Marco Moock <mm+
usenet-es@dorfdsl.de> writes:
On 18.10.2024 um 11:03 Uhr Lesley Esen wrote:
>
Subject: outgoing tcp port 25 blocked? how to prove it?
>
Use traceroute -T -p 25 <target>
Check where the last reply comes from.
>
You can test with srv1.dorfdsl.de, this should reply in all cases.
FreeBSD's traceroute doesn't have the -T option. So I don't know
informative this will be. (I'm just learning about the -T and -p
options. It seems very interesting and I don't know yet how it works.)
I cannot reach srv1.dorfdsl.de.
--8<-------------------------------------------------------->8---
%telnet srv1.dorfdsl.de 25
Trying 82.139.196.13...
telnet: connect to address 82.139.196.13: Operation timed out
Trying 2a01:170:118f:3::22...
telnet: connect to address 2a01:170:118f:3::22: No route to host
telnet: Unable to connect to remote host
%
--8<-------------------------------------------------------->8---
BTW, I don't know why modern telnet always tries an IPv6 in such cases.
(*) The traceroute to srv1.dorfdsl.de
--8<-------------------------------------------------------->8---
%traceroute -p 25 srv1.dorfdsl.de
traceroute to srv1.dorfdsl.de (82.139.196.13), 64 hops max, 40 byte packets
1 * * *
2 240.0.228.67 (240.0.228.67) 0.272 ms
240.0.228.64 (240.0.228.64) 0.254 ms
240.0.228.65 (240.0.228.65) 0.246 ms
3 242.2.120.71 (242.2.120.71) 0.856 ms 1.913 ms
242.2.120.195 (242.2.120.195) 1.009 ms
4 240.3.180.10 (240.3.180.10) 0.880 ms
240.3.180.11 (240.3.180.11) 0.935 ms
240.3.180.9 (240.3.180.9) 1.526 ms
5 242.10.82.177 (242.10.82.177) 1.471 ms
242.10.90.183 (242.10.90.183) 2.239 ms
242.2.213.197 (242.2.213.197) 1.199 ms
6 38.32.206.149 (38.32.206.149) 0.604 ms
100.100.4.78 (100.100.4.78) 1.399 ms
204.68.252.113 (204.68.252.113) 1.151 ms
7 * * *
8 be3083.ccr41.dca01.atlas.cogentco.com (154.54.30.53) 56.042 ms
be3084.ccr42.dca01.atlas.cogentco.com (154.54.30.65) 2.441 ms
port-channel5392.ccr92.dca04.atlas.cogentco.com (154.54.40.49) 1.736 ms
9 port-channel5042.ccr92.dca04.atlas.cogentco.com (154.54.162.221) 360.473 ms
port-channel5927.ccr92.dca04.atlas.cogentco.com (154.54.163.101) 1.882 ms
port-channel5042.ccr92.dca04.atlas.cogentco.com (154.54.162.221) 371.716 ms
10 be4188.ccr42.jfk02.atlas.cogentco.com (154.54.30.122) 58.424 ms
be2317.ccr41.lon13.atlas.cogentco.com (154.54.30.186) 72.891 ms
be2490.ccr42.lon13.atlas.cogentco.com (154.54.42.86) 72.750 ms
11 be2490.ccr42.lon13.atlas.cogentco.com (154.54.42.86) 72.794 ms 74.469 ms
be12194.ccr41.ams03.atlas.cogentco.com (154.54.56.94) 86.506 ms
12 be12488.ccr42.ams03.atlas.cogentco.com (130.117.51.42) 131.634 ms
be3874.rcr21.dus01.atlas.cogentco.com (154.54.62.229) 89.546 ms
be12488.ccr42.ams03.atlas.cogentco.com (130.117.51.42) 88.654 ms
13 be3488.ccr42.lon13.atlas.cogentco.com (154.54.60.13) 92.094 ms
be3875.rcr21.dus01.atlas.cogentco.com (154.54.73.25) 90.017 ms
be3488.ccr42.lon13.atlas.cogentco.com (154.54.60.13) 92.073 ms
14 r0-36.00.3bw.tal.de (78.41.51.246) 90.619 ms 90.477 ms 90.669 ms
15 r4-68.bw.tal.de (78.41.51.91) 89.592 ms
be3875.rcr21.dus01.atlas.cogentco.com (154.54.73.25) 91.501 ms
r4-68.bw.tal.de (78.41.51.91) 87.113 ms
16 r1-3.bf.tal.de (78.41.51.133) 87.305 ms
r4-68.bw.tal.de (78.41.51.91) 92.873 ms
r1-3.bf.tal.de (78.41.51.133) 87.977 ms
17 srv1.dorfdsl.de (82.139.196.13) 112.620 ms * 97.974 ms
%
--8<-------------------------------------------------------->8---
(*) Now from a host that is not blocked at all
A telnet session first.
