On Thu, Jun 27, 2019 at 06:26:11AM +1000, Warren Toomey wrote:
> Warren wrote:
> > > One of my list members has his own SMTP server. He's configured it to
> > > return
> > > a large multiline response to the initial EHLO from a client. Apparently
> > > when my Postfix installation connects to him, it sits idly after the
> > > multiline
> > > response and never goes on to issue further SMTP commands.
>
> On Wed, Jun 26, 2019 at 06:46:37AM -0400, Wietse Venema wrote:
> > What is the IP address?
>
> aneurin.horsfall.org[110.141.193.233] and the person is dave@
> that domain.
Running "posttls-finger", I see rather long pre-greet delay (somewhat less
than the default 30s timeout in posttls-finger in the below):
$ posttls-finger "[aneurin.horsfall.org]"
posttls-finger: Connected to aneurin.horsfall.org[110.141.193.233]:25
posttls-finger: < 220-aneurin.horsfall.org ESMTP Sendmail 8.15.2/8.15.2;
Thu, 27 Jun 2019 06:48:24 +1000 (EST);
posttls-finger: < 220-NO UBE C=AU ST=NSW
posttls-finger: < 220-
posttls-finger: < 220-NO UCE C=AU ST=NSW
posttls-finger: < 220-
posttls-finger: < 220-This mail server is the private property of Dave
Horsfall located near Sydney, New South Wales, Australia.
posttls-finger: < 220-
posttls-finger: < 220-Your use of my server is subject to both my and your
State and Federal laws.
posttls-finger: < 220-
posttls-finger: < 220-Your IP address has been recorded, and your actions
will be logged.
posttls-finger: < 220-
posttls-finger: < 220-This server complies with all relevant RFC documents
and therefore may cause problems for non-RFC compatible clients; no
responsiblity can be taken for any such behaviour arising from such non-RFC
compliancy.
posttls-finger: < 220-
posttls-finger: < 220-In addition, we reserve the right to exercise due
diligence upon yourself in turn, up to and including testing your server for
certain vulnerabilities.
posttls-finger: < 220-
posttls-finger: < 220-Further use of this server constitutes acceptance of
this policy.
posttls-finger: < 220-
posttls-finger: < 220-Disconnect NOW if you do not agree to this policy.
posttls-finger: < 220-
posttls-finger: < 220
posttls-finger: > EHLO straasha.imrryr.org
posttls-finger: < 250-aneurin.horsfall.org Hello <censored-name>
[<censored-ip>], pleased to meet you
posttls-finger: < 250-ENHANCEDSTATUSCODES
posttls-finger: < 250-PIPELINING
posttls-finger: < 250-8BITMIME
posttls-finger: < 250-SIZE
posttls-finger: < 250-DSN
posttls-finger: < 250-ETRN
posttls-finger: < 250-DELIVERBY
posttls-finger: < 250 HELP
posttls-finger: > QUIT
posttls-finger: < 221 2.0.0 aneurin.horsfall.org closing connection
Perhaps your SMTP delivery agent is not patient-enough. What are
your timeout settings? I have:
$ postconf | grep '^smtp_.*_timeout ='
smtp_connect_timeout = 30s
smtp_data_done_timeout = 600s
smtp_data_init_timeout = 120s
smtp_data_xfer_timeout = 180s
smtp_helo_timeout = 300s
smtp_mail_timeout = 300s
smtp_quit_timeout = 300s
smtp_rcpt_timeout = 300s
smtp_rset_timeout = 20s
smtp_starttls_timeout = 300s
smtp_tls_session_cache_timeout = 3600s
smtp_xforward_timeout = 300s
The default timeout for both the greeting and the EHLO response is:
smtp_helo_timeout = 300s
--
Viktor.
