In /etc/spamdyke/spamdyke.conf set 'tls-level' to 'none'.
tls-level=none
allow qmail to do the tls and see if it works.
On 6/18/2019 9:07 AM, Rajesh M wrote:
eric
in the spamdyke.conf i can see this
tls-certificate-file=/var/qmail/control/servercert.pem
also i am using the
/var/qmail/control/servercert.pem
for domain key signing of outgoing emails.
rajesh
----- Original Message -----
From: Eric Broch [mailto:ebr...@whitehorsetc.com]
To: qmailtoaster-list@qmailtoaster.com
Sent: Tue, 18 Jun 2019 08:52:13 -0600
Subject:
So you have spamdyke doing the TLS?
On 6/18/2019 8:38 AM, Rajesh M wrote:
Hi
ISSUE 1
all of a sudden we are receiving error on one of our servers for one specific
sender domain (sending from microsoft server)
the sender domain is not able to send emails to the recepient domain on our
server. The email bounces with the following error
encryption: TLS reason: 503_MAIL_first_(#5.5.1)
06/18/2019 19:33:16 LOG OUTPUT TLS
DENIED_OTHER from: rethish.n...@sender.com to: nominati...@dxb.recepient.com
origin_ip: 40.107.69.126 origin_rdns:
mail-eopbgr690126.outbound.protection.outlook.com auth: (unknown) encryption:
TLS reason: 503_MAIL_first_(#5.5.1)
06/18/2019 19:33:16 FROM REMOTE TO CHILD: 6 bytes TLS
QUIT
06/18/2019 19:33:16 LOG OUTPUT TLS
ERROR(tls_write()@tls.c:678): unable to write to SSL/TLS stream: The operation
failed due to an I/O error, Connection reset by peer
ERROR(output_writeln()@log.c:104): unable to write 27 bytes to file descriptor
1: Connection reset by peer
06/18/2019 19:33:16 FROM CHILD TO REMOTE: 27 bytes TLS
221 ns1.HOSTNAME.com
06/18/2019 19:33:16 LOG OUTPUT TLS
ERROR(tls_read()@tls.c:620): unable to read from SSL/TLS stream: The operation
failed due to an I/O error, Unexpected EOF found
06/18/2019 19:33:16 - TLS ended and closed
the error log of spamdyke full-log-dir is give below follows
ISSUE 2
also i noted that spamdyke log mentions as such
reset address space soft limit to infinity: please stop using the softlimit
program
What exactly does this mean. What is the alternative to prevent large files
should i disable softlimit program in
/usr/bin/softlimit -m 64000000 \
in the smtp run file
require your kind help in resolving the above 2 issues
thanks
rajesh
06/18/2019 19:32:54 STARTED: VERSION = 5.0.1+TLS+CONFIGTEST+DEBUG, PID = 19829
06/18/2019 19:32:54 CURRENT ENVIRONMENT
PATH=/var/qmail/bin:/usr/local/bin:/usr/bin:/bin
PWD=/var/qmail/supervise/smtp
SHLVL=0
PROTO=TCP
TCPLOCALIP=103.241.181.154
TCPLOCALPORT=25
TCPLOCALHOST=ns1.HOSTNAME.com
TCPREMOTEIP=40.107.69.126
TCPREMOTEPORT=42264
BADMIMETYPE=
BADLOADERTYPE=M
QMAILQUEUE=/var/qmail/bin/simscan
CHKUSER_START=ALWAYS
CHKUSER_RCPTLIMIT=50
CHKUSER_WRONGRCPTLIMIT=10
NOP0FCHECK=1
DKQUEUE=/var/qmail/bin/qmail-queue.orig
DKVERIFY=DEGIJKfh
DKSIGN=/var/qmail/control/domainkeys/%/private
06/18/2019 19:32:54 CURRENT CONFIG
config-file=/etc/spamdyke/spamdyke.conf
dns-blacklist-entry=zen.spamhaus.org
full-log-dir=/var/log/spamdyke
graylist-dir=/var/spamdyke/graylist
graylist-max-secs=2678400
graylist-min-secs=180
header-blacklist-entry=From:*>,*<*
idle-timeout-secs=600
