Date: Mon, 7 Nov 2005 23:36:53 -0800 (PST) From: Andrew Thomas <ath101a@yahoo.com> To: freebsd-questions@freebsd.org Subject: Network strangeness only with incoming email Message-ID: <20051108073654.10968.qmail@web60515.mail.yahoo.com>
next in thread | raw e-mail | index | archive | help
Only during _incoming_ email there are a lot of network errors/pauses, including 'tcp retransmission' errors. This seems to cause sendmail to generate the infamous "did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA" errormessage. Yes, some of this is from spammers. But, email from known good sources is bouncing due to this problem as well - frequently. We're seeing upwards of 400 of the MTA errors a day on this box that normally sees maybe 100 spam rejects from rbl lists and maybe 50 legit messages in the same time period. Note that all other traffic seems to be fine, including connecting from an email client from inside the office. This is what's so boggling. Why only incoming email from the internet? I'm hoping someone can give me an idea where this problem might lie. Other important info: This has been going on for months now. It started with an old machine running 4.6 stable from too long ago to remember. That box is now retired and a brand new one is in its place running 5.4 stable. So, new OS and completely new hardware (including NICs - the old was an 'fxp' and the new is an 'sk' for completeness). Sendmail has been used all along. In desperation I figured I'd try postfix. The same problems occur. DNS queries are in the 10s of ms range so it's not slow DNS lookups. The box itself doesn't have DNS, using the hosts file instead since it's inside a small office. Also, I tried removing the rbl checking and it didn't change a thing. I ran tcpdump and what I think is an example of the pertinent output is below. Does _anyone_ have any ideas what the problem might be? It finally occurred to me today to check the cable and such but why would it only cause problems for email? The DSL router it's hooked up to has been cycled many times. Any help would be greatly appreciated. Thanks! Andy 6353 12:46:09.124457 y.y.y.y x.x.x.x TCP 60558 > smtp [SYN] Seq=0 Ack=0 Win=16384 Len=0 MSS=1400 6354 12:46:09.124527 x.x.x.x y.y.y.y TCP smtp > 60558 [SYN, ACK] Seq=0 Ack=1 Win=65535 Len=0 MSS=1460 6355 12:46:09.126246 y.y.y.y x.x.x.x TCP 60559 > smtp [SYN] Seq=0 Ack=0 Win=16384 Len=0 MSS=1400 6356 12:46:09.126274 x.x.x.x y.y.y.y TCP smtp > 60559 [SYN, ACK] Seq=0 Ack=1 Win=65535 Len=0 MSS=1460 6359 12:46:09.217220 y.y.y.y x.x.x.x TCP 60558 > smtp [ACK] Seq=1 Ack=1 Win=16800 Len=0 6361 12:46:09.219982 y.y.y.y x.x.x.x TCP 60559 > smtp [ACK] Seq=1 Ack=1 Win=16800 Len=0 6370 12:46:11.742768 x.x.x.x y.y.y.y TCP 63520 > auth [SYN] Seq=0 Ack=0 Win=65535 Len=0 MSS=1460 WS=1 TSV=290246199 TSER=0 6372 12:46:11.744676 x.x.x.x y.y.y.y TCP 61983 > auth [SYN] Seq=0 Ack=0 Win=65535 Len=0 MSS=1460 WS=1 TSV=290246199 TSER=0 6373 12:46:14.740948 x.x.x.x y.y.y.y TCP 63520 > auth [SYN] Seq=0 Ack=0 Win=131070 Len=0 MSS=1460 WS=1 TSV=290246499 TSER=0 6374 12:46:14.740958 x.x.x.x y.y.y.y TCP 61983 > auth [SYN] Seq=0 Ack=0 Win=131070 Len=0 MSS=1460 WS=1 TSV=290246499 TSER=0 8385 12:46:54.213542 y.y.y.y x.x.x.x TCP 60559 > smtp [FIN, ACK] Seq=1 Ack=1 Win=16800 Len=0 8389 12:46:54.242433 y.y.y.y x.x.x.x TCP 60558 > smtp [FIN, ACK] Seq=1 Ack=1 Win=16800 Len=0 8735 12:46:57.073048 y.y.y.y x.x.x.x TCP [TCP Retransmission] 60558 > smtp [FIN, ACK] Seq=1 Ack=1 Win=16800 Len=0 8736 12:46:57.074292 y.y.y.y x.x.x.x TCP [TCP Retransmission] 60559 > smtp [FIN, ACK] Seq=1 Ack=1 Win=16800 Len=0 9460 12:47:03.119595 y.y.y.y x.x.x.x TCP [TCP Retransmission] 60558 > smtp [FIN, ACK] Seq=1 Ack=1 Win=16800 Len=0 9461 12:47:03.120839 y.y.y.y x.x.x.x TCP [TCP Retransmission] 60559 > smtp [FIN, ACK] Seq=1 Ack=1 Win=16800 Len=0 10930 12:47:15.175216 y.y.y.y x.x.x.x TCP [TCP Retransmission] 60558 > smtp [FIN, ACK] Seq=1 Ack=1 Win=16800 Len=0 10931 12:47:15.176185 y.y.y.y x.x.x.x TCP [TCP Retransmission] 60559 > smtp [FIN, ACK] Seq=1 Ack=1 Win=16800 Len=0 13806 12:47:39.341907 y.y.y.y x.x.x.x TCP [TCP Retransmission] 60558 > smtp [FIN, ACK] Seq=1 Ack=1 Win=16800 Len=0 13807 12:47:39.342451 y.y.y.y x.x.x.x TCP [TCP Retransmission] 60559 > smtp [FIN, ACK] Seq=1 Ack=1 Win=16800 Len=0 15069 12:48:27.460972 y.y.y.y x.x.x.x TCP [TCP Retransmission] 60558 > smtp [FIN, ACK] Seq=1 Ack=1 Win=16800 Len=0 15070 12:48:27.461933 y.y.y.y x.x.x.x TCP [TCP Retransmission] 60559 > smtp [FIN, ACK] Seq=1 Ack=1 Win=16800 Len=0 15116 12:50:23.513002 x.x.x.x y.y.y.y SMTP Response: 220 x.domain.com ESMTP Sendmail 8.13.4/8.13.4; Mon, 7 Nov 2005 12:46:17 -0800 (PST) 15117 12:50:23.513013 x.x.x.x y.y.y.y SMTP Response: 220 x.domain.com ESMTP Sendmail 8.13.4/8.13.4; Mon, 7 Nov 2005 12:46:17 -0800 (PST) __________________________________ Yahoo! FareChase: Search multiple travel sites in one click. http://farechase.yahoo.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20051108073654.10968.qmail>