Le 22/12/2010 19:38, Joseph Conrad a écrit :
Server:
Centos-5.5
postfix-2.3.3-2.1.centos.mysql_pgsql
See server log below.
Client:
MS Windows XP 2002 sp3
avast-5.0.545
behind a NAT router 66.6.120.250
with avast mail scanner on:
C:\telnet smtp 25
421
Connection to host lost
C:\
with avast mail scanner off I get the normal:
C:\telnet smtp 25
Trying 66.36.120.9...
Connected to smtp.rockymountains.net (66.36.120.9).
Escape character is '^]'.
220 smtp.rockymountains.net ESMTP Postfix
[smtp log]# tail -f maillog | grep 66.36.120.250
Dec 22 11:15:36 smtp postfix/smtpd[8084]: connect from
mcw-office.rockymountains.net[66.36.120.250]
Dec 22 11:15:36 smtp postfix/smtpd[8084]: match_hostaddr: 66.36.120.250 ~?
66.36.112.0/20
Dec 22 11:15:36 smtp postfix/smtpd[8084]:>
mcw-office.rockymountains.net[66.36.120.250]: 220 smtp.rockymountains.net
ESMTP Postfix
Dec 22 11:15:36 smtp postfix/smtpd[8084]:<
mcw-office.rockymountains.net[66.36.120.250]: EHLO Kitten
Dec 22 11:15:36 smtp postfix/smtpd[8084]:>
mcw-office.rockymountains.net[66.36.120.250]: 250-smtp.rockymountains.net
Dec 22 11:15:36 smtp postfix/smtpd[8084]:>
mcw-office.rockymountains.net[66.36.120.250]: 250-PIPELINING
Dec 22 11:15:36 smtp postfix/smtpd[8084]:>
mcw-office.rockymountains.net[66.36.120.250]: 250-SIZE 10240000
Dec 22 11:15:36 smtp postfix/smtpd[8084]:>
mcw-office.rockymountains.net[66.36.120.250]: 250-VRFY
Dec 22 11:15:36 smtp postfix/smtpd[8084]:>
mcw-office.rockymountains.net[66.36.120.250]: 250-ETRN
Dec 22 11:15:36 smtp postfix/smtpd[8084]:>
mcw-office.rockymountains.net[66.36.120.250]: 250-AUTH PLAIN
Dec 22 11:15:36 smtp postfix/smtpd[8084]: match_list_match: 66.36.120.250:
no match
Dec 22 11:15:36 smtp postfix/smtpd[8084]:>
mcw-office.rockymountains.net[66.36.120.250]: 250-AUTH=PLAIN
Dec 22 11:15:36 smtp postfix/smtpd[8084]:>
mcw-office.rockymountains.net[66.36.120.250]: 250-ENHANCEDSTATUSCODES
Dec 22 11:15:36 smtp postfix/smtpd[8084]:>
mcw-office.rockymountains.net[66.36.120.250]: 250-8BITMIME
Dec 22 11:15:36 smtp postfix/smtpd[8084]:>
mcw-office.rockymountains.net[66.36.120.250]: 250 DSN
Dec 22 11:15:36 smtp postfix/smtpd[8084]: match_hostaddr: 66.36.120.250 ~?
66.36.112.0/20
Dec 22 11:15:36 smtp postfix/smtpd[8084]: lost connection after EHLO from
mcw-office.rockymountains.net[66.36.120.250]
Dec 22 11:15:36 smtp postfix/smtpd[8084]: disconnect from
mcw-office.rockymountains.net[66.36.120.250]
I didn't send the EHLO command or anything of the other commands, I only
did the "telnet smtp 25" command at the command prompt. Apparently avast
sends those commands.
you should send them as well (mail programs will do)... but that's not
the problem.
Try sending with a real MUA (thunderbird, outlook) instead of using
telnet and send the logs as you did for telnet. this is just to make
sure avast is not detecting the use of the telnet binary/command.
many people use avast without problems. so this is certainly a
configuration issue.
<unrelated>
note that it is best to configure mailers to use the submission port
with STARTTLS and SASL (AUTH) and configure the AV to "skip" such
traffic. the AV would detect viruses when they enter the system and
ignore flow when submitting mail, in which case, the AV on the postfix
(clamav for example) will do the rest.
</unrelated>
I have used postfix for many years as the main server for a small town ISP
(about 2000 email accounts) and had to replace an old server with this
newer one. Many of my customers use avast/windows and can't send.
Any ideas what avast does to trigger the (I assume) concurrency limit?
Or better yet, what I can do to get it to stop?
Maybe point me to a thread?
My apologies in advance, if in my searches I somehow missed the thread
that has already dealt with this.
Joseph Conrad
Mountain Computer Wizards, Inc.
Buena Vista, Colorado
