Re: [qmailtoaster] TLS reason: 503_MAIL_first_(#5.5.1)

Eric Broch Tue, 18 Jun 2019 08:15:06 -0700

In /etc/spamdyke/spamdyke.conf set 'tls-level' to 'none'.


tls-level=none

allow qmail to do the tls and see if it works.


On 6/18/2019 9:07 AM, Rajesh M wrote:

eric

in the spamdyke.conf i can see this
tls-certificate-file=/var/qmail/control/servercert.pem

also i am using the
/var/qmail/control/servercert.pem
for domain key signing of outgoing emails.

rajesh

----- Original Message -----
From: Eric Broch [mailto:ebr...@whitehorsetc.com]
To: qmailtoaster-list@qmailtoaster.com
Sent: Tue, 18 Jun 2019 08:52:13 -0600
Subject:

So you have spamdyke doing the TLS?

On 6/18/2019 8:38 AM, Rajesh M wrote:

Hi

ISSUE 1
all of a sudden we are receiving error on one of our servers for one specific 
sender domain (sending from microsoft server)

the sender domain is not able to send emails to the recepient domain on our 
server. The email bounces with the following error
encryption: TLS reason: 503_MAIL_first_(#5.5.1)

06/18/2019 19:33:16 LOG OUTPUT TLS
DENIED_OTHER from: rethish.n...@sender.com to: nominati...@dxb.recepient.com 
origin_ip: 40.107.69.126 origin_rdns: 
mail-eopbgr690126.outbound.protection.outlook.com auth: (unknown) encryption: 
TLS reason: 503_MAIL_first_(#5.5.1)
06/18/2019 19:33:16 FROM REMOTE TO CHILD: 6 bytes TLS
QUIT
06/18/2019 19:33:16 LOG OUTPUT TLS
ERROR(tls_write()@tls.c:678): unable to write to SSL/TLS stream: The operation 
failed due to an I/O error, Connection reset by peer
ERROR(output_writeln()@log.c:104): unable to write 27 bytes to file descriptor 
1: Connection reset by peer
06/18/2019 19:33:16 FROM CHILD TO REMOTE: 27 bytes TLS
221 ns1.HOSTNAME.com
06/18/2019 19:33:16 LOG OUTPUT TLS
ERROR(tls_read()@tls.c:620): unable to read from SSL/TLS stream: The operation 
failed due to an I/O error, Unexpected EOF found

06/18/2019 19:33:16 - TLS ended and closed


the error log of spamdyke  full-log-dir is give below follows


ISSUE 2
also i noted that spamdyke log mentions as such
reset address space soft limit to infinity: please stop using the softlimit 
program

What exactly does this mean. What is the alternative to prevent large files 
should i disable softlimit program in
/usr/bin/softlimit -m 64000000 \
in the smtp run file

require your kind help in resolving the above 2 issues

thanks
rajesh

06/18/2019 19:32:54 STARTED: VERSION = 5.0.1+TLS+CONFIGTEST+DEBUG, PID = 19829

06/18/2019 19:32:54 CURRENT ENVIRONMENT
PATH=/var/qmail/bin:/usr/local/bin:/usr/bin:/bin
PWD=/var/qmail/supervise/smtp
SHLVL=0
PROTO=TCP
TCPLOCALIP=103.241.181.154
TCPLOCALPORT=25
TCPLOCALHOST=ns1.HOSTNAME.com
TCPREMOTEIP=40.107.69.126
TCPREMOTEPORT=42264
BADMIMETYPE=
BADLOADERTYPE=M
QMAILQUEUE=/var/qmail/bin/simscan
CHKUSER_START=ALWAYS
CHKUSER_RCPTLIMIT=50
CHKUSER_WRONGRCPTLIMIT=10
NOP0FCHECK=1
DKQUEUE=/var/qmail/bin/qmail-queue.orig
DKVERIFY=DEGIJKfh
DKSIGN=/var/qmail/control/domainkeys/%/private

