One of our suppliers can no longer send us email. Checked the mail manager to see if they had been blocked there, but no sign of anything from them.
Checked the firewall log and saw this:
2020:03:18-11:51:33 athens ulogd[11647]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001"
initf="ppp0" srcip="198.XXX.104.XXX" dstip="64.XXX.210.XXX" proto="6" length="40" tos="0x00" prec="0x00" ttl="56" srcport="25" dstport="63933" tcpflags="RST"
We have no problems receiving emails from other clients/suppliers.
I do have a blackhole rule for those who repeatedly SPAM us, or attempt to breach our SMTP, IMAP, etc despite being warned.
The "srcip" from above is not included in those defined network ranges.
Mail from this sender was being recd ok up until the 13th of this month (albeit from a different IP, but both IP's are listed in their SPF record, and the srcip is
listed as the MX for this domain).
Anyone got their secret decoder ring handy? What have I (or they, the sender) done wrong?
Tks
This thread was automatically locked due to age.