Postfix oder qmail: timed out while receiving the initial server greeting

[lakul]

Hallo,

ich habe bei mir Ubuntu Ubuntu 8.04 und Plesk 10.3.1 mit Postfix laufen. Soweit funktioniert alles wunderbar, bis auf einen Fehler. Ich kann keine E-Mails an z.b kp.org versenden. Ich erhalte immer folgende Fehlermeldung (Meine Servername ist mit "server" verfälscht dargstellt):

Code:

Nov 21 10:44:43 server postfix/smtp[1898]: 25FD27184A2: conversation with mail1.kp.org[162.119.133.96] timed out while receiving the initial server greeting
Nov 21 10:45:04 server postfix/smtp[1898]: connect to mail1.kp.org[162.119.133.106]:25: Connection timed out

Ich hatte vorher qmail, da kam der gleiche Fehler, daher der Wechsel zu Postfix, welcher aber scheinbar nichts brachte. Das Dumme, die Rückmeldung, dass der Server nicht erreicht werden konnte, kommt erst nach ca. 1 Woche. Definitiv muss es aber an meinem Server liegen und nicht an kp.org, denn von jeder anderen E-Mail Dienstleister (Google, Yahoo, GMX etc.) wo ich Adressen habe klappt es. Es gibt zwar verschiedene Ergebnisse bei Google mit ähnlichen Fehlern, aber ich konnte keine Workaround finden.

Ich habe meine IP bereits bei rbl-check.com geprüft, ob ich auf einer Backlist stehe, aber es ist alles "sauber".

Könnte es etwas damit zu tun haben, dass mein E-Mail Header immer so aussieht:

Code:

Received: from h1234567.stratoserver.net (meine-absender-domain.de. [meine-absender-ip])

Ich habe bereits eine Verbidung zu kp.org per

Code:

telnet mail1.kp.org 25

(Deren Mailserver sind mail1 mail2 und mail3.)

durchgespielt. Das einige was auffällt, dass die Begrüßung des Servers bis zu 20s dauert.

Ich denke meine main.cf und master.cf könnte euch noch helfen:

main.cf

Code:

#myorigin = /etc/mailname
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no
append_dot_mydomain = no
#delay_warning_time = 4h
readme_directory = no
smtpd_tls_cert_file = /etc/postfix/postfix_default.pem
smtpd_tls_key_file = $smtpd_tls_cert_file
smtpd_use_tls = yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
myhostname = h123456.stratoserver.net
alias_maps = hash:/etc/aliases, hash:/var/spool/postfix/plesk/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = localhost.localdomain, localhost.stratoserver.net, localhost
relayhost =
mynetworks = 127.0.0.0/8 [::1]/128 172.16.0.1/32 85.214.16.51/32 85.214.220.217/32
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 51200000
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all
virtual_mailbox_domains = $virtual_mailbox_maps, hash:/var/spool/postfix/plesk/virtual_domains
virtual_alias_maps = $virtual_maps, hash:/var/spool/postfix/plesk/virtual
virtual_mailbox_maps = hash:/var/spool/postfix/plesk/vmailbox
transport_maps = hash:/var/spool/postfix/plesk/transport
smtpd_tls_security_level = may
smtp_tls_security_level = may
smtp_use_tls = no
smtpd_timeout = 3600s
smtpd_proxy_timeout = 3600s
disable_vrfy_command = yes
smtpd_sender_restrictions = check_sender_access hash:/var/spool/postfix/plesk/blacklists, permit_sasl_authenticated, check_client_access pcre:/var/spool/postfix/plesk/non_auth.re
smtp_send_xforward_command = yes
smtpd_authorized_xforward_hosts = 127.0.0.0/8 [::1]/128
smtpd_sasl_auth_enable = yes
smtpd_recipient_restrictions = permit_mynetworks, check_client_access pcre:/var/spool/postfix/plesk/no_relay.re, permit_sasl_authenticated, reject_unauth_destination
virtual_mailbox_base = /var/qmail/mailnames
virtual_uid_maps = static:110
virtual_gid_maps = static:31
virtual_transport = plesk_virtual
plesk_virtual_destination_recipient_limit = 1
mailman_destination_recipient_limit = 1
smtpd_client_restrictions =

