Someone on Iran is unable to connect to my service which is hosted on a server in the U.S. It seems like most other services work for them fine but mine does not.
I asked them to ping the server and the request timed out.
Also I VPN'ed into UAE and South Africa and was able to establish a connection without a problem.
Does anyone have any idea why this might not be working? I'm actively communicating with them so clearly their internet does work. Do certain countries like Iran have firewalls?
Thank you.
answered by #yagmoth555 on Server Fault:
Iran is using a filtering service to control the Internet usage. Some other country have firewall that block or filter request.
I would advice to not advise your customer(s) to use a VPN, as it can be against their local law to do so.
Your legal way to open to those country is really limited sadly.
Iran - It's Telecommunication Company of Iran (TCI) that filter the Internet reference.
Russia - Its Roskomnadzor that filter the Internet.
China - It's their Great Firewall.
Related
How it's possible that Cloudflare proxy has always US IP address or Google, Netflix and etc when i access on their websites from Asia, why i don't see some Asia IP (I expected the most close server to me and not in US).
Why i connect like first to US IP, ok, they will have some kind of load balancer server, but for the most low latency for TTFB why it's works like that or is the US IP address associated to some Asia server?? What is the trick?
I tried find some info how it's works but it's always same answer and doesn't explain anything for me..it's just saying that it's in power of DNS..I know about GEO DNS, but there is my end, but simple GEO DNS will always show different IP then is there another layer of something?
I'm just lost..
As far as I know, the "proxy" feature of Cloudflare will always display and "use" an US based IP-Address.
Your request is still sent to the nearest Cloudflare data center (somewhere in Asia, in your case).
But the "proxy" IP (which is static), is always the same.
Not entirely sure though, might as well be worth contacting their support team and asking for exact information on this.
I have been sending emails (through gmail accounts and gmail smtp server) to text gateways of various wireless providers and they worked pretty well for years until this year. The messages stopped working for all verizon numbers a few months ago. I didn't receive any feedback as to why it stopped working. It is as if the email was sent successfully and then silently swallowed by vtext.com. I tried to limit the number of recipients per email but it didn't help. I did a lot of searches online but could not find a sure reason what has been changed. I started to suspect that my ip or domain has been blacklisted by verizon, but I have no way to contact verizon support about its gateway policy and whether my suspicion is true. The customer support of the wireless department said he knew nothing about vtext.com and thus could not help. All my messages are sports team related (inclement weather, etc.) and they are not spams.
I'd really appreciate any help on finding out the true reason this stopped working, and who/where I can contact to resolve this. This is very important for my web site.
Thanks!
This is why...
It's all about revenue. If you were using Vtext, good chance you have been blocked by Verizon and they want you to purchase enterprise services. Happened to my company today and this has been a critical part of our system to page work orders out to field technicians that service medical equipment. Verizon has affected patient care, and seem to not care when I asked if they can unblock us just so we can make a strategic transition.
I noticed the same thing recently. When I called care they told me vtext is being decommissioned in favor of messaging+, which to my knowledge doesn't have an email gateway. Apprently your region and mine are gone and the plan is to have all vtext shut down by end of 2016.
Currently looking in to alternatives.
I noticed this, too. However, I've found that the mms gateway still works.
<phone_number>#vzwpix.com
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 2 years ago.
Improve this question
The mail server I manage is clean according to 92 blacklists checked by MXToolbox.
But ...
host mx.ecentral.com.cust.b.hostedemail.com[64.98.36.4]
refused to talk to me: 421 4.7.1 Service unavailable; Client host
[My Server IP] blocked using tms.urbl.hostedemail.com; Your IP has been
sending too much spam
How does one get off of this list? What puts one on their list but not on any of the ones with more obvious rules? Is hostedemail.com some kind of rogue provider?
Thanks!
What's crazy about this (to me, anyway) is that both hostedemail.com and urbl.hostedemail.com have no A records and no website, not even a redirect or a single page that would give people the bare minimum information about their blacklist or service. That's not how professionally run blacklists are managed these days.