ip-blacklist-file=/etc/spamdyke/blacklist_ip
ip-in-rdns-keyword-blacklist-file=/etc/spamdyke/blacklist_keywords
ip-in-rdns-keyword-whitelist-file=/etc/spamdyke/whitelist_keywords
ip-whitelist-file=/etc/spamdyke/whitelist_ip
log-level=info
max-recipients=100
rdns-blacklist-file=/etc/spamdyke/blacklist_rdns
rdns-whitelist-file=/etc/spamdyke/whitelist_rdns
recipient-blacklist-file=/etc/spamdyke/blacklist_recipients
recipient-whitelist-file=/etc/spamdyke/whitelist_recipients
reject-empty-rdns=1
reject-sender=no-mx
reject-sender=authentication-domain-mismatch
reject-unresolvable-rdns=1
relay-level=normal
sender-blacklist-file=/etc/spamdyke/blacklist_senders
sender-whitelist-file=/etc/spamdyke/whitelist_senders
tls-certificate-file=/var/qmail/control/servercert.pem
06/18/2019 19:32:54 - Remote IP = 40.107.69.126
06/18/2019 19:32:54 CURRENT CONFIG
config-file=/etc/spamdyke/spamdyke.conf
dns-blacklist-entry=zen.spamhaus.org
dns-server-ip-primary=8.8.8.8
full-log-dir=/var/log/spamdyke
graylist-dir=/var/spamdyke/graylist
graylist-max-secs=2678400
graylist-min-secs=180
header-blacklist-entry=From:*>,*<*
idle-timeout-secs=600
ip-blacklist-file=/etc/spamdyke/blacklist_ip
ip-in-rdns-keyword-blacklist-file=/etc/spamdyke/blacklist_keywords
ip-in-rdns-keyword-whitelist-file=/etc/spamdyke/whitelist_keywords
ip-whitelist-file=/etc/spamdyke/whitelist_ip
log-level=info
max-recipients=100
rdns-blacklist-file=/etc/spamdyke/blacklist_rdns
rdns-whitelist-file=/etc/spamdyke/whitelist_rdns
recipient-blacklist-file=/etc/spamdyke/blacklist_recipients
recipient-whitelist-file=/etc/spamdyke/whitelist_recipients
reject-empty-rdns=1
reject-sender=no-mx
reject-sender=authentication-domain-mismatch
reject-unresolvable-rdns=1
relay-level=normal
sender-blacklist-file=/etc/spamdyke/blacklist_senders
sender-whitelist-file=/etc/spamdyke/whitelist_senders
tls-certificate-file=/var/qmail/control/servercert.pem
06/18/2019 19:32:54 - Remote rDNS =
mail-eopbgr690126.outbound.protection.outlook.com
06/18/2019 19:32:54 LOG OUTPUT
DEBUG(filter_rdns_missing()@filter.c:947): checking for missing rDNS; rdns:
mail-eopbgr690126.outbound.protection.outlook.com
DEBUG(filter_rdns_whitelist_file()@filter.c:1055): searching rDNS whitelist
file(s); rdns: mail-eopbgr690126.outbound.protection.outlook.com
DEBUG(filter_rdns_blacklist_file()@filter.c:1159): searching rDNS blacklist
file(s); rdns: mail-eopbgr690126.outbound.protection.outlook.com
DEBUG(filter_ip_whitelist()@filter.c:1228): searching IP whitelist file(s); ip:
40.107.69.126
DEBUG(filter_ip_blacklist()@filter.c:1279): searching IP blacklist file(s); ip:
40.107.69.126
DEBUG(filter_ip_in_rdns_whitelist()@filter.c:1380): checking for IP in rDNS
+keyword(s) in whitelist file; ip: 40.107.69.126 rdns:
mail-eopbgr690126.outbound.protection.outlook.com
DEBUG(filter_ip_in_rdns_blacklist()@filter.c:1333): checking for IP in rDNS
+keyword(s) in blacklist file; ip: 40.107.69.126 rdns:
mail-eopbgr690126.outbound.protection.outlook.com
DEBUG(filter_rdns_resolve()@filter.c:1426): checking rDNS resolution; rdns:
