On , Stan Hoeppner wrote:
On 5/3/2014 7:54 AM, post...@nisny.com wrote:
On , wie...@porcupine.org wrote:
...
relay=mx4.icloud.com.akadns.net[17.172.34.67]:25, delay=177,
delays=0.3/0.01/177/0, dsn=4.4.2, status=deferred (lost
connection with mx4.icloud.com.akadns.net[17.172.34.67] while
receiving
the initial server greeting)
17.172.34.67
0.3 = No congestion within the Postfix queue.
0.01 = TCP completes immediately.
177 = Postfix waits for the 220 greeting until the connection is
dropped.
I suggest that you take Postfix out of the loop, and diagnose this
further with plain old telnet.
Wietse
Wietse, thank you for your efforts. Telnet isn't telling me anything
new:
Trying 17.172.34.70...
Connected to st11p00mm-mx006.me.com.
Escape character is '^]'.
220 st11p00mm-smtpin012.mac.com -- Server ESMTP (Oracle Communications
Messaging Server 7u4-27.08(7.0.4.27.7) 64bit (built Aug 22 2013))
17.172.34.70
As you can see, I'm getting an immediate 220 from them which postfix
apparently is not getting. I can, of course, continue the telnet
session and send a complete email which is received by the recipient.
Note that you are manually telnet testing against a different host than
the one logged by Postfix with the greet timeout. Also note there are
12 MX hosts in the me.com/mac.com inbound farm. Depending on the
nature
of the problem, you may only see it with 17.172.34.67, and the other 11
may be fine.
You need to perform proper and thorough testing in order to determine
if
this problem exists with only one of the 11 farm hosts, or more than
one, and if it is transient or ongoing.
;; QUESTION SECTION:
;mac.com. IN MX
;; ANSWER SECTION:
mac.com. 3600 IN MX 10
mx4.mac.com.akadns.net.
mac.com. 3600 IN MX 10
mx3.mac.com.akadns.net.
mac.com. 3600 IN MX 10
mx1.mac.com.akadns.net.
mac.com. 3600 IN MX 10
mx5.mac.com.akadns.net.
mac.com. 3600 IN MX 10
mx2.mac.com.akadns.net.
mac.com. 3600 IN MX 10
mx6.mac.com.akadns.net.
;; ADDITIONAL SECTION:
mx3.mac.com.akadns.net. 300 IN A 17.172.34.65
mx5.mac.com.akadns.net. 300 IN A 17.172.34.69
mx2.mac.com.akadns.net. 300 IN A 17.172.34.12
mx4.mac.com.akadns.net. 300 IN A 17.172.34.67
mx2.mac.com.akadns.net. 300 IN A 17.172.34.11
mx4.mac.com.akadns.net. 300 IN A 17.172.34.66
mx6.mac.com.akadns.net. 300 IN A 17.172.34.71
mx1.mac.com.akadns.net. 300 IN A 17.172.34.9
mx1.mac.com.akadns.net. 300 IN A 17.172.34.10
mx3.mac.com.akadns.net. 300 IN A 17.172.34.64
mx5.mac.com.akadns.net. 300 IN A 17.172.34.68
mx6.mac.com.akadns.net. 300 IN A 17.172.34.70
;; QUESTION SECTION:
;me.com. IN MX
;; ANSWER SECTION:
me.com. 3600 IN MX 10
mx4.me.com.akadns.net.
me.com. 3600 IN MX 10
mx5.me.com.akadns.net.
me.com. 3600 IN MX 10
mx3.me.com.akadns.net.
me.com. 3600 IN MX 10
mx6.me.com.akadns.net.
me.com. 3600 IN MX 10
mx1.me.com.akadns.net.
me.com. 3600 IN MX 10
mx2.me.com.akadns.net.
