30. Jan 2015 19:21 by postfix-us...@dukhovni.org:
> What software is listening on that port?
>
I see it is the Postfix part of the Zimbra commercail mail server.
I am told that it must be a unique port for only using TLS AUTH.
>> I can check this now with simple telnet
>>
>> ?telnet XX.XX.XX.XX 9443
>> ?? Trying XX.XX.XX.XX....
>> ?? Connected to XX.XX.XX.XX.
>> ?? Escape character is '^]'.
>
> Where is the SMTP 220 banner???
>
I do not know. That is only the reply that I see to telnet.
For a #2 server that I control especially that is clean Postfix I know how to
make all this work. The documents are thick but they are clear as soon as I
know which too look for.
For this commercial server I do not know so much. Their Postfix is not so
clean as upstream here I think.
>> So now in the Postfix #1 relay client configuration I set
>>
>> - relay_transport = relay2:[XX.XX.XX.XX]:25
>> + relay_transport = relay2:[XX.XX.XX.XX]:9443
>
> No, you should have stopped at the previous step, your port 9443
> service is not working. Look in the logs on that server.
>
There is nothing in the logs about the port 9443 service. So they say to me.
>> Jan 30 18:24:22 srchsvr PF-out/relay2/smtp[19829]: 160973C11E:
>> to=<>> srcht...@clientdomain.com>> >, relay=XX.XX.XX.XX[XX.XX.XX.XX]:9443,
>> delay=60, delays=0.01/0.01/60/0, dsn=4.4.2, status=deferred (lost
>> connection
>> with XX.XX.XX.XX[XX.XX.XX.XX] while receiving the initial server greeting)
>
> As expected. Check the remote logs.
>
May be there can be some other better logging. I will ask the admin.
>> I have changed the >> http://master.cf>> for PF-out to 'qmgr -v'
>
> Whatever for?
>
I was meaning for the PF-in. But only because it is very obvious to me that
there is a quiet minute imediately after it. That is strange. So I look to
see may be it is the problem.
>> and 'relay2 ... smtp -v'
>
> The remote server does not answer, debugging the local side is pointless,
> especially the queue manager which does not even communicate with the
> remote system.
>
I do not understand the problem is with the no reponse only because I do not
see in my #1 server logs the details of the communication to the remote. May
be because I did not yet look in the right logs.
*S*
PS
When I tell the admin there to check the logs more when I test again with
telnet
telnet XX.XX.XX.XX 9443
Trying XX.XX.XX.XX...
Connected to XX.XX.XX.XX.
Escape character is '^]'.
On the #2 server there is a 'trace log' that sees only this info
19:41:27.246:qtp5875679863-15-selector-ServerConnectorManager@8d369853/1
OPENED SslConnection@2b076a2f{NEED_UNWRAP,eio=-1/-1,di=-1} ->
HttpConnection@8bc779de{IDLE}
19:41:27.246:qtp5875679863-15-selector-ServerConnectorManager@8d369853/1
OPENED HttpConnection@8bc779de{IDLE}
He says there is no more. I think that is not so right. There can always be
more.
This says nothing that is helping to me. I think may be the problem is still
some other place.
