From: Wietse Venema (no email)
Date: Fri Dec 02 2005 - 10:10:31 EST
Well there is your problem. The TCP segment with <CR><LF>.<CR><LF>
is NEVER received by the KERNEL TCP/IP stack.
When Postfix replies with 421 timeout exceeded, the KERNEL TCP/IP
stack sends an ACK for TCP offset 696. That is the offset BEFORE
the <CR><LF>.<CR><LF>.
Note that the KERNEL TCP/IP stack does not ACK for TCP offset 701,
which would be AFTER the <CR><LF>.<CR><LF>.
The KERNEL TCP/IP stack never receives the <CR><LF>.<CR><LF>,
therefore the SMTP server never receives it, either.
Wietse
08:51:52.715646 192.168.40.33.3504 > 192.168.40.34.25: P 696:701(5) ack 191 win
64050 (DF)
IP_HDR=20 IP_OPT=0 TCP_HDR=20 TCP_OPT=0 DATA=5 FLAGS=PUSH ACK
IP_HDR 45 00 00 2d 92 fd 40 00 80 06
vhl tos len len id id off off ttl pro
IP_HDR 96 39 c0 a8 28 21 c0 a8 28 22
sum sum src src src src dst dst dst dst
TCP_HDR 0d b0 00 19 3e d3 89 1c 9f ca
src src dst dst seq seq seq seq ack ack
TCP_HDR 01 83 50 18 fa 32 27 e3 00 00
ack ack off flg win win sum sum urp urp
DATA 0d 0a 2e 0d 0a
^M ^J . ^M ^J .....
08:56:11.975483 192.168.40.34.25 > 192.168.40.33.3504: P 191:254(63) ack 696 win
6984 (DF)
IP_HDR=20 IP_OPT=0 TCP_HDR=20 TCP_OPT=0 DATA=63 FLAGS=PUSH ACK
IP_HDR 45 00 00 67 b4 41 40 00 40 06
vhl tos len len id id off off ttl pro
IP_HDR b4 bb c0 a8 28 22 c0 a8 28 21
sum sum src src src src dst dst dst dst
TCP_HDR 00 19 0d b0 9f ca 01 83 3e d3
src src dst dst seq seq seq seq ack ack
TCP_HDR 89 1c 50 18 1b 48 52 55 00 00
ack ack off flg win win sum sum urp urp
DATA 34 32 31 20 64 65 72 6c 6e 78
4 2 1 d e r l n x 421 derlnx
DATA 2d 61 6e 74 69 73 70 61 6d 2e
- a n t i s p a m . -antispam.
DATA 64 65 72 75 74 61 2e 61 61 61
d e r u t a . a a a deruta.aaa
DATA 2d 67 61 6e 2e 69 74 20 45 72
- g a n . i t E r -gan.it Er
DATA 72 6f 72 3a 20 74 69 6d 65 6f
r o r : t i m e o ror: timeo
DATA 75 74 20 65 78 63 65 65 64 65
u t e x c e e d e ut exceede
DATA 64 0d 0a
d ^M ^J d..
|
|
|