From: Matthias Andree (madt.e-technik.uni-dortmund.de)
Date: Thu Jan 12 2006 - 09:51:06 CST

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Mezei Zoltán <mezei.zoltantelefor.hu> writes:

> Matthias Andree wrote:
>> Looks like some "firewall" or packet filtering jams the communication so
>> your client doesn't see your 354 message as Postfix uses it.
>
> Yes, this is the situation.
>
>> What is in the RFC examples are just that, examples.
>
> And I know this, I have even written it:
> "This is the exact recommendation from the RFC. I
> _know_ that it is a recommendation and it doesn't mean that you have to
> use the exact same string."

Justed wanted to make the extent sure for less skilled users, for
instance if that bank does a research.

> However it won't hurt to use that string and would solve some problems
> so I still suggest changing it.

I oppose to changing entirely intact software just to cater for some
broken software. I've never observed the behavior you described, so it
appears to be a less common flaw.

Other question: is _your_ machine 1. a Linux box 2. using netfilter with
connection tracking 3. and not running one of the latest kernels?
If 3 x "yes", try if

sysctl -w net.ipv4.netfilter.ip_conntrack_tcp_be_liberal=1

helps. If they are on Linux, they can try the same. This might apply to
routers (I'm not sure, the netfilter list wouldn't provide detail --
talk about "stable" 2.6 kernels... NOT.)

Other than that, fix the bug where it is, rather than hiding the
symptom. A tcpdump -s2000 might help pinpoint the problem accurately.

OT: Anyone remember ProFTPd 1.2.0pre1? :-)

--
Matthias Andree

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]