need help with port 113 and sendmail

The ip addresses have been munged on purpose.


Our server is 536.582.721.75 and is running RH9. We have one customer who can not get email over to us.
The iptables is setup to allow everything from 364.365.364.62.
I'm not even sure who is blocking whom and how did port 113 get into the picture?

The maillog shows:
Quote:
net sendmail[21611]: k5T6rkD0021611: mail.srek.org [364.365.364.62] did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA

The ethereal shows:
Frame 52676 (72 bytes on wire, 72 bytes captured)
Arrival Time: Jun 27, 2008 13:38:25.450935000
Time delta from previous packet: 0.120553000 seconds
Time since reference or first frame: 2465.590010000 seconds
Frame Number: 52676
Packet Length: 72 bytes
Capture Length: 72 bytes
Protocols in frame: sll:ip:icmp:ip:tcp
Linux cooked capture
Packet type: Unicast to us (0)
Link-layer address type: 1
Link-layer address length: 6
Source: Watchgua_2e:g9:36 (00:90:7f:2e:g9:36)
Protocol: IP (0x0800)
Internet Protocol, Src: 364.365.364.62 (364.365.364.62), Dst: 536.582.721.75 (536.582.721.75)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 56
Identification: 0x1435 (5173)
Flags: 0x00
0... = Reserved bit: Not set
.0.. = Don't fragment: Not set
..0. = More fragments: Not set
Fragment offset: 0
Time to live: 51
Protocol: ICMP (0x01)
Header checksum: 0x71e1 [correct]
Good: True
Bad : False
Source: 364.365.364.62 (364.365.364.62)
Destination: 536.582.721.75 (536.582.721.75)
Internet Control Message Protocol
Type: 3 (Destination unreachable)
Code: 3 (Port unreachable)
Checksum: 0x5155 [correct]
Internet Protocol, Src: 536.582.721.75 (536.582.721.75), Dst: 364.365.364.62 (364.365.364.62)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 60
Identification: 0x1aa8 (6824)
Flags: 0x04 (Don't Fragment)
0... = Reserved bit: Not set
.1.. = Don't fragment: Set
..0. = More fragments: Not set
Fragment offset: 0
Time to live: 47
Protocol: TCP (0x06)
Header checksum: 0x2f65 [correct]
Good: True
Bad : False
Source: 536.582.721.75 (536.582.721.75)
Destination: 364.365.364.62 (364.365.364.62)
Transmission Control Protocol, Src Port: 51369 (51369), Dst Port: auth (113)
Source port: 51369 (51369)
Destination port: auth (113)

.

Relevant Pages

  • Re: Problem sending E-mail to 1 server
    ... If I try the same thing (telnet to port ... Source IP: 64.208.166.12, Destination IP: 66.133.129.70 ... PROTOCOL: ICMP ... Header checksum: 0xEE82 ...
    (microsoft.public.exchange.admin)
  • Re: Help Interpreting data from Wireshark
    ... What concerns me is that the packet seemed to have a source address of 192.168.1.1 but later in the packet you see the dest as 84.160.95.226 ... Protocol Info ... DENVER.local ICMP Destination unreachable (Port unreachable) ... Fragment offset: 0 ...
    (comp.os.linux.security)
  • Re: help returning a value on a line...
    ... >>I am trying to write a script to track destination ports of packets that are ... > # in/out interfaces ... > # destination IP and port ... > # protocol name ...
    (comp.unix.shell)
  • what is ip 224.0.0.252 used by host process for?
    ... Remote Port: 5355 ... Fragment offset:0 ... Protocol: 0x11 (UDP - User Datagram Protocol) ...
    (microsoft.public.windows.vista.networking_sharing)
  • Re: use IPSec, smtp cant send email
    ... destination address -any, protocol tcp, source port -any, destinaton ...
    (microsoft.public.win2000.security)