On 2025-08-18 at 16:01:57 UTC-0400 (Mon, 18 Aug 2025 20:01:57 +0000)
Don Cohen via Postfix-users <don-postfi...@isis.cs3-inc.com>
is rumored to have said:
This is what I get from that command
$ postconf -d | grep 5xx
lmtp_skip_5xx_greeting = yes
smtp_skip_5xx_greeting = yes
[2025-08-18 15:51:41 root@cmcora1 ~]
although I don't know what the greeting has to do with it.
Note that with the "-d" argument, postconf shows the *default* setting.
Wietse was noting that "skipping" a 5xx greeting is the default behavior
of Postfix.
The underlying issue is that the far end is sending the Postfix smtp
client a 554 reply instead of a proper 220 greeting. This can indicate a
general failure of something on the far end machine OR a policy choice
to reject all of the email you offer.
The reason for this to NOT be treated as an absolute immediate failure
is that it can be the result of configuration error or failure rather
than policy.
Also
$ postconf -d | grep soft
lmtp_sasl_auth_soft_bounce = yes
notify_classes = resource, software
smtp_sasl_auth_soft_bounce = yes
smtpd_soft_error_limit = 10
soft_bounce = no
[2025-08-18 15:55:18 root@cmcora1 ~]
Other than soft bounce do any of these explain the behavior?
No. This is entirely due to the default "smtp_skip_5xx_greeting=yes"
configuration.
You asked for logs?
Here's a sample from maillog:
Aug 5 03:48:44 cmcora1 postfix/smtp[845428]: 6901520BA9CB: host
mx1.mxge.comcast.net[96.102.18.146] refused to talk to me: 554
resimta-c2p-560126.sys.comcast.net
resimta-c2p-560126.sys.comcast.net
129.80.158.55 found on one or more DNSBLs, see
https://postmaster.comcast.net/smtp-error-codes.php#BL000001
There you go: a 5xx reply was received where the postfix/smtp process
expected an initial greeting (220 Whatever)
But perhaps even more convincing:
$ telnet 96.103.145.163 25
Trying 96.103.145.163...
Connected to 96.103.145.163.
Escape character is '^]'.
554 resimta-a2p-651038.sys.comcast.net
resimta-a2p-651038.sys.comcast.net 129.80.158.55
found on one or more DNSBLs, see
https://postmaster.comcast.net/smtp-error-codes.php#BL000001
Connection closed by foreign host.
[2025-08-01 16:53:29 root@cmcora1 ~]
The default behavior seems to be to retry every 15 min or 5 days?
Correct, but not particularly relevant if what you want is to respect
the permanent hard failure implication of the 554 at greeting time, i.e.
you should stop trying to send mail to anyone whose MX points to that
server.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo@toad.social and many *@billmail.scconsult.com
addresses)
Not Currently Available For Hire
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
