Mail stuck (Connection Timed-Out)

2012-01-30 Thread Gonzo Fernandez 
Hi All,

My relay servers have mail being received but unable to send. When I type 
"mailq" I see: Delivery temporarily suspended….Connection timed out. I also 
noticed this line:

Tarpitting active for [1.2.3.4)

I restarted postfix, flushed mailq and still everything is stuck. Now the mail 
is building up and I don't know what else to do. I'm still continuing to work 
on it but I figure I might as well ask the postfix team members. Can anyone 
help me figure this thing out please? 

mailq:

Jan 30 13:53:27 mx-ca4-01 postfix/qmgr[26443]: BC535E8264: 
from=, size=805, nrcpt=1 (queue active)
Jan 30 13:53:55 mx-ca4-01 postfix/qmgr[26443]: BC535E8264: to=, 
relay=none, delay=357647, delays=357619/28/0/0, dsn=4.4.1, status=deferred 
(delivery temporarily suspended: connect to mail.com[1.2.3.4]: Connection timed 
out)


I set this line up in main.cf and it did help a little bit: 
smtpd_error_sleep_time = 0

Here's my postconf -n:

alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
debug_peer_level = 2
disable_vrfy_command = yes
header_checks = regexp:/etc/postfix/header_checks
html_directory = no
inet_interfaces = all
mail_owner = postfix
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
mydestination = $myhostname, localhost.$mydomain, localhost
mynetworks = 1.2.3.0/24, 1.2.3.0/24, 1.2.3.0/24, 1.2.3.0/24, 1.2.3.0/24
newaliases_path = /usr/bin/newaliases.postfix
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES
sample_directory = /usr/share/doc/postfix-2.3.3/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtpd_error_sleep_time = 0
unknown_local_recipient_reject_code = 550

Gonzo Fernandez

Re: Mail stuck (Connection Timed-Out)

2012-01-30 Thread Noel Jones 
On 1/30/2012 5:07 PM, Gonzo Fernandez wrote:
> Hi All,
> 
> My relay servers have mail being received but unable to send. When I
> type "mailq" I see: Delivery temporarily suspended….Connection timed
> out. I also noticed this line:
> 
> Tarpitting active for [1.2.3.4)
> 
> I restarted postfix, flushed mailq and still everything is stuck.
> Now the mail is building up and I don't know what else to do. I'm
> still continuing to work on it but I figure I might as well ask the
> postfix team members. Can anyone help me figure this thing out please? 
> 
> mailq:
> 
> Jan 30 13:53:27 mx-ca4-01 postfix/qmgr[26443]: BC535E8264:
> from=mailto:m...@example.com>>, size=805, nrcpt=1
> (queue active)
> Jan 30 13:53:55 mx-ca4-01 postfix/qmgr[26443]: BC535E8264:
> to=mailto:m...@example.com>>, relay=none, delay=357647,
> delays=357619/28/0/0, dsn=4.4.1, status=deferred (delivery
> temporarily suspended: connect to example.com
> [1.2.3.4]: Connection timed out)


(please post in plain-text only)
(please use example.com rather than real domain names.  thanks)


Looks as if the destination 1.2.3.4 doesn't like your server.
You'll need to check with them about why.

One possibility is that you've been flooding them with backscatter
and they've blacklisted you for that.  If that's the problem, the
solution is to not accept mail you can't deliver.

Or maybe you've got a spam-bot on your network that's spewing stuff
they don't like.

But that's just speculation... Only they know the reason.



  -- Noel Jones

Re: Mail stuck (Connection Timed-Out)

2012-01-30 Thread Gonzo Fernandez 
Thank you Noel. Our server sends out copies of email confirmations to our 
clients and if the client decides to make a large order they end up pushing our 
volume up and we end up getting blocked by their mail server. I seem to be 
getting connection timed out on a lot of the hosts. I even try to telnet to ip 
and port 25 but it keeps timing out. I used "grep" to search in 
/var/log/maillog and I got this. Any ideas?