06/18/2019 19:32:54 CURRENT CONFIG
config-file=/etc/spamdyke/spamdyke.conf
dns-blacklist-entry=zen.spamhaus.org
full-log-dir=/var/log/spamdyke
graylist-dir=/var/spamdyke/graylist
graylist-max-secs=2678400
graylist-min-secs=180
header-blacklist-entry=From:*>,*<*
idle-timeout-secs=600
ip-blacklist-file=/etc/spamdyke/blacklist_ip
ip-in-rdns-keyword-blacklist-file=/etc/spamdyke/blacklist_keywords
ip-in-rdns-keyword-whitelist-file=/etc/spamdyke/whitelist_keywords
ip-whitelist-file=/etc/spamdyke/whitelist_ip
log-level=info
max-recipients=100
rdns-blacklist-file=/etc/spamdyke/blacklist_rdns
rdns-whitelist-file=/etc/spamdyke/whitelist_rdns
recipient-blacklist-file=/etc/spamdyke/blacklist_recipients
recipient-whitelist-file=/etc/spamdyke/whitelist_recipients
reject-empty-rdns=1
reject-sender=no-mx
reject-sender=authentication-domain-mismatch
reject-unresolvable-rdns=1
relay-level=normal
sender-blacklist-file=/etc/spamdyke/blacklist_senders
sender-whitelist-file=/etc/spamdyke/whitelist_senders
tls-certificate-file=/var/qmail/control/servercert.pem

06/18/2019 19:32:54 - Remote IP = 40.107.69.126

06/18/2019 19:32:54 CURRENT CONFIG
config-file=/etc/spamdyke/spamdyke.conf
dns-blacklist-entry=zen.spamhaus.org
dns-server-ip-primary=8.8.8.8
full-log-dir=/var/log/spamdyke
graylist-dir=/var/spamdyke/graylist
graylist-max-secs=2678400
graylist-min-secs=180
header-blacklist-entry=From:*>,*<*
idle-timeout-secs=600
ip-blacklist-file=/etc/spamdyke/blacklist_ip
ip-in-rdns-keyword-blacklist-file=/etc/spamdyke/blacklist_keywords
ip-in-rdns-keyword-whitelist-file=/etc/spamdyke/whitelist_keywords
ip-whitelist-file=/etc/spamdyke/whitelist_ip
log-level=info
max-recipients=100
rdns-blacklist-file=/etc/spamdyke/blacklist_rdns
rdns-whitelist-file=/etc/spamdyke/whitelist_rdns
recipient-blacklist-file=/etc/spamdyke/blacklist_recipients
recipient-whitelist-file=/etc/spamdyke/whitelist_recipients
reject-empty-rdns=1
reject-sender=no-mx
reject-sender=authentication-domain-mismatch
reject-unresolvable-rdns=1
relay-level=normal
sender-blacklist-file=/etc/spamdyke/blacklist_senders
sender-whitelist-file=/etc/spamdyke/whitelist_senders
tls-certificate-file=/var/qmail/control/servercert.pem

06/18/2019 19:32:54 - Remote rDNS = 
mail-eopbgr690126.outbound.protection.outlook.com

06/18/2019 19:32:54 LOG OUTPUT
DEBUG(filter_rdns_missing()@filter.c:947): checking for missing rDNS; rdns: 
mail-eopbgr690126.outbound.protection.outlook.com
DEBUG(filter_rdns_whitelist_file()@filter.c:1055): searching rDNS whitelist 
file(s); rdns: mail-eopbgr690126.outbound.protection.outlook.com
DEBUG(filter_rdns_blacklist_file()@filter.c:1159): searching rDNS blacklist 
file(s); rdns: mail-eopbgr690126.outbound.protection.outlook.com
DEBUG(filter_ip_whitelist()@filter.c:1228): searching IP whitelist file(s); ip: 
40.107.69.126
DEBUG(filter_ip_blacklist()@filter.c:1279): searching IP blacklist file(s); ip: 
40.107.69.126
DEBUG(filter_ip_in_rdns_whitelist()@filter.c:1380): checking for IP in rDNS 
+keyword(s) in whitelist file; ip: 40.107.69.126 rdns: 
mail-eopbgr690126.outbound.protection.outlook.com
DEBUG(filter_ip_in_rdns_blacklist()@filter.c:1333): checking for IP in rDNS 
+keyword(s) in blacklist file; ip: 40.107.69.126 rdns: 
mail-eopbgr690126.outbound.protection.outlook.com
DEBUG(filter_rdns_resolve()@filter.c:1426): checking rDNS resolution; rdns: 
mail-eopbgr690126.outbound.protection.outlook.com
DEBUG(filter_dns_rbl()@filter.c:1645): checking DNS RBL(s); ip: 40.107.69.126
DEBUG(undo_softlimit()@spamdyke.c:3203): reset address space soft limit to 
infinity: please stop using the softlimit program
DEBUG(undo_softlimit()@spamdyke.c:3223): reset data segment soft limit to 
infinity: please stop using the softlimit program
DEBUG(undo_softlimit()@spamdyke.c:3241): reset stack size soft limit to 
infinity: please stop using the softlimit program

