Hi, Im back and im totaly confused L I install fresh centos 7 and new qmailtoaster.
And still cant recive mail from one corporate domain dupont.com I have no idea how to investigate this problem and found solution. I have no error in log file: @40000000584ac9df3318c9a4 tcpserver: status: 1/100 @40000000584ac9e4348c0c9c CHKUSER accepted sender: from <xxxxx...@dupont.com::> remote <NAM01-BN3-obe.outbound.protection.outlook.com:unknown:104.47.33.47> rcpt <> : sender accepted @40000000584ac9e61dd9133c tcpserver: status: 2/100 @40000000584ac9e61dda6ee4 tcpserver: pid 2635 from 161.18.233.186 @40000000584ac9e61ddceb9c tcpserver: ok 2635 mail.xxxxxxxx.pl:192.168.0.95:25 :161.18.233.186::63724 @40000000584ac9e902a97714 tcpserver: end 2635 status 0 [root@mail 1]# Any help will be appreciated Marek From: ma...@demod.pl [mailto:ma...@demod.pl] Sent: Wednesday, November 09, 2016 1:03 AM To: qmailtoaster-list@qmailtoaster.com Subject: RE: [qmailtoaster] Qmail reject email from several domain Reason TIMEOUT I have absolutly nothing in logs even use recordio This is a submission log when I try send test message from outlook. When I try send any message to other server the mail hang on sending folder and after several time show error: None of the authentication methods supported by this client are supported by your server. And nothing appear in log file (/var/log/qmail/smtp/current) From: ma...@demod.pl [mailto:ma...@demod.pl] Sent: Wednesday, November 09, 2016 12:25 AM To: qmailtoaster-list@qmailtoaster.com Subject: RE: [qmailtoaster] Qmail reject email from several domain Reason TIMEOUT I use Dovecot. in outlook smtp outgoing server use the same authentications setting is checked but i every variation of settings When I try send by squiremail I have error 502 unimplemented (#5.5.1) When I copy back old qmail-smtpd ever work fine but email from dupont.com is rejectet L From: Eric Broch [mailto:ebr...@whitehorsetc.com] Sent: Wednesday, November 09, 2016 12:15 AM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Qmail reject email from several domain Reason TIMEOUT Marek, What are the SMTP settings you are using in Outlook? Are you using Courier or Dovecot? Can you send from Squirrelmail? What logs are you checking, and have you looked in /var/log/maillog, and if using, Dovecot /var/log/dovecot.log? If after checking all of these logs and nothing is found add /usr/bin/recordio to /var/qmail/supervise/submission/run if you are using port 587 in Outlook. Eric On 11/8/2016 3:54 PM, ma...@demod.pl wrote: I dont have any error in logs. The error appear in outlook or other email client when I try send test mail. I think is the authentication reason. But I dont see any advice in logs L From: Eric Broch [mailto:ebr...@whitehorsetc.com] Sent: Tuesday, November 08, 2016 11:18 PM To: qmailtoaster-list@qmailtoaster.com Subject: [qmailtoaster] Re: ***SPAM***[ds] RE: [qmailtoaster] Qmail reject email from several domain Reason TIMEOUT In what log are you getting the error? On 11/8/2016 12:38 PM, ma...@demod.pl wrote: The TLS test on <https://www.checktls.com/> https://www.checktls.com/ works for me ok without error. Even on old qmail-smtpd with spamdyke. But I can recive emai from dupont.com only on patched qmail-smtpd. But on patched qmail-smtpd I cant send any mail. In outlook I have error . no authentication method is supported by the server. In log file I dont have any info even I run excessive log. What I do wrong L From: ma...@demod.pl [mailto:ma...@demod.pl] Sent: Tuesday, November 08, 2016 4:34 PM To: qmailtoaster-list@qmailtoaster.com Subject: RE: [qmailtoaster] Qmail reject email from several domain Reason TIMEOUT Forgive me if i lamer . i'am afraid i dont have knowledge enough I download netqmail 1.06 from qmail.org site. Just apply netqmail-1.05-tls-20060104.patch by patch < netqmail-1.05-tls-20060104.patch and compile by make. Next copy new compiled qmail-smtpd to may ./qmail/bin directory and restart qmailctl From: Eric Broch [mailto:ebr...