Buy the way, why are they using encryption to send to your host on port 25?
encryption: TLS
On 11/4/2016 3:14 PM, [email protected] wrote:
Thanx. I read this thread. It’s any way to configure my server to
allow this mail? Other servers don’t reject this mail. The client send
the same mail to other adress on public mail and this same mail came
from the same adress without problem. I do not any chance to explain
my client to change server settings L
*From:*Eric Broch [mailto:[email protected]]
*Sent:* Friday, November 04, 2016 10:01 PM
*To:* [email protected]
*Subject:* Re: [qmailtoaster] Qmail reject email from several domain
Reason TIMEOUT
Have a look here:
http://board.phpbuilder.com/showthread.php?10337158-RESOLVED-Warning-mail()-SMTP-server-response-503-RCPT-first-(-5-5-1)-in
<http://board.phpbuilder.com/showthread.php?10337158-RESOLVED-Warning-mail%28%29-SMTP-server-response-503-RCPT-first-%28-5-5-1%29-in>
and here:
https://www.mail-archive.com/[email protected]/msg04199.html
Have the folks at those large domains made changes to their email
servers, or do they use the same servers???
This does not look like an issue with your Qmailtoaster server. Sadly,
it affects your clients.
On 11/4/2016 2:42 PM, [email protected] <mailto:[email protected]> wrote:
After add recordio i see this:
spamdyke[10495]: DENIED_OTHER from: [email protected]
<mailto:[email protected]> to: [email protected]
<mailto:[email protected]> origin_ip: 85.90.252.62 origin_rdns:
dhl-app-der.accountis.net auth: (unknown) encryption: TLS reason:
503_MAIL_first_(#5.5.1)
*From:*Eric Broch [mailto:[email protected]]
*Sent:* Friday, November 04, 2016 9:15 PM
*To:* [email protected]
<mailto:[email protected]>
*Subject:* Re: [qmailtoaster] Qmail reject email from several
domain Reason TIMEOUT
Sorry
recordio...
#!/bin/sh
QMAILDUID=`id -u vpopmail`
NOFILESGID=`id -g vpopmail`
MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`
SPAMDYKE="/usr/bin/spamdyke"
SPAMDYKE_CONF="/etc/spamdyke/spamdyke.conf"
SMTPD="/var/qmail/bin/qmail-smtpd"
TCP_CDB="/etc/tcprules.d/tcp.smtp.cdb"
HOSTNAME=`hostname`
VCHKPW="/home/vpopmail/bin/vchkpw"
REQUIRE_AUTH=0
exec /usr/bin/softlimit -m 64000000 \
/usr/bin/tcpserver -v -R -H -l $HOSTNAME -x $TCP_CDB -c
"$MAXSMTPD" \
-u "$QMAILDUID" -g "$NOFILESGID" 0 smtp \
/usr/bin/recordio \
$SPAMDYKE --config-file $SPAMDYKE_CONF \
$SMTPD $VCHKPW /bin/true 2>&1
On 11/4/2016 2:12 PM, Eric Broch wrote:
Try using recordio
#!/bin/sh
QMAILDUID=`id -u vpopmail`
NOFILESGID=`id -g vpopmail`
MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`
SPAMDYKE="/usr/bin/spamdyke"
SPAMDYKE_CONF="/etc/spamdyke/spamdyke.conf"
SMTPD="/var/qmail/bin/qmail-smtpd"
TCP_CDB="/etc/tcprules.d/tcp.smtp.cdb"
HOSTNAME=`hostname`
VCHKPW="/home/vpopmail/bin/vchkpw"
REQUIRE_AUTH=0
exec /usr/bin/softlimit -m 64000000 \
/usr/bin/tcpserver -v -R -H -l $HOSTNAME -x $TCP_CDB -c
"$MAXSMTPD" \
-u "$QMAILDUID" -g "$NOFILESGID" 0 smtp \
$SPAMDYKE --config-file $SPAMDYKE_CONF \
$SMTPD $VCHKPW /bin/true 2>&1
On 11/4/2016 12:59 PM, [email protected] <mailto:[email protected]>
wrote:
Look, The sender get a reject message:
> Diagnostic information for administrators:
>
> Generating server: mailgw02.man-mit.com
>
>[email protected] <mailto:[email protected]>
> [77.253.207.97] #<[77.253.207.97] #5.0.0 smtp; 5.x.1 - Maximum
number
> of delivery attempts exceeded. [Default] 421-'Timeout. Talk faster
> next time.' (delivery attempts: 100)> #SMTP#
>
> Original message headers:
>
> X-IronPort-AV: E=Sophos;i="5.31,476,1473112800";
> d="pdf'?scan'208";a="48824816"
> Received: from unknown (HELO openrelay.mn-man.biz) ([10.7.81.87])
by
> mailgw02.man-mit.com with ESMTP/TLS/RC4-SHA; 11 Oct 2016 12:12:20
> +0200
> X-IronPort-AV: E=Sophos;i="5.31,476,1473112800";
