Tal, run a sniffer on both client and the server. There is a win32 port for ethereal . Dani
On Fri, 18 Jan 2002, Tzafrir Cohen wrote: > On Thu, 17 Jan 2002, Tal Amir wrote: > > > On Fri, 18 Jan 2002, guy keren wrote: > > > > > Date: Fri, 18 Jan 2002 02:07:46 +0200 (EET) > > > From: guy keren <[EMAIL PROTECTED]> > > > To: Tal Amir <[EMAIL PROTECTED]> > > > Cc: Tzafrir Cohen <[EMAIL PROTECTED]>, > > > the linux-il mailing list <[EMAIL PROTECTED]> > > > Subject: Re: access problem > > > > > > On Thu, 17 Jan 2002, Tal Amir wrote: > > > > > > > > telnet your-server 110 > > > > > > > > > > If and when a (tcp) connection is established, try writing the following: > > > > > > > > > > USER username > > > > > PASS topsecretpasswordinplaintext > > > > > QUIT > > > > > > > > telnet to port's 110 and 25 works. only mail clients cant get to > > > > authonticate. this is the most wierd part (?!) > > > > > > telnet - ok. but did you try doing the rest of what tzafrir suggested - > > > i.e. actually emulating an email client over this connection? please > > > answer with 'yes, and it worked, and i managed to login to port 110 after > > > supplying a valid user and password', or say 'yes, i tried, but it failed > > > with this and that error message', or say 'no, i didn't try, i will try > > > now'. > > > > thanks for the options..what would i do without you ? ;) > > telnet to port 110 works and authonticates (25 as well) > > with a client - nothing. > > so this is not a closed port\service problem. > > > > > > > > > > > there ARE NO internal interfaces. > > > > 1 interface (eth0) with 1 real ip. this machine is in a dmz, and the > > > > firewall translates everything to it. this is why its accesible from both > > > > internal and external locations, and vice versa (it can access NAT > > > > addresses). > > How exactly can it access NAT addresses if it is outside the NAT? How are > packets from the server to NAT clients routed? > > > right, but there is a minimal sence of logic in what you try. > > and yes - netstat shows the connection ONLY if i try to connect directly > > to the port via telnet. > > it shows nothing when accessing with a client. > > Note that a sniffer (like tcpdump) may be able to give you more > information. Is it possible that the connections of the mail clients are > started, but don't get passed the hand-shaking? > > Netstat won't show you this (it only shows established connections and > outgoin connections) but tcpdump will show you the packets of this failed > attempt. > > > > > > > > > > > Use netstat -ln --tcp and see if any service listens on an address that is > > > > > not 0.0.0.0 (=all interfaces). > > > > > > that's what tzafrir said - i keep the quote in case you lost the former > > > message. > > > > > > > > * Do packets from the clients get to the server? > > > > > Use tcpdump or any other sniffer. This could be a DNS problem or a routing > > > > > problem. > > > > > > > > no routing problem. as i said, i can ping it from the internal LAN. > > > > also from outside. > > > > this is not the problem. > > > > > > > correct, but it tells you if there is some kind of a block (route, > > firewall or whatever) between you and that machine. > > if you cant ping it, there is not much change that anything else will get > > there. > > > > Please re-read the following: > > > > > > did you check what tzafrir suggested? he didn't say its a routing problem, > > > or anything else. pings does not tell you much, other then the fact that > > > ping works. it doesn't tell you if other protocols have any problems. > > Have you totally eliminated DNS issues? Do Is the mail client configured > with an IP address? > > > > > > > > > > > * Have you looked at the logs? Any connection attempts logged? > > > > > > > > > another thing i forgot to mention : syslogd is running but not logging > > > > anything. the last log entry is at the same date when the hard reset > > > > acourd. i dont think that there is a connection, but go figure.. > > > > > > i would suggest you try to solve this problem - having working logs is a > > > good start to finding what's wrong, in case the imap server or pop server > > > or any other server is trying to log anything. > > > > > > chekc that you havea /etc/syslogd.conf file, and that it is properly > > > configured (i know "i haven't changed anything" - but when nothing realy > > > changes, things keep on working. if they don't - something was changed, > > > regardless of how it was changed - by manual editing, by file (system) > > > corruption, or anything else. > > And if this fails, stop sysklogd, and run 'syslogd -d' (see syslogd (8)) > > -- > Tzafrir Cohen /"\ > mailto:[EMAIL PROTECTED] \ / ASCII Ribbon Campaign > Taub 229, 972-4-829-3942, X Against HTML Mail > http://www.technion.ac.il/~tzafrir / \ > > > ================================================================= > To unsubscribe, send mail to [EMAIL PROTECTED] with > the word "unsubscribe" in the message body, e.g., run the command > echo unsubscribe | mail [EMAIL PROTECTED] > ================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