[root@mx-server ~]# cat /var/log/maillog | grep B0847E8491

Jan 30 08:44:38 mx-server postfix/cleanup[24478]: B0847E8491: 
message-id=<20120130164438.B0847E8491@mxser...@example.com>
Jan 30 08:44:38 mx-server postfix/qmgr[16186]: B0847E8491: from=<>, size=3456, 
nrcpt=1 (queue active)
Jan 30 08:44:38 mx-server postfix/bounce[24473]: 2604BE84D6: sender 
non-delivery notification: B0847E8491
Jan 30 08:45:01 mx-server postfix/smtp[24278]: B0847E8491: 
to=, relay=none, delay=23, delays=0.03/0/23/0, dsn=4.4.1, 
status=deferred (connect to example.com[1.2.3.4]: Connection timed out)
Jan 30 09:08:09 mx-server postfix/qmgr[16186]: B0847E8491: from=<>, size=3456, 
nrcpt=1 (queue active)
Jan 30 09:08:32 mx-server postfix/smtp[24522]: B0847E8491: 
to=, relay=none, delay=1434, delays=1411/0/23/0, dsn=4.4.1, 
status=deferred (connect to example.com[1.2.3.4]: Connection timed out)
Jan 30 09:41:31 mx-server postfix/qmgr[16186]: B0847E8491: from=<>, size=3456, 
nrcpt=1 (queue active)
Jan 30 09:41:52 mx-server postfix/smtp[24793]: B0847E8491: 
to=, relay=none, delay=3434, delays=3412/0.1/21/0, dsn=4.4.1, 
status=deferred (connect to example.com[1.2.3.4]: Connection timed out)
Jan 30 10:48:09 mx-server postfix/qmgr[16186]: B0847E8491: from=<>, size=3456, 
nrcpt=1 (queue active)
Jan 30 10:48:15 mx-server postfix/smtp[25097]: B0847E8491: 
to=, relay=none, delay=7417, delays=7411/0.06/5.9/0, 
dsn=4.4.3, status=deferred (Host or domain name not found. Name service error 
for name=example.com type=A: Host not found, try again)
Jan 30 12:11:30 mx-server postfix/qmgr[16186]: B0847E8491: from=<>, size=3456, 
nrcpt=1 (queue active)
Jan 30 12:11:53 mx-server postfix/smtp[25539]: B0847E8491: 
to=, relay=none, delay=12435, delays=12411/0.05/23/0, 
dsn=4.4.1, status=deferred (connect to example.com[1.2.3.4]: Connection timed 
out)
Jan 30 13:22:45 mx-server postfix/qmgr[26236]: B0847E8491: from=<>, size=3456, 
nrcpt=1 (queue active)
Jan 30 13:23:12 mx-server postfix/smtp[26261]: B0847E8491: 
to=, relay=none, delay=16713, delays=16687/0.56/26/0, 
dsn=4.4.1, status=deferred (connect to example.com[1.2.3.4]: Connection timed 
out)
Jan 30 13:53:27 mx-server postfix/qmgr[26443]: B0847E8491: from=<>, size=3456, 
nrcpt=1 (queue active)
Jan 30 13:53:55 mx-server postfix/smtp[26593]: B0847E8491: 
to=, relay=none, delay=18556, delays=18529/6.5/21/0, 
dsn=4.4.1, status=deferred (connect to example.com[1.2.3.4]: Connection timed 
out)
Jan 30 15:14:54 mx-server postfix/qmgr[27600]: B0847E8491: from=<>, size=3456, 
nrcpt=1 (queue active)
Jan 30 15:15:21 mx-server postfix/smtp[27790]: B0847E8491: 
to=, relay=none, delay=23443, delays=23416/5.9/21/0, 
dsn=4.4.1, status=deferred (connect to example.com[1.2.3.4]: Connection timed 
out)
[root@mx-server ~]# telnet 1.2.3.4 25
Trying 1.2.3.4...
telnet: connect to address 1.2.3.4: Connection timed out
telnet: Unable to connect to remote host: Connection timed out

Gonzo Fernandez

On Jan 30, 2012, at 3:36 PM, Noel Jones wrote:

