Re: [exim] MessageLabs 554 SMTP synchronisation error

Top Page
Delete this message
Reply to this message
Author: Frank S. Bernhardt
Date:  
To: exim-users
Subject: Re: [exim] MessageLabs 554 SMTP synchronisation error
Gutten tag.

Carsten Koch-Mauthe wrote:

>Hi,
>
>Am Dienstag, 12. Juli 2005 00:50 schrieb Jakob Hirsch:
>
>
>>Giuliano Gavazzi wrote:
>>
>>
>>>>>4) From a supposed print screen I see that they get this [a 554
>>>>>error] right after the 'Escape character is...' message with no
>>>>>greeting message displayed.
>>>>>
>>>>>
>>Maybe their telnet client send something in order to negotiate some
>>connection parameter. They should try netcat, which has not such hidden
>>magic.
>>
>>
>
>Try this:
>
>=== Schnipp ===
>smtp_enforce_sync         Use: main   Type: boolean             Default: true

>
>    The SMTP protocol specification requires the client to wait for a response
>    from the server at certain points in the dialogue. Without PIPELINING
>    these synchronization points are after every command; with PIPELINING they
>    are fewer, but they still exist.

>
>    Some spamming sites send out a complete set of SMTP commands without
>    waiting for any response. Exim protects against this by rejecting a
>    message if the client has sent further input when it should not have. The
>    error response '554 SMTP synchronization error' is sent, and the connec-
>    tion is dropped. Testing for this error cannot be perfect because of
>    transmission delays (unexpected input may be on its way but not yet
>    received when Exim checks). However, it does detect many instances.

>
>    The check can be globally disabled by setting "smtp_enforce_sync" false.   
>|
>    If you want to disable the check selectively (for example, only for        
>|
>    certain hosts), you can do so by an appropriate use of a "control"         
>|
>    modifier in an ACL (see section 39.18). See also                           
>|
>    "pipelining_advertise_hosts".
>=== Schnapp ===

>
>Gruss
>Carsten
>
>
>
>

Yes, I read that as well but I don't think I will need to do that.

I think I've got this under control now. As originally stated we have
been receiving e-mails from Message Labs on an on-going basis with no
problems. It's just that the tests from their new towers were failing
and they were telling me to 'fix my end'. I was fairly certain it wasn't
my fault but I just wanted to see what you guys thought and to cover my
backside.

In my last e-mail from Message Labs they kinda missed the point of the
30s timeout and I don't think they have an ident daemon running but we
will be doing another test at 2s. Their connectivity test tool is set to
use a 10s timeout so we should be ok as their real servers use a 2.5 -
3m timeout.

I think I've taken enough of all your valuable time on this matter and
I'm glad we didn't have to bother Philip with this. ;-)

Thank you all very much.

--

Regards

Frank S. Bernhardt
b.c.s.i.
14 Halton Court
Markham, ON. Canada
L3P 6R3

905-471-1691 Voice
905-471-3016 FAX

frank@???

Registered Linux-User #312398 with the Linux Counter, http://counter.li.org.