Mystery of the Filtered Email Connections

You can reach me at I would be grateful for any suggestions.

I will update this page with results of suggestions and tests done.

I posted this on Slashdot to solicit help:

What if this happened to you? Mysteriously and suddenly, three weeks ago (Mar 26) my mailq filled up with "Connection timed out" messages. I am running up-to-date gentoo on an intel box. About 10% of my outbound messages were just pooling up. Suspicious, but thinking maybe the receivers were broken, I waited a few days. Nothing improved. traceroute 25 got through. telnet 25 timed out. Then I discovered that using a different IP address in the same /24 I could get through. Suddenly it started to feel like my IP address had been blacklisted, and I was being filtered at the receiver firewall. Here I sit three weeks later, using the % address hack and a relay machine to email 10% of my world. So, dear /. friends, what could be the cause? I am officially clueless. Have I been blacklisted? How can I check? If not blacklisted, what else could account for this set of facts? It's driving me nuts.

Note that the filtering all started at the same moment, so far as I can tell. The same moment, and at strangely different locations. What is the common factor?

What Is The % Hack?

Instead of sending email to, using the % hack, I send email to When the mail gets to, sendmail (or whatever) verifies that I am okay to relay for, and then sends it along to the original intended recipient.

IP Addresses

Which IP addresses are filtered? and, maybe more.

Which IP addresses get through successfully?


What destinations are letting email from .10 time out, but accepting mail from .11?

What destinations are letting email from .10 time out, but not yet checked for mail from .11?

What destinations are getting email from .10 okay?

Is It My Switch?

Both boxes (.10 that fails and .11 that works) are plugged into the same Cisco 2950 switch. At the suggestion of someone, I reversed the ports, but it had no effect on the filtering of the traffic. (I didn't think it would, because traceroute 25 gets through.)

My Best Theory

First off, I really don't know what is causing this situation. But I do have a theory. It could be totally wrong, but here it is.

I suspect some minor spam blacklisting service has added me to its black list. I suspect the sites that are filtering my email are using the blacklisting service to make a firewall for port 25 traffic from blacklisted IP addresses.

I further suspect that the sysadmins at these blocking sites may not even know it is happening because it could be part of a spam blocking package someone purchased.

Anyway, that's my best theory at this point. I have nothing to actually confirm or deny it. And I have no other theories that fit the facts.