The timing in those log messages looks very suspicious to me -- it looks like the error occurs after exactly 5 minutes of inactivity. If spamdyke's timeout features are disabled, there must be some other link in your setup enforcing a 5 minute timeout. Just spitballing here, maybe it's a firewall or a load balancer? Is your qmail patched to invoke an external spam scanner or anything?
-- Sam Clippinger > On Mar 3, 2021, at 11:22 AM, Alessio Cecchi via spamdyke-users > <spamdyke-users@spamdyke.org> wrote: > > Hi, > > when a specific company send an email to us we receive the messages many > times, but only if they insert into recipients about 50 email address of the > same domain, if they sent the same email to only one recipients all works > fine. > After some investigation, with "full-log-dir" enabled, we discovered that our > qmail send a "421 timeout" to remote server but when the email is already > accepted, so the remote server try again and so on. > > Debug log, please note the delay from the last . and the error, five minutes > and note that "421 timeout" error was sent before of "250 ok" from qmail: > > ======== > > [...] > 03/02/2021 12:03:00 FROM REMOTE TO CHILD: 3 bytes TLS > . > > 03/02/2021 12:08:01 LOG OUTPUT TLS > ERROR(tls_write()@tls.c:678): unable to write to SSL/TLS stream: The > operation failed due to an I/O error, Connection reset by peer > ERROR(output_writeln()@log.c:104): unable to write 37 bytes to file > descriptor 1: Connection reset by peer > > 03/02/2021 12:08:01 FROM SPAMDYKE TO REMOTE: 37 bytes TLS > 421 Timeout. Talk faster next time. > > 03/02/2021 12:08:01 LOG OUTPUT TLS > TIMEOUT from: u...@company.biz <mailto:u...@company.biz> to: > u...@partnercompany.biz <mailto:u...@partnercompany.biz> origin_ip: > 40.107.3.43 origin_rdns: mail-eopbgr30043.outbound.protection.outlook.com > auth: (unknown) encryption: TLS reason: TIMEOUT > > 03/02/2021 12:10:06 FROM CHILD, FILTERED: 28 bytes TLS > 250 ok 1614683406 qp 12548 > > 03/02/2021 12:10:06 - TLS ended and closed > > 03/02/2021 12:10:06 CLOSED > ======== > > So I set the timeout from 600 to 1200 in qmail-smtpd, remove "idle-timeout" > from spamdyke, and disable the softlimit, the error change but the problem is > still present: > > ======== > > > 03/02/2021 13:59:27 FROM REMOTE TO CHILD: 3 bytes TLS > . > > 03/02/2021 14:06:34 LOG OUTPUT TLS > ERROR(tls_write()@tls.c:678): unable to write to SSL/TLS stream: The > operation failed due to an I/O error, Connection reset by peer > ERROR(output_writeln()@log.c:104): unable to write 26 bytes to file > descriptor 1: Connection reset by peer > > 03/02/2021 14:06:34 FROM CHILD TO REMOTE: 26 bytes TLS > 250 ok 1614690394 qp 765 > > 03/02/2021 14:06:34 LOG OUTPUT TLS > ALLOWED from: u...@company.biz <mailto:u...@company.biz> to: > u...@partnercompany.biz <mailto:u...@partnercompany.biz> origin_ip: > 40.107.0.68 origin_rdns: mail-eopbgr00068.outbound.protect > ion.outlook.com auth: (unknown) encryption: TLS reason: > 250_ok_1614690394_qp_765 > [...] > ALLOWED from: us...@company.biz <mailto:us...@company.biz> to: > us...@partnercompany.biz <mailto:us...@partnercompany.biz> origin_ip: > 40.107.0.68 origin_rdns: mail-eopbgr00068.outbound.protection.outlook.com > auth: (unknown) encryption: TLS reason: 250_ok_1614690394_qp_765 > ERROR(tls_read()@tls.c:620): unable to read from SSL/TLS stream: The > operation failed due to an I/O error, Unexpected EOF found > > 03/02/2021 14:06:34 - TLS ended and closed > > 03/02/2021 14:06:34 CLOSED > ======== > > Any suggestions? > > Thanks > -- > Alessio Cecchi > Postmaster @ http://www.qboxmail.it <http://www.qboxmail.it/> > https://www.linkedin.com/in/alessice > <https://www.linkedin.com/in/alessice>_______________________________________________ > spamdyke-users mailing list > spamdyke-users@spamdyke.org > https://spamdyke.org/mailman/listinfo/spamdyke-users
_______________________________________________ spamdyke-users mailing list spamdyke-users@spamdyke.org https://spamdyke.org/mailman/listinfo/spamdyke-users