> d="pdf'?scan'208";a="35414355"
> Received: from mndemucpc035934.mn-man.biz (HELO
> mndemuchub003.mn-man.biz)
> ([10.128.60.217]) by openrelay.mn-man.biz with ESMTP; 11 Oct 2016
> 12:12:29
> +0200
> Received: from MNPLSTWAP001 ([10.131.126.157]) by
> ppmail01.man.com.pl (Lotus Domino Release 6.5.4) with
ESMTP
> id 2016101112122306-44564 ;
> Tue, 11 Oct 2016 12:12:23 +0200
> From: MAN POZNAN<[email protected]> <mailto:[email protected]>
> To: "[email protected]" <mailto:[email protected]>
<[email protected]> <mailto:[email protected]>
> Subject: =?UTF-8?Q?Zam=C3=B3wienie_automatyczne_/_Autob?=
> =?UTF-8?Q?estellung_6510/16/AF,_2016-10-11?=
> CC:"[email protected]" <mailto:[email protected]> <[email protected]>
<mailto:[email protected]>, "[email protected]"
<mailto:[email protected]>
><[email protected]> <mailto:[email protected]>
> MIME-Version: 1.0
> Message-ID:<[email protected]>
<mailto:[email protected]>
> Date: Tue, 11 Oct 2016 12:12:25 +0200
> X-MIMETrack: Itemize by SMTP Server on
> ppmail01/POZNAN/MAN_POLSKA/MAN_BUSPL(Release
> 6.5.4|March 27, 2005) at 2016-10-11 12:12:23,
> Serialize by Router on
> MNDEMUCHUB003/SRV/MAN_Nutzfahrzeuge(Release
7.0.2FP3|December 13,
> 2007) at 11.10.2016 12:12:28
> Content-Type: text/plain
>
>
But I see in my log this:
2016-10-11 17:16:52.411561500 spamdyke[16443]: TIMEOUT
from: [email protected] <mailto:[email protected]> to:
(unknown) origin_ip: 151.136.108.88 origin_rdns:
wgate1.mn.man.de auth: (unknown) encryption: TLS reason:
TIMEOUT
2016-10-11 17:18:05.060074500 spamdyke[16467]: TIMEOUT
from: [email protected] <mailto:[email protected]> to:
(unknown) origin_ip: 151.136.108.88 origin_rdns:
mail1.man.de auth: (unknown) encryption: TLS reason: TIMEOUT
from: [email protected] <mailto:[email protected]> to:
(unknown) not: from: [email protected]
<mailto:[email protected]> to: [email protected]
<mailto:[email protected]>
where find reason?
*From:*Eric Broch [mailto:[email protected]]
*Sent:* Friday, November 04, 2016 7:26 PM
*To:* [email protected]
<mailto:[email protected]>
*Subject:* RE: [qmailtoaster] Qmail reject email from
several domain Reason TIMEOUT
It looks like the email is going to no one, you could
check in the send log at the same time, but I doubt any
delivery is being made. It might be being rejected at
'policy.' It should be followed up with delivery. Below is
what a complete smtp transaction looks like:
<trans>
@40000000581ccab11323ecdc tcpserver: status: 0/100
@40000000581ccaef1914fb7c tcpserver: status: 1/100
@40000000581ccaef192f0f44 tcpserver: pid 1542 from
xxx.xxx.xxx.xxx
@40000000581ccaef1931f574 tcpserver: ok 1542
host.mydomain.tld:yyy.yyy.yyy.yyy:25 :xxx.xxx.xxx.xxx::46233
@40000000581ccaf410b6483c CHKUSER accepted sender: from
<[email protected]::>
<mailto:[email protected]::> remote
<sender-server.remote.ip.net:unknown:xxx.xxx.xxx.xxx> rcpt
<> : sender accepted
@40000000581ccaf425ea9c94 CHKUSER accepted rcpt: from
<[email protected]::>
<mailto:[email protected]::> remote
<sender-server.remote.ip.net:unknown:xxx.xxx.xxx.xxx> rcpt
<[email protected]>
<mailto:[email protected]> : found existing recipient
@40000000581ccaf426022bd4 policy_check: remote
[email protected] <mailto:[email protected]>
-> local [email protected]
<mailto:[email protected]> (UNAUTHENTICATED SENDER)
@40000000581ccaf42603606c policy_check: policy allows
transmission
@40000000581ccaf61fa1ffe4 simscan:[1543]:CLEAN
(-95.70/12.00):1.2711s:This is the subject of the email
being
sent....:xxx.xxx.xxx.xxx:[email protected]:[email protected]
<mailto:sent....:xxx.xxx.xxx.xxx:[email protected]:[email protected]>
@40000000581ccb32260f6e5c tcpserver: end 1542 status 0
@40000000581ccb32260f762c tcpserver: status: 0/100
</trans>
Spamdyke may just being doing what it's supposed to do.
