Issue with lost connection with postfix while receiving the initial server greeting
-
Hi,
I was wondering if someone can assit me with this issue. Currently have pfSense 2.3.2 running good, i also have an email server running postfix. Whats odd some emails go though with no issue and sometimes im getting that lost connection. I thought it was a postfix issue so i need a clean install same issue. Now i have to believe its a network issue. then i check the states i see that postfix does go out with port 25 and i see a fin/wait
Also whats odd if i telnet 192.185.174.77 25 i get this
root@mail:~# telnet 192.185.174.77 25 Trying 192.185.174.77... Connected to 192.185.174.77. Escape character is '^when on another email server did the same thing and i get this
root@mail:~# telnet 192.185.174.77 25 Trying 192.185.174.77... Connected to 192.185.174.77. Escape character is '^]'. hel220-shinari.websitewelcome.com ESMTP Exim 4.89_1 #1 Fri, 25 May 2018 23:39:18 -0500 220-We do not authorize the use of this system to transport unsolicited, 220 and/or bulk e-mail.So either that email provider is blocking? or greylisting me?
Thank you
-
Hi,
Your postfix (behind) pfSense reaching a mail server here '192.185.174.77" (an Exim mail server ! Didn'know some still exist these days) : correct ?
Don't worry, I saw the same thing from my server, so I guess, yes, this server - or whatever is in front of it, is pulling out the line fast.
The message :
220-We do not authorize the use of this system to transport unsolicited, 220 and/or bulk e-mail.is just a generic warning message.
Keep in mind : most ISP do not allow any connections to "port 25" anymore these days, except there own mail servers.
-
@gertjan said in Issue with lost connection with postfix while receiving the initial server greeting:
Hi,
Your postfix (behind) pfSense reaching a mail server here '192.185.174.77" (an Exim mail server ! Didn'know some still exist these days) : correct ?
Don't worry, I saw the same thing from my server, so I guess, yes, this server - or whatever is in front of it, is pulling out the line fast.
The message :
220-We do not authorize the use of this system to transport unsolicited, 220 and/or bulk e-mail.is just a generic warning message.
Keep in mind : most ISP do not allow any connections to "port 25" anymore these days, except there own mail servers.
You don't say whether the second mail server is also postfix or if it's using the same IP address as the first.
You would see that same connection drop from my mail server if your IP is listed in zen.spamhaus.org. In my case, while postfix makes you wait it does a lookup on zen and if the result is positive all further traffic from you is blocked by pfSense.
It seems Exim is still the most common mail server:
http://www.securityspace.com/s_survey/data/man.201804/mxsurvey.html -
Thanks for the reply, but after hours and hours or going nuts. Then i telnet the server with another IP and i was getting the 220 so i realized that provider was greylisting me for some odd reason i sent them an email hopefully to unlist me. I figured out that i was not getting the 220 so i knew something was wrong
Thank you again ill post back an update
-
Did you send a helo or some other command.. Your not going to get a 220 until you send something..
here sent a helo
here just hit enter - notice got the 500
-
Thanks for the reply, i type helo on the server with postfix i get this
root@mail:~# telnet 192.185.174.77 25 Trying 192.185.174.77... Connected to 192.185.174.77. Escape character is '^]'. helo 452 syntax error (connecting)but if i try it on another email server with another WAN ip
root@mail:~# telnet 192.185.174.77 25 Trying 192.185.174.77... Connected to 192.185.174.77. Escape character is '^]'. helo 220-shinari.websitewelcome.com ESMTP Exim 4.89_1 #1 Sun, 27 May 2018 09:28:01 -0500 220-We do not authorize the use of this system to transport unsolicited, 220 and/or bulk e-mail. 250 shinari.websitewelcome.com Hello mail.myotherdomain.com [200.116.xx.xx]This made me think that that provider has greylisted me or blacklisted me the IP 181.129.x.xxx
Thank you
P.S if you just telnet and wait 1min you will get the 220
-
@johnpoz said in Issue with lost connection with postfix while receiving the initial server greeting:
Did you send a helo or some other command.. Your not going to get a 220 until you send something..
The SMTP server speaks first after the connection is established. The client should wait for the real 220 before sending HELO. The 220- (with the hyphen) is a "teaser" to trap zombies that speak out of turn.
P.S if you just telnet and wait 1min you will get the 220
A one minute wait is a very long time. Usually it's more like a few seconds after the teaser that the real 220 is sent.
-
@biggsy true maybe i over exaggerated the 1min but yes still haven't got a response from the email provider hopefully they un greylist me
-
It takes 5 secs for the 220 from here. But it is a noticeable delay.
