On Thu, Feb 23, 2012 at 1:27 PM, Todd Lyons <[email protected]> wrote:
> By any chance do you have a firewall (Cisco ASA for example) that you > block all or most ICMP? > My Exim server does not. However, the far end EdgeWave server (66.43.215.27) does have a Cisco 7201 in front of it, and the server is not ping-able. > > A few years ago, I experienced issues with a few particular remote > sites and their erratice mail delivery to us. We had blocked most > ICMP types at the firewall for PCI compliance. We relaxed the rule > and blocked just a few specific ICMP types (the time query ones) and > all of a sudden those issues went away. It must have been breaking > path mtu discovery. > Thanks for that... that is the second suggestion that it could be the customer's firewall/router causing these problems. I am relaying to them. - Scott > > > On Thu, Feb 23, 2012 at 9:24 AM, Scott Neader <[email protected]> wrote: > > Thanks, David, I'll send it to you direct. > > > > My concern on the timeouts is: > > > > 1) I have seen in the past that all of my Exim sockets can be consumed by > > misbehaving mail servers (or spam zombies) and thus we defer mail. I'm > > open to discussion on this, if I'm doing something wrong, or > > misunderstanding. > > > > 2) The far-end customer (using EdgeWave) is reporting SOME fatal errors. > > Most messages are getting through, but the reason I found the problem is > > after being contacted by their ISP asking why we aren't accepting some of > > their mail. > > > > 3) We have rate limits set up for misbehaving mail servers, and these > > timeouts are counted toward the rate limit. I will need to research to > > find out how to stop counting timeouts toward rate limits, if I am to > start > > ignoring these timeouts as non-issues. > > > > 4) It seems most servers with this timeout problem are either EdgeWave > mail > > servers, or spam zombie home computers. I'm hesitant to ignore these > > timeouts, but if the Exim community feels that I should, then I will. > > > > Thanks!! > > > > - Scott > > > > On Thu, Feb 23, 2012 at 1:49 AM, David Woodhouse <[email protected] > >wrote: > > > >> On Wed, 2012-02-22 at 10:36 -0600, Scott Neader wrote: > >> > Are you willing to look at the cap file from their side, to see if > they > >> are > >> > doing things right? I'd like to be able to tell them... look, RFC XXX > >> says > >> > after we send the 250 OK, you should send a QUIT but your cap shows > you > >> are > >> > not..." (or whatever) -- but I'm just not knowledgeable enough. > >> > >> By all means, send it my way. Note that the only "problem" this causes > >> is an extra line in your log and a small amount of memory used while > >> Exim is waiting to die, right? > >> > >> -- > >> dwmw2 > >> > > -- > > ## List details at https://lists.exim.org/mailman/listinfo/exim-users > > ## Exim details at http://www.exim.org/ > > ## Please use the Wiki with this list - http://wiki.exim.org/ > > > > -- > SOPA: Any attempt to [use legal means to] reverse technological > advances is doomed. --Leo Leporte > -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
