Diagnostic-Code: smtp; 503 5.5.1 Error: nested MAIL command

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
14 messages Options
Reply | Threaded
Open this post in threaded view
|

Diagnostic-Code: smtp; 503 5.5.1 Error: nested MAIL command

Tait Grove

On random occasions my customers get a nested email command error message, what causes this error?

 

Copy of error message:

===============================================

Reporting-MTA: dns; post-app3.tdpserver.net

Received-From-MTA: smtp; post-app3.tdpserver.net ([127.0.0.1])

Arrival-Date: Tue,  8 Jul 2008 10:14:27 -0700 (PDT)

 

Original-Recipient: rfc822;[hidden email]

Final-Recipient: rfc822;[hidden email]

Action: failed

Status: 5.5.1

Remote-MTA: dns; 127.0.0.1

Diagnostic-Code: smtp; 503 5.5.1 Error: nested MAIL command

Last-Attempt-Date: Tue,  8 Jul 2008 10:14:27 -0700 (PDT)

Final-Log-ID: 03569-02/MT-NihAiuFnc

===============================================

 

Here is a copy of my postconf –n:

 

------------------------------------------------------------------------------

alias_database = hash:/etc/mail/aliases

alias_maps = hash:/etc/mail/aliases

bounce_queue_lifetime = 8h

broken_sasl_auth_clients = yes

command_directory = /usr/local/sbin

config_directory = /usr/local/etc/postfix

daemon_directory = /usr/local/libexec/postfix

data_directory = /var/db/postfix

debug_peer_level = 2

disable_vrfy_command = yes

enable_original_recipient = no

html_directory = no

inet_interfaces = 127.0.0.1, localhost, $myhostname

invalid_hostname_reject_code = 450

mail_owner = postfix

mailq_path = /usr/local/bin/mailq

manpage_directory = /usr/local/man

maps_rbl_reject_code = 450

maximal_backoff_time = 5135s

maximal_queue_lifetime = 8h

message_size_limit = 40960000

minimal_backoff_time = 535s

mydestination = localhost.$mydomain, $mydomain, localhost, $myhostname

myhostname = app-mail2.thedesignpeople.net

mynetworks = 127.0.0.0/8, 192.168.0.0/8, 21.10.5.0/25, $myhostname

newaliases_path = /usr/local/bin/newaliases

non_fqdn_reject_code = 450

proxy_interfaces = 10.11.0.29

proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps

queue_directory = /var/spool/postfix

queue_run_delay = 535s

readme_directory = no

relay_domains = $mydestination

sample_directory = /usr/local/etc/postfix

sendmail_path = /usr/local/sbin/sendmail

setgid_group = maildrop

smtp_sasl_password_maps = proxy:mysql:$config_directory/mysql_virtual_mailbox_maps.cf

smtp_tls_CAfile = /usr/local/share/certs/ca-root.crt

smtp_tls_cert_file = /usr/local/etc/dovecot/certs/tdpserver.crt

smtp_tls_key_file = /usr/local/etc/dovecot/certs/tdpserver.key

smtp_tls_security_level = may

smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

smtpd_client_connection_rate_limit = 400

smtpd_client_event_limit_exceptions = $mynetworks, 192.168.0.0/8, 127.0.0.1, 21.10.5.0/25, localhost

smtpd_data_restrictions = reject_unauth_pipelining,        reject_multi_recipient_bounce,        permit

smtpd_recipient_limit = 3000

smtpd_recipient_restrictions = permit_mynetworks,        check_policy_service inet:127.0.0.1:10031,        permit_sasl_authenticated,        permit_tls_clientcerts,        reject_unauth_destination,        reject_invalid_helo_hostname,        reject_non_fqdn_sender,        reject_unknown_recipient_domain,        reject_non_fqdn_recipient,        warn_if_reject reject_non_fqdn_helo_hostname,        warn_if_reject reject_unknown_helo_hostname,        warn_if_reject reject_unknown_client,        warn_if_reject reject_unverified_recipient,        warn_if_reject reject_unknown_sender_domain,        warn_if_reject reject_unverified_sender,        check_recipient_access  hash:$config_directory/recipient.list,        reject_rbl_client cbl.abuseat.org,        reject_rbl_client list.dsbl.org,        reject_rbl_client sbl.spamhaus.org,        reject_rbl_client bl.spamcop.net,        reject_rbl_client dnsbl.sorbs.net=127.0.0.2,        reject_rbl_client dnsbl.sorbs.net=127.0.0.3,        reject_rbl_client dnsbl.sorbs.net=127.0.0.4,        reject_rbl_client dnsbl.sorbs.net=127.0.0.5,        reject_rbl_client dnsbl.sorbs.net=127.0.0.7,        reject_rbl_client dnsbl.sorbs.net=127.0.0.9,        reject_rbl_client dnsbl.sorbs.net=127.0.0.11,        reject_rbl_client dnsbl.sorbs.net=127.0.0.12,        permit

