Mailing List Archive: exim: users

Gmail and Google blocking inbound port 25?

Index | Next | Previous | View Threaded

mike.lyon at gmail

Jun 1, 2012, 12:35 PM

Post #1 of 10 (607 views)
Permalink

Gmail and Google blocking inbound port 25?

Howdy,

I know this isn't an exim related question but it's affecting the ability
for my exim install to deliver email... Anyways, It appears when my exim
install tries to deliver email to Google or Yahoo, both of them refuse the
port 25 connection from my host. I went to another server I have in a
different subnet and was able to telnet to port 25 at both Google and
Yahoo. So it appears they are blocking this one subnet I have from
connecting to them.

How does one resolve this issue?

Thank You,
Mike
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

wbh at conducive

Jun 1, 2012, 12:53 PM

Post #2 of 10 (600 views)
Permalink

Re: Gmail and Google blocking inbound port 25? [In reply to]

Mike Lyon wrote:
> Howdy,
>
> I know this isn't an exim related question but it's affecting the ability
> for my exim install to deliver email... Anyways, It appears when my exim
> install tries to deliver email to Google or Yahoo, both of them refuse the
> port 25 connection from my host. I went to another server I have in a
> different subnet and was able to telnet to port 25 at both Google and
> Yahoo. So it appears they are blocking this one subnet I have from
> connecting to them.
>
> How does one resolve this issue?
>
> Thank You,
> Mike

'Stock' answer is to investigate the subnet with a 'whois' and see how
it is allocated. If 'AP' - as most 'residential' connectivity pools, and
all-too many so-called 'business' broadband are, then check also RBL's
such as SORBS and the like that target dynamic-IP block ranges.

These are sometimes 'discovered' and other times voluntarily listed by
ISP who have a ToS that prohibits running MTA etc - then operate an MTA
on a different block for use of their connectivity pool subscribers.

Hard to get around that. Potentially harder yet if it is a
Google-specific LBL. Several majors, such as the former 'Baby bell' in
the US, are doing that now on perfectly good IP blocks, sometimes purely
on a basis of GeoIp or host country of the block holder.

I'm presuming, of course, that with your experience level, you already
have a valid non-generic, FQDN-relevant, PTR RR and matching MX DNS
entries. Absent that, a BL needn't be checked, as a vanilla reverse
lookup fails.

Bill
--
韓家標

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

mike.lyon at gmail

Jun 1, 2012, 1:17 PM

Post #3 of 10 (604 views)
Permalink

Re: Gmail and Google blocking inbound port 25? [In reply to]

Well, I have the forward and reverse IPs matching. Don't have any MX
records for that specific domain set-up because I don't have any inbound
mail setup for that domain (nor do I want it).

It's an IP block that was allocated to us from ATT on a business circuit. I
checked the IP addresses on MX toolbox and they come up clean

Would they actually refuse the connection if there were no MX records for
that domain?

Thanks,
Mike

On Fri, Jun 1, 2012 at 12:53 PM, W B Hacker <wbh [at] conducive> wrote:

> Mike Lyon wrote:
>
>> Howdy,
>>
>> I know this isn't an exim related question but it's affecting the ability
>> for my exim install to deliver email... Anyways, It appears when my exim
>> install tries to deliver email to Google or Yahoo, both of them refuse the
>> port 25 connection from my host. I went to another server I have in a
>> different subnet and was able to telnet to port 25 at both Google and
>> Yahoo. So it appears they are blocking this one subnet I have from
>> connecting to them.
>>
>> How does one resolve this issue?
>>
>> Thank You,
>> Mike
>>
>
> 'Stock' answer is to investigate the subnet with a 'whois' and see how it
> is allocated. If 'AP' - as most 'residential' connectivity pools, and
> all-too many so-called 'business' broadband are, then check also RBL's such
> as SORBS and the like that target dynamic-IP block ranges.
>
> These are sometimes 'discovered' and other times voluntarily listed by ISP
> who have a ToS that prohibits running MTA etc - then operate an MTA on a
> different block for use of their connectivity pool subscribers.
>
> Hard to get around that. Potentially harder yet if it is a Google-specific
> LBL. Several majors, such as the former 'Baby bell' in the US, are doing
> that now on perfectly good IP blocks, sometimes purely on a basis of GeoIp
> or host country of the block holder.
>
> I'm presuming, of course, that with your experience level, you already
> have a valid non-generic, FQDN-relevant, PTR RR and matching MX DNS
> entries. Absent that, a BL needn't be checked, as a vanilla reverse lookup
> fails.
>
> Bill
> --
> 韓家標
>
> --
> ## List details at https://lists.exim.org/**mailman/listinfo/exim-users<https://lists.exim.org/mailman/listinfo/exim-users>
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://wiki.exim.org/

