After add recordio i see this:
spamdyke[10495]: DENIED_OTHER from: pl.efakt...@dhl.com to:
xx...@xxxxxx.pl origin_ip: 85.90.252.62 origin_rdns:
dhl-app-der.accountis.net auth: (unknown) encryption: TLS reason:
503_MAIL_first_(#5.5.1)
*From:*Eric Broch [mailto:ebr...@whitehorsetc.com]
*Sent:* Friday, November 04, 2016 9:15 PM
*To:* qmailtoaster-list@qmailtoaster.com
*Subject:* Re: [qmailtoaster] Qmail reject email from several domain
Reason TIMEOUT
Sorry
recordio...
#!/bin/sh
QMAILDUID=`id -u vpopmail`
NOFILESGID=`id -g vpopmail`
MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`
SPAMDYKE="/usr/bin/spamdyke"
SPAMDYKE_CONF="/etc/spamdyke/spamdyke.conf"
SMTPD="/var/qmail/bin/qmail-smtpd"
TCP_CDB="/etc/tcprules.d/tcp.smtp.cdb"
HOSTNAME=`hostname`
VCHKPW="/home/vpopmail/bin/vchkpw"
REQUIRE_AUTH=0
exec /usr/bin/softlimit -m 64000000 \
/usr/bin/tcpserver -v -R -H -l $HOSTNAME -x $TCP_CDB -c "$MAXSMTPD" \
-u "$QMAILDUID" -g "$NOFILESGID" 0 smtp \
/usr/bin/recordio \
$SPAMDYKE --config-file $SPAMDYKE_CONF \
$SMTPD $VCHKPW /bin/true 2>&1
On 11/4/2016 2:12 PM, Eric Broch wrote:
Try using recordio
#!/bin/sh
QMAILDUID=`id -u vpopmail`
NOFILESGID=`id -g vpopmail`
MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`
SPAMDYKE="/usr/bin/spamdyke"
SPAMDYKE_CONF="/etc/spamdyke/spamdyke.conf"
SMTPD="/var/qmail/bin/qmail-smtpd"
TCP_CDB="/etc/tcprules.d/tcp.smtp.cdb"
HOSTNAME=`hostname`
VCHKPW="/home/vpopmail/bin/vchkpw"
REQUIRE_AUTH=0
exec /usr/bin/softlimit -m 64000000 \
/usr/bin/tcpserver -v -R -H -l $HOSTNAME -x $TCP_CDB -c
"$MAXSMTPD" \
-u "$QMAILDUID" -g "$NOFILESGID" 0 smtp \
$SPAMDYKE --config-file $SPAMDYKE_CONF \
$SMTPD $VCHKPW /bin/true 2>&1
On 11/4/2016 12:59 PM, ma...@demod.pl <mailto:ma...@demod.pl> wrote:
Look, The sender get a reject message:
> Diagnostic information for administrators:
>
> Generating server: mailgw02.man-mit.com
>
>zamowie...@xxxxx.pl <mailto:zamowie...@xxxxx.pl>
> [77.253.207.97] #<[77.253.207.97] #5.0.0 smtp; 5.x.1 - Maximum number
> of delivery attempts exceeded. [Default] 421-'Timeout. Talk faster
> next time.' (delivery attempts: 100)> #SMTP#
>
> Original message headers:
>
> X-IronPort-AV: E=Sophos;i="5.31,476,1473112800";
> d="pdf'?scan'208";a="48824816"
> Received: from unknown (HELO openrelay.mn-man.biz) ([10.7.81.87]) by
> mailgw02.man-mit.com with ESMTP/TLS/RC4-SHA; 11 Oct 2016 12:12:20
> +0200
> X-IronPort-AV: E=Sophos;i="5.31,476,1473112800";
> d="pdf'?scan'208";a="35414355"
> Received: from mndemucpc035934.mn-man.biz (HELO
> mndemuchub003.mn-man.biz)
> ([10.128.60.217]) by openrelay.mn-man.biz with ESMTP; 11 Oct 2016
> 12:12:29
> +0200
> Received: from MNPLSTWAP001 ([10.131.126.157]) by
> ppmail01.man.com.pl (Lotus Domino Release 6.5.4) with ESMTP
> id 2016101112122306-44564 ;
> Tue, 11 Oct 2016 12:12:23 +0200
> From: MAN POZNAN<einkaufpo...@man.eu> <mailto:einkaufpo...@man.eu>
> To:"zamowie...@xxxxx.pl" <mailto:zamowie...@xxxxx.pl>
<zamowie...@xxxxx.pl> <mailto:zamowie...@xxxxx.pl>
> Subject: =?UTF-8?Q?Zam=C3=B3wienie_automatyczne_/_Autob?=
> =?UTF-8?Q?estellung_6510/16/AF,_2016-10-11?=
> CC:"e9...@man.eu" <mailto:e9...@man.eu> <e9...@man.eu>
<mailto:e9...@man.eu>, "einkaufpo...@man.eu"
<mailto:einkaufpo...@man.eu>
