Date: Mon, 27 Nov 2000 17:07:38 -0500 From: ai32@drexel.edu To: questions@freebsd.org Subject: Odd sendmail TTL 0 problem Message-ID: <20001127170738.A687@reddog.yi.org>
next in thread | raw e-mail | index | archive | help
--gKMricLos+KVdGMg
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Hello,
I am not on the list so please CC any response.
I just did a clean install of 4.2, choosing the "Extreme" setting
for security, running PPP to my ISP, just as I was on my 4.0 system.
I was using postfix before, but I found sendmail installed and
decided to give it a shot.
After being unable to send email to anyone @yahoo.com, I decided to
run a tcpdump trace.
I found the problem: sendmail was repeatedly sending tcp segments
with the TTL set to 0. What would make it do this? It works fine
for other email addresses, but not for some. Any ideas?
I manually tried to get the MX records, telnet and send an email
the Telnet Way (R), it worked fine.
Thanks.
P.S. I have attached a trace file (trace.1), with xxx.xxx.xxx.xxx
being my computer, yyy.yyy.yyy.yyy being my domain server.
And another trace file (trace.2), for another host where
sendmail seems to work (someone @hotmail.com)
--gKMricLos+KVdGMg
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename="trace.1"
16:06:34.906810 xxx.xxx.xxx.xxx.1263 > yyy.yyy.yyy.yyy.53: 40255+ ANY? yahoo.com. (27) (ttl 64, id 1488)
16:06:35.390863 yyy.yyy.yyy.yyy.53 > xxx.xxx.xxx.xxx.1263: 40255 q: yahoo.com. 5/3/3 yahoo.com. NS NS3.EUROPE.yahoo.com., yahoo.com. NS (214) (ttl 44, id 61428)
16:06:35.450932 xxx.xxx.xxx.xxx.1264 > yyy.yyy.yyy.yyy.53: 40256+ MX? yahoo.com. (27) (ttl 64, id 1489)
16:06:40.455423 xxx.xxx.xxx.xxx.1265 > yyy.yyy.yyy.yyy.53: 40256+ MX? yahoo.com. (27) (ttl 64, id 1490)
16:06:40.780839 yyy.yyy.yyy.yyy.53 > xxx.xxx.xxx.xxx.1264: 40256 q: yahoo.com. 6/3/16 yahoo.com. MX mx6.mail.yahoo.com. 6, yahoo.com. MX 57548 (473) (ttl 44, id 62459)
16:06:40.780871 xxx.xxx.xxx.xxx > yyy.yyy.yyy.yyy: icmp: xxx.xxx.xxx.xxx udp port 1264 unreachable for yyy.yyy.yyy.yyy.53 > xxx.xxx.xxx.xxx.1264: 1401 updateM+ [b2&3=0x6168] [867a] [28527q] [28525n] (473) (ttl 44, id 62459) (ttl 255, id 1491)
16:06:42.860490 yyy.yyy.yyy.yyy.53 > xxx.xxx.xxx.xxx.1265: 40256 q: yahoo.com. 6/3/16 yahoo.com. MX mx3.mail.yahoo.com. 3, yahoo.com. MX 58060 (473) (ttl 44, id 7197)
16:06:42.861464 xxx.xxx.xxx.xxx.1266 > yyy.yyy.yyy.yyy.53: 40257+ AAAA? mx1.mail.yahoo.com. (36) (ttl 64, id 1492)
16:06:43.127923 yyy.yyy.yyy.yyy.53 > xxx.xxx.xxx.xxx.1266: 40257* q: mx1.mail.yahoo.com. 0/1/0 (111) (ttl 44, id 13411)
16:06:43.128246 xxx.xxx.xxx.xxx.1267 > yyy.yyy.yyy.yyy.53: 40258+ A? mx1.mail.yahoo.com. (36) (ttl 64, id 1493)
16:06:43.502201 yyy.yyy.yyy.yyy.53 > xxx.xxx.xxx.xxx.1267: 40258 q: mx1.mail.yahoo.com. 13/3/3 mx1.mail.yahoo.com. A 128.11.22.91, mx1.mail.yahoo.com. A 227.204.34.58 (366) (ttl 44, id 13968)
16:06:43.502911 xxx.xxx.xxx.xxx.1068 > 128.11.22.91.25: S 2522960054:2522960054(0) win 16384 <mss 1460> (DF) [ttl 0] (id 1494)
16:06:43.664986 207.44.35.7 > xxx.xxx.xxx.xxx: icmp: time exceeded in-transit for xxx.xxx.xxx.xxx.1068 > 128.11.22.91.25: [|tcp] (DF) [ttl 0] (id 1494, bad cksum 0!) (ttl 255, id 13690)
16:06:46.495428 xxx.xxx.xxx.xxx.1068 > 128.11.22.91.25: S 2522960054:2522960054(0) win 16384 <mss 1460> (DF) [ttl 0] (id 1495)
