On Sun, Feb 20, 2011 at 02:05:34PM +0100, Matthias Egger wrote:
> Background:
>
> After getting complaints about mails which could not be delieverd
> to us i checked the logfiles and found nothing. By nothing i really
> mean nothing. Postfix did not even log a "connect from".
This is the problem you must first understand and resolve. Perhaps
your syslog needs to be restarted? You can't just delete an active
logfile. A syslogd typically keeps that file open and continues
writing logs to the deleted inode, if you did that.
> So i started to snoop on the network and found out that incoming
> mails from one of their server does (SYN), we (SYN, ACK) they
> (ACK) and then Postfix sends his "220 smtp..." stuff.
This would be logged. Your syslogd is broken.
> But when mails are coming from another server they (SYN), we
> (SYN, ACK), they (ACK) and then we again (SYN, ACK) (which after
> a few more (TCP Dup ACK) and (SYN, ACK) leads to a [RST, ACK]).
Likewise, this would be logged.
> As our server team has recently patched the solaris machine
> postfix is running on, this behaviour could be a bug releated
> to this patching.
>
> So my idea was to temporarely change the solaris postfix machine with
> my linux laptop, making sure it uses the same IP and MAC Address and
> some basically configured postfix, while using tcpdump to check if
> these connections behave like before.
>
> My Question:
> While i am snooping and waiting for connections from this
> particular server, other incoming mails should be rejected by this
> temporary postfix. But only in a "soft" reject manner. So is there
> a way to configure (or missconfigure?) postfix to tell every
> incoming attempt something like "Sorry, i have a temporary problem.
> Try to connect later".
Among other options, this would work:
http://www.postfix.org/postconf.5.html#soft_bounce
--
Offlist mail to this address is discarded unless
"/dev/rob0" or "not-spam" is in Subject: header
