plus.net
relay.pcl-ipout02.plus.net has address 212.159.7.100
450 is a temporary error so I'm hoping stuff will eventually trickle down

bobpullen · ‎04-04-2007

I'll get this looked into now Steve...
The rDNS entries need some attention, should be sorted during the next hour or two.

Bob Pullen
Plusnet Product Team
If I've been helpful then please give thanks ⤵

SteveA · ‎17-06-2007

Thanks for that Bob.
Is there a CIDR for the IP addresses for the PN email servers so I can add them to my server config to always give them access even if there are DNS problems?

jberry · ‎08-06-2007

Steve,
Currently this would be (for the two sites):
PTN: 212.159.7.32/28
PCL: 212.159.7.96/28
Always subject to change, but not that often and there are some unused addresses in there for growth.

SteveA · ‎17-06-2007

Thanks

Most Odd

Most Odd

Re: Most Odd

Re: Most Odd

Re: Most Odd

Re: Most Odd

Re: Most Odd

Re: Most Odd

Re: Most Odd

Re: Most Odd