> On 1/30/2012 5:07 PM, Gonzo Fernandez wrote:
>> Hi All,
>> 
>> My relay servers have mail being received but unable to send. When I
>> type "mailq" I see: Delivery temporarily suspended….Connection timed
>> out. I also noticed this line:
>> 
>> Tarpitting active for [1.2.3.4)
>> 
>> I restarted postfix, flushed mailq and still everything is stuck.
>> Now the mail is building up and I don't know what else to do. I'm
>> still continuing to work on it but I figure I might as well ask the
>> postfix team members. Can anyone help me figure this thing out please? 
>> 
>> mailq:
>> 
>> Jan 30 13:53:27 mx-server postfix/qmgr[26443]: BC535E8264:
>> from=mailto:m...@example.com>>, size=805, nrcpt=1
>> (queue active)
>> Jan 30 13:53:55 mx-server postfix/qmgr[26443]: BC535E8264:
>> to=mailto:m...@example.com>>, relay=none, delay=357647,
>> delays=357619/28/0/0, dsn=4.4.1, status=deferred (delivery
>> temporarily suspended: connect to example.com
>> [1.2.3.4]: Connection timed out)
> 
> 
> (please post in plain-text only)
> (please use example.com rather than real domain names.  thanks)
> 
> 
> Looks as if the destination 1.2.3.4 doesn't like your server.
> You'll need to check with them about why.
> 
> One possibility is that you've been flooding them with backscatter
> and they've blacklisted you for that.  If that's the problem, the
> solution is to not accept mail you can't deliver.
> 
> Or maybe you've got a spam-bot on your network that's spewing stuff
> they don't like.
> 
> But that's just speculation... Only they know the reason.
> 
> 
> 
>  -- Noel Jones

Re: Mail stuck (Connection Timed-Out)

2012-01-30 Thread Alfonso Alejandro Reyes Jimenez 
Hi it seems to be a layer 3 issue, according to the description I will check 
any firewall or router at the perimeters end.

Have you checked that? Have you tried tcpdump to check if those packets are 
leaving the box?

Thats just a thought, I hope it helps.

Regards.


Saludos 

Ing. Alfonso Alejandro Reyes Jimenez 
Coordinador de Seguridad - SASI 
E-mail: aare...@scitum.com.mx 
Telefono: 91507489 
Movil: (044) 55 85 81 04 62
 

De: Gonzo Fernandez [mailto:go...@usaepay.com] 
Enviado: Monday, January 30, 2012 06:46 PM
Para: postfix users  
Asunto: Re: Mail stuck (Connection Timed-Out) 
 

Thank you Noel. Our server sends out copies of email confirmations to our 
clients and if the client decides to make a large order they end up pushing our 
volume up and we end up getting blocked by their mail server. I seem to be 
getting connection timed out on a lot of the hosts. I even try to telnet to ip 
and port 25 but it keeps timing out. I used "grep" to search in 
/var/log/maillog and I got this. Any ideas?

