[SOLVED] timed out while receiving the initial server greeting

Discuss your pilot or production implementation with other Zimbra admins or our engineers.
eaperezh
Advanced member
Advanced member
Posts: 71
Joined: Fri Sep 12, 2014 10:05 pm

[SOLVED] timed out while receiving the initial server greeting

Postby eaperezh » Mon Nov 30, 2009 7:55 am

A new, weeks old, installation of Zimbra Release 6.0.1_GA_1816.RHEL5_20090911181524 CentOS5 FOSS edition.

Suddenly all my email get queued and maillog just displays:
Nov 30 08:42:27 correo postfix/smtp[7306]: 774E6B0DD40: conversation with gmail-smtp-in.l.google.com[209.85.210.93] timed out while receiving the initial server greeting
In this case, the example points to gmail, but it is happenning with ALL the domains we try to send email to.
A reboot of the server does not fix the issue, we use OpenDNS as our Zimbra DNS, we have not installed patches or upgrades to the Centos5 we are using.
The only yhing i see is that the "stats" service keeps dying for no reason.
thanks for your comments.


eaperezh
Advanced member
Advanced member
Posts: 71
Joined: Fri Sep 12, 2014 10:05 pm

[SOLVED] timed out while receiving the initial server greeting

Postby eaperezh » Mon Nov 30, 2009 8:02 am

On google I constantly find a reference to do this...but no explanations..
#echo 0 > /proc/sys/net/ipv4/tcp_window_scaling
this is to disabling tcp_window_scaling
still looking
eaperezh
Advanced member
Advanced member
Posts: 71
Joined: Fri Sep 12, 2014 10:05 pm

[SOLVED] timed out while receiving the initial server greeting

Postby eaperezh » Mon Nov 30, 2009 8:10 am

Tested it and did not resolved my issue.
I will now investigate if some thing changed on the routers of firewalls (maybe someone did a smtp fixup somewhere)
phoenix
Ambassador
Ambassador
Posts: 26343
Joined: Fri Sep 12, 2014 9:56 pm
Location: Liverpool, England

[SOLVED] timed out while receiving the initial server greeting

Postby phoenix » Mon Nov 30, 2009 8:13 am

eaperezh wrote:On google I constantly find a reference to do this...but no explanations..
There are tons of references to what that's for: tcp_window_scaling - Yahoo! Search Results - it would not cause the problem you're experiencing. If you don't know what those commands do then do not run them or you risk ruining your network performance.
I'd investigate if you have any problem by trying to telnet to those mail servers.
Regards

Bill

Rspamd: A high performance spamassassin replacement

If you'd like to see this implemented in a future version of ZCS then please vote on Bugzilla entries 97706 & 108168
eaperezh
Advanced member
Advanced member
Posts: 71
Joined: Fri Sep 12, 2014 10:05 pm

[SOLVED] timed out while receiving the initial server greeting

Postby eaperezh » Mon Nov 30, 2009 8:39 am

Is there any specific logs that might help me look for the error?

I mean zimbra logs..
phoenix
Ambassador
Ambassador
Posts: 26343
Joined: Fri Sep 12, 2014 9:56 pm
Location: Liverpool, England

[SOLVED] timed out while receiving the initial server greeting

Postby phoenix » Mon Nov 30, 2009 8:47 am

The logs will only tell you what you already know, the connection times out. Try to telnet to those server and investigate your network, firewall, SElinux, DNS or anything else that may be causing the problem.
Regards

Bill

Rspamd: A high performance spamassassin replacement

If you'd like to see this implemented in a future version of ZCS then please vote on Bugzilla entries 97706 & 108168
eaperezh
Advanced member
Advanced member
Posts: 71
Joined: Fri Sep 12, 2014 10:05 pm

[SOLVED] timed out while receiving the initial server greeting

Postby eaperezh » Mon Nov 30, 2009 11:35 am

We called the firewall administrator (an outsourcer) and he checked the firewall logs. he found several DROPs due to sequence verifier IPS module. the link to the "attack" is this:

Check Point Software: SmartDefense Advisory - RST attack on RFC-based TCP stacks
He disabled that check for the email server and is now working perfectly.
We are now wondering what we did in order to trigger the checkpoint into thinking WE were the attacking machine....
anyways, the "solution" to this problem was to check the firewall. There was nothing wrong with zimbra...

Return to “Administrators”

Who is online

Users browsing this forum: Google [Bot] and 6 guests