Sponsor:

Server and Web Integrator
Link:
Kloxo-MR logo
6.5.0 or 7.0.0
Click for "How to install"
Donation/Sponsorship:
Kloxo-MR is open-source.
Donate and or Sponsorship always welcome.
Click to:
Click Here
Please login or register. 2018-06-20, 07:13:09

Author Topic: mail send accepted, but deffered "sorry, I wasn't able to establish an smtp..."  (Read 3819 times)

0 Members and 1 Guest are viewing this topic.

Offline barrysmoke

  • Junior Member
  • *
  • Posts: 26
  • Karma: +0/-0
    • View Profile
I'm a linux engineer, so I don't post unless I can't figure things out.
all mail sending is getting this in the /var/log/maillog :
Code: [Select]
Aug 24 03:03:02 srv1 send: delivery 9: deferral: Sorry,_I_wasn't_able_to_establish_an_SMTP_connection._(#4.4.1)/
Aug 24 03:03:02 srv1 send: status: local 0/10 remote 1/60
Aug 24 03:03:02 srv1 send: delivery 10: deferral: Sorry,_I_wasn't_able_to_establish_an_SMTP_connection._(#4.4.1)/
Aug 24 03:03:02 srv1 send: status: local 0/10 remote 0/60

I couldn't figure out why an smtp connection can't be established, tried to telnet manually to the servers I'm trying to send to, and it works fine, so no firewall issue between the server, and the recipient smtp servers.

then, I figured out, its not even trying.  I ran a packet capture on the firewall between this server, and the internet.  full packet capture. 
here is a summary of what I saw, I can attach the capture if you want to see it.
1)my mail client connects to server, sends email over smtp-ssl
2)qmail receives the mail, and does some name server querying of the ip address the sender is using, but does no querying on the recipients domain/mail server, I saw no query for an mx record, or anything.

with that information I suspected spamdyke, so I used kloxo-mr to whitelist my sending ip, so spamdyke would ignore it.

result is, I see a lot fewer queries for my mail client, 1 actually that I can find in this large dump file
(which on my home network, resolves to x.x.x.x.in-addr.arpa PTR x-x-x-x.fidanet.com)

I see the dns queries for my personal gmail account mx record, and my account on another private server I have access to its smtp log files.
no smtp connection was even attempted to either server.  I think something is broken in implementation, or combination of communication between spamdyke, and qmail smtp, it defers rather than actually attempting to try an smtp connection to send the mail.

I can provide remote access if you would like to login and check it out.
« Last Edit: 2017-08-24, 09:54:49 by barrysmoke »

Offline barrysmoke

  • Junior Member
  • *
  • Posts: 26
  • Karma: +0/-0
    • View Profile
oh, and if I try to disable spamdyke, sending breaks completely.
the mail sits in my client's outbox, tries to send, and qmail logs this:
Code: [Select]
Aug 24 04:14:12 srv1 smtp-ssl: 13560 < ?????????????????????????????????????????#???????????+
Aug 24 04:14:12 srv1 smtp-ssl: 13560 > 220 srv1.phatlabz.com - Welcome to Qmail ESMTP?
Aug 24 04:14:12 srv1 smtp-ssl: 13560 > 502 unimplemented (#5.5.1)?
Aug 24 04:14:12 srv1 smtp-ssl: 13560 > 502 unimplemented (#5.5.1)?
Aug 24 04:14:12 srv1 smtp-ssl: 13560 > 502 unimplemented (#5.5.1)?
Aug 24 04:14:12 srv1 smtp-ssl: 13560 < [EOF]
Aug 24 04:14:12 srv1 smtp-ssl: tcpserver: end 13560 status 256
Aug 24 04:14:12 srv1 smtp-ssl: tcpserver: status: 0/100
Aug 24 04:14:12 srv1 smtp-ssl: 13560 > [EOF]
Aug 24 04:14:12 srv1 smtp-ssl: tcpserver: status: 1/100

that makes sense, spamdyke was allowing the mail to come on in.
so, this issue might actually be in qmail-toaster



Offline MRatWork

  • Administrator
  • The Elite
  • *****
  • Posts: 15,382
  • Karma: +115/-9
  • Gender: Male
    • View Profile
    • MRatWork Forum
oh, and if I try to disable spamdyke, sending breaks completely.
the mail sits in my client's outbox, tries to send, and qmail logs this:
Code: [Select]
Aug 24 04:14:12 srv1 smtp-ssl: 13560 < ?????????????????????????????????????????#???????????+
Aug 24 04:14:12 srv1 smtp-ssl: 13560 > 220 srv1.phatlabz.com - Welcome to Qmail ESMTP?
Aug 24 04:14:12 srv1 smtp-ssl: 13560 > 502 unimplemented (#5.5.1)?
Aug 24 04:14:12 srv1 smtp-ssl: 13560 > 502 unimplemented (#5.5.1)?
Aug 24 04:14:12 srv1 smtp-ssl: 13560 > 502 unimplemented (#5.5.1)?
Aug 24 04:14:12 srv1 smtp-ssl: 13560 < [EOF]
Aug 24 04:14:12 srv1 smtp-ssl: tcpserver: end 13560 status 256
Aug 24 04:14:12 srv1 smtp-ssl: tcpserver: status: 0/100
Aug 24 04:14:12 srv1 smtp-ssl: 13560 > [EOF]
Aug 24 04:14:12 srv1 smtp-ssl: tcpserver: status: 1/100

