Help Needed: My RHEL5 box suddenly stopped accepting e-mails

Jacky Li zli at
Tue May 10 07:38:48 UTC 2011


Is there a firewall in your company?  Your computers on the same subnet 
able to telnet to 25.  Your gmail doesn't work.  Maybe you should ask 
your IT department if there is a firewall and if it is blocking 25 to 
your computer.


On 2011-5-9 19:41, Mun wrote:
> Hi all,
> Well, unfortunately my IT dept is claiming their network is fine--and
> therefore the problem lies
> either with my system, or is not worth their time to debug.  I am still
> trying to gather more
> evidence to prove that my system is operating correctly; but I am starting
> to lose hope that I
> will persevere in this effort.  Although, I'm not willing to throw in the
> towel just yet.
> In any case, see below for additional comments.
> On Sun, May 8, 2011 at 2:27 PM, Barry Brimer<lists at>  wrote:
>> 1.  Add an iptables logging rule that logs and connections to port 25 not
>>>> from localhost.  Something like:
>>>> iptables -I INPUT -i ! lo -p tcp -m tcp --dport 25 -j LOG
>>> I am going to wait on the change because I don't feel comfortable doing
>>> this
>>> just yet.  Note
>>> that we have established that systems on my subnet can successfully telnet
>>> into port 25 of
>>> my system; whereas systems on other subnets cannot.  Would the logging
>>> rule
>>> above provide
>>> additional information regarding the failed connection attempts to port
>>> 25?
>> You're not blocking/allowing anything .. just logging, before any ACCEPT
>> rules.  If you try to telnet to port 25 from another subnet with this rule
>> in place and you don't see connections getting logged, they're not getting
>> to your server.
> I went ahead and made the changes to the iptables logging as you suggested.
>   When I use swaks to
> send my machine email from an offsite system, I _do_ see messages show up in
> my /var/log/messages
> file showing some kind of interaction between the offsite system and my
> system.  I don't know what is
> being discussed between the systems, but the offsite system does finally
> timeout in it's attemt to connect.
> Does this imply my system is not allowing the remote system to send it
> email?  And therefore it
> _is_ my system that is at fault?
> BTW, out of curiosity, how do I remove the iptables logging?  (Assuming this
> issue ever gets
> resolved and I want to reduce the amount of logging.)
>>   6.  Verify other Internet communications work .. perhaps you've got a bad
>>>> route of some kind.
>>> I seem to be able to do other internet activity without any problems.
>> What about connecting to other internal hosts that are on a different
>> subnet.  I still think this could be routing related.  Have you verified
>> your routing table with IT?
> I can connect to systems via ssh on different subnets within the company.
> I have not verified my routing table with IT.  I would not know what to
> verify.
> I did send my IT dept a traceroute from a remote system that cannot send my
> system email.
> I don't know if that is of any value, but I'm just trying to keep nudging
> them with data and
> hoping something will trigger an "ah ha!" moment.
>>   7.  Run some tests with swaks<>
>>> I'm not familiar with swaks; but I'll look into it.
>> I usually manually telnet to port 25 and have an SMTP conversation with the
>> mail server.  If you don't speak fluent SMTP, swaks can help.
> swaks works great!  Especially for someone like me.  Thanks for that tip.
>>   8.  Use system-switch-mail to verify that your system is using sendmail.
>>   My system is running sendmail.  However, I'm not familiar with
>>> system-switch-mail, nor could
>>> I find that command on my system.
>> If you ever had postfix or qmail installed from RH it installs in a way
>> that allows you to switch between MTAs.  system-switch-mail manages symlinks
>> to make sure everything lines up correctly.  You can install the
>> system-switch-mail package if you like.  Probably not needed.
> Oh, I see.  I have not installed any other MTA's onto my system.  At one
> point I was considering
> that as another test of my system; but I don't think that test is needed
> anymore.  It seems we
> have proven that sendmail is working properly, and that the problem is
> outside of the MTA.
> Many thanks to all that are trying so hard to help me out!  I wish just one
> of you worked my
> company's IT dept ;)
> Best regards,

More information about the redhat-list mailing list