Re: outgoing tcp port 25 blocked? how to prove it?

Liste des GroupesRevenir à c misc 
Sujet : Re: outgoing tcp port 25 blocked? how to prove it?
De : lesen (at) *nospam* wimezu.com (Lesley Esen)
Groupes : comp.misc
Date : 18. Oct 2024, 19:03:00
Autres entêtes
Organisation : A noiseless patient Spider
Message-ID : <87jze51e7f.fsf@wimezu.com>
References : 1 2 3
Lesley Esen <lesen@wimezu.com> writes:

Marco Moock <mm+usenet-es@dorfdsl.de> writes:
>
On 18.10.2024 um 11:03 Uhr Lesley Esen wrote:
>
Subject: outgoing tcp port 25 blocked? how to prove it?
>
Use traceroute -T -p 25 <target>
Check where the last reply comes from.
>
You can test with srv1.dorfdsl.de, this should reply in all cases.
>
FreeBSD's traceroute doesn't have the -T option.  So I don't know
informative this will be.  (I'm just learning about the -T and -p
options.  It seems very interesting and I don't know yet how it
works.)

I installed tcptraceroute on FreeBSD.  Here's the output.  I'm puzzled
as to the result.  It seems to reach srv1.dorfdsl.de (82.139.196.13) at
hop 16, but it continues on without getting any answer from who knows
what until it gives up.  (Let me know if you'd like to see the reverse
DNS of each hop.)

%sudo tcptraceroute -n -p 25 srv1.dorfdsl.de
Selected device ena0, address 172.26.5.226, port 25 for outgoing packets
Tracing the path to srv1.dorfdsl.de (82.139.196.13) on TCP port 80 (http), 30 hops max
 1  * * *
 2  240.0.228.66  0.261 ms  0.212 ms  0.336 ms
 3  242.2.121.195  1.631 ms  0.556 ms  11.656 ms
 4  240.3.184.11  1.429 ms  1.416 ms  1.431 ms
 5  242.10.90.51  8.191 ms  1.416 ms  1.214 ms
 6  204.68.252.113  1.128 ms  1.145 ms  1.116 ms
 7  * * *
 8  154.54.40.49  1.571 ms  1.543 ms  1.556 ms
 9  154.54.30.42  6.534 ms  6.779 ms  6.718 ms
10  154.54.30.186  72.423 ms  72.448 ms  72.587 ms
11  154.54.56.94  86.317 ms  86.475 ms  86.257 ms
12  154.54.62.229  89.603 ms  89.564 ms  89.571 ms
13  78.41.51.246  90.505 ms  90.580 ms  90.739 ms
14  78.41.51.91  87.700 ms  87.002 ms  86.761 ms
15  78.41.51.133  87.272 ms  87.397 ms  87.344 ms
16  82.139.196.13  129.743 ms  102.913 ms  101.489 ms
17  * * *
18  * * *
19  * * *
20  * * *
21  * * *
22  * * *
23  * * *
24  * * *
25  * * *
26  * * *
27  * * *
28  * * *
29  * * *
30  * * *
Destination not reached
%

