When sending emails to some domains, you encounter any of the following:
- Timed out while performing the EHLO handshake
- Timed out while receiving the initial server greeting
May 12 14:48:29 scone postfix/smtp: 5E5E11105EE: to=, relay=mail.xxxx.com[18.104.22.168]:25, delay=3472, delays=3352/0.02/120/ 0, dsn=4.4.2, status=deferred (conversation with mail.fnsyrus.com[x.x.x.x] timed out while performing the EHLO handshake) May 12 14:48:29 17:10:32 firstname.lastname@example.org conversation with im.laotel.com[x.x.x.x] timed out while receiving the initial server greeting xxxx
These issues occur because of deferred mails, thus failing consistently with timeout or lost connection.
To resolve the issue, do any of the following:
- Open the sysctl.conf file using this command:
# vi /etc/sysctl.conf
- Look for the "tcp_window_scaling=1" parameter and set its value to "0".
- Type in ":wq!".
Do not include the quotation marks.
- Reboot the box by executing:
If you use postfix running on Linux and if you try to telnet the above host on port 25, the connection is made, but the remote mail server does not send its 220 messages upon connection.
The following option will revert back once your reboot the system:
Run the following commands:
# echo 0 > /proc/sys/net/ipv4/tcp_window_scaling
# sysctl -p
This issue is caused by "fixup protocol smtp" in some Cisco firewalls. The Cisco PIX firewall has a bug when running software older than version 5.2(4) or 6.0(1).
The "fixup protocol smtp" feature does not correctly handle the case where the "." and the "CRLF" at the end of the mail are sent in separate packets.
This makes users wonder how one recognizes a mailer behind a Cisco PIX with the "fixtool protocol smtp" enabled.
As of version 5.1 and later, the fixup protocol smpt command changes the characters in the SMTP banner to asterisks, except for "2", "0" and "0 SPACE" characters.
When you connect to a mailer behind such a filter, you see something like below:
220 **************************************0******0*********20 ****200**0*********0*00
If the issue persists, collect the following and send them to Trend Micro Technical Support:
- Packet capture dump
- Mail log
- Output of "postconf -n"