On 2022-07-23 at 09:48:49 UTC-0400 (Sat, 23 Jul 2022 15:48:49 +0200)
Sebastiaan la Fleur <[email protected]>
is rumored to have said:
Hello everyone!
Currently I am running into an issue that a (misconfigured)
destination mailserver does not accept mail on port 25.
Really? Are you 100% certain of that?
It allows a TCP connection but it will not send a greeting.
That seems to be "a YOU thing."
$ telnet 185.104.29.14 25
Trying 185.104.29.14...
Connected to 185.104.29.14.
Escape character is '^]'.
220 web0083.zxcs.nl ESMTP Exim 4.95 Sat, 23 Jul 2022 18:00:52 +0200
quit
221 web0083.zxcs.nl closing connection
Connection closed by foreign host.
Instead, it expects mail to be send to port 587 which
seems to accept both mail with and without starttls.
The standard use of 587 is for initial message submission, a specified
subset of SMTP. You may not be able to use it for delivery as you may
expect.
Looking into the logging of my postfix instance, I can see that it
tries to connect to port 25 but the destination
mailserver will never reply with a "initial server greeting":
Jul 23 15:39:05 smtp postfix/smtp[382]: dns_get_answer: type MX for
kuiperschuttingen.nl
Jul 23 15:39:05 smtp postfix/smtp[382]: smtp_addr_one: host
mail.kuiperschuttingen.nl
Jul 23 15:39:05 smtp postfix/smtp[382]: lookup
mail.kuiperschuttingen.nl type A flags
Jul 23 15:39:05 smtp postfix/smtp[382]: dns_query:
mail.kuiperschuttingen.nl (A): OK
Jul 23 15:39:05 smtp postfix/smtp[382]: dns_query: reply len=59
ancount=1 nscount=0
Jul 23 15:39:05 smtp postfix/smtp[382]: dns_get_answer: type A for
mail.kuiperschuttingen.nl
Jul 23 15:39:05 smtp postfix/smtp[382]: begin kuiperschuttingen.nl
address list
Jul 23 15:39:05 smtp postfix/smtp[382]: pref 10 host
mail.kuiperschuttingen.nl/185.104.29.14
Jul 23 15:39:05 smtp postfix/smtp[382]: end kuiperschuttingen.nl
address list
Jul 23 15:39:05 smtp postfix/smtp[382]: smtp_find_self: not found
Jul 23 15:39:05 smtp postfix/smtp[382]: global TLS level: may
Jul 23 15:39:05 smtp postfix/smtp[382]: ctable_locate: install entry
key kuiperschuttingen.nl:mail.kuiperschuttingen.nl:25:
Jul 23 15:39:05 smtp postfix/smtp[382]: smtp_connect_addr: trying:
mail.kuiperschuttingen.nl[185.104.29.14] port 25...
...
...
Jul 23 15:39:20 smtp postfix/smtp[382]: 9ECFB7800D3:
to=<[email protected]>,
relay=mail.kuiperschuttingen.nl[185.104.29.14]:25, delay=314,
delays=299/0.03/15/0, dsn=4.4.2, status=deferred (conversation with
mail.kuiperschuttingen.nl[185.104.29.14] timed out while receiving the
initial server greeting)
15 seconds is not forever. It's actually shorter than some spambots will
wait for a greeting...
Restore ALL of your timeout settings to their defaults.
smtp_helo_timeout is the issue here, but if you've set that to an absurd
15s, I bet you've 'tuned' others as well. Do not. Mail is not instant
messaging.
This situation got me thinking, how can I configure to try other ports
than port 25 in this instance? Port 25 will not work, but port 587
could work
however I do not see postfix trying that port. Sending mail from a
gmail accounts appears successful and my guess is because it does try
to use
port 587 when connecting to the destination mail server.
It is considered a best practice to require authentication for any use
of port 587, even if the mail is for local delivery. It is also a
widespread and perfectly reasonable practice for mail arriving via port
587 to be fixed up by the server to conform to local policy for local
users, e.g. adding signatures, headers and footers, canonicalizing
addresses, etc. You probably DO NOT want that done to your mail.
--
Bill Cole
[email protected] or [email protected]
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
