Hello, I have installed a complete new system with exim default configuration and have the same issue. The connection time is around 8 seconds.
Can it be the root cause of the coneection timeout from the client side? I also searched on the topic and ound out the Option rfc1413_query_timeout I now set to 0ms but the Problem is the same. Wehen I install postfix on the same Server there is no problem, the conenction time is around 1 second. Where does the Long time come from? -----Ursprüngliche Nachricht----- Gesendet: Freitag, 05 Dezember 2014 um 11:53:39 Uhr Von: [email protected] An: "Thomas Hager" <[email protected]>,[email protected] Betreff: Re: [exim] Smtp not possible from some clients Hello Tom, I do not have access to the web application but I tried the debuging option now and send you the output. I also make an external check and foud out that the connection time is very high. Maybe this is the problem but I do not understand this because the system is reachable as normal. SMTP Connection Time 5.912 seconds SMTP Transaction Time 8.440 seconds Exim version 4.82 uid=0 gid=0 pid=4897 D=fbb95cfd Berkeley DB: Berkeley DB 5.3.28: (September 9, 2013) Support for: crypteq iconv() IPv6 PAM Perl Expand_dlfunc GnuTLS move_frozen_messages Content_Scanning DKIM Old_Demime Lookups (built-in): lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmjz dbmnz dnsdb dsearch ldap ldapdn ldapm mysql nis nis0 passwd pgsql sqlite Authenticators: cram_md5 cyrus_sasl dovecot plaintext spa Routers: accept dnslookup ipliteral iplookup manualroute queryprogram redirect Transports: appendfile/maildir/mailstore/mbx autoreply lmtp pipe smtp Fixed never_users: 0 Size of off_t: 8 Compiler: GCC [4.8.2] Library version: GnuTLS: Compile: 2.12.23 Runtime: 2.12.23 Library version: Cyrus SASL: Compile: 2.1.25 Runtime: 2.1.25 [Cyrus SASL] Library version: PCRE: Compile: 8.31 Runtime: 8.31 2012-07-06 Total 19 lookups Library version: MySQL: Compile: 5.5.35 [(Ubuntu)] Runtime: 5.5.40 Library version: SQLite: Compile: 3.8.2 Runtime: 3.8.2 WHITELIST_D_MACROS: "OUTGOING" TRUSTED_CONFIG_LIST: "/etc/exim4/trusted_configs" changed uid/gid: forcing real = effective uid=0 gid=0 pid=4897 auxiliary group list: <none> seeking password data for user "root": cache not available getpwnam() succeeded uid=0 gid=0 changed uid/gid: calling tls_validate_require_cipher uid=111 gid=117 pid=4898 auxiliary group list: <none> tls_validate_require_cipher child 4898 ended: status=0x0 configuration file is /var/lib/exim4/config.autogenerated log selectors = 00000ffc 00232001 cwd=/root 5 args: exim -bd -d -oX 25 trusted user admin user originator: uid=0 gid=0 login=root name=root 4897 daemon_smtp_port overridden by -oX: 4897 <: 25 4897 listening on all interfaces (IPv6) port 25 4897 listening on all interfaces (IPv4) port 25 4897 changed uid/gid: running as a daemon 4897 uid=111 gid=117 pid=4897 4897 auxiliary group list: 8 117 4897 LOG: MAIN 4897 exim 4.82 daemon started: pid=4897, no queue runs, listening for SMTP on port 25 (IPv6 and IPv4) 4897 set_process_info: 4897 daemon: no queue runs, listening for SMTP on port 25 (IPv6 and IPv4) 4897 daemon running with uid=111 gid=117 euid=111 egid=117 4897 Listening... 4897 Connection request from x.x.x.x port 56821 4897 search_tidyup called 4897 1 SMTP accept process running 4897 Listening... 4901 host in rfc1413_hosts? yes (matched "*") 4901 doing ident callback 4901 ident connection to x.x.x.x failed: Connection timed out 4901 sender_fullhost = [x.x.x.x] 4901 sender_rcvhost = [x.x.x.x] 4901 Process 4901 is handling incoming connection from [x.x.x.x] 4901 host in host_lookup? yes (matched "*") 4901 looking up host name for x.x.x.x 4901 DNS lookup of 7.41.55.65.in-addr.arpa (PTR) gave HOST_NOT_FOUND 4901 returning DNS_NOMATCH 4901 IP address lookup using gethostbyaddr() 4901 IP address lookup failed: h_errno=1 4901 LOG: host_lookup_failed MAIN 4901 no host name found for IP address x.x.x.x 4901 sender_fullhost = [x.x.x.x] 4901 sender_rcvhost = [x.x.x.x] 4901 set_process_info: 4901 handling incoming connection from [x.x.x.x] 4901 host in host_reject_connection? no (option unset) 4901 host in sender_unqualified_hosts? no (option unset) 4901 host in recipient_unqualified_hosts? no (option unset) 4901 host in helo_verify_hosts? no (option unset) 4901 host in helo_try_verify_hosts? no (option unset) 4901 host in helo_accept_junk_hosts? no (option unset) 4901 using ACL "acl_check_spammers" 4901 processing "accept" 4901 check hosts = +whitelist 4901 search_open: iplsearch "/etc/exim4/white-blocks.conf" 4901 search_find: file="/etc/exim4/white-blocks.conf" 4901 key="x.x.x.x" partial=-1 affix=NULL starflags=0 4901 LRU list: 4901 6/etc/exim4/white-blocks.conf 4901 End 4901 internal_search_find: file="/etc/exim4/white-blocks.conf" 4901 type=iplsearch key="x.x.x.x" 4901 file lookup required for x.x.x.x 4901 in /etc/exim4/white-blocks.conf 4901 lookup failed 4901 host in "net-iplsearch;/etc/exim4/white-blocks.conf"? no (end of list) 4901 host in "+whitelist"? no (end of list) 4901 accept: condition test failed in ACL "acl_check_spammers" 4901 processing "drop" 4901 check hosts = +spammers 4901 search_open: iplsearch "/etc/exim4/spam-blocks.conf" 4901 search_find: file="/etc/exim4/spam-blocks.conf" 4901 key="x.x.x.x" partial=-1 affix=NULL starflags=0 4901 LRU list: 4901 6/etc/exim4/spam-blocks.conf 4901 6/etc/exim4/white-blocks.conf 4901 End 4901 internal_search_find: file="/etc/exim4/spam-blocks.conf" 4901 type=iplsearch key="x.x.x.x" 4901 file lookup required for x.x.x.x 4901 in /etc/exim4/spam-blocks.conf 4901 lookup failed 4901 host in "net-iplsearch;/etc/exim4/spam-blocks.conf"? no (end of list) 4901 host in "+spammers"? no (end of list) 4901 drop: condition test failed in ACL "acl_check_spammers" 4901 processing "accept" 4901 accept: condition test succeeded in ACL "acl_check_spammers" 4901 SMTP>> 220 MAILSERVER ESMTP Exim 4.82 Ubuntu Fri, 05 Dec 2014 11:36:51 +0100 4901 Process 4901 is ready for new message 4901 smtp_setup_msg entered 4901 SMTP>> 421 MAILSERVER lost input connection 4901 LOG: smtp_connection MAIN 4901 SMTP connection from [x.x.x.x] lost 4901 search_tidyup called 4897 child 4901 ended: status=0x100 4897 normal exit, 1 4897 0 SMTP accept processes now running 4897 Listening... -----Ursprüngliche Nachricht----- Gesendet: Freitag, 05 Dezember 2014 um 10:58:42 Uhr Von: "Thomas Hager" <[email protected]> An: [email protected] Betreff: Re: [exim] Smtp not possible from some clients On 2014-12-04 20:44, [email protected] wrote: > Hello, Hi, > I have a problem with the smtp connection from some clients web > application which is using a smtp connection to send mails. The output > only says that no smtp conenction is possible, therfore I do not have > a detailed error message. Can you activate some sort of debug logging in this web application? > On the server side I searched the firewall entries, the receiving of > the TCP packages and the logs. I only found the following log entrie, > when the Client is connecing to the smtp server which seems to be > failed. Did you analyse the TCP dump in Wireshark? Can you see a valid SMTP handshake between the web app and your Exim server? Can you manually initiate an SMTP session from the web application's host? Is the web application using an encrypted or unencrypted connection? If it's encrypted a common error might be that the web application fails to validate your mail servers certificate and aborts the connection. > Message: > no host name found for IP address xx.xx.xx.xx That's just informational and would not cause Exim to abort a connection. > I searched very long time but do not found a real solution I can do on > my side. I tried to whitelist the ip address or Change the host_lookup > option but the issue still occur. Also I checked installed fail2ban > logs but there is also no helpful entry. The Connection from outher > Clients is working so it seems to be not a general issue. IIRC, fail2ban is for blocking brute force SSH login attempts, it won't interfere with SMTP. How flexible is your environment? If you can't enable debugging in the web application and Wireshark is no help either, you could always run Exim in debugging mode on a different port or server and see what Exim has to say about this connectivity issues. Hth, Tom. -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/ -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/ -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
