On Thu, Apr 22, 2010 at 06:35:52PM -0400, Bill Cole wrote: > The Doctor wrote, On 4/22/10 5:38 PM: >> First off apologies for the rather sharp tone: >> >> A case of too many agngry customers breathing down the neck. >> >> Anyhow I have been since recover been getting many of these: >> >> ----- Forwarded message from Mail Delivery >> System<mailer-dae...@doctor.nl2k.ab.ca> ----- >> >> X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on doctor.nl2k.ab.ca >> X-Spam-Level: >> X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=ham >> version=3.3.1 >> X-Original-To: postmaster >> Delivered-To: postmas...@doctor.nl2k.ab.ca >> Date: Thu, 22 Apr 2010 14:52:20 -0600 (MDT) >> From: Mail Delivery System<mailer-dae...@doctor.nl2k.ab.ca> >> To: Postmaster<postmas...@doctor.nl2k.ab.ca> >> Subject: Postfix SMTP server: errors from >> mail-iw0-f172.google.com[209.85.223.172] >> >> Transcript of session follows. >> >> Out: 220 doctor.nl2k.ab.ca ESMTP Postfix (2.8-20100323) >> In: XXXX mail-iw0-f172.google.com >> Out: 402 4.5.2 Error: command not recognized > > This looks like the behavior of a broken firewall playing games with > (E)SMTP commands. The Google client machine almost certainly said 'EHLO' > and something between it and Postfix decided to replace that with 'XXXX' so > that it would back off to baseline SMTP. That alone is not necessarily > evil, but every example of firewalls trying that sort of intrusion into the > application layer of mail (most of them done by Cisco) has resulted in bad > breakage. That firewall may or may not be the cause of your current > trouble, but allowing it to do such things will cause you trouble. > >> In: HELO mail-iw0-f172.google.com >> Out: 250 doctor.nl2k.ab.ca >> In: MAIL FROM:<supressed> >> Out: 250 2.1.0 Ok >> In: RCPT TO:<surpressed> >> Out: 250 2.1.5 Ok >> In: DATA >> Out: 354 End data with<CR><LF>.<CR><LF> >> Out: 451 4.3.0 Error: queue file write error > > http://www.postfix.org/SMTPD_PROXY_README.html explains one possible source > of this: inability to connect to a before-queue proxy. > > Others include permissions and storage space issues with your queue > directory and various other configuration errors. What is sent back to the > client in this class of circumstances is documented as being "intentionally > vague" so you really do need to look at the log for useful info. >
Might be the cause. I am running amavis on 10024/5 and clamsmtp on 10125/6 > >> In: QUIT >> Out: 221 2.0.0 Bye >> >> >> For other details, see the local mail logfile > > You need to do that. See http://www.postfix.org/DEBUG_README.html#logging > Will do. > >> ----- End forwarded message ----- >> >> >> And I get the customer saying :" I am getting repeated e-mails >> coming through". > > As that session shows no message being received, it is not involved in any > sort of repeats. > >> Questions: Has anyone seen this happen before ? > > A few seconds with Google could have answered that question for you. > > The answer I get from skimming a few results is "Yes, and it seems to be a > particular problem for people using Plesk." That is probably not a very > useful answer, but it was a very broad question. > >> Do you need to see my master.cf / main.cf files? > > See http://www.postfix.org/DEBUG_README.html#mail > > In general, 'postconf -n' output is better than passing along all of > main.cf, because it provides just the non-default configurations that > postfix is actually using. The uncommented lines from master.cf can > sometimes be helpful as well, but they can often be inferred from log > entries. > > > > -- Member - Liberal International This is doc...@nl2k.ab.ca Ici doc...@nl2k.ab.ca God, Queen and country! Never Satan President Republic! Beware AntiChrist rising! http://twitter.com/rootnl2k http://www.facebook.com/dyadallee UK Time for a Common Sense change vote Liberal Democrat / Alliance
