I am using a Centos 6.5 machine as a mail server with sendmail as the MTA. I have a problem with a delay of sendmail presenting its banner so that the process of accepting e-mail can begin. The log files demonstrate as much as a 2 minute delay between the connection and the banner presentation.
#telnet Mail.DOMAIN.com 25 Connected to mail. Escape character is '^]'. < two minute delay before the next line is presented> h220 Mail.DOMAIN.com. ESMTP Sendmail 8.14.4/8.14.4; Sun, 23 Mar 2014 10:17:44 -0500
Log entries on the mail server for the above connection: Mar 23 10:16:05 Mail sendmail[31229]: NOQUEUE: connect from NAME.DOMAIN.com [10.0.0.187] Mar 23 10:17:44 Mail sendmail[31229]: AUTH: available mech=GSSAPI CRAM-MD5 DIGEST-MD5, allowed mech=EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN
I have made the observation that if I put in the following line in the access file the 2 min delay goes away
Connect:10.0.0.187 RELAY
Obviously I can not set up a relay for every ip address, but this does solve the problem for internal network delivery of mail to the mail server.
I am using named for local dns service and have not been able to identify any errors or problems.
When I evaluate
nslookup NAME.DOMAIN.com 127.0.0.1 I appropriately get 10.0.0.187
So far I am stumped on this problem, if any of you have suggestions I would appreciate your help
Greg Ennis
This is probably being caused by DNS timeout trying to reverse-lookup the connecting IP. Check that your resolver (/etc/resolv.conf) is set correctly and responding to e.g. "dig -x [IP-address]" queries in a timely manner. If you are using DHCP, note that /etc/resolv.conf may be automatically created by the network setup scripts so manual edits may not "stick".
On Sun, Mar 23, 2014 at 8:39 AM, Gregory P. Ennis PoMec@pomec.net wrote:
I am using a Centos 6.5 machine as a mail server with sendmail as the MTA. I have a problem with a delay of sendmail presenting its banner so that the process of accepting e-mail can begin. The log files demonstrate as much as a 2 minute delay between the connection and the banner presentation.
#telnet Mail.DOMAIN.com 25 Connected to mail. Escape character is '^]'. < two minute delay before the next line is presented> h220 Mail.DOMAIN.com. ESMTP Sendmail 8.14.4/8.14.4; Sun, 23 Mar 2014 10:17:44 -0500
Log entries on the mail server for the above connection: Mar 23 10:16:05 Mail sendmail[31229]: NOQUEUE: connect from NAME.DOMAIN.com [10.0.0.187] Mar 23 10:17:44 Mail sendmail[31229]: AUTH: available mech=GSSAPI CRAM-MD5 DIGEST-MD5, allowed mech=EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN
I have made the observation that if I put in the following line in the access file the 2 min delay goes away
Connect:10.0.0.187 RELAY
Obviously I can not set up a relay for every ip address, but this does solve the problem for internal network delivery of mail to the mail server.
I am using named for local dns service and have not been able to identify any errors or problems.
When I evaluate
nslookup NAME.DOMAIN.com 127.0.0.1 I appropriately get 10.0.0.187
So far I am stumped on this problem, if any of you have suggestions I would appreciate your help
Greg Ennis
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
This is probably being caused by DNS timeout trying to reverse-lookup the connecting IP. Check that your resolver (/etc/resolv.conf) is set correctly and responding to e.g. "dig -x [IP-address]" queries in a timely manner. If you are using DHCP, note that /etc/resolv.conf may be automatically created by the network setup scripts so manual edits may not "stick".
On Sun, Mar 23, 2014 at 8:39 AM, Gregory P. Ennis PoMec@pomec.net wrote: ------------------------------------------------------- Bart,
Thanks for your help. It smells like a DNS problem to me as well in particular I can fix the problem with a statement in the access file like
Connect:10.0.0.186 RELAY
When I checked reverse look up using 'dig -x [ip] I am not having any problems, and /etc/resolv.conf on the mail server is set where it is supposed to be 127.0.0.1 ; I have also tried pointing this to other dns servers, and I get the same problem. I have expanded the log file entry to :
define(`confLOG_LEVEL', `29')dnl
But this does not give me any more information other than there is a clear delay between the time of connecting and the time the sendmail banner is produced by the mail server. I am also not seeing any problem in the named.log file.
Greg Ennis
Date: Sun, 23 Mar 2014 10:39:34 -0500
I am using a Centos 6.5 machine as a mail server with sendmail as the MTA. I have a problem with a delay of sendmail presenting its banner so that the process of accepting e-mail can begin. The log files demonstrate as much as a 2 minute delay between the connection and the banner presentation.
#telnet Mail.DOMAIN.com 25 Connected to mail. Escape character is '^]'. < two minute delay before the next line is presented> h220 Mail.DOMAIN.com. ESMTP Sendmail 8.14.4/8.14.4; Sun, 23 Mar 2014 10:17:44 -0500
Log entries on the mail server for the above connection: Mar 23 10:16:05 Mail sendmail[31229]: NOQUEUE: connect from NAME.DOMAIN.com [10.0.0.187] Mar 23 10:17:44 Mail sendmail[31229]: AUTH: available mech=GSSAPI CRAM-MD5 DIGEST-MD5, allowed mech=EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN
I have made the observation that if I put in the following line in the access file the 2 min delay goes away
Connect:10.0.0.187 RELAY
Obviously I can not set up a relay for every ip address, but this does solve the problem for internal network delivery of mail to the mail server.
I am using named for local dns service and have not been able to identify any errors or problems.
When I evaluate
nslookup NAME.DOMAIN.com 127.0.0.1 I appropriately get 10.0.0.187
So far I am stumped on this problem, if any of you have suggestions I would appreciate your help
Greg Ennis
---------------------------------------------------------------------------
Problem is solved.... a bit of an embarrassment ... I had two blacklisted services that were no longer active as a FEATURE in my sendmail.mc file.
combined.njabl.org blackholes.mail-abuse.org
Does anyone use other comparable services like these?
Greg Ennis
On 3/23/2014 11:49 AM, Gregory P. Ennis wrote:
nslookup NAME.DOMAIN.com 127.0.0.1 I appropriately get 10.0.0.187
So far I am stumped on this problem, if any of you have suggestions I would appreciate your help
in your DNS server, create a reverse zone for 10.0.0.0/8, like, 10.in-addr.arpa, even if it doesn't have any records other than NS and SOA.
ideally, list all your local hosts on it.
On Sun, Mar 23, 2014, John R Pierce wrote:
On 3/23/2014 11:49 AM, Gregory P. Ennis wrote:
nslookup NAME.DOMAIN.com 127.0.0.1 I appropriately get 10.0.0.187
So far I am stumped on this problem, if any of you have suggestions I would appreciate your help
in your DNS server, create a reverse zone for 10.0.0.0/8, like, 10.in-addr.arpa, even if it doesn't have any records other than NS and SOA.
Another thing that can cause long delays is to use obsolete RBLs.
Bill
-
Bart Schaefer -
Bill Campbell -
Gregory P. Ennis -
John R Pierce