16:06:46.655448 207.44.35.7 > xxx.xxx.xxx.xxx: icmp: time exceeded in-transit for xxx.xxx.xxx.xxx.1068 > 128.11.22.91.25: [|tcp] (DF) [ttl 0] (id 1495, bad cksum 0!) (ttl 255, id 13691)
16:06:52.495501 xxx.xxx.xxx.xxx.1068 > 128.11.22.91.25: S 2522960054:2522960054(0) win 16384 <mss 1460> (DF) [ttl 0] (id 1496)
16:06:52.651191 207.44.35.7 > xxx.xxx.xxx.xxx: icmp: time exceeded in-transit for xxx.xxx.xxx.xxx.1068 > 128.11.22.91.25: [|tcp] (DF) [ttl 0] (id 1496, bad cksum 0!) (ttl 255, id 13692)
16:07:04.495627 xxx.xxx.xxx.xxx.1068 > 128.11.22.91.25: S 2522960054:2522960054(0) win 16384 <mss 1460> (DF) [ttl 0] (id 1497)
16:07:04.652191 207.44.35.7 > xxx.xxx.xxx.xxx: icmp: time exceeded in-transit for xxx.xxx.xxx.xxx.1068 > 128.11.22.91.25: [|tcp] (DF) [ttl 0] (id 1497, bad cksum 0!) (ttl 255, id 13696)
--gKMricLos+KVdGMg
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename="trace.2"
16:36:48.614019 xxx.xxx.xxx.xxx.1355 > yyy.yyy.yyy.yyy.53: 21995+ ANY? hotmail.com. (29) (ttl 99, id 2005)
16:36:48.960675 yyy.yyy.yyy.yyy.53 > xxx.xxx.xxx.xxx.1355: 21995 q: hotmail.com. 8/3/3 hotmail.com. NS ns3.hotmail.com., hotmail.com. NS ns1. (262) (ttl 44, id 16554)
16:36:49.035691 xxx.xxx.xxx.xxx.1356 > yyy.yyy.yyy.yyy.53: 21996+ MX? hotmail.com. (29) (ttl 99, id 2006)
16:36:49.481874 yyy.yyy.yyy.yyy.53 > xxx.xxx.xxx.xxx.1356: 21996 q: hotmail.com. 10/3/12 hotmail.com. MX mc5.law5.hotmail.com. 10, hotmail.com. (496) (ttl 44, id 17536)
16:36:49.482893 xxx.xxx.xxx.xxx.1357 > yyy.yyy.yyy.yyy.53: 21997+ AAAA? mc4.law5.hotmail.com. (38) (ttl 99, id 2007)
16:36:49.812122 yyy.yyy.yyy.yyy.53 > xxx.xxx.xxx.xxx.1357: 21997* q: mc4.law5.hotmail.com. 0/1/0 (107) (ttl 44, id 18901)
16:36:49.812473 xxx.xxx.xxx.xxx.1358 > yyy.yyy.yyy.yyy.53: 21998+ A? mc4.law5.hotmail.com. (38) (ttl 99, id 2008)
16:36:50.125647 yyy.yyy.yyy.yyy.53 > xxx.xxx.xxx.xxx.1358: 21998 q: mc4.law5.hotmail.com. 1/4/4 mc4.law5.hotmail.com. A 216.33.151.136 (212) (ttl 44, id 19357)
16:36:50.126279 xxx.xxx.xxx.xxx.1097 > 216.33.151.136.25: S 2988481275:2988481275(0) win 16384 <mss 1460> (DF) [ttl 0] (id 2009)
16:36:50.289063 207.44.35.7 > xxx.xxx.xxx.xxx: icmp: time exceeded in-transit for xxx.xxx.xxx.xxx.1097 > 216.33.151.136.25: [|tcp] (DF) [ttl 0] (id 2009, bad cksum 0!) (ttl 255, id 13883)
16:36:53.125407 xxx.xxx.xxx.xxx.1097 > 216.33.151.136.25: S 2988481275:2988481275(0) win 16384 <mss 1460> (DF) [ttl 0] (id 2010)
16:36:53.286960 207.44.35.7 > xxx.xxx.xxx.xxx: icmp: time exceeded in-transit for xxx.xxx.xxx.xxx.1097 > 216.33.151.136.25: [|tcp] (DF) [ttl 0] (id 2010, bad cksum 0!) (ttl 255, id 13884)
< snip >
A lot more of these unreachs... then.. magically...
< snip >
16:38:05.126543 xxx.xxx.xxx.xxx.1359 > yyy.yyy.yyy.yyy.53: 21999+ A? mc4.law5.hotmail.com. (38) (ttl 99, id 2014)
16:38:05.430958 yyy.yyy.yyy.yyy.53 > xxx.xxx.xxx.xxx.1359: 21999 q: mc4.law5.hotmail.com. 1/4/4 mc4.law5.hotmail.com. A 216.33.151.136 (212) (ttl 44, id 35498)
16:38:05.431181 xxx.xxx.xxx.xxx.1098 > 216.33.151.136.25: S 3008235851:3008235851(0) win 16384 <mss 1460> (DF) (ttl 99, id 2015)
16:38:07.312190 216.33.151.136.25 > xxx.xxx.xxx.xxx.1098: S 1252259530:1252259530(0) ack 3008235852 win 64240 <mss 1460> (DF) (ttl 239, id 43691)
16:38:07.312249 xxx.xxx.xxx.xxx.1098 > 216.33.151.136.25: . 1:1(0) ack 1 win 17520 (DF) (ttl 99, id 2016)
< snip >
And it works ...
< /snip >
--gKMricLos+KVdGMg--
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20001127170738.A687>