Re: [exim] I: "Introduce a delay into the SMTP transaction" …

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Heiko Schlittermann
Date:  
À: exim-users
Sujet: Re: [exim] I: "Introduce a delay into the SMTP transaction" - connection timeout
Hi,

Jeremy Harris <jgh@???> (Mi 20 Sep 2017 19:15:18 CEST):

> sysctl net.ipv4.tcp_syn_retries ?


Yes, on my system it is set to 6 (retries), so I see 7 SYN packets in a
row, with a doubling time between them.

    t    dt (s)  action
    -----------+--------
    0        0  SYN
    1        1  SYN retry #1
    3        2  SYN retry #2
    7        4  SYN retry #3
   15        8  SYN retry #4
   31       16  SYN retry #5
   63       32  SYN retry #6
  127       64  ETIMEDOUT


I observed it using the LOG target of my firewall (which was set to DROP
packets to the destination host)

---[ edited log from my kernel ]----
1 Sep 21 09:08:20 blade kernel: OUT=wwp0s20f0u6i12 SRC=100.71.138.216 DST=84.19…
            + 1s
2 Sep 21 09:08:21 blade kernel: OUT=wwp0s20f0u6i12 SRC=100.71.138.216 DST=84.19…
            + 2s
3 Sep 21 09:08:23 blade kernel: OUT=wwp0s20f0u6i12 SRC=100.71.138.216 DST=84.19…
            + 4s
4 Sep 21 09:08:27 blade kernel: OUT=wwp0s20f0u6i12 SRC=100.71.138.216 DST=84.19…
            + 8s
5 Sep 21 09:08:35 blade kernel: OUT=wwp0s20f0u6i12 SRC=100.71.138.216 DST=84.19…
            +16s
6 Sep 21 09:08:52 blade kernel: OUT=wwp0s20f0u6i12 SRC=100.71.138.216 DST=84.19…
            +32s
7 Sep 21 09:09:24 blade kernel: OUT=wwp0s20f0u6i12 SRC=100.71.138.216 DST=84.19…
            +64s
Final timeout 09:10:30
---------------------------------
(Note, this connection attempt wasn't initiated by Exim, but by `cat </dev/tcp/84.194…./smtp`


After all, Exim behaves as documented. If the OP whould have taken some
minute to read the docs, he would have discovered:

    +------------------------------------------------+
    |connect_timeout|Use: smtp|Type: time|Default: 5m|
    +------------------------------------------------+


    This sets a timeout for the connect() function, which sets up a TCP/IP call to
    a remote host. A setting of zero allows the system timeout (typically several
 *  minutes) to act. To have any effect, the value of this option must be less than
 *  the system timeout. However, it has been observed that on some systems there is
    no system timeout, which is why the default value for this option is 5 minutes,
    a value recommended by RFC 1123.



    Best regards from Dresden/Germany
    Viele Grüße aus Dresden
    Heiko Schlittermann
-- 
 SCHLITTERMANN.de ---------------------------- internet & unix support -
 Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
 gnupg encrypted messages are welcome --------------- key ID: F69376CE -
 ! key id 7CBF764A and 972EAC9F are revoked since 2015-01 ------------ -