Hello, It's some time that I'm having problems of timeouts on Postfix only with
specific destinations, on Solaris 10 boxes running ipfilter.
After investigating a lot, I found that if I completely stop the ipfilter
service (or just feed it with an empty configuration file), the Postifx queue
runs smoothly and sends those mails defferred for timeouts.
The machine running postfix has a public IP on his outgoing ethernet, with a
general outgoing rule like:
pass out quick on e1000g0 from {public-ip}/32 to any keep state
and some incoming rules like:
pass in quick on e1000g0 proto tcp from any to {public-ip}/32 port = 22 keep
state
pass in quick on e1000g0 proto tcp from any to
{public-ip}
/32 port = 25 keep state
pass in quick on e1000g0 proto tcp from any to
{public-ip}
/32 port = 53 keep state
pass in quick on e1000g0 proto tcp from any to
{public-ip}
/32 port = 80 keep state
everything else is blocked (there are obviously much more rules to secure the
machine).
These configurations worked fine for many years, and it started to have some
timout problems
only with some destination MTA (e.g. mail.register.it).
What may be confusing the transmission?
Timeouts usually occurs during mail body transfer (DATA chunk), or at the end
of this.
Thanx a lot for any help.
Gabriele.
Gabriele Bulfon - Sonicle S.r.l.
Tel +39 028246016 Int. 30 - Fax +39 028243880
Via Felice Cavallotti 16 - 20089, Rozzano - Milano - ITALY
http://www.sonicle.com
