1 Topic by jakkl91

  • jakkl91
  • Member
  • Offline
  • Registered: 2016-11-16
  • Posts: 3

Topic: Server suddenly refusing connection

==== Required information ====
- iRedMail version (check /etc/iredmail-release): 0.9.7
- Linux/BSD distribution name and version: Debian Jessie
- Store mail accounts in which backend (LDAP/MySQL/PGSQL):MySQL
- Web server (Apache or Nginx):Apache
- Manage mail accounts with iRedAdmin-Pro? yes
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

Hi,
since few days, I have strange behaviour of my IredMail server: the server suddenly started refusing connections to port

25 from our spam provider. After I reboot the server our provider is able to deliver queued mails for aproximatly 10

minutes. After this time connections to the same port are refused again.
I couldn't find anything in mail.log, a trace with tcpdump shows that IredMail server sends back an ICMP message with

"port smtp unreachable". Are there any settings I missed?

16:12:24.781025 IP (tos 0xc0, ttl 64, id 56967, offset 0, flags [none], proto ICMP (1), length 88)
    [iredmailserver] > [provider]: ICMP [iredmailserver] tcp port smtp unreachable, length 68
        IP (tos 0x0, ttl 59, id 28331, offset 0, flags [DF], proto TCP (6), length 60)
    [provider].50012 > [iredmailserver].smtp: Flags [S], cksum 0xca29 (correct), seq 2866150684, win 14600, options [mss

1460,sackOK,TS val 3399790348 ecr 0,nop,wscale 2], length 0
16:12:24.801142 IP (tos 0x0, ttl 59, id 4675, offset 0, flags [DF], proto TCP (6), length 60)
    [provider].50070 > [iredmailserver].smtp: Flags [S], cksum 0x26aa (correct), seq 2443819386, win 14600, options [mss

1460,sackOK,TS val 3399790368 ecr 0,nop,wscale 2], length 0
16:12:26.801159 IP (tos 0x0, ttl 59, id 4676, offset 0, flags [DF], proto TCP (6), length 60)
    [provider].50070 > [iredmailserver].smtp: Flags [S], cksum 0x1eda (correct), seq 2443819386, win 14600, options [mss

1460,sackOK,TS val 3399792368 ecr 0,nop,wscale 2], length 0
16:12:26.801212 IP (tos 0xc0, ttl 64, id 56968, offset 0, flags [none], proto ICMP (1), length 88)
    [iredmailserver] > [provider]: ICMP [iredmailserver] tcp port smtp unreachable, length 68
        IP (tos 0x0, ttl 59, id 4676, offset 0, flags [DF], proto TCP (6), length 60)
    [provider].50070 > [iredmailserver].smtp: Flags [S], cksum 0x1eda (correct), seq 2443819386, win 14600, options [mss

1460,sackOK,TS val 3399792368 ecr 0,nop,wscale 2], length 0


Thanks in advance

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by dsp3

  • dsp3
  • Member
  • Offline
  • Registered: 2015-12-23
  • Posts: 104

Re: Server suddenly refusing connection

Check what fail2ban-client has blacklisted

3 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,793

Re: Server suddenly refusing connection

*) Did you got any original error message of the refused connection?
*) Any related log in Postfix log file?

4 Reply by jakkl91

  • jakkl91
  • Member
  • Offline
  • Registered: 2016-11-16
  • Posts: 3

Re: Server suddenly refusing connection

Thanks, fail2ban was the right hint. I found some messages in syslog that the provider's IPs were banned.
After adding the IPs to jail.local "ignoreip" fail2ban stopped blocking the port.