• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2834
  • Last Modified:

My sendmail can send to everyone except 1 external domain...

I've done a LOT of work on my mail server to ensure that the 6 domain names hosted on this server can receive and send correctly. It is almost perfect. I can't get confirmation that my mail server is modifying the sender address via the genericstable yet... but so far everything is ok.

Except for intermedia.net. We use AdvancePro from AdvanceWare.net. I am trying to email their support, but they use intermedia.net to host their email. EVERY address i try to email@advanceware.net bounces back with the following: "relay=smtp.intermedia.net. [207.5.72.110], dsn=4.0.0, stat=Deferred: 421 4.7.0 exmf-1.intermedia.net Error: too many errors"

To my dismay, though I can turn LOG_LEVEL to 15 and see the individual commands that occur when an INCOMING connection is made, I can't get the OUTGOING connections to be shown to help me figure out what needs to be fixed!? All I get is: "SMTP outgoing connect on mail.masondrywall.com" and then the error mentioned above. I even tried LOG_LEVEL as 98. Nope. Even after full make and restart of sendmail I get lots of useless information but still no outgoing smtp commands/responses.

How can I debug this? What LOG_LEVEL should I use? No, I do not have any other problems sending to any other domains. And yes, it is plugged in. =)
divert(-1)dnl
dnl # * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
dnl # Author: My Name Here
dnl # File: sendmail.mc for mail.mylocal.local
dnl # Change Log:
dnl #  Who                  When              What
dnl # -------------------- ----------------- ------------------------------------------------------------------
dnl #  My Name Here        Oct 13, 2008      Configuration based on PracticalSendmail.pdf
dnl #  My Name Here        Oct 14, 2008      Configuring masquerades - Userbased
dnl #  My Name Here        Oct 28, 2008      Configuring RBLs - too restrictive
dnl #                                         Also brought down logs - server is running fine.
dnl #  My Name Here        Feb 20, 2009      Logs not reporting the genericstable as working.
dnl #
dnl # REFERENCE: http://eduunix.jlbtc.edu.cn/index/html/mail/O%27Reilly%20-%20SendMail%20Cookbook/0596004710_toc.html
dnl # (Look for O'Reilly - Sendmail Cookbook)
dnl #
dnl # * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
dnl
include(`/usr/share/sendmail-cf/m4/cf.m4')dnl
VERSIONID(`$Id: sendmail.mc, version 0.00 00/00/0000 00:00:00 JAM Exp $')dnl
OSTYPE(`linux')dnl
dnl
dnl
dnl # Don't masquerade the root user so we know root@host.localdomain....
EXPOSED_USER(root)dnl
dnl
dnl # Disable some default features that aren't needed
undefine(`UUCP_RELAY')dnl
undefine(`BITNET_RELAY')dnl
undefine(`DECNET_RELAY')dnl
undefine(`FAX_RELAY')dnl
dnl
dnl
define(`contDOMAIN_NAME',`mail.mydomain1.com')dnl # the server's reported domain name
dnl #####LOG LEVEL NOTES:
dnl # 0 Log a limited number of severe problems, such as failing to find the system's hostname or qualified domain name.
dnl # 1 Log serious system failures using syslog crit and alert levels.
dnl # 2 Log networking failures at crit level
dnl # 3 Log connection timeouts, malformed addresses, and forward and include errors using notice and error syslog levels.
dnl # 4 Log connection rejections, bad qf filenames, and outdated aliases databases using info and notice levels.
dnl # 5 Log envelope cloning, and log an entry for each message received. These log entries are made at the syslog info level.
dnl # 6 Log a record of each message returned to the original sender, and log incoming SMTP VRFY, EXPN, and ETRN commands using the info level
dnl # 7 Log delivery failures at the info level.
dnl # 8 Log successful deliveries and alias database rebuilds at the syslog notice level.
dnl # 9 Log mail deferred because of lack of system resources at the info level.
dnl # 10 Log inbound SMTP connections and MILTER connects and replies. Log each database lookup. Log AUTH and STARTTLS errors. All of these messages are logged at info level. Also log TLS errors at syslog warning level.
dnl # 11 Log end of processing, and log NIS errors. Log both types of messages at info level.
dnl # 12 Log outbound SMTP connections at info level.
dnl # 13 Log questionable file security, such as world-writable files and bad user shells.
dnl # 14 Log connection refusals. Log additional STARTTLS information. Log both types of messages at info level.
dnl # 15 Log all incoming SMTP commands at info level.
dnl # 16-98 Log debugging information at debug level. for code developers.
dnl ##########
define(`confLOG_LEVEL', `15')dnl # default is 9
define(`confDEF_USER_ID',``8:12'')dnl
define(`confTO_IDENT', `0')dnl
define(`confTO_CONNECT', `1m')dnl
define(`confTRY_NULL_MX_LIST',true)dnl
define(`confSINGLE_LINE_FROM_HEADER', `True')dnl
define(`confSMTP_LOGIN_MSG', `$j')dnl
define(`confDONT_PROBE_INTERFACES',true)dnl
define(`PROCMAIL_MAILER_PATH',`/usr/bin/procmail')dnl
define(`ALIAS_FILE', `/etc/aliases')dnl
define(`STATUS_FILE', `/var/log/mail/statistics')dnl
dnl define(`confUSERDB_SPEC', `/etc/mail/userdb.db')dnl
define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,novrfy,noverb,noetrn,restrictqrun,needmailhelo')dnl
define(`confMAX_DAEMON_CHILDREN',`7')dnl
define(`confCONNECTION_RATE_THROTTLE',`5')dnl
define(`confMAX_RCPTS_PER_MESSAGE',`20')dnl
define(`confMAX_MESSAGE_SIZE',`2097152')dnl
dnl
dnl
dnl ### Insecure SMTP
DAEMON_OPTIONS(`Port=smtp, Name=MTA')dnl
define(`confAUTH_OPTIONS', `A')dnl
TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
define(`confAUTH_MECHANISMS', `EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
dnl # TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 GSSAPI LOGIN PLAIN')dnl
dnl # define(`confAUTH_MECHANISMS', `EXTERNAL DIGEST-MD5 CRAM-MD5 GSSAPI LOGIN PLAIN')dnl
dnl
dnl
dnl ### Secure SMTP (STARTTLS)
define(`confCACERT_PATH', `/etc/mail/certs')dnl
define(`confCACERT', `/etc/mail/certs/cacert.pem')dnl
define(`confSERVER_CERT', `/etc/mail/certs/sendmail.pem')dnl
define(`confSERVER_KEY', `/etc/mail/certs/sendmail.pem')dnl
define(`confCLIENT_CERT', `/etc/mail/certs/sendmail.pem')dnl
define(`confCRL', `/etc/mail/certs/revoke.crl')dnl
 