@whitehorsetc.com] Sent: Tuesday, November 08, 2016 3:59 PM To: qmailtoaster-list@qmailtoaster <mailto:qmailtoaster-list@qmailtoaster.com> .com Subject: Re: [qmailtoaster] Qmail reject email from several domain Reason TIMEOUT Marek, I apologize for my ignorance of this (TLS) feature inherent in the Qmailtoaster package. In fact your setup should be able to negotiate a TLS connection if the client utilizes STARTTLS over the SMTP. I tested my own setup (stock qmailtoaster) here: (https://www.checktls.com/). And it seems to work, and I do have Spamdyke in place although it does not test complete delivery. "But I cant send mail from my server. no authentication method is supported by the server. when I try through the web I have message: 502 unimplemented (#5.5.1)" Are you using stock qmailtoaster setup? Eric On 11/7/2016 4:06 PM, ma...@demod.pl wrote: Thx a lot for you help When i compile and replace qmail-smtpd and qmail-remote, mails from dupont.com come without problem. But I cant send mail from my server. no authentication method is supported by the server. when I try through the web I have message: 502 unimplemented (#5.5.1) And another trouble. The log file smtp is very poor L I dont know why. I thing is some compilation option. when I copy old smtpd back. Log file is ok and can send mail but no recive from dupont.com From: Eric Broch [mailto:ebr...@whitehorsetc.com] Sent: Monday, November 07, 2016 11:09 PM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Qmail reject email from several domain Reason TIMEOUT Marek, OK, It seems that the older version of this patch (netqmail-1.06-tls-20160918.patch) is already implemented on the current Qmailtoaster package, but I'm not sure how to implement it or how to stop SPAMDYKE from blocking it. This is the version used now: http://inoa.net/qmail-tls/netqmail-1.05-tls-20060104.patch The claim in the qmailtoaster patch (qmailtoaster-1.3.2.patch), below, is that it has been used successfully since 1999. "This patch implements RFC 3207 (was RFC 2487) in qmail. This means you can get SSL or TLS encrypted and authenticated SMTP between the MTAs and from MUA to MTA. The code is considered experimental (but has worked for many since its first release on 1999-03-21)." If anyone has any information on this please chime in. Thanks Eric On 11/7/2016 12:10 PM, Eric Broch wrote: I think this (http://inoa.net/qmail-tls/) is the patch you're looking for. I'll check into it when I have a little time. Explanation of the patch @ http://www.memoryhole.net/qmail/#starttls : SSL (STARTTLS) SMTP transmits email unencrypted. Other than privacy concerns, this is not typically a problem. However, if you use SMTP AUTH, you are sending your username and password across the network in plain text (which is easy for a hacker or spammer to extract if they wanted to). The solution is to use encryption in SMTP in other words, make qmail support the STARTTLS ESMTP extension. Frederik Vermeulen wrote a patch to get it to work. It adds one minor step to the compilation of qmail: you must create a server certificate (run make cert before running make setup check). Also, you must create a cron job to rebuild the certs daily (because otherwise, over time, an attacker could figure out what they are). Commonly, when someone indicates that they want qmail to support SSL/STARTTLS they will be referred to a project like mailfront <http://untroubled.org/mailfront/> . While mailfront is a worthy project, it doesn't always solve the entire problem. Specifically, it doesn't enable qmail to use SSL for sending mail to other servers that support STARTTLS (this is a problem of privacy; but keep in mind that if the email is being relayed, it may be transmitted via an unencrypted communication later---if