• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Issue with lost connection with postfix while receiving the initial server greeting

Scheduled Pinned Locked Moved Firewalling
9 Posts 5 Posters 2.8k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • K
    killmasta93
    last edited by killmasta93 May 26, 2018, 4:42 AM May 26, 2018, 4:25 AM

    Hi,
    I was wondering if someone can assit me with this issue. Currently have pfSense 2.3.2 running good, i also have an email server running postfix. Whats odd some emails go though with no issue and sometimes im getting that lost connection. I thought it was a postfix issue so i need a clean install same issue. Now i have to believe its a network issue. then i check the states i see that postfix does go out with port 25 and i see a fin/wait 1_1527308727636_Clipboarder.2018.05.25-004.png 0_1527308727636_Clipboarder.2018.05.25-003.png

    Also whats odd if i telnet 192.185.174.77 25 i get this

    root@mail:~# telnet 192.185.174.77 25
    Trying 192.185.174.77...
    Connected to 192.185.174.77.
    Escape character is '^
    

    when on another email server did the same thing and i get this

    root@mail:~# telnet 192.185.174.77 25
    Trying 192.185.174.77...
    Connected to 192.185.174.77.
    Escape character is '^]'.
    hel220-shinari.websitewelcome.com ESMTP Exim 4.89_1 #1 Fri, 25 May 2018 23:39:18 -0500
    220-We do not authorize the use of this system to transport unsolicited,
    220 and/or bulk e-mail.
    

    So either that email provider is blocking? or greylisting me?

    Thank you

    Tutorials:

    https://www.mediafire.com/folder/v329emaz1e9ih/Tutorials

    1 Reply Last reply Reply Quote 0
    • G
      Gertjan
      last edited by May 26, 2018, 7:35 AM

      Hi,

      Your postfix (behind) pfSense reaching a mail server here '192.185.174.77" (an Exim mail server ! Didn'know some still exist these days) : correct ?

      Don't worry, I saw the same thing from my server, so I guess, yes, this server - or whatever is in front of it, is pulling out the line fast.

      The message :

      220-We do not authorize the use of this system to transport unsolicited,
      220 and/or bulk e-mail.
      

      is just a generic warning message.

      Keep in mind : most ISP do not allow any connections to "port 25" anymore these days, except there own mail servers.

      No "help me" PM's please. Use the forum, the community will thank you.
      Edit : and where are the logs ??

      B 1 Reply Last reply May 26, 2018, 11:00 AM Reply Quote 0
      • B
        biggsy @Gertjan
        last edited by May 26, 2018, 11:00 AM

        @gertjan said in Issue with lost connection with postfix while receiving the initial server greeting:

        Hi,

        Your postfix (behind) pfSense reaching a mail server here '192.185.174.77" (an Exim mail server ! Didn'know some still exist these days) : correct ?

        Don't worry, I saw the same thing from my server, so I guess, yes, this server - or whatever is in front of it, is pulling out the line fast.

        The message :

        220-We do not authorize the use of this system to transport unsolicited,
        220 and/or bulk e-mail.
        

        is just a generic warning message.

        Keep in mind : most ISP do not allow any connections to "port 25" anymore these days, except there own mail servers.

        You don't say whether the second mail server is also postfix or if it's using the same IP address as the first.

        You would see that same connection drop from my mail server if your IP is listed in zen.spamhaus.org. In my case, while postfix makes you wait it does a lookup on zen and if the result is positive all further traffic from you is blocked by pfSense.

        It seems Exim is still the most common mail server:
        http://www.securityspace.com/s_survey/data/man.201804/mxsurvey.html

        1 Reply Last reply Reply Quote 0
        • K
          killmasta93
          last edited by May 26, 2018, 9:12 PM

          Thanks for the reply, but after hours and hours or going nuts. Then i telnet the server with another IP and i was getting the 220 so i realized that provider was greylisting me for some odd reason i sent them an email hopefully to unlist me. I figured out that i was not getting the 220 so i knew something was wrong

          Thank you again ill post back an update

          Tutorials:

          https://www.mediafire.com/folder/v329emaz1e9ih/Tutorials

          J 1 Reply Last reply May 27, 2018, 2:22 PM Reply Quote 0
          • J
            johnpoz LAYER 8 Global Moderator @killmasta93
            last edited by May 27, 2018, 2:22 PM

            @killmasta93

            Did you send a helo or some other command.. Your not going to get a 220 until you send something..

            here sent a helo
            0_1527430923498_sendhelo.png

            here just hit enter - notice got the 500

            0_1527430948634_hitreturn.png

            An intelligent man is sometimes forced to be drunk to spend time with his fools
            If you get confused: Listen to the Music Play
            Please don't Chat/PM me for help, unless mod related
            SG-4860 24.11 | Lab VMs 2.8, 24.11

            B 1 Reply Last reply May 27, 2018, 10:30 PM Reply Quote 0
            • K
              killmasta93
              last edited by killmasta93 May 27, 2018, 2:30 PM May 27, 2018, 2:29 PM

              Thanks for the reply, i type helo on the server with postfix i get this

              root@mail:~# telnet 192.185.174.77 25
              Trying 192.185.174.77...
              Connected to 192.185.174.77.
              Escape character is '^]'.
              helo
              452 syntax error (connecting)
              

              but if i try it on another email server with another WAN ip

              root@mail:~# telnet 192.185.174.77 25
              Trying 192.185.174.77...
              Connected to 192.185.174.77.
              Escape character is '^]'.
              helo
              220-shinari.websitewelcome.com ESMTP Exim 4.89_1 #1 Sun, 27 May 2018 09:28:01 -0500
              220-We do not authorize the use of this system to transport unsolicited,
              220 and/or bulk e-mail.
              250 shinari.websitewelcome.com Hello mail.myotherdomain.com [200.116.xx.xx]
              

              This made me think that that provider has greylisted me or blacklisted me the IP 181.129.x.xxx

              Thank you

              P.S if you just telnet and wait 1min you will get the 220

              Tutorials:

              https://www.mediafire.com/folder/v329emaz1e9ih/Tutorials

              1 Reply Last reply Reply Quote 0
              • B
                biggsy @johnpoz
                last edited by May 27, 2018, 10:30 PM

                @johnpoz said in Issue with lost connection with postfix while receiving the initial server greeting:

                @killmasta93

                Did you send a helo or some other command.. Your not going to get a 220 until you send something..

                The SMTP server speaks first after the connection is established. The client should wait for the real 220 before sending HELO. The 220- (with the hyphen) is a "teaser" to trap zombies that speak out of turn.

                P.S if you just telnet and wait 1min you will get the 220

                A one minute wait is a very long time. Usually it's more like a few seconds after the teaser that the real 220 is sent.

                1 Reply Last reply Reply Quote 0
                • K
                  killmasta93
                  last edited by May 27, 2018, 11:05 PM

                  @biggsy true maybe i over exaggerated the 1min but yes still haven't got a response from the email provider hopefully they un greylist me

                  Tutorials:

                  https://www.mediafire.com/folder/v329emaz1e9ih/Tutorials

                  1 Reply Last reply Reply Quote 0
                  • D
                    Derelict LAYER 8 Netgate
                    last edited by May 28, 2018, 12:17 AM

                    It takes 5 secs for the 220 from here. But it is a noticeable delay.

                    Chattanooga, Tennessee, USA
                    A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                    DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                    Do Not Chat For Help! NO_WAN_EGRESS(TM)

                    1 Reply Last reply Reply Quote 0
                    9 out of 9
                    • First post
                      9/9
                      Last post
                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                      This community forum collects and processes your personal information.
                      consent.not_received