--
Mike Lyon
408-621-4826
mike.lyon [at] gmail

http://www.linkedin.com/in/mlyon
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

tlyons at ivenue

Jun 1, 2012, 1:50 PM

Post #4 of 10 (601 views)
Permalink

Re: Gmail and Google blocking inbound port 25? [In reply to]

On Fri, Jun 1, 2012 at 1:17 PM, Mike Lyon <mike.lyon [at] gmail> wrote:
> Well, I have the forward and reverse IPs matching. Don't have any MX
> records for that specific domain set-up because I don't have any inbound
> mail setup for that domain (nor do I want it).

Set up an MX record that indicates that then.
http://tools.ietf.org/html/draft-delany-nullmx-00
It may only be draft, but I've seen it in the past in live production.

> It's an IP block that was allocated to us from ATT on a business circuit. I
> checked the IP addresses on MX toolbox and they come up clean

That's a good thing.

> Would they actually refuse the connection if there were no MX records for
> that domain?

If they do, then they break fallback to A records as defined in the RFC's.

...Todd
--
Always code as if the guy who ends up maintaining your code will be a
violent psychopath who knows where you live. -- Martin Golding

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

wbh at conducive

Jun 1, 2012, 3:26 PM

Post #5 of 10 (599 views)
Permalink

Re: Gmail and Google blocking inbound port 25? [In reply to]

Todd Lyons wrote:
> On Fri, Jun 1, 2012 at 1:17 PM, Mike Lyon<mike.lyon [at] gmail> wrote:
>> Well, I have the forward and reverse IPs matching. Don't have any MX
>> records for that specific domain set-up because I don't have any inbound
>> mail setup for that domain (nor do I want it).
>
> Set up an MX record that indicates that then.
> http://tools.ietf.org/html/draft-delany-nullmx-00
> It may only be draft, but I've seen it in the past in live production.
>
>> It's an IP block that was allocated to us from ATT on a business circuit. I
>> checked the IP addresses on MX toolbox and they come up clean
>
> That's a good thing.
>
>> Would they actually refuse the connection if there were no MX records for
>> that domain?
>
> If they do, then they break fallback to A records as defined in the RFC's.
>
> ...Todd

Forensics taken offline. Testing completed.

Not a Google issue, nor Exim, nor DNS...

Stale FW rule on port 25 was penning Mike right in hizzown tcpip
stack... never left his own box.

Nothing further to see here...

;-)

Bill
--
韓家標

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

mike.lyon at gmail

Jun 1, 2012, 3:44 PM

Post #6 of 10 (599 views)
Permalink

Re: Gmail and Google blocking inbound port 25? [In reply to]

Mike needed more coffee today..

Thank you all for your help!

<crawls back into cave>

-Mike

On Fri, Jun 1, 2012 at 3:26 PM, W B Hacker <wbh [at] conducive> wrote:

> Todd Lyons wrote:
>
>> On Fri, Jun 1, 2012 at 1:17 PM, Mike Lyon<mike.lyon [at] gmail> wrote:
>>
>>> Well, I have the forward and reverse IPs matching. Don't have any MX
>>> records for that specific domain set-up because I don't have any inbound
>>> mail setup for that domain (nor do I want it).
>>>
>>
>> Set up an MX record that indicates that then.
>> http://tools.ietf.org/html/**draft-delany-nullmx-00<http://tools.ietf.org/html/draft-delany-nullmx-00>
>> It may only be draft, but I've seen it in the past in live production.
>>
>> It's an IP block that was allocated to us from ATT on a business
>>> circuit. I
>>> checked the IP addresses on MX toolbox and they come up clean
>>>
>>
>> That's a good thing.
>>
>> Would they actually refuse the connection if there were no MX records for
>>> that domain?
>>>
>>
>> If they do, then they break fallback to A records as defined in the RFC's.
>>
>> ...Todd
>>
>
> Forensics taken offline. Testing completed.
>
> Not a Google issue, nor Exim, nor DNS...
>
> Stale FW rule on port 25 was penning Mike right in hizzown tcpip stack...
> never left his own box.
>
> Nothing further to see here...
>
> ;-)
>
>
> Bill
> --
> 韓家標
>
> --
> ## List details at https://lists.exim.org/**mailman/listinfo/exim-users<https://lists.exim.org/mailman/listinfo/exim-users>
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://wiki.exim.org/
>

