On Fri, Nov 14, 2008 at 06:14:33PM -0500, Wietse Venema wrote:
> Victor Duchovni:
> > On Sat, Nov 15, 2008 at 09:14:07AM +1100, Petr Janda wrote:
> >
> > > Hi all,
> > > I have got reports about lost mail(not received, im the receiver not the
> > > sender) recently and trying to find out whats going on seems to be beyond
> > > me.
> > >
> > > Basically a lot of email is lost with "timeout after DATA"
> > >
> > > For example:
> > > timeout after DATA (0 bytes) from mail.securepay.com.au[203.89.212.166]
> > >
> > > . Supposedly the problem here is that the sending machine has got a
> > > firewall
> > > in front of it thats blocking ICMP MUST FRAGMENT. I somewhat could verify
> > > this by trying to ping those machines and indeed pinging them does not
> > > work(so at least ICMP ECHO is blocked).
> >
> > Or botching window scaling, or getting confused by selectiv ACKs, or ...
> > Consider disabling window scaling support (not just setting the default
> > scale to zero). Consider capturing the packet stream outside your
> > outermost firewall.
>
> The Postfix wishlist has an entry to force window scaling off
> (by requesting a small TCP send buffer before creating the
> listener endpoint). If this works without creating more trouble
> than it solves, then I might make it available as a patch for
> legacy releases, just like the stress-adaptive behavior patch.
>
In the OPs packet dump, the window scale on the receiving system is 2^0,
but the sending system uses 2^7. Not much we can do about that from the
Postfix side...
--
Viktor.
Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the "Reply-To" header.
To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:
<mailto:[EMAIL PROTECTED]>
If my response solves your problem, the best way to thank me is to not
send an "it worked, thanks" follow-up. If you must respond, please put
"It worked, thanks" in the "Subject" so I can delete these quickly.