define(`confCLIENT_KEY', `/etc/mail/certs/sendmail.pem')dnl
DAEMON_OPTIONS(`Family=inet, Port=465, Name=MTA-SSL, M=s')dnl
dnl
dnl
FEATURE(`nouucp',`reject')dnl
FEATURE(`no_default_msa',`dnl')dnl
FEATURE(`smrsh',`/usr/sbin/smrsh')dnl
dnl # FEATURE(`mailertable',`hash -o /etc/mail/mailertable.db')dnl
FEATURE(redirect)dnl
FEATURE(always_add_domain)dnl
FEATURE(use_cw_file)dnl # use localhostnames file
dnl # FEATURE(use_ct_file)dnl
FEATURE(`access_db',`hash -T<TMPF> /etc/mail/access.db')dnl
FEATURE(local_procmail,`/usr/bin/procmail',`procmail -t -Y -a $h -d $u',`SPfhn9')dnl
dnl
dnl ### Virtual User/Domain Routing
dnl # VIRTUSER_DOMAIN_FILE(`/etc/mail/virtudomainstable')dnl
dnl # FEATURE(`virtusertable',`hash -o /etc/mail/virtusertable.db')dnl
dnl # Now we say interpret as domains
dnl # FEATURE(`virtuser_entire_domain')dnl
dnl
dnl # Sendmail v8.13 Companion, Chap 4.1.8, Page 20
dnl # Enable access map DB feature to control the number of simultaneous
dnl # connections other hosts may have to this server; "nodelay"
dnl # causes this feature to bypass "delay_checks" and work at connection
dnl # time instead of after RCPT_TO; "terminate" means that sendmail
dnl # will immediately drop a violating connection instead of waiting
dnl # for other server to drop it; MUST appear AFTER "delay_checks"
FEATURE(`delay_checks')dnl
FEATURE(`conncontrol', `nodelay', `terminate')dnl
dnl
dnl
dnl ### Blacklist settings
FEATURE(`blacklist_recipients')dnl
dnl ### This line tends to reject... EVERYTHING!!!
dnl ### FEATURE(`dnsbl', `relays.ordb.org', `550 5.7.1 Access Denied (O) : Unsolicited e-mail from " $&{client_addr} " refused. ')dnl
dnl ### -- we'll let MailWasher do these two blacklists
dnl ### FEATURE(`dnsbl', `bl.spamcop.net', `554 Rejected " Spam blocked see: http://spamcop.net/bl.shtml?"$&{client_addr}', `t')dnl
dnl ### FEATURE(`enhdnsbl', `zen.spamhaus.org', `554 Rejected " Spam blocked see: http://www.spamhaus.org/"', `t')dnl
dnl ### also tends to reject everything
dnl ### FEATURE(`dnsbl', `dnsbl.sorbs.net', `554 Rejected " $&{client_addr} " found in dnsbl.sorbs.net"')dnl
dnl
dnl
dnl
dnl # Domain mapping - old/long to newer/shorter domain names
FEATURE(`domaintable',`hash -T<TMPF> -o /etc/mail/domaintable.db')dnl
dnl
dnl # OUTGOING aliases - genericstable
dnl # - if we put ALL domains here, then we will only have outgoing
dnl # - from 1 domain per user. So a mis-login won't result in
dnl # - a mydomain3.com user sending from mydomain1.com... ever.
FEATURE(genericstable, `hash /etc/mail/genericstable.db')dnl
GENERICS_DOMAIN(`localhost.localdomain')dnl
FEATURE(generics_entire_domain)dnl
GENERICS_DOMAIN(`mylocal.local')dnl
FEATURE(generics_entire_domain)dnl
GENERICS_DOMAIN(`mydomain1.com')dnl
FEATURE(generics_entire_domain)dnl
GENERICS_DOMAIN(`mydomain3.com')dnl
FEATURE(generics_entire_domain)dnl
GENERICS_DOMAIN(`mydomain2.com')dnl
FEATURE(generics_entire_domain)dnl
GENERICS_DOMAIN(`mydomain4.com')dnl
FEATURE(generics_entire_domain)dnl
GENERICS_DOMAIN(`mydomain5.com')dnl
FEATURE(generics_entire_domain)dnl
dnl
dnl # So now we can list the true "Local domains"
LOCAL_DOMAIN(`localhost.localdomain')dnl
LOCAL_DOMAIN(`mylocal.local')dnl
LOCAL_DOMAIN(`mydomain1.com')dnl
LOCAL_DOMAIN(`mydomain3.com')dnl
MASQUERADE_AS(`mydomain1.com')dnl
MASQUERADE_DOMAIN('localhost.localdomain')dnl
MASQUERADE_DOMAIN('mylocal.local')dnl
FEATURE(masquerade_envelope)dnl
dnl # FEATURE(limited_masquerade)dnl
FEATURE(masquerade_entire_domain)dnl
dnl
dnl
dnl
dnl
dnl ### ClamAV Filtering
dnl # INPUT_MAIL_FILTER(`clmilter',   `S=local:/var/run/clamav-milter/clamav.sock, F=T, T=S:4m;R:4m')dnl
dnl # define(`confINPUT_MAIL_FILTERS',        `clmilter')dnl
dnl
dnl
dnl
dnl ### MailWasher filtering (replaces spamassassin)
dnl INPUT_MAIL_FILTER(`mailwasher_server',  `S=unix:/var/run/mwserver/mpd.sock, F=T, T=S:4m;R:4m')dnl
dnl define(`confINPUT_MAIL_FILTERS',        `mailwasher_server')dnl
dnl
dnl
dnl
dnl ### MailWasher Enterprise filtering (replaces spamassassin)
INPUT_MAIL_FILTER(`mwes',  `S=unix:/var/run/mwes/mpd.sock, F=T, T=S:4m;R:4m')dnl
define(`confINPUT_MAIL_FILTERS',        `mwes')dnl
dnl
dnl
dnl
dnl ### Mailer delivery settings
MAILER(smtp)dnl
dnl # MAILER(local)dnl
MAILER(procmail)dnl
dnl #
dnl # ---------------------END----------------------------

Open in new window

0
JAMason1182
Asked:
JAMason1182
  • 5
  • 3
3 Solutions
 
NopiusCommented:
Turn off debugging and listen your with 'tcpdump'.

1) tcpdump -s 1500 -w /tmp/filename tcp port 25
2) after the smtp session start/end stop capturing traffic with Ctrl-C
3) install network analyzer  www.wireshark.org and install
4) with wireshark open your captured file and see what happens.

