Re: [exim] TLS errors on SMTP (non-AUTH) connections

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Vincent Danen
Date:  
À: exim users
Sujet: Re: [exim] TLS errors on SMTP (non-AUTH) connections
* W B Hacker <wbh@???> [2007-02-02 05:05:34 +0800]:

> >> I read the "RCPT delays and PIPELINING" thread with much interest after
> >> I wrote my last message on this where it seems that pipelining is being
> >> the culprit here. I have no idea how their server is setup, but seems
> >> like there are some delays there that interfere with pipelining (as I
> >> did a manual esmtp connection, no STARTTLS, no PIPELINING, and it was
> >> delivered).
> >>
> >> So, the question is, can I disable pipelining for one particular host
> >> (in the current exim)? Or disable pipelining for outbound mail
> >> altogether?
> >>
> >> I've got to read the manual on that one. I've never had to think about
> >> pipelining before.
> >
> > Looks like I might have to wait for the new version of exim to do this.
> > I set:
> >
> > pipelining_advertise_hosts = 127.0.0.1
> > smtp_enforce_sync = true
> >
> > but on outgoing connections if the remote advertises pipelining, seems
> > like exim will use it no matter what I want.
> >
> > Sucks, but looks like there isn't a whole lot I can do about this at the
> > moment, which is unfortunate. Well, I could use a snapshot I guess but
> > that doesn't sound like much of a good idea for a production system.
> >
> > Thanks for all the tips/pointers and such, but I think until the new
> > exim comes out, there isn't much I can do here.
> >
> > Unless someone else has some creative magic for me to try, of course.
> > =)
>
> Try this first - just for experiment's sake:
>
> pipelining_advertise_hosts = : (the empty list)


Ok, I did that. We'll see if that makes a difference.

> That said ISTR that, as you said, Exim *will* use pipelining if the far-end
> offers it.


Right, which seems to be where the problem lies.

> Probably simple enough to disable the very *detection* of that if modifying
> source, i.e. - just make Exim 'blind' to the offer.


I'd prefer not to monkey with the source if possible... =) The build
I'm using here is a distribution build, so I'd like to make it as
straight-across-the-board as possible.

> But I don't see any gain. And I really don't think pipelining per se is the
> culprit in your original problem.
>
> The only reason we muck about with it *at all* is that it thumps enough spambots
> to be worth whatever modest b/w efficiency loss we suffer. And, of course, we do
> use delays here and there for some traffic.
>
> Given that over 90% of our arrivals are single-recipient messages in any case,
> and that we have a number of local and remote lookups and such taking up time,
> the more efficient *packet* is just not a big deal here.
>
> High-traffic sites would, of course disagree.


Well, I'm not a high-traffic site, so disabling pipelining here probably
isn't that big of a deal. What I'd really like to do is disable
outbound pipelining. I really think that might be the problem... the
remote end is using delays and the pipelining is getting in the way (on
their end). There's not much I can do about their end, but it would be
nice to have an "exception list" if I see known problems.

The reason I think that is it is because if I try to send the mail
manually using HELO, it fails. If I use EHLO, but without PIPELINING,
it works.

All of this has me really confused and leads me to one (possibly
incorrect) conclusion.

--
{FEE30AD4 : 7F6C A60C 06C2 4811 FA1C A2BC 2EBC 5E32 FEE3 0AD4}
mysql> SELECT * FROM users WHERE clue > 0;
Empty set (0.00sec)