><einkaufpo...@man.eu> <mailto:einkaufpo...@man.eu>
> MIME-Version: 1.0
> Message-ID:<113081937.1476180745336.javamail.webxl_nore...@man.eu>
<mailto:113081937.1476180745336.javamail.webxl_nore...@man.eu>
> Date: Tue, 11 Oct 2016 12:12:25 +0200
> X-MIMETrack: Itemize by SMTP Server on
> ppmail01/POZNAN/MAN_POLSKA/MAN_BUSPL(Release
> 6.5.4|March 27, 2005) at 2016-10-11 12:12:23,
> Serialize by Router on
> MNDEMUCHUB003/SRV/MAN_Nutzfahrzeuge(Release 7.0.2FP3|December
13,
> 2007) at 11.10.2016 12:12:28
> Content-Type: text/plain
>
>
But I see in my log this:
2016-10-11 17:16:52.411561500 spamdyke[16443]: TIMEOUT from:
einkaufpo...@man.eu <mailto:einkaufpo...@man.eu> to: (unknown)
origin_ip: 151.136.108.88 origin_rdns: wgate1.mn.man.de auth:
(unknown) encryption: TLS reason: TIMEOUT
2016-10-11 17:18:05.060074500 spamdyke[16467]: TIMEOUT from:
einkaufpo...@man.eu <mailto:einkaufpo...@man.eu> to: (unknown)
origin_ip: 151.136.108.88 origin_rdns: mail1.man.de auth:
(unknown) encryption: TLS reason: TIMEOUT
from: einkaufpo...@man.eu <mailto:einkaufpo...@man.eu> to:
(unknown) not: from: einkaufpo...@man.eu
<mailto:einkaufpo...@man.eu> to: zamowie...@xxxxx.pl
<mailto:zamowie...@xxxxx.pl>
where find reason?
*From:*Eric Broch [mailto:ebr...@whitehorsetc.com]
*Sent:* Friday, November 04, 2016 7:26 PM
*To:* qmailtoaster-list@qmailtoaster.com
<mailto:qmailtoaster-list@qmailtoaster.com>
*Subject:* RE: [qmailtoaster] Qmail reject email from several
domain Reason TIMEOUT
It looks like the email is going to no one, you could check in
the send log at the same time, but I doubt any delivery is
being made. It might be being rejected at 'policy.' It should
be followed up with delivery. Below is what a complete smtp
transaction looks like:
<trans>
@40000000581ccab11323ecdc tcpserver: status: 0/100
@40000000581ccaef1914fb7c tcpserver: status: 1/100
@40000000581ccaef192f0f44 tcpserver: pid 1542 from xxx.xxx.xxx.xxx
@40000000581ccaef1931f574 tcpserver: ok 1542
host.mydomain.tld:yyy.yyy.yyy.yyy:25 :xxx.xxx.xxx.xxx::46233
@40000000581ccaf410b6483c CHKUSER accepted sender: from
<sen...@remotedomain.tld::> <mailto:sen...@remotedomain.tld::>
remote <sender-server.remote.ip.net:unknown:xxx.xxx.xxx.xxx>
rcpt <> : sender accepted
@40000000581ccaf425ea9c94 CHKUSER accepted rcpt: from
<sen...@remotedomain.tld::> <mailto:sen...@remotedomain.tld::>
remote <sender-server.remote.ip.net:unknown:xxx.xxx.xxx.xxx>
rcpt <recipi...@localdomain.tld>
<mailto:recipi...@localdomain.tld> : found existing recipient
@40000000581ccaf426022bd4 policy_check: remote
sen...@remotedomain.tld <mailto:sen...@remotedomain.tld> ->
local recipi...@localdomain.tld
<mailto:recipi...@localdomain.tld> (UNAUTHENTICATED SENDER)
@40000000581ccaf42603606c policy_check: policy allows transmission
@40000000581ccaf61fa1ffe4 simscan:[1543]:CLEAN
(-95.70/12.00):1.2711s:This is the subject of the email being
sent....:xxx.xxx.xxx.xxx:sen...@remotedomain.tld:recipi...@localdomain.tld
<mailto:sent....:xxx.xxx.xxx.xxx:sen...@remotedomain.tld:recipi...@localdomain.tld>
@40000000581ccb32260f6e5c tcpserver: end 1542 status 0
@40000000581ccb32260f762c tcpserver: status: 0/100
</trans>
Spamdyke may just being doing what it's supposed to do.
