from smtp.c: debug_peer_check(request->nexthop, "noaddr");
The string being compared to debug_peer_list is the nexthop.
have you tried debug_peer_list = example.com
This single match should cover all servers, however many, for that domian.
I don't think the IP address of the actual peer machine is ever
compared, unless the nexthop was actually specified as an IP address.
On 30/04/2023 3:02 pm, Viktor Dukhovni via Postfix-users wrote:
On Sun, Apr 30, 2023 at 06:41:06AM +0200, Kolusion K wrote:
Apr 30 14:32:16 generalpurpose postfix/smtp[2299]:
78D1D80AD7: to=<sa...@tnet.hk>, relay=none,
delay=414074, delays=413981/0.19/93/0, dsn=4.4.1,
status=deferred (connect to mxw.mxhichina.com[47.246.99.195]:25:
Connection timed out)
The domain has two MX hosts, with three IPv4 addresses and 0 IPv6:
tnet.hk. IN MX 5 mxn.mxhichina.com.
tnet.hk. IN MX 10 mxw.mxhichina.com.
mxn.mxhichina.com. IN A 47.246.136.231
mxn.mxhichina.com. IN A 47.246.137.47
mxw.mxhichina.com. IN A 47.246.99.195
you're reporting the connection failure to the secondary, but the real
problem is typically the failure to connect/deliver via the primary.
The reason for the "93" second connection setup delay is that all
three connections timed out, taking ~30s each.
That said, I can connect to all three:
$ posttls-finger -c -lmay -Lsummary "[mxn.mxhichina.com]"
posttls-finger: Untrusted TLS connection established
to mxn.mxhichina.com[47.246.137.47]:25:
TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (2048 bits)
server-digest SHA256
$ posttls-finger -c -lmay -Lsummary "[47.246.136.231]"
posttls-finger: Untrusted TLS connection established
to 47.246.136.231[47.246.136.231]:25:
TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (2048 bits)
server-digest SHA256
$ posttls-finger -c -lmay -Lsummary "[mxw.mxhichina.com]"
posttls-finger: Untrusted TLS connection established
to mxw.mxhichina.com[47.246.99.195]:25:
TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (2048 bits)
server-digest SHA256
The domain I am sending to has multiple e-mail server IP addresses.
How can I add multiple IP addresses when using the 'debug_peer_list'
attribute?
- Does the word "list" suggest any possibilities?
Mind you, if you can't make a TCP connection to port 25 on the IPs in
question, you won't find anything useful in the debug logs. Perhaps the
firewalls in front of the SMTP servers in question are blocking
connections from your network. Not much you can do about that.
I am trying to send an e-mail, but the receving e-mail server is
timing out, as per Postfix's mail log file.
1. Per<https://www.postfix.org/DEBUG_README.html#mail> post (this time in
plain text rather than HTML form!) your server's configuration settings:
$ postconf -nf
$ postconf -Mf
being sure to not rewrap line breaks. Attach the output as a text
file if that's the easiest way to preserve whitespace.
Is there a reason you failed to send the configuration details?
2. At what stage in the email transaction is the timeout occuring?
Post the specific log entries related to the transmission of one
or a few messages that time out.
Is there a reason you did not send a more complete set of log entries,
for example also the failure via the primary MX?
--
This email has been checked for viruses by AVG antivirus software.
www.avg.com
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