--8<-------------------------------------------------------->8---
%telnet srv1.dorfdsl.de 25
Trying 2a01:170:118f:3::22...
Connected to srv1.dorfdsl.de.
Escape character is '^]'.
220 srv1.dorfdsl.de ESMTP Sendmail 8.17.1.9/8.17.1.9/Debian-2+deb12u2; Fri, 18 Oct 2024 19:37:36 +0200; (No UCE/UBE) logging access from: kontesti.me(OK)-kontesti.me [IPv6:2600:3c03:0:0:f03c:91ff:fe96:40c1]
quit
221 2.0.0 srv1.dorfdsl.de closing connection
Connection closed by foreign host.
%
--8<-------------------------------------------------------->8---
Now the traceroute. Looking at the traceroute, I can't tell the
difference between this host and the blocked-FreeBSD one. Can you
clarify that a little? Thanks!
--8<-------------------------------------------------------->8---
%sudo traceroute -T -p 25 srv1.dorfdsl.de
[sudo] password for dbastos:
traceroute to srv1.dorfdsl.de (82.139.196.13), 30 hops max, 60 byte packets
1 10.206.9.32 (10.206.9.32) 0.072 ms 0.075 ms 0.068 ms
2 10.206.35.101 (10.206.35.101) 0.211 ms 0.214 ms 10.206.35.102 (10.206.35.102) 0.226 ms
3 10.206.32.1 (10.206.32.1) 3.712 ms 3.718 ms 3.714 ms
4 lo0-0.gw1.cjj1.us.linode.com (173.255.239.101) 0.499 ms 0.377 ms 0.334 ms
5 ae37.r02.lga01.ien.netarch.akamai.com (23.203.156.50) 1.580 ms ae31.r01.lga01.ien.netarch.akamai.com (23.203.156.16) 1.612 ms ae30.r02.ewr01.ien.netarch.akamai.com (23.203.154.42) 0.922 ms
6 * nyk-b17-link.ip.twelve99.net (62.115.171.40) 2.001 ms 2.282 ms
7 * * *
8 ldn-bb2-link.ip.twelve99.net (62.115.139.247) 71.638 ms 71.720 ms *
9 ldn-b3-link.ip.twelve99.net (62.115.122.181) 72.927 ms ldn-b3-link.ip.twelve99.net (62.115.120.75) 70.386 ms 70.375 ms
10 interlinkgmbh-ic-381329.ip.twelve99-cust.net (62.115.154.161) 69.886 ms 71.229 ms 70.610 ms
11 * * *
12 * * *
13 * * *
14 * * *
15 * * *
16 r4-fra1-de.as5405.net (94.103.180.7) 86.291 ms 86.283 ms 87.435 ms
17 cust-syseleven.fra1-de.as5405.net (45.153.82.5) 111.473 ms 111.469 ms 111.466 ms
18 r2-2.3bf.tal.de (78.41.51.242) 92.897 ms 92.305 ms 92.885 ms
19 * * *
20 srv1.dorfdsl.de (82.139.196.13) 114.786 ms 114.442 ms r4-fra1-de.as5405.net (94.103.180.7) 101.827 ms
--8<-------------------------------------------------------->8---
outgoing tcp port 25 blocked? how to prove it?
Re: outgoing tcp port 25 blocked? how to prove it?