Next message: Crayon: "Re: header_checks or maildrop?"
Hi
my newly setup postfix system is working well with one exception. Whenever
google's servers tries to send me mail I get these errors (I used
debug_peer_list for this particular server):
=================================================
Jan 1 13:25:17 [postfix/smtpd] connect from
ug-out-f141.google.com[66.249.92.141]
Jan 1 13:25:17 [postfix/smtpd] match_hostname: ug-out-f141.google.com ~?
1.2.3.4/32
Jan 1 13:25:17 [postfix/smtpd] match_hostaddr: 66.249.92.141 ~?
1.2.3.4/32
Jan 1 13:25:17 [postfix/smtpd] match_list_match: ug-out-f141.google.com:
no match
Jan 1 13:25:17 [postfix/smtpd] match_list_match: 66.249.92.141: no match
Jan 1 13:25:17 [postfix/smtpd] send attr request = connect
Jan 1 13:25:17 [postfix/smtpd] send attr ident = smtp:66.249.92.141
Jan 1 13:25:17 [postfix/smtpd] private/anvil: wanted attribute: status
Jan 1 13:25:17 [postfix/smtpd] input attribute name: status
Jan 1 13:25:17 [postfix/smtpd] input attribute value: 0
Jan 1 13:25:17 [postfix/smtpd] private/anvil: wanted attribute: count
Jan 1 13:25:17 [postfix/smtpd] input attribute name: count
Jan 1 13:25:17 [postfix/smtpd] input attribute value: 1
Jan 1 13:25:17 [postfix/smtpd] private/anvil: wanted attribute: rate
Jan 1 13:25:17 [postfix/smtpd] input attribute name: rate
Jan 1 13:25:17 [postfix/smtpd] input attribute value: 1
Jan 1 13:25:17 [postfix/smtpd] private/anvil: wanted attribute: (list
terminator)
Jan 1 13:25:17 [postfix/smtpd] input attribute name: (end)
Jan 1 13:25:17 [postfix/smtpd] > ug-out-f141.google.com[66.249.92.141]:
220 mx.example.com ESMTP Postfix
Jan 1 13:25:17 [postfix/smtpd] watchdog_pat: 0x80c5458
Jan 1 13:25:17 [postfix/smtpd] smtp_get: EOF
Jan 1 13:25:17 [postfix/smtpd] match_hostname: ug-out-f141.google.com ~?
1.2.3.4/32
Jan 1 13:25:17 [postfix/smtpd] match_hostaddr: 66.249.92.141 ~?
1.2.3.4/32
Jan 1 13:25:17 [postfix/smtpd] match_list_match: ug-out-f141.google.com:
no match
Jan 1 13:25:17 [postfix/smtpd] match_list_match: 66.249.92.141: no match
Jan 1 13:25:17 [postfix/smtpd] send attr request = disconnect
Jan 1 13:25:17 [postfix/smtpd] send attr ident = smtp:66.249.92.141
Jan 1 13:25:17 [postfix/smtpd] private/anvil: wanted attribute: status
Jan 1 13:25:17 [postfix/smtpd] input attribute name: status
Jan 1 13:25:17 [postfix/smtpd] input attribute value: 0
Jan 1 13:25:17 [postfix/smtpd] private/anvil: wanted attribute: (list
terminator)
Jan 1 13:25:17 [postfix/smtpd] input attribute name: (end)
Jan 1 13:25:17 [postfix/smtpd] lost connection after CONNECT from
ug-out-f141.google.com[66.249.92.141]
Jan 1 13:25:17 [postfix/smtpd] disconnect from
ug-out-f141.google.com[66.249.92.141]
Jan 1 13:25:17 [postfix/smtpd] connect from
ug-out-f141.google.com[66.249.92.141]
...
=================================================
These repeat until the "[postfix/smtpd] warning: Connection rate limit
exceeded:" kicks in.
These are the restrictions that I have in place:
=================================================
smtpd_client_restrictions =
warn_if_reject,
reject_unauth_pipelining,
permit
smtpd_helo_restrictions =
permit_mynetworks,
reject_non_fqdn_helo_hostname,
reject_invalid_helo_hostname,
permit
smtpd_sender_restrictions =
reject_non_fqdn_sender,
reject_unknown_sender_domain,
permit
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_non_fqdn_recipient,
reject_unknown_recipient_domain,
reject_unauth_destination,
reject_unlisted_recipient,
check_policy_service inet:127.0.0.1:2501,
permit
=================================================
1) These connects/disconnects have been coming from google for the nearly
the past 24 hours (I *am* expecting a mail from them)
2) All the other "lost connection after CONNECT" errors I get are mainly
from "unknown"s and dial-up/dsl/broadband and other cesspits of spam.
google is the notable exception
3) The server is not under any load and not hitting any limits.
Any ideas? I'm not too keen on simply whitelisting that particular server
(I've only had contact with that server so far).
--
Crayon
