https://bugs.exim.org/show_bug.cgi?id=2431
Bug ID: 2431 Summary: ACL smtp timeout related to callout (similar to 2174) Product: Exim Version: 4.92 Hardware: x86 URL: https://bugs.debian.org/934761 OS: Linux Status: NEW Severity: bug Priority: medium Component: ACLs Assignee: jgh146...@wizmail.org Reporter: eximus...@bebt.de CC: exim-dev@exim.org Hello, this was reported against Debian's 4.92-8+deb10u1 which is essentially 4.92.1 + some patches from the fixes branch and 0a5441fcd93ae4145c07b3ed138dfe0e107174e0 ("Fix smtp response timeout") from master branch: https://salsa.debian.org/exim-team/exim4/tree/10_buster/debian/patches Martin Duspiva <martin.dusp...@aira.cz> wrote: --------------------------------------------- Dear Maintainer, I think that the bug #887489, which is already archived, is still persist. I have Debin 9 with backported Exim4 ( 4.92-8+deb10u1~bpo9+1 ) and the callout funciton in rcpt acl has as the same bad behavior as described in bug #887489. My acl rule in acl_smtp_rcpt : accept hosts = +relay_from_hosts !verify = recipient/defer_ok/callout=30s,defer_ok,use_sender ratelimit = NONEX_LIM / NONEX_PERIOD / per_rcpt / relayuser-$acl_m_user continue = ${run{SHELL -c "echo $acl_m_user \ >>$spool_directory/blocked_relay_users; \ \N{\N echo Subject: relay user $acl_m_user blocked; echo; echo \ because has sent mail to NONEX_LIM invalid recipients during NONEX_PERIOD.; \ \N}\N | NONEX_EXIMBINARY NONEX_WARNTO"}} control = freeze/no_tell control = submission/domain= add_header = X-Relayed-From: $acl_m_user And relay hosts sometimes get te following 421 error when sending email: "SMTP command timeout on TLS connection from of.aira.cz (remote.aira.cz) [84.242.100.166]" This is in Exim's debug log: 5272 tls_write(0x5639a0cfa550, 14) 5272 gnutls_record_send(SSL, 0x5639a0cfa550, 14) 5272 outbytes=14 5272 DSN: orcpt: NULL flags: 0 5272 Calling gnutls_record_recv(0x5639a0d8d410, 0x5639a11560e0, 4096) 5272 GnuTLS<3>: ASSERT: buffers.c[_gnutls_io_read_buffered]:587 5272 GnuTLS<3>: ASSERT: record.c[_gnutls_recv_int]:1473 5272 LOG: lost_incoming_connection MAIN 5272 SMTP command timeout on TLS connection from of.aira.cz (remote.aira.cz) [84.242.100.166] 5272 SMTP>> 421 holub.aira.cz: SMTP command timeout - closing connection The acl works well with comment out "callout" line. exim4: 2) Callout timeout in recipient verify can result in the lost of the TLS incoming connexion --------------------------------------------- -- You are receiving this mail because: You are on the CC list for the bug. -- ## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##