Alex via Postfix-users: > Hi, > > I'm using postfix-3.8.5 on fedora40 with pypolicyd-spf-3.0.4 and some > senders are experiencing weird timeout issues when trying to send to > us: > > 8/22/2024 2:08:25 PM - Server at > SA1PR22MB4256.namprd22.prod.outlook.com returned '550 5.4.300 Message > expired -> 451 4.4.400 Error communicating with frontend host or > destination host. -> 421 4.4.2 Connection dropped due to > ConnectionReset' > 8/22/2024 1:37:14 PM - Server at 209.216.90.118 (209.216.111.118) > returned '451 4.4.400 Error communicating with frontend host or > destination host. -> 421 4.4.2 Connection dropped due to > ConnectionReset' > > > On or around that time (and many other times throughout the day) I see > many attempts at connecting, but no other details on those > connections: > > > Aug 22 01:36:34 iceman policyd-spf[586425]: : prepend Received-SPF: > Pass (mailfrom) identity=mailfrom; client-ip=40.107.102.133; > helo=nam04-dm6-obe.outbound.protection.outlook.com; > envelope-from=zoe.osb...@qwickrate.com; receiver=jerseyshorefcu.org > > Aug 22 01:41:48 xavier policyd-spf[712089]: : prepend Received-SPF: > Pass (mailfrom) identity=mailfrom; client-ip=40.107.101.115; > helo=nam04-mw2-obe.outbound.protection.outlook.com; > envelope-from=jason.heinr...@qwickrate.com; > receiver=jerseyshorefcu.org > > > Could it somehow be related to Microsoft 365 servers? I'm also not > even sure it's related to SPF. This also isn't the only sender having > this problem. > > > I've done my best to correlate the log entries to something usable and > found this, although I don't understand what could be the source of > the timeout? > > > Aug 22 01:36:33 iceman postfix-199/smtpd[584336]: connect from > mail-dm6nam04on2133.outbound.protection.outlook.com[40.107.102.133] > Aug 22 01:36:34 iceman postfix-199/smtpd[584336]: A5C98100002D6: > client=mail-dm6nam04on2133.outbound.protection.outlook.com[40.107.102.133] > Aug 22 01:51:36 iceman postfix-199/smtpd[584336]: timeout after BDAT > (3293244 bytes) from > mail-dm6nam04on2133.outbound.protection.outlook.com[40.107.102.133] > Aug 22 01:51:36 iceman postfix-199/smtpd[584336]: disconnect from > mail-dm6nam04on2133.outbound.protection.outlook.com[40.107.102.133] > ehlo=2 starttls=1 mail=1 rcpt=1 bdat=0/1 rset=1 commands=6/7 > > > I'm seeing quite a large number of those "timeout after BDAT" entries > in my logs, all of which are from different > outbound.protection.outlook.com servers. > > > Given the instructions in https://www.postfix.org/BDAT_README.html > I've disabled BDAT support for now, hoping this will alleviate the > problem until I can identify the cause.
Questions: - Is there a "firewall-in-the-middle" that "secures" your inbound email streams? That could invalidate the byte count that was sent by outlook.com versus the byte count that was received by Postfix. - How is SPF integrated into Postfix? Hint: provide output from "postconf -nf" and "postconf -Mf". See also https://www.postfix.org/DEBUG_README.html#mail. - It's also good to know the output from "postconf mail_version", and the OS version if you did not build postfix yourself. - The "timeout after BDAT" includes a byte count. That could be useful information. My server receives mail from *.outlook.com, and there are no BDAT errors in all of 2024 (I did not look at logging for ealier years). All sessions look like this: spike postfix/smtpd[xxx]: disconnect from mail-xxx.outbound.protection.outlook.com[xxx] ehlo=2 starttls=1 mail=1 rcpt=1 bdat=1 quit=1 commands=7 or like this: spike postfix/smtpd[xxx]: disconnect from mail-xxx.outbound.protection.outlook.com[xxx] ehlo=2 starttls=1 mail=1 rcpt=1 bdat=1 rset=1 quit=1 commands=8 The volume is low, less than one email message per day. Wietse _______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
