On Wed, Dec 05, 2001 at 12:22:21PM +0100, Krzysztof Mazurczyk wrote: > > Is your mail server protected by netfilter firewall? If so, I'm suppose that > problem of duplicating mail is caused by netfilter. Let's consider following > scenario: Yep, using iptables on 2.4.14 kernel running potato with Adrian Bunk's packages for 2.4 kernels. > > 1) Remote mail server connects to local mail server and sends a mail. > 2) Local mail server store the mail. > 3) Mail servers exchange FIN packets. > 4) Because of netfilter error (closing connections too early) one of FIN > packet is dropped. > 5) Remote server repeats transfer as it supposes that connections wasn't > completted so mail is duplicated. > > I observe small amount of duplicated mail and dropped FIN packets which seems > belonging to legal connections. However I haven't checked if there is > correlation between dropped packets and duplicated mail. > > Someone would like to comment? > Yep, I think you are correct. That seems to be exactly what was happening. I know that when I changed my firewall rules so that it didn't keep on dropping these "unclean" packets then the duplicates seemed to reduce, although I do still seem to get some. You explained things very well there. Thanks. Mark.
Attachment:
pgpsNjzl9ueFY.pgp
Description: PGP signature