On Sat, 15 Nov 2008, Petr Janda wrote:
Hi all, I have got reports about lost mail(not received, im the receiver not the sender) recently and trying to find out whats going on seems to be beyond me. Basically a lot of email is lost with "timeout after DATA" For example: timeout after DATA (0 bytes) from mail.securepay.com.au[203.89.212.166] . Supposedly the problem here is that the sending machine has got a firewall in front of it thats blocking ICMP MUST FRAGMENT. I somewhat could verify this by trying to ping those machines and indeed pinging them does not work(so at least ICMP ECHO is blocked). On the Postfix website it suggests lowering MTU, so I lowered it from 1500 to 1000, but this did not improve the situation at all. Some suggest disabling PIPELINING, so i did that but it didnt work either. I took a tcpdump of one of these and attached it to this email. (daria is the name of the mail server) Just a note about my setup: The server is running behind a Cisco ADSL Router that connects to a Cisco switch and the server connects to the switch. Any Postfix gurus here that could help me figure this problem out? Thanks, Petr
I see the same thing as well but its typically from spammers: Nov 8 04:53:10 p34 postfix/smtpd[5998]: timeout after DATA (0 bytes) from smtp.cn.tom.com[61.135.158.252] Nov 8 11:42:48 p34 postfix/smtpd[22668]: timeout after DATA (0 bytes) from user-514d8324.l3.c2.dsl.pol.co.uk[81.77.131.36] Nov 8 12:13:44 p34 postfix/smtpd[24419]: timeout after DATA (0 bytes) from dslb-088-078-200-071.pools.arcor-ip.net[88.78.200.71] Nov 8 15:19:18 p34 postfix/smtpd[31720]: timeout after DATA (0 bytes) from athedsl-287265.home.otenet.gr[85.73.169.191] Nov 8 18:20:29 p34 postfix/smtpd[747]: timeout after DATA (0 bytes) from 24-180-64-49.dhcp.bycy.mi.charter.com[24.180.64.49] Nov 9 18:23:36 p34 postfix/smtpd[18691]: timeout after DATA (0 bytes) from 75-107-36-57.cust.wildblue.net[75.107.36.57] Nov 10 05:32:16 p34 postfix/smtpd[21175]: timeout after DATA (0 bytes) from unknown[89.165.13.95] Nov 10 13:48:12 p34 postfix/smtpd[28078]: timeout after DATA (0 bytes) from 61-228-22-190.adsl.terra.cl[190.22.228.61] Nov 11 00:52:29 p34 postfix/smtpd[27788]: timeout after DATA (0 bytes) from unknown[61.11.72.103] Nov 11 06:58:13 p34 postfix/smtpd[10573]: timeout after DATA (0 bytes) from cpc3-stkn9-0-0-cust23.midd.cable.ntl.com[86.22.28.24] Nov 13 09:09:05 p34 postfix/smtpd[17362]: timeout after DATA (0 bytes) from unknown[210.5.196.22] Nov 13 15:09:22 p34 postfix/smtpd[1138]: timeout after DATA (0 bytes) from unknown[117.199.32.64] Nov 13 17:27:23 p34 postfix/smtpd[6923]: timeout after DATA (0 bytes) from unknown[208.78.42.28] Is it a legitimate e-mail server? Justin.