you're really worried, use PGP). This patch, however, does enable qmail to do that. (local copy <http://www.memoryhole.net/qmail/netqmail-1.05-tls-20060104.patch> ) (inoa.net <http://inoa.net/qmail-tls/> ) On 11/7/2016 9:45 AM, Eric Broch wrote: After further review are you looking for Secure Inbound Email (SMTP TLS)? On 11/7/2016 9:28 AM, Eric Broch wrote: Again, I ask, is there a reason that they (104.47.42.63) are using TLS to connect to port 25 and transfer email to your server (192.168.0.25) ???? : See "encryption: TLS" in your log (below). Again, why are they using TLS to connect to your server over port 25 for standard email transfer??? This is the problem and the reason for the error! Someone correct me if I'm missing something. If they (104.47.42.63) know the username and password of the recipient on your server (192.168.0.95) you can use authentication--qmail allows for this, but why would you do it that way? This is only for internal--your network--forwarding of messages to another server. You would not do it this way unless you were willing to give them individual account information and they were willing to set up rules. They would then forward to port 587. On 11/7/2016 7:09 AM, ma...@demod.pl wrote: Hi, This is my recordio log for rejecting session. Where is the problem? Is there any way to configure my server to allow this mail? Log bellow: 2016-11-07 12:09:28.629740500 16889 < þ}ínî¼Í4^D<89>-®¬<8a>Ì<96>!Éw^W|~6äÅ9¹^LS£<88><91>s·ï<8d>¤[Ý<9d>ë÷ÙPå^P<93>0 gÎ<90>zЯ®þseß^]Ê<9b><9f>3¢^_¶G^N<9d><90>^T<86>^T<9f>ýÂd5o<92>a4ÅøOêÛ<9d>¢pa QÁ[¿^CÍrzJø<8c>^Lcí^\ÅÂj-2=Bc"E^K^Oêk^W!¢µSk8^\w<<9e>^Cjú<85>Ì0ö&ѧ·ÍuMS^A^] Ý»üS^@¥<9c>+T'`]<82>lì<9e> 2016-11-07 14:50:34.334877500 tcpserver: pid 25891 from 104.47.42.63 2016-11-07 14:50:34.334965500 tcpserver: ok 25891 mail.xxxxx.pl:192.168.0.95:25 :104.47.42.63::36544 2016-11-07 14:50:41.242199500 25891 > 220 mail.xxxxx.pl - Welcome to Qmail Toaster Ver. 1.3 SMTP Server ESMTP^M 2016-11-07 14:50:41.672305500 25891 < EHLO NAM03-BY2-obe.outbound.protection.outlook.com^M 2016-11-07 14:50:41.672451500 25891 > 250-mail.xxxxx.pl - Welcome to Qmail Toaster Ver. 1.3 SMTP Server^M 2016-11-07 14:50:41.672453500 25891 > 250-STARTTLS^M 2016-11-07 14:50:41.672454500 25891 > 250-PIPELINING^M 2016-11-07 14:50:41.672455500 25891 > 250-8BITMIME^M 2016-11-07 14:50:41.672469500 25891 > 250-SIZE 30971520^M 2016-11-07 14:50:41.672470500 25891 > 250 AUTH LOGIN PLAIN CRAM-MD5^M 2016-11-07 14:50:42.124968500 25891 < STARTTLS^M 2016-11-07 14:50:42.125148500 25891 > 220 Proceed.^M 2016-11-07 14:50:42.592265500 25891 < ^V^C^C^@t^A^@^@p^C^CX <86>²ëx»å<94>ö»6<84>FÊ×pìTi<9c><9f><8e>ÅÅ>d`ù^XoÉ^@^@^RÀ(À'À^TÀ^S^@=^@<^@5^@ /^@ 2016-11-07 14:50:42.592267500 25891 < ^A^@^@5^@ 2016-11-07 14:50:42.592280500 25891 < ^@^F^@^D^@^X^@^W^@^K^@^B^A^@^@^M^@^T^@^R^F^A^F^C^D^A^E^A^B^A^D^C^E^C^B^C^B^B ^@#^@^@^@^W^@^@ÿ^A^@^A^@+ 2016-11-07 14:50:42.625785500 25891 > ^V^C^A^@Q^B^@^@M^C^AX <86>²^ZÞòM/Ñ×Ó<92>^?áÿUÍ?x^NÐ?;goc<8a>>LåÆ ^A|- ó^[^@+(^])ÖÄg%ê<81>Ey^S¤d^Vª<83>8¤´iÐÚ<90>^@5^@^@^Eÿ^A^@^A^@^V^C^A^B<91>^K^@ ^B<8d>^@^B<8a>^@^B<87>0<82>^B<83>0<82>^Aì^B ^@Ây¼ì:^T<9b>ô0^M^F *<86>H<86>÷^M^A^A^E^E^@0<81><85>1^K0 ^F^CU^D^F^S^BPL1^R0^P^F^CU^D^H^S Pomorskie1^O0^M^F^CU^D^G^S^FGdynia1^M0^K^F^CU^D 2016-11-07 14:50:42.625787500 25891 > ^S^DDEMO1^K0 ^F^CU^D^K^S^BIT1^V0^T^F^CU^D^C^S^Mmail.xxxxx.pl1^]0^[^F *<86>H<86>÷^M^A ^A^V+ 2016-11-07 14:50:42.625816500 25891 > ^Nmarek@xxxxx.pl0^^^W^M161012175446Z^W^M171012175446Z0 <mailto:%5eNmarek@xxxxx.pl0%5e%5e%5eW%5eM161012175446Z%5eW%5eM171012175446Z0 %3c81%3e%3c85%3e1%5eK0> <81><85>1^K0 ^F^CU^D^F^S^BPL1^R0^P^F^CU^D^H^S Pomorskie1^O0^M^F^CU^D^G^S^FGdynia1^M0^K^F^CU^D 2016-11-07 14:50:42.625818500 25891 > ^S^DDEMO1^K0 ^F^CU^D^K^S^BIT1^V0^T^F^CU^D^C^S^Mmail.xxxxx.pl1^]0^[^F *<86>H<86>÷^M^A ^A^V^Nmarek@xxxxx.pl0 <mailto:%5eA%5eV%5eNmarek@xxxxx.pl0%3c81%3e%3c9f%3e0%5eM%5eF> <81><9f>0^M^F *<86>H<86>÷^M^A^A^A^E^@^C<81><8d>^@0<81><89>^B<81><81>^@<97>W8ñ¾Õ:Ðbì<91>µÙ Íà^X^Y?