I cannot reach srv1.dorfdsl.de.
>
--8<-------------------------------------------------------->8---
%telnet srv1.dorfdsl.de 25
Trying 82.139.196.13...
telnet: connect to address 82.139.196.13: Operation timed out
Trying 2a01:170:118f:3::22...
telnet: connect to address 2a01:170:118f:3::22: No route to host
telnet: Unable to connect to remote host
%
--8<-------------------------------------------------------->8---
>
BTW, I don't know why modern telnet always tries an IPv6 in such cases.
>
(*) The traceroute to srv1.dorfdsl.de
>
--8<-------------------------------------------------------->8---
%traceroute -p 25 srv1.dorfdsl.de
traceroute to srv1.dorfdsl.de (82.139.196.13), 64 hops max, 40 byte packets
 1  * * *
 2  240.0.228.67 (240.0.228.67)  0.272 ms
    240.0.228.64 (240.0.228.64)  0.254 ms
    240.0.228.65 (240.0.228.65)  0.246 ms
 3  242.2.120.71 (242.2.120.71)  0.856 ms  1.913 ms
    242.2.120.195 (242.2.120.195)  1.009 ms
 4  240.3.180.10 (240.3.180.10)  0.880 ms
    240.3.180.11 (240.3.180.11)  0.935 ms
    240.3.180.9 (240.3.180.9)  1.526 ms
 5  242.10.82.177 (242.10.82.177)  1.471 ms
    242.10.90.183 (242.10.90.183)  2.239 ms
    242.2.213.197 (242.2.213.197)  1.199 ms
 6  38.32.206.149 (38.32.206.149)  0.604 ms
    100.100.4.78 (100.100.4.78)  1.399 ms
    204.68.252.113 (204.68.252.113)  1.151 ms
 7  * * *
 8  be3083.ccr41.dca01.atlas.cogentco.com (154.54.30.53)  56.042 ms
    be3084.ccr42.dca01.atlas.cogentco.com (154.54.30.65)  2.441 ms
    port-channel5392.ccr92.dca04.atlas.cogentco.com (154.54.40.49)  1.736 ms
 9  port-channel5042.ccr92.dca04.atlas.cogentco.com (154.54.162.221)  360.473 ms
    port-channel5927.ccr92.dca04.atlas.cogentco.com (154.54.163.101)  1.882 ms
    port-channel5042.ccr92.dca04.atlas.cogentco.com (154.54.162.221)  371.716 ms
10  be4188.ccr42.jfk02.atlas.cogentco.com (154.54.30.122)  58.424 ms
    be2317.ccr41.lon13.atlas.cogentco.com (154.54.30.186)  72.891 ms
    be2490.ccr42.lon13.atlas.cogentco.com (154.54.42.86)  72.750 ms
11  be2490.ccr42.lon13.atlas.cogentco.com (154.54.42.86)  72.794 ms  74.469 ms
    be12194.ccr41.ams03.atlas.cogentco.com (154.54.56.94)  86.506 ms
12  be12488.ccr42.ams03.atlas.cogentco.com (130.117.51.42)  131.634 ms
    be3874.rcr21.dus01.atlas.cogentco.com (154.54.62.229)  89.546 ms
    be12488.ccr42.ams03.atlas.cogentco.com (130.117.51.42)  88.654 ms
13  be3488.ccr42.lon13.atlas.cogentco.com (154.54.60.13)  92.094 ms
    be3875.rcr21.dus01.atlas.cogentco.com (154.54.73.25)  90.017 ms
    be3488.ccr42.lon13.atlas.cogentco.com (154.54.60.13)  92.073 ms
14  r0-36.00.3bw.tal.de (78.41.51.246)  90.619 ms  90.477 ms  90.669 ms
15  r4-68.bw.tal.de (78.41.51.91)  89.592 ms
    be3875.rcr21.dus01.atlas.cogentco.com (154.54.73.25)  91.501 ms
    r4-68.bw.tal.de (78.41.51.91)  87.113 ms
16  r1-3.bf.tal.de (78.41.51.133)  87.305 ms
    r4-68.bw.tal.de (78.41.51.91)  92.873 ms
    r1-3.bf.tal.de (78.41.51.133)  87.977 ms
17  srv1.dorfdsl.de (82.139.196.13)  112.620 ms *  97.974 ms
%
--8<-------------------------------------------------------->8---
>
(*) Now from a host that is not blocked at all