P.S. I just tested connection to their server, it works OK.
telnet smtp11.intermedia.net. 25
Trying 64.78.17.124...
Connected to smtp11.intermedia.net (64.78.17.124).
Escape character is '^]'.
220 exmf011-12.intermedia.net Microsoft ESMTP MAIL Service Version: 2.0
EHLO nopius.com
250-exmf011-12.intermedia.net
250-PIPELINING
250-SIZE 128000000
250-VRFY
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250 DSN
mail from: root@test.com
250 2.1.0 Ok
rcpt to: support@advanceware.net
250 2.1.5 Ok
data
354 End data with <CR><LF>.<CR><LF>
Subject: please remove this test message
.
250 2.0.0 Ok: queued as 74753EE0C

Open in new window

0
 
NopiusCommented:
Hmm, it seems we use different mail servers,
I wonder why your sendmail uses smtp.intermedia.net.
relay=smtp.intermedia.net. [207.5.72.110]

The correct smtp relay for advanceware.net  is smtp11.intermedia.net. Probably something wrong in your genericstable and the smtp relay smtp.intermedia.net. doesn't accept mail for domain advanceware.net.
0
 
JAMason1182Author Commented:
Sorry, I've been out of town this weekend.

My log files show the following:

Feb 23 09:43:23 midsl051 sendmail[20886]: AUTH=server, relay=midd114 [192.168.2.114], authid=myname, mech=PLAIN, bits=0
Feb 23 09:43:23 midsl051 sendmail[20886]: n1NFhNHg020886: from=<myname@mydomain1.com>, size=517, class=0, nrcpts=1, msgid=<49A2C634.9000804@mydomain1.com>, proto=ESMTP, daemon=MTA, relay=midd114 [192.168.2.114]
Feb 23 09:43:23 midsl051 sendmail[20886]: n1NFhNHg020886: Milter add: header: X-MailWasher-enterprise-server-scanned: Checked by MailWasher Enterprise Server 0.16b {U}
Feb 23 09:43:23 midsl051 sendmail[20886]: n1NFhNHg020886: Milter add: header: X-MailWasher-enterprise-server-status: Clean
Feb 23 09:43:23 midsl051 sendmail[20886]: n1NFhNHg020886: Milter add: header: X-MailWasher-enterprise-server-reason: Authenticated by MTA
Feb 23 09:43:23 midsl051 sendmail[20886]: n1NFhNHg020886: Milter add: header: X-MailWasher-enterprise-server-sourceip: 192.168.2.114
Feb 23 09:43:24 midsl051 sendmail[20889]: n1NFhNHg020886: to=<someone@advanceware.net>, ctladdr=<myname@mydomain1.com> (10000/10001), delay=00:00:01, xdelay=00:00:01, mailer=esmtp, pri=120517, relay=smtp11.intermedia.net. [64.78.17.124], dsn=4.0.0, stat=Deferred: 421 4.7.0 exmf011-13.intermedia.net Error: too many errors
Feb 23 09:43:42 midsl051 sendmail[20893]: AUTH=server, relay=midd114 [192.168.2.114], authid=myname, mech=PLAIN, bits=0
Feb 23 09:43:42 midsl051 sendmail[20893]: n1NFhgcg020893: from=<myname@mydomain1.com>, size=523, class=0, nrcpts=1, msgid=<49A2C647.3070200@mydomain1.com>, proto=ESMTP, daemon=MTA, relay=midd114 [192.168.2.114]
Feb 23 09:43:42 midsl051 sendmail[20893]: n1NFhgcg020893: Milter add: header: X-MailWasher-enterprise-server-scanned: Checked by MailWasher Enterprise Server 0.16b {U}
Feb 23 09:43:42 midsl051 sendmail[20893]: n1NFhgcg020893: Milter add: header: X-MailWasher-enterprise-server-status: Clean
Feb 23 09:43:42 midsl051 sendmail[20893]: n1NFhgcg020893: Milter add: header: X-MailWasher-enterprise-server-reason: Authenticated by MTA
Feb 23 09:43:42 midsl051 sendmail[20893]: n1NFhgcg020893: Milter add: header: X-MailWasher-enterprise-server-sourceip: 192.168.2.114
Feb 23 09:43:42 midsl051 sendmail[20896]: n1NFhgcg020893: to=<someone@advanceware.net>, ctladdr=<myname@mydomain1.com> (10000/10001), delay=00:00:00, xdelay=00:00:00, mailer=esmtp, pri=120523, relay=smtp11.intermedia.net. [64.78.17.124], dsn=4.0.0, stat=Deferred: 421 4.7.0 exmf011-13.intermedia.net Error: too many errors


I'm in the process of filtering the tcpdump and getting wireshark to open it.

My genericstable shouldn't have anything to do with intermedias mail server... right? I mean I'm not trying to send AS advanceware, I'm trying to send TO advanceware. Like I said before, my domains, my server, my users, nobody has ever had trouble before with email. It's only with SENDING to advanceware.net. (Oh yeah, receiving works just fine... I get everything advanceware sends me!)

I'll post my tcpdump results in a minute.

0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
JAMason1182Author Commented:
Ok, I finally got wireshark downloaded and installed.

Attached is my analyzed tcpdump. I see a HELO command not recognized... is that the problem (see line number 31)?

