On Sun, Apr 30, 2023 at 06:41:06AM +0200, Kolusion K wrote:
> Apr 30 14:32:16 generalpurpose postfix/smtp[2299]:
> 78D1D80AD7: to=<sa...@tnet.hk>, relay=none,
> delay=414074, delays=413981/0.19/93/0, dsn=4.4.1,
> status=deferred (connect to mxw.mxhichina.com[47.246.99.195]:25:
> Connection timed out)
The domain has two MX hosts, with three IPv4 addresses and 0 IPv6:
tnet.hk. IN MX 5 mxn.mxhichina.com.
tnet.hk. IN MX 10 mxw.mxhichina.com.
mxn.mxhichina.com. IN A 47.246.136.231
mxn.mxhichina.com. IN A 47.246.137.47
mxw.mxhichina.com. IN A 47.246.99.195
you're reporting the connection failure to the secondary, but the real
problem is typically the failure to connect/deliver via the primary.
The reason for the "93" second connection setup delay is that all
three connections timed out, taking ~30s each.
That said, I can connect to all three:
$ posttls-finger -c -lmay -Lsummary "[mxn.mxhichina.com]"
posttls-finger: Untrusted TLS connection established
to mxn.mxhichina.com[47.246.137.47]:25:
TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (2048 bits)
server-digest SHA256
$ posttls-finger -c -lmay -Lsummary "[47.246.136.231]"
posttls-finger: Untrusted TLS connection established
to 47.246.136.231[47.246.136.231]:25:
TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (2048 bits)
server-digest SHA256
$ posttls-finger -c -lmay -Lsummary "[mxw.mxhichina.com]"
posttls-finger: Untrusted TLS connection established
to mxw.mxhichina.com[47.246.99.195]:25:
TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (2048 bits)
server-digest SHA256
> The domain I am sending to has multiple e-mail server IP addresses.
> How can I add multiple IP addresses when using the 'debug_peer_list'
> attribute?
- Does the word "list" suggest any possibilities?
Mind you, if you can't make a TCP connection to port 25 on the IPs in
question, you won't find anything useful in the debug logs. Perhaps the
firewalls in front of the SMTP servers in question are blocking
connections from your network. Not much you can do about that.
> > > I am trying to send an e-mail, but the receving e-mail server is
> > > timing out, as per Postfix's mail log file.
> >
> > 1. Per <https://www.postfix.org/DEBUG_README.html#mail> post (this time in
> > plain text rather than HTML form!) your server's configuration settings:
> >
> > $ postconf -nf
> > $ postconf -Mf
> >
> > being sure to not rewrap line breaks. Attach the output as a text
> > file if that's the easiest way to preserve whitespace.
Is there a reason you failed to send the configuration details?
> > 2. At what stage in the email transaction is the timeout occuring?
> > Post the specific log entries related to the transmission of one
> > or a few messages that time out.
Is there a reason you did not send a more complete set of log entries,
for example also the failure via the primary MX?
--
Viktor.
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
