停电导致我的 CentOS 7 邮件和 Web 服务器关闭。当服务器恢复时,快速检查没有发现任何问题。第二天早上,我们注意到我们没有收到外部电子邮件,但收到了内部电子邮件。邮件和 Web 在 LAN 上工作正常,但在 Internet 上却无法正常工作。检查了日志,没有外部条目。
如果服务器无法正常启动,我重启了服务器。在关机之前,我的服务器在更新后重启了,并且运行正常。
我尝试从一个网站进行电子邮件测试,结果显示无法连接。由于我的整个网站都已关闭并重新启动,因此我查看了我的网络。我从防火墙执行了 nmap,一切看起来都很好。
我在防火墙上运行了 tcpdump,并观察了通过防火墙到达服务器的流量。
我在我的服务器上运行了 tcpdump 并观察了来自互联网的数据包。
08:46:23.975439 IP mta10.em.biglots.com.41216 > ms2.local.myexdomqqq.com.smtp: Flags [S], seq 978086259, win 29200, options [mss 1452,sackOK,TS val 660760064 ecr 0,nop,wscale 7], length 0
08:46:25.397998 IP mail9085.em1.tractorsupply.com.59682 > ms2.local.myexdomqqq.com.smtp: Flags [S], seq 3271108770, win 29200, options [mss 1380,sackOK,TS val 1306311584 ecr 0,nop,wscale 9], length 0
08:46:25.398141 IP mail9148.em9.tractorsupply.com.44498 > ms2.local.myexdomqqq.com.smtp: Flags [S], seq 1954740324, win 29200, options [mss 1380,sackOK,TS val 1306311584 ecr 0,nop,wscale 9], length 0
08:46:28.860760 IP mta21.homedepotemail.com.49840 > ms2.local.myexdomqqq.com.smtp: Flags [S], seq 1593758750, win 29200, options [mss 1452,sackOK,TS val 660843968 ecr 0,nop,wscale 7], length 0
08:46:31.987187 IP mta10.em.biglots.com.41216 > ms2.local.myexdomqqq.com.smtp: Flags [S], seq 978086259, win 29200, options [mss 1452,sackOK,TS val 660768080 ecr 0,nop,wscale 7], length 0
08:46:48.035676 IP mta10.em.biglots.com.41216 > ms2.local.myexdomqqq.com.smtp: Flags [S], seq 978086259, win 29200, options [mss 1452,sackOK,TS val 660784128 ecr 0,nop,wscale 7], length 0
08:46:55.147410 IP mta4.email.cbssports.com.34941 > ms2.local.myexdomqqq.com.smtp: Flags [S], seq 2074767968, win 29200, options [mss 1452,sackOK,TS val 671324357 ecr 0,nop,wscale 7], length 0
08:46:56.120471 IP mta4.email.cbssports.com.34941 > ms2.local.myexdomqqq.com.smtp: Flags [S], seq 2074767968, win 29200, options [mss 1452,sackOK,TS val 671325360 ecr 0,nop,wscale 7], length 0
08:46:58.124061 IP mta4.email.cbssports.com.34941 > ms2.local.myexdomqqq.com.smtp: Flags [S], seq 2074767968, win 29200, options [mss 1452,sackOK,TS val 671327364 ecr 0,nop,wscale 7], length 0
08:47:02.135673 IP mta4.email.cbssports.com.34941 > ms2.local.myexdomqqq.com.smtp: Flags [S], seq 2074767968, win 29200, options [mss 1452,sackOK,TS val 671331376 ecr 0,nop,wscale 7], length 0
08:47:10.187796 IP mta4.email.cbssports.com.34941 > ms2.local.myexdomqqq.com.smtp: Flags [S], seq 2074767968, win 29200, options [mss 1452,sackOK,TS val 671339392 ecr 0,nop,wscale 7], length 0
08:47:11.522665 IP p2-100094.mail.shape.com.33798 > ms2.local.myexdomqqq.com.smtp: Flags [S], seq 3054828880, win 14600, options [mss 1452], length 0
08:47:15.525548 IP p2-100094.mail.shape.com.33798 > ms2.local.myexdomqqq.com.smtp: Flags [S], seq 3054828880, win 14600, options [mss 1452], length 0
08:47:20.099434 IP mta10.em.biglots.com.41216 > ms2.local.myexdomqqq.com.smtp: Flags [S], seq 978086259, win 29200, options [mss 1452,sackOK,TS val 660816192 ecr 0,nop,wscale 7], length 0
08:47:23.523390 IP p2-100094.mail.shape.com.33798 > ms2.local.myexdomqqq.com.smtp: Flags [S], seq 3054828880, win 14600, options [mss 1452], length 0
08:47:26.184432 IP mta4.email.cbssports.com.34941 > ms2.local.myexdomqqq.com.smtp: Flags [S], seq 2074767968, win 29200, options [mss 1452,sackOK,TS val 671355424 ecr 0,nop,wscale 7], length 0
08:47:30.068282 IP mta.email-aaa.com.50888 > ms2.local.myexdomqqq.com.smtp: Flags [S], seq 1962085054, win 29200, options [mss 1452,sackOK,TS val 671738399 ecr 0,nop,wscale 7], length 0
08:47:31.071586 IP mta.email-aaa.com.50888 > ms2.local.myexdomqqq.com.smtp: Flags [S], seq 1962085054, win 29200, options [mss 1452,sackOK,TS val 671739402 ecr 0,nop,wscale 7], length 0
08:47:33.076189 IP mta.email-aaa.com.50888 > ms2.local.myexdomqqq.com.smtp: Flags [S], seq 1962085054, win 29200, options [mss 1452,sackOK,TS val 671741408 ecr 0,nop,wscale 7], length 0
08:47:37.084162 IP mta.email-aaa.com.50888 > ms2.local.myexdomqqq.com.smtp: Flags [S], seq 1962085054, win 29200, options [mss 1452,sackOK,TS val 671745416 ecr 0,nop,wscale 7], length 0
08:47:39.523364 IP p2-100094.mail.shape.com.33798 > ms2.local.myexdomqqq.com.smtp: Flags [S], seq 3054828880, win 14600, options [mss 1452], length 0
我关闭了服务器上的防火墙。
# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
DROP all -- anywhere anywhere match-set blacklist src
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
我检查了 /etc/hosts.allow 和 /etc/hosts.deny。两者都是空的。
有人有什么建议吗?谢谢!
