On 2011-08-08 23:15, [email protected] wrote:
We recently (within the last two weeks) started getting a very large
number of logs like this:
postfix/smtpd[29456]: lost connection after RCPT from
cel-broadband1-ws-72.dsl.airstreamcomm.net[64.33.198.73]
After doing packet traces it appears that the client is sending RST
packets to our server, which doesn't make any sense?
After how much time ?
What is the time elapsed between CONNECT and LOST CONNECTION ?
Does it always happen with that client ?
If so, ask them what they're doing wrong.
Here is postconf -n:
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
anvil_rate_time_unit = 60s
bounce_queue_lifetime = 3d
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
debug_peer_level = 9
default_destination_recipient_limit = 1000
default_process_limit = 1000
header_checks = regexp:/etc/postfix/header_checks
html_directory = no
inet_interfaces = all
mail_owner = postfix
mailbox_size_limit = 52224000
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
maximal_queue_lifetime = 3d
message_size_limit = 52224000
mydestination = $myhostname, localhost.$mydomain, localhost
myhostname = osmtp-1.airstreamcomm.net
mynetworks = $config_directory/mynetworks
newaliases_path = /usr/bin/newaliases.postfix
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES
recipient_bcc_maps = hash:/etc/postfix/recipient_bcc
relayhost = omrcd1.parcel-airstreamcomm.net
sample_directory = /usr/share/doc/postfix-2.3.3/samples
sender_bcc_maps = hash:/etc/postfix/sender_bcc_jatheon
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtp_connect_timeout = 5m
smtp_data_done_timeout = 900s
smtp_data_init_timeout = 900s
smtp_data_xfer_timeout = 900s
smtp_helo_timeout = 900s
smtp_mail_timeout = 900s
smtp_tls_note_starttls_offer = yes
smtpd_client_event_limit_exceptions = static:all
smtpd_helo_required = yes
smtpd_recipient_restrictions = permit_mynetworks,
check_recipient_access hash:/etc/postfix/restricted_recipients
check_client_access hash:/etc/postfix/popimap_access,
permit_sasl_authenticated, reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = private/auth-client
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_sender_restrictions = reject_unknown_sender_domain,
reject_non_fqdn_sender, permit
smtpd_timeout = 180s
smtpd_tls_auth_only = no
smtpd_tls_cert_file = /etc/pki/tls/certs/postfix.crt
smtpd_tls_key_file = /etc/pki/tls/private/postfix.key
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_security_level = may
smtpd_tls_session_cache_database =
btree:/var/spool/postfix/smtpd_tls_cache
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
transport_maps = hash:/etc/postfix/transport
unknown_local_recipient_reject_code = 550
That is wayy to much default information; default values should not be
in main.cf.
Run
(postconf -d; postconf -d; postconf -n) | sort | uniq -u
to get a cleaner list without all your distro's defaults.
--
J.
