NethServer Version: 7.6.1810
Module: mail 2.4.5-1 | rspam 1.8.3-1
I have a Nethserver Mail Server (let’s call it mail-server) behind a NS Proxy/Gatewy Server (let’s call it proxy-server).
proxy-server is droping HTTPS request from mail-server, as you can see in bellow:
journalctl -xe -S '2019-03-18 17:22:00' | grep 'SRC=192.168.9.7' | egrep 'DROP|REJECT' | grep -v 'PROTO=ICMP' | egrep 'DPT|SRC|PROTO'
Mar 18 17:26:17 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=88.99.142.95 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=30262 DF PROTO=TCP SPT=37692 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:26:17 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=88.99.142.95 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=11757 DF PROTO=TCP SPT=37694 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:26:17 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=88.99.142.95 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=37082 DF PROTO=TCP SPT=37696 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:26:17 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=88.99.142.95 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=4651 DF PROTO=TCP SPT=37698 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:26:18 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=88.99.142.95 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=11758 DF PROTO=TCP SPT=37694 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:26:18 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=88.99.142.95 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=4652 DF PROTO=TCP SPT=37698 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:26:20 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=88.99.142.95 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=11759 DF PROTO=TCP SPT=37694 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:26:20 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=88.99.142.95 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=4653 DF PROTO=TCP SPT=37698 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:26:32 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=88.99.142.95 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=11761 DF PROTO=TCP SPT=37694 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:26:32 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=88.99.142.95 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=4655 DF PROTO=TCP SPT=37698 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:26:42 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=151.101.64.133 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=60934 DF PROTO=TCP SPT=50754 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:26:48 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=88.99.142.95 LEN=444 TOS=0x00 PREC=0x00 TTL=63 ID=47059 DF PROTO=UDP SPT=43601 DPT=11335 LEN=424
Mar 18 17:27:20 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=88.99.142.95 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=11763 DF PROTO=TCP SPT=37694 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:27:20 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=88.99.142.95 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=4657 DF PROTO=TCP SPT=37698 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:27:46 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=151.101.128.133 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=1677 DF PROTO=TCP SPT=43888 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:27:47 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=151.101.128.133 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=1678 DF PROTO=TCP SPT=43888 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:27:49 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=151.101.128.133 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=1679 DF PROTO=TCP SPT=43888 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:27:53 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=151.101.128.133 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=1680 DF PROTO=TCP SPT=43888 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:28:01 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=151.101.128.133 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=1681 DF PROTO=TCP SPT=43888 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:28:17 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=151.101.128.133 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=1682 DF PROTO=TCP SPT=43888 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:28:49 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=151.101.128.133 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=1683 DF PROTO=TCP SPT=43888 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:29:53 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=151.101.192.133 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=23967 DF PROTO=TCP SPT=48884 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:29:54 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=151.101.192.133 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=23968 DF PROTO=TCP SPT=48884 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:29:56 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=151.101.192.133 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=23969 DF PROTO=TCP SPT=48884 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:30:00 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=151.101.192.133 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=23970 DF PROTO=TCP SPT=48884 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:30:08 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=151.101.192.133 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=23971 DF PROTO=TCP SPT=48884 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:30:24 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=151.101.192.133 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=23972 DF PROTO=TCP SPT=48884 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:31:57 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=212.24.145.107 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=21529 DF PROTO=TCP SPT=43450 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:31:57 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=212.24.145.107 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=38401 DF PROTO=TCP SPT=43452 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:31:58 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=212.24.145.107 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=38402 DF PROTO=TCP SPT=43452 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:32:00 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=212.24.145.107 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=38403 DF PROTO=TCP SPT=43452 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:32:00 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=151.101.0.133 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=43865 DF PROTO=TCP SPT=58560 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:32:01 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=151.101.0.133 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=43866 DF PROTO=TCP SPT=58560 