Hello guys,I've been strugling with this for more than a week now. The server
has 3 postfix instances. 1 for receiving everything (eth0:1), and the other 2
for outgoing emails from 2 different companies (eth0, eth0:2).# cat
/var/log/maillog | grep -i "timeout after "[ ... snip ...]Nov 20 14:43:13
smtprelay postfix/smtpd[21413]: timeout after CONNECT from
smtprelay.tic.com.pe[200.48.16.241]Nov 20 14:43:35 smtprelay
postfix/smtpd[21479]: timeout after CONNECT from
mail.exalmar.com.pe[200.48.16.210]Nov 20 14:53:33 smtprelay
postfix/smtpd[21413]: timeout after CONNECT from
correo.santillana.com.pe[200.48.31.236]Nov 20 14:53:33 smtprelay
postfix/smtpd[21547]: timeout after CONNECT from
correo.santillana.com.pe[200.48.31.236]Nov 20 15:10:13 smtprelay
postfix/smtpd[21650]: timeout after CONNECT from
correoweb.viabcp.com[200.48.193.165]Nov 20 15:15:37 smtprelay
postfix/smtpd[21654]: timeout after DATA from unknown[200.29.137.20]Nov 20
15:43:39 smtprelay postfix/smtpd[21861]: timeo
ut after CONNECT from adsl-54-94.teol.net[94.250.54.94]Nov 20 15:44:16
smtprelay postfix/smtpd[21849]: timeout after END-OF-MESSAGE from
host200-2-dynamic.10-79-r.retail.telecomitalia.it[79.10.2.200]Nov 20 15:53:11
smtprelay postfix/smtpd[21920]: timeout after END-OF-MESSAGE from
qmta05.westchester.pa.mail.comcast.net[76.96.62.48]Nov 20 16:06:33 smtprelay
postfix/smtpd[21991]: timeout after CONNECT from
smtprelay.tic.com.pe[200.48.16.241]Nov 20 16:16:52 smtprelay
postfix/smtpd[22021]: timeout after CONNECT from
correo.santillana.com.pe[200.48.31.236]Nov 20 16:33:33 smtprelay
postfix/smtpd[22227]: timeout after CONNECT from
cpe-24-90-25-94.nyc.res.rr.com[24.90.25.94]Nov 20 16:35:00 smtprelay
postfix/smtpd[22228]: timeout after END-OF-MESSAGE from
outmail008.snc1.tfbnw.net[69.63.178.167]# cat /var/log/maillog | grep -i "lost
connection after "[ ... snip ...]Nov 20 16:34:12 smtprelay
postfix/smtpd[22194]: lost connection after CONNECT from
hrw218.internetdsl.tpnet.pl[79.188.
204.218]Nov 20 16:38:06 smtprelay postfix/smtpd[22228]: lost connection after
EHLO from h200137196195.ufg.br[200.137.196.195]Nov 20 16:43:00 smtprelay
postfix/smtpd[22302]: lost connection after CONNECT from
hrw218.internetdsl.tpnet.pl[79.188.204.218]Nov 20 16:44:44 smtprelay
postfix/smtpd[22303]: lost connection after DATA from
carozzi03.carozzi.cl[200.29.137.20]Nov 20 16:46:01 smtprelay
postfix/smtpd[22302]: lost connection after CONNECT from
189.27.203.14.adsl.gvt.net.br[189.27.203.14]Nov 20 16:46:26 smtprelay
postfix/smtpd[22349]: lost connection after CONNECT from
mail.dinet.com.pe[200.48.15.5]Nov 20 16:47:02 smtprelay postfix/smtpd[22348]:
lost connection after CONNECT from mail.dinet.com.pe[200.48.15.5]Nov 20
16:47:02 smtprelay postfix/smtpd[22342]: lost connection after CONNECT from
mail.dinet.com.pe[200.48.15.5]Nov 20 16:50:18 smtprelay postfix/smtpd[22351]:
lost connection after CONNECT from
hrw218.internetdsl.tpnet.pl[79.188.204.218]Nov 20 17:03:06 smtprelay postf
ix/smtpd[22302]: lost connection after CONNECT from
mail.dinet.com.pe[200.48.15.5]Nov 20 17:03:06 smtprelay postfix/smtpd[22447]:
lost connection after CONNECT from mail.dinet.com.pe[200.48.15.5]Nov 20
17:03:42 smtprelay postfix/smtpd[22526]: lost connection after CONNECT from
mail.dinet.com.pe[200.48.15.5] This problem happens only with incoming emails
from always certain domains, all the rest arrive fine.I've read about the pix
bugs but we use fully patched Cisco ASAsI read about MTU's and lowered eth0
(with it's 2 aliases) to 1200 (instead of 1500 by default)I set the kernel
parameters:sysctl -w net.ipv4.tcp_window_scaling=0 <- instead of 1sysctl
-w net.ipv4.tcp_rmem="4096 87380 4194304" <- instead of "4096 87380