mail-eopbgr690126.outbound.protection.outlook.com
DEBUG(filter_dns_rbl()@filter.c:1645): checking DNS RBL(s); ip: 40.107.69.126
DEBUG(undo_softlimit()@spamdyke.c:3203): reset address space soft limit to
infinity: please stop using the softlimit program
DEBUG(undo_softlimit()@spamdyke.c:3223): reset data segment soft limit to
infinity: please stop using the softlimit program
DEBUG(undo_softlimit()@spamdyke.c:3241): reset stack size soft limit to
infinity: please stop using the softlimit program
06/18/2019 19:32:54 FROM CHILD TO REMOTE: 33 bytes
220 ns1.HOSTNAME.com ESMTP
06/18/2019 19:32:54 FROM REMOTE TO CHILD: 52 bytes
EHLO NAM04-CO1-obe.outbound.protection.outlook.com
06/18/2019 19:32:54 FROM CHILD TO REMOTE: 27 bytes
250-ns1.HOSTNAME.com
06/18/2019 19:32:54 FROM CHILD TO REMOTE: 14 bytes
250-STARTTLS
06/18/2019 19:32:54 FROM CHILD TO REMOTE: 16 bytes
250-PIPELINING
06/18/2019 19:32:54 FROM CHILD TO REMOTE: 14 bytes
250-8BITMIME
06/18/2019 19:32:54 FROM CHILD TO REMOTE: 19 bytes
250-SIZE 31457280
06/18/2019 19:32:54 FROM CHILD TO REMOTE: 31 bytes
250 AUTH LOGIN PLAIN CRAM-MD5
06/18/2019 19:32:55 FROM REMOTE TO CHILD: 10 bytes
STARTTLS
06/18/2019 19:32:55 FROM SPAMDYKE TO REMOTE: 14 bytes
220 Proceed.
06/18/2019 19:32:56 LOG OUTPUT TLS
DEBUG(tls_start()@tls.c:417): TLS/SSL connection established, using cipher
AES256-GCM-SHA384, 256 bits
06/18/2019 19:32:56 - TLS negotiated and started
06/18/2019 19:32:56 FROM REMOTE TO CHILD: 52 bytes TLS
EHLO NAM04-CO1-obe.outbound.protection.outlook.com
06/18/2019 19:32:56 FROM CHILD TO REMOTE: 27 bytes TLS
250-ns1.HOSTNAME.com
06/18/2019 19:32:56 FROM CHILD, FILTERED: 14 bytes TLS
250-STARTTLS
06/18/2019 19:32:56 FROM CHILD TO REMOTE: 16 bytes TLS
250-PIPELINING
06/18/2019 19:32:56 FROM CHILD TO REMOTE: 14 bytes TLS
250-8BITMIME
06/18/2019 19:32:56 FROM CHILD TO REMOTE: 19 bytes TLS
250-SIZE 31457280
06/18/2019 19:32:56 FROM CHILD TO REMOTE: 31 bytes TLS
250 AUTH LOGIN PLAIN CRAM-MD5
06/18/2019 19:32:57 FROM REMOTE TO CHILD: 48 bytes TLS
MAIL FROM:<rethish.n...@sender.com> SIZE=68640
06/18/2019 19:32:57 LOG OUTPUT TLS
DEBUG(find_username()@spamdyke.c:127): searching for username between positions 11
and 33: MAIL FROM:<rethish.n...@sender.com> SIZE=68640
RCPT TO:<ranj...@dxb.recepient.com>
RCPT TO:<nominati...@dxb.recepient.com>
DEBUG(find_domain()@spamdyke.c:361): searching for domain between positions 23 and
33: MAIL FROM:<rethish.n...@sender.com> SIZE=68640
RCPT TO:<ranj...@dxb.recepient.com>
RCPT TO:<nominati...@dxb.recepient.com>
DEBUG(find_address()@spamdyke.c:726): found username: Rethish.Nair
DEBUG(find_address()@spamdyke.c:743): found domain: SENDER.com
DEBUG(filter_sender_whitelist()@filter.c:1871): searching sender whitelist(s);
sender: rethish.n...@sender.com
FILTER_SENDER_WHITELIST sender: rethish.n...@sender.com file:
/etc/spamdyke/whitelist_senders(781)
06/18/2019 19:33:16 FROM CHILD TO REMOTE: 33 bytes TLS
451 SPF lookup failure (#4.3.0)
06/18/2019 19:33:16 FROM REMOTE TO CHILD: 40 bytes TLS
RCPT TO:<ranj...@dxb.recepient.com>
06/18/2019 19:33:16 LOG OUTPUT TLS