  1   0.000000 192.168.2.114 -> 192.168.2.51  TCP telindus > smtp [SYN] Seq=0 Win=65535 Len=0 MSS=1460 WS=1
  2   0.000007  192.168.2.51 -> 192.168.2.114 TCP smtp > telindus [SYN, ACK] Seq=0 Ack=1 Win=5840 Len=0 MSS=1460 WS=7
  3   0.000076 192.168.2.114 -> 192.168.2.51  TCP telindus > smtp [ACK] Seq=1 Ack=1 Win=128480 Len=0
  4   0.006260  192.168.2.51 -> 192.168.2.114 SMTP Response: 220 mail.mydomain1.com ESMTP
  5   0.059619 192.168.2.114 -> 192.168.2.51  SMTP Command: EHLO [192.168.2.114]
  6   0.059640  192.168.2.51 -> 192.168.2.114 TCP smtp > telindus [ACK] Seq=34 Ack=22 Win=5888 Len=0
  7   0.059766  192.168.2.51 -> 192.168.2.114 SMTP Response: 250-mail.mydomain1.com Hello midd114 [192.168.2.114], pleased to meet you
  8   0.060200 192.168.2.114 -> 192.168.2.51  SMTP Command: AUTH PLAIN AGptYXNvbgBzdGFDMDQhOQ==
  9   0.064439  192.168.2.51 -> 192.168.2.114 SMTP Response: 235 2.0.0 OK Authenticated
 10   0.065384 192.168.2.114 -> 192.168.2.51  SMTP Command: MAIL FROM:<myself@mydomain1.com> SIZE=540
 11   0.067932  192.168.2.51 -> 192.168.2.114 SMTP Response: 250 2.1.0 <myself@mydomain1.com>... Sender ok
 12   0.068692 192.168.2.114 -> 192.168.2.51  SMTP Command: RCPT TO:<someone@advanceware.net>
 13   0.069726  192.168.2.51 -> 192.168.2.114 SMTP Response: 250 2.1.5 <someone@advanceware.net>... Recipient ok
 14   0.070054 192.168.2.114 -> 192.168.2.51  SMTP Command: DATA
 15   0.070099  192.168.2.51 -> 192.168.2.114 SMTP Response: 354 Enter mail, end with "." on a line by itself
 16   0.071453 192.168.2.114 -> 192.168.2.51  SMTP DATA fragment, 543 bytes
 17   0.091299  192.168.2.51 -> 192.168.2.114 SMTP Response: 250 2.0.0 n1NFhNHg020886 Message accepted for delivery
 18   0.092214 192.168.2.114 -> 192.168.2.51  SMTP DATA fragment, 6 bytes
 19   0.092274  192.168.2.51 -> 192.168.2.114 SMTP Response: 221 2.0.0 mail.mydomain1.com closing connection
 20   0.092357  192.168.2.51 -> 192.168.2.114 TCP smtp > telindus [FIN, ACK] Seq=543 Ack=695 Win=7040 Len=0
 21   0.092446 192.168.2.114 -> 192.168.2.51  TCP telindus > smtp [ACK] Seq=695 Ack=544 Win=127938 Len=0
 22   0.096668  192.168.2.51 -> 64.78.17.124 TCP 40195 > smtp [SYN] Seq=0 Win=5840 Len=0 MSS=1460 TSV=3793909300 TSER=0 WS=7
 23   0.167895 192.168.2.114 -> 192.168.2.51  TCP telindus > smtp [FIN, ACK] Seq=695 Ack=544 Win=127938 Len=0
 24   0.167902  192.168.2.51 -> 192.168.2.114 TCP smtp > telindus [ACK] Seq=544 Ack=696 Win=7040 Len=0
 25   0.170229 64.78.17.124 -> 192.168.2.51  TCP smtp > 40195 [SYN, ACK] Seq=0 Ack=1 Win=5792 Len=0 MSS=1380 TSV=398140280 TSER=3793909300 WS=7
 26   0.170237  192.168.2.51 -> 64.78.17.124 TCP 40195 > smtp [ACK] Seq=1 Ack=1 Win=5888 Len=0 TSV=3793909374 TSER=398140280
 27   0.242779 64.78.17.124 -> 192.168.2.51  SMTP Response: 220 exmf011-13.intermedia.net Microsoft ESMTP MAIL Service Version: 2.0
 28   0.242790  192.168.2.51 -> 64.78.17.124 TCP 40195 > smtp [ACK] Seq=1 Ack=74 Win=5888 Len=0 TSV=3793909446 TSER=398140298
 29   0.242893  192.168.2.51 -> 64.78.17.124 SMTP Command: EHLO mail.mydomain1.com
 30   0.314195 64.78.17.124 -> 192.168.2.51  TCP smtp > 40195 [ACK] Seq=74 Ack=29 Win=5888 Len=0 TSV=398140316 TSER=3793909446
 31   0.315021 64.78.17.124 -> 192.168.2.51  SMTP Response: 502 5.5.2 Error: command not recognized
 32   0.315072  192.168.2.51 -> 64.78.17.124 SMTP Command: HELO mail.mydomain1.com
 33   0.315308 64.78.17.124 -> 192.168.2.51  TCP smtp > 40195 [FIN, ACK] Seq=175 Ack=29 Win=5888 Len=0 TSV=398140316 TSER=3793909446
 34   0.315335  192.168.2.51 -> 64.78.17.124 SMTP Command: QUIT
 35   0.388867 64.78.17.124 -> 192.168.2.51  TCP smtp > 40195 [RST] Seq=176 Win=0 Len=0
 36  18.412840 192.168.2.114 -> 192.168.2.51  TCP roketz > smtp [SYN] Seq=0 Win=65535 Len=0 MSS=1460 WS=1
 37  18.412864  192.168.2.51 -> 192.168.2.114 TCP smtp > roketz [SYN, ACK] Seq=0 Ack=1 Win=5840 Len=0 MSS=1460 WS=7
 38  18.412978 192.168.2.114 -> 192.168.2.51  TCP roketz > smtp [ACK] Seq=1 Ack=1 Win=128480 Len=0
 39  18.418979  192.168.2.51 -> 192.168.2.114 SMTP Response: 220 mail.mydomain1.com ESMTP
 40  18.467122 192.168.2.114 -> 192.168.2.51  SMTP Command: EHLO [192.168.2.114]
 41  18.467141  192.168.2.51 -> 192.168.2.114 TCP smtp > roketz [ACK] Seq=34 Ack=22 Win=5888 Len=0
 42  18.467278  192.168.2.51 -> 192.168.2.114 SMTP Response: 250-mail.mydomain1.com Hello midd114 [192.168.2.114], pleased to meet you
 43  18.468273 192.168.2.114 -> 192.168.2.51  SMTP Command: AUTH PLAIN AGptYXNvbgBzdGFDMDQhOQ==
 44  18.472518  192.168.2.51 -> 192.168.2.114 SMTP Response: 235 2.0.0 OK Authenticated
 45  18.473296 192.168.2.114 -> 192.168.2.51  SMTP Command: MAIL FROM:<myself@mydomain1.com> SIZE=546
 46  18.475820  192.168.2.51 -> 192.168.2.114 SMTP Response: 250 2.1.0 <myself@mydomain1.com>... Sender ok
 47  18.476480 192.168.2.114 -> 192.168.2.51  SMTP Command: RCPT TO:<someone@advanceware.net>
 48  18.477540  192.168.2.51 -> 192.168.2.114 SMTP Response: 250 2.1.5 <someone@advanceware.net>... Recipient ok
 49  18.478253 192.168.2.114 -> 192.168.2.51  SMTP Command: DATA
 50  18.478298  192.168.2.51 -> 192.168.2.114 SMTP Response: 354 Enter mail, end with "." on a line by itself
 51  18.480099 192.168.2.114 -> 192.168.2.51  SMTP DATA fragment, 549 bytes
 52  18.489542  192.168.2.51 -> 192.168.2.114 SMTP Response: 250 2.0.0 n1NFhgcg020893 Message accepted for delivery
 53  18.490502 192.168.2.114 -> 192.168.2.51  SMTP DATA fragment, 6 bytes
 54  18.490565  192.168.2.51 -> 192.168.2.114 SMTP Response: 221 2.0.0 mail.mydomain1.com closing connection
 55  18.490659  192.168.2.51 -> 192.168.2.114 TCP smtp > roketz [FIN, ACK] Seq=543 Ack=701 Win=7040 Len=0
 56  18.490748 192.168.2.114 -> 192.168.2.51  TCP roketz > smtp [ACK] Seq=701 Ack=544 Win=127938 Len=0
 57  18.494657  192.168.2.51 -> 64.78.17.124 TCP 40196 > smtp [SYN] Seq=0 Win=5840 Len=0 MSS=1460 TSV=3793927698 TSER=0 WS=7
