timed out while sending message body

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

timed out while sending message body

Lewis-29
Hi All,

Been struggling with this one for too long.
Mail to yahoo.com and a few other isolated locations are timeing out mid
stream.  All other destinations - No prob's.
Small plain text is OK.  Add a 15K gif attachement => timeout.
One other common denominator is that the problem recipient mail servers don't
like ehlo, so I'm suspecting some protocol issue.   Detected using telnet.
To test I've disabled tls and ehlo, but this is not the solution.
Sendmail has no issues sending from the same node, so it's not likely to be a
network related issue. (SNAT'd to the same address)
tcpdump shows the standard transfer for the first 2-3 secs, Syn => ACK =>ACK
PUSH, then 2 minutes of outbound packets with no reply, then a couple of
inbound push before a FIN following a suspected timeout length of 2 minutes.
tcpsump on external interface of firewall is consistent with other dumps.
This case in particular is a secondary instance to bypass filters for outbound
mail, but the issue persists with either instance even when the other is not
running.
The main.cf  is reduced to minimal...

postconf -n

alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
config_directory = /etc/postfix-out/
inet_interfaces = xxx.xxx.xxx.xxx
initial_destination_concurrency = 2
mailbox_size_limit = 0
mydestination =  mail.eml.com.au, mailout.xxxxl localhost.xxx, localhost
myhostname = mailout.eml.local
mynetworks =  xxx.xxx.xxx.xxx/32,  127.0.0.0/8, [::ffff:127.0.0.0]/104
[::1]/128
myorigin = /etc/mailname
queue_directory = /var/spool/postfix-out
readme_directory = no
recipient_delimiter = +
smtp_tls_per_site = hash:/etc/postfix/smtp_tls_per_site
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name
smtpd_client_restrictions = permit_mynetworks, reject
smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination,            
reject_invalid_hostname,            permit
smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = no

This is bizarre.  
Anyone got any ideas?

Cheers,


--
Lew
Reply | Threaded
Open this post in threaded view
|

Re: timed out while sending message body

Wietse Venema
Lewis:
> Sendmail has no issues sending from the same node, so it's not likely to be a
> network related issue. (SNAT'd to the same address)

I suppose you didn't spot any specific differences in the way that
EMSP is being spoken, such as:

- ESMTP command PIPELINING (MAIL FROM+RCPT TO+DATA in one TCP packet)

> tcpdump shows the standard transfer for the first 2-3 secs, Syn => ACK =>ACK
> PUSH, then 2 minutes of outbound packets with no reply, then a couple of
> inbound push before a FIN following a suspected timeout length of 2 minutes.
> tcpsump on external interface of firewall is consistent with other dumps.

Try turning off PIPELINING for borked sites:

http://www.postfix.org/postconf.5.html#smtp_discard_ehlo_keywords
http://www.postfix.org/postconf.5.html#smtp_discard_ehlo_keyword_address_maps

        Wietse
Reply | Threaded
Open this post in threaded view
|

Re: timed out while sending message body

mouss-2
In reply to this post by Lewis-29
Lewis wrote:

> Hi All,
>
> Been struggling with this one for too long.
> Mail to yahoo.com and a few other isolated locations are timeing out mid
> stream.  All other destinations - No prob's.
> Small plain text is OK.  Add a 15K gif attachement => timeout.
> One other common denominator is that the problem recipient mail servers don't
> like ehlo, so I'm suspecting some protocol issue.   Detected using telnet.
> To test I've disabled tls and ehlo, but this is not the solution.
> Sendmail has no issues sending from the same node, so it's not likely to be a
> network related issue. (SNAT'd to the same address)
>  

if sendmail makes you happy, use sendmail. otherwise please explain what
is happening in as much details as you can without telling us that "it
works with blahmail".

Reply | Threaded
Open this post in threaded view
|

Re: timed out while sending message body

Lewis-29
In reply to this post by Wietse Venema
Hi Wietse,
Thanks for the help.

> I suppose you didn't spot any specific differences in the way that
> EMSP is being spoken, such as:
>
> - ESMTP command PIPELINING (MAIL FROM+RCPT TO+DATA in one TCP packet)

>
> Try turning off PIPELINING for borked sites:
Did not alter the result.

The issue was fixed by lowering the mtu to 1400.  
I finally noted some missing checksums with  -vv.
I' d not gone this low before, but it was apparently necessary.
Hope I didn't waste your time.

Thanks again,

Lewis

Reply | Threaded
Open this post in threaded view
|

Re: timed out while sending message body

Lewis-29
In reply to this post by mouss-2
Thanks Mouss,

On Thursday 03 July 2008 12:24:30 mouss wrote:

> Lewis wrote:
> > Hi All,
> >
> > Been struggling with this one for too long.
> > Mail to yahoo.com and a few other isolated locations are timeing out mid
> > stream.  All other destinations - No prob's.
> > Small plain text is OK.  Add a 15K gif attachement => timeout.
> > One other common denominator is that the problem recipient mail servers
> > don't like ehlo, so I'm suspecting some protocol issue.   Detected using
> > telnet. To test I've disabled tls and ehlo, but this is not the solution.
> > Sendmail has no issues sending from the same node, so it's not likely to
> > be a network related issue. (SNAT'd to the same address)
>
> if sendmail makes you happy, use sendmail. otherwise please explain what
> is happening in as much details as you can without telling us that "it
> works with blahmail".
Well I've been made far happier by Postfix for many years, which is why I'm
trying to replace the sendmail system I've inherited  ;-)
Fine line between too little and too much info, hard to please everyone in a
forum this size, but apologies for the lack of accurate details.  
I've not had any issues with postfix for so many years I'm out of practice.  
Most importantly I am pleased you made the effort to reply.

Cheers,


--
Lew