that makes sense, spamdyke was allowing the mail to come on in.
so, this issue might actually be in qmail-toaster
It's maybe your server IP in blacklist. Test your IP in mxtoolbox.com.
..:: MRatWork (Mustafa Ramadhan Projects) ::..
-- Server/Web-integrator - Web Hosting (Kloxo-MR READY!) --

Offline barrysmoke

  • Junior Member
  • *
  • Posts: 26
  • Karma: +0/-0
    • View Profile
not blacklisted, at least on the servers I'm testing.  out of the 30 or so blacklists, I am still on 1 blacklist service, but the server I'm test sending to doesn't use it.

also I verified with that packet capture, its not making it that far.  the remote mail server never recieves a connection from kloxo-mr.  qmail isn't even trying to connect.

I think I have this figured out...but not sure how to fix it.
hours of research, led me to look at dns resolution of the local server, in relation to how qmail tries to send mail out.  it has its own dns checks, and some logic in there.  I'm using 1 to 1 NAT, so that my public ip hits a pfsense firewall, that gives me a lot more control, and security to avoid hacks.  qmail doesn't like this set up.  I saw where people had applied patches, and tweaks to make qmail work behind nat.  I just can't believe I can't add an ip alias on the local centos ethernet adapter, and trick qmail into working that way. 

I've tried setting dual A records in the local dns, one with one entry being the internal private ip of the kloxo-mr server, and I tried ip aliasing.  not sure what to do next, other than switch to exim/dovecot.

Offline MRatWork

  • Administrator
  • The Elite
  • *****
  • Posts: 15,382
  • Karma: +115/-9
  • Gender: Male
    • View Profile
    • MRatWork Forum
not blacklisted, at least on the servers I'm testing.  out of the 30 or so blacklists, I am still on 1 blacklist service, but the server I'm test sending to doesn't use it.

also I verified with that packet capture, its not making it that far.  the remote mail server never recieves a connection from kloxo-mr.  qmail isn't even trying to connect.

I think I have this figured out...but not sure how to fix it.
hours of research, led me to look at dns resolution of the local server, in relation to how qmail tries to send mail out.  it has its own dns checks, and some logic in there.  I'm using 1 to 1 NAT, so that my public ip hits a pfsense firewall, that gives me a lot more control, and security to avoid hacks.  qmail doesn't like this set up.  I saw where people had applied patches, and tweaks to make qmail work behind nat.  I just can't believe I can't add an ip alias on the local centos ethernet adapter, and trick qmail into working that way. 

I've tried setting dual A records in the local dns, one with one entry being the internal private ip of the kloxo-mr server, and I tried ip aliasing.  not sure what to do next, other than switch to exim/dovecot.
If behind nat, make sure all IP in dns using public IP (not local). Also make sure all ports related to certain services already open.
..:: MRatWork (Mustafa Ramadhan Projects) ::..
-- Server/Web-integrator - Web Hosting (Kloxo-MR READY!) --

Offline barrysmoke

  • Junior Member
  • *
  • Posts: 26
  • Karma: +0/-0
    • View Profile
all ports open, all addresses in dns point to the outside address.
no firewall blocking, verified with a packet capture, for some reason qmail never tries to establish an smtp connection with the mail servers for the domains I'm sending to.
one is my gmail account, one is an account on a cpanel server I manage.  watched the exim log, and no connection attempt.  that's when I started doing packet captures to figure out what was going on.

doing a lot of qmail searching right now to see if I can get it working.

Offline barrysmoke

  • Junior Member
  • *
  • Posts: 26
  • Karma: +0/-0
    • View Profile
ok, 2 days of troubleshooting this, and I do believe it is an internal error either dealing with qmail, or how its integrated with spamdyke.
I don't think its anything related to my server being behind NAT.

