[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [xymon] smtp/smtps tests against postfix generate errors on server



In <4CE87674.3040300 (at) elyograg.org> Shawn Heisey <hobbit (at) elyograg.org> writes:

>I have this message over and over in the log on my personal Debian 
>mailserver:

>improper command pipelining after MAIL from mail.example.org[ip.ad.dr.es]


>It started on November 10th, when I installed updates on the machine, 
>upgrading postfix from 2.5.5-1.1 to 2.7.1-1~bpo50+1.

>I grabbed a sniffer trace, where I found that Xymon is sending, in a 
>single packet, a "mail" command followed by "quit".  The server responds 
>with the following because this is a violation of the strict RFC:

>503 5.5.1 Error: send HELO/EHLO first
>221 2.0.0 Bye

>My postfix config has two places where it checks for unauthorized 
>pipelining, one of which was not preceded by permit_mynetworks, so I 
>fixed that, and it didn't help.

>I am running the lenny-backports xymon package, version 
>4.3.0~beta2.dfsg-5~bpo50+1.

>Can the test be re-engineered so that it follows proper SMTP protocol 
>and waits for a server response between each command?


Not easily. The network test code in Xymon is pretty "dumb", it doesn't
support a communication scenario with multiple stages. After connecting
to the port, if there's a "send" string in the protocols.cfg (bb-services) 
file it will send that, and then it will just wait to see if the 
"expect" string arrives. It doesn't support multiple expect/send sequences.

In the old days, the smtp check just waited for the "220" greeting in 
the banner from the smtp daemon and then disconnected. However, that caused
sendmail to log connections from Xymon because *that* behaviour is also
not RFC-compliant. I don't know what Postfix thinks of it - you could try
just commenting out the "send" string of the smtp-test in protocols.cfg.


Regards,
Henrik