Error: TLS not available due to local problem
in [Postfix]
|
Prev: QUESTION about 'reject_sender_login_mismatch'
Next: unusual to syntax creating what looks like an open relay (Postfix2.2)
From: Vegard Svanberg on 27 Jan 2010 08:34 Hi list, I'm receiving several thousand errors per day from Postfix. The error is "454 4.7.0 TLS not available due to local problem" (see below). TLS is working, and has been for a long time. I've verified this by telnet and running STARTTLS. But it seems to stop working from time to time, and I suspect it happens when the server has a lot to do (read: being flooded by spam). I set tls_random_source to dev:/dev/urandom to rule out any entropy-related problems, but no go. The error messages give me nothing to go on, and the mail logs don't give any clues either. This is Postfix 2.5.5-1.1 (from Debian Lenny) on x86-64. Out: 220 XX ESMTP In: EHLO ne.jp Out: 250-XX Out: 250-PIPELINING Out: 250-SIZE Out: 250-VRFY Out: 250-ETRN Out: 250-STARTTLS Out: 250-AUTH PLAIN LOGIN Out: 250-ENHANCEDSTATUSCODES Out: 250-8BITMIME Out: 250 DSN In: STARTTLS Out: 454 4.7.0 TLS not available due to local problem In: MAIL FROM:<adyybiwut2410(a)ne.jp> SIZE=3282 Out: 250 2.1.0 Ok In: RCPT TO:<axeslicer(a)mydomain> Out: 450 4.1.8 <adyybiwut2410(a)ne.jp>: Sender address rejected: Domain not found In: QUIT Out: 221 2.0.0 Bye Any ideas? Thanks in advance. -- Vegard Svanberg <vegard(a)svanberg.no> [*Takapa(a)IRC (EFnet)]
From: Eero Volotinen on 27 Jan 2010 08:37 2010/1/27 Vegard Svanberg <vegard(a)svanberg.no>: > Hi list, > > I'm receiving several thousand errors per day from Postfix. The error is > "454 4.7.0 TLS not available due to local problem" (see below). > > TLS is working, and has been for a long time. I've verified this by > telnet and running STARTTLS. But it seems to stop working from time to > time, and I suspect it happens when the server has a lot to do (read: > being flooded by spam). I set tls_random_source to dev:/dev/urandom to > rule out any entropy-related problems, but no go. > > The error messages give me nothing to go on, and the mail logs don't > give any clues either. > > This is Postfix 2.5.5-1.1 (from Debian Lenny) on x86-64. > > Out: 220 XX ESMTP > In: EHLO ne.jp > Out: 250-XX > Out: 250-PIPELINING > Out: 250-SIZE > Out: 250-VRFY > Out: 250-ETRN > Out: 250-STARTTLS > Out: 250-AUTH PLAIN LOGIN > Out: 250-ENHANCEDSTATUSCODES > Out: 250-8BITMIME > Out: 250 DSN > In: STARTTLS > Out: 454 4.7.0 TLS not available due to local problem > In: MAIL FROM:<adyybiwut2410(a)ne.jp> SIZE=3282 > Out: 250 2.1.0 Ok > In: RCPT TO:<axeslicer(a)mydomain> > Out: 450 4.1.8 <adyybiwut2410(a)ne.jp>: Sender address rejected: Domain not > found > In: QUIT > Out: 221 2.0.0 Bye > > Any ideas? Thanks in advance. Look at logs. "Out: 450 4.1.8 <adyybiwut2410(a)ne.jp>: Sender address rejected: Domain not" looks like DNS problem -- Eero
From: Eero Volotinen on 27 Jan 2010 08:39 >> Any ideas? Thanks in advance. > > Look at logs. "Out: 450 4.1.8 <adyybiwut2410(a)ne.jp>: Sender address > rejected: Domain not" looks like DNS problem > Not also that you can tune postfix log level to debug out this kind of problem. -- Eero
From: Vegard Svanberg on 27 Jan 2010 08:47 * Eero Volotinen <eero.volotinen(a)iki.fi> [2010-01-27 14:41]: > Look at logs. "Out: 450 4.1.8 <adyybiwut2410(a)ne.jp>: Sender address > rejected: Domain not" looks like DNS problem Unless half of Norway's DNS servers are bad, ne.jp doesn't exist. :) -- Vegard Svanberg <vegard(a)svanberg.no> [*Takapa(a)IRC (EFnet)]
From: Eero Volotinen on 27 Jan 2010 08:55
2010/1/27 Vegard Svanberg <vegard(a)svanberg.no>: > * Eero Volotinen <eero.volotinen(a)iki.fi> [2010-01-27 14:41]: > >> Look at logs. "Out: 450 4.1.8 <adyybiwut2410(a)ne.jp>: Sender address >> rejected: Domain not" looks like DNS problem > > Unless half of Norway's DNS servers are bad, ne.jp doesn't exist. > > :) > > -- > Vegard Svanberg <vegard(a)svanberg.no> [*Takapa(a)IRC (EFnet)] to debug tls/ssl related problem, please post unedited postconf -n to mailinglist. -- Eero |