[IMGate] MSN and Hotmail
Hello, Is anyone having a problem with postfix (Imgate) not delivering Hotmail and MSN accounts? I do mailq command and there is about 9,000 messages from hotmail or msn in there. I see a lot of this in log files too. eb 2 14:28:32 mx1 postfix/oqmgr[17910]: 0EE3D2E0577: removed Feb 2 14:28:32 mx1 postfix/smtp[17797]: connect to mx3.hotmail.com[65.54.253.99]: Operation timed out (port 25) Feb 2 14:28:32 mx1 postfix/smtp[17709]: connect to mx2.hotmail.com[65.54.166.230]: Operation timed out (port 25) Feb 2 14:28:32 mx1 postfix/smtp[17687]: connect to mx1.hotmail.com[64.4.50.50]: Operation timed out (port 25) Feb 2 14:28:32 mx1 postfix/smtp[17772]: connect to mx4.hotmail.com[65.54.190.179]: Operation timed out (port 25) Feb 2 14:28:32 mx1 postfix/smtp[17849]: connect to mx3.hotmail.com[65.54.167.5]: Operation timed out (port 25) Feb 2 14:28:32 mx1 postfix/smtp[17753]: connect to mx1.hotmail.com[65.54.166.99]: Operation timed out (port 25) Feb 2 14:28:32 mx1 postfix/smtp[17676]: connect to mx2.hotmail.com[65.54.190.7]: Operation timed out (port 25) Feb 2 14:28:32 mx1 postfix/smtp[17715]: connect to mx2.hotmail.com[65.54.252.230]: Operation timed out (port 25) Feb 2 14:28:32 mx1 postfix/smtp[17836]: connect to mx3.hotmail.com[65.54.253.99]: Operation timed out (port 25) Feb 2 14:28:32 mx1 postfix/smtp[17835]: connect to mx3.hotmail.com[65.54.253.99]: Operation timed out (port 25) Is there way to get this mail moving again? Thank Don
[IMGate] Re: MSN and Hotmail
Donald K. Yocum wrote: Is anyone having a problem with postfix (Imgate) not delivering Hotmail and MSN accounts? I notice the same thing in my logs, however most but not all is being delivered. I tried to telnet with no success. It looks like 64.4.50.179 is not responding but 64.4.50.239 is working. Feb 2 08:14:28 imgate1 postfix/smtp[46308]: connect to mx3.hotmail.com[64.4.50.179]: Operation timed out (port 25) Feb 2 08:15:17 imgate1 postfix/smtp[46248]: connect to mx3.hotmail.com[64.4.50.179]: Operation timed out (port 25) Feb 2 08:21:19 imgate1 postfix/smtp[46247]: connect to mx3.hotmail.com[64.4.50.179]: Operation timed out (port 25) Feb 2 08:26:20 imgate1 postfix/smtp[46308]: 5C066AC39: to=[EMAIL PROTECTED], relay=mx3.hotmail.com[65.54.167.5], delay=1, status=sent (250 [EMAIL PROTECTED] Queued mail for delivery) Feb 2 08:28:46 imgate1 postfix/smtp[46421]: connect to mx3.hotmail.com[64.4.50.179]: Operation timed out (port 25) Feb 2 08:31:52 imgate1 postfix/smtp[46388]: D8132ABCE: to=[EMAIL PROTECTED], relay=mx3.hotmail.com[64.4.50.239], delay=44, status=sent (250 [EMAIL PROTECTED] Queued mail for delivery) -- Andrew P. Kaplan www.cshore.com A New Year's resolution is something that goes in one year and out the other author unknown -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.300 / Virus Database: 265.8.2 - Release Date: 1/28/2005
[IMGate] New Virus Attack Technique Bypasses Filters
Perhaps it's time to block .rar extensions. Does anyone ever email a .rar file ? http://www.eweek.com/article2/0,1759,1756636,00.asp?kc=ewnws013105dtx1k599 -- Andrew P. Kaplan www.cshore.com A New Year's resolution is something that goes in one year and out the other author unknown -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.300 / Virus Database: 265.8.2 - Release Date: 1/28/2005
[IMGate] Re: MSN and Hotmail
Is anyone having a problem with postfix (Imgate) not delivering Hotmail and MSN accounts? it happens from time to time. their MXs get very slow, and postfix smtp_*_timeouts timeout when trying to send smtp_connect_timeout = 30s smtp_data_done_timeout = 600s smtp_data_init_timeout = 120s smtp_data_xfer_timeout = 180s smtp_helo_timeout = 300s smtp_mail_timeout = 300s smtp_quit_timeout = 300s smtp_rcpt_timeout = 300s smtp_rset_timeout = 20s either you wait for msn/hotmail to clean up their mess, or you increase your SMTP timeout JUST to handle the msn/hotmail mess. The problem is that increasing your timeouts affects all postfix sending to all MXs, not just msn/hotmail. If you look for other smtp.*timeout in your maillog, you will get some feel for the situation. with 9000 backed up, you better increase your SMTP timeout dramatically just to bet the mail delivered. Len
[IMGate] Re: New Virus Attack Technique Bypasses Filters