<94><9a>ª|jfÍ^Z5xä¥^GyÂkÈæ<8f>ÞåÒá<8b>-+ 2016-11-07 14:50:42.625868500 25891 > CI<87><98>Ѭå^TN^N<96>^\E^H^E<8e>6^Nä0ÃnÄ¿sF Ä<8c>Á<94>^R<8f>Cíy©^Eæ<9e>8<93>OsÈG¤Éß^ZÖ^A^G¶^AV^R<9a>IZS^EJº Å+í<82>k.O^\«Ç|<84>.^^?eK^E3^B^C^A^@^A0^M^F <mailto:.%5e%5e?eK%5eE3%5eB%5eC%5eA%5e@%5eA0%5eM%5eF> *<86>H<86>÷^M^A^A^E^E^@^C<81><81>^@!/W<83>"<86>^°U»R^Xû³^]>s$4^W^Kó\<9a><8c> ^RS<84>6É5^Oð@qø<9a>T^]^T×<8c>^OÖy¥^SÍF<80><8f>_ÉÄ0H°X^UuµXIw#\iªu®"Ä^^WÊ^Tj Ï<8a><9f>m¬è^M^P<92>Ä<81>Ìuì<8d>D)<86>u¸J¤<80>t.5¼2ø¦ï<84><96>#<98><86>&ñÌ°0 S4Â^Tõ/ÃV^T:^V^C^A^@^D^N^@^@^@+ 2016-11-07 14:50:43.927166500 25891 < ^V^C^A^@<86>^P^@^@<82>^@<80>j^HXl<9c>ãâõ<92><9b><85>uVd^\<95>M£¸@ôá^E<8d>èp. 638[<8f>ëà^Nü.鸥Ò<9b>¥^T¡¾¥<8c><81><83>UÛ|ï^B?^Và!Q³?<85>§<96>ý¬'j^Q;ý<9f>^ LW<91>ãnw^LòêwxÕ ÆÄ)d9ö<80>¡xÇ^V4^E\z 2016-11-07 14:50:43.927170500 25891 < ºº<8f>wMù<92>Õí^?cWKJ6<80>VÅ<9c>ø?KË©ÖÐ^T^C^A^@^A^A^V^C^A^@0RÆZ)^VáYÑå^ºU+9e ñcÙ^U²uî<8a><96>»!˵ÝPÞ?=´^_^R·m¥ç<87>^Y5x+ äp+ 2016-11-07 14:50:44.130181500 25891 > ^T^C^A^@^A^A^V^C^A^@0Ï)Z^\Ûº<9b>rƦ<8e>S^E1<8f>j<8a>P<86>^Tb<80>&<94>I<83>ÙÈ rçØD²^Q<96>ØlV&^Q|IQÆâN!Ð+ 2016-11-07 14:50:44.557827500 25891 < ^W^C^A^@P¤Ýx<85>EA<92>ïEÞ^[ñ¼[^@+^\1¨^F`¾£a<82>^N±ªtØ^]¾^V2<97>Ú^H<86>}Ík^Y¨ ^B¨¦-IÐÔ^]b3ýºð·ØÙ^R^C^Tï·×@s?<9f>><97>°+\ƳN,F^F+ 2016-11-07 14:50:44.558051500 25891 > ^W^C^A^@ <98>Xá$ån;=Ý<86>ajé^^ùâÝ^L;ÊäQî<<94>õó,=<8d>Lt^W^C^A^@`ØeònÄðk<80>^L^UÐ<9d>' å¿ íc²p^V¬»;<95><81>²SSM×^S¤6:Ì·{^^<92>jñ:b^?FNÖ¯Cû<93>/¯<87>^\ب^V<80><9c>±<80 >ܤØ>^\ËS^_<82>z¦<9e>^SJ@<98>$SB^Q<8a>]i51°ê5ö#T<8d>!^W^C^A^@ 1µÉ^??ÈÑ®ÕÀ¹s^Pgäó^@µ^BèJ<95>$øÂƬÂiç^W3^W^C^A^@0M<87> 2016-11-07 14:50:44.558054500 25891 > kÎ}Miðáq^Y<98>ؼùÇ><82>Bw<91>^DÅ°^\<9c>ÿl§+4l<90>µ,<9d>XÎÌbC£#Â<9f>+<91>^W^C ^A^@ {^O^W<9a>!<86>LØ»<^CÆ^F3ºñ<82>ÿ88dÖÔ+ 2016-11-07 14:50:44.558081500 25891 > ÜÅÍ<9d>1òÆÀ<82>^W^C^A^@0Ò^^H<81>UDb^N^\¾^Q<9d>Á^MFO}<90>Á^\<95>]eèð^?y<92>º Tï V2<82>j<86>´<99><81>6<87>ì<88>^QòÓ^W^C^A^@ µ^B<89>§^]^]Îð@~YI^M©ps<87>èg|Û¯RaÌ<89>ÚÇÀM<93>ú^W^C^A^@0¡^]#^T¨^Hæ<82> Íܧ@BÉ^RÂE<8e>ñòZ¬8;<99>V<83>÷Äj!<8b> #Æ¡^NwFQÔP}ùâ!<94>^W^C^A^@ ¦h§òx/%t[eeÿÛß¹A<8a>d 2016-11-07 14:50:44.558084500 25891 > +^[·Dö<9a>ÈÜÈ^X^]^P~^W^C^A^@@^K^N<9b>5åEà¥cÿ^KVàAL#{¥|^]î<93>³?¹<87>ª<87> Y^[<9e><94>¢^C^[Ðg²Gj`Y·<97>ê<8f>Ú¤<98>^V´»æ}®<8d>Öµ=+ 2016-11-07 14:50:44.558097500 25891 > .®+ 2016-11-07 14:50:45.468022500 25891 < ^W^C^A^@pñ<82> l<9e>XxY;7 Z^O^V<96>ñyÙDê<9e>dMáAû<8f>mßì<98>Êoà^ZÆF^Z4<81>^?µ^T<90>f<83>²æMµ÷ã>[&3÷ú³ b9<9f>n<97>Æü] òo<8b>©<9b>Î^HÄ£Ô<9c>^R<9d>PpèË<98><8c>^TÅ^H={mɳÀ^V-k³^[*ð^MQ0^E£¦^Tò+ 2016-11-07 14:53:55.221401500 25891 > ^W^C^A^@ <8e><8a><8d><82>m)y<91>{T^XMh;Qú%JÞ<87>PðDûÄ]t(<94>S^G7^W^C^A^@@cË(eÜ<8f><82 >/^CEu<83>^Xr^Zf}±ÞnîÛúr<9c>3<9d>b¦ 2016-11-07 14:53:55.221403500 25891 > <92>þ<9f>Å#<83>^WUÒ<8d>.'ĵ^FiYëVÔ°vþÔ6ú^A17<8e>®Ë¢+ 2016-11-07 14:53:55.221497500 spamdyke[25891]: DENIED_OTHER from: xxxxx.yyy...@dupont.com to: ma...@xxxxx.pl origin_ip: 104.47.42.63 origin_rdns: mail-by2nam03on0063.outbound.protection.outlook.com auth: (unknown) encryption: TLS reason: 503_MAIL_first_(#5.5.1) 2016-11-07 14:53:55.221512500 25891 > ^W^C^A^@ 6¥á^AcHÂQf|æ[^?S<9d>Ç^B\M<k$ÿXÒÀøÏ2ï0<96>^W^C^A^@0ff¦^@þèZFÈ<8b><86>à<98>!ñ< 84>\$S<84>,G^Dd<86>K³<84><95>.Æû"ܵ<91>ÁÿkÁ°o`ÆH^QÏ+ 2016-11-07 14:53:55.710503500 25891 < ^W^C^A^@ ^Z<<97>Ô;_¾}1º/*^^bÆd^X^_â^AÐo~æ#ÆKY^U`^_Ì+ 2016-11-07 14:53:55.710517500 25891 < [EOF] 2016-11-07 14:53:55.711215500 25891 > ^W^C^A^@ P:½^]ïýLp^Fþ<86>Î56^^_é-Ü<8b><97>;nµâÅ<94>Ò<81>yEU^W^C^A^@`&i:Ú<9a>/òÌ£SÊw5^ U^Z¾0ÚåfK<88>?<¨ ^G^K1[f,Ѹ<9d>t«çu¼ºr<80>꤯R<8b>Á±ADÿ<91>ãÊ<9b>ê.äY j×ð¸ïÌ^^gé´<95>Ð ,/<8b><8a>°ù]8^T[<9d>å.^[ÛÁ<85>bãáõ^U^C^A^@ %^QÌ<82>?°o_úN<9b>^?¦|`¬øûk<81><8a>¯<9a>^D^CHI,Ƴß<9a>+ 2016-11-07 14:53:55.711298500 tcpserver: end 25891 status 0 From: Eric Broch [mailto:ebr...@whitehorsetc.com] Sent: Friday, November 04, 2016 9:15 PM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Qmail reject email from several domain Reason TIMEOUT Sorry recordio... #!