server dropped connection without sending the initial greeting

I am seeing the log below occurring frequently on all four of my
external relays. These relays hand off to a set of tumbleweeds via a
load balanced VIP. I can telnet to the VIP via port 25 as well as the
actual nodes themselves. Queue is building and I cannot find why the
mail is being deferred. I am not using amavisd and as you can tell by
the log entry there are no deferred attempts to localhost. Please
help, situation is becoming critical... I see several instances of this
exact question on these lists but no conclusion.

Regards


0ct 18 01:18:19 localhost postfix/smtp[5221]: 10E4710000361:
to=<xxx@xxx.com>, relay=none, delay=113596, status=deferred (connect to
vip.xxx.com[xxx.111.61.145]: server dropped connection without sending
the initial greeting)

postconf -n:

always_bcc =
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
debug_peer_level = 2
default_destination_concurrency_limit = 100
default_process_limit = 200
enable_server_options = yes
inet_interfaces = all
luser_relay =
mail_owner = postfix
mailbox_transport = cyrus
mailq_path = /usr/bin/mailq
manpage_directory = /usr/share/man
maps_rbl_domains =
relays.ordb.org,opm.blitzed.org,list.dsbl.org,sbl. spamhaus.org,cbl.abuseat.org,dul.dnsbl.sorbs.net

message_size_limit = 15360000
minimal_backoff_time = 300s
mydestination = $myhostname,localhost.$mydomain,smtp.xxx.com
mydomain_fallback = localhost
myhostname = smtp.xxx.com
mynetworks =
127.0.0.1/32,10.0.0.0/8,xxxx.111.0.0/16,xxx.249.0.0/16,xxx.30.36.0/24,xxx.168.73.0/24

mynetworks_style = host
newaliases_path = /usr/bin/newaliases
queue_directory = /private/var/spool/postfix
queue_run_delay = 300s
readme_directory = /usr/share/doc/postfix
relay_domains = hash:/etc/postfix/relay_domains
relayhost =
sample_directory = /usr/share/doc/postfix/examples
sendmail_path = /usr/sbin/sendmail
setgid_group = postdrop
smtp_tls_CAfile = /etc/certificates/x509anchors.pem
smtp_tls_cert_file = /etc/certificates/smtp.xxx.com.crt
smtp_tls_cipherlist =
TLSv1+SSLv3+aRSA+RSA:-LOW:-EXPORT:-eNULL:@STRENGTH
smtp_tls_key_file = /etc/certificates/smtp.xxx.com.key
smtp_tls_loglevel = 2
smtp_use_tls = yes
smtpd_client_restrictions = permit_mynetworks warn_if_reject
reject_maps_rbl
smtpd_delay_reject = yes
smtpd_enforce_tls = no
smtpd_helo_required = no
smtpd_pw_server_security_options = none
smtpd_recipient_restrictions =
permit_mynetworks,reject_unauth_destination
smtpd_sasl_auth_enable = no
smtpd_tls_CAfile = /etc/certificates/x509anchors.pem
smtpd_tls_cert_file = /etc/certificates/smtp.xxx.com.crt
smtpd_tls_cipherlist =
TLSv1+SSLv3+aRSA+RSA:-LOW:-EXPORT:-eNULL:@STRENGTH
smtpd_tls_key_file = /etc/certificates/smtp.xxx.com.key
smtpd_tls_loglevel = 2
smtpd_tls_received_header = yes
smtpd_use_pw_server = no
smtpd_use_tls = yes
tls_daemon_random_source = dev:/dev/urandom
tls_random_exchange_name = /etc/postfix/prng_exch
tls_random_source = dev:/dev/urandom
transport_maps = hash:/etc/postfix/transport
unknown_local_recipient_reject_code = 450

hphinizy3@gmail.com wrote:
> These relays hand off to a set of tumbleweeds
> server dropped connection without sending the initial greeting


Some random thoughts:

You must be running an older version of Postfix, as the string
"server dropped connection without sending the initial greeting"
doesn't appear in the newer Postfix code.

It the older version, that string appears in the "lmtp" source code.
In older versions, the LMTP client is a separate program than SMTP
and implements only a subset of the functionality available with SMTP.