Eric
On 11/4/2016 11:53 AM, ma...@demod.pl <mailto:ma...@demod.pl>
wrote:
Yes, exacly This occurs only on several big corporate
domain like dhl.com man.eu ergohestia.pl. Most mail
recived ok. And servers works ok. Error occurs only
several domain now I see another domain dupont.com L
After remove spamdyke from the ‘run’ script i can’t
observe TIMEOUT in log.
I see this:
@40000000581cbb402ac7417c CHKUSER accepted sender: from
<pl.no.re...@dhl.com::> <mailto:pl.no.re...@dhl.com::>
remote <gateway1g.dhl.com:unknown:165.72.200.97> rcpt <> :
sender accepted
@40000000581cbb451fa7b4d4 tcpserver: status: 5/100
@40000000581cbb451faa73f4 tcpserver: pid 26568 from
85.90.252.62
@40000000581cbb451fabdf3c tcpserver: ok 26568
mail.xxxxxxxx.pl:192.168.0.95:25 :85.90.252.62::29680
@40000000581cbb4538a2023c CHKUSER accepted sender: from
<pl.efakt...@dhl.com::> <mailto:pl.efakt...@dhl.com::>
remote <dhl-mail-a-1.accountis.net:unknown:85.90.252.62>
rcpt <> : sender accepted
@40000000581cbb53234b5104 tcpserver: end 26418 status 256
@40000000581cbb53234bd1ec tcpserver: status: 4/100
@40000000581cbb540626f95c tcpserver: status: 5/100
@40000000581cbb5406298d84 tcpserver: pid 26573 from
186.85.86.180
@40000000581cbb54062ae15c tcpserver: ok 26573
mail.xxxxxxx.pl:192.168.0.95:25 :186.85.86.180::46388
I don’t know where to find this mail? to whom it is addressed?
*From:*Eric Broch [mailto:ebr...@whitehorsetc.com]
*Sent:* Friday, November 04, 2016 6:10 PM
*To:* qmailtoaster-list@qmailtoaster.com
<mailto:qmailtoaster-list@qmailtoaster.com>
*Subject:* Re: [qmailtoaster] Qmail reject email from
several domain Reason TIMEOUT
From your first email you stated that, "This occurs only
on several big corporate domain like dhl.com man.eu
ergohestia.pl"
Obviously you are receiving at least some mail, correct?
So, whatever the cause of this problem, spamdyke or
otherwise, barring the corporate domains, in many cases
your email server is working correctly, right?
Maybe the other server ARE actually taking more time than
they should. This is all that I was saying.
Can you remove spamdyke from the 'run' script as I
suggested and give that a try?
Eric
On 11/4/2016 11:00 AM, ma...@demod.pl
<mailto:ma...@demod.pl> wrote:
I know, because that emails never come. After long
time sender get a return message sorry TIMEOUT L
*From:*Eric Broch [mailto:ebr...@whitehorsetc.com]
*Sent:* Friday, November 04, 2016 5:41 PM
*To:* qmailtoaster-list@qmailtoaster.com
<mailto:qmailtoaster-list@qmailtoaster.com>
*Subject:* Re: [qmailtoaster] Qmail reject email from
several domain Reason TIMEOUT
What I meant was this: could it be that spamdyke is
actually doing what it is supposed to do. Is spamdyke
timing out a connection when it takes to long and
allowing connections when the connection is within the
time limit?
In other words, how do you know its not working properly?
On 11/4/2016 10:27 AM, ma...@demod.pl
<mailto:ma...@demod.pl> wrote:
what are you mean?
*From:*Eric Broch [mailto:ebr...@whitehorsetc.com]
*Sent:* Friday, November 04, 2016 5:22 PM
*To:* qmailtoaster-list@qmailtoaster.com
<mailto:qmailtoaster-list@qmailtoaster.com>
*Subject:* Re: [qmailtoaster] Qmail reject email
from several domain Reason TIMEOUT
Could it be that the TIMEOUT is legitimate?
On 11/4/2016 10:17 AM, ma...@demod.pl
<mailto:ma...@demod.pl> wrote:
Sadly TIMEOUT still occurs L
I add timeouted domain to whitelist _senders.
And still TIMEOUT.
