[exim] 2 hours delay (gnutls_handshake): timed out: deliveri…

Etusivu
Poista viesti
Vastaa
Lähettäjä: tt-admin
Päiväys:  
Vastaanottaja: exim-users
Aihe: [exim] 2 hours delay (gnutls_handshake): timed out: delivering unencrypted to
Hi all,

got a sending e-mail relay here, Ubuntu 18.04 LTS. About 22k e-mails sending
volume per day. There are two receiving e-mail servers
that are experiencing delays (~2 hours) when receiving e-mails from us. This
does not happen for every e-mail we're sending tot them, but for some.

Log if delay occurs:

2022-03-21 08:00:57.876 [7442] 1nWC1t-0001kn-G2 Spool file is locked
(another process is handling this message)
2022-03-21 08:05:58.110 [10388] 1nWC1t-0001kn-G2 Spool file is locked
(another process is handling this message)
2022-03-21 08:10:59.560 [11462] 1nWC1t-0001kn-G2 Spool file is locked
(another process is handling this message)
2022-03-21 08:20:18.369 [13434] 1nWC1t-0001kn-G2 Spool file is locked
(another process is handling this message)
2022-03-21 08:20:57.808 [13476] 1nWC1t-0001kn-G2 Spool file is locked
(another process is handling this message)
2022-03-21 08:30:21.004 [14859] 1nWC1t-0001kn-G2 Spool file is locked
(another process is handling this message)
2022-03-21 08:30:57.813 [14899] 1nWC1t-0001kn-G2 Spool file is locked
(another process is handling this message)
2022-03-21 08:40:18.196 [16573] 1nWC1t-0001kn-G2 Spool file is locked
(another process is handling this message)
2022-03-21 08:40:57.817 [16679] 1nWC1t-0001kn-G2 Spool file is locked
(another process is handling this message)
2022-03-21 08:50:18.556 [20921] 1nWC1t-0001kn-G2 Spool file is locked
(another process is handling this message)
2022-03-21 08:50:58.437 [20990] 1nWC1t-0001kn-G2 Spool file is locked
(another process is handling this message)
2022-03-21 09:00:19.873 [27095] 1nWC1t-0001kn-G2 Spool file is locked
(another process is handling this message)
2022-03-21 09:00:58.842 [27188] 1nWC1t-0001kn-G2 Spool file is locked
(another process is handling this message)
2022-03-21 09:10:18.848 [32597] 1nWC1t-0001kn-G2 Spool file is locked
(another process is handling this message)
2022-03-21 09:10:57.828 [316] 1nWC1t-0001kn-G2 Spool file is locked (another
process is handling this message)
2022-03-21 09:20:58.127 [4368] 1nWC1t-0001kn-G2 Spool file is locked
(another process is handling this message)
2022-03-21 09:22:29.533 [5172] 1nWC1t-0001kn-G2 Spool file is locked
(another process is handling this message)
2022-03-21 09:30:18.840 [6937] 1nWC1t-0001kn-G2 Spool file is locked
(another process is handling this message)
2022-03-21 09:30:58.353 [6984] 1nWC1t-0001kn-G2 Spool file is locked
(another process is handling this message)
2022-03-21 09:40:18.589 [10653] 1nWC1t-0001kn-G2 Spool file is locked
(another process is handling this message)
2022-03-21 09:43:08.577 [12567] 1nWC1t-0001kn-G2 Spool file is locked
(another process is handling this message)
2022-03-21 09:50:19.260 [16095] 1nWC1t-0001kn-G2 Spool file is locked
(another process is handling this message)
2022-03-21 09:53:08.644 [16636] 1nWC1t-0001kn-G2 Spool file is locked
(another process is handling this message)
2022-03-21 09:58:07.653 [17655] 1nWC1t-0001kn-G2 Spool file is locked
(another process is handling this message)
2022-03-21 10:00:57.843 [17993] 1nWC1t-0001kn-G2 Spool file is locked
(another process is handling this message)
2022-03-21 10:08:09.749 [20352] 1nWC1t-0001kn-G2 Spool file is locked
(another process is handling this message)
2022-03-21 10:10:57.832 [20889] 1nWC1t-0001kn-G2 Spool file is locked
(another process is handling this message)
2022-03-21 10:13:04.657 [6774] 1nWC1t-0001kn-G2 TLS session:
(gnutls_handshake): timed out: delivering unencrypted to H=..(not in
hosts_require_tls)

The offending hosts are not controlled by us, but i am in contact with the
admin (Symantec Messaging Gateway in use). They are only having this kind of
trouble when they receive from us, an we are only having trouble when
sending to them. They already tried different versions of their Symantec
Gateway.

exim -bP smtp_receive_timeout is not set, so should be 5 minutes.

There was one occurence to another domain, but there it only took 5 minutes
for the timeout to fire:

2022-01-12 18:09:23.266 [22623] 1n7h7j-0005st-8A <= P=esmtps
X=TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256 CV=no S=13624
2022-01-12 18:10:50.064 [22805] 1n7h7j-0005st-8A Spool file is locked
(another process is handling this message)
2022-01-12 18:14:23.442 [22647] 1n7h7j-0005st-8A TLS session:
(gnutls_handshake): timed out: delivering unencrypted to H= (not in
hosts_require_tls)


Exim version 4.90_1 #4 built 30-Apr-2021 14:15:04
Copyright (c) University of Cambridge, 1995 - 2017
(c) The Exim Maintainers and contributors in ACKNOWLEDGMENTS file, 2007 -
2017
Berkeley DB: Berkeley DB 5.3.28: (September  9, 2013)
Support for: crypteq iconv() IPv6 GnuTLS move_frozen_messages DKIM DNSSEC
Event OCSP PRDR SOCKS TCP_Fast_Open
Lookups (built-in): lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmjz
dbmnz dnsdb dsearch nis nis0 passwd
Authenticators: cram_md5 plaintext
Routers: accept dnslookup ipliteral manualroute queryprogram redirect
Transports: appendfile/maildir/mailstore autoreply lmtp pipe smtp
Fixed never_users: 0
Configure owner: 0:0
Size of off_t: 8
Compiler: GCC [7.5.0]
Library version: Glibc: Compile: 2.27
                        Runtime: 2.27
Library version: GnuTLS: Compile: 3.5.18
                         Runtime: 3.5.18
Library version: PCRE: Compile: 8.39
                       Runtime: 8.39 2016-06-14
WHITELIST_D_MACROS: "OUTGOING"
TRUSTED_CONFIG_LIST: "/etc/exim4/trusted_configs"
Exim version 4.90_1 uid=0 gid=0 pid=18641 D=8000000
tls_validate_require_cipher child 18642 ended: status=0x0
configuration file is /etc/exim4/exim4.conf
log selectors = ffffffff ffffffff
LOG: MAIN
  cwd=/root 3 args: exim -d-all+tls -bV
trusted user
admin user
Configuration file is /etc/exim4/exim4.conf



Would be nice to know where to look for a solution.

Cheers,

Marc