I manage a local intranet mail server which collects mails from our local users
and sends them all via our public mail hub server.
Everything was fine until few weeks ago. Some small part of our emails (about 10%) hangs
in mail's server queue with error: timeout exceeded (in reply to end of DATA command)).
Some emails stay in queue untill timeout expires (3 days) and returns to a sender with error.
There are emails which stay in queue for a few hours (with the same error)
but after serveral retries finally leave our server and reach recepients.
Noticed following facts:
- every timeout error is: (in reply to end of DATA command), there are no other errors
- problem does not depend on email size (there were delayed emails with size range from 1kb to 5mb)
Turned off: tcp window scalling, tcp ecn, smtp_connection_cache_on_demand - without success.
In my opinion problem is on the mail hub server but I have no proofs.
Talking with mail hub server's administrator but he said, that no others have problems with mails
and that must be a problem with my email server.
Now I stuck with my undelivered emails.
Best regards.
Tom.
Logs
System: Debian Wheezy
postfix ver 2.8.3-1
-Queue ID- --Size-- ----Arrival Time---- -Sender/Recipient-------
4A9409365 4130 Tue Jun 14 09:59:13 aa...@aaa.aaa.aa
(host mailhub.aaa.aaa[NN.NN.N.NN] said: 421 4.4.2 mailhub.aaa.aaa Error: timeout exceeded (in reply to end of
DATA command))
postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
bounce_queue_lifetime = 2d
config_directory = /etc/postfix
content_filter = vscan:[127.0.0.1]:10024
delay_warning_time = 24h
disable_dns_lookups = yes
header_checks = regexp:/etc/postfix/header_checks
home_mailbox = Maildir/
inet_interfaces = merlin, 127.0.0.1
mailbox_command = /usr/bin/procmail -a "$EXTENSION" DEFAULT=$HOME/Maildir/ MAILDIR=$HOME/Maildir
mailbox_size_limit = 512000000
maximal_queue_lifetime = 3d
message_size_limit = 102400000
mydestination = $myhostname, $myhostname.$mydomain, localhost, AAAAAAA
mydomain = AAA.AAA.AAA
myhostname = AAAAAAAA
mynetworks = 127.0.0.0/8, NN.NN.NN.NN/24
myorigin = /etc/mailname
notify_classes = bounce, 2bounce, policy, protocol, resource, software
recipient_delimiter = +
relayhost =
smtp_host_lookup = native
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
transport_maps = hash:/etc/postfix/transport, regexp:/etc/sympa/transport
Try collecting a tcpdump recording.
http://www.postfix.org/DEBUG_README.html#sniffer
Command:
# tcpdump -s 0 -w /file/name host server-ip-address and port 25
After some time, "kill -INT" the tcpdump process.
Look in the logfile for a session that breaks, and find that session
in the tcpdump recording.
# tcpdump -nr /file/name | less
Note the client tcp port, then extract that session:
# tcpdump -nr /file/name -w file/name2 port xxx
Then, contact Victor or me off-list.
Wietse
> Command:
> # tcpdump -s 0 -w /file/name host server-ip-address and port 25
>
> After some time, "kill -INT" the tcpdump process.
>
> Look in the logfile for a session that breaks, and find that session
> in the tcpdump recording.
>
> # tcpdump -nr /file/name | less
>
> Note the client tcp port, then extract that session:
>
> # tcpdump -nr /file/name -w file/name2 port xxx
The second tcpdump may also need the "-s 0" option to retain the
full TCP payload.
--
Viktor.