Viktor Dukhovni:
> On Mon, Jul 25, 2016 at 01:05:00PM +0200, Ralf Hildebrandt wrote:
>
> > The complete log for 106.10.151.33:
> >
> > > Jul 23 03:58:49 mail-cbf postfix/postscreen[36326]: CONNECT from
> > > [106.10.151.33]:58305 to [193.175.73.208]:25
> > > Jul 23 03:58:52 mail-cbf postfix/postscreen[36326]: CONNECT from
> > > [106.10.151.33]:47500 to [193.175.73.208]:25
> > > Jul 23 03:58:52 mail-cbf postfix/postscreen[36326]: NOQUEUE: reject: RCPT
> > > from [106.10.151.33]:58305: 450 4.3.2 Service currently unavailable;
> > > from=<chineseg...@yahoo.com>, to=<firstname.georgi...@charite.de>,
> > > proto=ESMTP, helo=<nm21-vm2.bullet.mail.sg3.yahoo.com>
> > > Jul 23 03:58:53 mail-cbf postfix/postscreen[36326]: NOQUEUE: reject: RCPT
> > > from [106.10.151.33]:58305: 450 4.3.2 Service currently unavailable;
> > > from=<chineseg...@yahoo.com>, to=<hans.lastn...@charite.de>, proto=ESMTP,
> > > helo=<nm21-vm2.bullet.mail.sg3.yahoo.com>
> > > Jul 23 03:58:53 mail-cbf postfix/postscreen[36326]: PASS NEW
> > > [106.10.151.33]:58305
> > > Jul 23 03:58:53 mail-cbf postfix/postscreen[36326]: DISCONNECT
> > > [106.10.151.33]:58305
> > > Jul 23 03:58:54 mail-cbf postfix/postscreen[36326]: DISCONNECT
> > > [106.10.151.33]:47500
>
> What's odd here, is that the host always makes two parallel TLS
> connections (you must have some "late" tests enabled to get all
> the way to STARTTLS), with the first connection logging tempfailed
> recipients and logging "PASS NEW", and soon after the second seems
> to just disconnect without logging either. Don't know what if
> anything that second connection does to the cached state.
First the client passes all tests in the session from
[106.10.151.33]:58305, and postscreen caches that result.
However, the other session ends without passing deep protocol
tests, and when that session ends, postscreen caches only the tests
that were passed in that session, i.e. no deep protocol tests.
I'll see if it is possible to handle this without keeping too much
state in postscreen for too much time.
Wietse
