Issue with lost connection with postfix while receiving the initial server greeting



  • Hi,
    I was wondering if someone can assit me with this issue. Currently have pfSense 2.3.2 running good, i also have an email server running postfix. Whats odd some emails go though with no issue and sometimes im getting that lost connection. I thought it was a postfix issue so i need a clean install same issue. Now i have to believe its a network issue. then i check the states i see that postfix does go out with port 25 and i see a fin/wait 1_1527308727636_Clipboarder.2018.05.25-004.png 0_1527308727636_Clipboarder.2018.05.25-003.png

    Also whats odd if i telnet 192.185.174.77 25 i get this

    root@mail:~# telnet 192.185.174.77 25
    Trying 192.185.174.77...
    Connected to 192.185.174.77.
    Escape character is '^
    

    when on another email server did the same thing and i get this

    root@mail:~# telnet 192.185.174.77 25
    Trying 192.185.174.77...
    Connected to 192.185.174.77.
    Escape character is '^]'.
    hel220-shinari.websitewelcome.com ESMTP Exim 4.89_1 #1 Fri, 25 May 2018 23:39:18 -0500
    220-We do not authorize the use of this system to transport unsolicited,
    220 and/or bulk e-mail.
    

    So either that email provider is blocking? or greylisting me?

    Thank you



  • Hi,

    Your postfix (behind) pfSense reaching a mail server here '192.185.174.77" (an Exim mail server ! Didn’know some still exist these days) : correct ?

    Don’t worry, I saw the same thing from my server, so I guess, yes, this server - or whatever is in front of it, is pulling out the line fast.

    The message :

    220-We do not authorize the use of this system to transport unsolicited,
    220 and/or bulk e-mail.
    

    is just a generic warning message.

    Keep in mind : most ISP do not allow any connections to “port 25” anymore these days, except there own mail servers.



  • @gertjan said in Issue with lost connection with postfix while receiving the initial server greeting:

    Hi,

    Your postfix (behind) pfSense reaching a mail server here '192.185.174.77" (an Exim mail server ! Didn’know some still exist these days) : correct ?

    Don’t worry, I saw the same thing from my server, so I guess, yes, this server - or whatever is in front of it, is pulling out the line fast.

    The message :

    220-We do not authorize the use of this system to transport unsolicited,
    220 and/or bulk e-mail.
    

    is just a generic warning message.

    Keep in mind : most ISP do not allow any connections to “port 25” anymore these days, except there own mail servers.

    You don’t say whether the second mail server is also postfix or if it’s using the same IP address as the first.

    You would see that same connection drop from my mail server if your IP is listed in zen.spamhaus.org. In my case, while postfix makes you wait it does a lookup on zen and if the result is positive all further traffic from you is blocked by pfSense.

    It seems Exim is still the most common mail server:
    http://www.securityspace.com/s_survey/data/man.201804/mxsurvey.html



  • Thanks for the reply, but after hours and hours or going nuts. Then i telnet the server with another IP and i was getting the 220 so i realized that provider was greylisting me for some odd reason i sent them an email hopefully to unlist me. I figured out that i was not getting the 220 so i knew something was wrong

    Thank you again ill post back an update


  • Rebel Alliance

    @killmasta93

    Did you send a helo or some other command… Your not going to get a 220 until you send something…

    here sent a helo
    0_1527430923498_sendhelo.png

    here just hit enter - notice got the 500

    0_1527430948634_hitreturn.png



  • Thanks for the reply, i type helo on the server with postfix i get this

    root@mail:~# telnet 192.185.174.77 25
    Trying 192.185.174.77...
    Connected to 192.185.174.77.
    Escape character is '^]'.
    helo
    452 syntax error (connecting)
    

    but if i try it on another email server with another WAN ip

    root@mail:~# telnet 192.185.174.77 25
    Trying 192.185.174.77...
    Connected to 192.185.174.77.
    Escape character is '^]'.
    helo
    220-shinari.websitewelcome.com ESMTP Exim 4.89_1 #1 Sun, 27 May 2018 09:28:01 -0500
    220-We do not authorize the use of this system to transport unsolicited,
    220 and/or bulk e-mail.
    250 shinari.websitewelcome.com Hello mail.myotherdomain.com [200.116.xx.xx]
    

    This made me think that that provider has greylisted me or blacklisted me the IP 181.129.x.xxx

    Thank you

    P.S if you just telnet and wait 1min you will get the 220



  • @johnpoz said in Issue with lost connection with postfix while receiving the initial server greeting:

    @killmasta93

    Did you send a helo or some other command… Your not going to get a 220 until you send something…

    The SMTP server speaks first after the connection is established. The client should wait for the real 220 before sending HELO. The 220- (with the hyphen) is a “teaser” to trap zombies that speak out of turn.

    P.S if you just telnet and wait 1min you will get the 220

    A one minute wait is a very long time. Usually it’s more like a few seconds after the teaser that the real 220 is sent.



  • @biggsy true maybe i over exaggerated the 1min but yes still haven’t got a response from the email provider hopefully they un greylist me


  • Netgate

    It takes 5 secs for the 220 from here. But it is a noticeable delay.


 

© Copyright 2002 - 2018 Rubicon Communications, LLC | Privacy Policy