smtpd_sasl_auth_enable = yes

smtpd_sasl_exceptions_networks = $mynetworks

smtpd_sasl_local_domain = $myhostname

smtpd_sasl_path = private/auth

smtpd_sasl_security_options = noanonymous

smtpd_sasl_type = dovecot

smtpd_tls_CAfile = /usr/local/share/certs/ca-root.crt

smtpd_tls_ask_ccert = yes

smtpd_tls_cert_file = /usr/local/etc/dovecot/certs/tdpserver.crt

smtpd_tls_key_file = /usr/local/etc/dovecot/certs/tdpserver.key

smtpd_tls_loglevel = 1

smtpd_tls_received_header = yes

smtpd_tls_security_level = may

smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache

soft_bounce = no

transport_maps = hash:/etc/mail/transport

unknown_local_recipient_reject_code = 550

unverified_sender_reject_code = 550

virtual_alias_maps = proxy:mysql:$config_directory/mysql_virtual_alias_maps.cf

virtual_mailbox_domains = proxy:mysql:$config_directory/mysql_virtual_domains_maps.cf

virtual_mailbox_maps = proxy:mysql:$config_directory/mysql_virtual_mailbox_maps.cf

virtual_transport = dovecot

------------------------------------------------------------------------------

 

What causes this error message?

 

 

-- Tait

 

 

 

 

Reply | Threaded
Open this post in threaded view
|

Re: Diagnostic-Code: smtp; 503 5.5.1 Error: nested MAIL command

Noel Jones-2
Tait Grove wrote:

> On random occasions my customers get a nested email command error
> message, what causes this error?
>
>  
>
> Copy of error message:
>
> ===============================================
>
> Reporting-MTA: dns; post-app3.tdpserver.net
>
> Received-From-MTA: smtp; post-app3.tdpserver.net ([127.0.0.1])
>
> Arrival-Date: Tue,  8 Jul 2008 10:14:27 -0700 (PDT)
>
>  
>
> Original-Recipient: rfc822;[hidden email]
>
> Final-Recipient: rfc822;[hidden email]
>
> Action: failed
>
> Status: 5.5.1
>
> Remote-MTA: dns; 127.0.0.1
>
> Diagnostic-Code: smtp; 503 5.5.1 Error: nested MAIL command
>
> Last-Attempt-Date: Tue,  8 Jul 2008 10:14:27 -0700 (PDT)
>
> Final-Log-ID: 03569-02/MT-NihAiuFnc
>
> ===============================================
>
>  

The error message means postfix received multiple MAIL FROM
commands for a single message, apparently from client
127.0.0.1 localhost.

Apparently you are using some sort of proxy in front of
postfix, and the proxy gets confused at times and sends
invalid SMTP sequences.  The error lies in the proxy software.

--
Noel Jones
Reply | Threaded
Open this post in threaded view
|

Re: Diagnostic-Code: smtp; 503 5.5.1 Error: nested MAIL command

Wietse Venema
In reply to this post by Tait Grove
Tait Grove:
> Diagnostic-Code: smtp; 503 5.5.1 Error: nested MAIL command

Some SMTP client starts a mail transaction (with the "MAIL FROM"
command) when a mail transaction is already in progress.

To get email notification of such SMTP conversations, specify

/etc/postfix/main.cf:
    notify_classes = resource, software, protocol

The "resource, software" are default settings.  The "protocol"
sends you email when a session has protocol errors.

