• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

SMTP Deferred Problem

L

lherbert

Guest
I seem to be having a problem with receiving SMTP mail from some mail servers.

The majority of servers seems fine but some cannot send mail to us via SMTP. We've investigated one case where someone cannot get an email through to us.

We can see the mail server connect because we see the IP address listed in the var/secure log. Then nothing seems to happen. It then reconnects every minute for a while until it gives up.

Is there any way of increasing the logging to see what's happening? There's nothing in the psa maillog.

Unfortunately we cannot get much information from their end. The AOL SMTP server bounces the mail stating that it was deferred and it gave up aftter 2 hours. No other error information.

I heard of another company that had problems getting mail to one of the domains on our server. They knew we were using qmail and apparently made some changes to their server configs to get mail through.

Any ideas? The server's not overloaded in any way. It happens when there's hardly anything going through.

Very odd that it seems to be some servers and not others.
 
Do you have any sort of MAPS/RBL servers specified? (spamcop, sorbs, spamhaus, etc)?? Or any 3rd party addons (non plesk base)?

Another thought, have you setup an SPF record or made sure your rDNS is properly set to your domain?
 
Thanks for your reply.

There are no rbl's or third party addons setup... It's a plain Plesk 7.5.2, FC2 box. All incoming mail is routed through it... It's then spam and virus checked.

Not all of the domains have spf records but that shouldn't be a problem because it's the incoming mail that's causing issues.

It's very odd that it's only some servers... I know we get mail coming in from AOL smtp servers - plenty of viruses! This makes it even stranger in this case that one customer in particular just cannot get any mail through to us. They have to send it to a hotmail account at the moment and it goes straight through there.

I've done some research but I can't see a way of enabling any low level SMTP logging of communications / attempted communications. The only thing I can think of is to capture the traffic but that would be a lot of data!
 
Not all of the domains have spf records but that shouldn't be a problem because it's the incoming mail that's causing issues.
Click to expand...
Sorry, my bad...

I have not played with this, but you may want to check the conf file at:

/etc/log.d/conf/services/qmail.conf
 
Thanks for the tip! I'll turn that on and see if it gives me any more info.
 
I'm getting there... I should have tried using telnet to the port in the first place...

It appears that the problem could well be a delay in the SMTP conversation.

I used ethereal to examine the traffic when the customer sent their email. There's a delay of over 20 seconds and then it looks like their mail server issues a quit just after my server issues a 220.

I've checked the smtp_psa. It's fine, I have the -Rt0.

I have two servers that are configured to be more or less identical. The strange thing is that if I telnet to the other one on 25, it's instant. Telnet to the problem one and I have this 20 - 30 second delay!

Just to clarify:

service smtp
{
socket_type = stream
protocol = tcp
wait = no
disable = no
user = root
instances = UNLIMITED
server = /var/qmail/bin/tcp-env
server_args = -Rt0 /var/qmail/bin/relaylock /var/qmail/bin/qmail-smtpd /var/qmail/bin/smtp_auth /var/qmail/bin/true /var
/qmail/bin/cmd5checkpw /var/qmail/bin/true
}

I've even rebooted to make absolutely sure the setting is there! I've also checked smtps_psa

It seems to me like it's still trying to perform the reverse dns / pointer lookup. Any ideas?

It's a FC2 box with Plesk 7.5.2.

Not updated yet to 7.5.4... Need to have a feeling strong and brave day ready to tackle the expected breakages!
 
Fixed the delay... Will check with the customer to see if they can send mail in now.

In case anyone else has this kind of problem...


I adjusted /etc/xinetd.conf to get more debug information. I think some of the additional parameters like USERID was causing the delay.

I've now stripped it back to:

defaults
{
instances = 60
log_type = SYSLOG authpriv
log_on_success = HOST PID DURATION
log_on_failure = HOST
cps = 25 30
}

includedir /etc/xinetd.d

Delay no more...

Will have to wait until Monday to see if the incoming mail (deferred) problem has now been solved.

Thanks jamesyeeoc for your help.
 
I am wondering, did you put the USERID into the file, or maybe that's default for FC2. I know that with RH9 it is not in the xinetd.conf by default.
 
Yes, I added it when I was trying to get as much debug info as possible. Before hand, I'd forgotten to make the -Rt0 change on that particular server so I replaced one delay with the other!

Seems to be nice and fast now. Hopefully the other problem with some servers failing to connect properly will now be fixed too.

Cheers.
 
You must log in or register to reply here.

Similar threads

Jan Bludau
Resolved Patch: Postfix - 37C3 - SMTP Smuggling – Spoofing E-Mails Worldwide
Replies
5
Views
1K
Peter Debik
P
P
Question PHPMailer, DKIM, and Plesk
Replies
2
Views
522
Kaspar
K
C
Issue DKIM and SPF do not align with RFC5322. Then DMARC result is fail.
Replies
2
Views
785
cmartinez127
C
Y
Resolved Mail doesn't work - Help needed
Replies
6
Views
2K
ybico
Y
B
Question Queue emails after outgoing limit has been reached
Replies
4
Views
597
BradGML
B
Back
Top