Mail stuck (Connection Timed-Out)

[Gonzo Fernandez]

Hi All,

My relay servers have mail being received but unable to send. When I type "mailq" I see: Delivery temporarily suspended….Connection timed out. I also noticed this line:

Tarpitting active for [1.2.3.4)

I restarted postfix, flushed mailq and still everything is stuck. Now the mail is building up and I don't know what else to do. I'm still continuing to work on it but I figure I might as well ask the postfix team members. Can anyone help me figure this thing out please? 

mailq:

Jan 30 13:53:27 mx-ca4-01 postfix/qmgr[26443]: BC535E8264: from=<ma...@mail.com>, size=805, nrcpt=1 (queue active)

Jan 30 13:53:55 mx-ca4-01 postfix/qmgr[26443]: BC535E8264: to=<ma...@mail.com>, relay=none, delay=357647, delays=357619/28/0/0, dsn=4.4.1, status=deferred (delivery temporarily suspended: connect to mail.com[1.2.3.4]: Connection timed out)

I set this line up in main.cf and it did help a little bit: smtpd_error_sleep_time = 0

Here's my postconf -n:

alias_database = hash:/etc/aliases

alias_maps = hash:/etc/aliases

command_directory = /usr/sbin

config_directory = /etc/postfix

daemon_directory = /usr/libexec/postfix

debug_peer_level = 2

disable_vrfy_command = yes

header_checks = regexp:/etc/postfix/header_checks

html_directory = no

inet_interfaces = all

mail_owner = postfix

mailq_path = /usr/bin/mailq.postfix

manpage_directory = /usr/share/man

mydestination = $myhostname, localhost.$mydomain, localhost

mynetworks = 1.2.3.0/24, 1.2.3.0/24, 1.2.3.0/24, 1.2.3.0/24, 1.2.3.0/24

newaliases_path = /usr/bin/newaliases.postfix

queue_directory = /var/spool/postfix

readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES

sample_directory = /usr/share/doc/postfix-2.3.3/samples

sendmail_path = /usr/sbin/sendmail.postfix

setgid_group = postdrop

smtpd_error_sleep_time = 0

unknown_local_recipient_reject_code = 550

Gonzo Fernandez

[Noel Jones]

On 1/30/2012 5:07 PM, Gonzo Fernandez wrote:
> Hi All,
>
> My relay servers have mail being received but unable to send. When I
> type "mailq" I see: Delivery temporarily suspended….Connection timed
> out. I also noticed this line:
>
> Tarpitting active for [1.2.3.4)
>
> I restarted postfix, flushed mailq and still everything is stuck.
> Now the mail is building up and I don't know what else to do. I'm
> still continuing to work on it but I figure I might as well ask the
> postfix team members. Can anyone help me figure this thing out please?
>
> mailq:
>
> Jan 30 13:53:27 mx-ca4-01 postfix/qmgr[26443]: BC535E8264:

> from=<ma...@example.com <mailto:ma...@example.com>>, size=805, nrcpt=1

> (queue active)
> Jan 30 13:53:55 mx-ca4-01 postfix/qmgr[26443]: BC535E8264:

> to=<ma...@example.com <mailto:ma...@example.com>>, relay=none, delay=357647,
> delays=357619/28/0/0, dsn=4.4.1, status=deferred (delivery
> temporarily suspended: connect to example.com
> <http://example.com>[1.2.3.4]: Connection timed out)


(please post in plain-text only)
(please use example.com rather than real domain names. thanks)


Looks as if the destination 1.2.3.4 doesn't like your server.
You'll need to check with them about why.

One possibility is that you've been flooding them with backscatter
and they've blacklisted you for that. If that's the problem, the
solution is to not accept mail you can't deliver.

Or maybe you've got a spam-bot on your network that's spewing stuff
they don't like.

But that's just speculation... Only they know the reason.



-- Noel Jones

[Gonzo Fernandez]

Thank you Noel. Our server sends out copies of email confirmations to our clients and if the client decides to make a large order they end up pushing our volume up and we end up getting blocked by their mail server. I seem to be getting connection timed out on a lot of the hosts. I even try to telnet to ip and port 25 but it keeps timing out. I used "grep" to search in /var/log/maillog and I got this. Any ideas?

[root@mx-server ~]# cat /var/log/maillog | grep B0847E8491

Jan 30 08:44:38 mx-server postfix/cleanup[24478]: B0847E8491: message-id=<20120130164438.B0847E8491@mxse...@example.com>

Jan 30 08:44:38 mx-server postfix/qmgr[16186]: B0847E8491: from=<>, size=3456, nrcpt=1 (queue active)

Jan 30 08:44:38 mx-server postfix/bounce[24473]: 2604BE84D6: sender non-delivery notification: B0847E8491

Jan 30 08:45:01 mx-server postfix/smtp[24278]: B0847E8491: to=<ma...@example.com>, relay=none, delay=23, delays=0.03/0/23/0, dsn=4.4.1, status=deferred (connect to example.com[1.2.3.4]: Connection timed out)

Jan 30 09:08:09 mx-server postfix/qmgr[16186]: B0847E8491: from=<>, size=3456, nrcpt=1 (queue active)

Jan 30 09:08:32 mx-server postfix/smtp[24522]: B0847E8491: to=<ma...@example.com>, relay=none, delay=1434, delays=1411/0/23/0, dsn=4.4.1, status=deferred (connect to example.com[1.2.3.4]: Connection timed out)

Jan 30 09:41:31 mx-server postfix/qmgr[16186]: B0847E8491: from=<>, size=3456, nrcpt=1 (queue active)

