cancel
Showing results for 
Search instead for 
Did you mean: 

mxlogic.net returning "Connection Refused" errors

Jump to solution

Hello to the community.

I am a Verizon business customer, and have been assigned a static IP block which from which MX Logic refuses connections.

Jun 12 16:42:55 sm-mta[12364]: t5CKgqEQ001767: to=<${_RECIPIENT}@mortgagemaster.com>, ctladdr=<${_SENDER}@backshooters.com> (1001/1001), delay=00:00:03, xdelay=00:00:01, mailer=esmtp, pri=92783, relay=mortgagemasterinc....und10.mxlogic.net. [208.65.145.3], dsn=4.0.0, stat=Deferred: Connection refused by mortgagemasterinc.com.inbound10.mxlogic.net.

When I try a direct connection to mxlogic from the shell of my mail gateway, I get the same result:

$ nc -vv mortgagemasterinc.com.inbound10.mxlogic.net 25

nc: connect to mortgagemasterinc.com.inbound10.mxlogic.net port 25 (tcp) failed: Connection refused

nc: connect to mortgagemasterinc.com.inbound10.mxlogic.net port 25 (tcp) failed: Connection refused

nc: connect to mortgagemasterinc.com.inbound10.mxlogic.net port 25 (tcp) failed: Connection refused

nc: connect to mortgagemasterinc.com.inbound10.mxlogic.net port 25 (tcp) failed: Connection refused

Apparently, because the IPs associated to me were previously assigned as DSL by Verizon (at least according to 71.244.218.27 - IP - McAfee Labs Threat Center), but this is no longer the case.

If you dig the in-addr.arpa zone for the IPs near and around the allocation I was assigned by Verizon:

$ for i in `jot 255 1`; do printf "reverse dns for 71.244.218.${i}: "; dig +short -x 71.244.218.${i}; done

reverse dns for 71.244.218.1: lo0-100.BLTMMD-VFTTP-318.verizon-gni.net.

reverse dns for 71.244.218.2: static-71-244-218-2.bltmmd.fios.verizon.net.

reverse dns for 71.244.218.3: static-71-244-218-3.bltmmd.fios.verizon.net.

{...}

reverse dns for 71.244.218.18: static-71-244-218-18.bltmmd.fios.verizon.net.

{...}

reverse dns for 71.244.218.26: future-71-244-218-26.fios8336.heliostream.com.

reverse dns for 71.244.218.27: backshooters.com.

reverse dns for 71.244.218.28: hosting.heliostream.com.

reverse dns for 71.244.218.29: ns1.heliostream.com.

reverse dns for 71.244.218.30: ns2.heliostream.com.

reverse dns for 71.244.218.31: static-71-244-218-31.bltmmd.fios.verizon.net.

reverse dns for 71.244.218.32: static-71-244-218-32.bltmmd.fios.verizon.net.

{...}

static-71-244-218-254.bltmmd.fios.verizon.net.

The allocation for the block assigned to me is all static IPs for business customers. I have 71.244.218.16/28 which is 71.244.218.{18,19..30}.

I noted that at least one other user reported a similar issue in the following thread:

And it was resolved by

Brad McGarr

Web Services Support Technician

McAfee SaaS Email & Web Protection

within a few days.

I would appreciate if someone could do the same for me. Please feel free to contact me via the email address I registered on the forums signup, and I can provide more contact information (phone, alternate email) in order to prove that I am who I am.

Much appreciated.

Joe

1 Solution

Accepted Solutions

Re: mxlogic.net returning "Connection Refused" errors

Jump to solution

Hello campajoe15,

I apologize for the difficulty you are experiencing.  Please send an email requesting a review of your IP for removal from the perimeter block to saas_falsepositives@mcafeesubmissions.com.  This will go directly to our Messaging Security team for review and they will respond to you directly.

Alternately, you can request that one of our customers who you are trying to email contact their support team to request the IP be removed.

I hope this information assists in getting your issue resolved!

Karen Widhalm

Product Specialist

SaaS Email and Web Security

Intel Security

5 Replies

Re: mxlogic.net returning "Connection Refused" errors

Jump to solution

Still can't sent mail to the target domain protected by mxlogic services.

Might I presume to ask: is there a more formal way to submit a ticket with mxlogic to have a trackable request?

This is presumably more difficult, since I am not an mxlogic customer, but an outside entity trying to send mail to an organization who has a customer/vendor relationship with mxlogic.

Thanks for any help or insight.

Best regards,

Joe

Re: mxlogic.net returning "Connection Refused" errors

Jump to solution

I did setup an account at trustedsource.org, and hoped to find a way to request a correction to the data, but it seems that's not one of the "features" that creating a login allows.

I just found this page

https://support.mcafeesaas.com/MCAFEE/_cs/AnswerDetail.aspx?sSessionID=1911CDA9C%20FEA4C1FA9822B74DE...

on a discussion  from community.spiceworks.com .

I'll try running down this road next.

But I'll be monitoring here for any further helpful comments.

Thanks.

Joe

frankm
Level 10
Report Inappropriate Content
Message 4 of 6

Re: mxlogic.net returning "Connection Refused" errors

Jump to solution

Your IP 71.244.218.27 is being blocked by McAfee. Most likely due to the historical reputation as seen on the McAfee Threat labs.

Re: mxlogic.net returning "Connection Refused" errors

Jump to solution

frankm,

Thanks for looking.

You are quite right. As I've discovered, due to Verizon's choice to re-allocate some address space previously assigned as DSL / dynamic assignment, the reputation of the address is rated low.

I am hoping to get someone's attention to that issue, that can perform some cleanup of the threat labs database.

Re: mxlogic.net returning "Connection Refused" errors

Jump to solution

Hello campajoe15,

I apologize for the difficulty you are experiencing.  Please send an email requesting a review of your IP for removal from the perimeter block to saas_falsepositives@mcafeesubmissions.com.  This will go directly to our Messaging Security team for review and they will respond to you directly.

Alternately, you can request that one of our customers who you are trying to email contact their support team to request the IP be removed.

I hope this information assists in getting your issue resolved!

Karen Widhalm

Product Specialist

SaaS Email and Web Security

Intel Security