Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: s.mann
s.mann Author
User level: Level 1
8 points

lost connection after AUTH from server.domain.com[xx.xx.xx.xx]

Hi Folks,


we got a Mac OSX Lion server running and we use it as our mailserver. We got also a Jira server running on another physical machine. Now we got the problem, when in our Jira many tickets are edited and the Jira try to send all the notifaction mails, we get exceptions in out Jira:


com.atlassian.mail.MailException: javax.mail.AuthenticationFailedException:

at com.atlassian.mail.server.impl.SMTPMailServerImpl.send(SMTPMailServerImpl.java: 183)

at com.atlassian.mail.queue.SingleMailQueueItem.send(SingleMailQueueItem.java:38)

at com.atlassian.mail.queue.MailQueueImpl.sendBuffer(MailQueueImpl.java:66)

at com.atlassian.jira.service.services.mail.MailQueueService.run(MailQueueService. java:23)

at com.atlassian.jira.service.JiraServiceContainerImpl.run(JiraServiceContainerImp l.java:60)

at com.atlassian.jira.service.ServiceRunner.execute(ServiceRunner.java:47)

at org.quartz.core.JobRunShell.run(JobRunShell.java:195)

at com.atlassian.multitenant.quartz.MultiTenantThreadPool$MultiTenantRunnable.run( MultiTenantThreadPool.java:72)

at org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:520)

Caused by: javax.mail.AuthenticationFailedException:

at com.sun.mail.smtp.SMTPTransport$Authenticator.authenticate(SMTPTransport.java:8 09)

at com.sun.mail.smtp.SMTPTransport.authenticate(SMTPTransport.java:752)

at com.sun.mail.smtp.SMTPTransport.protocolConnect(SMTPTransport.java:669)

at javax.mail.Service.connect(Service.java:317)

at javax.mail.Service.connect(Service.java:176)

at javax.mail.Service.connect(Service.java:125)

at com.atlassian.mail.server.impl.SMTPMailServerImpl.send(SMTPMailServerImpl.java: 154)

... 8 more


and on the mac server i see this in the logfiles:


May 2 15:56:28 groupware postfix/smtpd[16551]: connect from jira.domain.com[xx.xx.xx.xx]

May 2 15:56:28 groupware postfix/pipe[16555]: A7BD2D8CAA2: to=<user@domain.com>, relay=dovecot, delay=0.03, delays=0.01/0/0/0.02, dsn=2.0.0, status=sent (delivered via dovecot service)

May 2 15:56:28 groupware postfix/qmgr[15654]: A7BD2D8CAA2: removed

May 2 15:56:37 groupware postfix/anvil[15829]: statistics: max connection rate 10/60s for (smtpd:xx.xx.xx.xx) at May 2 15:56:28

May 2 15:56:37 groupware postfix/anvil[15829]: statistics: max connection count 1 for (submission:xx.xx.xx.xx) at May 2 15:47:00

May 2 15:56:37 groupware postfix/anvil[15829]: statistics: max cache size 4 at May 2 15:52:21

May 2 15:56:38 groupware postfix/smtpd[16551]: lost connection after AUTH from jira.domain.com[xx.xx.xx.xx]

May 2 15:56:38 groupware postfix/smtpd[16551]: disconnect from jira.domain.com[xx.xx.xx.xx]

May 2 15:56:38 groupware postfix/postscreen[16543]: CONNECT from [xx.xx.xx.xx]:54780

May 2 15:56:38 groupware postfix/postscreen[16543]: PASS OLD [xx.xx.xx.xx]:54780

May 2 15:56:38 groupware postfix/smtpd[16551]: connect from jira.domain.com[xx.xx.xx.xx]

May 2 15:56:48 groupware postfix/smtpd[16551]: lost connection after AUTH from jira.domain.com[xx.xx.xx.xx]

May 2 15:56:48 groupware postfix/smtpd[16551]: disconnect from jira.domain.com[xx.xx.xx.xx]


Is the mail server blocking the jira server because the jira server tries to send to many mails at once? Or what can be the problem? The mails arrive all, but later and sometimes it took 1.5 hours until the notification mails arrives. If in the Jira are only 3 or 4 tickets edited, all works well.

Please let me know if you need additional information about our setup or something like this 😉

Mac Pro, Mac OS X (10.7.3)

Posted on May 2, 2012 7:33 AM

Reply
7 replies
User profile for user: Camelot
Camelot
User level: Level 9
54,333 points

May 2, 2012 1:43 PM in response to s.mann

You're certainly getting rate-limited. You can see this from the logs:


May 2 15:56:37 groupware postfix/anvil[15829]: statistics: max connection rate 10/60s for (smtpd:xx.xx.xx.xx) at May 2 15:56:28


Anvil is postfix's connection/rate limiting process, and you can see it's set to limit any client to a maximum of 10 connections in any 60 second period.


You have several potential solutions to this. Ultimately your best bet is to setup a specific port on your server (i.e. not port 25) that isn't subject to the rate limiting, then configure your Jira server to submit mail through that port rather than the standard 25/587.


To do this requires getting under the hood of Postfix, though - it's not something that Server Admin/Server.app can do for you.

Reply
User profile for user: s.mann
s.mann Author
User level: Level 1
8 points

May 2, 2012 2:48 PM in response to Camelot

Camelot!! Thx.. this answer is exactly what i expected. The solutions sounds ok for me and we know how to look under the hood of the server stuff 😉

But if i can't figure it out i hope i can ping you again?

We already tried to increase the 'smtpd_soft_error_limit' but it didn't solved the problem. Thx for your reply so far, i will try this..

Reply
User profile for user: Camelot
Camelot
User level: Level 9
54,333 points

May 2, 2012 8:38 PM in response to s.mann

smtpd_soft_error_limit has nothing to do with client rate liming - it's how many times postfix will re-try to send an email that has a transient error - such as the remote server not responding (as opposed to a 'hard error' such as a 'no such user' error - i.e. soft errors are ones that might not happen again next time, whereas a hard error is going to definite.


The settings you're looking for are


-o smtpd_client_connection_count_limit=0

-o smtpd_client_connection_rate_limit=0


since these directly relate to client connections. Naturally you don't want to do this on your public-facing ports since you open yourself up to attack.

Reply
User profile for user: Camelot
Camelot
User level: Level 9
54,333 points

May 3, 2012 9:04 AM in response to pyroworx

Pyro,


is it possible to solve this problem with this setting?


-o smtpd_client_event_limit_exceptions = $mynetworks, <jira-server-address>


Probaby - like I said, there are many potential solutions and that one should work just as well.

Personally, though, I prefer not to futz with the standard port 25 configurations, but without knowing the network setup it's hard to know which is 'best'. This option might be better if the jira server is coming over the WAN since my earlier suggestion could expose the server to unwanted traffic. A lot depends on the network topology.

Reply

lost connection after AUTH from server.domain.com[xx.xx.xx.xx]

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.
Learn more Sign up