--
Mike Lyon
408-621-4826
mike.lyon [at] gmail

http://www.linkedin.com/in/mlyon
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

mh+exim-users at zugschlus

Jun 3, 2012, 2:26 AM

Post #7 of 10 (586 views)
Permalink

Re: Gmail and Google blocking inbound port 25? [In reply to]

On Fri, 1 Jun 2012 12:35:07 -0700, Mike Lyon <mike.lyon [at] gmail>
wrote:
>I know this isn't an exim related question but it's affecting the ability
>for my exim install to deliver email... Anyways, It appears when my exim
>install tries to deliver email to Google or Yahoo, both of them refuse the
>port 25 connection from my host. I went to another server I have in a
>different subnet and was able to telnet to port 25 at both Google and
>Yahoo. So it appears they are blocking this one subnet I have from
>connecting to them.

Are you connecting from a Dial-Up?

>How does one resolve this issue?

Use your ISPs Smarthost.

Greetings
Marc
--
-------------------------------------- !! No courtesy copies, please !! -----
Marc Haber | " Questions are the | Mailadresse im Header
Mannheim, Germany | Beginning of Wisdom " | http://www.zugschlus.de/
Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fon: *49 621 72739834

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

mh+exim-users at zugschlus

Jun 3, 2012, 2:27 AM

Post #8 of 10 (586 views)
Permalink

Re: Gmail and Google blocking inbound port 25? [In reply to]

On Fri, 1 Jun 2012 13:17:34 -0700, Mike Lyon <mike.lyon [at] gmail>
wrote:
>Would they actually refuse the connection if there were no MX records for
>that domain?

Some broken sites do that, but Google and Yahoo are not among those.
Thankfully so.

Greetings
Marc
--
-------------------------------------- !! No courtesy copies, please !! -----
Marc Haber | " Questions are the | Mailadresse im Header
Mannheim, Germany | Beginning of Wisdom " | http://www.zugschlus.de/
Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fon: *49 621 72739834

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

mh+exim-users at zugschlus

Jun 3, 2012, 2:28 AM

Post #9 of 10 (585 views)
Permalink

Re: Gmail and Google blocking inbound port 25? [In reply to]

On Fri, 1 Jun 2012 15:44:07 -0700, Mike Lyon <mike.lyon [at] gmail>
wrote:
>Mike needed more coffee today..
>
>Thank you all for your help!
>
><crawls back into cave>

Will anybody who has ever fooled itself into thinking that some remote
site was at fault while the real problem was a local misconfiguration
please raise hand?

Greetings
Marc, raising hand
--
-------------------------------------- !! No courtesy copies, please !! -----
Marc Haber | " Questions are the | Mailadresse im Header
Mannheim, Germany | Beginning of Wisdom " | http://www.zugschlus.de/
Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fon: *49 621 72739834

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

wbh at conducive

Jun 3, 2012, 3:35 AM

Post #10 of 10 (584 views)
Permalink

Re: Gmail and Google blocking inbound port 25? [In reply to]

Marc Haber wrote:
> On Fri, 1 Jun 2012 15:44:07 -0700, Mike Lyon<mike.lyon [at] gmail>
> wrote:
>> Mike needed more coffee today..
>>
>> Thank you all for your help!
>>
>> <crawls back into cave>
>
> Will anybody who has ever fooled itself into thinking that some remote
> site was at fault while the real problem was a local misconfiguration
> please raise hand?
>
> Greetings
> Marc, raising hand

..ahem.. can't 'see' that hand from here..

Editing your footer/sig into adulthood, OTOH....

Bill
--
韓家標

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Index | Next | Previous | View Threaded

Interested in having your list archived? Contact Gossamer Threads