06/18/2019 19:32:54 FROM CHILD TO REMOTE: 33 bytes
220 ns1.HOSTNAME.com ESMTP

06/18/2019 19:32:54 FROM REMOTE TO CHILD: 52 bytes
EHLO NAM04-CO1-obe.outbound.protection.outlook.com

06/18/2019 19:32:54 FROM CHILD TO REMOTE: 27 bytes
250-ns1.HOSTNAME.com

06/18/2019 19:32:54 FROM CHILD TO REMOTE: 14 bytes
250-STARTTLS

06/18/2019 19:32:54 FROM CHILD TO REMOTE: 16 bytes
250-PIPELINING

06/18/2019 19:32:54 FROM CHILD TO REMOTE: 14 bytes
250-8BITMIME

06/18/2019 19:32:54 FROM CHILD TO REMOTE: 19 bytes
250-SIZE 31457280

06/18/2019 19:32:54 FROM CHILD TO REMOTE: 31 bytes
250 AUTH LOGIN PLAIN CRAM-MD5

06/18/2019 19:32:55 FROM REMOTE TO CHILD: 10 bytes
STARTTLS

06/18/2019 19:32:55 FROM SPAMDYKE TO REMOTE: 14 bytes
220 Proceed.

06/18/2019 19:32:56 LOG OUTPUT TLS
DEBUG(tls_start()@tls.c:417): TLS/SSL connection established, using cipher 
AES256-GCM-SHA384, 256 bits

06/18/2019 19:32:56 - TLS negotiated and started

06/18/2019 19:32:56 FROM REMOTE TO CHILD: 52 bytes TLS
EHLO NAM04-CO1-obe.outbound.protection.outlook.com

06/18/2019 19:32:56 FROM CHILD TO REMOTE: 27 bytes TLS
250-ns1.HOSTNAME.com

06/18/2019 19:32:56 FROM CHILD, FILTERED: 14 bytes TLS
250-STARTTLS

06/18/2019 19:32:56 FROM CHILD TO REMOTE: 16 bytes TLS
250-PIPELINING

06/18/2019 19:32:56 FROM CHILD TO REMOTE: 14 bytes TLS
250-8BITMIME

06/18/2019 19:32:56 FROM CHILD TO REMOTE: 19 bytes TLS
250-SIZE 31457280

06/18/2019 19:32:56 FROM CHILD TO REMOTE: 31 bytes TLS
250 AUTH LOGIN PLAIN CRAM-MD5

06/18/2019 19:32:57 FROM REMOTE TO CHILD: 48 bytes TLS
MAIL FROM:<rethish.n...@sender.com> SIZE=68640

06/18/2019 19:32:57 LOG OUTPUT TLS
DEBUG(find_username()@spamdyke.c:127): searching for username between positions 11 
and 33: MAIL FROM:<rethish.n...@sender.com> SIZE=68640
RCPT TO:<ranj...@dxb.recepient.com>
RCPT TO:<nominati...@dxb.recepient.com>
DEBUG(find_domain()@spamdyke.c:361): searching for domain between positions 23 and 
33: MAIL FROM:<rethish.n...@sender.com> SIZE=68640
RCPT TO:<ranj...@dxb.recepient.com>
RCPT TO:<nominati...@dxb.recepient.com>
DEBUG(find_address()@spamdyke.c:726): found username: Rethish.Nair
DEBUG(find_address()@spamdyke.c:743): found domain: SENDER.com
DEBUG(filter_sender_whitelist()@filter.c:1871): searching sender whitelist(s); 
sender: rethish.n...@sender.com
FILTER_SENDER_WHITELIST sender: rethish.n...@sender.com file: 
/etc/spamdyke/whitelist_senders(781)

06/18/2019 19:33:16 FROM CHILD TO REMOTE: 33 bytes TLS
451 SPF lookup failure (#4.3.0)