My users are getting this:
host mx.DOMAIN.org.cust.a.hostedemail.com[216.40.42.4] refused to talk to me: 554 5.7.1 Service unavailable; Client host [1.2.3.4] blocked using urbl.hostedemail.com; Your IP has been manually blacklisted
It's the reference to manual blacklisting that flummoxes me. None of my servers are in any of the blacklists checked by MxToolbox (and like most mail admins, I work hard to keep it that way), so if someone has taken the time to manually add the IP address of one of my servers to the list then this sounds as amateur as my own manual blacklist I use on my servers when I have no patience waiting for a spammer to be shut down or blacklisted. And it has been there for at least a week; I haven't bothered checking last week's logs, as a week is long enough to determine whether or not a server is (still) sending spam.
After some research I found this post:
What does this error mean when emails are bouncing back to sender?
That led me to:
https://fbl.hostedemail.com/
... which is actually a branded CNAME for fbl-opensrs.app.returnpath.net that leads to:
https://fbl.returnpath.net/
So at the end of that long trail I ended up signing up for Return Path's FBL for their short list of 22 ISPs (including, as far as I can tell, a couple of individual companies' email systems). In doing so I have now agreed to them sharing my "Personal Information with business partners or other third party sponsors of sweepstakes, contests and similar promotions from time to time" (seems like a bizarre provision for the terms of service for a B2B company, especially one whose raison d'ĂȘtre is about reducing spam, but what choice do I have?), but I am none the wiser yet on why my one server's IP address has been blacklisted.
However, like #StephenB, I am going to abuse my standing as an OpenSRS reseller (an account I have all but abandoned because of their crappy service) and send their support department an email. I expect I'll get the usual "not my department" reply, as happened sometime last year when someone was registering phishing domains spoofing one of my user's domains. I'll post the results of that in a comment when/if I hear back.
UPDATE: I did email OpenSRS reseller support and (to my surprise) they responded within the hour to (belatedly) inform me of the FBL. Another seven hours later they de-listed my IP and the delayed mails in the queue went through.
I brought up some of my points above and this was their reply:
Thank you so much for your feedback, certainly your concerns are understandable. At OpenSRS/Tucows we're always looking to provide a better service, and definitely we can see your point as far as blacklist/delisting goes, for the time being I believe the reason for this is due to a lack of resources to put something like this together, but certainly I can assure you it is on our radar. I will pass this information along to our managers so that we can ensure your voice is heard.
Platitudes, but nevertheless positive platitudes.
UPDATE 2: Well, the platitudes didn't last long. They blacklisted my IP again, and this time I was just patronised instead:
I am just replying back on the RBL listing you inquired about and I can confirm the IP was once again de-listed but I did get some additional information for you as requested. I needed to do a bit of checking but the IP x.x.x.x is provided by RIPE Network Coordination Centre, the IP assigned to the user by the hosting provider carries the reputation of the rest of the CIDR. The nature of VPS/Shared IPs is to be disposable, and it is not suitable for sustainable mail services. I would suggest that you should be renting a dedicated IP/CIDR directly from ARIN or any other static IP provider to avoid further listings from happening in the future since its [sic] not necessarily your customers being listed but the IP being listed. But of course for the time being we have de-listed the IP but assuming nothing changes its [sic] likely it will be listed again in the future. Let me know if you have any questions from here.
We've been using VPSes for mail since 2008 (after a lot of thought and research), and have never in that time had an issue. I understand the sentiment that VPS IPs have a lower reputation in the minds of sysadmins with long memories, including myself, but in this day and age this is like saying that "I don't like x nationality because of what they did to my great-grandfather during the war." Properly maintained blacklists are supposed to have a memory hours long (in most cases; not all, of course), not generations long, and OpenSRS/Tucows/Hostedemail are blocking data centres worldwide full of legitimate mail servers, that nobody else are blocking. I diplomatically told them they're using thinking that became obsolete around the end of the last century.
