On 16/02/2022 07:17, Christian Balzer via Exim-users wrote:
> Now the reason this happens is that the local iptables
> (Established, Related is set) is starting to reject packets coming back
> from google to here after about 2 seconds. (dump attached)
That's... cute. I take it the sample packet content of
the ICMPs shows nothing objectionable?
You could turn on iptables (or whatever *tables it is these days)
logging, that might give a hint on why the reject.
I can't see right away why this would affect *only* TCP/25
unless you have some odd rules in there.
As to why retry always goes to ipv4, hmm.
Does anything end up for the ipv6 addr in question in a hints DB?
You could always just punt on trying to talk ipv6 to G :-
hostlist google_ipv6 = <; 2001:4860::/32 ; 2401:fa00::/32 ; 2404:6800::/32 ; 2600:1900::/28 \
; 2605:ef80::/32 ; 2607:f8b0::/32 ; 2620:0:1000::/40 ; 2620:120:e000::/40 ; 2620:15c::/36 \
; 2800:3f0::/32 ; 2a00:1450::/32 ; 2a00:79e0::/32 ; 2a03:ace0::/32 ; 2c0f:fb50::/32
# dnslookup router
ignore_target_hosts = +google_ipv6
--
Cheers,
Jeremy