I've been blocking .rar files for about two years, as I've seen no true = need in our office for that file type. Also I can't ever remember getting an request to receive an override for this file type either. Christopher Checca Packard Transport, Inc. IT Department 24021 South Municipal Dr PO Box 380 Channahon, IL. 60410 815 467 9260 815 467 6939 Fax [EMAIL PROTECTED] www.packardtransport.com =20 -Original Message- From: [EMAIL PROTECTED] = [mailto:[EMAIL PROTECTED] On Behalf Of Andrew P. Kaplan Sent: Wednesday, February 02, 2005 8:57 AM To: IMGate Subject: [IMGate] New Virus Attack Technique Bypasses Filters Perhaps it's time to block .rar extensions. Does anyone ever email a=20 .rar file ? http://www.eweek.com/article2/0,1759,1756636,00.asp?kc=3Dewnws013105dtx1k= 5 99 --=20 Andrew P. Kaplan www.cshore.com A New Year's resolution is something that goes in one year and out the=20 other author unknown --=20 No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.300 / Virus Database: 265.8.2 - Release Date: 1/28/2005
[IMGate] Hotmail and MSN emails
Hello, Is anyone else having problems with hotmail and msn email getting held up the mail queue? I change the SMTP Timeout but they are still getting stopped. Can I just let hotmail and msn go without being checking for a mail server? Just for a short time until this gets resolved. This just start a day or two ago. Thank for any help Don
[IMGate] Re: Hotmail and MSN emails
I change the SMTP Timeout but they are still getting stopped. there are serveral SMTP timeouts, you need to increase them all. smtp_connect_timeout = smtp_data_done_timeout = smtp_data_init_timeout = smtp_data_xfer_timeout = smtp_helo_timeout = smtp_mail_timeout = smtp_quit_timeout = smtp_rcpt_timeout = smtp_rset_timeout = Can I just let hotmail and msn go without being checking for a mail server? what? Just for a short time until this gets resolved. This just start a day or two ago. if it's due to this (see in Imail forum): http://news.com.com/Zombie+trick+expected+to+send+spam+sky-high/2100-7349_3-5560664.html?tag=nefd.top (Linford/spamhaus sounds very alarmed.) then the problem might last more than a few days, and not be just msn/hotmail. Len
[IMGate] concerning the new attack via ISP outbound relays
http://news.com.com/Zombie+trick+expected+to+send+spam+sky-high/2100-7349_3-5560664.html?tag=nefd.top You are an ISP providing email submission via your mailbox server or direct-to-imgate where your IPs are trusted for relaying by IP, instead of via SMTP AUTH. This attack could overwhelm your IMail and/or IMGate. One short-term tactic would be for IMGate not to trust IMail's IP for relaying via mynetworks, but to run SAV/RAV before permit_mynetworks. If your subscriber networks were infected with this trojan and relaying out through IMail + IMGate, pflogsumm would show large quantities of SAV/RAV rejects of mail from your mailbox server. This would keep IMGate from being swamped with undeliverable msgs, but the mailbox server would be swamped instead, having accepted/queued the msgs as deliverable only to find IMGate rejecting them. Len
[IMGate] Re: concerning the new attack via ISP outbound relays
Quoting Len Conrad [EMAIL PROTECTED]: One short-term tactic would be for IMGate not to trust IMail's IP for relaying via mynetworks, but to run SAV/RAV before permit_mynetworks. Any suggestions for an ISP not running SAV/RAV due to high mail volume 250k/day Andrew P. Kaplan www.cshore.com This message was sent using IMP, the Internet Messaging Program.
[IMGate] Re: concerning the new attack via ISP outbound relays
One short-term tactic would be for IMGate not to trust IMail's IP for relaying via mynetworks, but to run SAV/RAV before permit_mynetworks. Any suggestions for an ISP not running SAV/RAV due to high mail volume 250k/day but of the 250K total, how many are outbound? 10%? That's really not too much for SAV/RAV. postfix's positive/negative caching for SAV/RAV makes it probably the best implementation. You could set up a separate IMGate for outbound only and do SAV/RAV there. But just IMGate to prevent the spamming from getting out is IMGate SAV/RAV rejects as a symptom of your networks being infected. Len
[IMGate] Re: concerning the new attack via ISP outbound relays
Quoting Len Conrad [EMAIL PROTECTED]: You could set up a separate IMGate for outbound only and do SAV/RAV there. Thanks great idea. Andrew P. Kaplan www.cshore.com This message was sent using IMP, the Internet Messaging Program.