Wietse Venema <wie...@porcupine.org> wrote: > Michael Grimm: >> I do have to admit that I haven't been using tcpdump a lot. I found 35 >> distinct IP addresses that do trigger 'signal 11'. I am currently running >> tcpdump on both servers with those addresses. AND: I did remove >> smtputf8_enable=8 on master.cf for these tests. Hope that's what you wish me >> to do? > > The logging will help to identify which connection experienced a > signal 11 problem; you can filter that specific connection > > tcpdump -r /input/file -w /output/file port 12345 > > or whatever client port number was logged.
Thanks. My tcpdump file is filling slowly, but nothing of interest so far. I guess that will take at least 24 hours (or more). >> But I do have to listen at my interface facing outside. Hope that will work, >> because my mailservers are running within bridged VNET FBSD jails, and >> tcpdump doesn't run on the inside part of the bridge. >> >> I did chose to omit the -s flag and stay to the default size of 262144, or >> should I reduce that to 2000? > > With modern tcpdump implementations, '-s 0' will capture the complete packet. FreeBSD's tcpdump: | -s | Setting snaplen to 0 sets it to the default of 262144, for backwards compatibility with recent older versions of tcpdump. Thus, I omitted that flag. > Please do not send these to the mailing list :-) :-) Regards, Michael