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:32:03 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=151.101.0.133 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=43867 DF PROTO=TCP SPT=58560 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:32:04 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=212.24.145.107 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=38404 DF PROTO=TCP SPT=43452 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:32:07 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=151.101.0.133 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=43868 DF PROTO=TCP SPT=58560 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:32:12 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=212.24.145.107 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=38405 DF PROTO=TCP SPT=43452 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:32:15 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=151.101.0.133 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=43869 DF PROTO=TCP SPT=58560 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:32:28 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=212.24.145.107 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=38406 DF PROTO=TCP SPT=43452 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:32:31 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=151.101.0.133 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=43870 DF PROTO=TCP SPT=58560 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:33:00 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=212.24.145.107 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=38407 DF PROTO=TCP SPT=43452 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:33:03 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=151.101.0.133 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=43871 DF PROTO=TCP SPT=58560 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:34:07 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=151.101.64.133 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=37055 DF PROTO=TCP SPT=50812 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:34:08 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=151.101.64.133 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=37056 DF PROTO=TCP SPT=50812 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:34:10 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=151.101.64.133 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=37057 DF PROTO=TCP SPT=50812 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:34:14 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=151.101.64.133 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=37058 DF PROTO=TCP SPT=50812 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:34:23 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=151.101.64.133 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=37059 DF PROTO=TCP SPT=50812 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:34:39 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=151.101.64.133 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=37060 DF PROTO=TCP SPT=50812 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:35:11 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=151.101.64.133 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=37061 DF PROTO=TCP SPT=50812 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:36:15 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=151.101.128.133 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=12251 DF PROTO=TCP SPT=43946 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:36:16 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=151.101.128.133 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=12252 DF PROTO=TCP SPT=43946 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:36:18 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=151.101.128.133 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=12253 DF PROTO=TCP SPT=43946 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:36:22 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=151.101.128.133 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=12254 DF PROTO=TCP SPT=43946 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:36:30 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=151.101.128.133 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=12255 DF PROTO=TCP SPT=43946 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:36:46 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=151.101.128.133 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=12256 DF PROTO=TCP SPT=43946 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:37:18 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=151.101.128.133 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=12257 DF PROTO=TCP SPT=43946 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:38:22 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=151.101.192.133 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=19291 DF PROTO=TCP SPT=48938 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:38:23 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=151.101.192.133 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=19292 DF PROTO=TCP SPT=48938 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:38:25 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=151.101.192.133 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=19293 DF PROTO=TCP SPT=48938 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:38:29 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=151.101.192.133 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=19294 DF PROTO=TCP SPT=48938 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:38:37 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=151.101.192.133 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=19295 DF PROTO=TCP SPT=48938 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:38:53 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=151.101.192.133 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=19296 DF PROTO=TCP SPT=48938 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:39:25 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=151.101.192.133 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=19297 DF PROTO=TCP SPT=48938 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:40:30 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=151.101.0.133 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=38808 DF PROTO=TCP SPT=58576 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:40:31 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=151.101.0.133 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=38809 DF PROTO=TCP SPT=58576 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:40:37 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=151.101.0.133 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=38811 DF PROTO=TCP SPT=58576 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:40:45 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=151.101.0.133 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=38812 DF PROTO=TCP SPT=58576 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:41:01 