 58  18.523832 192.168.2.114 -> 192.168.2.51  TCP roketz > smtp [FIN, ACK] Seq=701 Ack=544 Win=127938 Len=0
 59  18.523841  192.168.2.51 -> 192.168.2.114 TCP smtp > roketz [ACK] Seq=544 Ack=702 Win=7040 Len=0
 60  18.577070 64.78.17.124 -> 192.168.2.51  TCP smtp > 40196 [SYN, ACK] Seq=0 Ack=1 Win=5792 Len=0 MSS=1380 TSV=398144880 TSER=3793927698 WS=7
 61  18.577086  192.168.2.51 -> 64.78.17.124 TCP 40196 > smtp [ACK] Seq=1 Ack=1 Win=5888 Len=0 TSV=3793927781 TSER=398144880
 62  18.650445 64.78.17.124 -> 192.168.2.51  SMTP Response: 220 exmf011-13.intermedia.net Microsoft ESMTP MAIL Service Version: 2.0
 63  18.650454  192.168.2.51 -> 64.78.17.124 TCP 40196 > smtp [ACK] Seq=1 Ack=74 Win=5888 Len=0 TSV=3793927854 TSER=398144901
 64  18.650522  192.168.2.51 -> 64.78.17.124 SMTP Command: EHLO mail.mydomain1.com
 65  18.723694 64.78.17.124 -> 192.168.2.51  TCP smtp > 40196 [ACK] Seq=74 Ack=29 Win=5888 Len=0 TSV=398144919 TSER=3793927854
 66  18.724487 64.78.17.124 -> 192.168.2.51  SMTP Response: 502 5.5.2 Error: command not recognized
 67  18.724514  192.168.2.51 -> 64.78.17.124 SMTP Command: HELO mail.mydomain1.com
 68  18.725180 64.78.17.124 -> 192.168.2.51  TCP smtp > 40196 [FIN, ACK] Seq=175 Ack=29 Win=5888 Len=0 TSV=398144919 TSER=3793927854
 69  18.725207  192.168.2.51 -> 64.78.17.124 SMTP Command: QUIT
 70  19.005053  192.168.2.51 -> 64.78.17.124 SMTP [TCP Retransmission] Command: HELO mail.mydomain1.com
 71  19.567051  192.168.2.51 -> 64.78.17.124 SMTP [TCP Retransmission] Command: HELO mail.mydomain1.com
 72  20.691048  192.168.2.51 -> 64.78.17.124 SMTP [TCP Retransmission] Command: HELO mail.mydomain1.com
 73  22.939051  192.168.2.51 -> 64.78.17.124 SMTP [TCP Retransmission] Command: HELO mail.mydomain1.com
 74  23.722915 64.78.17.124 -> 192.168.2.51  TCP smtp > 40196 [RST] Seq=176 Win=5888 Len=0
 75 314.622214 94.67.249.185 -> 192.168.2.51  TCP netrek > smtp [SYN] Seq=0 Win=65535 Len=0 MSS=1452
 76 314.622251  192.168.2.51 -> 94.67.249.185 TCP smtp > netrek [SYN, ACK] Seq=0 Ack=1 Win=5840 Len=0 MSS=1460
 77 314.625186 94.67.249.185 -> 192.168.2.51  TCP mns-mail > smtp [SYN] Seq=0 Win=65535 Len=0 MSS=1452
 78 314.625193  192.168.2.51 -> 94.67.249.185 TCP smtp > mns-mail [SYN, ACK] Seq=0 Ack=1 Win=5840 Len=0 MSS=1460
 79 314.628796 94.67.249.185 -> 192.168.2.51  TCP dts > smtp [SYN] Seq=0 Win=65535 Len=0 MSS=1452
 80 314.628806  192.168.2.51 -> 94.67.249.185 TCP smtp > dts [SYN, ACK] Seq=0 Ack=1 Win=5840 Len=0 MSS=1460
 81 314.633429 94.67.249.185 -> 192.168.2.51  TCP worldfusion1 > smtp [SYN] Seq=0 Win=65535 Len=0 MSS=1452
 82 314.633434  192.168.2.51 -> 94.67.249.185 TCP smtp > worldfusion1 [SYN, ACK] Seq=0 Ack=1 Win=5840 Len=0 MSS=1460
 83 315.478856 94.67.249.185 -> 192.168.2.51  TCP netrek > smtp [ACK] Seq=1 Ack=1 Win=65535 Len=0
 84 315.494374 94.67.249.185 -> 192.168.2.51  TCP mns-mail > smtp [ACK] Seq=1 Ack=1 Win=65535 Len=0
 85 315.533068 94.67.249.185 -> 192.168.2.51  TCP dts > smtp [ACK] Seq=1 Ack=1 Win=65535 Len=0
 86 315.583819 94.67.249.185 -> 192.168.2.51  TCP worldfusion1 > smtp [ACK] Seq=1 Ack=1 Win=65535 Len=0
 87 316.337442  192.168.2.51 -> 94.67.249.185 SMTP Response: 220 mail.mydomain1.com ESMTP
 88 316.339512  192.168.2.51 -> 94.67.249.185 SMTP Response: 220 mail.mydomain1.com ESMTP
 89 316.340121  192.168.2.51 -> 94.67.249.185 SMTP Response: 220 mail.mydomain1.com ESMTP
 90 316.340943  192.168.2.51 -> 94.67.249.185 SMTP Response: 220 mail.mydomain1.com ESMTP
 91 317.423371 94.67.249.185 -> 192.168.2.51  TCP worldfusion1 > smtp [ACK] Seq=1 Ack=34 Win=65502 Len=0
 92 317.426897 94.67.249.185 -> 192.168.2.51  TCP dts > smtp [ACK] Seq=1 Ack=34 Win=65502 Len=0
 93 317.510209 94.67.249.185 -> 192.168.2.51  SMTP Command: HELO ppp-94-67-249-185.home.otenet.gr
 94 317.510220  192.168.2.51 -> 94.67.249.185 TCP smtp > worldfusion1 [ACK] Seq=34 Ack=40 Win=5840 Len=0
 95 317.510405  192.168.2.51 -> 94.67.249.185 SMTP Response: 250 mail.mydomain1.com Hello ppp-94-67-249-185.home.otenet.gr [94.67.249.185], pleased to meet you
 96 317.543505 94.67.249.185 -> 192.168.2.51  TCP netrek > smtp [ACK] Seq=1 Ack=34 Win=65502 Len=0
 97 317.543727 94.67.249.185 -> 192.168.2.51  TCP mns-mail > smtp [ACK] Seq=1 Ack=34 Win=65502 Len=0
 98 317.609583 94.67.249.185 -> 192.168.2.51  SMTP Command: HELO ppp-94-67-249-185.home.otenet.gr
 99 317.609591  192.168.2.51 -> 94.67.249.185 TCP smtp > mns-mail [ACK] Seq=34 Ack=40 Win=5840 Len=0
100 317.609747  192.168.2.51 -> 94.67.249.185 SMTP Response: 250 mail.mydomain1.com Hello ppp-94-67-249-185.home.otenet.gr [94.67.249.185], pleased to meet you
101 317.610447 94.67.249.185 -> 192.168.2.51  SMTP Command: HELO ppp-94-67-249-185.home.otenet.gr
102 317.610453  192.168.2.51 -> 94.67.249.185 TCP smtp > netrek [ACK] Seq=34 Ack=40 Win=5840 Len=0
103 317.610583  192.168.2.51 -> 94.67.249.185 SMTP Response: 250 mail.mydomain1.com Hello ppp-94-67-249-185.home.otenet.gr [94.67.249.185], pleased to meet you
104 317.610611 94.67.249.185 -> 192.168.2.51  SMTP Command: HELO ppp-94-67-249-185.home.otenet.gr
105 317.610617  192.168.2.51 -> 94.67.249.185 TCP smtp > dts [ACK] Seq=34 Ack=40 Win=5840 Len=0
106 317.610735  192.168.2.51 -> 94.67.249.185 SMTP Response: 250 mail.mydomain1.com Hello ppp-94-67-249-185.home.otenet.gr [94.67.249.185], pleased to meet you
107 319.068516 94.67.249.185 -> 192.168.2.51  TCP worldfusion1 > smtp [ACK] Seq=40 Ack=137 Win=65399 Len=0
108 319.191823 94.67.249.185 -> 192.168.2.51  SMTP Command: MAIL FROM:<mail@masondrywallsupply.com>
109 319.193570  192.168.2.51 -> 94.67.249.185 SMTP Response: 250 2.1.0 <mail@masondrywallsupply.com>... Sender ok
110 319.278199 94.67.249.185 -> 192.168.2.51  TCP netrek > smtp [ACK] Seq=40 Ack=137 Win=65399 Len=0
111 319.281009 94.67.249.185 -> 192.168.2.51  TCP mns-mail > smtp [ACK] Seq=40 Ack=137 Win=65399 Len=0