06/18/2019 19:33:16 FROM REMOTE TO CHILD: 40 bytes TLS
RCPT TO:<ranj...@dxb.recepient.com>

06/18/2019 19:33:16 LOG OUTPUT TLS
DEBUG(find_username()@spamdyke.c:127): searching for username between positions 9 and 
36: RCPT TO:<ranj...@dxb.recepient.com>
RCPT TO:<nominati...@dxb.recepient.com>
DEBUG(find_domain()@spamdyke.c:361): searching for domain between positions 16 and 
36: RCPT TO:<ranj...@dxb.recepient.com>
RCPT TO:<nominati...@dxb.recepient.com>
DEBUG(find_address()@spamdyke.c:726): found username: ranjini
DEBUG(find_address()@spamdyke.c:743): found domain: dxb.RECEPIENT.com
DEBUG(find_cdb_record()@cdb.c:138): searching CDB file 
/var/qmail/control/morercpthosts.cdb for 20 byte key = dxb.RECEPIENT.com, hash 
= 3655419700, main index = 52, num_slots = 2, slot_num = 1

06/18/2019 19:33:16 LOG OUTPUT TLS
FILTER_OTHER response: "503 MAIL first (#5.5.1)"

06/18/2019 19:33:16 FROM CHILD TO REMOTE: 25 bytes TLS
503 MAIL first (#5.5.1)

06/18/2019 19:33:16 LOG OUTPUT TLS
DENIED_OTHER from: rethish.n...@sender.com to: ranj...@dxb.recepient.com 
origin_ip: 40.107.69.126 origin_rdns: 
mail-eopbgr690126.outbound.protection.outlook.com auth: (unknown) encryption: 
TLS reason: 503_MAIL_first_(#5.5.1)

06/18/2019 19:33:16 FROM REMOTE TO CHILD: 44 bytes TLS
RCPT TO:<nominati...@dxb.recepient.com>

06/18/2019 19:33:16 LOG OUTPUT TLS
DEBUG(find_username()@spamdyke.c:127): searching for username between positions 9 and 
40: RCPT TO:<nominati...@dxb.recepient.com>
DEBUG(find_domain()@spamdyke.c:361): searching for domain between positions 20 and 
40: RCPT TO:<nominati...@dxb.recepient.com>
DEBUG(find_address()@spamdyke.c:726): found username: nominations
DEBUG(find_address()@spamdyke.c:743): found domain: dxb.RECEPIENT.com
DEBUG(find_cdb_record()@cdb.c:138): searching CDB file 
/var/qmail/control/morercpthosts.cdb for 20 byte key = dxb.RECEPIENT.com, hash 
= 3655419700, main index = 52, num_slots = 2, slot_num = 1

06/18/2019 19:33:16 LOG OUTPUT TLS
FILTER_OTHER response: "503 MAIL first (#5.5.1)"

06/18/2019 19:33:16 FROM CHILD TO REMOTE: 25 bytes TLS
503 MAIL first (#5.5.1)

06/18/2019 19:33:16 LOG OUTPUT TLS
DENIED_OTHER from: rethish.n...@sender.com to: nominati...@dxb.recepient.com 
origin_ip: 40.107.69.126 origin_rdns: 
mail-eopbgr690126.outbound.protection.outlook.com auth: (unknown) encryption: 
TLS reason: 503_MAIL_first_(#5.5.1)

06/18/2019 19:33:16 FROM REMOTE TO CHILD: 6 bytes TLS
QUIT

06/18/2019 19:33:16 LOG OUTPUT TLS
ERROR(tls_write()@tls.c:678): unable to write to SSL/TLS stream: The operation 
failed due to an I/O error, Connection reset by peer
ERROR(output_writeln()@log.c:104): unable to write 27 bytes to file descriptor 
1: Connection reset by peer

06/18/2019 19:33:16 FROM CHILD TO REMOTE: 27 bytes TLS
221 ns1.HOSTNAME.com

06/18/2019 19:33:16 LOG OUTPUT TLS
ERROR(tls_read()@tls.c:620): unable to read from SSL/TLS stream: The operation 
failed due to an I/O error, Unexpected EOF found

06/18/2019 19:33:16 - TLS ended and closed

06/18/2019 19:33:16 CLOSED



---------------------------------------------------------------------
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com



---------------------------------------------------------------------
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] TLS reason: 503_MAIL_first_(#5.5.1)

Reply via email to