Jan 30 09:41:52 mx-server postfix/smtp[24793]: B0847E8491: to=<ma...@example.com>, relay=none, delay=3434, delays=3412/0.1/21/0, dsn=4.4.1, status=deferred (connect to example.com[1.2.3.4]: Connection timed out)

Jan 30 10:48:09 mx-server postfix/qmgr[16186]: B0847E8491: from=<>, size=3456, nrcpt=1 (queue active)

Jan 30 10:48:15 mx-server postfix/smtp[25097]: B0847E8491: to=<ma...@example.com>, relay=none, delay=7417, delays=7411/0.06/5.9/0, dsn=4.4.3, status=deferred (Host or domain name not found. Name service error for name=example.com type=A: Host not found, try again)

Jan 30 12:11:30 mx-server postfix/qmgr[16186]: B0847E8491: from=<>, size=3456, nrcpt=1 (queue active)

Jan 30 12:11:53 mx-server postfix/smtp[25539]: B0847E8491: to=<ma...@example.com>, relay=none, delay=12435, delays=12411/0.05/23/0, dsn=4.4.1, status=deferred (connect to example.com[1.2.3.4]: Connection timed out)

Jan 30 13:22:45 mx-server postfix/qmgr[26236]: B0847E8491: from=<>, size=3456, nrcpt=1 (queue active)

Jan 30 13:23:12 mx-server postfix/smtp[26261]: B0847E8491: to=<ma...@example.com>, relay=none, delay=16713, delays=16687/0.56/26/0, dsn=4.4.1, status=deferred (connect to example.com[1.2.3.4]: Connection timed out)

Jan 30 13:53:27 mx-server postfix/qmgr[26443]: B0847E8491: from=<>, size=3456, nrcpt=1 (queue active)

Jan 30 13:53:55 mx-server postfix/smtp[26593]: B0847E8491: to=<ma...@example.com>, relay=none, delay=18556, delays=18529/6.5/21/0, dsn=4.4.1, status=deferred (connect to example.com[1.2.3.4]: Connection timed out)

Jan 30 15:14:54 mx-server postfix/qmgr[27600]: B0847E8491: from=<>, size=3456, nrcpt=1 (queue active)

Jan 30 15:15:21 mx-server postfix/smtp[27790]: B0847E8491: to=<ma...@example.com>, relay=none, delay=23443, delays=23416/5.9/21/0, dsn=4.4.1, status=deferred (connect to example.com[1.2.3.4]: Connection timed out)

[root@mx-server ~]# telnet 1.2.3.4 25

Trying 1.2.3.4...

telnet: connect to address 1.2.3.4: Connection timed out

telnet: Unable to connect to remote host: Connection timed out

Gonzo Fernandez

On Jan 30, 2012, at 3:36 PM, Noel Jones wrote:

On 1/30/2012 5:07 PM, Gonzo Fernandez wrote:

Hi All,

My relay servers have mail being received but unable to send. When I

type "mailq" I see: Delivery temporarily suspended….Connection timed

out. I also noticed this line:

Tarpitting active for [1.2.3.4)

I restarted postfix, flushed mailq and still everything is stuck.

Now the mail is building up and I don't know what else to do. I'm

still continuing to work on it but I figure I might as well ask the

postfix team members. Can anyone help me figure this thing out please?

mailq:

Jan 30 13:53:27 mx-server postfix/qmgr[26443]: BC535E8264:

from=<ma...@example.com <mailto:ma...@example.com>>, size=805, nrcpt=1

(queue active)

Jan 30 13:53:55 mx-server postfix/qmgr[26443]: BC535E8264:

[Noel Jones]

On 1/30/2012 6:46 PM, Gonzo Fernandez wrote:
> Thank you Noel. Our server sends out copies of email confirmations
> to our clients and if the client decides to make a large order they
> end up pushing our volume up and we end up getting blocked by their
> mail server. I seem to be getting connection timed out on a lot of
> the hosts. I even try to telnet to ip and port 25 but it keeps
> timing out. I used "grep" to search in /var/log/maillog and I got
> this. Any ideas?

This isn't a postfix problem. If you can't telnet to any client
port 25, then you have a connectivity problem; maybe your ISP is
blocking that port, or some firewall has been misconfigured.
Contact your networking team or your ISP.

If you can't telnet to this one destination port 25, they're
blocking you. You'll need to contact them to get this resolved.


Good luck.



-- Noel Jones

[Noel Jones]

If the destination can't handle the load you're sending it, you can
slow postfix down. Details here:
http://www.postfix.org/QSHAPE_README.html#active_congestion

Of course, this won't help until they stop blocking you.

-- Noel Jones

[Gonzo Fernandez]

I was reading about "Defferred queue full of dictionary attack bounces" which I think might be an issue here. 

So i performed a qshape analysis and I got this:

command: qshape deferred | head

                                         T  5 10 20 40 80 160 320 640 1280 1280+

                                 TOTAL 583  0  0  0  0  0   1   8  47   25   502

                             adbaa.org 214  0  0  0  0  0   0   0   0    0   214

                             onramp.bz 191  0  0  0  0  0   1   6  26   10   148

             unitedimagingpartners.com  62  0  0  0  0  0   0   0   7    5    50

                       mmvacations.com  26  0  0  0  0  0   0   0   1    0    25

                fishwindowcleaning.com  12  0  0  0  0  0   0   0   3    1     8

                       warrensouth.com   5  0  0  0  0  0   0   0   1    0     4

                  ecodiscoverypark.com   5  0  0  0  0  0   0   1   0    0     4

                               pfg.com   4  0  0  0  0  0   0   0   1    2     1

Luckily the active and and incoming queues aren't showing any signs of backscatter. I'm going to be checking firewall tomorrow to see if there's an issue there. Thanks for your help.

Gonzo Fernandez