;; ADDITIONAL SECTION:
mx1.me.com.akadns.net. 300 IN A 17.172.34.9
mx6.me.com.akadns.net. 300 IN A 17.172.34.70
mx4.me.com.akadns.net. 300 IN A 17.172.34.66
mx2.me.com.akadns.net. 300 IN A 17.172.34.12
mx5.me.com.akadns.net. 300 IN A 17.172.34.69
mx4.me.com.akadns.net. 300 IN A 17.172.34.67
mx3.me.com.akadns.net. 300 IN A 17.172.34.65
mx6.me.com.akadns.net. 300 IN A 17.172.34.71
mx1.me.com.akadns.net. 300 IN A 17.172.34.10
mx5.me.com.akadns.net. 300 IN A 17.172.34.68
mx2.me.com.akadns.net. 300 IN A 17.172.34.11
mx3.me.com.akadns.net. 300 IN A 17.172.34.64
Cheers,
Stan
Stan, thank you I should have been clearer. Postfix 2.10.2 runs through
all mx records for the domain (icloud.com) and fails with all. I
tested telnet with all and they all returned 220 instantaneously.
% dig icloud.com mx
; <<>> DiG 9.8.4-P2 <<>> icloud.com mx
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21113
;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;icloud.com. IN MX
;; ANSWER SECTION:
icloud.com. 3600 IN MX 10
mx4.icloud.com.akadns.net.
icloud.com. 3600 IN MX 10
mx1.icloud.com.akadns.net.
icloud.com. 3600 IN MX 10
mx6.icloud.com.akadns.net.
icloud.com. 3600 IN MX 10
mx2.icloud.com.akadns.net.
icloud.com. 3600 IN MX 10
mx3.icloud.com.akadns.net.
icloud.com. 3600 IN MX 10
mx5.icloud.com.akadns.net.
;; Query time: 76 msec
;; SERVER: 208.79.80.18#53(208.79.80.18)
;; WHEN: Sat May 3 19:38:34 2014
;; MSG SIZE rcvd: 169
% telnet mx4.icloud.com.akadns.net 25
Trying 17.172.34.67...
Connected to mx4.icloud.com.akadns.net.
Escape character is '^]'.
220 st11p00mm-smtpin009.mac.com -- Server ESMTP (Oracle Communications
Messaging Server 7u4-27.08(7.0.4.27.7) 64bit (built Aug 22 2013))
% telnet mx1.icloud.com.akadns.net 25
Trying 17.172.34.10...
Connected to mx1.icloud.com.akadns.net.
Escape character is '^]'.
220 st11p00mm-smtpin003.mac.com -- Server ESMTP (Oracle Communications
Messaging Server 7u4-27.08(7.0.4.27.7) 64bit (built Aug 22 2013))
% telnet mx6.icloud.com.akadns.net 25
Trying 17.172.34.70...
Connected to mx6.icloud.com.akadns.net.
Escape character is '^]'.
220 st11p00mm-smtpin012.mac.com -- Server ESMTP (Oracle Communications
Messaging Server 7u4-27.08(7.0.4.27.7) 64bit (built Aug 22 2013))
% telnet mx2.icloud.com.akadns.net 25
Trying 17.172.34.12...
Connected to mx2.icloud.com.akadns.net.
Escape character is '^]'.
220 st11p00mm-smtpin014.mac.com -- Server ESMTP (Oracle Communications
Messaging Server 7u4-27.08(7.0.4.27.7) 64bit (built Aug 22 2013))
% telnet mx3.icloud.com.akadns.net 25
Trying 17.172.34.65...
Connected to mx3.icloud.com.akadns.net.
Escape character is '^]'.
220 st11p00mm-smtpin011.mac.com -- Server ESMTP (Oracle Communications
Messaging Server 7u4-27.08(7.0.4.27.7) 64bit (built Aug 22 2013))
% telnet mx5.icloud.com.akadns.net 25
Trying 17.172.34.68...
Connected to mx5.icloud.com.akadns.net.
Escape character is '^]'.
220 st11p00mm-smtpin012.mac.com -- Server ESMTP (Oracle Communications
Messaging Server 7u4-27.08(7.0.4.27.7) 64bit (built Aug 22 2013))
Yes, me.com and mac.com are affected as well (as you can see mac.com at
least shares some mx servers in common).
I have the existing (old) server running 2.8.7 which connects without
incident. I've tested 2.8.17 on a new server which shares the same
problem with 2.10.2.
