Just for the record: 

I have been able to narrow it down to socketfilterfw (macOS Application 
Firewall).

Basically, where it was working OK in macOS Mojave (and so I did not suspect 
anything — wrong), it turns out to be a real dog in Monterey. In terms of what 
happens, there is completely no method to the madness of macOS here. 

But the problem was (as Wietse surmised from postfix not logging anything) that 
nothing is wrong with postfix, it is just the first service/port combo (because 
so many initiations on port 25) that runs into some sort of ‘full’ problem, 
which behaves a bit as running out of a resource by not freeing stuff (a leak 
of sorts) and then simply stopping to accept new connections and never passing 
them on to postfix. So, while it seemed postfix was giving up because 
everything in socketfilterfw seemed to be going smoothly, it was in fact 
socketfilterfw giving up.

Without socketfilterfw active in the kernel it runs for days on end without a 
hitch.

Note: with socketfilterfw on, app firewall.log is there in macOS Monterey, it 
is created, but nothing ends up in it. But we all know that logging in macOS 
has been so thoroughly destructed that that isn’t surprising. The quality of 
low level work in macOS is like it was in NeXTSTEP: often interesting ideas or 
innovations, but executed in a way that they only become thoroughly 
frustrating, buggy, and so forth.

Someone with good core OS software reliability skills should help Apple out.

Gerben Wierda (LinkedIn <https://www.linkedin.com/in/gerbenwierda>)
R&A IT Strategy <https://ea.rna.nl/> (main site)
Book: Chess and the Art of Enterprise Architecture <https://ea.rna.nl/the-book/>
Book: Mastering ArchiMate <https://ea.rna.nl/the-book-edition-iii/>

> On 5 Mar 2022, at 12:44, daniel Azuelos <daniel+post...@azuelos.org> wrote:
> 
> [ Rédigé dans le sens de lecture professionnel.
>  Written in the professional reading direction. ]
> 
> Le (on) 04/03/2022, Gerben Wierda <gerben.wie...@rna.nl> a écrit (wrote):
> 
> | I have upgraded my postfix 3.6 to postfix 3.7.0 as well as having upgraded 
> my macOS on which postfix runs from 10.4 (Mojave) to 12 (Monterey)
> | 
> | I have the following problem. postfix is running as expected, but at some 
> point it becomes inoperable on port 25 listening for incoming connections. 
> Using a telnet connection to port 25 just gives no reply and times out. There 
> are no error messages that I see. The last entry in postfix.log is:
> [...]
> 
> This is plainly a MacOS problem. This is an OS which is made for incompetent
> users because this is their religion: "Users are stupid, and we should
> keep them in this state of dependancy, so as to be able to sell them new
> sexy crap every 3 years."
> 
> More serously, fire:
>       tail -f /var/log/appfirewall.log
> or better:
>       tail -f /var/log/appfirewall.log | grep master
> and you'll see the origin of ypour problem.
> 
> In a working postfix env, you should see a flow of:
> 
> Mar  5 12:35:46 milky-way.local socketfilterfw[216] <Info>: master: Allow TCP 
> CONNECT (in:2 out:0)
> -- 
>    « The only thing necessary for the triumph of evil
>    is for good men to do nothing. »
>                                                Edmund Burke
> --------
> daniel Azuelos

Reply via email to