On 02/21/2011 11:09 PM, John wrote:
On 2/20/2011 8:05 AM, Matthias Egger wrote:
Background:
After getting complaints about mails which could not be delieverd to
us i checked the logfiles and found nothing. By nothing i really mean
nothing. Postfix did not even log a "connect from".
So i started to snoop on the network and found out that incoming
mails from one of their server does (SYN), we (SYN, ACK) they (ACK)
and then Postfix sends his "220 smtp..." stuff. But when mails are
coming from another server they (SYN), we (SYN, ACK), they (ACK) and
then we again (SYN, ACK) (which after a few more (TCP Dup ACK) and
(SYN, ACK) leads to a [RST, ACK]).
As our server team has recently patched the solaris machine postfix
is running on, this behaviour could be a bug releated to this patching.
So my idea was to temporarely change the solaris postfix machine with
my linux laptop, making sure it uses the same IP and MAC Address and
some basically configured postfix, while using tcpdump to check if
these connections behave like before.
My Question:
While i am snooping and waiting for connections from this particular
server, other incoming mails should be rejected by this temporary
postfix. But only in a "soft" reject manner. So is there a way to
configure (or missconfigure?) postfix to tell every incoming attempt
something like "Sorry, i have a temporary problem. Try to connect
later".
Best regards,
Matthias
My understanding of your problem is that you think the TCP/IP stack is
broken on your mail server and that you wish it defer all deliveries
until you have investigated and fixed the stack problem if it exists.
While this is going on you want to substitute a "dummy" smtp server
(using a laptop) designed to request deferred delivery until the
problem is fixed. You could just go offline, I am not sure that you
need to do anything as most smtp servers will retry delivery for a
considerable period.
However, if you feel that it would be better to defer then, I think
all you need to do is setup a postfix server with a minimal
configuration and set the "smtp_client_restrictions = defer" should
ensure that all email is deferred. It might be a good idea to change
the "defer_code" to 421 from 450.
Hope this helps
ITYM smtpD_client_restrictions
--
J.