Eric
On 11/4/2016 11:53 AM, [email protected]
<mailto:[email protected]> wrote:
Yes, exacly This occurs only on several big corporate
domain like dhl.com man.eu ergohestia.pl. Most mail
recived ok. And servers works ok. Error occurs only
several domain now I see another domain dupont.com L
After remove spamdyke from the ‘run’ script i can’t
observe TIMEOUT in log.
I see this:
@40000000581cbb402ac7417c CHKUSER accepted sender:
from <[email protected]::>
<mailto:[email protected]::> remote
<gateway1g.dhl.com:unknown:165.72.200.97> rcpt <> :
sender accepted
@40000000581cbb451fa7b4d4 tcpserver: status: 5/100
@40000000581cbb451faa73f4 tcpserver: pid 26568 from
85.90.252.62
@40000000581cbb451fabdf3c tcpserver: ok 26568
mail.xxxxxxxx.pl:192.168.0.95:25 :85.90.252.62::29680
@40000000581cbb4538a2023c CHKUSER accepted sender:
from <[email protected]::>
<mailto:[email protected]::> remote
<dhl-mail-a-1.accountis.net:unknown:85.90.252.62> rcpt
<> : sender accepted
@40000000581cbb53234b5104 tcpserver: end 26418 status 256
@40000000581cbb53234bd1ec tcpserver: status: 4/100
@40000000581cbb540626f95c tcpserver: status: 5/100
@40000000581cbb5406298d84 tcpserver: pid 26573 from
186.85.86.180
@40000000581cbb54062ae15c tcpserver: ok 26573
mail.xxxxxxx.pl:192.168.0.95:25 :186.85.86.180::46388
I don’t know where to find this mail? to whom it is
addressed?
*From:*Eric Broch [mailto:[email protected]]
*Sent:* Friday, November 04, 2016 6:10 PM
*To:* [email protected]
<mailto:[email protected]>
*Subject:* Re: [qmailtoaster] Qmail reject email from
several domain Reason TIMEOUT
From your first email you stated that, "This occurs
only on several big corporate domain like dhl.com
man.eu ergohestia.pl"
Obviously you are receiving at least some mail,
correct? So, whatever the cause of this problem,
spamdyke or otherwise, barring the corporate domains,
in many cases your email server is working correctly,
right?
Maybe the other server ARE actually taking more time
than they should. This is all that I was saying.
Can you remove spamdyke from the 'run' script as I
suggested and give that a try?
Eric
On 11/4/2016 11:00 AM, [email protected]
<mailto:[email protected]> wrote:
I know, because that emails never come. After long
time sender get a return message sorry TIMEOUT L
*From:*Eric Broch [mailto:[email protected]]
*Sent:* Friday, November 04, 2016 5:41 PM
*To:* [email protected]
<mailto:[email protected]>
*Subject:* Re: [qmailtoaster] Qmail reject email
from several domain Reason TIMEOUT
What I meant was this: could it be that spamdyke
is actually doing what it is supposed to do. Is
spamdyke timing out a connection when it takes to
long and allowing connections when the connection
is within the time limit?
In other words, how do you know its not working
properly?
On 11/4/2016 10:27 AM, [email protected]
<mailto:[email protected]> wrote:
what are you mean?
*From:*Eric Broch
[mailto:[email protected]]
*Sent:* Friday, November 04, 2016 5:22 PM
*To:* [email protected]
<mailto:[email protected]>
*Subject:* Re: [qmailtoaster] Qmail reject
email from several domain Reason TIMEOUT
Could it be that the TIMEOUT is legitimate?