Code: [Select]
Aug 27 00:10:48 srv1 send: starting delivery 78: msg 101273270 to remote barry@up-link.net
Aug 27 00:10:48 srv1 send: status: local 0/10 remote 1/60
Aug 27 00:10:48 srv1 send: starting delivery 79: msg 101273270 to remote bsmokeman@gmail.com
Aug 27 00:10:48 srv1 send: status: local 0/10 remote 2/60
Aug 27 00:10:48 srv1 send: delivery 78: deferral: Sorry,_I_wasn't_able_to_establish_an_SMTP_connection._(#4.4.1)/
Aug 27 00:10:48 srv1 send: status: local 0/10 remote 1/60
Aug 27 00:10:48 srv1 send: delivery 79: deferral: Sorry,_I_wasn't_able_to_establish_an_SMTP_connection._(#4.4.1)/
Aug 27 00:10:48 srv1 send: status: local 0/10 remote 0/60

I took the nameserver, and edited named.options.conf to allow dns forwarding, so I could control how my server's dns, and mx records resolve locally.  I then put nameserver 127.0.0.1 in my /etc/resolv.conf, and made sure it was working 100%.  I'm using google's dns servers for forwarding. 8.8.8.8, and 8.8.4.4
I tested that the 2 test domains I'm sending to do get resolved to mx records via a query by qmail(see it in a tcpdump).

qmail never tries to connect to the smtp servers though.
I can telnet to port 25 at up-link.net, and to google's mx server that is chosen, so the connections are not getting blocked by a firewall. its not a connection problem.

I can inbox you my credentials, and server addresses if you want, if you don't mind taking a look.

Offline MRatWork

  • Administrator
  • The Elite
  • *****
  • Posts: 15,382
  • Karma: +115/-9
  • Gender: Male
    • View Profile
    • MRatWork Forum
Inform here 'cat /etc/hosts'.
..:: MRatWork (Mustafa Ramadhan Projects) ::..
-- Server/Web-integrator - Web Hosting (Kloxo-MR READY!) --

Offline barrysmoke

  • Junior Member
  • *
  • Posts: 26
  • Karma: +0/-0
    • View Profile
Code: [Select]
[root@srv1 defaults]# cat /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6







### begin - add by Kloxo-MR
10.0.0.169 srv1.phatlabz.com srv1
### end - add by Kloxo-MR

Offline barrysmoke

  • Junior Member
  • *
  • Posts: 26
  • Karma: +0/-0
    • View Profile
just for the heck of it, I added our secondary server as a default smtp route in /var/qmail/control/smtproutes
I then added this server's ip address as an allowed relayhost on our secondary server.
restarted qmail, tried to send, same thing, defferral.
qmail is not working to establish any smtp connection at all outbound.  inbound works fine.

Offline barrysmoke

  • Junior Member
  • *
  • Posts: 26
  • Karma: +0/-0
    • View Profile

Offline MRatWork

  • Administrator
  • The Elite
  • *****
  • Posts: 15,382
  • Karma: +115/-9
  • Gender: Male
    • View Profile
    • MRatWork Forum
Look like IP (taken from /etc/hosts) is local IP. You need add 'IP srv1.phatlabz.com srv1' where IP is your public IP. And then reboot.
..:: MRatWork (Mustafa Ramadhan Projects) ::..
-- Server/Web-integrator - Web Hosting (Kloxo-MR READY!) --

Offline barrysmoke

  • Junior Member
  • *
  • Posts: 26
  • Karma: +0/-0
    • View Profile
cat /etc/hosts:
Code: [Select]
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6







### begin - add by Kloxo-MR
66.34.221.169 srv1.phatlabz.com srv1
### end - add by Kloxo-MR


no luck:
Code: [Select]
Aug 29 03:39:19 srv1 send: starting delivery 3: msg 101208626 to remote barry@up-link.net
Aug 29 03:39:19 srv1 send: status: local 1/10 remote 1/60
Aug 29 03:39:19 srv1 send: starting delivery 4: msg 101208626 to remote bsmokeman@gmail.com
Aug 29 03:39:19 srv1 send: status: local 1/10 remote 2/60
Aug 29 03:39:19 srv1 send: delivery 3: deferral: Sorry,_I_wasn't_able_to_establish_an_SMTP_connection._(#4.4.1)/
Aug 29 03:39:19 srv1 send: status: local 1/10 remote 1/60
Aug 29 03:39:19 srv1 send: delivery 4: deferral: Sorry,_I_wasn't_able_to_establish_an_SMTP_connection._(#4.4.1)/
Aug 29 03:39:19 srv1 send: status: local 1/10 remote 0/60


Offline MRatWork

  • Administrator
  • The Elite
  • *****
  • Posts: 15,382
  • Karma: +115/-9
  • Gender: Male
    • View Profile
    • MRatWork Forum
Give me your ssh and panel access.
..:: MRatWork (Mustafa Ramadhan Projects) ::..
-- Server/Web-integrator - Web Hosting (Kloxo-MR READY!) --

Offline barrysmoke

  • Junior Member
  • *
  • Posts: 26
  • Karma: +0/-0
    • View Profile
sent you a pm earlier with all that, let me know if it didn't go through

 


Top 4 Global Search Engines:    Google    Bing    Baidu    Yahoo
Click Here

Page created in 0.035 seconds with 19 queries.

web stats analysis