SMTP timeout after DATA from <server>
This is a discussion on SMTP timeout after DATA from <server> within the Linux Networking forums, part of the Linux Forums category; There are a couple of mail servers - charter.net and mta.email.ichotelsgroup.com that give me the timeout after ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
03-22-2008
|
|||
|
|||
SMTP timeout after DATA from <server>
There are a couple of mail servers - charter.net and
mta.email.ichotelsgroup.com that give me the timeout after DATA from message in my mail.log. I am running post fix. I get lots of mail from other servers... but these two keep trying over and over again and give me these timeout messages. Any idea what might be causing this? Any postfix gurus that can suggest a setting I can tweak. This is going via a tunnel from a fixed ip address to my mail server on the other end of the tunnel. mail from gmail and my office and other sites don't have issues.. my log just shows charter.net and ichotelsgroup.com as servers having issues. jack -- 
|
|
03-23-2008
|
|||
|
|||
|
Re: SMTP timeout after DATA from <server>
On Sat, 22 Mar 2008 15:57:57 GMT, Jack Snodgrass
<jacks_temp_id_bf2142@verizon.net> wrote: >There are a couple of mail servers - charter.net and >mta.email.ichotelsgroup.com that give me the >timeout after DATA from >message in my mail.log. > >I am running post fix. > >I get lots of mail from other servers... but these two keep trying over >and over again and give me these timeout messages. > >Any idea what might be causing this? > >Any postfix gurus that can suggest a setting I can tweak. > >This is going via a tunnel from a fixed ip address to my mail >server on the other end of the tunnel. mail from gmail and my >office and other sites don't have issues.. my log just shows >charter.net and ichotelsgroup.com as servers having issues. > >jack I'm no postfix guru, though I do run it. I'd suggest that you try a Wireshark dump. Since other mtas are able to talk, then suspect a firewall setting or other foreign interference. It certainly isn't impossible that you have something weird in your postfix setup, but for it to be so specific would be unusual. charter.net has been on (and off again) many black hole lists. I don't know its current status, but you should see if others also have a problem with it. If you have ECN (congestion) enabled, make sure that isn't a problem for some router in the path. -- buck
|
|
03-23-2008
|
|||
|
|||
|
Re: SMTP timeout after DATA from <server>
Am Sat, 22 Mar 2008 15:57:57 +0000 schrieb Jack Snodgrass:
> This is going via a tunnel from a fixed ip address to my mail > server on the other end of the tunnel. mail from gmail and my > office and other sites don't have issues.. my log just shows > charter.net and ichotelsgroup.com as servers having issues. What says the log?
|
|
03-23-2008
|
|||
|
|||
|
Re: SMTP timeout after DATA from <server>
On Sat, 22 Mar 2008 20:22:23 -0700, buck wrote:
> On Sat, 22 Mar 2008 15:57:57 GMT, Jack Snodgrass > <jacks_temp_id_bf2142@verizon.net> wrote: > >>There are a couple of mail servers - charter.net and >>mta.email.ichotelsgroup.com that give me the timeout after DATA from >>message in my mail.log. >> >>I am running post fix. >> >>I get lots of mail from other servers... but these two keep trying over >>and over again and give me these timeout messages. >> >>Any idea what might be causing this? >> >>Any postfix gurus that can suggest a setting I can tweak. >> >>This is going via a tunnel from a fixed ip address to my mail server on >>the other end of the tunnel. mail from gmail and my office and other >>sites don't have issues.. my log just shows charter.net and >>ichotelsgroup.com as servers having issues. >> >>jack > I'm no postfix guru, though I do run it. > > I'd suggest that you try a Wireshark dump. Since other mtas are able to > talk, then suspect a firewall setting or other foreign interference. It > certainly isn't impossible that you have something weird in your postfix > setup, but for it to be so specific would be unusual. > > charter.net has been on (and off again) many black hole lists. I don't > know its current status, but you should see if others also have a > problem with it. > > If you have ECN (congestion) enabled, make sure that isn't a problem for > some router in the path. Not sure how this will cut/paste.... I changed the domains and email addresses... and replaced the local ip with L and the remote with R. The rest is as-is.... L R SMTP Response: 220 home.example.com ESMTP Postfix R L TCP 51499 > smtp [ACK] Seq=1 Ack=43 Win=33304 Len=0 TSV=1776034838 TSER=2021657217 R L SMTP Command: EHLO que03.charter.net L R TCP smtp > 51499 [ACK] Seq=43 Ack=25 Win=91 Len=0 TSV=2021657480 TSER=1776034838 L R SMTP Response: 250-home.example.com R L TCP 51499 > smtp [ACK] Seq=25 Ack=186 Win=33304 Len=0 TSV=1776034849 TSER=2021657480 R L SMTP Command: MAIL FROM:<RUser@charter.net> SIZE=3430 L R SMTP Response: 250 2.1.0 Ok R L SMTP Command: RCPT TO:<jack@example.com> L R TCP smtp > 51499 [ACK] Seq=200 Ack=102 Win=91 Len=0 TSV=2021657770 TSER=1776034866 L R SMTP Response: 250 2.1.5 Ok R L SMTP Command: DATA L R TCP smtp > 51499 [ACK] Seq=214 Ack=108 Win=91 Len=0 TSV=2021657872 TSER=1776034888 L R SMTP Response: 354 End data with <CR><LF>.<CR><LF> R L SMTP DATA fragment, 1120 bytes R L SMTP [TCP Previous segment lost] DATA fragment, 862 bytes L R TCP smtp > 51499 [ACK] Seq=251 Ack=1228 Win=126 Len=0 TSV=2021658042 TSER=1776034898 SLE=2676 SRE=3538 L R SMTP Response: 421 4.4.2 home.example.com Error: timeout exceeded .... is that enough data for someone to tell anything? An email from gmail.com does something similar except for the R L SMTP [TCP Previous segment lost] DATA fragment, 862 bytes packet... I don't get that.. I get a couple of DATA Fragment packets, I ACK them and the mail session closes normally. jack --
|
|
03-26-2008
|
|||
|
|||
|
Re: SMTP timeout after DATA from <server>
On Sun, 23 Mar 2008 21:15:01 +0000, Jack Snodgrass wrote:
> On Sat, 22 Mar 2008 20:22:23 -0700, buck wrote: > >> On Sat, 22 Mar 2008 15:57:57 GMT, Jack Snodgrass >> <jacks_temp_id_bf2142@verizon.net> wrote: >> >>>There are a couple of mail servers - charter.net and >>>mta.email.ichotelsgroup.com that give me the timeout after DATA from >>>message in my mail.log. >>> >>>I am running post fix. >>> >>>I get lots of mail from other servers... but these two keep trying over >>>and over again and give me these timeout messages. >>> >>>Any idea what might be causing this? >>> >>>Any postfix gurus that can suggest a setting I can tweak. >>> >>>This is going via a tunnel from a fixed ip address to my mail server on >>>the other end of the tunnel. mail from gmail and my office and other >>>sites don't have issues.. my log just shows charter.net and >>>ichotelsgroup.com as servers having issues. >>> >>>jack >> I'm no postfix guru, though I do run it. >> >> I'd suggest that you try a Wireshark dump. Since other mtas are able to >> talk, then suspect a firewall setting or other foreign interference. It >> certainly isn't impossible that you have something weird in your postfix >> setup, but for it to be so specific would be unusual. >> >> charter.net has been on (and off again) many black hole lists. I don't >> know its current status, but you should see if others also have a >> problem with it. >> >> If you have ECN (congestion) enabled, make sure that isn't a problem for >> some router in the path. > > > Not sure how this will cut/paste.... I changed the domains and email > addresses... and replaced the local ip with L and the remote with R. > The rest is as-is.... > > L R SMTP Response: 220 home.example.com ESMTP Postfix > R L TCP 51499 > smtp [ACK] Seq=1 Ack=43 Win=33304 Len=0 > TSV=1776034838 TSER=2021657217 > R L SMTP Command: EHLO que03.charter.net > L R TCP smtp > 51499 [ACK] Seq=43 Ack=25 