On Tue, 01 Oct 2002 16:22:34 EDT, Scott Thomas <[log in to unmask]>  said:

> a DNS problem), but cannot find the mailer. When I disable packet filtering,
> outgoing messages are released and the Resolver tool locates both
> home.ease.lsoft.com and the mail server at that location. All outbound ports
> are open, but apparently an inbound port on our Listserv server needs to be
> opened somewhere. Can anyone advise on which port? It seems

Most likely, what is happening is that you're making an OUTBOUND connection
to the other system's port 25 (SMTP), and it's calling you back on port 113
(IDENT).  I'm guessing your firewall is dropping the SYN packet being
sent to your port 113, and the other end is doing one of 2 things:

1) Their timeout for the IDENT connection is longer than the timeout to
get the SMTP connection open, so it cans the SMTP because it had to wait
too long.

2) Their software is misinterpreting the unreachability of port 113 as the
unreachability of the entire host.  This can be made even worse by firewall
software that sends an ICMP Host Unreachable instead of an ICMP Port Unreachable.

When you turn off the filtering, the SYN packet makes it to your system almost
instantaneously, your end probably sends an RST packet back because you don't
have IDENT running (or it answers the query if it is), the other end is happy,
and things move right along.
--
                                Valdis Kletnieks
                                Computer Systems Senior Engineer
                                Virginia Tech