        Wietse
Reply | Threaded
Open this post in threaded view
|

RE: Diagnostic-Code: smtp; 503 5.5.1 Error: nested MAIL command

Tait Grove
In reply to this post by Noel Jones-2


-----Original Message-----
From: [hidden email]
[mailto:[hidden email]] On Behalf Of Noel Jones
Sent: Tuesday, July 08, 2008 1:17 PM
To: [hidden email]
Subject: Re: Diagnostic-Code: smtp; 503 5.5.1 Error: nested MAIL command

Tait Grove wrote:

> On random occasions my customers get a nested email command error
> message, what causes this error?
>
>  
>
> Copy of error message:
>
> ===============================================
>
> Reporting-MTA: dns; post-app3.tdpserver.net
>
> Received-From-MTA: smtp; post-app3.tdpserver.net ([127.0.0.1])
>
> Arrival-Date: Tue,  8 Jul 2008 10:14:27 -0700 (PDT)
>
>  
>
> Original-Recipient: rfc822;[hidden email]
>
> Final-Recipient: rfc822;[hidden email]
>
> Action: failed
>
> Status: 5.5.1
>
> Remote-MTA: dns; 127.0.0.1
>
> Diagnostic-Code: smtp; 503 5.5.1 Error: nested MAIL command
>
> Last-Attempt-Date: Tue,  8 Jul 2008 10:14:27 -0700 (PDT)
>
> Final-Log-ID: 03569-02/MT-NihAiuFnc
>
> ===============================================
>
>  

The error message means postfix received multiple MAIL FROM
commands for a single message, apparently from client
127.0.0.1 localhost.

Apparently you are using some sort of proxy in front of
postfix, and the proxy gets confused at times and sends
invalid SMTP sequences.  The error lies in the proxy software.

--
Noel Jones


I only use the proxymaps in Postfix for MySQL connection cache... should I
turn this off?


-- Tait

Reply | Threaded
Open this post in threaded view
|

RE: Diagnostic-Code: smtp; 503 5.5.1 Error: nested MAIL command

Tait Grove
In reply to this post by Wietse Venema


-----Original Message-----
From: [hidden email]
[mailto:[hidden email]] On Behalf Of Wietse Venema
Sent: Tuesday, July 08, 2008 1:24 PM
To: Tait Grove
Cc: [hidden email]
Subject: Re: Diagnostic-Code: smtp; 503 5.5.1 Error: nested MAIL command

Tait Grove:
> Diagnostic-Code: smtp; 503 5.5.1 Error: nested MAIL command

Some SMTP client starts a mail transaction (with the "MAIL FROM"
command) when a mail transaction is already in progress.

To get email notification of such SMTP conversations, specify

/etc/postfix/main.cf:
    notify_classes = resource, software, protocol

The "resource, software" are default settings.  The "protocol"
sends you email when a session has protocol errors.

Wietse

---------------------------

Ok I will set this up; I assume this is to give me a clearer reason of why I
am getting these error messages?

-- Tait


Reply | Threaded
Open this post in threaded view
|

Re: Diagnostic-Code: smtp; 503 5.5.1 Error: nested MAIL command

Noel Jones-2
In reply to this post by Tait Grove
Tait Grove wrote:

>
> -----Original Message-----
> From: [hidden email]
> [mailto:[hidden email]] On Behalf Of Noel Jones
> Sent: Tuesday, July 08, 2008 1:17 PM
> To: [hidden email]
> Subject: Re: Diagnostic-Code: smtp; 503 5.5.1 Error: nested MAIL command
>
> Tait Grove wrote:
>> On random occasions my customers get a nested email command error
>> message, what causes this error?
>>
>>  
>>
>> Copy of error message:
>>
>> ===============================================
>>
>> Reporting-MTA: dns; post-app3.tdpserver.net
>>
>> Received-From-MTA: smtp; post-app3.tdpserver.net ([127.0.0.1])
>>
>> Arrival-Date: Tue,  8 Jul 2008 10:14:27 -0700 (PDT)
>>
>>  
>>
>> Original-Recipient: rfc822;[hidden email]
>>
>> Final-Recipient: rfc822;[hidden email]
>>
>> Action: failed
>>
>> Status: 5.5.1
>>
>> Remote-MTA: dns; 127.0.0.1
>>
>> Diagnostic-Code: smtp; 503 5.5.1 Error: nested MAIL command
>>
>> Last-Attempt-Date: Tue,  8 Jul 2008 10:14:27 -0700 (PDT)
>>
>> Final-Log-ID: 03569-02/MT-NihAiuFnc
>>
>> ===============================================
>>
>>  
>
> The error message means postfix received multiple MAIL FROM
> commands for a single message, apparently from client
> 127.0.0.1 localhost.
>
> Apparently you are using some sort of proxy in front of
> postfix, and the proxy gets confused at times and sends
> invalid SMTP sequences.  The error lies in the proxy software.
>

> I only use the proxymaps in Postfix for MySQL connection cache... should I
> turn this off?
>
>
> -- Tait


This has nothing to do with postfix proxymaps - in fact
nothing to do with postfix.

