Re: What exactly does that mean: maildrop/6B8F696F6: error writing 2737698C0: no recipients specified

Fri, 24 Oct 2014 06:03:30 -0700 

On Fri, Oct 24, 2014 at 01:59:57PM +0200, Jan P. Kessler wrote:

> # egrep "6B8F696F6|2737698C0" /var/log/maillog
> Oct 23 10:46:58 rv-smtpext-201 postfix/smtpd[1020]: [ID 197553 mail.info]
> 6B8F696F6: client=mail-la0-f45.google.com[209.85.215.45]
> Oct 23 10:46:58 rv-smtpext-201 postfix/cleanup[27791]: [ID 197553 mail.info]
> 6B8F696F6:
> message-id=<jsfcy39dev1kncus40xhttb6.1414053900...@email.android.com>

> Oct 23 10:46:59 rv-smtpext-201 postfix/qmgr[16441]: [ID 197553 mail.info]
> 6B8F696F6: from=<anonsen...@gmail.com>, size=129401, nrcpt=1 (queue active)

Notice that the queue-manager process id changes below!  Something
is running frequent "postfix reload" operations.

> Oct 23 10:50:19 rv-smtpext-201 postfix/qmgr[10619]: [ID 197553 mail.info]
> 6B8F696F6: from=<anonsen...@gmail.com>, size=129401, nrcpt=1 (queue active)
> 
> - Why do we see this line twice?
> 
> Oct 23 10:51:21 rv-smtpext-201 postfix/qmgr[11414]: [ID 197553 mail.info]
> 6B8F696F6: skipped, still being delivered

And the queue-manager pid changes yet again!  DO NOT DO THAT!

> Oct 23 10:51:26 rv-smtpext-201 postfix/smtp[10823]: [ID 197553 mail.info]
> 6B8F696F6: to=<ANONRCPT@local>, relay=smail1.mailintern.local[10.1.1.1]:25,
> delay=270, delays=203/57/10/0.02, dsn=2.0.0, status=sent (250 2.0.0 Ok:
> queued as B489018F20B5)

Finally the message is delivered, but in the mean-time:

> Oct 23 10:53:00 rv-smtpext-201 postfix/pickup[11413]: [ID 197553 mail.info]
> 2737698C0: uid=12345 from=<anonsen...@gmail.com> orig_id=6B8F696F6
> Oct 23 10:53:00 rv-smtpext-201 postfix/cleanup[12657]: [ID 197553 mail.info]
> 2737698C0:

Someone has moved the queue file to the maildrop directory while that was
happening via "postsuper -r ALL".

> message-id=<jsfcy39dev1kncus40xhttb6.1414053900...@email.android.com>
> Oct 23 10:53:00 rv-smtpext-201 postfix/pickup[11413]: [ID 947731
> mail.warning] warning: maildrop/6B8F696F6: error writing 2737698C0: no
> recipients specified

TOO MUCH MANUAL QUEUE MANAGEMENT.

> smtpd_tls_exclude_ciphers = EDH-RSA-DES-CBC3-SHA, DES-CBC3-SHA

If you don't want 3DES, better would be:

    smtpd_tls_exclude_ciphers = 3DES

There are more 3DES ciphers these days.

> smtpd_tls_mandatory_exclude_ciphers = EDH-RSA-DES-CBC3-SHA, DES-CBC3-SHA

This is redundant, the ciphers excluded with opportunistic TLS are
also excluded with mandatory TLS.

> smtpd_use_tls = yes

Better:

        smtpd_tls_security_level = may

-- 
        Viktor.

Reply via email to