Somewhat OT email addresses

Mailing List

Home

Forum Home

Linux - General Red Hat Linux discussion list

Installation - Getting started with Red Hat Linux

Enterprise Linux 3 - Discussion of Red Hat Enterprise Linux 3 (Taroon)

Red Hat Linux 9 - Discussion of Red Hat Linux 9 (Shrike)

Red Hat Linux 7.3 - Discussion of Red Hat Linux 7.3 (Valhalla)

Red Hat Linux 7.2 - Discussion of Red Hat Linux 7.2 (Enigma)

Apache Web Server

Oracle database, Microsoft SQL server ...

Subjects

•	application/x mplayer2 plugin
•	RPM error: db4 error(16) from dbenv >remove: Device or resource busy
•	Command stream end of file while reading
•	X Windows problem (xauth)
•	Upgrading openoffice 1 1 rpm
•	FTP: connection refused
•	FTP: connection refused
•	mount: /dev/cdrom: is not a valid block device
•	Dell Precision 650, RedHat 9, no sound
•	how to trace the cause resulting in the crash of bind server
•	Virus on the list
•	UNINSTALL RPM MYSQL
•	usb pen drives: mounting as a user
•	broadcom network interface
•	make mrproper
•	sendmail configuration on redhat
•	Couldn 't open PID file /var/run/named/named pid Permission denied
•	Promise 378 controller
•	kernel 2 6 and /dev/sound/mixer not found
•	Problem using up2date
•	mrtg step by step howto/configuration for a newbie?
•	Compiling and Installing Kernel 2 6
•	Can 't locate module ppp0, can 't locate module ppp compress 21
•	HOW I CAN MAKE BOOTABLE FLOPPY DISKET
•	Lotus Notes under Wine
•	/etc/security/limits conf question
•	Intel E/1000 driver
•	Command stream end of file while reading
•	rpm database corrupt
•	qla2300 modules

Somewhat OT email addresses

Somewhat OT email addresses

2006-02-17 - By Rick Stevens

Back

Reply: << 11 12 13 14

On Fri, 2006-02-17 at 13:23 +1100, Graeme Nichols wrote:
> Rick Stevens wrote:
> > On Thu, 2006-02-16 at 12:19 -0500, Jeff Kinz wrote:
> >
> >>On Thu, Feb 16, 2006 at 01:29:32PM +1100, Graeme Nichols wrote:
> >>
> >>>Hello Folks,
> >>>
> >>>I know this is somewhat OT but I was wondering if it is possible to send
> >>>an email with an address in the following format; username@[IP address]
> >>>
> >>>I have been fiddling around because a person with whom I was writing to
> >>>has suddenly become unknown, possibly because of DNS failure, I'm not
> >>>sure, and the mail is returned undeliverable as the domain is unknown.
> >>>They are having the same problem sending mail to me.
> >>>
> >>>I did a ping on my ISP's SMTP mail server and while there was a 100%
> >>>failure rate on the packets, most probably due to some firewall setting,
> >>>I was given the IP address, in this case, 203.12.160.34
> >>>
> >>>I sent a test email to name@(protected) but it bounced with the
> >>>following error;
> >>
> >>
> >>
> >>Graeme, I see one issue here that you would need to fix, assuming you
> >>are trying to send am email to someone other than yourself.
> >>
> >>You need to enter the IP address of their domain (or their domain's SMTP
> >>server), not the IP of your ISP's SMTP server.
> >
> >
> > Graeme, Jeff's right. You can't send mail to YOUR SMTP server and
> > expect it to go out.
>
> Hi Rick, yes, I can understand that now.
> >
> > If sending mail to "yourfriend@(protected)" doesn't work, you're
> > probably having an issue with DNS. A quick test is if you can surf the
> > web on your machine. If not, then you definitely have a DNS issue.
> > This can be caused by several factors: you haven't configured the DNS
> > on your machine properly (this is the "/etc/resolv.conf" file), or you
> > have DNS blocked by a firewall somewhere (either via iptables on your
> > machine or by the firewall on your router or modem...possibly both).
> >
> > Your /etc/resolv.conf file should contain AT A MINIMUM, one line:
> >
> > nameserver ip-address-of-your-ISP's-DNS-server
> >
> > For example:
> >
> > nameserver 64.7.192.162
> >
> > Ideally, you'd have two or three lines, one for each of your ISP's DNS
> > servers:
> >
> > nameserver 64.7.192.162
> > nameserver 64.7.192.163
>
> My /etc/resolv.conf only had their primary DNS so I added the second
> line containing their secondary DNS.
> >
> > If you don't know your ISP's DNS server addresses, ask them for them.
> > If you still can't get them, use the lines above. They're for our
> > DNS servers and I don't mind if you use them. Being the wonderful human
> > being I am, I won't even charge you for their use! :-)
>
> Ohhh... thank you Rick. Your blood is worth bottling you know. :-)