Bellow my spamdyke.conf file:
################################################################################
# TIMEOUTS
################################################################################
# Close the connection after SECS seconds,
regardless of activity. A value of
# 0 disables this feature.
# Default: 0
connection-timeout-secs=360
# Close the connection after SECS seconds of
inactivity. A value of 0 disables
# this feature.
# Default: 0
idle-timeout-secs=360
#dns-blacklist-entry=zombie.dnsbl.sorbs.net
#dns-blacklist-entry=dul.dnsbl.sorbs.net
#dns-blacklist-entry=bogons.cymru.com
dns-blacklist-entry=zen.spamhaus.org
dns-blacklist-entry=bl.spamcop.net
graylist-dir=/var/spamdyke/graylist
graylist-level=always
graylist-max-secs=2678400
graylist-min-secs=180
greeting-delay-secs=6
header-blacklist-entry=From:*>,*<*
idle-timeout-secs=60
ip-blacklist-file=/etc/spamdyke/blacklist_ip
ip-in-rdns-keyword-blacklist-file=/etc/spamdyke/blacklist_keywords
ip-in-rdns-keyword-whitelist-file=/etc/spamdyke/whitelist_keywords
ip-whitelist-file=/etc/spamdyke/whitelist_ip
########local-domains-file=/var/qmail/control/rcpthosts
qmail-rcpthosts-file=/var/qmail/control/rcpthosts
qmail-morercpthosts-cdb
log-level=info
#log-level=excessive
log-target=stderr
max-recipients=50
#policy-url=http://my.policy.explanation.url/
rdns-blacklist-file=/etc/spamdyke/blacklist_rdns
rdns-whitelist-file=/etc/spamdyke/whitelist_rdns
recipient-blacklist-file=/etc/spamdyke/blacklist_recipients
recipient-whitelist-file=/etc/spamdyke/whitelist_recipients
reject-empty-rdns
#reject-ip-in-cc-rdns
#################reject-missing-sender-mx
reject-sender=no-mx
reject-unresolvable-rdns
rejection-text-sender-no-mx
reject-recipient=same-as-sender
rejection-text-recipient-same-as-sender
sender-blacklist-file=/etc/spamdyke/blacklist_senders
sender-whitelist-file=/etc/spamdyke/whitelist_senders
tls-certificate-file=/var/qmail/control/servercert.pem
tls-privatekey-file=/var/qmail/control/servercert.key
tls-level=SMTP
*From:*Eric Broch
[mailto:ebr...@whitehorsetc.com]
*Sent:* Friday, November 04, 2016 4:31 PM
*To:* qmailtoaster-list@qmailtoaster.com
<mailto:qmailtoaster-list@qmailtoaster.com>
*Subject:* Re: [qmailtoaster] Qmail reject
email from several domain Reason TIMEOUT
Settings change between spamdyke 4 and 5
I have a script (fixsd.sh):
<fixsd.sh>
#!/bin/sh
sed -i \
-e
's/reject-missing-sender-mx/reject-sender=no-mx/g'
\
-e
's/rejection-text-missing-sender-mx/rejection-text-sender-no-mx/g'
\
-e
's/reject-identical-sender-recipient/reject-recipient=same-as-sender/g'
\
-e
's/rejection-text-identical-sender-recipient/rejection-text-recipient-same-as-sender/g'
\
-e
's/local-domains-file/qmail-rcpthosts-file/g' \
-e
's/local-domains-entry=/#local-domains-entry=(Add
these entries to qmail-rcpthosts-file)/g' \
-e 's/morercpthosts/qmail-morercpthosts-cdb/'g
/etc/spamdyke/spamdyke.conf
</fixsd.sh>
If this doesn't work, can you refert to
spamdyke 4 and let us know if that works?
Eric
On 11/4/2016 9:09 AM, ma...@demod.pl
<mailto:ma...@demod.pl> wrote:
I upgrade spamdyke to version 5.0.1 and
nothing change. L
I expand to:
'idle-timeout-sec=360'
And still TIMEOUT
*From:*Eric Broch
[mailto:ebr...@whitehorsetc.com]
*Sent:* Friday, November 04, 2016 2:17 PM
*To:* qmailtoaster-list@qmailtoaster.com
<mailto:qmailtoaster-list@qmailtoaster.com>
*Subject:* Re: [qmailtoaster] Qmail reject
email from several domain Reason TIMEOUT
It looks to me like it's spamdyke causing
the problem. It's certainly what the log
suggests. What is your 'idle-timeout'
setting in /etc/spamdyke/spamdyke.conf
On 11/4/2016 4:31 AM, ma...@demod.pl
<mailto:ma...@demod.pl> wrote:
Hi,
From some time i have a problem with
my qmail server. From some time the
server reject mail from several domain
REASON TIMEOUT. I don’t know why. This
occurs only on several big corporate
domain like dhl.com man.eu
ergohestia.pl. First i suspect
spamdyke. But i check it. Enter white
list etc. Ask on spamdyke forum and
final look at the spamdyke don’t block
anything.
