| Summary: | SMTP command timeout when sending email to gentoo.org smtp server | ||
|---|---|---|---|
| Product: | Gentoo Infrastructure | Reporter: | Kevin Korb <gentoobugs> |
| Component: | Other | Assignee: | Gentoo Infrastructure <infra-bugs> |
| Status: | VERIFIED INVALID | ||
| Severity: | normal | CC: | infra-bugs |
| Priority: | High | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Package list: | Runtime testing required: | --- | |
|
Description
Kevin Korb
2005-08-01 16:52:27 UTC
Reassigning Is it possible that you have a very slow network connection? Your address seems resolvable atm, could you retry and tell me exactly what's the dealy between the 'helo' and the timeout errir? I am pretty sure it isn't a slow network issue because when I run it from the box that works it returns instantly. Also, when I run the help command it returns instantly. It only hangs when I send the helo from a box behind my NAT. It takes about 5 minutes for the connection to actually timeout. I have had an email to someone@gentoo.org stuck in my outgoing queue for almost 24 hours. Given that the SMTP conversation works normally from your border gateway, it sounds like this issue is localized on your network. We've been receiving about the same number of messages over the last few weeks -- no sharp drops that would indicate a widespread problem. I also checked the firewall ruleset and SMTP config file -- no specific mention of the 24.0.0.0/8 block of addresses. Closing as invalid -- feel free to reopen if you can provide more information showing the source of the problem. I would be willing to believe that the problem was on my end except I have been using this configuration for more than a year without any other problems. I have sent plenty of email to other Exim servers with no problems. I don't believe I have ever tried to send email to gentoo.org before so I can't say if this is a new problem or not. I believe this to be some kind of incompatibility between whatever firewalling is on smtp.gentoo.org and my NAT but I have no way of debugging this further without knowing what on your setup may be causing this. The firewall is standard netfilter/iptables. Have you sniffed your network to see what the last communication is in each scenario? If so, please provide edited snippets of the conversations. (not just the entire dump file) Please check your mail server configuration. Looking at our mail logs, reject.log has the following: toucan mail # grep 24.173.162.174 reject.log* reject.log:2005-08-02 17:18:28 SMTP call from asylum.sanitarium.net [24.173.162.174] dropped: too many unrecognized commands (last was "12345678") reject.log:2005-08-02 18:12:59 SMTP call from asylum.sanitarium.net (sanitarium.net) [24.173.162.174] dropped: too many unrecognized commands (last was " Please check your mail server configuration. Looking at our mail logs, reject.log has the following: toucan mail # grep 24.173.162.174 reject.log* reject.log:2005-08-02 17:18:28 SMTP call from asylum.sanitarium.net [24.173.162.174] dropped: too many unrecognized commands (last was "12345678") reject.log:2005-08-02 18:12:59 SMTP call from asylum.sanitarium.net (sanitarium.net) [24.173.162.174] dropped: too many unrecognized commands (last was "ÿøÿøÿøÿøÿø") reject.log.1:2005-08-01 18:33:32 rejected HELO from asylum.sanitarium.net [24.173.162.174]: syntactically invalid argument(s): (no argument given) reject.log.1:2005-08-01 18:49:15 rejected HELO from asylum.sanitarium.net [24.173.162.174]: syntactically invalid argument(s): (no argument given) reject.log.1:2005-08-01 18:50:15 rejected HELO from asylum.sanitarium.net [24.173.162.174]: syntactically invalid argument(s): (no argument given) reject.log.1:2005-08-01 19:04:49 rejected HELO from asylum.sanitarium.net [24.173.162.174]: syntactically invalid argument(s): (no argument given) reject.log.1:2005-08-01 19:04:55 rejected HELO from asylum.sanitarium.net [24.173.162.174]: syntactically invalid