(Hic! It is in bottles!) :-)

> >
> > Next, you have to check your firewall settings. On your local machine,
> > use "iptables -L -n". You MUST permit TCP and UDP connections to port
> > 53 on your machine for DNS to work. Appropriate lines to add to your
> > /etc/sysconfig/iptables file are:
> >
> > -A INPUT -p tcp -m tcp --dport 53 -j ACCEPT
> > -A INPUT -p tcp -m tcp --sport 53 -j ACCEPT
> > -A INPUT -p udp -m udp --dport 53 -j ACCEPT
> > -A INPUT -p udp -m udp --sport 53 -j ACCEPT
>
> My /etc/sysconfig/iptables file contains the following:-
>
> [graeme@(protected) ~]$ sudo /sbin/iptables -L -n
> Chain FORWARD (policy ACCEPT)
> target prot opt source destination
> RH-Firewall-1 (See http://all-1.ora-code.com)-INPUT all -- 0.0.0.0/0 0.0.0.0/0
>
> Chain INPUT (policy ACCEPT)
> target prot opt source destination
> RH-Firewall-1 (See http://all-1.ora-code.com)-INPUT all -- 0.0.0.0/0 0.0.0.0/0
>
> Chain OUTPUT (policy ACCEPT)
> target prot opt source destination
>
> Chain RH-Firewall-1 (See http://all-1.ora-code.com)-INPUT (2 references)
> target prot opt source destination
> ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
> ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 255
> ACCEPT esp -- 0.0.0.0/0 0.0.0.0/0
> ACCEPT ah -- 0.0.0.0/0 0.0.0.0/0
> ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state
> RELATED,ESTABLISHED
> ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW
> tcp dpt:22
> REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with
> icmp-host-prohibited
> You have new mail in /var/spool/mail/graeme
> [graeme@(protected) ~]$
>
> While I haven't expressly allowed your above it appears that I have
> covered it in the ALL or am I having myself on? I used the graphical
> interface and selected the highest security when I set up my firewall.
> So far I don't seem to have had a problem but that may be good luck
> rather than good management.

Well, it's covered in the 'state RELATED, ESTABLISHED" rule. When you
make a DNS query (allowed by the OUTPUT chain), replies will be tagged
as "ESTABLISHED" by the INPUT chain and allowed.

> Would you suggest that I add your suggestion directly into the file as
> you have written them? IPtables is a black art to me :-)

No, you're fine.

> > Also check the firewall on your router or cable/DSL modem and verify
> > they allow incoming and outgoing TCP and UDP messages using port 53.
>
> Again, my router has the following set:-
>
> Telnet Telnet traffic is blocked from the WAN to the LAN
> FTP FTP traffic is blocked from the WAN to the LAN
> TFTP TFTP traffic is blocked from the WAN to the LAN
> Web Web traffic is blocked from the WAN to the LAN
> SNMP SNMP traffic is blocked from the WAN
> Ping Ping traffic is blocked from the WAN
>
> That is all I can set up in my router, a Billion ADSL Router Switch
> 5100. I guess that everything that is not blocked above is allowed.

No, you're OK. If you can browse the web, DNS is working.

> Thanks for the help Rick. Its much appreciated. And thanks to Jeff,
> Brett and Martin as well for their assistance, all of which is appreciated.

I'm sure we're all glad to help. I am, at least.
-- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- --
- Rick Stevens, Senior Systems Engineer rstevens@(protected) -
- VitalStream, Inc. http://www.vitalstream.com -
- -
- "Yeah, but you're taking the universe out of context." -
-- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- --

__ ____ ____ ____ ____ ____ ____ ____ ____ ____
Redhat-install-list mailing list
Redhat-install-list@(protected)
https://www.redhat.com/mailman/listinfo/redhat-install-list
To Unsubscribe Go To ABOVE URL or send a message to:
redhat-install-list-request@(protected)
Subject: unsubscribe