Larry Rosenman wrote:
> Thomas Bushnell BSG wrote:
>> I run a small mail server (exim4 on Debian) and on that server hosts
>> several email lists. One of them includes a member at verizon.net,
>> and his address recently started failing. He changed his address to
>> verizon.net in mid-December and all worked well until last Friday.
>>
>> At that point, all email to him (either through the list, or
>> directly) cannot get through.
>>
>> The message would be actively rejected thus:
>>
>> 2005-02-21 09:10:53 1D3H4F-00089S-LH == bcebsg@???
>> <gregorians@???> R=dnslookup T=remote_smtp defer (0): SMTP
>> error from remote mailer after MAIL
>> FROM:<gregorians-outlist-owner@???> SIZE=2524: host
>> relay.verizon.net [206.46.232.11]: 450 Requested mail action not
>> taken-Try later:sv6.verizon.net
>>
>> And immediately before (coincidence? not!) would be the following
>> curious log entry:
>>
>> 2005-02-21 09:10:53 SMTP protocol violation: synchronization error
>> (input sent without waiting for greeting): rejected connection from
>> H=vms142pub.verizon.net [206.46.252.142]
>>
>> Now I'm inclined to blame it on the apparent use of VMS as an
>> operating system by Verizon. Maybe not.
>>
>> After more thought, I realize that Verizon is using broken sender
>> verification, sending a fake message back to the sender of the
>> message (in this case, gregorians-outlist-owner@???) and
>> the fake message checkback is not following SMTP synchronization
>> rules!
>> Idiots. Ok, so I go back to my config and I turn off
>> smtp_enforce_sync, thinking this should get the checkback to succeed.
>> Later checking on email lists shows that Verizon does have this bug.
>> But it's unclear why mail to my correspondent worked fine for two
>> months before now.
>>
>> But making this change doesn't help. It still fails with apparently
>> the same error, though I of course no longer get the synchronization
>> errors:
>>
>> 2005-02-21 12:38:10 1D3H4F-00089S-LH == bcebsg@???
>> <gregorians@???> R=dnslookup T=remote_smtp defer (0): SMTP
>> error from remote mailer after MAIL
>> FROM:<gregorians-outlist-owner@???> SIZE=2524: host
>> relay.verizon.net [206.46.232.11]: 450 Requested mail action not
>> taken-Try later:sv3.verizon.net
>>
>> Sometimes the error is different and the message simply times out:
>>
>> 2005-02-21 11:47:31 1D2yaG-0005rh-E7 == bcebsg@???
>> <gregorians@???> R=dnslookup T=remote_smtp defer (110):
>> Connection timed out: SMTP timeout while connected to
>> relay.verizon.net [206.46.232.11] after MAIL
>> FROM:<gregorians-outlist-owner@???> SIZE=4682
>>
>> I would like to see what's happening on the checkback transaction,
>> but mail transactions that disconnect after the RCPT succeeds don't
>> seem to be logged.
>>
>> The IP address of my mail server (becket.becket.net) doesn't seem to
>> be on any block lists; my ISP is fine with what I'm doing; my DNS is
>> all happy; and reading mailing list archives suggests that this
>> happens every now and then. Is there anything I should try other
>> than just telling my correspondent that as long as he uses Verizon
>> and they don't fix it, he can't get mail through my server?
>>
>> Thomas
>
> AHA!!!!!!!!!!!!!
> Someone else with issues with Exim and Verizon.net :)
>
>
> Count Volume Oldest Newest Domain
> ----- ------ ------ ------ ------
>
> 2 16KB 8m 5m ccsl.com.np
> 82 1019KB 28h 2m default.net.nz
> 8 361KB 57h 37m gte.net
> 194 2357KB 20h 3m verizon.net
> ---------------------------------------------------------------
> 286 3753KB 57h 2m TOTAL
>
>
> Mon Feb 21 15:00:14 CST 2005
>
>
> I also have ~20 messages queued on my home exim box.
>
> Verizon.net refuses to talk to me since I'm not a customer.
>
> I don't even see verizon attempting to talk to my server.
>
> I also see timeouts after the mail from:<xxx@???> when I talk to
> them.
>
> Also, raw telnet to the port causes the same behaviour.
>
> Is anyone from verizon.net here?
>
>
>
> --
> Larry Rosenman http://www.lerctr.org/~ler
> Phone: +1 972-414-9812 E-Mail: ler@???
> US Mail: 1905 Steamboat Springs Drive, Garland, TX 75044-6749
Turning off IDENT in addtition to the no_enforce_sync seems to fix it for
me,
FWIW.
--
Larry Rosenman http://www.lerctr.org/~ler
Phone: +1 972-414-9812 E-Mail: ler@???
US Mail: 1905 Steamboat Springs Drive, Garland, TX 75044-6749