您使用什么 tcpdump 命令来获取此输出?
tcpdump -i enp2s0 主机 192.168.37.241 和目标端口 25
在没有 dst 的情况下再试一次,因为它会过滤掉来自服务器的任何回复流量。
tcpdump -i enp2s0 host 192.168.37.241 and port 25
11:12:45.602586 IP ms2.local.myexdomqqq.com.smtp > p1-101108.mail.westelm.com.52081: Flags [S.], seq 3798437961, ack 441006800, win 29200, options [mss 1460], length 0
11:12:46.618285 IP ms2.local.myexdomqqq.com.smtp > p1-101108.mail.westelm.com.52081: Flags [S.], seq 3798437961, ack 441006800, win 29200, options [mss 1460], length 0
11:12:47.602777 IP p1-101108.mail.westelm.com.52081 > ms2.local.myexdomqqq.com.smtp: Flags [S], seq 441006799, win 14600, options [mss 1452], length 0
11:12:47.602903 IP ms2.local.myexdomqqq.com.smtp > p1-101108.mail.westelm.com.52081: Flags [S.], seq 3798437961, ack 441006800, win 29200, options [mss 1460], length 0
11:12:48.272528 IP mail01.mscomm.morningstar.com.20305 > ms2.local.myexdomqqq.com.smtp: Flags [S], seq 1779106704, win 29200, options [mss 1452,sackOK,TS val 3395772800 ecr 0,nop,wscale 7], length 0
11:12:48.272677 IP ms2.local.myexdomqqq.com.smtp > mail01.mscomm.morningstar.com.20305: Flags [S.], seq 1106233079, ack 1779106705, win 28960, options [mss 1460,sackOK,TS val 1783914 ecr 3395772800,nop,wscale 7], length 0
11:12:49.418204 IP ms2.local.myexdomqqq.com.smtp > mail01.mscomm.morningstar.com.20305: Flags [S.], seq 1106233079, ack 1779106705, win 28960, options [mss 1460,sackOK,TS val 1785060 ecr 3395772800,nop,wscale 7], length 0
11:12:49.618235 IP ms2.local.myexdomqqq.com.smtp > p1-101108.mail.westelm.com.52081: Flags [S.], seq 3798437961, ack 441006800, win 29200, opt^C165 packets captured
我运行了 traceroute,它到达了 google.com
traceroute to google.com (142.250.72.46), 30 hops max, 60 byte packets
1 _gateway (LLL.LLL.LLL.1) 0.340 ms 0.313 ms 0.339 ms
2 192.168.0.1 (192.168.0.1) 1.014 ms 1.155 ms 1.529 ms
3 albq-dsl-gw49.albq.qwest.net (67.42.200.49) 56.976 ms 58.320 ms 60.658 ms
4 albq-agw1.inet.qwest.net (67.42.136.81) 60.770 ms 61.431 ms 61.419 ms
5 205.171.210.9 (205.171.210.9) 71.650 ms 71.652 ms 71.462 ms
6 72.14.219.162 (72.14.219.162) 72.970 ms 72.14.213.218 (72.14.213.218) 72.981 ms 72.14.219.162 (72.14.219.162) 72.660 ms
7 * * *
8 * * *
9 * * *
10 * * *
11 * * *
12 * * *
13 * * *
14 * * *
15 * * *
16 * * *
17 * * *
18 * * *
19 * * *
20 * * *
21 * * *
22 * * *
23 * * *
24 * * *
25 * * *
26 * * *
27 * * *
28 * * *
29 * * *
30 * * *
您是否检查过防火墙中仍然存在的黑名单?
我清除了 iptables
[root@mail ~]# systemctl stop firewalld
[root@mail ~]# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
DROP all -- anywhere anywhere match-set blacklist src
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
仍然没有邮件。发送邮件正常。
答案1
感谢@MichaelHampton,我发现了这个问题。几个月前,我在防火墙上添加了一个备用 WAN,并用它来移动我的网络连接设备,完成后,我没有移除调制解调器的备用电缆。当防火墙启动并获取 IP 地址时,备用 IP 具有主 IP,主 IP 具有辅助 IP。我移除了电缆并重新启动了防火墙,现在它就可以正常工作了。我知道这会是一件简单而愚蠢的事情。