/bin/sh QMAILDUID=`id -u vpopmail` NOFILESGID=`id -g vpopmail` MAXSMTPD=`cat /var/qmail/control/concurrencyincoming` SPAMDYKE="/usr/bin/spamdyke" SPAMDYKE_CONF="/etc/spamdyke/spamdyke.conf" SMTPD="/var/qmail/bin/qmail-smtpd" TCP_CDB="/etc/tcprules.d/tcp.smtp.cdb" HOSTNAME=`hostname` VCHKPW="/home/vpopmail/bin/vchkpw" REQUIRE_AUTH=0 exec /usr/bin/softlimit -m 64000000 \ /usr/bin/tcpserver -v -R -H -l $HOSTNAME -x $TCP_CDB -c "$MAXSMTPD" \ -u "$QMAILDUID" -g "$NOFILESGID" 0 smtp \ /usr/bin/recordio \ $SPAMDYKE --config-file $SPAMDYKE_CONF \ $SMTPD $VCHKPW /bin/true 2>&1 On 11/4/2016 2:12 PM, Eric Broch wrote: Try using recordio #!/bin/sh QMAILDUID=`id -u vpopmail` NOFILESGID=`id -g vpopmail` MAXSMTPD=`cat /var/qmail/control/concurrencyincoming` SPAMDYKE="/usr/bin/spamdyke" SPAMDYKE_CONF="/etc/spamdyke/spamdyke.conf" SMTPD="/var/qmail/bin/qmail-smtpd" TCP_CDB="/etc/tcprules.d/tcp.smtp.cdb" HOSTNAME=`hostname` VCHKPW="/home/vpopmail/bin/vchkpw" REQUIRE_AUTH=0 exec /usr/bin/softlimit -m 64000000 \ /usr/bin/tcpserver -v -R -H -l $HOSTNAME -x $TCP_CDB -c "$MAXSMTPD" \ -u "$QMAILDUID" -g "$NOFILESGID" 0 smtp \ $SPAMDYKE --config-file $SPAMDYKE_CONF \ $SMTPD $VCHKPW /bin/true 2>&1 On 11/4/2016 12:59 PM, ma...@demod.pl wrote: Look, The sender get a reject message: > Diagnostic information for administrators: > > Generating server: mailgw02.man-mit.com > > zamowie...@xxxxx.pl > [77.253.207.97] #<[77.253.207.97] #5.0.0 smtp; 5.x.1 - Maximum number > of delivery attempts exceeded. [Default] 421-'Timeout. Talk faster > next time.' (delivery attempts: 100)> #SMTP# > > Original message headers: > > X-IronPort-AV: E=Sophos;i="5.31,476,1473112800"; > d="pdf'?scan'208";a="48824816" > Received: from unknown (HELO openrelay.mn-man.biz) ([10.7.81.87]) by > mailgw02.man-mit.com with ESMTP/TLS/RC4-SHA; 11 Oct 2016 12:12:20 > +0200 > X-IronPort-AV: E=Sophos;i="5.31,476,1473112800"; > d="pdf'?scan'208";a="35414355" > Received: from mndemucpc035934.mn-man.biz (HELO > mndemuchub003.mn-man.biz) > ([10.128.60.217]) by openrelay.mn-man.biz with ESMTP; 11 Oct 2016 > 12:12:29 > +0200 > Received: from MNPLSTWAP001 ([10.131.126.157]) by > ppmail01.man.com.pl (Lotus Domino Release 6.5.4) with ESMTP > id 2016101112122306-44564 ; > Tue, 11 Oct 2016 12:12:23 +0200 > From: MAN POZNAN <mailto:einkaufpo...@man.eu> <einkaufpo...@man.eu> > To: <mailto:zamowie...@xxxxx.pl> "zamowie...@xxxxx.pl" <mailto:zamowie...@xxxxx.pl> <zamowie...@xxxxx.pl> > Subject: =?UTF-8?Q?Zam=C3=B3wienie_automatyczne_/_Autob?= > =?UTF-8?Q?estellung_6510/16/AF,_2016-10-11?= > CC: <mailto:e9...@man.eu> "e9...@man.eu" <mailto:e9...@man.eu> <e9...@man.eu>, <mailto:einkaufpo...@man.eu> "einkaufpo...@man.eu" > <mailto:einkaufpo...@man.eu> <einkaufpo...@man.eu> > MIME-Version: 1.0 > Message-ID: <mailto:113081937.1476180745336.javamail.webxl_nore...@man.eu> <113081937.1476180745336.javamail.webxl_nore...@man.eu> > Date: Tue, 11 Oct 2016 12:12:25 +0200 > X-MIMETrack: Itemize by SMTP Server on > ppmail01/POZNAN/MAN_POLSKA/MAN_BUSPL(Release > 6.5.4|March 27, 2005) at 2016-10-11 12:12:23, > Serialize by Router on > MNDEMUCHUB003/SRV/MAN_Nutzfahrzeuge(Release 7.0.2FP3|December 13, > 2007) at 11.10.2016 12:12:28 > Content-Type: text/plain > > But I see in my log this: 2016-10-11 17:16:52.411561500 spamdyke[16443]: TIMEOUT from: einkaufpo...@man.eu to: (unknown) origin_ip: 151.136.108.88 origin_rdns: wgate1.mn.man.de auth: (unknown) encryption: TLS reason: TIMEOUT 2016-10-11 17:18:05.060074500 spamdyke[16467]: TIMEOUT from: einkaufpo...@man.eu to: (unknown) origin_ip: 151.136.108.88 origin_rdns: mail1.man.de auth: (unknown) encryption: TLS reason: TIMEOUT from: einkaufpo...@man.eu to: (unknown) not: from: einkaufpo...@man.eu to: zamowie...@xxxxx.pl where find reason? From: Eric Broch [mailto:ebr...