112 319.290602 94.67.249.185 -> 192.168.2.51  SMTP Command: MAIL FROM:<sales@masondrywallsupply.com>
113 319.293149  192.168.2.51 -> 94.67.249.185 SMTP Response: 250 2.1.0 <sales@masondrywallsupply.com>... Sender ok
114 319.380025 94.67.249.185 -> 192.168.2.51  SMTP Command: MAIL FROM:<webmaster@masondrywallsupply.com>
115 319.382481  192.168.2.51 -> 94.67.249.185 SMTP Response: 250 2.1.0 <webmaster@masondrywallsupply.com>... Sender ok
116 319.383447 94.67.249.185 -> 192.168.2.51  SMTP Command: MAIL FROM:<mmason@masondrywallsupply.com>
117 319.385964  192.168.2.51 -> 94.67.249.185 SMTP Response: 250 2.1.0 <mmason@masondrywallsupply.com>... Sender ok
118 321.261286 94.67.249.185 -> 192.168.2.51  TCP worldfusion1 > smtp [ACK] Seq=81 Ack=191 Win=65345 Len=0
119 321.369182 94.67.249.185 -> 192.168.2.51  TCP netrek > smtp [ACK] Seq=86 Ack=196 Win=65340 Len=0
120 321.372174 94.67.249.185 -> 192.168.2.51  TCP mns-mail > smtp [ACK] Seq=82 Ack=192 Win=65344 Len=0
121 321.409761 94.67.249.185 -> 192.168.2.51  SMTP Command: RCPT TO:<mail@masondrywallsupply.com>
122 321.412031  192.168.2.51 -> 94.67.249.185 SMTP Response: 250 2.1.5 <mail@masondrywallsupply.com>... Recipient ok
123 321.481236 94.67.249.185 -> 192.168.2.51  TCP dts > smtp [ACK] Seq=83 Ack=193 Win=65343 Len=0
124 321.506801 94.67.249.185 -> 192.168.2.51  SMTP Command: RCPT TO:<webmaster@masondrywallsupply.com>
125 321.507229 94.67.249.185 -> 192.168.2.51  SMTP Command: RCPT TO:<sales@masondrywallsupply.com>
126 321.508635  192.168.2.51 -> 94.67.249.185 SMTP Response: 250 2.1.5 <webmaster@masondrywallsupply.com>... Recipient ok
127 321.510284  192.168.2.51 -> 94.67.249.185 SMTP Response: 250 2.1.5 <sales@masondrywallsupply.com>... Recipient ok
128 321.525378 94.67.249.185 -> 192.168.2.51  SMTP Command: RCPT TO:<mmason@masondrywallsupply.com>
129 321.528600  192.168.2.51 -> 94.67.249.185 SMTP Response: 250 2.1.5 <mmason@masondrywallsupply.com>... Recipient ok
130 322.992781 94.67.249.185 -> 192.168.2.51  TCP worldfusion1 > smtp [ACK] Seq=120 Ack=248 Win=65288 Len=0
131 323.102514 94.67.249.185 -> 192.168.2.51  TCP dts > smtp [ACK] Seq=124 Ack=252 Win=65284 Len=0
132 323.105216 94.67.249.185 -> 192.168.2.51  TCP mns-mail > smtp [ACK] Seq=122 Ack=250 Win=65286 Len=0
133 323.108431 94.67.249.185 -> 192.168.2.51  TCP netrek > smtp [ACK] Seq=130 Ack=258 Win=65278 Len=0
134 323.175797 94.67.249.185 -> 192.168.2.51  SMTP Command: DATA
135 323.175886  192.168.2.51 -> 94.67.249.185 SMTP Response: 354 Enter mail, end with "." on a line by itself
136 323.179250 94.67.249.185 -> 192.168.2.51  SMTP Command: DATA
137 323.179333  192.168.2.51 -> 94.67.249.185 SMTP Response: 354 Enter mail, end with "." on a line by itself
138 323.181700 94.67.249.185 -> 192.168.2.51  SMTP Command: DATA
139 323.181759  192.168.2.51 -> 94.67.249.185 SMTP Response: 354 Enter mail, end with "." on a line by itself
140 323.335898 94.67.249.185 -> 192.168.2.51  SMTP Command: DATA
141 323.335946  192.168.2.51 -> 94.67.249.185 SMTP Response: 354 Enter mail, end with "." on a line by itself
142 324.643212 94.67.249.185 -> 192.168.2.51  TCP netrek > smtp [ACK] Seq=136 Ack=308 Win=65228 Len=0
143 324.754762 94.67.249.185 -> 192.168.2.51  TCP worldfusion1 > smtp [ACK] Seq=126 Ack=298 Win=65238 Len=0
144 324.757913 94.67.249.185 -> 192.168.2.51  TCP mns-mail > smtp [ACK] Seq=128 Ack=300 Win=65236 Len=0
145 324.842196 94.67.249.185 -> 192.168.2.51  SMTP DATA fragment, 1446 bytes
146 324.882051  192.168.2.51 -> 94.67.249.185 TCP smtp > netrek [ACK] Seq=308 Ack=1588 Win=8712 Len=0
147 324.894920 94.67.249.185 -> 192.168.2.51  SMTP DATA fragment, 1446 bytes
148 324.894931  192.168.2.51 -> 94.67.249.185 TCP smtp > netrek [ACK] Seq=308 Ack=3040 Win=11616 Len=0
149 324.897378 94.67.249.185 -> 192.168.2.51  SMTP DATA fragment, 204 bytes
150 324.897383  192.168.2.51 -> 94.67.249.185 TCP smtp > netrek [ACK] Seq=308 Ack=3244 Win=14520 Len=0
151 324.957883 94.67.249.185 -> 192.168.2.51  SMTP DATA fragment, 1446 bytes
152 324.997048  192.168.2.51 -> 94.67.249.185 TCP smtp > mns-mail [ACK] Seq=300 Ack=1580 Win=8712 Len=0
153 325.011202 94.67.249.185 -> 192.168.2.51  SMTP DATA fragment, 1446 bytes
154 325.011208  192.168.2.51 -> 94.67.249.185 TCP smtp > mns-mail [ACK] Seq=300 Ack=3032 Win=11616 Len=0
155 325.012281 94.67.249.185 -> 192.168.2.51  SMTP DATA fragment, 178 bytes
156 325.012286  192.168.2.51 -> 94.67.249.185 TCP smtp > mns-mail [ACK] Seq=300 Ack=3210 Win=14520 Len=0
157 325.072093 94.67.249.185 -> 192.168.2.51  SMTP DATA fragment, 1446 bytes
158 325.112046  192.168.2.51 -> 94.67.249.185 TCP smtp > worldfusion1 [ACK] Seq=298 Ack=1578 Win=8712 Len=0
159 325.125585 94.67.249.185 -> 192.168.2.51  SMTP DATA fragment, 1446 bytes
160 325.125591  192.168.2.51 -> 94.67.249.185 TCP smtp > worldfusion1 [ACK] Seq=298 Ack=3030 Win=11616 Len=0
161 325.127437 94.67.249.185 -> 192.168.2.51  SMTP DATA fragment, 192 bytes
162 325.127442  192.168.2.51 -> 94.67.249.185 TCP smtp > worldfusion1 [ACK] Seq=298 Ack=3222 Win=14520 Len=0
163 325.147202 94.67.249.185 -> 192.168.2.51  TCP dts > smtp [ACK] Seq=130 Ack=302 Win=65234 Len=0
164 325.218250 94.67.249.185 -> 192.168.2.51  SMTP DATA fragment, 1446 bytes
165 325.258050  192.168.2.51 -> 94.67.249.185 TCP smtp > dts [ACK] Seq=302 Ack=1582 Win=8712 Len=0
166 325.271222 94.67.249.185 -> 192.168.2.51  SMTP DATA fragment, 1446 bytes
167 325.271228  192.168.2.51 -> 94.67.249.185 TCP smtp > dts [ACK] Seq=302 Ack=3034 Win=11616 Len=0
168 325.272196 94.67.249.185 -> 192.168.2.51  SMTP DATA fragment, 171 bytes
169 325.272201  192.168.2.51 -> 94.67.249.185 TCP smtp > dts [ACK] Seq=302 Ack=3205 Win=14520 Len=0
170 326.010888 94.67.249.185 -> 192.168.2.51  SMTP EOM:
171 326.010926  192.168.2.51 -> 94.67.249.185 TCP smtp > netrek [ACK] Seq=308 Ack=3249 Win=14520 Len=0
172 326.016557  192.168.2.51 -> 94.67.249.185 SMTP Response: 250 2.0.0 n1NFmeDa020908 Message accepted for delivery