[root@mx-server ~]# cat /var/log/maillog | grep B0847E8491

Jan 30 08:44:38 mx-server postfix/cleanup[24478]: B0847E8491: 
message-id=<20120130164438.B0847E8491@mxser...@example.com>
Jan 30 08:44:38 mx-server postfix/qmgr[16186]: B0847E8491: from=<>, size=3456, 
nrcpt=1 (queue active)
Jan 30 08:44:38 mx-server postfix/bounce[24473]: 2604BE84D6: sender 
non-delivery notification: B0847E8491
Jan 30 08:45:01 mx-server postfix/smtp[24278]: B0847E8491: 
to=, relay=none, delay=23, delays=0.03/0/23/0, dsn=4.4.1, 
status=deferred (connect to example.com[1.2.3.4]: Connection timed out)
Jan 30 09:08:09 mx-server postfix/qmgr[16186]: B0847E8491: from=<>, size=3456, 
nrcpt=1 (queue active)
Jan 30 09:08:32 mx-server postfix/smtp[24522]: B0847E8491: 
to=, relay=none, delay=1434, delays=1411/0/23/0, dsn=4.4.1, 
status=deferred (connect to example.com[1.2.3.4]: Connection timed out)
Jan 30 09:41:31 mx-server postfix/qmgr[16186]: B0847E8491: from=<>, size=3456, 
nrcpt=1 (queue active)
Jan 30 09:41:52 mx-server postfix/smtp[24793]: B0847E8491: 
to=, relay=none, delay=3434, delays=3412/0.1/21/0, dsn=4.4.1, 
status=deferred (connect to example.com[1.2.3.4]: Connection timed out)
Jan 30 10:48:09 mx-server postfix/qmgr[16186]: B0847E8491: from=<>, size=3456, 
nrcpt=1 (queue active)
Jan 30 10:48:15 mx-server postfix/smtp[25097]: B0847E8491: 
to=, relay=none, delay=7417, delays=7411/0.06/5.9/0, 
dsn=4.4.3, status=deferred (Host or domain name not found. Name service error 
for name=example.com type=A: Host not found, try again)
Jan 30 12:11:30 mx-server postfix/qmgr[16186]: B0847E8491: from=<>, size=3456, 
nrcpt=1 (queue active)
Jan 30 12:11:53 mx-server postfix/smtp[25539]: B0847E8491: 
to=, relay=none, delay=12435, delays=12411/0.05/23/0, 
dsn=4.4.1, status=deferred (connect to example.com[1.2.3.4]: Connection timed 
out)
Jan 30 13:22:45 mx-server postfix/qmgr[26236]: B0847E8491: from=<>, size=3456, 
nrcpt=1 (queue active)
Jan 30 13:23:12 mx-server postfix/smtp[26261]: B0847E8491: 
to=, relay=none, delay=16713, delays=16687/0.56/26/0, 
dsn=4.4.1, status=deferred (connect to example.com[1.2.3.4]: Connection timed 
out)
Jan 30 13:53:27 mx-server postfix/qmgr[26443]: B0847E8491: from=<>, size=3456, 
nrcpt=1 (queue active)
Jan 30 13:53:55 mx-server postfix/smtp[26593]: B0847E8491: 
to=, relay=none, delay=18556, delays=18529/6.5/21/0, 
dsn=4.4.1, status=deferred (connect to example.com[1.2.3.4]: Connection timed 
out)
Jan 30 15:14:54 mx-server postfix/qmgr[27600]: B0847E8491: from=<>, size=3456, 
nrcpt=1 (queue active)
Jan 30 15:15:21 mx-server postfix/smtp[27790]: B0847E8491: 
to=, relay=none, delay=23443, delays=23416/5.9/21/0, 
dsn=4.4.1, status=deferred (connect to example.com[1.2.3.4]: Connection timed 
out)
[root@mx-server ~]# telnet 1.2.3.4 25
Trying 1.2.3.4...
telnet: connect to address 1.2.3.4: Connection timed out
telnet: Unable to connect to remote host: Connection timed out

Gonzo Fernandez

On Jan 30, 2012, at 3:36 PM, Noel Jones wrote:


On 1/30/2012 5:07 PM, Gonzo Fernandez wrote:


Hi All,



My relay servers have mail being received but unable to send. 
When I


type "mailq" I see: Delivery temporarily suspended….Connection 
timed


out. I also noticed this line:



Tarpitting active for [1.2.3.4)



I restarted postfix, flushed mailq and still everything is 
stuck.


Now the mail is building up and I don't know what else to do. 
I'm


still continuing to work on it but I figure I might as well ask 
the


postfix team members. Can anyone help me figure this thing out 
please? 



mailq:

Re: Mail stuck (Connection Timed-Out)

2012-01-30 Thread Noel Jones 
On 1/30/2012 6:46 PM, Gonzo Fernandez wrote:
> Thank you Noel. Our server sends out copies of email confirmations
> to our clients and if the client decides to make a large order they
> end up pushing our volume up and we end up getting blocked by their
> mail server. I seem to be getting connection timed out on a lot of
> the hosts. I even try to telnet to ip and port 25 but it keeps
> timing out. I used "grep" to search in /var/log/maillog and I got
> this. Any ideas?


This isn't a postfix problem.  If you can't telnet to any client
port 25, then you have a connectivity problem; maybe your ISP is
blocking that port, or some firewall has been misconfigured.
Contact your networking team or your ISP.

