[NBLUG/talk] Sending to Comcast mailserver woes....

Troy Arnold troy at zenux.net
Mon Nov 19 19:44:04 PST 2007

On Mon, Nov 19, 2007 at 06:02:24PM -0800, Mark Street wrote:
> Hi,
> I am still having fits with sending mail to comcast and a few other domains 
> for the past month.  Nothing has changed in my firewall in the past year or 
> so..... but I believe I have narrowed it down to my firewall - iptables - one 
> on a Red Hat 9 box and one on a CentOS 5 box.  If I turn off my firewall I 
> can send mail to comcast.net.  If I turn it back on and try to send I get 
> entries in /var/log/messages that show mx2.comcast.net or mx1.comcast.net 
> sending an ACK SYN to a random high port on my machine.  It does this for 
> about 15 seconds, then sends a ACK RST.  The mail never goes out.
> I have edited my firewall script and turned off all ICMP filtering with no 
> positive effect.  Can anyone give me a clue as to why comcast insists on 
> coming back with a 3 way handshake and how I can tweak my firewall to 
> accomodate?

You echoing anything funky into /proc/sys/net/ipv4/* ?

