Topic: Blocked Site ideas

[graviton]

I recently installed Jesper's Spamassassin module, and within a few days, one external server (static IP address) which we often connect to as a relay, became completely blocked. unviewable unpingable. If I bypass our mitel box we can reach the destination just fine.

I have real all the boards, and lurked through the code as best I am able, but I am stumped.

Can anyone offer some guidance?

Thanks

Andy

[Anonymous]

err.. it's an open relay, so it has been blacklisted so Spamassassin blocks it?????  Sounds like it is working fine to me.

[RayG]

I wasn't aware that spamassassin had the ability to block sites ?

A more likely culprit might be Snort/Guardian.

Pull up a console and do an   iptables -L     and see if the server in question is listed with "DROP" on the left. If it is listed and your running Snort/Guardian, add the site to the guardian.ignore file in /etc and then kill/restart snort.

If that's not it, report back with more information.

[graviton]

I do indeed have the following entries in iptables

Incoming Chain:
DROP all -- BASE-ADDRESS.MCAST.NET/4 anywhere
DROP all -- anywhere BASE-ADDRESS.MCAST.NET/4

Outgoing Chain:
DROP all -- BASE-ADDRESS.MCAST.NET/4 anywhere
DROP all -- anywhere BASE-ADDRESS.MCAST.NET/4


MCAST.NET is not the server in question but seems to be a nameserver. Could this be the problem?

If so, where can I find and edit the IP tables directly to remove this entry?

Everything else looks fine, and it seems pointless to post the whole set of tables here.

Thanks for the suggestions.

--A

[Rayg]

Those two "DROP's" are normal policy and not added blocks.

Posting more information would be helpfull. What version of e-smith, what additions have you made, what exactly do you mean when you say you were using the external box as a relay, how are you "bypasisng" e-smith to regain access to this external box, etc.

[Anonymous]

OK pardon the verbosity but  . . .Here is the whole picture:

I am upgrading a very bad peer to peer network where POP3 email (and website) was hosted elswhere. I set up a Mitel 6.0 final box (fresh install) with all updates as a server & gateway, using DHCP server to 15 workstations. The mitel is connected directly to the DSL modem.

Hardware is a Dell PowerEdge 600SC Server with mirrored IDE drives, an IBM e1000 gigabit card as the internal interface and an IBM e100 as the external.

Using Static IP on Verizon DSL

The primary ibay is running MamboServer 4.5.
 
Installed contribs are:
phpmyadmin
Coppermine
awstats
phpsysinfo_2.1
mrtg
Clam AV and Spamassassin from Jesper Knudsen's nice installation files (http://www.swerts-knudsen.dk)

We also set up a SUse OpenExhcnage server to run groupware and webmail behind the Mitel.

After stabilizing the local network, we updated the www DNS record to host the organization's website on the mitel. This worked fine.

2 weeks later we switched the email to use the Mitel by setting up a relay from the old POP3 server providers exchange server.  The idea was to use the Exchange server as a relay in case we ever went down  
 
Mail was relayed through the mitel box to filter for spam and viruses and forwarded (using the Delegate Mail Server setting) to the OpenExchange server.

This all worked great for a week. Then suddenly. . . .No Mail. In troubleshooting I also found out we could no longer reach the website of the company running the relay server (a bank of ips at 207.103.198.x). Otherwise web access and mail sending function normally.

Further trouble shooting showed that if I connect a workstation directly to the DSL modem (in front of the mitel box which) I can again reach the sites at 207.103.198.x.

I have solved our immediate problem by adding a 4 port router between the mitel and the DSL modem and putting the Suse OpenExchange server on the same subnet as the external interface of the mitel. The OpenExchange server now collects the mail flawlessly.

However, this is not the ideal set up (for a wide variety of reasons) and the whole range of addresses at 207.103.198.x are still blocked out by the mitel server.

I though it might be spamassassin, or IPtables, but I cannot find anything in wither of those programs' configuration which appears to be causing the problem.

I backed up the mitel configuration to a local machine, erased the server and did a clean SME6.0 install again and viola, the block was gone.
However, once I restored the configuration from the workstation the block was back on.

I am somewhat of a neophyte to Linux, but I have configured and run 6 mitel boxes in a variety of configurations over the past two years. All of them are still running with no problem.

This on has me stumped.

