delivery temporarily suspended: lost connection

Discussion:

(too old to reply)

David Hill

2005-04-25 16:31:47 UTC

Hello -
Our postfix SMTP server is having issues sending email to a certain host. All emails show (delivery temporarily suspended: lost connection with mail2.domain.com[xx.xxx.xxx.xxx] while sending message body).

If I manually telnet from our smtp server to mail2.domain.com 25 and send email that way, it works. I have disabled the firewall on our side and it still occurs. I believe the host we are emailing is running Microsoft Exchange with a firewall in front. But I am wondering why my telnet session works to send email, but not with postfix?

We are only having this problem with them, but they say they aren't having issues, except with us.

A sample tcpdump
11:55:30.021307 smtp2.domain.net.9677 > h-64-105-238-254.chcgilgm.customer.net.smtp: S [tcp sum ok] 4242301277:4242301277(0) win 16384 <mss 1460,nop,nop,sackOK,nop,wscale 0,nop,nop,times
tamp 2548242866 0> (ttl 64, id 16732, len 64)
11:55:31.007418 h-64-105-238-254.chcgilgm.customer.net.smtp > smtp2.domain.net.9677: S [tcp sum ok] 2573025031:2573025031(0) ack 4242301278 win 16384 (ttl 23, id 0, len 40)
11:55:31.007532 smtp2.domain.net.9677 > h-64-105-238-254.chcgilgm.customer.net.smtp: . [tcp sum ok] 1:1(0) ack 1 win 16384 (ttl 64, id 27883, len 40)
11:55:32.008110 h-64-105-238-254.chcgilgm.customer.net.smtp > smtp2.domain.net.9677: P [tcp sum ok] 1:121(120) ack 1 win 65535 (DF) (ttl 119, id 22762, len 160)
11:55:32.008392 smtp2.domain.net.9677 > h-64-105-238-254.chcgilgm.customer.net.smtp: P [tcp sum ok] 1:22(21) ack 121 win 16384 (ttl 64, id 21686, len 61)
11:55:32.832994 h-64-105-238-254.chcgilgm.customer.net.smtp > smtp2.domain.net.9677: P [tcp sum ok] 121:436(315) ack 22 win 65514 (DF) (ttl 119, id 23562, len 355)
11:55:32.833418 smtp2.domain.net.9677 > h-64-105-238-254.chcgilgm.customer.net.smtp: P [tcp sum ok] 22:114(92) ack 436 win 16384 (ttl 64, id 28168, len 132)
11:55:33.635498 h-64-105-238-254.chcgilgm.customer.net.smtp > smtp2.domain.net.9677: P [tcp sum ok] 436:481(45) ack 114 win 65422 (DF) (ttl 119, id 24868, len 85)
11:55:33.832306 smtp2.domain.net.9677 > h-64-105-238-254.chcgilgm.customer.net.smtp: . [tcp sum ok] 114:114(0) ack 481 win 16384 (ttl 64, id 25532, len 40)
11:55:33.939218 h-64-105-238-254.chcgilgm.customer.net.smtp > smtp2.domain.net.9677: P [tcp sum ok] 481:569(88) ack 114 win 65422 (DF) (ttl 119, id 25424, len 128)
11:55:33.939533 smtp2.domain.net.9677 > h-64-105-238-254.chcgilgm.customer.net.smtp: . [tcp sum ok] 114:1574(1460) ack 569 win 16384 (ttl 64, id 24721, len 1500)
11:55:33.939570 smtp2.domain.net.9677 > h-64-105-238-254.chcgilgm.customer.net.smtp: . [tcp sum ok] 1574:3034(1460) ack 569 win 16384 (ttl 64, id 20025, len 1500)
11:55:33.939586 smtp2.domain.net.9677 > h-64-105-238-254.chcgilgm.customer.net.smtp: P [tcp sum ok] 3034:4210(1176) ack 569 win 16384 (ttl 64, id 29626, len 1216)
11:55:33.939748 smtp2.domain.net.9677 > h-64-105-238-254.chcgilgm.customer.net.smtp: . [tcp sum ok] 4210:5670(1460) ack 569 win 16384 (ttl 64, id 12330, len 1500)
11:55:34.032356 h-64-105-238-254.chcgilgm.customer.net.smtp > smtp2.domain.net.9677: R [tcp sum ok] 569:573(4) ack 52666019 win 16384 [RST ehnc] (ttl 23, id 0, len 44)
11:55:34.051113 h-64-105-238-254.chcgilgm.customer.net.smtp > smtp2.domain.net.9677: R [tcp sum ok] 569:573(4) ack 52666019 win 16384 [RST ehnc] (ttl 23, id 0, len 44)
11:55:34.074626 h-64-105-238-254.chcgilgm.customer.net.smtp > smtp2.domain.net.9677: . [tcp sum ok] 569:569(0) ack 114 win 65422 (DF) (ttl 119, id 25630, len 40)
11:55:34.074685 smtp2.domain.net.9677 > h-64-105-238-254.chcgilgm.customer.net.smtp: R [tcp sum ok] 4242301391:4242301391(0) win 0 (ttl 64, id 20727, len 40)
11:55:34.093840 h-64-105-238-254.chcgilgm.customer.net.smtp > smtp2.domain.net.9677: R [tcp sum ok] 569:573(4) ack 52666019 win 16384 [RST ehnc] (ttl 23, id 0, len 44)
11:55:43.368177 h-64-105-238-254.chcgilgm.customer.net.smtp > smtp2.domain.net.9677: R [tcp sum ok] 918865643:918865646(3) ack 52666019 win 0 [RST cki] (ttl 23, id 0, len 43)

