Answering my own question for the sake of posterity: The issue turned out to be a timeout while handling TLS encrypted connections. I was able to fix the problem by editing `/etc/spamdyke/spamdyke.conf` to change:
idle-timeout-secs=60 to idle-timeout-secs=540 (probably overkill, but I'm leaving it at that until I figure out what an acceptable setting is). I still don't understand why this should be happening, when the server was working fine until yesterday, and nothing in my configuration has changed. The server is under almost no load (load average: 0.15 or less), so it's not as if it's overwhelmed. It also doesn't seem to affect all TLS encrypted messages equally; some are processed in a couple of seconds at most, others take several minutes. If anyone has any thoughts on this, I'd be interested to hear them. Angus Angus McIntyre wrote on 1/16/23 8:22 PM: > I have a qmailtoaster that's been running without problems for a while. > I haven't made any configuration changes, and the server is healthy, > with enough disk space available etc. > > Today, I noticed that certain expected messages are not getting > delivered. Lots of mail is still coming in without problems, but certain > transactions are failing silently. > > The normal pattern that I see in the logs for a healthy delivery looks > something like: > > tcpserver: pid 2356283 from 123.123.123.123 > tcpserver: ok 2356283 s6:111.111.111.111:25 :123.123.123.123::40631 > CHKUSER accepted sender: from <otheru...@gmail.com::> remote <mail- > qt1-f176.google.com:unknown:123.123.123.123> rcpt <> : sender accepted > CHKUSER accepted any rcpt: from <otheru...@gmail.com::> remote <mail- > qt1-f176.google.com:unknown:123.123.123.123> rcpt > <myu...@mydomain.com> : accepted any recipient for this domain > policy_check: remote otheru...@gmail.com -> local myu...@mydomain.com > (UNAUTHENTICATED SENDER) > policy_check: policy allows transmission > simscan:[2356286]:CLEAN (-0.30/100.00):1.9436s:Re_ Some > Topic:123.123.123.123:otheru...@gmail.com:myu...@mydomain.com > mail recv: pid 2356286 from <otheru...@gmail.com> qp 2356287 > > For the problem ones, it gets as far as: > > CHKUSER accepted sender: from <otheru...@gmail.com::> remote <mail- > qt1-f176.google.com:unknown:123.123.123.123> rcpt <> : sender accepted > > and then stops. There's no "CHKUSER accepted any rcpt" and the delivery > never completes. > > This doesn't seem to be connected to the actual recipient: all > recipients receive some mail, just not all of it. However, specific > incoming messages appear to fail consistently. > > Has anyone encountered this? And do you have any insight into what could > be causing an apparent failure between sender acceptance and recipient > acceptance in CHKUSER? What tests does CHKUSER perform to determine if a > recipient is accepted? > > Thanks for any help or suggestions, > > Angus > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com > For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com > --------------------------------------------------------------------- To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