174760"I also increased: default_process_limit = 500Also, When I send an email
with nc it hangs at the "." after DATA, which looks like the old pix
bug.C:\Documents and Settings\Administrator\Desktop\net>nc -vvv
smtp2.xxxxxxxxx.com 25smtp2.xxxxxxx
xx.com [xx.xx.xx.xx] 25 (smtp) open220 smtp2.xxxxxxxxx.com ESMTPhelo martin250
smtp2.xxxxxxxxx.commail from: [EMAIL PROTECTED] Okrcpt to: [EMAIL PROTECTED]
Okdata354 Please start mail input. test. <--- it
hangs there "." The logs show timeout, no FROM nor RCPT, just hangs there.What
else can I do?? Thank you very much!MartinPS: The *postconf* from the receiving
postfix instance (eth0:1)2bounce_notice_recipient =
postmasteraccess_map_reject_code = 554address_verify_default_transport =
$default_transportaddress_verify_local_transport =
$local_transportaddress_verify_map = address_verify_negative_cache =
yesaddress_verify_negative_expire_time = 3daddress_verify_negative_refresh_time
= 3haddress_verify_poll_count = 3address_verify_poll_delay =
3saddress_verify_positive_expire_time = 31daddress_verify_positive_refresh_time
= 7daddress_verify_relay_transport = $relay_transportaddress_verify_relayhost =
$relayhostaddress_verify_sender = postmaste
raddress_verify_service_name = verifyaddress_verify_transport_maps =
$transport_mapsaddress_verify_virtual_transport =
$virtual_transportalias_database = hash:/etc/postfix/aliasesalias_maps =
hash:/etc/postfix/aliasesallow_mail_to_commands = alias,
forwardallow_mail_to_files = alias, forwardallow_min_user =
noallow_percent_hack = yesallow_untrusted_routing =
noalternate_config_directories = always_bcc = anvil_rate_time_unit =
60sanvil_status_update_time = 600sappend_at_myorigin = yesappend_dot_mydomain =
yesapplication_event_drain_time = 100sauthorized_flush_users =
static:anyoneauthorized_mailq_users = static:anyoneauthorized_submit_users =
static:anyonebackwards_bounce_logfile_compatibility =
yesberkeley_db_create_buffer_size = 16777216berkeley_db_read_buffer_size =
131072best_mx_transport = biff = yesbody_checks = body_checks_size_limit =
51200bounce_notice_recipient = postmasterbounce_queue_lifetime =
1dbounce_service_name = bouncebounce_size_limit = 50000broken_sasl_aut
h_clients = nocanonical_classes = envelope_sender, envelope_recipient,
header_sender, header_recipientcanonical_maps = cleanup_service_name =
cleanupcommand_directory = /usr/sbincommand_execution_directory =
command_expansion_filter = [EMAIL
PROTECTED]:,./abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZcommand_time_limit
= 1000sconfig_directory = /etc/postfixconnection_cache_service =
scacheconnection_cache_status_update_time = 600sconnection_cache_ttl_limit =
20scontent_filter = daemon_directory = /usr/libexec/postfixdaemon_timeout =
18000sdebug_peer_level = 2debug_peer_list = default_database_type =
hashdefault_delivery_slot_cost = 5default_delivery_slot_discount =
50default_delivery_slot_loan = 3default_destination_concurrency_limit =
20default_destination_recipient_limit = 50default_extra_recipient_limit =
1000default_minimum_delivery_slots = 3default_privs =
nobodydefault_process_limit = 500default_rbl_reply = $rbl_code Service
unavailable; $rbl_class [$rbl_what] bl
ocked using $rbl_domain${rbl_reason?; $rbl_reason}default_recipient_limit =
10000default_transport = smtpdefault_verp_delimiters = +=defer_code =
450defer_service_name = deferdefer_transports = delay_notice_recipient =
postmasterdelay_warning_time = 0hdeliver_lock_attempts = 20deliver_lock_delay =
1sdisable_dns_lookups = nodisable_mime_input_processing =
nodisable_mime_output_conversion = nodisable_verp_bounces =
nodisable_vrfy_command = nodont_remove = 0double_bounce_sender =