173 326.100570 94.67.249.185 -> 192.168.2.51  SMTP EOM:
174 326.100594  192.168.2.51 -> 94.67.249.185 TCP smtp > mns-mail [ACK] Seq=300 Ack=3215 Win=14520 Len=0
175 326.350224 94.67.249.185 -> 192.168.2.51  SMTP EOM:
176 326.350248  192.168.2.51 -> 94.67.249.185 TCP smtp > worldfusion1 [ACK] Seq=298 Ack=3227 Win=14520 Len=0
177 326.358009 94.67.249.185 -> 192.168.2.51  SMTP EOM:
178 326.358035  192.168.2.51 -> 94.67.249.185 TCP smtp > dts [ACK] Seq=302 Ack=3210 Win=14520 Len=0
179 326.951292  192.168.2.51 -> 94.67.249.185 SMTP Response: 250 2.0.0 n1NFmeh3020909 Message accepted for delivery
180 327.127309  192.168.2.51 -> 94.67.249.185 SMTP Response: 250 2.0.0 n1NFmeHZ020911 Message accepted for delivery
181 327.149473 94.67.249.185 -> 192.168.2.51  TCP netrek > smtp [ACK] Seq=3249 Ack=364 Win=65172 Len=0
182 327.314452 94.67.249.185 -> 192.168.2.51  SMTP Command: QUIT
183 327.314498  192.168.2.51 -> 94.67.249.185 SMTP Response: 221 2.0.0 mail.mydomain1.com closing connection
184 327.314545  192.168.2.51 -> 94.67.249.185 TCP smtp > netrek [FIN, ACK] Seq=416 Ack=3255 Win=14520 Len=0
185 327.345499  192.168.2.51 -> 94.67.249.185 SMTP Response: 250 2.0.0 n1NFmej9020910 Message accepted for delivery
186 330.630053  192.168.2.51 -> 94.67.249.185 SMTP [TCP Retransmission] Response: 250 2.0.0 n1NFmeh3020909 Message accepted for delivery
187 330.672049  192.168.2.51 -> 94.67.249.185 SMTP [TCP Retransmission] Response: 221 2.0.0 mail.mydomain1.com closing connection
188 330.759048  192.168.2.51 -> 94.67.249.185 SMTP [TCP Retransmission] Response: 250 2.0.0 n1NFmeHZ020911 Message accepted for delivery
189 331.207048  192.168.2.51 -> 94.67.249.185 SMTP [TCP Retransmission] Response: 250 2.0.0 n1NFmej9020910 Message accepted for delivery
190 331.429193 94.67.249.185 -> 192.168.2.51  SMTP [TCP Retransmission] Command: QUIT
191 331.429207  192.168.2.51 -> 94.67.249.185 TCP [TCP Dup ACK 187#1] smtp > netrek [ACK] Seq=417 Ack=3255 Win=14520 Len=0 SLE=3249 SRE=3255
192 337.388060  192.168.2.51 -> 94.67.249.185 SMTP [TCP Retransmission] Response: 221 2.0.0 mail.mydomain1.com closing connection
193 337.537197 94.67.249.185 -> 192.168.2.51  TCP netrek > smtp [ACK] Seq=3255 Ack=416 Win=65120 Len=0
194 337.537211  192.168.2.51 -> 94.67.249.185 TCP smtp > netrek [FIN, ACK] Seq=416 Ack=3255 Win=14520 Len=0
195 337.647605 94.67.249.185 -> 192.168.2.51  TCP netrek > smtp [FIN, ACK] Seq=3255 Ack=416 Win=65120 Len=0
196 337.647616  192.168.2.51 -> 94.67.249.185 TCP smtp > netrek [ACK] Seq=417 Ack=3256 Win=14520 Len=0
197 337.988049  192.168.2.51 -> 94.67.249.185 SMTP [TCP Retransmission] Response: 250 2.0.0 n1NFmeh3020909 Message accepted for delivery
198 338.023047  192.168.2.51 -> 94.67.249.185 SMTP [TCP Retransmission] Response: 250 2.0.0 n1NFmeHZ020911 Message accepted for delivery
199 338.496605 94.67.249.185 -> 192.168.2.51  TCP fastlynx > smtp [SYN] Seq=0 Win=65535 Len=0 MSS=1452
200 338.496620  192.168.2.51 -> 94.67.249.185 TCP smtp > fastlynx [SYN, ACK] Seq=0 Ack=1 Win=5840 Len=0 MSS=1460
201 338.931049  192.168.2.51 -> 94.67.249.185 SMTP [TCP Retransmission] Response: 250 2.0.0 n1NFmej9020910 Message accepted for delivery
202 341.373355 94.67.249.185 -> 192.168.2.51  TCP [TCP Dup ACK 195#1] netrek > smtp [ACK] Seq=3256 Ack=416 Win=65120 Len=0
203 341.380590 94.67.249.185 -> 192.168.2.51  TCP fastlynx > smtp [SYN] Seq=0 Win=65535 Len=0 MSS=1452
204 341.380600  192.168.2.51 -> 94.67.249.185 TCP smtp > fastlynx [SYN, ACK] Seq=0 Ack=1 Win=5840 Len=0 MSS=1460
205 342.322517 94.67.249.185 -> 192.168.2.51  TCP fastlynx > smtp [ACK] Seq=1 Ack=1 Win=65535 Len=0
206 342.328969  192.168.2.51 -> 94.67.249.185 SMTP Response: 220 mail.mydomain1.com ESMTP
207 344.370964 94.67.249.185 -> 192.168.2.51  TCP [TCP Dup ACK 205#1] fastlynx > smtp [ACK] Seq=1 Ack=1 Win=65535 Len=0
208 345.328059  192.168.2.51 -> 94.67.249.185 SMTP [TCP Retransmission] Response: 220 mail.mydomain1.com ESMTP
209 345.920630 94.67.249.185 -> 192.168.2.51  TCP fastlynx > smtp [ACK] Seq=1 Ack=34 Win=65502 Len=0
210 345.958752 94.67.249.185 -> 192.168.2.51  SMTP Command: HELO ppp-94-67-249-185.home.otenet.gr
211 345.958759  192.168.2.51 -> 94.67.249.185 TCP smtp > fastlynx [ACK] Seq=34 Ack=40 Win=5840 Len=0
212 345.958964  192.168.2.51 -> 94.67.249.185 SMTP Response: 250 mail.mydomain1.com Hello ppp-94-67-249-185.home.otenet.gr [94.67.249.185], pleased to meet you
213 347.754233 94.67.249.185 -> 192.168.2.51  TCP [TCP Dup ACK 210#1] fastlynx > smtp [ACK] Seq=40 Ack=34 Win=65502 Len=0
214 348.700441 94.67.249.185 -> 192.168.2.51  TCP fastlynx > smtp [ACK] Seq=40 Ack=137 Win=65399 Len=0
215 348.765530 94.67.249.185 -> 192.168.2.51  SMTP Command: MAIL FROM:<auser@masondrywallsupply.com>
216 348.768658  192.168.2.51 -> 94.67.249.185 SMTP Response: 250 2.1.0 <auser@masondrywallsupply.com>... Sender ok
217 350.969054  192.168.2.51 -> 94.67.249.185 TCP smtp > netrek [FIN, ACK] Seq=416 Ack=3256 Win=14520 Len=0
218 351.765168 94.67.249.185 -> 192.168.2.51  TCP fastlynx > smtp [ACK] Seq=85 Ack=195 Win=65341 Len=0
219 351.897374 94.67.249.185 -> 192.168.2.51  SMTP Command: RCPT TO:<auser@masondrywallsupply.com>
220 351.900652  192.168.2.51 -> 94.67.249.185 SMTP Response: 250 2.1.5 <auser@masondrywallsupply.com>... Recipient ok
221 352.551050  192.168.2.51 -> 94.67.249.185 SMTP [TCP Retransmission] Response: 250 2.0.0 n1NFmeHZ020911 Message accepted for delivery
222 352.704049  192.168.2.51 -> 94.67.249.185 SMTP [TCP Retransmission] Response: 250 2.0.0 n1NFmeh3020909 Message accepted for delivery
223 353.525352 94.67.249.185 -> 192.168.2.51  TCP netrek > smtp [ACK] Seq=3256 Ack=417 Win=65120 Len=0
224 354.379060  192.168.2.51 -> 94.67.249.185 SMTP [TCP Retransmission] Response: 250 2.0.0 n1NFmej9020910 Message accepted for delivery
[root@midsl051 init.d]#