argument(s): (no argument given) reject.log.1:2005-08-01 19:05:56 rejected HELO from asylum.sanitarium.net [24.173.162.174]: syntactically invalid argument(s): (no argument given) reject.log.1:2005-08-01 19:06:58 rejected HELO from asylum.sanitarium.net [24.173.162.174]: syntactically invalid argument(s): (no argument given) reject.log.1:2005-08-01 23:05:08 rejected HELO from asylum.sanitarium.net [24.173.162.174]: syntactically invalid argument(s): (no argument given) main.log has: toucan mail # grep 24.173.162.174 main.log 2005-08-02 05:01:23 SMTP command timeout on connection from asylum.sanitarium.net [24.173.162.174] 2005-08-02 17:03:02 1E00AO-0008Ex-PG => gentoobugs@sanitarium.net R=dnslookup T=remote_smtp H=asylum.sanitarium.net [24.173.162.174] 2005-08-02 17:18:28 SMTP call from asylum.sanitarium.net [24.173.162.174] dropped: too many unrecognized commands (last was "12345678") 2005-08-02 17:21:19 SMTP command timeout on connection from asylum.sanitarium.net [24.173.162.174] 2005-08-02 17:22:12 SMTP command timeout on connection from asylum.sanitarium.net [24.173.162.174] 2005-08-02 17:23:04 SMTP command timeout on connection from asylum.sanitarium.net [24.173.162.174] 2005-08-02 17:23:38 SMTP command timeout on connection from asylum.sanitarium.net [24.173.162.174] 2005-08-02 17:23:50 SMTP command timeout on connection from asylum.sanitarium.net [24.173.162.174] 2005-08-02 17:25:21 SMTP command timeout on connection from asylum.sanitarium.net [24.173.162.174] 2005-08-02 17:26:08 SMTP command timeout on connection from asylum.sanitarium.net [24.173.162.174] 2005-08-02 17:41:30 SMTP command timeout on connection from asylum.sanitarium.net [24.173.162.174] 2005-08-02 17:50:15 SMTP command timeout on connection from asylum.sanitarium.net [24.173.162.174] 2005-08-02 17:55:46 SMTP command timeout on connection from asylum.sanitarium.net [24.173.162.174] 2005-08-02 17:57:49 SMTP command timeout on connection from asylum.sanitarium.net [24.173.162.174] 2005-08-02 18:05:49 SMTP command timeout on connection from asylum.sanitarium.net [24.173.162.174] 2005-08-02 18:06:12 1E019W-0007El-Ve => gentoobugs@sanitarium.net R=dnslookup T=remote_smtp H=asylum.sanitarium.net [24.173.162.174] 2005-08-02 18:12:59 SMTP call from asylum.sanitarium.net (sanitarium.net) [24.173.162.174] dropped: too many unrecognized commands (last was "ÿøÿøÿøÿøÿø") 2005-08-02 18:13:17 SMTP command timeout on connection from asylum.sanitarium.net [24.173.162.174] 2005-08-02 18:14:41 SMTP command timeout on connection from asylum.sanitarium.net [24.173.162.174] 2005-08-02 18:15:07 SMTP command timeout on connection from asylum.sanitarium.net [24.173.162.174] 2005-08-02 18:16:21 SMTP command timeout on connection from asylum.sanitarium.net [24.173.162.174] Most of those entries were me debugging.
I have determined that this problem only exists when I connect from a Linux box
within my NAT. If I connect from some other OS it works fine. I have also
determined that when the failure occours the packet never leaves my router so
the problem probably is on my end although I don't know where.
To recap and update...
Whenever I send an smtp command containing more than 10 bytes (usually the helo
command) from a Linux box (Gentoo or Knoppix, 2.4 or 2.6) behind my OpenBSD NAT
fireall to mail.gentoo.org the connection stalls and the packet containing the
>10 byte command is never transmitted.
The problem only exists when comming from a Linux box and when connecting to
mail.gentoo.org
I am going to set this ticket back to invalid until I have some time to do some
more verbose packet dumping and try to isolate the problem further.
OK, I finally figured it out... My default policy on my internal interface was set to accept all packets but it was not set to create a state for stateful inspection. I have no idea this caused these particular symptoms nor do I know why it didn't cause any other symptoms but my problem is solved. Thanks for the help. |
