hi all,
since about a day, my firewall Home edition 18.5.2 is not sending out any mails anymore.
It seems it cannot connect to the smtp servers of the domains it tries to send to.
Oddly enough, I can telnet from the firewall advanced console into those mail servers, and sending from my Exchange server directly to internet works as well.
The original SMTP Firewall rule created when setting up MTA is obviously working.
Here is what I see in the smtpd_main.log for one such attempt:
25264 queue-runner forked for qrun-delivery: 25294
25294 postfork: qrun-delivery
25294 locking /sdisk/spool/output//db/retry.lockfile
25294 >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
25294 Considering: xxx.yyy@gmail.com
25294 unique = xxx.yyy@gmail.com
25294 xxx.yyy@gmail.com: queued for routing
25294 >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
25294 routing xxx.yyy@gmail.com
25294 --------> router_for_notifications router <--------
25294 local_part=xxx.yyy domain=gmail.com
25294 checking "condition" "${if and{{bool_lax{1}}{bool_lax{${if eq{$acl_c1}{1}{1}{0}}}}}}"...
25294 router_for_notifications router skipped: condition failure
25294 --------> batv_redirect router <--------
25294 local_part=xxx.yyy domain=gmail.com
25294 checking domains
25294 batv_redirect router skipped: domains mismatch
25294 --------> static_route_hostlist_for_email router <--------
25294 local_part=xxx.yyy domain=gmail.com
25294 checking "condition" "${if match_address{$local_part@$domain}{+hostlist_route_emails}{1}{0}}"...
25294 static_route_hostlist_for_email router skipped: condition failure
25294 --------> static_route_hostlist router <--------
25294 local_part=xxx.yyy domain=gmail.com
25294 checking domains
25294 static_route_hostlist router skipped: domains mismatch
25294 --------> static_route_bymx_for_email router <--------
25294 local_part=xxx.yyy domain=gmail.com
25294 checking "condition" "${if match_address{$local_part@$domain}{+mx_route_emails}{1}{0}}"...
25294 static_route_bymx_for_email router skipped: condition failure
25294 --------> static_route_bymx router <--------
25294 local_part=xxx.yyy domain=gmail.com
25294 checking domains
25294 static_route_bymx router skipped: domains mismatch
25294 --------> static_route_bydns_for_email router <--------
25294 local_part=xxx.yyy domain=gmail.com
25294 checking "condition" "${if match_address{$local_part@$domain}{+dns_route_emails}{1}{0}}"...
25294 static_route_bydns_for_email router skipped: condition failure
25294 --------> static_route_bydns router <--------
25294 local_part=xxx.yyy domain=gmail.com
25294 checking domains
25294 static_route_bydns router skipped: domains mismatch
25294 --------> smart_host_route router <--------
25294 local_part=xxx.yyy domain=gmail.com
25294 checking domains
25294 checking "condition" "0"...
25294 smart_host_route router skipped: condition failure
25294 --------> default_mx_router router <--------
25294 local_part=xxx.yyy domain=gmail.com
25294 calling default_mx_router router
25294 default_mx_router router called for xxx.yyy@gmail.com
25294 domain = gmail.com
25294 set transport remote_smtp
25294 queued for remote_smtp transport: local_part = xxx.yyy
25294 domain = gmail.com
25294 errors_to=NULL
25294 domain_data=NULL local_part_data=NULL
25294 routed by default_mx_router router
25294 envelope to: xxx.yyy@gmail.com
25294 transport: remote_smtp
25294 host gmail-smtp-in.l.google.com [2a00:1450:4013:c05::1b] MX=5 dnssec=no
25294 host gmail-smtp-in.l.google.com [108.177.126.27] MX=5 dnssec=no
25294 host alt1.gmail-smtp-in.l.google.com [2a00:1450:4010:c1c::1b] MX=10 dnssec=no
25294 host alt1.gmail-smtp-in.l.google.com [142.250.150.26] MX=10 dnssec=no
25294 host alt2.gmail-smtp-in.l.google.com [2404:6800:4003:c00::1a] MX=20 dnssec=no
25294 host alt2.gmail-smtp-in.l.google.com [74.125.200.27] MX=20 dnssec=no
25294 host alt3.gmail-smtp-in.l.google.com [2404:6800:4008:c13::1a] MX=30 dnssec=no
25294 host alt3.gmail-smtp-in.l.google.com [142.250.157.27] MX=30 dnssec=no
25294 host alt4.gmail-smtp-in.l.google.com [2607:f8b0:400e:c00::1b] MX=40 dnssec=no
25294 host alt4.gmail-smtp-in.l.google.com [173.194.202.27] MX=40 dnssec=no
25294 >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
25294 After routing:
25294 Local deliveries:
25294 Remote deliveries:
25294 xxx.yyy@gmail.com
25294 Failed addresses:
25294 Deferred addresses:
25294 qrun-delivery forking for transport
25294 qrun-delivery forked for transport: 25295
25294 LOG: MAIN
25294 == xxx.yyy@gmail.com R=default_mx_router T=remote_smtp defer (110): Connection timed out DT=15s
2022-02-22 16:24:24.290 [25294] cWjQdg-lLWts3-Y5 == xxx.yyy@gmail.com R=default_mx_router T=remote_smtp defer (110): Connection timed out DT=15s
25294 locking /sdisk/spool/output//db/retry.lockfile
25294 >>>>>>>>>>>>>>>> Exim pid=25294 (qrun-delivery) terminating with rc=0 >>>>>>>>>>>>>>>>
The interesting part is now the transport:
25295 postfork: transport
25295 T: remote_smtp: for xxx.yyy@gmail.com
25295 locking /sdisk/spool/output//db/retry.lockfile
25295 Relate with Firewall rule id: 39
25295 LOG: MAIN
25295 H=gmail-smtp-in.l.google.com [2a00:1450:4013:c05::1b]:25 Network is unreachable
2022-02-22 16:24:08.862 [25295] cWjQdg-lLWts3-Y5 H=gmail-smtp-in.l.google.com [2a00:1450:4013:c05::1b]:25 Network is unreachable
25295 locking /sdisk/spool/output//db/retry.lockfile
25295 Relate with Firewall rule id: 39
25295 LOG: MAIN
25295 H=gmail-smtp-in.l.google.com [108.177.126.27]:25 Connection timed out
2022-02-22 16:24:24.288 [25295] cWjQdg-lLWts3-Y5 H=gmail-smtp-in.l.google.com [108.177.126.27]:25 Connection timed out
25295 locking /sdisk/spool/output//db/retry.lockfile
25295 locking /sdisk/spool/output//db/retry.lockfile
25295 locking /sdisk/spool/output//db/retry.lockfile
25295 locking /sdisk/spool/output//db/retry.lockfile
25295 locking /sdisk/spool/output//db/retry.lockfile
25295 locking /sdisk/spool/output//db/retry.lockfile
25295 locking /sdisk/spool/output//db/retry.lockfile
25295 locking /sdisk/spool/output//db/retry.lockfile
25295 locking /sdisk/spool/output//db/wait-remote_smtp.lockfile
Why is it not able to connect to that server 108.177.126.27
? I can connect via telnet from the advanced console.
I havent done anything to the network config. Rebooting the device did not change anything.
This thread was automatically locked due to age.