Any help in the form of tips or cures would be greatly appreciated  
 
-A

[Anonymous]

OK pardon the verbosity but  . . .Here is the whole picture:

I am upgrading a very bad peer to peer network where POP3 email (and website) was hosted elswhere. I set up a Mitel 6.0 final box (fresh install) with all updates as a server & gateway, using DHCP server to 15 workstations. The mitel is connected directly to the DSL modem.

Hardware is a Dell PowerEdge 600SC Server with mirrored IDE drives, an IBM e1000 gigabit card as the internal interface and an IBM e100 as the external.

Using Static IP on Verizon DSL

The primary ibay is running MamboServer 4.5.
 
Installed contribs are:
phpmyadmin
Coppermine
awstats
phpsysinfo_2.1
mrtg
Clam AV and Spamassassin from Jesper Knudsen's nice installation files (http://www.swerts-knudsen.dk)

We also set up a SUse OpenExhcnage server to run groupware and webmail behind the Mitel.

After stabilizing the local network, we updated the www DNS record to host the organization's website on the mitel. This worked fine.

2 weeks later we switched the email to use the Mitel by setting up a relay from the old POP3 server providers exchange server.  The idea was to use the Exchange server as a relay in case we ever went down  
 
Mail was relayed through the mitel box to filter for spam and viruses and forwarded (using the Delegate Mail Server setting) to the OpenExchange server.

This all worked great for a week. Then suddenly. . . .No Mail. In troubleshooting I also found out we could no longer reach the website of the company running the relay server (a bank of ips at 207.103.198.x). Otherwise web access and mail sending function normally.

Further trouble shooting showed that if I connect a workstation directly to the DSL modem (in front of the mitel box which) I can again reach the sites at 207.103.198.x.

I have solved our immediate problem by adding a 4 port router between the mitel and the DSL modem and putting the Suse OpenExchange server on the same subnet as the external interface of the mitel. The OpenExchange server now collects the mail flawlessly.

However, this is not the ideal set up (for a wide variety of reasons) and the whole range of addresses at 207.103.198.x are still blocked out by the mitel server.

I though it might be spamassassin, or IPtables, but I cannot find anything in wither of those programs' configuration which appears to be causing the problem.

I backed up the mitel configuration to a local machine, erased the server and did a clean SME6.0 install again and viola, the block was gone.
However, once I restored the configuration from the workstation the block was back on.

I am somewhat of a neophyte to Linux, but I have configured and run 6 mitel boxes in a variety of configurations over the past two years. All of them are still running with no problem.

This on has me stumped.

Any help in the form of tips or cures would be greatly appreciated  
 
-A

[RayG]

Have you done anything like add your 207.x.x.x hosts to the sme as local networks or maybe set up an virtual domain on the SME with the same domain name as the machines at your 207.x.x.x mail relay ?

[graviton]

I have set up a virtual domain with the same name.

The remote relay was added as a local network before. Later (after the problem) it was removed, I notice that the mitel shows it not added as local but whan i try to add it now it says:
 

Operation status report
Error: network (derived from network and subnet mask ) has already been added. Did not add new network.

Maybe this is the missing clue.

Where might I find the local network settings to examine this?

[iFX]

Did you find a solution?

If not, have a look at: Can not delete or re-add local networks SME 6 final

[alejandro]

Have you done anything like add your 207.x.x.x hosts to the sme as local networks or maybe set up an virtual domain on the SME with the same domain name as the machines at your 207.x.x.x mail relay ?

Ray Please explain a little more....
What if it was done so.?
I'm following this posts cause i have a very similar problem with a strange VPN bloking between two sme boxes.
Have you any idea to share?

[RayG]

Ray Please explain a little more....
What if it was done so.?
I'm following this posts cause i have a very similar problem with a strange VPN bloking between two sme boxes.
Have you any idea to share?

The link iFX posted describes the solution.

I'm afraid I have no clue about getting VPN to work reliably on e-Smith. I became so frustrated with it that I bought Linksys routers with VPN capability (BEFSX41 / BEFVP41) to solve the problem. The Linksys boxes have performed exceptionally well as far as the VPN link's go.

[zumba]

Topics containing links to people's sites are unneeded and contribute nothing as a whole, much like topics containing content like this one. You could have PMed a moderator and asked this same question and received the same http://www.buy-development-tool.narod.ru/ response. Please do so in the future.

[Lada]

what kind of sport is this? i ve never heard about it and never seen it...
I like - football, tennis, http://getmiscell.topcities.com/ figure skating, extreme sports
Dislike - hockey, basketball, car racing, box and all the rest