@whitehorsetc.com] Sent: Friday, November 04, 2016 7:26 PM To: qmailtoaster-list@qmailtoaster.com Subject: RE: [qmailtoaster] Qmail reject email from several domain Reason TIMEOUT It looks like the email is going to no one, you could check in the send log at the same time, but I doubt any delivery is being made. It might be being rejected at 'policy.' It should be followed up with delivery. Below is what a complete smtp transaction looks like: <trans> @40000000581ccab11323ecdc tcpserver: status: 0/100 @40000000581ccaef1914fb7c tcpserver: status: 1/100 @40000000581ccaef192f0f44 tcpserver: pid 1542 from xxx.xxx.xxx.xxx @40000000581ccaef1931f574 tcpserver: ok 1542 host.mydomain.tld:yyy.yyy.yyy.yyy:25 :xxx.xxx.xxx.xxx::46233 @40000000581ccaf410b6483c CHKUSER accepted sender: from <mailto:sen...@remotedomain.tld::> <sen...@remotedomain.tld::> remote <sender-server.remote.ip.net:unknown:xxx.xxx.xxx.xxx> rcpt <> : sender accepted @40000000581ccaf425ea9c94 CHKUSER accepted rcpt: from <mailto:sen...@remotedomain.tld::> <sen...@remotedomain.tld::> remote <sender-server.remote.ip.net:unknown:xxx.xxx.xxx.xxx> rcpt <mailto:recipi...@localdomain.tld> <recipi...@localdomain.tld> : found existing recipient @40000000581ccaf426022bd4 policy_check: remote sen...@remotedomain.tld -> local recipi...@localdomain.tld (UNAUTHENTICATED SENDER) @40000000581ccaf42603606c policy_check: policy allows transmission @40000000581ccaf61fa1ffe4 simscan:[1543]:CLEAN (-95.70/12.00):1.2711s:This is the subject of the email being sent....:xxx.xxx.xxx.xxx:sen...@remotedomain.tld:recipi...@localdomain.tld @40000000581ccb32260f6e5c tcpserver: end 1542 status 0 @40000000581ccb32260f762c tcpserver: status: 0/100 </trans> Spamdyke may just being doing what it's supposed to do. Eric On 11/4/2016 11:53 AM, ma...@demod.pl wrote: Yes, exacly This occurs only on several big corporate domain like dhl.com man.eu ergohestia.pl. Most mail recived ok. And servers works ok. Error occurs only several domain now I see another domain dupont.com L After remove spamdyke from the run script i cant observe TIMEOUT in log. I see this: @40000000581cbb402ac7417c CHKUSER accepted sender: from <mailto:pl.no.re...@dhl.com::> <pl.no.re...@dhl.com::> remote <gateway1g.dhl.com:unknown:165.72.200.97> rcpt <> : sender accepted @40000000581cbb451fa7b4d4 tcpserver: status: 5/100 @40000000581cbb451faa73f4 tcpserver: pid 26568 from 85.90.252.62 @40000000581cbb451fabdf3c tcpserver: ok 26568 mail.xxxxxxxx.pl:192.168.0.95:25 :85.90.252.62::29680 @40000000581cbb4538a2023c CHKUSER accepted sender: from <mailto:pl.efakt...@dhl.com::> <pl.efakt...@dhl.com::> remote <dhl-mail-a-1.accountis.net:unknown:85.90.252.62> rcpt <> : sender accepted @40000000581cbb53234b5104 tcpserver: end 26418 status 256 @40000000581cbb53234bd1ec tcpserver: status: 4/100 @40000000581cbb540626f95c tcpserver: status: 5/100 @40000000581cbb5406298d84 tcpserver: pid 26573 from 186.85.86.180 @40000000581cbb54062ae15c tcpserver: ok 26573 mail.xxxxxxx.pl:192.168.0.95:25 :186.85.86.180::46388 I dont know where to find this mail? to whom it is addressed? From: Eric Broch [mailto:ebr...@whitehorsetc.com] Sent: Friday, November 04, 2016 6:10 PM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Qmail reject email from several domain Reason TIMEOUT >From your first email you stated that, "This occurs only on several big corporate domain like dhl.com man.eu ergohestia.pl" Obviously you are receiving at least some mail, correct? So, whatever the cause of this problem, spamdyke or otherwise, barring the corporate domains, in many cases your email server is working correctly, right? Maybe the other server ARE actually taking more time than they should. This is all that I was saying. Can you remove spamdyke from the 'run' script as I suggested and give that a try? Eric On 11/4/2016 11:00 AM, ma...@demod.pl wrote: I know, because that emails never come. After long time sender get a return message sorry TIMEOUT L From: Eric Broch [mailto:ebr...