Hi Angus,
thanks for you reply.
We are not using greylisting in spamdyke.
Il 03/03/21 19:00, Angus McIntyre via spamdyke-users ha scritto:
I think spamdyke implements greylisting by sending a 421 Temporary
Failure code on first connection. That might be what's happening here.
Greylisting is off by default, but if you have it turned on you could
set `graylist-level` to `none` to turn it off. If you want to keep it on
but just fix it for that specific domain, you should be able to
configure exceptions by adding appropriate `graylist-exception-ip-entry`
or `graylist-exception-rdns-entry` entries.
Incidentally, I tend to favor disabling greylisting these days. The
original intention was to protect against spam clients that couldn't
recognize the 421 error as indicating a temporary condition: they'd try
once, get an error code, and go away. But from what I see in my own
server logs, many -- most? -- spam clients these days just keep
attempting redeliveries until either something gets delivered or they
hit some threshold number of retries. Greylisting is no help against those.
Angus
Alessio Cecchi via spamdyke-users wrote on 3/3/21 12:22 PM:
Hi,
when a specific company send an email to us we receive the messages many
times, but only if they insert into recipients about 50 email address of
the same domain, if they sent the same email to only one recipients all
works fine.
After some investigation, with "full-log-dir" enabled, we discovered
that our qmail send a "421 timeout" to remote server but when the email
is already accepted, so the remote server try again and so on.
Debug log, please note the delay from the last . and the error, five
minutes and note that "421 timeout" error was sent before of "250 ok"
from qmail:
========
[...]
03/02/2021 12:03:00 FROM REMOTE TO CHILD: 3 bytes TLS
.
03/02/2021 12:08:01 LOG OUTPUT TLS
ERROR(tls_write()@tls.c:678): unable to write to SSL/TLS stream: The
operation failed due to an I/O error, Connection reset by peer
ERROR(output_writeln()@log.c:104): unable to write 37 bytes to file
descriptor 1: Connection reset by peer
03/02/2021 12:08:01 FROM SPAMDYKE TO REMOTE: 37 bytes TLS
421 Timeout. Talk faster next time.
03/02/2021 12:08:01 LOG OUTPUT TLS
TIMEOUT from: [email protected] to: [email protected] origin_ip:
40.107.3.43 origin_rdns:
mail-eopbgr30043.outbound.protection.outlook.com auth: (unknown)
encryption: TLS reason: TIMEOUT
03/02/2021 12:10:06 FROM CHILD, FILTERED: 28 bytes TLS
250 ok 1614683406 qp 12548
03/02/2021 12:10:06 - TLS ended and closed
03/02/2021 12:10:06 CLOSED
========
So I set the timeout from 600 to 1200 in qmail-smtpd, remove
"idle-timeout" from spamdyke, and disable the softlimit, the error
change but the problem is still present:
========
03/02/2021 13:59:27 FROM REMOTE TO CHILD: 3 bytes TLS
.
03/02/2021 14:06:34 LOG OUTPUT TLS
ERROR(tls_write()@tls.c:678): unable to write to SSL/TLS stream: The
operation failed due to an I/O error, Connection reset by peer
ERROR(output_writeln()@log.c:104): unable to write 26 bytes to file
descriptor 1: Connection reset by peer
03/02/2021 14:06:34 FROM CHILD TO REMOTE: 26 bytes TLS
250 ok 1614690394 qp 765
03/02/2021 14:06:34 LOG OUTPUT TLS
ALLOWED from: [email protected] to: [email protected] origin_ip:
40.107.0.68 origin_rdns: mail-eopbgr00068.outbound.protect
ion.outlook.com auth: (unknown) encryption: TLS reason:
250_ok_1614690394_qp_765
[...]
ALLOWED from: [email protected] to: [email protected] origin_ip:
40.107.0.68 origin_rdns:
mail-eopbgr00068.outbound.protection.outlook.com auth: (unknown)
encryption: TLS reason: 250_ok_1614690394_qp_765
ERROR(tls_read()@tls.c:620): unable to read from SSL/TLS stream: The
operation failed due to an I/O error, Unexpected EOF found
03/02/2021 14:06:34 - TLS ended and closed
03/02/2021 14:06:34 CLOSED
========
Any suggestions?
Thanks
--
Alessio Cecchi
Postmaster @ http://www.qboxmail.it
https://www.linkedin.com/in/alessice
_______________________________________________
spamdyke-users mailing list
[email protected]
https://spamdyke.org/mailman/listinfo/spamdyke-users
_______________________________________________
spamdyke-users mailing list
[email protected]
https://spamdyke.org/mailman/listinfo/spamdyke-users
--
Alessio Cecchi
Postmaster @ http://www.qboxmail.it
https://www.linkedin.com/in/alessice
_______________________________________________
spamdyke-users mailing list
[email protected]
https://spamdyke.org/mailman/listinfo/spamdyke-users
