On 12/13/06, Eric Shubes <[EMAIL PROTECTED]> wrote:
Bill Kwok wrote:
> Hi Eric,
>
> My situation was strange. Let me give you detail on my server:
>
<snip>
>
> All of them are the current version of qt, except I've also installed
> Espinoza's qmail-toaster-1.03-1.3.8 so that I can use submission port.
>
> All processes were running fine. When I receive complaints from users,
> I couldn't find any hint. The only thing looked abnormal is large
> number of status 256 error logged at smtp log.
I've noticed some 256 errors too that I can't explain. Been wondering
about
them, but I haven't noticed any email not being received, so I haven't
been
able to track them down. I just figured they were spam.
> To make sure they are not blocked by spamassassin or RBL, I added
> certain IP, which I trusted, to my tcp.smtp(
> <IP>:allow,RBLSMTPD="",RELAYCLIENT=""), but the situation didn't
changed.
Good move.
You remembered to rebuild the cdb file, I presume.
Yes, I did.
To minimize the chance of timeout issue, my blacklists was changed to
> include only one entry:
> # cat blacklists
> -r sbl-xbl.spamhaus.org
The RBLSMTPD="" above should have taken care of turning off RBL checking.
You remembered to restart qmail after this change, I hope.
Yes, I did that too.
In the beginning, I also thought that the status 256 should be sort of
> timeout stuff. After further studying my smtp log, I found status 256
> in different situations:
>
> 1. The smtp log only showed a connection, but the process ended very
> soon:
> Nov30 18:19:43 tcpserver: status: 1/100
> Nov30 18:19:43 tcpserver: pid 8856 from [sender IP]
> Nov30 18:19:43 tcpserver: ok 8856 [mydomain]:[my IP]:25 :[sender
> IP]::47596
> Nov30 18:19:43 tcpserver: end 8856 status 256
> Nov30 18:19:43 tcpserver: status: 0/100
Weird. Was this from the 'trusted' IP?
Yes, actually, that's from our company's email server which is in another
country. By the way, that server is also a qmail server, although not qt.
We have large amount of email, such as emails forwarding from one domain
name to another for the same user, from this server.
2. It logged CHKUSER has accepted sender and rcpt, but no email
> delivered to user's mail box and nothing logged at send log:
> Nov30 18:36:21 tcpserver: pid 9984 from [sender IP]
> Nov30 18:36:21 tcpserver: ok 9984 [mydomain]:[my IP]:25 :[sender
> IP]::53431
> Nov30 18:36:21 CHKUSER accepted sender: from <[sender]
> <mailto:[EMAIL PROTECTED]> ::> remote <[sender server]:unknown:[sender
IP]>
> rcpt <> : sender accepted
> Nov30 18:36:21 CHKUSER accepted rcpt: from <[sender]
> <mailto:[EMAIL PROTECTED]>::> remote <[sender domain]:unknown:[sender
IP]>
> rcpt <[rcpt] <mailto:[EMAIL PROTECTED]> > : found existing recipient
> Nov30 18:36:21 tcpserver: end 9984 status 256
Weird. Was this from a non-trusted IP?
It's from the same server as mentioned above. Email ID and domain name are
correct here. I just used my Perl script to reformat the log, That's why
it won't show full address / domain name.
3. Some, but not all, CHKUSER rejected may show status 256 too:
> Nov30 22:57:25 tcpserver: status: 1/100
> Nov30 22:57:25 tcpserver: pid 24256 from 89.138.229.34
> <http://89.138.229.34>
> Nov30 22:57:25 tcpserver: ok 24256 [my domain]:[my local IP]:25
> :89.138.229.34::62008
> Nov30 22:57:30 CHKUSER rejected sender: from < [EMAIL PROTECTED]
> <mailto:[EMAIL PROTECTED]>::> remote
> <89-138-229-34.bb.netvision.net.il:unknown:89.138.229.34> rcpt <>
> : invalid sender MX domain
> Nov30 22:57:31 tcpserver: end 24256 status 256
> Nov30 22:57:31 tcpserver: status: 0/100
>
> As you've mentioned, we should not use such a high setting for the smtp
> softlimit in normal case. But in my case, I really need to. One more
> thing to mention: my server need to support multi-language.
>
> Best regards,
> Bill
>
I'm wondering if the DomainKeys bug might be the culprit. Have you
disabled
DK according to Alexey's instructions?
# cd /var/qmail/bin
# rm -f qmail-queue; ln -s qmail-queue.orig qmail-queue
That's the first thing I tried. But then since the error still exist and I
don't want to complicate the situation, I reinstall qmail-toaster-1.03-1.3.8
I also tried to disable spf checking by putting a '0' to the spfbehavior but
it made no difference. I was thinking of installing the spf logging patch (
http://www.mail-archive.com/[email protected]/msg09582.html).
Since my server is working now, I think I will leave it right now and wait
for such patch to be included in the stable version of qt.
--
-Eric 'shubes'
---------------------------------------------------------------------
QmailToaster hosted by: VR Hosted <http://www.vr.org>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