DEBUG(find_username()@spamdyke.c:127): searching for username between positions 9 and
36: RCPT TO:<ranj...@dxb.recepient.com>
RCPT TO:<nominati...@dxb.recepient.com>
DEBUG(find_domain()@spamdyke.c:361): searching for domain between positions 16 and
36: RCPT TO:<ranj...@dxb.recepient.com>
RCPT TO:<nominati...@dxb.recepient.com>
DEBUG(find_address()@spamdyke.c:726): found username: ranjini
DEBUG(find_address()@spamdyke.c:743): found domain: dxb.RECEPIENT.com
DEBUG(find_cdb_record()@cdb.c:138): searching CDB file
/var/qmail/control/morercpthosts.cdb for 20 byte key = dxb.RECEPIENT.com, hash
= 3655419700, main index = 52, num_slots = 2, slot_num = 1
06/18/2019 19:33:16 LOG OUTPUT TLS
FILTER_OTHER response: "503 MAIL first (#5.5.1)"
06/18/2019 19:33:16 FROM CHILD TO REMOTE: 25 bytes TLS
503 MAIL first (#5.5.1)
06/18/2019 19:33:16 LOG OUTPUT TLS
DENIED_OTHER from: rethish.n...@sender.com to: ranj...@dxb.recepient.com
origin_ip: 40.107.69.126 origin_rdns:
mail-eopbgr690126.outbound.protection.outlook.com auth: (unknown) encryption:
TLS reason: 503_MAIL_first_(#5.5.1)
06/18/2019 19:33:16 FROM REMOTE TO CHILD: 44 bytes TLS
RCPT TO:<nominati...@dxb.recepient.com>
06/18/2019 19:33:16 LOG OUTPUT TLS
DEBUG(find_username()@spamdyke.c:127): searching for username between positions 9 and
40: RCPT TO:<nominati...@dxb.recepient.com>
DEBUG(find_domain()@spamdyke.c:361): searching for domain between positions 20 and
40: RCPT TO:<nominati...@dxb.recepient.com>
DEBUG(find_address()@spamdyke.c:726): found username: nominations
DEBUG(find_address()@spamdyke.c:743): found domain: dxb.RECEPIENT.com
DEBUG(find_cdb_record()@cdb.c:138): searching CDB file
/var/qmail/control/morercpthosts.cdb for 20 byte key = dxb.RECEPIENT.com, hash
= 3655419700, main index = 52, num_slots = 2, slot_num = 1
06/18/2019 19:33:16 LOG OUTPUT TLS
FILTER_OTHER response: "503 MAIL first (#5.5.1)"
06/18/2019 19:33:16 FROM CHILD TO REMOTE: 25 bytes TLS
503 MAIL first (#5.5.1)
06/18/2019 19:33:16 LOG OUTPUT TLS
DENIED_OTHER from: rethish.n...@sender.com to: nominati...@dxb.recepient.com
origin_ip: 40.107.69.126 origin_rdns:
mail-eopbgr690126.outbound.protection.outlook.com auth: (unknown) encryption:
TLS reason: 503_MAIL_first_(#5.5.1)
06/18/2019 19:33:16 FROM REMOTE TO CHILD: 6 bytes TLS
QUIT
06/18/2019 19:33:16 LOG OUTPUT TLS
ERROR(tls_write()@tls.c:678): unable to write to SSL/TLS stream: The operation
failed due to an I/O error, Connection reset by peer
ERROR(output_writeln()@log.c:104): unable to write 27 bytes to file descriptor
1: Connection reset by peer
06/18/2019 19:33:16 FROM CHILD TO REMOTE: 27 bytes TLS
221 ns1.HOSTNAME.com
06/18/2019 19:33:16 LOG OUTPUT TLS
ERROR(tls_read()@tls.c:620): unable to read from SSL/TLS stream: The operation
failed due to an I/O error, Unexpected EOF found
06/18/2019 19:33:16 - TLS ended and closed
06/18/2019 19:33:16 CLOSED
---------------------------------------------------------------------
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
---------------------------------------------------------------------
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com