Prev-20 Home Next-20 6 msg DSN relay host 1 msg Restrict sender and from to one domain on outbo... 10 msg Outbound postfix routing issue 25 msg Problem with Black List 3 msg Looking at new mail server layout 26 msg why every minute: 'reload configuration /etc/po... 2 msg myhostname parameter 17 msg RBL problems with smarthost on private address ... 34 msg Backscatting filter? 3 msg how to setup postfix in 'deliver-only' mode? 7 msg Slow queue configuration 17 msg Some Windows SMTP Server have problems with STA... 5 msg For each check_ns or each check_mx, the value i... 4 msg postfix and spf 2 msg Password Validation in postfix 4 msg catching some spam with warn_if_reject and reje... 9 msg RFC: Check mail quota at a mail relay (backscat... 29 msg GPS vs GLD (greylisting) 3 msg Unmeant update from 2.2.10 to 2.5.1 mailq lockups \ Joey (5 May 2008) . \ Victor Duchovni (5 May 2008) . \ Jan P. Kessler (5 May 2008) . \ Noel Jones (5 May 2008) . \ Ralf Hildebrandt (5 May 2008) . . \ Joey (5 May 2008) . . . \ Ralf Hildebrandt (5 May 2008) . . . \ Victor Duchovni (5 May 2008) . . . \ Noel Jones (5 May 2008) . . . . \ Joey (6 May 2008) . . . . . \ Victor Duchovni (6 May 2008) . . . . . . \ Joey (6 May 2008) . . . . . . . \ Victor Duchovni (6 May 2008) . \ Joey (7 May 2008) . . \ Victor Duchovni (7 May 2008) . . . \ Joey (8 May 2008) . . . . \ Victor Duchovni (8 May 2008) . . . . . \ MacShane, Tracy (9 May 2008) . . . . . \ Joey (9 May 2008) . . . . . . \ (Wietse Venema) (9 May 2008) . . . . . . . \ Joey (9 May 2008) . . . . . . . . \ (Wietse Venema) (9 May 2008) . . . . . . \ Victor Duchovni (9 May 2008) Prev-20 Home Next-20

Prev-Msg Prev-Thread Postfix-users May-2008 Next-Thread Next-Msg Subject: Re: mailq lockups Group: Postfix-users From: (Wietse Venema) Date: 9 May 2008 Wietse: > Stop speculating, start doing real measurements. > Send mail to the exchange box that pretends to come from such a domain. > > $ sendmail -f user@suspect-domain recipient... < inputfile > > where inputfile contains some text. Joey: > This was a good test, if I use the sender domain of the messages I am saying > are spam because they are the messages that lock up in the queue and remain > there: > sendmail -f colvdiyfq testaccount < > testfile > > This times out sending to the exchange server. Now we're getting somewhere. So this means exchange can't handle domains that have "many" MX records. > If I take the same exact entry but put my domain as the sender like so: > sendmail -f colvdiyfq testaccount < > testfile > > It works perfectly with NO hung connections on either side. > > I tried this with 2 different domains that were from messages that were > locked up in the queue on the postfix side with the same results. So all we need to do is to configure Postfix to stop mail from domains with more than some number of MX records. DNS lookups like this don't work over UDP. They require DNS over TCP. This can break in several ways: - Perhaps Exchange can't handle DNS replies that exceed the size of an UDP response (i.e. it can't do DNS lookup over TCP). - Perhaps the Exchange server is behind a broken firewall that blocks DNS lookups over TCP. - Or perhaps Exchange can't handle large DNS replies with 100+ MX records. Postfix currently has no feature built-in that disallows DNS replies with "many" MX records. Wietse Prev-Msg Prev-Thread Postfix-users May-2008 Next-Thread Next-Msg

© 2004-2008 readlist.com