If you can't telnet to this one destination port 25, they're
blocking you.  You'll need to contact them to get this resolved.


Good luck.



  -- Noel Jones

Re: Mail stuck (Connection Timed-Out)

2012-01-30 Thread Noel Jones 
On 1/30/2012 10:30 PM, Noel Jones wrote:
> On 1/30/2012 6:46 PM, Gonzo Fernandez wrote:
>> Thank you Noel. Our server sends out copies of email confirmations
>> to our clients and if the client decides to make a large order they
>> end up pushing our volume up and we end up getting blocked by their
>> mail server. I seem to be getting connection timed out on a lot of
>> the hosts. I even try to telnet to ip and port 25 but it keeps
>> timing out. I used "grep" to search in /var/log/maillog and I got
>> this. Any ideas?
> 
> 
> This isn't a postfix problem.  If you can't telnet to any client
> port 25, then you have a connectivity problem; maybe your ISP is
> blocking that port, or some firewall has been misconfigured.
> Contact your networking team or your ISP.
> 
> If you can't telnet to this one destination port 25, they're
> blocking you.  You'll need to contact them to get this resolved.
> 
> 
> Good luck.
> 
> 
> 
>   -- Noel Jones


If the destination can't handle the load you're sending it, you can
slow postfix down.  Details here:
http://www.postfix.org/QSHAPE_README.html#active_congestion

Of course, this won't help until they stop blocking you.

  -- Noel Jones

Re: Mail stuck (Connection Timed-Out)

2012-01-30 Thread Gonzo Fernandez 
I was reading about "Defferred queue full of dictionary attack bounces" which I 
think might be an issue here. 

So i performed a qshape analysis and I got this:

command: qshape deferred | head

 T  5 10 20 40 80 160 320 640 1280 1280+
 TOTAL 583  0  0  0  0  0   1   8  47   25   502
 adbaa.org 214  0  0  0  0  0   0   0   00   214
 onramp.bz 191  0  0  0  0  0   1   6  26   10   148
 unitedimagingpartners.com  62  0  0  0  0  0   0   0   7550
   mmvacations.com  26  0  0  0  0  0   0   0   1025
fishwindowcleaning.com  12  0  0  0  0  0   0   0   31 8
   warrensouth.com   5  0  0  0  0  0   0   0   10 4
  ecodiscoverypark.com   5  0  0  0  0  0   0   1   00 4
   pfg.com   4  0  0  0  0  0   0   0   12 1

Luckily the active and and incoming queues aren't showing any signs of 
backscatter. I'm going to be checking firewall tomorrow to see if there's an 
issue there. Thanks for your help.

Gonzo Fernandez

On Jan 30, 2012, at 9:09 PM, Noel Jones wrote:

> On 1/30/2012 10:30 PM, Noel Jones wrote:
>> On 1/30/2012 6:46 PM, Gonzo Fernandez wrote:
>>> Thank you Noel. Our server sends out copies of email confirmations
>>> to our clients and if the client decides to make a large order they
>>> end up pushing our volume up and we end up getting blocked by their
>>> mail server. I seem to be getting connection timed out on a lot of
>>> the hosts. I even try to telnet to ip and port 25 but it keeps
>>> timing out. I used "grep" to search in /var/log/maillog and I got
>>> this. Any ideas?
>> 
>> 
>> This isn't a postfix problem.  If you can't telnet to any client
>> port 25, then you have a connectivity problem; maybe your ISP is
>> blocking that port, or some firewall has been misconfigured.
>> Contact your networking team or your ISP.
>> 
>> If you can't telnet to this one destination port 25, they're
>> blocking you.  You'll need to contact them to get this resolved.
>> 
>> 
>> Good luck.
>> 
>> 
>> 
>>  -- Noel Jones
> 
> 
> If the destination can't handle the load you're sending it, you can
> slow postfix down.  Details here:
> http://www.postfix.org/QSHAPE_README.html#active_congestion
> 
> Of course, this won't help until they stop blocking you.
> 
>  -- Noel Jones