We've been postfix pretty much forever, but suddenly a new problem has
arisen, for which I haven't been able to find a solution. The postfix
server is located in the USA. A lot of mail goes to Russian addresses
and it is to those addresses that the issue is arising. The biggest
problem is to a mail server at 83.222.5.141, which may actually be in
Uzbekistan, although it is for a Russian company.
Here's the error, which started about a week ago. This is for outgoing
mail, btw.
status=deferred (conversation with satcomdv.ru[83.222.5.141] timed out
while receiving the initial server greeting)
However, if I telnet on port 25 from the postfix server I can send a
message. The responses are quite slow, but works.
In case this helps:
postconf -n
alias_database = hash:/etc/postfix/aliases
alias_maps = hash:/etc/postfix/aliases
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
compatibility_level = 3.6
content_filter = smtp-amavis:[127.0.0.1]:10024
header_checks = regexp:/etc/postfix/header_checks
home_mailbox = Maildir/
inet_interfaces = all
inet_protocols = all
mail_owner = postfix
mailbox_command = /usr/lib/dovecot/deliver -c /etc/dovecot/dovecot.conf
-m "${EXTENSION}"
mailbox_size_limit = 20971520000
mailq_path = /usr/bin/mailq.postfix
message_size_limit = 10737418240
milter_default_action = accept
milter_protocol = 2
mydestination = $myhostname, $mydomain, localhost.$mydomain, localhost
mydomain = ******.com
myhostname = mail.******.com
mynetworks = 10.0.1.0/24, 127.0.0.1/32, [::1]/128
myorigin = $mydomain
newaliases_path = /usr/bin/newaliases.postfix
non_smtpd_milters = inet:localhost:8891
queue_directory = /var/spool/postfix
readme_directory = no
recipient_delimiter = +
relay_domains = $mydomain, $mydestination, $virtual_alias_maps
setgid_group = postdrop
smtp_connect_timeout = 120s
smtp_tls_mandatory_protocols = !SSLv2, !SSLv3
smtp_tls_note_starttls_offer = yes
smtp_tls_protocols = !SSLv2, !SSLv3
smtp_tls_security_level = may
smtp_use_tls = yes
smtpd_banner = $myhostname ESMTP $mail_name
smtpd_client_restrictions = check_client_access hash:/etc/postfix/access
smtpd_data_restrictions = reject_unauth_pipelining
smtpd_discard_ehlo_keywords = chunking
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks, permit_sasl_authenticated,
reject_invalid_helo_hostname, reject_non_fqdn_helo_hostname
reject_unknown_helo_hostname
smtpd_milters = inet:localhost:8891
smtpd_recipient_limit = 1000
smtpd_recipient_restrictions = check_sender_access
hash:/etc/postfix/sender_access, check_sender_access
regexp:/etc/postfix/sender_access_regexp, permit_mynetworks,
check_client_access hash:/etc/postfix/blacklist_malware_patrol,
check_client_access cidr:/etc/postfix/client_checks,
reject_unauth_pipelining, permit_sasl_authenticated,
reject_non_fqdn_recipient, reject_unknown_recipient_domain,
reject_unauth_destination, reject_rhsbl_helo dbl.spamhaus.org,
reject_rbl_client zen.spamhaus.org, check_policy_service
inet:127.0.0.1:10023, check_policy_service unix:private/policyd-spf, permit
smtpd_relay_restrictions = permit_sasl_authenticated, permit_mynetworks,
reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_sender_restrictions = permit_mynetworks,
permit_sasl_authenticated, reject_unknown_sender_domain,
reject_unknown_reverse_client_hostname, reject_unknown_client_hostname
smtpd_timeout = 900
smtpd_tls_CAfile = /etc/ssl/certs/smtp.*****.com.crt
smtpd_tls_auth_only = no
smtpd_tls_cert_file = /etc/ssl/certs/server.pem
smtpd_tls_key_file = /etc/ssl/private/domain.key
smtpd_tls_loglevel = 1
smtpd_tls_mandatory_ciphers = medium
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
smtpd_tls_protocols = !SSLv2, !SSLv3
smtpd_tls_received_header = yes
smtpd_tls_security_level = may
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom
transport_maps = hash:/etc/postfix/transport
virtual_alias_maps = hash:/etc/postfix/virtual
Curtis Vaughan
IT Administrator/Director of Communications & Purchasing
North Pacific Corporation
Phone: 206-423-6979 ▪ Web: www.npc-usa.com
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