The client talking to postfix (which I suspect is some proxy
software on your server) is breaking the SMTP conversation by
sending multiple MAIL FROM commands during a single message
transaction.

My wild guess is you are using some anti-spam software in
front of postfix.  That software has a bug.  ASSP or something
similar...

--
Noel Jones
Reply | Threaded
Open this post in threaded view
|

RE: Diagnostic-Code: smtp; 503 5.5.1 Error: nested MAIL command

Tait Grove
-----Original Message-----
From: Noel Jones [mailto:[hidden email]]
Sent: Tuesday, July 08, 2008 3:20 PM
To: Tait Grove
Cc: 'postfix users list'
Subject: Re: Diagnostic-Code: smtp; 503 5.5.1 Error: nested MAIL command

Tait Grove wrote:

>
> -----Original Message-----
> From: [hidden email]
> [mailto:[hidden email]] On Behalf Of Noel Jones
> Sent: Tuesday, July 08, 2008 1:17 PM
> To: [hidden email]
> Subject: Re: Diagnostic-Code: smtp; 503 5.5.1 Error: nested MAIL command
>
> Tait Grove wrote:
>> On random occasions my customers get a nested email command error
>> message, what causes this error?
>>
>>  
>>
>> Copy of error message:
>>
>> ===============================================
>>
>> Reporting-MTA: dns; post-app3.tdpserver.net
>>
>> Received-From-MTA: smtp; post-app3.tdpserver.net ([127.0.0.1])
>>
>> Arrival-Date: Tue,  8 Jul 2008 10:14:27 -0700 (PDT)
>>
>>  
>>
>> Original-Recipient: rfc822;[hidden email]
>>
>> Final-Recipient: rfc822;[hidden email]
>>
>> Action: failed
>>
>> Status: 5.5.1
>>
>> Remote-MTA: dns; 127.0.0.1
>>
>> Diagnostic-Code: smtp; 503 5.5.1 Error: nested MAIL command
>>
>> Last-Attempt-Date: Tue,  8 Jul 2008 10:14:27 -0700 (PDT)
>>
>> Final-Log-ID: 03569-02/MT-NihAiuFnc
>>
>> ===============================================
>>
>>  
>
> The error message means postfix received multiple MAIL FROM
> commands for a single message, apparently from client
> 127.0.0.1 localhost.
>
> Apparently you are using some sort of proxy in front of
> postfix, and the proxy gets confused at times and sends
> invalid SMTP sequences.  The error lies in the proxy software.
>

> I only use the proxymaps in Postfix for MySQL connection cache... should I
> turn this off?
>
>
> -- Tait


This has nothing to do with postfix proxymaps - in fact
nothing to do with postfix.

The client talking to postfix (which I suspect is some proxy
software on your server) is breaking the SMTP conversation by
sending multiple MAIL FROM commands during a single message
transaction.

My wild guess is you are using some anti-spam software in
front of postfix.  That software has a bug.  ASSP or something
similar...

--
Noel Jones

============================================================


I have a firewall (Juniper) with MIP's and a newly added load balancer
(Coyote). These are the only devices that could affect SMTP traffic. Maybe
the load balancer? Or is this outside my cabinet and a proxy at the client's
office before they make it to our servers?

P.S. This is random error by the way, the customer that sent this error to
me sends thousands of pieces of emails, it was not until they emailed the
address in the error message that they got the nested MAIL command error.


-- Tait




Reply | Threaded
Open this post in threaded view
|

Re: Diagnostic-Code: smtp; 503 5.5.1 Error: nested MAIL command

Noel Jones-2
Tait Grove wrote:

> -----Original Message-----
> From: Noel Jones [mailto:[hidden email]]
> Sent: Tuesday, July 08, 2008 3:20 PM
> To: Tait Grove
> Cc: 'postfix users list'
> Subject: Re: Diagnostic-Code: smtp; 503 5.5.1 Error: nested MAIL command
>
> Tait Grove wrote:
>  
>> -----Original Message-----
>> From: [hidden email]
>> [mailto:[hidden email]] On Behalf Of Noel Jones
>> Sent: Tuesday, July 08, 2008 1:17 PM
>> To: [hidden email]
>> Subject: Re: Diagnostic-Code: smtp; 503 5.5.1 Error: nested MAIL command
>>
>> Tait Grove wrote:
>>    
>>> On random occasions my customers get a nested email command error
>>> message, what causes this error?
>>>
>>>  
>>>
>>> Copy of error message:
>>>
>>> ===============================================
>>>
>>> Reporting-MTA: dns; post-app3.tdpserver.net
>>>
>>> Received-From-MTA: smtp; post-app3.tdpserver.net ([127.0.0.1])
>>>
>>> Arrival-Date: Tue,  8 Jul 2008 10:14:27 -0700 (PDT)
>>>
>>>  
>>>
>>> Original-Recipient: rfc822;[hidden email]
>>>
>>> Final-Recipient: rfc822;[hidden email]
>>>
>>> Action: failed
>>>
>>> Status: 5.5.1
>>>
>>> Remote-MTA: dns; 127.0.0.1
>>>
>>> Diagnostic-Code: smtp; 503 5.5.1 Error: nested MAIL command
>>>
>>> Last-Attempt-Date: Tue,  8 Jul 2008 10:14:27 -0700 (PDT)
>>>
>>> Final-Log-ID: 03569-02/MT-NihAiuFnc
>>>
>>> ===============================================
>>>
>>>  
>>>      
>> The error message means postfix received multiple MAIL FROM
>> commands for a single message, apparently from client
>> 127.0.0.1 localhost.
>>
>> Apparently you are using some sort of proxy in front of
>> postfix, and the proxy gets confused at times and sends
>> invalid SMTP sequences.  The error lies in the proxy software.
>>
>>    
>
>  
>> I only use the proxymaps in Postfix for MySQL connection cache... should I
>> turn this off?
>>
>>
>> -- Tait
>>    
>
>
> This has nothing to do with postfix proxymaps - in fact
> nothing to do with postfix.
>
> The client talking to postfix (which I suspect is some proxy
> software on your server) is breaking the SMTP conversation by
> sending multiple MAIL FROM commands during a single message
> transaction.
>
> My wild guess is you are using some anti-spam software in
> front of postfix.  That software has a bug.  ASSP or something
> similar...
>
>  
> I have a firewall (Juniper) with MIP's and a newly added load balancer
> (Coyote). These are the only devices that could affect SMTP traffic. Maybe
> the load balancer? Or is this outside my cabinet and a proxy at the client's
> office before they make it to our servers?
>
> P.S. This is random error by the way, the customer that sent this error to
> me sends thousands of pieces of emails, it was not until they emailed the
> address in the error message that they got the nested MAIL command error.
>
>
> -- Tait
>  

Your error message above showed client 127.0.0.1.  If that information
is accurate, the offending proxy software is on your box, and not an
external load balancer or other device.
The postfix log entry will confirm this, but postfix can't tell what
software is in front of postfix.

What does your box respond when you telnet to port 25 from an external
IP?  What does postfix log during that time?  Do all your postfix log
entries show client=localhost[127.0.0.0] or do they show the correct
client IP?

--
Noel Jones
Reply | Threaded
Open this post in threaded view
|

Re: Diagnostic-Code: smtp; 503 5.5.1 Error: nested MAIL command

Ralf Hildebrandt
In reply to this post by Tait Grove
* Tait Grove <[hidden email]>:

> Ok I will set this up; I assume this is to give me a clearer reason of why I
> am getting these error messages?

Yes. You could also look at the logs.


--
Ralf Hildebrandt ([hidden email])          [hidden email]
Postfix - Einrichtung, Betrieb und Wartung       Tel. +49 (0)30-450 570-155
http://www.arschkrebs.de
Ich bin nicht Deutschland. Ich bin einkaufen.       -- F. Eckenga
Reply | Threaded
Open this post in threaded view
|

RE: Diagnostic-Code: smtp; 503 5.5.1 Error: nested MAIL command

Tait Grove
In reply to this post by Noel Jones-2
-----Original Message-----
From: [hidden email]
[mailto:[hidden email]] On Behalf Of Noel Jones
Sent: Tuesday, July 08, 2008 5:00 PM
To: Tait Grove
Cc: 'postfix users list'
Subject: Re: Diagnostic-Code: smtp; 503 5.5.1 Error: nested MAIL command

Tait Grove wrote:

> -----Original Message-----
> From: Noel Jones [mailto:[hidden email]]
> Sent: Tuesday, July 08, 2008 3:20 PM
> To: Tait Grove
> Cc: 'postfix users list'
> Subject: Re: Diagnostic-Code: smtp; 503 5.5.1 Error: nested MAIL command
>
> Tait Grove wrote:
>  
>> -----Original Message-----
>> From: [hidden email]
>> [mailto:[hidden email]] On Behalf Of Noel Jones
>> Sent: Tuesday, July 08, 2008 1:17 PM
>> To: [hidden email]
>> Subject: Re: Diagnostic-Code: smtp; 503 5.5.1 Error: nested MAIL command
>>
>> Tait Grove wrote:
>>    
>>> On random occasions my customers get a nested email command error
>>> message, what causes this error?
>>>
>>>  
>>>
>>> Copy of error message:
>>>
>>> ===============================================
>>>
>>> Reporting-MTA: dns; post-app3.tdpserver.net
>>>
>>> Received-From-MTA: smtp; post-app3.tdpserver.net ([127.0.0.1])
>>>
>>> Arrival-Date: Tue,  8 Jul 2008 10:14:27 -0700 (PDT)
>>>
>>>  
>>>
>>> Original-Recipient: rfc822;[hidden email]
>>>
>>> Final-Recipient: rfc822;[hidden email]
>>>
>>> Action: failed
>>>
>>> Status: 5.5.1
>>>
>>> Remote-MTA: dns; 127.0.0.1
>>>
>>> Diagnostic-Code: smtp; 503 5.5.1 Error: nested MAIL command
>>>
>>> Last-Attempt-Date: Tue,  8 Jul 2008 10:14:27 -0700 (PDT)
>>>
>>> Final-Log-ID: 03569-02/MT-NihAiuFnc
>>>
>>> ===============================================
>>>
>>>  
>>>      
>> The error message means postfix received multiple MAIL FROM
>> commands for a single message, apparently from client
>> 127.0.0.1 localhost.
>>
>> Apparently you are using some sort of proxy in front of
>> postfix, and the proxy gets confused at times and sends
>> invalid SMTP sequences.  The error lies in the proxy software.
>>
>>    
>
>  
>> I only use the proxymaps in Postfix for MySQL connection cache... should
I

>> turn this off?
>>
>>
>> -- Tait
>>    
>
>
> This has nothing to do with postfix proxymaps - in fact
> nothing to do with postfix.
>
> The client talking to postfix (which I suspect is some proxy
> software on your server) is breaking the SMTP conversation by
> sending multiple MAIL FROM commands during a single message
> transaction.
>
> My wild guess is you are using some anti-spam software in
> front of postfix.  That software has a bug.  ASSP or something
> similar...
>
>  
> I have a firewall (Juniper) with MIP's and a newly added load balancer
> (Coyote). These are the only devices that could affect SMTP traffic. Maybe
> the load balancer? Or is this outside my cabinet and a proxy at the
client's
> office before they make it to our servers?
>
> P.S. This is random error by the way, the customer that sent this error to
> me sends thousands of pieces of emails, it was not until they emailed the
> address in the error message that they got the nested MAIL command error.
>
>
> -- Tait
>  

Your error message above showed client 127.0.0.1.  If that information
is accurate, the offending proxy software is on your box, and not an
external load balancer or other device.
The postfix log entry will confirm this, but postfix can't tell what
software is in front of postfix.

What does your box respond when you telnet to port 25 from an external
IP?  What does postfix log during that time?  Do all your postfix log
entries show client=localhost[127.0.0.0] or do they show the correct
client IP?

--
Noel Jones

======================================================

There are two local programs that could be proxies, Amavisd (AV scan only
with CLAMAV) and the virtual vacation program 'vacation.pl'. My log entries
show the users IP address (client=dome.dnsr.name.tld[71.5.1.5]).

-- T

Reply | Threaded
Open this post in threaded view
|

Re: Diagnostic-Code: smtp; 503 5.5.1 Error: nested MAIL command

Wietse Venema
In reply to this post by Tait Grove
Tait Grove:
> Diagnostic-Code: smtp; 503 5.5.1 Error: nested MAIL command

Wietse:
> To get email notification of such SMTP conversations, specify
>
> /etc/postfix/main.cf:
>     notify_classes = resource, software, protocol
>
> The "resource, software" are default settings.  The "protocol"
> sends you email when a session has protocol errors.

Tait Grove:
> Ok I will set this up; I assume this is to give me a clearer reason of why I
> am getting these error messages?

This sends you email with a recording of client commands and server replies.

This recording will help me explain to you what needs to be fixed.

