Re: [exim] TLS errors on SMTP (non-AUTH) connections

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MW B Hacker at <-
MVincent Danen at ->
Delete this message
Reply to this message
Author: Vincent Danen
Date:  
To: exim-users
Subject: Re: [exim] TLS errors on SMTP (non-AUTH) connections
* Peter Bowyer <peter@???> [2007-02-01 07:44:31 +0000]:

> > >> Not really sure why unless it's doing a sender verify and is timing out
> > >> because the telnet to it worked fine.
> > >
> > > There's a suspicious delay after 'RCPT TO' in their SMTP dialogue -
> > > probably is a callout. Try a different MAIL FROM to eliminate
> > > this.....
> >
> > If the logging is even moderatey verbose, a far-end sender-verification attempt
> > should show up between your 'Mail From' to them and <whatever is timing out>.
>
> Assuming the MAIL FROM in the test delivery is MXd somewhere you can
> look at logs, indeed.

Ok, so that would just look like a simple connection on my end, right?
I should be able to see from my logs whether or not they attempted a
connection?

Ok, now this is more interesting. Simulated a full conversation this
time:

[root@hades lists]# telnet hostgator.com 25
Trying 67.18.54.2...
Connected to hostgator.com (67.18.54.2).
Escape character is '^]'.
220-gator.hostgator.com ESMTP Exim 4.63 #1 Thu, 01 Feb 2007 11:47:07 -0600
220-We do not authorize the use of this system to transport unsolicited,
220 and/or bulk e-mail.
HELO hades.annvix.org
250 gator.hostgator.com Hello hades.annvix.org [66.181.209.81]
MAIL FROM: <vdanen@???>
250 OK
RCPT TO: <sales@???>
250 Accepted
DATA
354 Enter message, ending with "." on a line by itself
From: <vdanen@???>
To: <sales@???>
Subject: Trying to get a hold of you

I've been trying to get a hold of you via SMTP but am unable to.
.
421 gator.hostgator.com SMTP incoming data timeout - closing connection.
Connection closed by foreign host.


So there is definitely something going on here... nothing showed up in
my exim logs at all about any connection being made from that IP. Now,
I double checked that the MX settings are correct:

[root@hades lists]# dnsq MX annvix.org dns00.danen.ca
15 annvix.org:
140 bytes, 1+1+2+3 records, response, authoritative, noerror
query: 15 annvix.org
answer: annvix.org 86400 MX 10 annvix.org
authority: annvix.org 86400 NS dns00.danen.ca
authority: annvix.org 86400 NS dns01.danen.ca
additional: annvix.org 86400 A 66.181.209.82
additional: dns00.danen.ca 86400 A 66.181.209.81
additional: dns01.danen.ca 86400 A 66.181.209.80


So now I'm stumped. I'm watching tonnes of mail flow into my machine,
so there definitely isn't a problem there.

I just tried again with another email address on my system and it's
doing the same thing. After I finish the "DATA" section it just sits
there... presumably attempting the sender verification.

I'm obviously able to connect to them, there should be no reason they
can't connect to me yet their IP never shows in my logs.

Just for kicks I tried my gmail.com account... same thing.

But now this is even more interesting:

[root@hades lists]# telnet hostgator.com 25
Trying 67.18.54.2...
Connected to hostgator.com (67.18.54.2).
Escape character is '^]'.
220-gator.hostgator.com ESMTP Exim 4.63 #1 Thu, 01 Feb 2007 12:15:55 -0600
220-We do not authorize the use of this system to transport unsolicited,
220 and/or bulk e-mail.
EHLO hades.annvix.org
250-gator.hostgator.com Hello hades.annvix.org [66.181.209.81]
250-SIZE 52428800
250-PIPELINING
250-AUTH PLAIN LOGIN
250-STARTTLS
250 HELP
MAIL FROM: <vdanen@???>
250 OK
RCPT TO: <sales@???>
250 Accepted
DATA
354 Enter message, ending with "." on a line by itself
From: <vdanen@???>
To: <sales@???>
Subject: test

This is a test.
.
250 OK id=1HCgU0-000540-1q
QUIT
221 gator.hostgator.com closing connection
Connection closed by foreign host.

I've also just discovered the "-d" option to -"M" so tried to force my
initial message from a few days ago and watch the conversation. First
exim tries STARTTLS, then when that fails, it tries using PIPELINING.

I don't get why this is happening. You can see some of the output here:


67.18.54.2 in hosts_require_tls? no (option unset)
using PIPELINING
67.18.54.2 in hosts_require_auth? no (option unset)
67.18.54.2 in hosts_try_auth? no (option unset)
SMTP>> MAIL FROM:<vdanen@???> SIZE=4721
SMTP>> RCPT TO:<sales@???>
SMTP>> DATA
waiting for data on socket
selecting on subprocess pipes
selecting on subprocess pipes
selecting on subprocess pipes
selecting on subprocess pipes
selecting on subprocess pipes
ok=0 send_quit=0 send_rset=1 continue_more=0 yield=0 first_address is not NULL
set_process_info: 5836 delivering 1HBDbg-00013F-1T: just tried hostgator.com [67.18.54.2] for sales@???: result OK
added retry item for T:hostgator.com:67.18.54.2:1HBDbg-00013F-1T: errno=110 more_errno=0,M flags=6
...
post-process sales@??? (1)
LOG: MAIN
== sales@??? R=dnslookup T=remote_smtp defer (110): Connection timed out: SMTP timeout while connected to hostgator.com [67.18.54.2] after MAIL FROM:<vdanen@???> SIZE=4721

At this point I'm thinking that I need to disable esmtp capabilities to
this host. Which seems silly because it responded properly and seemed
to deliver the mail when I issued "EHLO" rather than "HELO", but didn't
use the STARTTLS or PIPELINING commands.

Why would the remote exim server have issues like this? I really don't
know how to even begin trying to figure this out.

Thanks.

--
{FEE30AD4 : 7F6C A60C 06C2 4811 FA1C A2BC 2EBC 5E32 FEE3 0AD4}
mysql> SELECT * FROM users WHERE clue > 0;
Empty set (0.00sec)
This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] TLS errors on SMTP (non-AUTH) connectionsRe: [exim] local_user section with check_local_user removed (asadvised->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)