I'm curious as to how long you waited when trying port 25. There is a five-second delay after the connection is established before it issues the 220 greeting, as a measure to deflect some spam. The mail log shows a connect from linux.pe1chl.ampr.org [44.137.41.97] about 20 minutes ago, but no commands were issued. A few minutes later, gw-44-137.pi9noz.ampr.org [44.137.0.1] similarly connected but did not do anything before disconnecting. - Brian
On Thu, Jul 13, 2017 at 06:33:51PM +0200, Rob Janssen wrote:
Interesting: I can now ping 44.0.0.1 from that system, but a "telnet 44.0.0.1 25" still yields nothing. I have not yet been able to find why that is, I see the SYN ACK coming back on the tunnel and I have allowed all traffic from 44.0.0.1 in the firewall but it simply fails to establish. No ACK is going back to you. I can connect to other IPIP endpoints just fine. Strange.
It is not really required to fix it, I can easily route the mail via a different path, but I was interested in finding why this goes wrong and how it may affect others / other applications.