Postfix defers mail without making connections to the remote smtp server

wayloud · 12-03-2012, 05:33 PM

Greetings all. I have a Postfix server that operates as a relay point for a large collection of QA servers that need to send email back into our corporate Exchange servers. We built the Postfix server to emulate our production server. Currently, we seem to experience a lot of this:

Dec 3 15:12:10 qalnx2 postfix/qmgr[3564]: 9E14A15A82FA: to=<rita.morgan@my_company.com>, relay=none, delay=35, delays=6.9/28/0/0, dsn=4.4.1, status=deferred (delivery temporarily suspended: connect to internalrelay.corp.my_company.com[10.2.1.25]: Connection timed out)

At first we thought this had to be some sort of rate limiting issue going on with the Exchange server. So we decided to force the issue with the following small tool on the Postfix server:

Code:

#!/bin/sh

RCPT="rita.morgan@my_company.com";
MESSAGES=100;
STARTDATE=$(date +"%H:%M");
 
echo "Starting email batch of $MESSAGES messages. Time stamp $STARTDATE";
 
while [ $MESSAGES -gt 0 ]; do
        let MESSAGES=$MESSAGES-1; 
        echo "Sent from QALNX2. Your random text is $RANDOM" | mail -s "Test Message - $STARTDATE - $MESSAGES" $RCPT;
done
 
echo "Done";

And we can see that every single message gets deferred with the error above. Here is the part that also seems strange, when looking on the wire for what's going on using

tcpdump -i eth0 -A -l port 25 and host internalrelay.corp.my_company.com

I don't see hardly any connections. A couple but not what I would expect for 100 consecutive messages dumped into the queue.

For reference, here is my main.cf:

Code:

queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
mail_owner = postfix
myhostname = qalnx2.corp.my_company.com
mydomain = corp.my_company.com
myorigin = $mydomain
inet_interfaces = all
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
unknown_local_recipient_reject_code = 550
mynetworks_style = subnet
mynetworks = 10.11.0.0/16
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
debug_peer_level = 2
sendmail_path = /usr/sbin/sendmail.postfix
newaliases_path = /usr/bin/newaliases.postfix
mailq_path = /usr/bin/mailq.postfix
setgid_group = postdrop
html_directory = no
manpage_directory = /usr/share/man
sample_directory = /usr/share/doc/postfix-2.3.3/samples
readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES
virtual_alias_maps = hash:/etc/postfix/virtual
 
# Remove pipelining to play nice with Exchange
smtp_discard_ehlo_keyword_address_maps = 
        pcre:/etc/postfix/discard_ehlo_keywords
 
smtpd_recipient_restrictions =
        permit_mynetworks
        reject_unauth_destination
        permit
 
relayhost = internalrelay.corp.my_company.com

Does it seem reasonable that my side looks ok? I'm still convinced myself that the issue is on the Exchange side.

descendant_command · 12-05-2012, 01:54 AM

Quote:

connect to internalrelay.corp.my_company.com[10.2.1.25]: Connection timed out

This would appear to be the guts of the issue.
Looks like a networking problem or something on the Exchange end (dropping the connection etc).
Check the exchange logs, investigate routing / firewall issues.
It looks like your postfix is not the problem.