Author: Mick Swisher Date: To: exim-users Subject: [Exim] Re: stmp protocol violation, synchronization error, input sent
Mick Swisher wrote: > Edgar Lovecraft wrote:
>
>> The 30 second time wait is why I mention the ident checks, exim does this
>> by default, just set it to 15 sec or less (or 0 to turn off) and I would
>> wager that if you do no other delay before the SMTP Banner the server
>> would
>> connect properly. ... > I went ahead and disabled the ident check temporarily to see if the
> number of sync errors goes down. We are currently getting 15k to 20k
> sync errors each day. If that does not reduce the errors, then I will
> disable the rDNS lookups to see what happens. I will also try to
> capture an smtp conversation to see if it is a delay or just a 'pump &
> dump' script.
You guys are good. Disabling the ident check fixed the problem. We are
now receiving mail from swbell.net (mtaw?.prodigy.net). For the first
time since we installed Exim the 'sync' errors have dropped below 15k.
Of course all the other errors increased by 10-70% and our spam
increased as well.
I have since set set the ident timeout back up to 20s for further
testing. I would prefer to get it as close to 30s as possible without
risking intermittent issues with legitimate, although misconfigured,
mta's.
It may have been posted before but I just have to post it again. From
rfc 1123, section 5.3.2:
> Based on extensive experience with busy mail-relay hosts,
> the minimum per-command timeout values SHOULD be as follows:
>
> * Initial 220 Message: 5 minutes
>
> A Sender-SMTP process needs to distinguish between a failed
> TCP connection and a delay in receiving the initial 220
> greeting message. Many receiver-SMTPs will accept a TCP
> connection but delay delivery of the 220 message until
> their system load will permit more mail to be processed.