master.cf

Code:

smtp inet n - - - - smtpd -o smtpd_proxy_filter=127.0.0.1:10025
submission inet n       -       -       -       -       smtpd
  -o smtpd_tls_security_level=encrypt
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
pickup fifo n - - 60 1 pickup -o content_filter=smtp:127.0.0.1:10027
cleanup   unix  n       -       -       -       0       cleanup
qmgr fifo n - n 1 1 qmgr
#qmgr     fifo  n       -       -       300     1       oqmgr
tlsmgr    unix  -       -       -       1000?   1       tlsmgr
rewrite   unix  -       -       -       -       -       trivial-rewrite
bounce    unix  -       -       -       -       0       bounce
defer     unix  -       -       -       -       0       bounce
trace     unix  -       -       -       -       0       bounce
verify    unix  -       -       -       -       1       verify
flush     unix  n       -       -       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
proxywrite unix -       -       n       -       1       proxymap
smtp      unix  -       -       -       -       -       smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
relay     unix  -       -       -       -       -       smtp
        -o smtp_fallback_relay=
#       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq     unix  n       -       -       -       -       showq
error     unix  -       -       -       -       -       error
retry     unix  -       -       -       -       -       error
discard   unix  -       -       -       -       -       discard
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       -       -       -       lmtp
anvil     unix  -       -       -       -       1       anvil
scache    unix  -       -       -       -       1       scache

maildrop  unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
#
# See the Postfix UUCP_README file for configuration details.
#
uucp      unix  -       n       n       -       -       pipe
  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
#
# Other external delivery methods.
#
ifmail    unix  -       n       n       -       -       pipe
  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp     unix  -       n       n       -       -       pipe
  flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix  -       n       n       -       2       pipe
  flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman unix - n n - - pipe flags=R user=list:list argv=/usr/lib/plesk-9.0/postfix-mailman ${nexthop} ${user} ${recipient}


plesk_virtual unix - n n - - pipe flags=DORhu user=popuser:popuser argv=/usr/lib/plesk-9.0/postfix-local -f ${sender} -d ${recipient} -p /var/qmail/mailnames
127.0.0.1:10025 inet n n n - - spawn user=mhandlers-user argv=/usr/lib/plesk-9.0/postfix-queue 127.0.0.1 10027 before-queue
127.0.0.1:10026 inet n - - - - smtpd  -o smtpd_client_restrictions=  -o smtpd_helo_restrictions=  -o smtpd_sender_restrictions=  -o smtpd_recipient_restrictions=permit_mynetworks,reject  -o smtpd_data_restrictions=  -o receive_override_options=no_unknown_recipient_checks
127.0.0.1:10027 inet n n n - - spawn user=mhandlers-user argv=/usr/lib/plesk-9.0/postfix-queue 127.0.0.1 10026 before-remote
plesk_saslauthd unix y y y - 1 plesk_saslauthd status=5 listen=6 dbpath=/plesk/passwd.db
smtps inet n - - - - smtpd -o smtpd_proxy_filter=127.0.0.1:10025 -o smtpd_tls_wrappermode=yes

Meine iptables sind denke ich auch noch wichtig:

Code:

Chain INPUT (policy DROP)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED
REJECT     tcp  --  anywhere             anywhere            tcp flags:!FIN,SYN,RST,ACK/SYN reject-with tcp-reset
DROP       all  --  anywhere             anywhere            state INVALID
ACCEPT     all  --  anywhere             anywhere
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:587
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:25
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:465
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:110
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:995
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:143
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:993
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:106

Chain OUTPUT (policy DROP)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED
REJECT     tcp  --  anywhere             anywhere            tcp flags:!FIN,SYN,RST,ACK/SYN reject-with tcp-reset
DROP       all  --  anywhere             anywhere            state INVALID
ACCEPT     all  --  anywhere             anywhere
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:587
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:25
ACCEPT     all  --  anywhere             anywhere

Habt ihr eine Tipp für mich?

Danke.

lakul