On 11/4/2016 10:17 AM, [email protected]
<mailto:[email protected]> wrote:
Sadly TIMEOUT still occurs L
I add timeouted domain to whitelist
_senders. And still TIMEOUT.
Bellow my spamdyke.conf file:
################################################################################
# TIMEOUTS
################################################################################
# Close the connection after SECS seconds,
regardless of activity. A value of
# 0 disables this feature.
# Default: 0
connection-timeout-secs=360
# Close the connection after SECS seconds
of inactivity. A value of 0 disables
# this feature.
# Default: 0
idle-timeout-secs=360
#dns-blacklist-entry=zombie.dnsbl.sorbs.net
#dns-blacklist-entry=dul.dnsbl.sorbs.net
#dns-blacklist-entry=bogons.cymru.com
dns-blacklist-entry=zen.spamhaus.org
dns-blacklist-entry=bl.spamcop.net
graylist-dir=/var/spamdyke/graylist
graylist-level=always
graylist-max-secs=2678400
graylist-min-secs=180
greeting-delay-secs=6
header-blacklist-entry=From:*>,*<*
idle-timeout-secs=60
ip-blacklist-file=/etc/spamdyke/blacklist_ip
ip-in-rdns-keyword-blacklist-file=/etc/spamdyke/blacklist_keywords
ip-in-rdns-keyword-whitelist-file=/etc/spamdyke/whitelist_keywords
ip-whitelist-file=/etc/spamdyke/whitelist_ip
########local-domains-file=/var/qmail/control/rcpthosts
qmail-rcpthosts-file=/var/qmail/control/rcpthosts
qmail-morercpthosts-cdb
log-level=info
#log-level=excessive
log-target=stderr
max-recipients=50
#policy-url=http://my.policy.explanation.url/
rdns-blacklist-file=/etc/spamdyke/blacklist_rdns
rdns-whitelist-file=/etc/spamdyke/whitelist_rdns
recipient-blacklist-file=/etc/spamdyke/blacklist_recipients
recipient-whitelist-file=/etc/spamdyke/whitelist_recipients
reject-empty-rdns
#reject-ip-in-cc-rdns
#################reject-missing-sender-mx
reject-sender=no-mx
reject-unresolvable-rdns
rejection-text-sender-no-mx
reject-recipient=same-as-sender
rejection-text-recipient-same-as-sender
sender-blacklist-file=/etc/spamdyke/blacklist_senders
sender-whitelist-file=/etc/spamdyke/whitelist_senders
tls-certificate-file=/var/qmail/control/servercert.pem
tls-privatekey-file=/var/qmail/control/servercert.key
tls-level=SMTP
*From:*Eric Broch
[mailto:[email protected]]
*Sent:* Friday, November 04, 2016 4:31 PM
*To:* [email protected]
<mailto:[email protected]>
*Subject:* Re: [qmailtoaster] Qmail reject
email from several domain Reason TIMEOUT
Settings change between spamdyke 4 and 5
I have a script (fixsd.sh):
<fixsd.sh>
#!/bin/sh
sed -i \
-e
's/reject-missing-sender-mx/reject-sender=no-mx/g'
\
-e
's/rejection-text-missing-sender-mx/rejection-text-sender-no-mx/g'
\
-e
's/reject-identical-sender-recipient/reject-recipient=same-as-sender/g'
\
-e
's/rejection-text-identical-sender-recipient/rejection-text-recipient-same-as-sender/g'
\
-e
's/local-domains-file/qmail-rcpthosts-file/g'
\
-e
's/local-domains-entry=/#local-domains-entry=(Add
these entries to qmail-rcpthosts-file)/g' \
-e
's/morercpthosts/qmail-morercpthosts-cdb/'g
/etc/spamdyke/spamdyke.conf
</fixsd.sh>
If this doesn't work, can you refert to
spamdyke 4 and let us know if that works?
Eric
On 11/4/2016 9:09 AM, [email protected]
<mailto:[email protected]> wrote:
I upgrade spamdyke to version 5.0.1
and nothing change. L
I expand to:
'idle-timeout-sec=360'
And still TIMEOUT
*From:*Eric Broch
[mailto:[email protected]]
*Sent:* Friday, November 04, 2016 2:17 PM
*To:*
[email protected]
<mailto:[email protected]>
*Subject:* Re: [qmailtoaster] Qmail
reject email from several domain
Reason TIMEOUT
It looks to me like it's spamdyke
causing the problem. It's certainly
what the log suggests. What is your
'idle-timeout' setting in
/etc/spamdyke/spamdyke.conf
On 11/4/2016 4:31 AM, [email protected]
<mailto:[email protected]> wrote:
Hi,
From some time i have a problem
with my qmail server. From some
time the server reject mail from
several domain REASON TIMEOUT. I
don’t know why. This occurs only
on several big corporate domain
like dhl.com man.eu ergohestia.pl.