Just curious as to where lmtp comes into play in your configurations
(possible master.cf or transport),as I see no lmtp configs in your main.cf.

How old is the Tumbleweed? I read in a Gartner Report that Tumbleweed has
improved it's connection management quite a bit in the last 2 years.

--
Greg

To my knowledge no lmtp--we are running postfix on Mac OSX--i have
patched to the latest version of OS X.


Greg Hackney wrote:
> hphinizy3@gmail.com wrote:
> > These relays hand off to a set of tumbleweeds
> > server dropped connection without sending the initial greeting
>
>
> Some random thoughts:
>
> You must be running an older version of Postfix, as the string
> "server dropped connection without sending the initial greeting"
> doesn't appear in the newer Postfix code.
>
> It the older version, that string appears in the "lmtp" source code.
> In older versions, the LMTP client is a separate program than SMTP
> and implements only a subset of the functionality available with SMTP.
>
>
> Just curious as to where lmtp comes into play in your configurations
> (possible master.cf or transport),as I see no lmtp configs in your main.cf.
>
> How old is the Tumbleweed? I read in a Gartner Report that Tumbleweed has
> improved it's connection management quite a bit in the last 2 years.
>
> --
> Greg

More on lmtp, it is indeed in master.cf. On the matter of Tumbleweed,
I have little visibility into those devices as they are the outsourced
portion of the mail solution... I do know we are still on email
firewall, windows and MSSQL based, not their newer Linux offering.

Hope this helps...


Greg Hackney wrote:
> hphinizy3@gmail.com wrote:
> > These relays hand off to a set of tumbleweeds
> > server dropped connection without sending the initial greeting
>
>
> Some random thoughts:
>
> You must be running an older version of Postfix, as the string
> "server dropped connection without sending the initial greeting"
> doesn't appear in the newer Postfix code.
>
> It the older version, that string appears in the "lmtp" source code.
> In older versions, the LMTP client is a separate program than SMTP
> and implements only a subset of the functionality available with SMTP.
>
>
> Just curious as to where lmtp comes into play in your configurations
> (possible master.cf or transport),as I see no lmtp configs in your main.cf.
>
> How old is the Tumbleweed? I read in a Gartner Report that Tumbleweed has
> improved it's connection management quite a bit in the last 2 years.
>
> --
> Greg

More interesting logs...

Oct 18 16:50:46 localhost postfix/smtp[16149]: 38C63D984950:
to=<aaa@xxx.com>, relay=vip.xxx.com[xxx.xxx.61.145], delay=5526,
status=deferred (lost connection with vip.xxx.com[xxx.xxx.61.145] while
sending end of data -- message may be sent more than once)