        Wietse
Reply | Threaded
Open this post in threaded view
|

Re: Diagnostic-Code: smtp; 503 5.5.1 Error: nested MAIL command

Noel Jones-2
In reply to this post by Tait Grove
Tait Grove wrote:

> Your error message above showed client 127.0.0.1.  If that information
> is accurate, the offending proxy software is on your box, and not an
> external load balancer or other device.
> The postfix log entry will confirm this, but postfix can't tell what
> software is in front of postfix.
>
> What does your box respond when you telnet to port 25 from an external
> IP?  What does postfix log during that time?  Do all your postfix log
> entries show client=localhost[127.0.0.0] or do they show the correct
> client IP?
>
> ======================================================
>
> There are two local programs that could be proxies, Amavisd (AV scan only
> with CLAMAV) and the virtual vacation program 'vacation.pl'. My log entries
> show the users IP address (client=dome.dnsr.name.tld[71.5.1.5]).
>
> -- T

OK, what amavisd variant is this and what version?  (I hope
it's amavisd-new and not one of the many unmaintained programs
that have "amavis" as part of their name.)  And what version
of postfix while you're at it.

How is this amavisd plugged into postfix?  content_filter,
smtpd_proxy_filter, or what?  I didn't see any reference to it
in your postconf output, so maybe you've configured it in
main.cf.

When you get these nested MAIL command errors, what does
postfix log?  That's what we really need to see.

Anything else you're not telling us?

--
Noel Jones
Reply | Threaded
Open this post in threaded view
|

RE: Diagnostic-Code: smtp; 503 5.5.1 Error: nested MAIL command

Tait Grove
> Your error message above showed client 127.0.0.1.  If that information
> is accurate, the offending proxy software is on your box, and not an
> external load balancer or other device.
> The postfix log entry will confirm this, but postfix can't tell what
> software is in front of postfix.
>
> What does your box respond when you telnet to port 25 from an external
> IP?  What does postfix log during that time?  Do all your postfix log
> entries show client=localhost[127.0.0.0] or do they show the correct
> client IP?
>
> ======================================================
>
> There are two local programs that could be proxies, Amavisd (AV scan only
> with CLAMAV) and the virtual vacation program 'vacation.pl'. My log
entries
> show the users IP address (client=dome.dnsr.name.tld[71.5.1.5]).
>
> -- T

>> OK, what amavisd variant is this and what version?  (I hope
>> it's amavisd-new and not one of the many unmaintained programs
>> that have "amavis" as part of their name.)  And what version
>> of postfix while you're at it.
>>
>> How is this amavisd plugged into postfix?  content_filter,
>> smtpd_proxy_filter, or what?  I didn't see any reference to it
>> in your postconf output, so maybe you've configured it in
>> main.cf.
>>
>> When you get these nested MAIL command errors, what does
>> postfix log?  That's what we really need to see.
>>
>> Anything else you're not telling us?
>>
>> --
>> Noel Jones

Hey Noel,

>> OK, what amavisd variant is this and what version?  (I hope
>> it's amavisd-new and not one of the many unmaintained programs
>> that have "amavis" as part of their name.)  And what version
>> of postfix while you're at it.

I am running amavisd-new (v 1.4), I am using content_filter. My postfix
version is 2.5.1_2,1.


>> How is this amavisd plugged into postfix?  
smtp      inet  n       -       n       -       -       smtpd
    -o content_filter=smtp-amavis:[127.0.0.1]:10024

... AND ...


# AMAVIS Setup for the SpamAssasin system
smtp-amavis unix -      -       n     -       30  smtp
    -o smtp_data_done_timeout=1200
    -o disable_dns_lookups=yes
127.0.0.1:10025 inet n  -       n     -       30  smtpd
   -o content_filter=
   -o local_recipient_maps=
    -o relay_recipient_maps=
    -o smtpd_restriction_classes=
    -o smtpd_client_restrictions=
    -o smtpd_helo_restrictions=
    -o smtpd_sender_restrictions=
    -o mynetworks=127.0.0.0/8,192.168.0.0/8,71.0.0.0/25
    -o smtpd_recipient_restrictions=permit_mynetworks,$transport_maps,reject
    -o strict_rfc821_envelopes=yes
proxywrite unix -       -       n       -       -       proxymap


>> When you get these nested MAIL command errors, what does
>> postfix log?  

I will look into the log to see if I can gather something for you. It is
going to be hard with the amount of traffic we get and how random this error
occurs on our servers (worst then a needle in haystack).