First i suspect spamdyke. But i
check it. Enter white list etc.
Ask on spamdyke forum and final
look at the spamdyke don’t block
anything.
The excessive log file show only:
“talk faster next time”
A part of log bellow:
@40000000581c48af3996f15c
tcpserver: status: 2/100
@40000000581c48d908f1b21c
spamdyke[4387]:
EXCESSIVE(middleman()@spamdyke.c:1965):
child output file descriptor 5 closed
@40000000581c48d908f1bdd4
spamdyke[4387]:
EXCESSIVE(output_writeln()@log.c:102):
wrote 37 bytes to network file
descriptor 1, buffer contained 37
bytes: 421 Timeout. Talk faster next
@40000000581c48d908f1c5a4
spamdyke[4387]: TIMEOUT from:
[email protected]
<mailto:[email protected]> to:
(unknown) origin_ip: 89.38.150.213
origin_rdns:
host213-150-38-89.static.arubacloud.fr
auth: (unknown) encryption: (none)
reason: TIMEOUT
@40000000581c48d908f21b94
spamdyke[4387]:
DEBUG(find_username()@spamdyke.c:127):
searching for username between
positions 9 and 35: RCPT
TO:<marekm@*****.com.pl
<mailto:marekm@*****.com.pl>>
@40000000581c48d908f22364 DATA
@40000000581c48d908f2274c
@40000000581c48d908f22b34
spamdyke[4387]:
EXCESSIVE(find_username()@spamdyke.c:309):
found username in address: marekm
@40000000581c48d908f24a74
spamdyke[4387]:
DEBUG(find_domain()@spamdyke.c:361):
searching for domain between
positions 15 and 35: RCPT
TO:<marekm@*****.com.pl
<mailto:marekm@*****.com.pl>>
@40000000581c48d908f25244 DATA
@40000000581c48d908f25244
@40000000581c48d908f2562c
spamdyke[4387]:
EXCESSIVE(find_domain()@spamdyke.c:529):
found domain in address: *****.com.pl
@40000000581c48d908f25dfc
spamdyke[4387]:
DEBUG(find_address()@spamdyke.c:726):
found username: marekm
@40000000581c48d908f27954
spamdyke[4387]:
DEBUG(find_address()@spamdyke.c:743):
found domain: *****.com.pl
@40000000581c48d908f2b3ec
spamdyke[4387]:
DEBUG(filter_recipient_whitelist()@filter.c:2332):
searching recipient whitelist(s);
recipient: marekm@*****.com.pl
<mailto:marekm@*****.com.pl>
@40000000581c48d908f2b7d4
spamdyke[4387]:
EXCESSIVE(output_writeln()@log.c:102):
wrote 37 bytes to network file
descriptor 1, buffer contained 37
bytes: 421 Timeout. Talk faster next
@40000000581c48d908f2bfa4
spamdyke[4387]: TIMEOUT from:
[email protected]
<mailto:[email protected]> to:
marekm@*****.com.pl
<mailto:marekm@*****.com.pl>
origin_ip: 89.38.150.213
origin_rdns:
host213-150-38-89.static.arubacloud.fr
auth: (unknown) encryption: (none)
reason: (empty)
@40000000581c48d908f2dee4
spamdyke[4387]:
EXCESSIVE(output_writeln()@log.c:102):
wrote 37 bytes to network file
descriptor 1, buffer contained 37
bytes: 421 Timeout. Talk faster next
@40000000581c48e231636ccc
spamdyke[4293]:
EXCESSIVE(middleman()@spamdyke.c:2097):
read 33 bytes from child input
file descriptor 6, buffer contains
33 bytes, current position is 0:
451 SPF lookup failure (#4.3.0
@40000000581c48e231637884
spamdyke[4293]:
EXCESSIVE(middleman()@spamdyke.c:2107):
child input file descriptor 6
indicates EOF, buffer contains 0
bytes, current position is 0
@40000000581c48e231638054
spamdyke[4293]:
EXCESSIVE(middleman()@spamdyke.c:2108):
child input file descriptor 6 closed
@40000000581c48e231638824
spamdyke[4293]:
EXCESSIVE(middleman()@spamdyke.c:2989):
child process exited normally with
return value 1
Any help will be appreciated
Marek
