Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
How to deal with 450 4.2.1 problems?
704 views
Skip to first unread message
Matthew Litwin
Oct 13, 2017, 4:01:03 PM10/13/17
to
Hello,
I am trying to resolve the seemingly endless saga about relaying mail to GMail from postfix where GMail purports to be "overwhelmed" (mercy!) by mail from a relay server. I was away for about a week and wasn't reading email or checking it and of course that was the time where either GMail made some policy change to throttle mail relayed to a GMail address even more restrictive or my domain is suddenly became a vector for even more spam relaying. The result is I now have about 145 MB of deferred mail in my mail queue, most of which is surely spam.
For some background, this is an old setup where I have a postfix server that simply is forwarded all mail to my gmail address with some very rudimentary spam sifting. I have had problems like this in the past so based on the stated policy by GMail that a inbound mail relaying from a single domain is effectively limited to 1 message per second ( https://support.google.com/a/answer/1366776), I added the following line to my postfix config:
smtp_destination_concurrency_limit = 1
smtp_destination_rate_delay = 1s
Once I employed this configuration, postfix didn't experience the dreaded 450 4.2.1 scenario for a couple of years. However, when I came back to see over 145 MB of spooled mail in my queue after realizing that mail from this mail server was not going through, I could see that something clearly had changed. So now I am trying to just get the spooled mail through, let alone come up with a lasting strategy that will avoid these horrors in the future. After a little light reading I found some other rate-limiting features to employ, so I changed the above configuration to this:
smtp_destination_concurrency_limit = 2
smtp_destination_rate_delay = 2s
smtp_extra_recipient_limit = 10
This seemed more appropriate since all mail from the domain (minus filters that scan for obvious junk which sends the mail to hell) is going to my GMail address. Also, I thought the 2s limit, which is effectively half of the GMail stated throttling trigger which, once tripped, will freeze out ALL email relaying until you shut your relay down for some unspecified period of time.
Needless to say, the GMail SMTP relay is getting more cold and unfeeling as the years go by, and being a "paying customer" of Google (albeit for consumer cloud storage) doesn't change that policy as much as I wish it would. Wishes aside, what is more irritating is that the rate limiting policy is clearly a lot more opaque than the previously linked document lets on. All I am trying to do is just get my backlog of mail to go through, but it seems that slowing down message-per-second rate to gmail.com is only serving to reduce the amount of backlog mail that I can churn through before the GMail SMTPolice freeze me out again, and since I have no idea how long the freeze out lasts, I honestly don't know when I should try again because I am sure if I restart the churn too soon and get the accursed 450 4.2.1 error again it resets the clock and thereby makes my wait period that much longer.
I want to write a script that mitigates this horrible situation that watches my mail.log for the vile 450 4.2.1 errors and stops postfix for X amount of minutes before it safely start the rechurn, but I have no idea what period of time X should be, or if there is some other factor outside of time that GMail determines is when it should unfreeze me. If anyone can shine light on me that would gratefully appreciated!
Help me Obi Wan, you're our only hope...
I am trying to resolve the seemingly endless saga about relaying mail to GMail from postfix where GMail purports to be "overwhelmed" (mercy!) by mail from a relay server. I was away for about a week and wasn't reading email or checking it and of course that was the time where either GMail made some policy change to throttle mail relayed to a GMail address even more restrictive or my domain is suddenly became a vector for even more spam relaying. The result is I now have about 145 MB of deferred mail in my mail queue, most of which is surely spam.
For some background, this is an old setup where I have a postfix server that simply is forwarded all mail to my gmail address with some very rudimentary spam sifting. I have had problems like this in the past so based on the stated policy by GMail that a inbound mail relaying from a single domain is effectively limited to 1 message per second ( https://support.google.com/a/answer/1366776), I added the following line to my postfix config:
smtp_destination_concurrency_limit = 1
smtp_destination_rate_delay = 1s
Once I employed this configuration, postfix didn't experience the dreaded 450 4.2.1 scenario for a couple of years. However, when I came back to see over 145 MB of spooled mail in my queue after realizing that mail from this mail server was not going through, I could see that something clearly had changed. So now I am trying to just get the spooled mail through, let alone come up with a lasting strategy that will avoid these horrors in the future. After a little light reading I found some other rate-limiting features to employ, so I changed the above configuration to this:
smtp_destination_concurrency_limit = 2
smtp_destination_rate_delay = 2s
smtp_extra_recipient_limit = 10
This seemed more appropriate since all mail from the domain (minus filters that scan for obvious junk which sends the mail to hell) is going to my GMail address. Also, I thought the 2s limit, which is effectively half of the GMail stated throttling trigger which, once tripped, will freeze out ALL email relaying until you shut your relay down for some unspecified period of time.
Needless to say, the GMail SMTP relay is getting more cold and unfeeling as the years go by, and being a "paying customer" of Google (albeit for consumer cloud storage) doesn't change that policy as much as I wish it would. Wishes aside, what is more irritating is that the rate limiting policy is clearly a lot more opaque than the previously linked document lets on. All I am trying to do is just get my backlog of mail to go through, but it seems that slowing down message-per-second rate to gmail.com is only serving to reduce the amount of backlog mail that I can churn through before the GMail SMTPolice freeze me out again, and since I have no idea how long the freeze out lasts, I honestly don't know when I should try again because I am sure if I restart the churn too soon and get the accursed 450 4.2.1 error again it resets the clock and thereby makes my wait period that much longer.
I want to write a script that mitigates this horrible situation that watches my mail.log for the vile 450 4.2.1 errors and stops postfix for X amount of minutes before it safely start the rechurn, but I have no idea what period of time X should be, or if there is some other factor outside of time that GMail determines is when it should unfreeze me. If anyone can shine light on me that would gratefully appreciated!
Help me Obi Wan, you're our only hope...
0 new messages