[Xymon] Mail pipelining
Stephen Carville (xymon list)
scarville at lereta.com
Fri Aug 9 19:03:42 CEST 2019
I captured some traffic and this appears to be how xymon does its smtp
check. It sends EHLO and QUIT without waiting for a response to the
former. So its just annoying.
OTOH, this could get flagged as abusive by an IDS. Fail2ban on the
external gateway server (not where I first noticed it) is configured to
ban for this kind of pipelining.
On 8/9/19 7:59 AM, Stephen Carville (xymon list) wrote:
> How does XYMon send mail?
>
> I am seeing several of these kinds of messages in /var/log/maillog on
> the mail server (scamail01) but no corresponding errors in
> /var/log/maillog on the xymon (rcaxymon01) server. This doesn't seem
> right.
>
> Aug 9 07:21:41 scamail01 postfix/smtpd[32480]: connect from
> rcaxymon01.lereta.net[10.212.2.27]
>
> Aug 9 07:21:41 scamail01 postfix/smtpd[32480]: improper command
> pipelining after EHLO from rcaxymon01.lereta.net[10.212.2.27]
>
> Aug 9 07:21:41 scamail01 postfix/smtpd[32480]: disconnect from
> rcaxymon01.lereta.net[10.212.2.27]
>
> I could turn off reject_unauth_pipelining but I'd prefer not to.
>
> XYMon version: 4.3.29 (built from source)
>
> Platform: CentOS Linux release 7.6.1810
>
> Postfix version: 2.10.1
>
> --
> Stephen
> _______________________________________________
> Xymon mailing list
> Xymon at xymon.com
> http://lists.xymon.com/mailman/listinfo/xymon
More information about the Xymon
mailing list