hphinizy3@gmail.com wrote:
> I am seeing the log below occurring frequently on all four of my
> external relays. These relays hand off to a set of tumbleweeds via a
> load balanced VIP. I can telnet to the VIP via port 25 as well as the
> actual nodes themselves. Queue is building and I cannot find why the
> mail is being deferred. I am not using amavisd and as you can tell by
> the log entry there are no deferred attempts to localhost. Please
> help, situation is becoming critical... I see several instances of this
> exact question on these lists but no conclusion.
>
> Regards
>
>
> 0ct 18 01:18:19 localhost postfix/smtp[5221]: 10E4710000361:
> to=<xxx@xxx.com>, relay=none, delay=113596, status=deferred (connect to
> vip.xxx.com[xxx.111.61.145]: server dropped connection without sending
> the initial greeting)
>
> postconf -n:
>
> always_bcc =
> command_directory = /usr/sbin
> config_directory = /etc/postfix
> daemon_directory = /usr/libexec/postfix
> debug_peer_level = 2
> default_destination_concurrency_limit = 100
> default_process_limit = 200
> enable_server_options = yes
> inet_interfaces = all
> luser_relay =
> mail_owner = postfix
> mailbox_transport = cyrus
> mailq_path = /usr/bin/mailq
> manpage_directory = /usr/share/man
> maps_rbl_domains =
> relays.ordb.org,opm.blitzed.org,list.dsbl.org,sbl. spamhaus.org,cbl.abuseat.org,dul.dnsbl.sorbs.net
>
> message_size_limit = 15360000
> minimal_backoff_time = 300s
> mydestination = $myhostname,localhost.$mydomain,smtp.xxx.com
> mydomain_fallback = localhost
> myhostname = smtp.xxx.com
> mynetworks =
> 127.0.0.1/32,10.0.0.0/8,xxxx.111.0.0/16,xxx.249.0.0/16,xxx.30.36.0/24,xxx.168.73.0/24
>
> mynetworks_style = host
> newaliases_path = /usr/bin/newaliases
> queue_directory = /private/var/spool/postfix
> queue_run_delay = 300s
> readme_directory = /usr/share/doc/postfix
> relay_domains = hash:/etc/postfix/relay_domains
> relayhost =
> sample_directory = /usr/share/doc/postfix/examples
> sendmail_path = /usr/sbin/sendmail
> setgid_group = postdrop
> smtp_tls_CAfile = /etc/certificates/x509anchors.pem
> smtp_tls_cert_file = /etc/certificates/smtp.xxx.com.crt
> smtp_tls_cipherlist =
> TLSv1+SSLv3+aRSA+RSA:-LOW:-EXPORT:-eNULL:@STRENGTH
> smtp_tls_key_file = /etc/certificates/smtp.xxx.com.key
> smtp_tls_loglevel = 2
> smtp_use_tls = yes
> smtpd_client_restrictions = permit_mynetworks warn_if_reject
> reject_maps_rbl
> smtpd_delay_reject = yes
> smtpd_enforce_tls = no
> smtpd_helo_required = no
> smtpd_pw_server_security_options = none
> smtpd_recipient_restrictions =
> permit_mynetworks,reject_unauth_destination
> smtpd_sasl_auth_enable = no
> smtpd_tls_CAfile = /etc/certificates/x509anchors.pem
> smtpd_tls_cert_file = /etc/certificates/smtp.xxx.com.crt
> smtpd_tls_cipherlist =
> TLSv1+SSLv3+aRSA+RSA:-LOW:-EXPORT:-eNULL:@STRENGTH
> smtpd_tls_key_file = /etc/certificates/smtp.xxx.com.key
> smtpd_tls_loglevel = 2
> smtpd_tls_received_header = yes
> smtpd_use_pw_server = no
> smtpd_use_tls = yes
> tls_daemon_random_source = dev:/dev/urandom
> tls_random_exchange_name = /etc/postfix/prng_exch
> tls_random_source = dev:/dev/urandom
> transport_maps = hash:/etc/postfix/transport
> unknown_local_recipient_reject_code = 450

hphinizy3@gmail.com wrote:
> More interesting logs...
> Oct 18 16:50:46 localhost postfix/smtp[16149]: 38C63D984950:
> to=<aaa@xxx.com>, relay=vip.xxx.com[xxx.xxx.61.145], delay=5526,
> status=deferred (lost connection with vip.xxx.com[xxx.xxx.61.145] while
> sending end of data -- message may be sent more than once)


The symptoms sound to me like the problems are beyond the scope of Postfix.
Such networking issues, load balancer, or Tumbleweed.

--
Greg

Greg Hackney wrote:
> hphinizy3@gmail.com wrote:
> > More interesting logs...
> > Oct 18 16:50:46 localhost postfix/smtp[16149]: 38C63D984950:
> > to=<aaa@xxx.com>, relay=vip.xxx.com[xxx.xxx.61.145], delay=5526,
> > status=deferred (lost connection with vip.xxx.com[xxx.xxx.61.145] while
> > sending end of data -- message may be sent more than once)
>
>
> The symptoms sound to me like the problems are beyond the scope of Postfix.
> Such networking issues, load balancer, or Tumbleweed.
>
> --
> Greg

As a follow-up, since I hate googling for issues and find the person
asking did not follow-up with a root cause and the solution... Turns
out an influx of spam was hitting my company--there was news of a
significant increase of spam throughout the net as a whole. At any
rate, the postfix relays performed like champs, the tumble weeds on the
other hand, seemed to fold under the pressure. My guess is the errors
I was seeing was the smtp process on the tumble weeds turning away a
percentage of my mail since the volume was too great for it to
handle... So, the mail ended up queuing on my postfix relays.

Score: 1 for open source, 0 for third party offerings ;).