Open in new window

0
 
JAMason1182Author Commented:
Wow... I just tried it manually. Help me figure out this...


If I do the HELO mail.mydomain1.com command... thinngs work just fine. But if I do EHLO mail.mydomain1.com (like my mail server does) it exits with deferred Error: too many errors. (Error, command not recognized)

So Hmmmm...... how can I ensure that my mail server tries HELO instead of EHLO? Should I make it ALWAYS do the HELO version? Or should I force HELO to this domain only?
0
 
JAMason1182Author Commented:
Reading further I discover that EHLO is supposed to be used only when the server reports to be an ESMTP service (have ESMTP in the greeting line)

So in this case, the server reports: 220 exmf011-11.intermedia.net Microsoft ESMTP MAIL Service Version: 2.0


So why is it not recognizing EHLO?
0
 
JAMason1182Author Commented:
AHAH! I did some google searching of EHLO vs. HELO and why it wasn't working. One solution they posed was that the firewall was not allowing EHLO sessions, but was allowing HELO sessions.

I have a cisco router that uses CBAC as a quick and dirty firewall. Now I know not to issue the ip inspect name smtp command.

So to sum up, it is solved.....

PIX: Don't do any fixup for smtp
CBAC: DO NOT do ip inspect name smtp


0
 
NopiusCommented:
That's good that you solve it :-)
0

Featured Post

NFR key for Veeam Agent for Linux

Veeam is happy to provide a free NFR license for one year.  It allows for the non‑production use and valid for five workstations and two servers. Veeam Agent for Linux is a simple backup tool for your Linux installations, both on‑premises and in the public cloud.

  • 5
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now