I already have one of their customers (that our users were having trouble emailing) talking to us about moving.
If WiTon Nope's answer was correct at one point, it doesn't appear to be accurate anymore. They blacklisted my server as well, for no apparent reason, and it took a week of chasing them to get that resolved - and it appears that the only reason it didn't take longer (or got resolved at all) is because I'm already an OpenSRS reseller for domain registration (I don't use their EMail service, and I certainly won't be after this experience). Even then, I had to resort to calling them, because the attempts I made to contact them via their reseller support EMail & Twitter were all ignored. Oh, and unlike nearly every other RBL I've dealt with, they fail to provide any method for requesting delisting.
Also, the suggestion to check MX Toolbox doesn't seem to be relevant, since they don't actually monitor urbl.hostedemail.com - and same as with Daniel Wilson, my server wasn't on any of the (more than 40) RBLs that MX Toolbox does monitor.
To top it all off, once they finally DID resolve the problem, they refused to provide any useful details, like ANY reason for having listed my server, or even so much as confirming that there WAS a reason in the first place. I try not assume that people are acting in bad-faith, but I can't think of any reason not to provide the justification for the listing - unless they discovered that was no valid reason for blacklisting the server, and are just trying to weasel out of admitting that they screwed up.
hostedemail.com is used by OpenSRS providing email hosting service and it's not a blacklist directory. You don't have to worry you have to wait for couple of days while your IP will be refreshed accross all mailservers and dns globally.
I am a PHP coder but not a server expert so I wondered if anyone could answer the following query.
Is there a way that a bot can determine the IP of my server when it runs through Cloudflare?
Someone suggested that folk could try ftp.domain.com and things like that. I do not have that setup on my server although Cloudflare do set this up automatically for you when you register a domain.
If you are a server expert and wanted to determine the actual IP of a server, how would you go about it?
Thanks.
PS: I do not want my IP public, hence the question.
Someone that really wants to find your server IP address probably can. We're only going to really stop basic lookups from returning your IPs, but we can only proxy web traffic & some records on your domain (mail, for example) may still return your server IP.
We do have some tips on minimizing the probability that someone could find it easily with these guidelines.
I am aware of how many times this has been asked based on searching StackOverflow, but I am still hoping someone could tell me whether I am wrong...
I am creating a peer-to-peer chat app for the iPhone. My initial idea was to avoid using a server, so Bonjour came to mind. I was happy coding for quite a while and implemented a lot of fancy features, but two days ago I started testing with two clients from different subnets and found that the clients couldn't connect to each other! I suddenly realized that Bonjour is meant for local networks and that a DNS server is necessary for wide area service broadcasting. Do I really need a server for Internet peer-to-peer chat? Are there any other options that do not involve using a server on the iOS platform?
I am wondering how you can do a chat app without using a server. There are many cheap solutions out there, Amazon has its own service, Google does as well. You can try first without even having to pay a cent.
I found the following from apple developer guide. This should answer your question -
Does Bonjour work between multiple subnets?
Yes. The first release of DNS Service Discovery (DNS-SD) for Mac OS X concentrated on Multicast DNS (mDNS) for single-link networks because this was the environment worst served by IP software. Starting in Mac OS X 10.4, Bonjour now uses Dynamic DNS Update (RFC 2316) and unicast DNS queries to enable wide-area service discovery.
To answer the question, the only way is for you to carry a list of all possible participants, and their current IP address, and for each possible participant to report to all others each time their IP Address changes. So, if you have 100 possible participants, then you must tell 99 others when your IP Address changes, and those 99 must tell you when their IP Address changes.
Bonjour may work on a LAN, a WAN or even a WAN, but it will never work on the internet.
The role of the server is so that each end point only need to tell one end point (the server) when it changes. My advice is get a cheap internet host, with a basic PHP / MySQL capabilities, and write yourself a very simple script to post and get user identities.