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=151.101.0.133 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=38813 DF PROTO=TCP SPT=58576 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:41:33 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=151.101.0.133 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=38814 DF PROTO=TCP SPT=58576 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:42:37 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=151.101.64.133 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=32119 DF PROTO=TCP SPT=50828 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:42:38 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=151.101.64.133 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=32120 DF PROTO=TCP SPT=50828 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:42:40 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=151.101.64.133 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=32121 DF PROTO=TCP SPT=50828 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:42:44 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=151.101.64.133 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=32122 DF PROTO=TCP SPT=50828 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:42:52 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=151.101.64.133 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=32123 DF PROTO=TCP SPT=50828 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:43:09 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=151.101.64.133 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=32124 DF PROTO=TCP SPT=50828 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:43:41 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=151.101.64.133 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=32125 DF PROTO=TCP SPT=50828 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:44:45 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=151.101.128.133 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=32038 DF PROTO=TCP SPT=43954 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:44:46 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=151.101.128.133 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=32039 DF PROTO=TCP SPT=43954 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:44:48 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=151.101.128.133 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=32040 DF PROTO=TCP SPT=43954 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Mar 18 17:44:52 heimdall.durerocaribe.cu kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1 MAC=56:76:ab:e3:56:cb:52:a1:d7:5f:c7:1c:08:00 SRC=192.168.9.7 DST=151.101.128.133 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=32041 DF PROTO=TCP SPT=43954 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Which means some process is not using the proxy configuration on mail-server to do its requests. Cheking mail-server journal I got this:
journalctl -xe -p 4
Mar 18 17:24:18 hermod.durerocaribe.cu rspamd[12841]: <fdp86m>; map; http_map_error: error reading https://maps.rspamd.com/freemail/free.txt.zst(212.24.145.107:443): connection with http server terminated incorrectly: ssl connect error: syscall fail: Connection timed out
Mar 18 17:24:36 hermod.durerocaribe.cu rspamd[12841]: <u9r7uu>; map; http_map_error: error reading https://maps.rspamd.com/rspamd/redirectors.inc.zst(88.99.142.95:443): connection with http server terminated incorrectly: ssl connect error: syscall fail: Connection timed out
Mar 18 17:25:02 hermod.durerocaribe.cu rspamd[12840]: <b5b025>; proxy; fuzzy_check_timer_callback: got IO timeout with server fuzzy1.rspamd.com(88.99.142.95:11335), after 1 retransmits
Mar 18 17:26:52 hermod.durerocaribe.cu rspamd[12840]: <d32a07>; proxy; fuzzy_check_timer_callback: got IO timeout with server fuzzy2.rspamd.com(88.99.142.95:11335), after 1 retransmits
Mar 18 17:28:24 hermod.durerocaribe.cu rspamd[12841]: <78wxos>; map; http_map_error: error reading https://maps.rspamd.com/rspamd/2tld.inc.zst(88.99.142.95:443): connection with http server terminated incorrectly: ssl connect error: syscall fail: Connection timed out
Mar 18 17:28:24 hermod.durerocaribe.cu rspamd[12841]: <k8f914>; map; http_map_error: error reading https://maps.rspamd.com/freemail/disposable.txt.zst(88.99.142.95:443): connection with http server terminated incorrectly: ssl connect error: syscall fail: Connection timed out
Mar 18 17:28:30 hermod.durerocaribe.cu rspamd[12840]: <5b1e10>; proxy; fuzzy_check_timer_callback: got IO timeout with server fuzzy1.rspamd.com(88.99.142.95:11335), after 1 retransmits
Mar 18 17:30:21 hermod.durerocaribe.cu sssd[be[durerocaribe.cu]][3467]: Warning: user would have been denied GPO-based logon access if the ad_gpo_access_control option were set to enforcing mode.
Mar 18 17:30:23 hermod.durerocaribe.cu sssd[be[durerocaribe.cu]][3467]: Warning: user would have been denied GPO-based logon access if the ad_gpo_access_control option were set to enforcing mode.
Mar 18 17:30:24 hermod.durerocaribe.cu sssd[be[durerocaribe.cu]][3467]: Warning: user would have been denied GPO-based logon access if the ad_gpo_access_control option were set to enforcing mode.
Mar 18 17:30:26 hermod.durerocaribe.cu sssd[be[durerocaribe.cu]][3467]: Warning: user would have been denied GPO-based logon access if the ad_gpo_access_control option were set to enforcing mode.
Mar 18 17:30:27 hermod.durerocaribe.cu sssd[be[durerocaribe.cu]][3467]: Warning: user would have been denied GPO-based logon access if the ad_gpo_access_control option were set to enforcing mode.
Mar 18 17:30:29 hermod.durerocaribe.cu sssd[be[durerocaribe.cu]][3467]: Warning: user would have been denied GPO-based logon access if the ad_gpo_access_control option were set to enforcing mode.
Mar 18 17:30:30 hermod.durerocaribe.cu sssd[be[durerocaribe.cu]][3467]: Warning: user would have been denied GPO-based logon access if the ad_gpo_access_control option were set to enforcing mode.
Mar 18 17:30:32 hermod.durerocaribe.cu sssd[be[durerocaribe.cu]][3467]: Warning: user would have been denied GPO-based logon access if the ad_gpo_access_control option were set to enforcing mode.
Mar 18 17:31:21 hermod.durerocaribe.cu rspamd[12840]: <0f4051>; proxy; fuzzy_check_timer_callback: got IO timeout with server fuzzy1.rspamd.com(88.99.142.95:11335), after 1 retransmits
Mar 18 17:31:39 hermod.durerocaribe.cu rspamd[12840]: <92a58d>; proxy; fuzzy_check_timer_callback: got IO timeout with server fuzzy1.rspamd.com(88.99.142.95:11335), after 1 retransmits
Mar 18 17:33:09 hermod.durerocaribe.cu rspamd[12840]: <20df2c>; proxy; fuzzy_check_timer_callback: got IO timeout with server fuzzy1.rspamd.com(88.99.142.95:11335), after 1 retransmits
Mar 18 17:34:04 hermod.durerocaribe.cu rspamd[12841]: <9zc4wc>; map; http_map_error: error reading https://maps.rspamd.com/rspamd/mid.inc.zst(212.24.145.107:443): connection with http server terminated incorrectly: ssl connect error: syscall fail: Connection timed out
It seems that rspamd is trying to connect to https://maps.rspamd.com/rspamd/mid.inc.zst.
maps.rspamd.com has an IP on 88.99.142.95, there are other 2 IP which are:
- 151.101.128.133
- 212.24.145.107
I need to know how I can fix this, please