View previous topic :: View next topic |
Author |
Message |
qubix Tux's lil' helper
Joined: 22 Sep 2003 Posts: 146 Location: Warsaw/Poland
|
Posted: Wed Sep 21, 2016 2:15 pm Post subject: Postfix and TLS timeing out when connecting |
|
|
Hi!
I'm running a postfix server on Gentoo since, well check this out :]
Code: |
# head -n 2 /var/log/emerge.log
1074935127: Started emerge on: Jan 24, 2004 09:05:27
1074935127: *** emerge sync
|
I've got a mail server here, that serves a small company (less than 100 users). We have never had any problems with getting and sending mail, but it turned out that mail servers of a company that we do business with drops connections when trying to send emails to us. We can send and receive from google, all the rest of the world. We can even send emails to them, but please check this out:
Code: |
Sep 21 15:03:38 batou-xen postfix/smtpd[8994]: connect from nXXXb.com[XXX]
Sep 21 15:08:39 batou-xen postfix/smtpd[8994]: SSL_accept error from nXXXb.com[XXX]: Connection timed out
Sep 21 15:08:40 batou-xen postfix/smtpd[8994]: lost connection after STARTTLS from nXXXb.com[XXX]
Sep 21 15:08:40 batou-xen postfix/smtpd[8994]: disconnect from nXXXb.com[XXX] ehlo=1 starttls=0/1 commands=1/2
|
it drops the connection after 5 minutes. The timeouts I have look like this:
Code: |
# grep time /etc/postfix/main.cf
smtpd_tls_session_cache_timeout = 3600s
maximal_queue_lifetime=2d
smtp_starttls_timeout = 600s
smtpd_starttls_timeout = 600s
smtp_tls_session_cache_timeout = 3600s
|
What should I look at? What to search for? Where should I even start? _________________ qubix |
|
Back to top |
|
|
Ant P. Watchman
Joined: 18 Apr 2009 Posts: 6920
|
Posted: Wed Sep 21, 2016 5:20 pm Post subject: |
|
|
Do you have any non-default SSL stuff in your config? Most SMTP servers on the internet are really stupid and won't talk to e.g. a TLS1.2 server, or one that requires SSL at all... |
|
Back to top |
|
|
qubix Tux's lil' helper
Joined: 22 Sep 2003 Posts: 146 Location: Warsaw/Poland
|
Posted: Thu Sep 22, 2016 9:31 am Post subject: |
|
|
Funny thing, the server started pushing mails to me with TLS 1.2 without any issues about 14 hours ago. Either it didn't like the greylists I have or they might have changed something.
Thanks for keeping me up in the moment of doubt _________________ qubix |
|
Back to top |
|
|
|