Well I finally found an obscure reference to these timeouts happening
due to firewalls.
So I disabled pf and voila!
No more problems
Now what I need to know is what to do with my pf.conf to be able to
reactivate it:
pf.conf:
ext_if="fxp0"
#int_if="int0"
NoRouteIPs = "{ 127.0.0.0/8, 192.168.0.0/16, 172.16.0.0/12, \
10.0.0.0/8 }"
#table <spamd> persist
#table <spamd-white> persist
#my additions --Chris
table <badhosts> persist file "/etc/badhosts"
table <bruteforce> persist file "/etc/bruteforce"
set skip on lo
#scrub in
scrub in on $ext_if all
#nat-anchor "ftp-proxy/*"
#rdr-anchor "ftp-proxy/*"
#nat on $ext_if from !($ext_if) -> ($ext_if:0)
#rdr pass on $int_if proto tcp to port ftp -> 127.0.0.1 port 8021
#rdr pass on $ext_if proto tcp from <spamd> to port smtp \
# -> 127.0.0.1 port spamd
#rdr pass on $ext_if proto tcp from !<spamd-white> to port smtp \
# -> 127.0.0.1 port spamd
#anchor "ftp-proxy/*"
#block in
#pass out keep state
antispoof quick log for $ext_if inet
#pass quick on $int_if
#antispoof quick for { lo $int_if }
pass inet proto tcp from any to egress port 22123 flags S/SA synproxy
state (max-src-conn 10, max-src-conn-rate 15/5, overload <bruteforce>
flush global)
pass in on $ext_if proto tcp to ($ext_if) port ssh synproxy state
pass in log on $ext_if proto tcp to ($ext_if) port smtp synproxy state
pass out log on $ext_if proto tcp from ($ext_if) to port smtp synproxy state
block on fxp0 from { <badhosts> <bruteforce> } to any
block in log quick inet6 all
# block smb, nfs, mysql, rndc? from the mean world
block in quick on $ext_if proto tcp from any to any port {137, 138, 139,
901}
block in quick on $ext_if proto tcp from any to any port {2049, 111}
block in log quick on $ext_if proto tcp from any to any port 3306
block in quick on $ext_if proto tcp from any to any port 953
block in quick on $ext_if from $NoRouteIPs to any
block out quick on $ext_if from any to $NoRouteIPs
Which entry is causing me these problems with sendmail?
Chris Bennett wrote:
> This is the first time I've setup sendmail.
> Everything is working except relaying
> I get timeout errors such as:
>
>
> Quote:
>
> Apr 13 10:23:52 b03s15le sm-mta[32621]: m3AMaDbG021948:
> to=<[EMAIL PROTECTED]
> <mailto:[EMAIL PROTECTED]>>,
> ctladdr=<[EMAIL PROTECTED]
> <mailto:[EMAIL PROTECTED]>> (5004/5000), delay=2+16:47:39,
> xdelay=00:00:00, mailer=esmtp, pri=11370520,
> relay=mailstore1.secureserver.net., dsn=4.0.0, stat=Deferred:
> Connection timed out with mailstore1.secureserver.net.
> Apr 13 10:28:52 b03s15le sm-mta[19243]: m3BEGF0d018627: timeout
> waiting for input from c.mx.mail.yahoo.com. during client greeting
> Apr 13 10:28:52 b03s15le sm-mta[32621]: m3A3LXeL022236: timeout
> waiting for input from mdfiber.com.cn. during client greeting
> Apr 13 10:28:52 b03s15le sm-mta[32621]: m3A3LXeL022236:
> to=<[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>>,
> delay=3+12:07:19, xdelay=00:05:00, mailer=esmtp, pri=12390000,
> relay=mdfiber.com.cn. [125.115.37.166], dsn=4.0.0, stat=Deferred:
> Connection timed out with mdfiber.com.cn.
> Apr 13 10:28:52 b03s15le sm-mta[32621]: m39M3TI3021802:
> to=<[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>>,
> delay=3+17:25:23, xdelay=00:00:00, mailer=esmtp, pri=15630000,
> relay=email-mx.paypal.com., dsn=4.0.0, stat=Deferred: Connection
> timed out with email-mx.paypal.com.
> Apr 13 10:28:52 b03s15le sm-mta[32621]: m39LHSwW029414:
> to=<[EMAIL PROTECTED]
> <mailto:[EMAIL PROTECTED]>>,
> ctladdr=<[EMAIL PROTECTED]
> <mailto:[EMAIL PROTECTED]>> (0/0), delay=3+18:11:24,
> xdelay=00:00:00, mailer=esmtp, pri=15691859,
> relay=mailstore1.secureserver.net., dsn=4.0.0, stat=Deferred:
> Connection timed out with mailstore1.secureserver.net.
> Apr 13 10:33:51 b03s15le sm-mta[1350]: m3D3c72K007206: timeout
> waiting for input from a.mx.mail.yahoo.com. during client greeting
> Apr 13 10:33:52 b03s15le sm-mta[19243]: m3BEGF0d018627: timeout
> waiting for input from g.mx.mail.yahoo.com. during client greeting
> Apr 13 10:36:28 b03s15le sm-mta[7022]: m3DFPM8f007022:
> 219-84-176-17-adsl-tpe.dynamic.so-net.net.tw [219.84.176.17] did not
> issue MAIL/EXPN/VRFY/ETRN during connection to MTA
>
>
> I understand that lacking reverse DNS can cause these problems, but I
> have corrected that problem and now pass FcRDNS test. But these problems
> continue. All other mail works fine.
> The only other possibility I have encountered is to change a timeout for
> sendmail. in sendmail.cf
> Any suggestions?
> _______________________________________________
> Openbsd-newbies mailing list
> [email protected]
> http://mailman.theapt.org/listinfo/openbsd-newbies
>
>
>
_______________________________________________
Openbsd-newbies mailing list
[email protected]
http://mailman.theapt.org/listinfo/openbsd-newbies
