Matt Bayliss:
> [3] Output of /var/log/maillog during the session with debug_peer_list set
> to client
> http://pastebin.centos.org/36256/
This ends with:
Nov 18 10:28:52 mailserver postfix/smtpd[31664]: < unknown[1.1.1.1]: RCPT
TO:<[email protected]>
...
Nov 18 10:28:52 mailserver postfix/smtpd[31664]: > unknown[1.1.1.1]: 250
2.1.5 Ok
...
Nov 18 10:28:52 mailserver postfix/smtpd[31664]: smtp_get: EOF
Nov 18 10:28:52 mailserver postfix/smtpd[31664]: lost connection after RCPT
from unknown[1.1.1.1]
Something broke the SMTP connection after Postfix replied with "250
2.1.5 Ok". I suspect that you have some spambot detection system
that interferes with SMTP.
> [4] TCP stream decoded acket capture of above session
> http://pastebin.centos.org/36261/
This ends with:
RCPT TO:<[email protected]>
250 2.1.5 Ok
RCPT TO:<[email protected]>
Note that the last RCPT TO command was not delivered to Postfix. I
therefore suspect that you have some anti-malware system that breaks
connections when a client sends suspicious email.
Wietse