double-bounceduplicate_filter_limit = 1000empty_address_recipient =
MAILER-DAEMONenable_original_recipient = yeserror_notice_recipient =
postmastererror_service_name = errorexecution_directory_expansion_filter =
[EMAIL
PROTECTED]:,./abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZexpand_owner_alias
= noexport_environment = TZ MAIL_CONFIGfallback_relay = fallback_transport =
fast_flush_domains = $relay_domainsfast_flush_purge_time =
7dfast_flush_refresh_time = 12hfault_injection_code = 0flush_servic
e_name = flushfork_attempts = 5fork_delay = 1sforward_expansion_filter =
[EMAIL
PROTECTED]:,./abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZforward_path
= $home/.forward${recipient_delimiter}${extension},
$home/.forwardhash_queue_depth = 1hash_queue_names = deferred,
deferheader_address_token_limit = 10240header_checks = header_size_limit =
102400helpful_warnings = yeshome_mailbox = hopcount_limit = 50html_directory =
noignore_mx_lookup_error = noimport_environment = MAIL_CONFIG MAIL_DEBUG
MAIL_LOGTAG TZ XAUTHORITY DISPLAYin_flow_delay = 1sinet_interfaces =
$myhostnameinet_protocols = ipv4initial_destination_concurrency =
5invalid_hostname_reject_code = 501ipc_idle = 100sipc_timeout = 3600sipc_ttl =
1000sline_length_limit = 2048lmtp_cache_connection = yeslmtp_connect_timeout =
0slmtp_data_done_timeout = 600slmtp_data_init_timeout =
120slmtp_data_xfer_timeout = 180slmtp_destination_concurrency_limit =
$default_destination_concurrency_limitlmtp_destination_recipient_limi
t = $default_destination_recipient_limitlmtp_lhlo_timeout =
300slmtp_mail_timeout = 300slmtp_quit_timeout = 300slmtp_rcpt_timeout =
300slmtp_rset_timeout = 20slmtp_sasl_auth_enable = nolmtp_sasl_password_maps =
lmtp_sasl_security_options = noplaintext, noanonymouslmtp_send_xforward_command
= nolmtp_skip_quit_response = nolmtp_tcp_port = 24lmtp_xforward_timeout =
300slocal_command_shell = local_destination_concurrency_limit =
2local_destination_recipient_limit = 1local_header_rewrite_clients =
permit_inet_interfaceslocal_recipient_maps = $alias_mapslocal_transport =
local:$myhostnameluser_relay = mail_name = Postfixmail_owner =
postfixmail_release_date = 20060405mail_spool_directory = /var/mailmail_version
= 2.2.10mailbox_command = mailbox_command_maps = mailbox_delivery_lock = fcntl,
dotlockmailbox_size_limit = 0mailbox_transport = mailq_path =
/usr/bin/mailq.postfixmanpage_directory = /usr/share/manmaps_rbl_domains =
maps_rbl_reject_code = 554masquerade_classes = envelope_s
ender, header_sender, header_recipientmasquerade_domains =
masquerade_exceptions = max_idle = 100smax_use = 100maximal_backoff_time =
4000smaximal_queue_lifetime = 3dmessage_size_limit =
10240000mime_boundary_length_limit = 2048mime_header_checks =
$header_checksmime_nesting_limit = 100minimal_backoff_time =
1000smulti_recipient_bounce_reject_code = 550mydestination = $mydomain,
localhost.localdomainmydomain = campustecnologico.com.pemyhostname =
mailgw1.xxxxxxxxx.commynetworks = 127.0.0.0/8, xxx.xxx.xxx.0/24mynetworks_style
= subnetmyorigin = $myhostnamenested_header_checks =
$header_checksnewaliases_path = /usr/bin/newaliases.postfixnon_fqdn_reject_code
= 504notify_classes = resource, softwareowner_request_special =
yesparent_domain_matches_subdomains =
debug_peer_list,fast_flush_domains,mynetworks,permit_mx_backup_networks,qmqpd_authorized_clients,relay_domains,smtpd_access_mapspermit_mx_backup_networks
= pickup_service_name = pickupprepend_delivered_header = command, fil
e, forwardprocess_id_directory = pidpropagate_unmatched_extensions =
canonical, virtualproxy_interfaces = proxy_read_maps = $local_recipient_maps
$mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps
$virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps
$sender_canonical_maps $recipient_canonical_maps $relocated_maps
$transport_maps $mynetworksqmgr_clog_warn_time = 300sqmgr_fudge_factor =
100qmgr_message_active_limit = 20000qmgr_message_recipient_limit =
20000qmgr_message_recipient_minimum = 10qmqpd_authorized_clients =
qmqpd_error_delay = 1sqmqpd_timeout = 300squeue_directory =
/var/spool/postfixqueue_file_attribute_count_limit = 100queue_minfree =
0queue_run_delay = 1000squeue_service_name = qmgrrbl_reply_maps =
readme_directory =
/usr/share/doc/postfix-2.2.10/README_FILESreceive_override_options =
recipient_bcc_maps = recipient_canonical_classes = envelope_recipient,
header_recipientrecipient_canonical_maps = recipient_del
imiter = reject_code = 554relay_clientcerts =
relay_destination_concurrency_limit =
$default_destination_concurrency_limitrelay_destination_recipient_limit =
$default_destination_recipient_limitrelay_domains = $mydestination,
hash:/etc/postfix/relay_domainsrelay_domains_reject_code =
554relay_recipient_maps = relay_transport = relayrelayhost = relocated_maps =
remote_header_rewrite_domain = require_home_directory =
noresolve_dequoted_address = yesresolve_null_domain = norewrite_service_name =
rewritesample_directory =
/usr/share/doc/postfix-2.2.10/samplessender_based_routing = nosender_bcc_maps =
sender_canonical_classes = envelope_sender, header_sendersender_canonical_maps
= sendmail_path = /usr/sbin/sendmail.postfixservice_throttle_time =
60ssetgid_group = postdropshow_user_unknown_table_name = yesshowq_service_name
= showqsmtp_always_send_ehlo = yessmtp_bind_address = smtp_bind_address6 =
smtp_cname_overrides_servername = yessmtp_connect_timeout =
60ssmtp_connection_cache
_destinations = smtp_connection_cache_on_demand =
yessmtp_connection_cache_reuse_limit = 10smtp_connection_cache_time_limit =
20ssmtp_data_done_timeout = 600ssmtp_data_init_timeout =
120ssmtp_data_xfer_timeout = 180ssmtp_defer_if_no_mx_address_found =
nosmtp_destination_concurrency_limit =
$default_destination_concurrency_limitsmtp_destination_recipient_limit =
$default_destination_recipient_limitsmtp_discard_ehlo_keyword_address_maps =
smtp_discard_ehlo_keywords = smtp_enforce_tls = nosmtp_generic_maps =
smtp_helo_name = $myhostnamesmtp_helo_timeout = 180ssmtp_host_lookup =
dnssmtp_line_length_limit = 990smtp_mail_timeout = 300ssmtp_mx_address_limit =
0smtp_mx_session_limit = 20smtp_never_send_ehlo =
nosmtp_pix_workaround_delay_time = 10ssmtp_pix_workaround_threshold_time =
500ssmtp_quit_timeout = 300ssmtp_quote_rfc821_envelope =
yessmtp_randomize_addresses = yessmtp_rcpt_timeout = 300ssmtp_rset_timeout =
20ssmtp_sasl_auth_enable = nosmtp_sasl_mechanism_filter = smtp_sasl_p
assword_maps = smtp_sasl_security_options = noplaintext,
noanonymoussmtp_sasl_tls_security_options =
$var_smtp_sasl_optssmtp_send_xforward_command = nosmtp_skip_5xx_greeting =
yessmtp_skip_quit_response = yessmtp_starttls_timeout = 300ssmtp_tls_CAfile =
smtp_tls_CApath = smtp_tls_cert_file = smtp_tls_cipherlist =
smtp_tls_dcert_file = smtp_tls_dkey_file =
$smtp_tls_dcert_filesmtp_tls_enforce_peername = yessmtp_tls_key_file =
$smtp_tls_cert_filesmtp_tls_loglevel = 0smtp_tls_note_starttls_offer =
nosmtp_tls_per_site = smtp_tls_scert_verifydepth =
5smtp_tls_session_cache_database = smtp_tls_session_cache_timeout =
3600ssmtp_use_tls = nosmtp_xforward_timeout = 300ssmtpd_authorized_verp_clients
= $authorized_verp_clientssmtpd_authorized_xclient_hosts =
smtpd_authorized_xforward_hosts = smtpd_banner = $myhostname
ESMTPsmtpd_client_connection_count_limit = 50smtpd_client_connection_rate_limit
= 0smtpd_client_event_limit_exceptions =
${smtpd_client_connection_limit_exceptions:$mynet