@whitehorsetc.com] Sent: Friday, November 04, 2016 5:41 PM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Qmail reject email from several domain Reason TIMEOUT What I meant was this: could it be that spamdyke is actually doing what it is supposed to do. Is spamdyke timing out a connection when it takes to long and allowing connections when the connection is within the time limit? In other words, how do you know its not working properly? On 11/4/2016 10:27 AM, ma...@demod.pl wrote: what are you mean? From: Eric Broch [mailto:ebr...@whitehorsetc.com] Sent: Friday, November 04, 2016 5:22 PM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Qmail reject email from several domain Reason TIMEOUT Could it be that the TIMEOUT is legitimate? On 11/4/2016 10:17 AM, ma...@demod.pl wrote: Sadly TIMEOUT still occurs L I add timeouted domain to whitelist _senders. And still TIMEOUT. Bellow my spamdyke.conf file: ############################################################################ #### # TIMEOUTS ############################################################################ #### # Close the connection after SECS seconds, regardless of activity. A value of # 0 disables this feature. # Default: 0 connection-timeout-secs=360 # Close the connection after SECS seconds of inactivity. A value of 0 disables # this feature. # Default: 0 idle-timeout-secs=360 #dns-blacklist-entry=zombie.dnsbl.sorbs.net #dns-blacklist-entry=dul.dnsbl.sorbs.net #dns-blacklist-entry=bogons.cymru.com dns-blacklist-entry=zen.spamhaus.org dns-blacklist-entry=bl.spamcop.net graylist-dir=/var/spamdyke/graylist graylist-level=always graylist-max-secs=2678400 graylist-min-secs=180 greeting-delay-secs=6 header-blacklist-entry=From:*>,*<* idle-timeout-secs=60 ip-blacklist-file=/etc/spamdyke/blacklist_ip ip-in-rdns-keyword-blacklist-file=/etc/spamdyke/blacklist_keywords ip-in-rdns-keyword-whitelist-file=/etc/spamdyke/whitelist_keywords ip-whitelist-file=/etc/spamdyke/whitelist_ip ########local-domains-file=/var/qmail/control/rcpthosts qmail-rcpthosts-file=/var/qmail/control/rcpthosts qmail-morercpthosts-cdb log-level=info #log-level=excessive log-target=stderr max-recipients=50 #policy-url=http://my.policy.explanation.url/ rdns-blacklist-file=/etc/spamdyke/blacklist_rdns rdns-whitelist-file=/etc/spamdyke/whitelist_rdns recipient-blacklist-file=/etc/spamdyke/blacklist_recipients recipient-whitelist-file=/etc/spamdyke/whitelist_recipients reject-empty-rdns #reject-ip-in-cc-rdns #################reject-missing-sender-mx reject-sender=no-mx reject-unresolvable-rdns rejection-text-sender-no-mx reject-recipient=same-as-sender rejection-text-recipient-same-as-sender sender-blacklist-file=/etc/spamdyke/blacklist_senders sender-whitelist-file=/etc/spamdyke/whitelist_senders tls-certificate-file=/var/qmail/control/servercert.pem tls-privatekey-file=/var/qmail/control/servercert.key tls-level=SMTP From: Eric Broch [mailto:ebr...@whitehorsetc.com] Sent: Friday, November 04, 2016 4:31 PM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Qmail reject email from several domain Reason TIMEOUT Settings change between spamdyke 4 and 5 I have a script (fixsd.sh): <fixsd.sh> #!/bin/sh sed -i \ -e 's/reject-missing-sender-mx/reject-sender=no-mx/g' \ -e 's/rejection-text-missing-sender-mx/rejection-text-sender-no-mx/g' \ -e 's/reject-identical-sender-recipient/reject-recipient=same-as-sender/g' \ -e 's/rejection-text-identical-sender-recipient/rejection-text-recipient-same-a s-sender/g' \ -e 's/local-domains-file/qmail-rcpthosts-file/g' \ -e 's/local-domains-entry=/#local-domains-entry=(Add these entries to qmail-rcpthosts-file)/g' \ -e 's/morercpthosts/qmail-morercpthosts-cdb/'g /etc/spamdyke/spamdyke.conf </fixsd.sh> If this doesn't work, can you refert to spamdyke 4 and let us know if that works? Eric On 11/4/2016 9:09 AM, ma...