On Tue, 22 Sep 2020, Christian Eyrich via Exim-users wrote:
> Hi,
>
> a few weeks ago the GMX mail servers stopped sending mails to my server.
>
> The GMX mailer daemon writes:
> A message that you sent could not be delivered to one or more of
> its recipients. This is a permanent error. The following address(es)
> failed:
> christian@???:
> remote MX does not support STARTTLS
>
> Thing is that my mail server does support STARTTLS and also advertises this
> which I verify in the Exim debug log and was also record with tshark:
>
> 20 212.227.15.19 → 94.16.119.13 SMTP 85 C: EHLO mout.gmx.net
> 21 94.16.119.13 → 212.227.15.19 SMTP 224 S: 250-mail.eyrich-net.org:
> Hello mout.gmx.net [212.227.15.19] | 250-SIZE 52428800 | 250-8BITMIME |
> 250-PIPELINING | 250-CHUNKING | 250-STARTTLS | 250-PRDR | 250 HELP
> 22 212.227.15.19 → 94.16.119.13 TCP 66 41705 → 25 [FIN, ACK] Seq=20
> Ack=228 Win=64128 Len=0 TSval=3976249530 TSecr=307582370
> 23 94.16.119.13 → 212.227.15.19 SMTP 114 S: 421 mail.eyrich-net.org:
> lost input connection
https://www.hardenize.com/report/eyrich-net.org/1600863580 suggests your
IPv4 and IPv6 servers are fine. You don't run MTA-STS, but I find it
difficult to believe that GMX can require that.
On the other hand, from my home desktop
# telnet 94.16.119.13 25
Trying 94.16.119.13...
telnet: Unable to connect to remote host: Connection refused
so you or some intermediate firewall seems to be selectively filtering ...
(It isn't my ISP since I can do this to outher mailservers, but this
is a residential IP, so filtering it would not be unreasonable.
You don't have 212.227.15.19 in some sort of block list do you ?)
I note
http://www.postfix.org/BDAT_README.html#downsides
Which version of Exim are you using ?
--
Andrew C. Aitchison Kendal, UK
andrew@???
