Postfix (using haproxy) reporting inaccurate commands in log

Fri, 21 Jun 2019 14:11:03 -0700 

Hi everyone,
I'm running postfix 3.2.3 on FreeBSD, with a separate submission service receiving connections via haproxy and using the smtpd_upstream_proxy_protocol=haproxy flag. When haproxy performs its checks every 30 seconds, I get the following in my log (I've made it more verbose as I'm looking for the problem): 


Jun 21 17:00:08 mail_20170805 postfix-submissionproxy/smtpd[15167]: 
connection established
Jun 21 17:00:08 mail_20170805 postfix-submissionproxy/smtpd[15167]: 
master_notify: status 0
Jun 21 17:00:08 mail_20170805 postfix-submissionproxy/smtpd[15167]: 
name_mask: resource
Jun 21 17:00:08 mail_20170805 postfix-submissionproxy/smtpd[15167]: 
name_mask: software
Jun 21 17:00:08 mail_20170805 postfix-submissionproxy/smtpd[15167]: 
fd=9: stream buffer size old=0 new=1
Jun 21 17:00:08 mail_20170805 postfix-submissionproxy/smtpd[15167]: 
smtp_stream_setup: maxtime=30 enable_deadline=1
Jun 21 17:00:08 mail_20170805 postfix-submissionproxy/smtpd[15167]: 
smtp_get: EOF
Jun 21 17:00:08 mail_20170805 postfix-submissionproxy/smtpd[15167]: 
warning: haproxy read: unexpected EOF
Jun 21 17:00:08 mail_20170805 postfix-submissionproxy/smtpd[15167]: 
connect from unknown[unknown]
Jun 21 17:00:08 mail_20170805 postfix-submissionproxy/smtpd[15167]: 
match_list_match: unknown: no match
Jun 21 17:00:08 mail_20170805 postfix-submissionproxy/smtpd[15167]: 
disconnect from unknown[unknown] ehlo=2 starttls=1 auth=1 mail=1 rcpt=1 
data=1 quit=1 commands=8
Jun 21 17:00:08 mail_20170805 postfix-submissionproxy/smtpd[15167]: free 
all milters
Jun 21 17:00:08 mail_20170805 postfix-submissionproxy/smtpd[15167]: free 
milter inet:127.0.0.1:8891
Jun 21 17:00:08 mail_20170805 postfix-submissionproxy/smtpd[15167]: 
master_notify: status 1
Jun 21 17:00:08 mail_20170805 postfix-submissionproxy/smtpd[15167]: 
connection closed
Jun 21 17:00:08 mail_20170805 postfix-submissionproxy/smtpd[15167]: 
watchdog_stop: 0x804426eb0
Jun 21 17:00:08 mail_20170805 postfix-submissionproxy/smtpd[15167]: 
watchdog_start: 0x804426eb0



The tcpdump (-A) of the connection is:


17:00:08.595795 IP X.X.X.X.65208 > 192.168.6.43.22587: Flags [S], seq 
2290973093, win 65535, options [mss 1460,nop,wscale 6,sackOK,TS val 
2532892648 ecr 0], length 0

E..<..@.3.t..m?....+..X;..y........................
........

17:00:08.595856 IP 192.168.6.43.22587 > X.X.X.X.65208: Flags [S.], seq 
84132594, ack 2290973094, win 65535, options [mss 1460,nop,wscale 
6,sackOK,TS val 3043631115 ecr 2532892648], length 0

E..<..@.@.g....+.m?.X;........y....................
.j .....

17:00:08.619986 IP X.X.X.X.65208 > 192.168.6.43.22587: Flags [.], ack 1, 
win 1026, options [nop,nop,TS val 2532892673 ecr 3043631115], length 0

E..4..@.3.t..m?....+..X;..y.........2<.....
.....j .

17:00:08.620351 IP X.X.X.X.65208 > 192.168.6.43.22587: Flags [R.], seq 
1, ack 1, win 1026, options [nop,nop,TS val 2532892673 ecr 3043631115], 
length 0

E..4..@.3.t..m?....+..X;..y.........28.....
.....j .



I'm assuming that the "unknown[unknown]" in the "disconnect from" line 
is due to there being no actual proxy header sent.  However, the 
commands that follow suggest that there was an entire smtp conversation 
complete with a successful auth!



Is my understanding correct that there shouldn't be any commands?  (I'd 
assume the line would be there, but with "0" for each.)


Thank you in advance,
Joseph


PS:

My master.cf is as follows if that's important:
# postconf -Mf
smtp       inet  n       -       n       -       -       smtpd
    -o content_filter=spamassassin
    -o syslog_name=postfix-smtp
22525      inet  n       -       n       -       -       smtpd
    -o smtpd_upstream_proxy_protocol=haproxy
    -o smtpd_upstream_proxy_timeout=30s
    -o content_filter=spamassassin
    -o syslog_name=postfix-smtpproxy
22587      inet  n       -       n       -       -       smtpd -v -v
    -o smtpd_upstream_proxy_protocol=haproxy
    -o smtpd_upstream_proxy_timeout=30s
    -o syslog_name=postfix-submissionproxy
submission inet  n       -       n       -       -       smtpd
    -o syslog_name=postfix-submission
pickup     unix  n       -       n       60      1       pickup
cleanup    unix  n       -       n       -       0       cleanup
qmgr       unix  n       -       n       300     1       qmgr
tlsmgr     unix  -       -       n       1000?   1       tlsmgr
rewrite    unix  -       -       n       -       -       trivial-rewrite
bounce     unix  -       -       n       -       0       bounce
defer      unix  -       -       n       -       0       bounce
trace      unix  -       -       n       -       0       bounce
verify     unix  -       -       n       -       1       verify
flush      unix  n       -       n       1000?   0       flush
proxymap   unix  -       -       n       -       -       proxymap
proxywrite unix  -       -       n       -       1       proxymap
smtp       unix  -       -       n       -       -       smtp
relay      unix  -       -       n       -       -       smtp
showq      unix  n       -       n       -       -       showq
error      unix  -       -       n       -       -       error
retry      unix  -       -       n       -       -       error
discard    unix  -       -       n       -       -       discard
local      unix  -       n       n       -       -       local
virtual    unix  -       n       n       -       -       virtual
lmtp       unix  -       -       n       -       -       lmtp
anvil      unix  -       -       n       -       1       anvil
scache     unix  -       -       n       -       1       scache
spamassassin unix -      n       n       -       -       pipe user=spamd
    argv=/usr/local/bin/spamc -f -s 4000000 -e /usr/sbin/sendmail -oi -f
    ${sender} ${recipient}

policyd-spf unix -       n       n       -       0       spawn 
user=nobody

    argv=/usr/local/bin/policyd-spf






















					Reply via email to