works}smtpd_client_message_rate_limit = 0smtpd_client_recipient_rate_limit =
0smtpd_client_restrictions = smtpd_data_restrictions = smtpd_delay_reject =
yessmtpd_discard_ehlo_keyword_address_maps = smtpd_discard_ehlo_keywords =
smtpd_end_of_data_restrictions = smtpd_enforce_tls = nosmtpd_error_sleep_time =
1ssmtpd_etrn_restrictions = smtpd_expansion_filter =
\t\40!"#$%&'()*+,-./0123456789:;<=>[EMAIL PROTECTED]|}~smtpd_forbidden_commands
= CONNECT GET POSTsmtpd_hard_error_limit = 20smtpd_helo_required =
nosmtpd_helo_restrictions = smtpd_history_flush_threshold =
100smtpd_junk_command_limit = 100smtpd_noop_commands =
smtpd_null_access_lookup_key = <>smtpd_policy_service_max_idle =
300ssmtpd_policy_service_max_ttl = 1000ssmtpd_policy_service_timeout =
100ssmtpd_proxy_ehlo = $myhostnamesmtpd_proxy_filter = smtpd_proxy_timeout =
100ssmtpd_recipient_limit = 1000smtpd_recipient_overshoot_limit =
1000smtpd_recipient_restrictions = permit_
mynetworks, reject_unauth_destinationsmtpd_reject_unlisted_recipient =
yessmtpd_reject_unlisted_sender = nosmtpd_restriction_classes =
smtpd_sasl_application_name = smtpdsmtpd_sasl_auth_enable =
nosmtpd_sasl_exceptions_networks = smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymoussmtpd_sasl_tls_security_options =
$smtpd_sasl_security_optionssmtpd_sender_login_maps = smtpd_sender_restrictions
= smtpd_soft_error_limit = 10smtpd_starttls_timeout = 300ssmtpd_timeout =
300ssmtpd_tls_CAfile = smtpd_tls_CApath = smtpd_tls_ask_ccert =
nosmtpd_tls_auth_only = nosmtpd_tls_ccert_verifydepth = 5smtpd_tls_cert_file =
smtpd_tls_cipherlist = smtpd_tls_dcert_file = smtpd_tls_dh1024_param_file =
smtpd_tls_dh512_param_file = smtpd_tls_dkey_file =
$smtpd_tls_dcert_filesmtpd_tls_key_file =
$smtpd_tls_cert_filesmtpd_tls_loglevel = 0smtpd_tls_received_header =
nosmtpd_tls_req_ccert = nosmtpd_tls_session_cache_database =
smtpd_tls_session_cache_timeout = 3600ssmtpd_tls_wrappermode
= nosmtpd_use_tls = nosoft_bounce = nostale_lock_time =
500sstrict_7bit_headers = nostrict_8bitmime = nostrict_8bitmime_body =
nostrict_mime_encoding_domain = nostrict_rfc821_envelopes =
nosun_mailtool_compatibility = noswap_bangpath = yessyslog_facility =
mailsyslog_name = postfixtls_daemon_random_bytes = 32tls_random_bytes =
32tls_random_exchange_name =
${config_directory}/prng_exchtls_random_prng_update_period =
3600stls_random_reseed_period = 3600stls_random_source =
dev:/dev/urandomtrace_service_name = tracetransport_maps =
hash:/etc/postfix/transporttransport_retry_time = 60strigger_timeout =
10sundisclosed_recipients_header = To:
undisclosed-recipients:;unknown_address_reject_code =
450unknown_client_reject_code = 450unknown_hostname_reject_code =
450unknown_local_recipient_reject_code = 550unknown_relay_recipient_reject_code
= 550unknown_virtual_alias_reject_code = 550unknown_virtual_mailbox_reject_code
= 550unverified_recipient_reject_code = 450unverified_sender_rej
ect_code = 450verp_delimiter_filter = -=+virtual_alias_domains =
$virtual_alias_mapsvirtual_alias_expansion_limit = 1000virtual_alias_maps =
$virtual_mapsvirtual_alias_recursion_limit =
1000virtual_destination_concurrency_limit =
$default_destination_concurrency_limitvirtual_destination_recipient_limit =
$default_destination_recipient_limitvirtual_gid_maps = virtual_mailbox_base =
virtual_mailbox_domains = $virtual_mailbox_mapsvirtual_mailbox_limit =
51200000virtual_mailbox_lock = fcntlvirtual_mailbox_maps = virtual_minimum_uid
= 100virtual_transport = virtualvirtual_uid_maps =
_________________________________________________________________
Explore the seven wonders of the world
http://search.msn.com/results.aspx?q=7+wonders+world&mkt=en-US&form=QBRE
