I've never heard of those providers blocking by refusing connections, which makes me suspect it's not them doing it but someone in the path.

This is where tcptraceroute is your friend. Run "tcptraceroute mx1.hotmail.com 25" and see where the connections are actually being refused - my money is on it not being at the destination itself.

� Scott



On Thu, Mar 31, 2011 at 5:53 PM, Jodi Thomson <jodi@team.waspnet.co.nz> wrote:

Hi all

Am after some advice please.

We�ve recently taken possession of a shiny new IP block from APNIC � 118.67.192.0/21 so that we can give our current IP�s back to our �upstream.

As part of the renumbering processes we�re taking the opportunity of building a new mail server as the old one is getting a little tired.

However we�ve run into a minor snag: The IP of our new mail server mta1.waspnet.co.nz �118.67.193.2 and this being explicitly refused connection on port 25 to many of the major providers such as �Gmail, Excite and Hotmail � (In fact the entire range is but am only concerned with one at this stage)

Apr� 1 13:25:01 mta1 postfix/smtp[8807]: connect to gmail-smtp-in.l.google.com[72.14.213.27]: Connection refused (port 25)

Apr� 1 13:25:01 mta1 postfix/smtp[8807]: connect to alt1.gmail-smtp-in.l.google.com[74.125.67.27]: Connection refused (port 25)

Apr� 1 13:25:01 mta1 postfix/smtp[8807]: connect to alt2.gmail-smtp-in.l.google.com[74.125.47.27]: Connection refused (port 25)

Apr� 1 13:25:01 mta1 postfix/smtp[8807]: connect to alt3.gmail-smtp-in.l.google.com[74.125.113.27]: Connection refused (port 25)

Apr� 1 13:25:01 mta1 postfix/smtp[8807]: connect to alt4.gmail-smtp-in.l.google.com[209.85.229.27]: Connection refused (port 25)

Apr� 1 13:25:01 mta1 postfix/smtp[8808]: connect to mx2.hotmail.com[65.55.92.184]: Connection refused (port 25)

Apr� 1 13:25:01 mta1 postfix/smtp[8808]: connect to mx1.hotmail.com[65.54.188.110]: Connection refused (port 25)

Apr� 1 13:25:01 mta1 postfix/smtp[8808]: connect to mx2.hotmail.com[65.54.188.126]: Connection refused (port 25)

Apr� 1 13:25:01 mta1 postfix/smtp[8808]: connect to mx4.hotmail.com[65.54.188.110]: Connection refused (port 25)

Apr� 1 13:25:01 mta1 postfix/smtp[8808]: connect to mx3.hotmail.com[65.54.188.126]: Connection refused (port 25)

Other providers such as TCL are just timing out on the connection attempt

/var/log/maillog:Mar 29 08:27:29 mta1 postfix/smtp[28902]: connect to mx.clear.net.nz[203.97.33.212]: Connection timed out (port 25)

Telnet to port 25 produces the same results

Yahoo interestingly isn't blocking it and other a few other providers are letting us through

The frustrating thing for me is that once I got SPF & rDNS sorted we �had full connectivity to all of these on the 17th & 18th March. Then on the 19th we started to be blocked again.

I�ve filled in online forms with the big three to no avail. I've checked SORBS, Senderbase, etc and I can see no reason why we should not get through. Any suggestions/assistance as to what I can try next would be greatly appreciated.

We�re currently using it for sending team.waspnet.co.nz mail

Cheers

Jodi

PS � We also have an IPv6 block which I am waiting upstream advertisement

PPS � There will be beer J

Jodi Thomson�������

Network & Systems Engineer

Description: Wasp New Zealand

Ph������������������������� � +64-6-8355800�

Fax������������������ �������+64-6-8355811

Mob����������������������� +64-21-903712

E-Mail�� jodi@team.waspnet.co.nz

www.waspnet.co.nz


_______________________________________________
NZNOG mailing list
NZNOG@list.waikato.ac.nz
http://list.waikato.ac.nz/mailman/listinfo/nznog