The excessive log file show only:
“talk faster next time”
A part of log bellow:
@40000000581c48af3996f15c tcpserver:
status: 2/100
@40000000581c48d908f1b21c
spamdyke[4387]:
EXCESSIVE(middleman()@spamdyke.c:1965):
child output file descriptor 5 closed
@40000000581c48d908f1bdd4
spamdyke[4387]:
EXCESSIVE(output_writeln()@log.c:102):
wrote 37 bytes to network file
descriptor 1, buffer contained 37
bytes: 421 Timeout. Talk faster next
@40000000581c48d908f1c5a4
spamdyke[4387]: TIMEOUT from:
len...@lendon.pl
<mailto:len...@lendon.pl> to:
(unknown) origin_ip: 89.38.150.213
origin_rdns:
host213-150-38-89.static.arubacloud.fr
auth: (unknown) encryption: (none)
reason: TIMEOUT
@40000000581c48d908f21b94
spamdyke[4387]:
DEBUG(find_username()@spamdyke.c:127):
searching for username between
positions 9 and 35: RCPT
TO:<marekm@*****.com.pl
<mailto:marekm@*****.com.pl>>
@40000000581c48d908f22364 DATA
@40000000581c48d908f2274c
@40000000581c48d908f22b34
spamdyke[4387]:
EXCESSIVE(find_username()@spamdyke.c:309):
found username in address: marekm
@40000000581c48d908f24a74
spamdyke[4387]:
DEBUG(find_domain()@spamdyke.c:361):
searching for domain between positions
15 and 35: RCPT
TO:<marekm@*****.com.pl
<mailto:marekm@*****.com.pl>>
@40000000581c48d908f25244 DATA
@40000000581c48d908f25244
@40000000581c48d908f2562c
spamdyke[4387]:
EXCESSIVE(find_domain()@spamdyke.c:529):
found domain in address: *****.com.pl
@40000000581c48d908f25dfc
spamdyke[4387]:
DEBUG(find_address()@spamdyke.c:726):
found username: marekm
@40000000581c48d908f27954
spamdyke[4387]:
DEBUG(find_address()@spamdyke.c:743):
found domain: *****.com.pl
@40000000581c48d908f2b3ec
spamdyke[4387]:
DEBUG(filter_recipient_whitelist()@filter.c:2332):
searching recipient whitelist(s);
recipient: marekm@*****.com.pl
<mailto:marekm@*****.com.pl>
@40000000581c48d908f2b7d4
spamdyke[4387]:
EXCESSIVE(output_writeln()@log.c:102):
wrote 37 bytes to network file
descriptor 1, buffer contained 37
bytes: 421 Timeout. Talk faster next
@40000000581c48d908f2bfa4
spamdyke[4387]: TIMEOUT from:
len...@lendon.pl
<mailto:len...@lendon.pl> to:
marekm@*****.com.pl
<mailto:marekm@*****.com.pl>
origin_ip: 89.38.150.213 origin_rdns:
host213-150-38-89.static.arubacloud.fr
auth: (unknown) encryption: (none)
reason: (empty)
@40000000581c48d908f2dee4
spamdyke[4387]:
EXCESSIVE(output_writeln()@log.c:102):
wrote 37 bytes to network file
descriptor 1, buffer contained 37
bytes: 421 Timeout. Talk faster next
@40000000581c48e231636ccc
spamdyke[4293]:
EXCESSIVE(middleman()@spamdyke.c:2097):
read 33 bytes from child input file
descriptor 6, buffer contains 33
bytes, current position is 0: 451 SPF
lookup failure (#4.3.0
@40000000581c48e231637884
spamdyke[4293]:
EXCESSIVE(middleman()@spamdyke.c:2107):
child input file descriptor 6
indicates EOF, buffer contains 0
bytes, current position is 0
@40000000581c48e231638054
spamdyke[4293]:
EXCESSIVE(middleman()@spamdyke.c:2108):
child input file descriptor 6 closed
@40000000581c48e231638824
spamdyke[4293]:
EXCESSIVE(middleman()@spamdyke.c:2989):
child process exited normally with
return value 1
Any help will be appreciated
Marek
