Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. exim>
  3. users
Read errors and Mailman
chimera at openwarsim
Jun 10, 2002, 6:08 PM
Post #1 of 7 (1116 views)
Permalink
I am having some trouble with some Mailman lists sending mail to a
particular user. This user happens to be the list owner, and we are
attempting to figure out WHY this is happening.

Error messages in the mailq on waiting outbound mail:

g5B011p14289 398 Mon Jun 10 17:01
<umpires-admin@lists.openwarsim.net>
(reply: read error from mail1.aaahawk.com.)
<RikkiTikki@aaahawk.com>
g5A015p09560 502 Sun Jun 9 17:01
<umpires-admin@lists.openwarsim.net>
(Deferred: Connection reset by mail1.aaahawk.com.)
<RikkiTikki@aaahawk.com>

What exactly does a 'read error' mean? Is this an issue from my server,
or their server? Is there a possibility that the target server is using
an RBL that I am somehow listed in? (I had an email scare a few months
ago, stating that my IP appeared in such a DB because it was an ADSL
IP).

Any help appreciated. I couldn't find much help on Google or on the
archives.


John Jones
Re: Read errors and Mailman [ In reply to ]
twells at fsckit
Jun 10, 2002, 6:40 PM
Post #2 of 7 (1106 views)
Permalink
On Mon, Jun 10, 2002 at 06:08:53PM -0700,
John Jones <chimera@openwarsim.net> is thought to have said:

> I am having some trouble with some Mailman lists sending mail to a
> particular user. This user happens to be the list owner, and we are
> attempting to figure out WHY this is happening.
>
> Error messages in the mailq on waiting outbound mail:
>
> g5B011p14289 398 Mon Jun 10 17:01
> <umpires-admin@lists.openwarsim.net>
> (reply: read error from mail1.aaahawk.com.)
> <RikkiTikki@aaahawk.com>
> g5A015p09560 502 Sun Jun 9 17:01
> <umpires-admin@lists.openwarsim.net>
> (Deferred: Connection reset by mail1.aaahawk.com.)
> <RikkiTikki@aaahawk.com>
>
> What exactly does a 'read error' mean? Is this an issue from my server,
> or their server? Is there a possibility that the target server is using
> an RBL that I am somehow listed in? (I had an email scare a few months
> ago, stating that my IP appeared in such a DB because it was an ADSL
> IP).
>
> Any help appreciated. I couldn't find much help on Google or on the
> archives.

I'm not sure why you're posting this to exim-users since the mailq output
you quote above is not from Exim. It looks like a recent version of Sendmail
given the queue ids above.

In any case, it's likely that the problem is mail1.aaahawk.com's firewall
which appears to be a Cisco Pix with their 'MailGuard' enabled. This causes
problems with various mail servers that result in problems like the above
(SMTP sessions failing to complete, connection resets, etc). I suspect if
they turn that off ('no fixup protocol smtp') the problems will go away.

Mailguard offers nothing but a false sense of security at the expense of
ESMTP and reliable mail delivery.

Tabor

--
--------------------------------------------------------------------
Tabor J. Wells twells@fsckit.net
Fsck It! Just another victim of the ambient morality
Re: Read errors and Mailman [ In reply to ]
chimera at openwarsim
Jun 10, 2002, 7:35 PM
Post #3 of 7 (1108 views)
Permalink
> > Any help appreciated. I couldn't find much help on Google or on the
> > archives.
>
> I'm not sure why you're posting this to exim-users since the mailq output
> you quote above is not from Exim. It looks like a recent version of
Sendmail
> given the queue ids above.

Oops. Sorry, yes, that is from the second server, which is indeed running
Sendmail. However, the Exim server reports:

33h 2.5K 17H7V1-0004bs-00 <chimera@openwarsim.net>
RikkiTikki@aaahawk.com

33h 2.7K 17H7Vu-0004bz-00 <chimera@openwarsim.net>
RikkiTikki@aaahawk.com

33h 2.6K 17H7Xi-0004c6-00 <chimera@openwarsim.net>
RikkiTikki@aaahawk.com

33h 1.0K 17H7ZK-0004cE-00 <chimera@openwarsim.net>
RikkiTikki@aaahawk.com

21h 1.4K 17HIBT-00054M-00 <chimera@openwarsim.net>
RikkiTikki@aaahawk.com

I am rerunning the mailq now, after deleting everything in the /db directory
(so it would stop giving me 'retry time not exceeded'). It is taking a
while, however.

> In any case, it's likely that the problem is mail1.aaahawk.com's firewall
> which appears to be a Cisco Pix with their 'MailGuard' enabled. This
causes
> problems with various mail servers that result in problems like the above
> (SMTP sessions failing to complete, connection resets, etc). I suspect if
> they turn that off ('no fixup protocol smtp') the problems will go away.

That gives me enough to at least talk to them about it. I was wondering if
I was somehow listed on the RBL.

> Mailguard offers nothing but a false sense of security at the expense of
> ESMTP and reliable mail delivery.

Is there a way to configure Exim at all to communicate with this?
Re: Read errors and Mailman [ In reply to ]
dsh8290 at rit
Jun 10, 2002, 8:22 PM
Post #4 of 7 (1099 views)
Permalink
--
On Mon, Jun 10, 2002 at 07:35:07PM -0700, Chimera wrote:

| > > Any help appreciated. I couldn't find much help on Google or on the
| > > archives.
| >
| > I'm not sure why you're posting this to exim-users since the mailq output
| > you quote above is not from Exim. It looks like a recent version of
| Sendmail
| > given the queue ids above.
|
| Oops. Sorry, yes, that is from the second server, which is indeed running
| Sendmail. However, the Exim server reports:

| I am rerunning the mailq now, after deleting everything in the /db directory
| (so it would stop giving me 'retry time not exceeded'). It is taking a
| while, however.

