Solved

Mdaemon Error reading from socket!

Posted on 2004-09-22
4
2,046 Views
Last Modified: 2010-05-18
Using Mdaemon v7.2.0 server and getting the following error:

Wed 2004-09-22 18:18:53: ----------
Wed 2004-09-22 18:18:53: Session 1181; child 8; thread 864
Wed 2004-09-22 18:18:31: Accepting SMTP connection from [xxx.xxx.xxx.xxxx : 2815]
Wed 2004-09-22 18:18:31: --> 220-fusionapps.net ESMTP MDaemon 7.2.0; Wed, 22 Sep 2004 18:18:31 -0400
Wed 2004-09-22 18:18:31: --> 220-Unauthorized relays are prohibited.
Wed 2004-09-22 18:18:31: --> 220 All transactions and IP addresses are logged.
Wed 2004-09-22 18:18:31: <-- EHLO websrv19
Wed 2004-09-22 18:18:31: --> 250-fusionapps.net Hello websrv19, pleased to meet you
Wed 2004-09-22 18:18:31: --> 250-ETRN
Wed 2004-09-22 18:18:31: --> 250-AUTH=LOGIN
Wed 2004-09-22 18:18:31: --> 250-AUTH LOGIN CRAM-MD5
Wed 2004-09-22 18:18:31: --> 250-8BITMIME
Wed 2004-09-22 18:18:31: --> 250 SIZE 0
Wed 2004-09-22 18:18:53: Error reading from socket!
Wed 2004-09-22 18:18:53: Unexpected socket closure
Wed 2004-09-22 18:18:53: SMTP session terminated (Bytes in/out: 15/298)
Wed 2004-09-22 18:18:53: ----------

From what I gather, the mail is from a web server sent through MS Exchange server, and then after that it goes through a  proxy server so I don't even know where to begin on this issue.  Awaiting more details.  Normally after the SMTP negotionation, where the socket closure is,  the sending server will provide who the email is from.  I've already eliminated reverse dns lookups and spam detection, also added the IP of what appears to be the proxy server, will know for sure in a few days.  Any ideas?
0
Comment
Question by:madasczik
  • 3
4 Comments
 
LVL 19

Expert Comment

by:RanjeetRain
ID: 12133832
Did you overlook this line by any chance?

Wed 2004-09-22 18:18:31: Accepting SMTP connection from [xxx.xxx.xxx.xxxx : 2815]

That is a straight pointer. WHy can't you do a lookup on this?
0
 
LVL 19

Expert Comment

by:RanjeetRain
ID: 12133921
Wed 2004-09-22 18:18:31: --> 220-Unauthorized relays are prohibited.
Wed 2004-09-22 18:18:31: --> 220 All transactions and IP addresses are logged.
Wed 2004-09-22 18:18:31: <-- EHLO websrv19

The intruding host is either trying to use your server as an open relay or is just trying to PING it, to see if it is alive.
0
 

Author Comment

by:madasczik
ID: 12135074
This line is the trusted IP address, this is saying the connection is at least starting.  I removed the reverse lookup b/c there's no need to make sure that the IP resolves back to a real name, and to cut down on things that could potentially cause more problems at the moment

Wed 2004-09-22 18:18:31: Accepting SMTP connection from [xxx.xxx.xxx.xxxx : 2815]

These 2 lines are just comments added to smtp negotiation, it could say anything really

Wed 2004-09-22 18:18:31: --> 220-Unauthorized relays are prohibited.
Wed 2004-09-22 18:18:31: --> 220 All transactions and IP addresses are logged.

This line is the mail server on the other end saying, hello my name is this

Wed 2004-09-22 18:18:31: <-- EHLO websrv19

These line are where the problem arises where my mail server is sending to the other server, these are the options you have to make a successful connection with me

Wed 2004-09-22 18:18:31: --> 250-ETRN
Wed 2004-09-22 18:18:31: --> 250-AUTH=LOGIN
Wed 2004-09-22 18:18:31: --> 250-AUTH LOGIN CRAM-MD5
Wed 2004-09-22 18:18:31: --> 250-8BITMIME
Wed 2004-09-22 18:18:31: --> 250 SIZE 0

After these lines, the other side is supposed to pick one of those options above and start transfering stuff my way.  The first line returned back would be who the email is from and to.  Any ideas why the connection fails at this point.  Dealing with exchange server through a proxy, both of which I have real control over.  I can put in a request to change something, but what?
0
 
LVL 19

Accepted Solution

by:
RanjeetRain earned 500 total points
ID: 12137691
Try telneting to your mail server and see if it goes ahead with the transaction. If it does, you know that the problem is at the other end.
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

Are you having trouble connecting or getting your iPhone / Samsung device(s) to sync with Microsoft Exchange Server?   What have you tried?   What haven't you tried?
This article covers general Notes 8.5 troubleshooting information including recreating the Notes\Data folder.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now