@demod.pl wrote: I upgrade spamdyke to version 5.0.1 and nothing change. L I expand to: 'idle-timeout-sec=360' And still TIMEOUT From: Eric Broch [mailto:ebr...@whitehorsetc.com] Sent: Friday, November 04, 2016 2:17 PM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Qmail reject email from several domain Reason TIMEOUT It looks to me like it's spamdyke causing the problem. It's certainly what the log suggests. What is your 'idle-timeout' setting in /etc/spamdyke/spamdyke.conf On 11/4/2016 4:31 AM, ma...@demod.pl wrote: Hi, >From some time i have a problem with my qmail server. From some time the server reject mail from several domain REASON TIMEOUT. I dont know why. This occurs only on several big corporate domain like dhl.com man.eu ergohestia.pl. First i suspect spamdyke. But i check it. Enter white list etc. Ask on spamdyke forum and final look at the spamdyke dont block anything. The excessive log file show only: talk faster next time A part of log bellow: @40000000581c48af3996f15c tcpserver: status: 2/100 @40000000581c48d908f1b21c spamdyke[4387]: EXCESSIVE(middleman()@spamdyke.c:1965): child output file descriptor 5 closed @40000000581c48d908f1bdd4 spamdyke[4387]: EXCESSIVE(output_writeln()@log.c:102): wrote 37 bytes to network file descriptor 1, buffer contained 37 bytes: 421 Timeout. Talk faster next @40000000581c48d908f1c5a4 spamdyke[4387]: TIMEOUT from: len...@lendon.pl to: (unknown) origin_ip: 89.38.150.213 origin_rdns: host213-150-38-89.static.arubacloud.fr auth: (unknown) encryption: (none) reason: TIMEOUT @40000000581c48d908f21b94 spamdyke[4387]: DEBUG(find_username()@spamdyke.c:127): searching for username between positions 9 and 35: RCPT TO:<marekm@*****.com.pl> @40000000581c48d908f22364 DATA @40000000581c48d908f2274c @40000000581c48d908f22b34 spamdyke[4387]: EXCESSIVE(find_username()@spamdyke.c:309): found username in address: marekm @40000000581c48d908f24a74 spamdyke[4387]: DEBUG(find_domain()@spamdyke.c:361): searching for domain between positions 15 and 35: RCPT TO:<marekm@*****.com.pl> @40000000581c48d908f25244 DATA @40000000581c48d908f25244 @40000000581c48d908f2562c spamdyke[4387]: EXCESSIVE(find_domain()@spamdyke.c:529): found domain in address: *****.com.pl @40000000581c48d908f25dfc spamdyke[4387]: DEBUG(find_address()@spamdyke.c:726): found username: marekm @40000000581c48d908f27954 spamdyke[4387]: DEBUG(find_address()@spamdyke.c:743): found domain: *****.com.pl @40000000581c48d908f2b3ec spamdyke[4387]: DEBUG(filter_recipient_whitelist()@filter.c:2332): searching recipient whitelist(s); recipient: marekm@*****.com.pl @40000000581c48d908f2b7d4 spamdyke[4387]: EXCESSIVE(output_writeln()@log.c:102): wrote 37 bytes to network file descriptor 1, buffer contained 37 bytes: 421 Timeout. Talk faster next @40000000581c48d908f2bfa4 spamdyke[4387]: TIMEOUT from: len...@lendon.pl to: marekm@*****.com.pl origin_ip: 89.38.150.213 origin_rdns: host213-150-38-89.static.arubacloud.fr auth: (unknown) encryption: (none) reason: (empty) @40000000581c48d908f2dee4 spamdyke[4387]: EXCESSIVE(output_writeln()@log.c:102): wrote 37 bytes to network file descriptor 1, buffer contained 37 bytes: 421 Timeout. Talk faster next @40000000581c48e231636ccc spamdyke[4293]: EXCESSIVE(middleman()@spamdyke.c:2097): read 33 bytes from child input file descriptor 6, buffer contains 33 bytes, current position is 0: 451 SPF lookup failure (#4.3.0 @40000000581c48e231637884 spamdyke[4293]: EXCESSIVE(middleman()@spamdyke.c:2107): child input file descriptor 6 indicates EOF, buffer contains 0 bytes, current position is 0 @40000000581c48e231638054 spamdyke[4293]: EXCESSIVE(middleman()@spamdyke.c:2108): child input file descriptor 6 closed @40000000581c48e231638824 spamdyke[4293]: EXCESSIVE(middleman()@spamdyke.c:2989): child process exited normally with return value 1 Any help will be appreciated Marek