Thanks for all the help thus far, please let me know what other information
I can provide.

>> Anything else you're not telling us?
I just saved a ton of money on my car insurance by switching to Geico. J/K..
I did just notice this in my master.cf ('strict_rfc821_envelopes=yes') and
that is in the error message as well, can this be the culprit?


-- Tait



Reply | Threaded
Open this post in threaded view
|

Re: Diagnostic-Code: smtp; 503 5.5.1 Error: nested MAIL command

Noel Jones-2
Tait Grove wrote:

>> Your error message above showed client 127.0.0.1.  If that information
>> is accurate, the offending proxy software is on your box, and not an
>> external load balancer or other device.
>> The postfix log entry will confirm this, but postfix can't tell what
>> software is in front of postfix.
>>
>> What does your box respond when you telnet to port 25 from an external
>> IP?  What does postfix log during that time?  Do all your postfix log
>> entries show client=localhost[127.0.0.0] or do they show the correct
>> client IP?
>>
>> ======================================================
>>
>> There are two local programs that could be proxies, Amavisd (AV scan only
>> with CLAMAV) and the virtual vacation program 'vacation.pl'. My log
> entries
>> show the users IP address (client=dome.dnsr.name.tld[71.5.1.5]).
>>
>> -- T
>
>>> OK, what amavisd variant is this and what version?  (I hope
>>> it's amavisd-new and not one of the many unmaintained programs
>>> that have "amavis" as part of their name.)  And what version
>>> of postfix while you're at it.
>>>
>>> How is this amavisd plugged into postfix?  content_filter,
>>> smtpd_proxy_filter, or what?  I didn't see any reference to it
>>> in your postconf output, so maybe you've configured it in
>>> main.cf.
>>>
>>> When you get these nested MAIL command errors, what does
>>> postfix log?  That's what we really need to see.
>>>
>>> Anything else you're not telling us?
>>>
>>> --
>>> Noel Jones
>
> Hey Noel,
>
>>> OK, what amavisd variant is this and what version?  (I hope
>>> it's amavisd-new and not one of the many unmaintained programs
>>> that have "amavis" as part of their name.)  And what version
>>> of postfix while you're at it.
>
> I am running amavisd-new (v 1.4), I am using content_filter. My postfix
> version is 2.5.1_2,1.

I don't think there has ever been an amavisd-new v1.4.
Version 2 was released in 2004, prior to that there was just a
release date rather than version number.  Current version is
2.6.0.  If you're using anything more than a couple years old
it should probably be upgraded.
Version history info here:
http://www.ijs.si/software/amavisd/#download


>
>
>>> How is this amavisd plugged into postfix?  
> smtp      inet  n       -       n       -       -       smtpd
>     -o content_filter=smtp-amavis:[127.0.0.1]:10024

OK.

>
> ... AND ...
>
>
> # AMAVIS Setup for the SpamAssasin system
> smtp-amavis unix -      -       n     -       30  smtp
>     -o smtp_data_done_timeout=1200
>     -o disable_dns_lookups=yes
> 127.0.0.1:10025 inet n  -       n     -       30  smtpd
>    -o content_filter=
>    -o local_recipient_maps=
>     -o relay_recipient_maps=
>     -o smtpd_restriction_classes=
>     -o smtpd_client_restrictions=
>     -o smtpd_helo_restrictions=
>     -o smtpd_sender_restrictions=
>     -o mynetworks=127.0.0.0/8,192.168.0.0/8,71.0.0.0/25
>     -o smtpd_recipient_restrictions=permit_mynetworks,$transport_maps,reject

What's $transport_maps doing there?  But this isn't related to
the reported problem.

>     -o strict_rfc821_envelopes=yes
> proxywrite unix -       -       n       -       -       proxymap
>
>
>>> When you get these nested MAIL command errors, what does
>>> postfix log?  
>
> I will look into the log to see if I can gather something for you. It is
> going to be hard with the amount of traffic we get and how random this error
> occurs on our servers (worst then a needle in haystack).

Just grep the log for the error message.

>
> Thanks for all the help thus far, please let me know what other information
> I can provide.
>
>>> Anything else you're not telling us?
> I just saved a ton of money on my car insurance by switching to Geico. J/K..

Ha!

> I did just notice this in my master.cf ('strict_rfc821_envelopes=yes') and
> that is in the error message as well, can this be the culprit?

Unrelated.  But not needed, either.  Feel free to remove it.

>
>
> -- Tait
>
>
>

--
Noel Jones