On 2/20/2011 8:05 AM, Matthias Egger wrote:
Background:
After getting complaints about mails which could not be delieverd to
us i checked the logfiles and found nothing. By nothing i really mean
nothing. Postfix did not even log a "connect from".
So i started to snoop on the network and found out that incoming mails
from one of their server does (SYN), we (SYN, ACK) they (ACK) and then
Postfix sends his "220 smtp..." stuff. But when mails are coming from
another server they (SYN), we (SYN, ACK), they (ACK) and then we again
(SYN, ACK) (which after a few more (TCP Dup ACK) and (SYN, ACK) leads
to a [RST, ACK]).
As our server team has recently patched the solaris machine postfix is
running on, this behaviour could be a bug releated to this patching.
So my idea was to temporarely change the solaris postfix machine with
my linux laptop, making sure it uses the same IP and MAC Address and
some basically configured postfix, while using tcpdump to check if
these connections behave like before.
My Question:
While i am snooping and waiting for connections from this particular
server, other incoming mails should be rejected by this temporary
postfix. But only in a "soft" reject manner. So is there a way to
configure (or missconfigure?) postfix to tell every incoming attempt
something like "Sorry, i have a temporary problem. Try to connect later".
Best regards,
Matthias
My understanding of your problem is that you think the TCP/IP stack is
broken on your mail server and that you wish it defer all deliveries
until you have investigated and fixed the stack problem if it exists.
While this is going on you want to substitute a "dummy" smtp server
(using a laptop) designed to request deferred delivery until the problem
is fixed. You could just go offline, I am not sure that you need to do
anything as most smtp servers will retry delivery for a considerable period.
However, if you feel that it would be better to defer then, I think all
you need to do is setup a postfix server with a minimal configuration
and set the "smtp_client_restrictions = defer" should ensure that all
email is deferred. It might be a good idea to change the "defer_code" to
421 from 450.
Hope this helps
--
"All that is necessary for the triumph of evil is that good men do nothing."
(Edmund Burke)