>
A telnet session first.
>
--8<-------------------------------------------------------->8---
%telnet srv1.dorfdsl.de 25
Trying 2a01:170:118f:3::22...
Connected to srv1.dorfdsl.de.
Escape character is '^]'.
220 srv1.dorfdsl.de ESMTP Sendmail 8.17.1.9/8.17.1.9/Debian-2+deb12u2; Fri, 18 Oct 2024 19:37:36 +0200; (No UCE/UBE) logging access from: kontesti.me(OK)-kontesti.me [IPv6:2600:3c03:0:0:f03c:91ff:fe96:40c1]
quit
221 2.0.0 srv1.dorfdsl.de closing connection
Connection closed by foreign host.
%
--8<-------------------------------------------------------->8---
>
Now the traceroute.  Looking at the traceroute, I can't tell the
difference between this host and the blocked-FreeBSD one.  Can you
clarify that a little?  Thanks!
>
--8<-------------------------------------------------------->8---
%sudo traceroute -T -p 25 srv1.dorfdsl.de
[sudo] password for dbastos:
traceroute to srv1.dorfdsl.de (82.139.196.13), 30 hops max, 60 byte packets
 1  10.206.9.32 (10.206.9.32)  0.072 ms  0.075 ms  0.068 ms
 2  10.206.35.101 (10.206.35.101)  0.211 ms  0.214 ms 10.206.35.102 (10.206.35.102)  0.226 ms
 3  10.206.32.1 (10.206.32.1)  3.712 ms  3.718 ms  3.714 ms
 4  lo0-0.gw1.cjj1.us.linode.com (173.255.239.101)  0.499 ms  0.377 ms  0.334 ms
 5  ae37.r02.lga01.ien.netarch.akamai.com (23.203.156.50)  1.580 ms ae31.r01.lga01.ien.netarch.akamai.com (23.203.156.16)  1.612 ms ae30.r02.ewr01.ien.netarch.akamai.com (23.203.154.42)  0.922 ms
 6  * nyk-b17-link.ip.twelve99.net (62.115.171.40)  2.001 ms  2.282 ms
 7  * * *
 8  ldn-bb2-link.ip.twelve99.net (62.115.139.247)  71.638 ms  71.720 ms *
 9  ldn-b3-link.ip.twelve99.net (62.115.122.181)  72.927 ms ldn-b3-link.ip.twelve99.net (62.115.120.75)  70.386 ms  70.375 ms
10  interlinkgmbh-ic-381329.ip.twelve99-cust.net (62.115.154.161)  69.886 ms  71.229 ms  70.610 ms
11  * * *
12  * * *
13  * * *
14  * * *
15  * * *
16  r4-fra1-de.as5405.net (94.103.180.7)  86.291 ms  86.283 ms  87.435 ms
17  cust-syseleven.fra1-de.as5405.net (45.153.82.5)  111.473 ms  111.469 ms  111.466 ms
18  r2-2.3bf.tal.de (78.41.51.242)  92.897 ms  92.305 ms  92.885 ms
19  * * *
20  srv1.dorfdsl.de (82.139.196.13)  114.786 ms  114.442 ms r4-fra1-de.as5405.net (94.103.180.7)  101.827 ms
--8<-------------------------------------------------------->8---

Date Sujet#  Auteur
18 Oct 24 * outgoing tcp port 25 blocked? how to prove it?9Lesley Esen
18 Oct 24 `* Re: outgoing tcp port 25 blocked? how to prove it?8Marco Moock
18 Oct 24  `* Re: outgoing tcp port 25 blocked? how to prove it?7Lesley Esen
18 Oct 24   +* Re: outgoing tcp port 25 blocked? how to prove it?5Lesley Esen
18 Oct 24   i`* Re: outgoing tcp port 25 blocked? how to prove it?4Marco Moock
18 Oct 24   i `* Re: outgoing tcp port 25 blocked? how to prove it?3Lesley Esen
19 Oct 24   i  `* Re: outgoing tcp port 25 blocked? how to prove it?2Scott Dorsey
19 Oct 24   i   `- Re: outgoing tcp port 25 blocked? how to prove it?1Lesley Esen
19 Oct 24   `- Re: outgoing tcp port 25 blocked? how to prove it?1Scott Dorsey

Haut de la page

Les messages affichés proviennent d'usenet.

NewsPortal