MacOS – Postfix SMTP server slow to accept incoming connection

emailmacososx-serverservicestcp

I have a snow-leopard os-x Server configuration running postfix with no local firewall on the X-Serve.

When a client attempts to connect to the SMTP port the connection takes about 15 seconds to accept the connection and get the smtp id string back.

Does anybody have any idea what the delay could be.

telnet smtpserver 25
takes 15 seconds externally

telnet localhost 25
is almost immediate

Using tcpdump on incoming firewall (separate host) and smtp server for the port shows that the connection is being passed through almost immediately but the response is very slow in coming back.

Thanks for the support.

Best Answer

The Delay is due to postfix doing a reverse lookup on the client IP and doing another lookup on that result to see if they get back to the IP.

if you are using a consumer connection to the internet most likely the first test will pass. but the second test will cause the problem.

you can verify this on the server itself.

nslookup <your client IP>

returns something like 80-41-90-213.dsl.iwx.uk.net

but on reversing that

nslookup 80-41-90-213.dsl.iwx.uk.net

you will probably get SERVFAIL after a delay.

it is that delay that is showing up when you connect to the server. To find out which one go through each server in /etc/resolve.conf

nameserver x.x.x.x
nameserver y.y.y.y
nameserver z.z.z.z

test them with

nslookup 80-41-90-213.dsl.iwx.uk.net x.x.x.x

One or more will show a delay before they come back to the command prompt.

Once you've found which DNS causes the big SERVFAIL delay, replace it with another. i.e. Googles 8.8.8.8 and 8.8.4.4 currently return relatively quickly.

Related Solutions

MacOS – Postfix Not Accepting Commands on OSX Lion – Timeout Occurs

The last three log messages turned out to be the culprit. Googling for them turned up this page;

In order to fix the problem your console is displaying, you should:

Create a submit.cred file in /etc/postfix directory (sudo touch /etc/postfix/submit.cred will do).
Create a header for that file: sudo echo "submitcred version 1" >> /etc/postfix/submit.cred
Add as many lines as the number of users you want to enable to submit mail, in the form hostname|user|passwd: sudo echo''hostname|username|password" >> /etc/postfix/submit.cred
Give the file the appropriate permissions: sudo chmod 600 /etc/postfix/submit.cred

Once you've done this you could restart postfix and everything sould run smoothly.

I created the file /etc/postfix/submit.cred and set the permissions to 0600. Everything started working after that.

A neat way to delete a stale amavisd pid_file on first boot after panic or power failure

Create a launchd item that runs on boot (system startup before amavisd is started) executing the command to test that /private/var/run/amavisd.pid exists and then delete it:

if test -f /private/var/run/amavisd.pid; then rm /private/var/run/amavisd.pid

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC -//Apple Computer//DTD PLIST 1.0//EN http://www.apple.com/DTDs/PropertyList-1.0.dtd >
<plist version="1.0">
<dict>
    <key>Label</key>
    <string>amavisd_delete_pid</string>
    <key>ProgramArguments</key>
    <array>
        <string>if</string>
        <string>test</string>
        <string>-f</string>
        <string>/private/var/run/amavisd.pid;</string>
        <string>then</string>
        <string>rm</string>
        <string>/private/var/run/amavisd.pid</string>
    </array>
    <key>RunAtLoad</key>
    <true/>
    <key>Nice</key>
    <integer>10</integer>
    <key>KeepAlive</key>
    <false/>
    <key>AbandonProcessGroup</key>
    <true/>
</dict>
</plist>

Best Answer

Related Solutions

MacOS – Postfix Not Accepting Commands on OSX Lion – Timeout Occurs

A neat way to delete a stale amavisd pid_file on first boot after panic or power failure

Related Question