Any ideas I can try?
Thanks
David

Victor Duchovni

2005-04-25 16:40:25 UTC

Permalink

Post by David Hill
Hello -
Our postfix SMTP server is having issues sending email to a certain host. All emails show (delivery temporarily suspended: lost connection with mail2.domain.com[xx.xxx.xxx.xxx] while sending message body).

Read the log message. It is from the queue manager not from smtp(8),
and it is reporting the cached reason the destination is throttled. The
destination will be unthrottled after the mininal_backoff_time timer
expires. If the site once more turns away most messages, it will
be throttled again.

Make sure you don't have the ICMP messages for PATH MTU discovery
disabled, ask them to check their ICMP firewall settings.

--
Viktor.

Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the "Reply-To" header.

To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:
<mailto:***@postfix.org?body=unsubscribe%20postfix-users>

David Hill

2005-04-25 17:07:35 UTC

Permalink

Post by Victor Duchovni

Read the log message. It is from the queue manager not from smtp(8),
and it is reporting the cached reason the destination is throttled. The
destination will be unthrottled after the mininal_backoff_time timer
expires. If the site once more turns away most messages, it will
be throttled again.
Make sure you don't have the ICMP messages for PATH MTU discovery
disabled, ask them to check their ICMP firewall settings.
--
Viktor.
Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the "Reply-To" header.
To unsubscribe from the postfix-users list, visit

Ok, I have tried both stopping and starting postfix, and flushing the queue. I also doubled checked Path MTU was enabled and the firewall was disabled. Both are good.

Next thing would be to have him look into path mtu on his side?

David Hill

2005-04-25 17:48:04 UTC

Permalink

Post by David Hill

Post by Victor Duchovni

Read the log message. It is from the queue manager not from smtp(8),
and it is reporting the cached reason the destination is throttled. The
destination will be unthrottled after the mininal_backoff_time timer
expires. If the site once more turns away most messages, it will
be throttled again.
Make sure you don't have the ICMP messages for PATH MTU discovery
disabled, ask them to check their ICMP firewall settings.
--
Viktor.
Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the "Reply-To" header.
To unsubscribe from the postfix-users list, visit

Ok, I have tried both stopping and starting postfix, and flushing the queue. I also doubled checked Path MTU was enabled and the firewall was disabled. Both are good.
Next thing would be to have him look into path mtu on his side?
!DSPAM:426d2342762321281283465!

Ok, they were using a sonicwall firewall on a DSL bridge.
He set his MTU to 1492 (they use PPPoE) and that worked.

Thanks!

mouss

2005-04-25 17:51:43 UTC

Permalink

Post by David Hill
Ok, I have tried both stopping and starting postfix, and flushing the queue. I also doubled checked Path MTU was enabled and the firewall was disabled. Both are good.
Next thing would be to have him look into path mtu on his side?

Did you try telnet with EHLO? (to check if there's broken proxy that
mishandles ehlo)
when doing so, check the server greeting to verify that it is the
exchange server and not a proxy.
you can also sniff traffic and look for any anomalies.