Win=91 Len=0 > TSV=2021657480 TSER=1776034838 > L R SMTP Response: 250-home.example.com > R L TCP 51499 > smtp [ACK] Seq=25 Ack=186 Win=33304 Len=0 > TSV=1776034849 TSER=2021657480 > R L SMTP Command: MAIL FROM:<RUser@charter.net> SIZE=3430 > L R SMTP Response: 250 2.1.0 Ok > R L SMTP Command: RCPT TO:<jack@example.com> > L R TCP smtp > 51499 [ACK] Seq=200 Ack=102 Win=91 Len=0 > TSV=2021657770 TSER=1776034866 > L R SMTP Response: 250 2.1.5 Ok > R L SMTP Command: DATA > L R TCP smtp > 51499 [ACK] Seq=214 Ack=108 Win=91 Len=0 > TSV=2021657872 TSER=1776034888 > L R SMTP Response: 354 End data with <CR><LF>.<CR><LF> > R L SMTP DATA fragment, 1120 bytes > R L SMTP [TCP Previous segment lost] DATA fragment, 862 bytes > L R TCP smtp > 51499 [ACK] Seq=251 Ack=1228 Win=126 Len=0 > TSV=2021658042 TSER=1776034898 SLE=2676 SRE=3538 > L R SMTP Response: 421 4.4.2 home.example.com Error: timeout exceeded > > ... is that enough data for someone to tell anything? An email from > gmail.com does something similar except for the > R L SMTP [TCP Previous segment lost] DATA fragment, 862 bytes > packet... I don't get that.. I get a couple of DATA Fragment packets, > I ACK them and the mail session closes normally. > > > jack bump -- D.A.M. - Mothers Against Dyslexia see http://www.jacksnodgrass.com for my contact info. jack - Grapevine/Richardson
|
|
03-26-2008
|
|||
|
|||
|
Re: SMTP timeout after DATA from <server>
On Sun, 23 Mar 2008 21:15:01 GMT, Jack Snodgrass
<jacks_temp_id_bf2142@verizon.net> wrote: > L R SMTP Response: 220 home.example.com ESMTP Postfix > R L TCP 51499 > smtp [ACK] Seq=1 Ack=43 Win=33304 Len=0 >TSV=1776034838 TSER=2021657217 > R L SMTP Command: EHLO que03.charter.net > L R TCP smtp > 51499 [ACK] Seq=43 Ack=25 Win=91 Len=0 >TSV=2021657480 TSER=1776034838 > L R SMTP Response: 250-home.example.com > R L TCP 51499 > smtp [ACK] Seq=25 Ack=186 Win=33304 Len=0 >TSV=1776034849 TSER=2021657480 > R L SMTP Command: MAIL FROM:<RUser@charter.net> SIZE=3430 > L R SMTP Response: 250 2.1.0 Ok > R L SMTP Command: RCPT TO:<jack@example.com> > L R TCP smtp > 51499 [ACK] Seq=200 Ack=102 Win=91 Len=0 >TSV=2021657770 TSER=1776034866 > L R SMTP Response: 250 2.1.5 Ok > R L SMTP Command: DATA > L R TCP smtp > 51499 [ACK] Seq=214 Ack=108 Win=91 Len=0 >TSV=2021657872 TSER=1776034888 > L R SMTP Response: 354 End data with <CR><LF>.<CR><LF> > R L SMTP DATA fragment, 1120 bytes > R L SMTP [TCP Previous segment lost] DATA fragment, 862 bytes > L R TCP smtp > 51499 [ACK] Seq=251 Ack=1228 Win=126 Len=0 >TSV=2021658042 TSER=1776034898 SLE=2676 SRE=3538 This sure looks like a dropped packet to me. But the real question is, why was it not requested again? Of course, it could be that wireshark simply could not keep up so that's why you see this. I've never encountered "TCP Previous segment lost" so I'm no help here. But I believe that if the TCP/IP protocol found that it had not received an expected packet, it would ask for it again. Notice that the SEQ jumps from 200 to 214 but the ACK only increments from 102 to 108. What happened to those other 8? > L R SMTP Response: 421 4.4.2 home.example.com Error: timeout exceeded I consider this to be strange because I would expect to see retry attempts to get the missing packet. Whether that is the one of 1120 bytes or the one of 862 bytes is unknown, but the missing fragment appears to me to be the root of the problem. If the complete packet cannot be reassembled, nothing good is going to happen. Have you altered anything in /proc/sys? Is the MTU or a frag setting involved? Apparently nobody in this group (including me!) has any clues for you because several days have elapsed with no other responses. Perhaps you should post to linuxquestions or a different group, Etc. Where's Moe Trin when ya need him? -- buck
|
 |
«
Previous Thread
|
Next Thread
»
| Thread Tools | |
| Display Modes | |
Linear Mode
|
|
All times are GMT +1. The time now is 10:03 PM.
