Pascal, > >For some reason Postfix (or firewall) on 10.0.0.2 port 10026 is > >rejecting TCP connections. Try 'telnet 10.0.0.2 10026' from 10.0.0.3 > >and see what Postfix writes in its log. > > When telnetting it takes a while for the socket to connect, and then I get > after maybe 12-15 secs, > "Connected to 10.0.0.2. Escape character is '^]'." > And 5-10 seconds after that, I get the ESMTP banner... ... > I don't know what happens... would it be the time it takes for connecting?
Yes, if it takes longer than 30 seconds for MTA to respond with a greeting to a connect from amavisd, then amavisd gives up and logs a 'Negative greeting: '. Timeouts are hard-wired for the moment in amavisd: my($smtp_connect_timeout) = 30; my($smtp_helo_timeout) = 300; my($smtp_xforward_timeout) = 300; my($smtp_mail_timeout) = 300; my($smtp_rcpt_timeout) = 300; my($smtp_data_init_timeout) = 120; my($smtp_data_xfer_timeout) = 180; my($smtp_data_done_timeout) = 600; my($smtp_quit_timeout) = 10; # 300 my($smtp_rset_timeout) = 20; Rather than fiddle with amavisd, it would be better to find out why Postfix is so terribly slow to respond. It could be a DNS issue, Postfix tries to do a reverse DNS lookup for 10.0.0.3, and it seems it does not get an answer. Fix your internal DNS resolving for starters (or disable DNS check in Postfix on a re-entry port, as a desperate measure). Mark ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ AMaViS-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