Run 'exim -qf' to force re-delivery of queued mail.

| > In any case, it's likely that the problem is mail1.aaahawk.com's
| > firewall which appears to be a Cisco Pix with their 'MailGuard'
| > enabled. This causes problems with various mail servers that
| > result in problems like the above (SMTP sessions failing to
| > complete, connection resets, etc). I suspect if they turn that off
| > ('no fixup protocol smtp') the problems will go away.

While I haven't actually seen one of these devices, that sounds like a
plausible explanation.

| That gives me enough to at least talk to them about it. I was wondering if
| I was somehow listed on the RBL.
|
| > Mailguard offers nothing but a false sense of security at the expense of
| > ESMTP and reliable mail delivery.
|
| Is there a way to configure Exim at all to communicate with this?

I'm not sure. Before I read the rest of the queue I decided to play
with the server via telnet. It gives some interesting responses (eg
the banner and the helo reply), and seems to just hang if you give it
a whole bunch of "unimplemented" commands. That looks like a really
bad implementation to me, and correlates with Tabor's explanation. A
little more playing ... "ehlo" is unimplemented; a newline in a
command causes the hang.

-D

--

The lot is cast into the lap,
but its every decision is from the Lord.
Proverbs 16:33

GnuPG key : http://dman.ddts.net/~dman/public_key.gpg

--
[ Content of type application/pgp-signature deleted ]
--
Re: Re: Read errors and Mailman [ In reply to ]
chimera at openwarsim
Jun 10, 2002, 8:30 PM
Post #5 of 7 (1099 views)
Permalink
> I'm not sure. Before I read the rest of the queue I decided to play
> with the server via telnet. It gives some interesting responses (eg
> the banner and the helo reply), and seems to just hang if you give it
> a whole bunch of "unimplemented" commands. That looks like a really
> bad implementation to me, and correlates with Tabor's explanation. A
> little more playing ... "ehlo" is unimplemented; a newline in a
> command causes the hang.

This is all good information to arm myself with when I do get their admins
on the phone. Thanks everyone for the help. Any more, of course, is
certainly appreciated.


John
Re: Re: Read errors and Mailman [ In reply to ]
djc at microwave
Jun 10, 2002, 8:44 PM
Post #6 of 7 (1102 views)
Permalink
On Mon, 10 Jun 2002, Derrick 'dman' Hudson wrote:

> | That gives me enough to at least talk to them about it. I was wondering if
> | I was somehow listed on the RBL.
> |
> | > Mailguard offers nothing but a false sense of security at the expense of
> | > ESMTP and reliable mail delivery.
> |
> | Is there a way to configure Exim at all to communicate with this?
>
> I'm not sure. Before I read the rest of the queue I decided to play
> with the server via telnet. It gives some interesting responses (eg
> the banner and the helo reply), and seems to just hang if you give it
> a whole bunch of "unimplemented" commands. That looks like a really
> bad implementation to me, and correlates with Tabor's explanation. A
> little more playing ... "ehlo" is unimplemented; a newline in a
> command causes the hang.

The PIX isnt actually an MTA, its just a TCP-level filter/proxy. While
Cisco makes a damn fine router (IOS blows ANYthing from any other router
vendor away), the PIX SMTP 'protection' is utter shit. A fairly good
indicator that a site is behind a PIX is that the perfectly good SMTP
banner send by the server will be turned into a big long string full of
asterisks with a few characters (the 220 code, mostly) interspersed.

The way to fix the problem is to turn off the SMTP 'protection' in the
PIX. (as someone previously noted, the command is "no fixup protocol
smtp' - you can give this to the PIX admin in they they are clueless or
dont want to sepdn time figuring out how to do this)
Re: Re: Read errors and Mailman [ In reply to ]
twells at fsckit
Jun 11, 2002, 8:02 AM
Post #7 of 7 (1106 views)
Permalink
On Mon, Jun 10, 2002 at 10:22:46PM -0500,
Derrick 'dman' Hudson <dsh8290@rit.edu> is thought to have said:

> | > Mailguard offers nothing but a false sense of security at the expense of
> | > ESMTP and reliable mail delivery.
> |
> | Is there a way to configure Exim at all to communicate with this?
>
> I'm not sure. Before I read the rest of the queue I decided to play
> with the server via telnet. It gives some interesting responses (eg
> the banner and the helo reply), and seems to just hang if you give it
> a whole bunch of "unimplemented" commands. That looks like a really
> bad implementation to me, and correlates with Tabor's explanation. A
> little more playing ... "ehlo" is unimplemented; a newline in a
> command causes the hang.

Hmm. Looks like when I responded to the original requestor late last night,
the list didn't cc'd. For the benefit of the archives relating to the last
question above:

FAQ Q0021 (in the Exim 3 FAQ) comes into play here I think. Personally I've
had some success with setting DELIVER_OUT_BUFFER_SIZE low as suggested in
the FAQ but YMMV. However the better solution, if possible, is to convince
the remote site that MailGuard is a PoS and should be turned off.

Tabor

--
--------------------------------------------------------------------
Tabor J. Wells twells@fsckit.net
Fsck It! Just another victim of the ambient morality

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal