I seem to have having an issue where all emails from eBay SMTP servers are getting dropped by Exim.
From the exim_mainlog:
4-21 07:02:37 SSL_write: (from mxphxpool2044.ebay.com [66.211.185.207]:22047) syscall: Connection reset by peer
2020-04-21 07:02:37 SSL_write: (from mxphxpool2044.ebay.com [66.211.185.207]:22047) syscall: Broken pipe
2020-04-21 07:02:37 SMTP connection from mxphxpool2044.ebay.com [66.211.185.207]:22047 lost while reading message data (header)
2020-04-21 08:02:49 SMTP connection from [66.211.185.207]:54807 (TCP/IP connection count = 17)
2020-04-21 08:04:25 SSL_write: (from mxphxpool2044.ebay.com [66.211.185.207]:54807) syscall: Connection reset by peer
2020-04-21 08:04:25 SSL_write: (from mxphxpool2044.ebay.com [66.211.185.207]:54807) syscall: Broken pipe
2020-04-21 08:04:25 SMTP connection from mxphxpool2044.ebay.com [66.211.185.207]:54807 lost while reading message data (header)
2020-04-21 09:04:50 SMTP connection from [66.211.185.207]:41235 (TCP/IP connection count = 17)
2020-04-21 09:06:27 SSL_write: (from mxphxpool2044.ebay.com [66.211.185.207]:41235) syscall: Connection reset by peer
2020-04-21 09:06:27 SSL_write: (from mxphxpool2044.ebay.com [66.211.185.207]:41235) syscall: Broken pipe
2020-04-21 09:06:27 SMTP connection from mxphxpool2044.ebay.com [66.211.185.207]:41235 lost while reading message data (header)
2020-04-21 10:03:00 SMTP connection from [66.211.185.207]:10849 (TCP/IP connection count = 23)
2020-04-21 10:04:37 SSL_write: (from mxphxpool2044.ebay.com [66.211.185.207]:10849) syscall: Connection reset by peer
2020-04-21 10:04:37 SSL_write: (from mxphxpool2044.ebay.com [66.211.185.207]:10849) syscall: Broken pipe
2020-04-21 10:04:37 SMTP connection from mxphxpool2044.ebay.com [66.211.185.207]:10849 lost while reading message data (header)
2020-04-21 11:02:07 SMTP connection from [66.211.185.207]:20545 (TCP/IP connection count = 20)
2020-04-21 11:03:43 SSL_write: (from mxphxpool2044.ebay.com [66.211.185.207]:20545) syscall: Connection reset by peer
2020-04-21 11:03:43 SSL_write: (from mxphxpool2044.ebay.com [66.211.185.207]:20545) syscall: Broken pipe
2020-04-21 11:03:43 SMTP connection from mxphxpool2044.ebay.com [66.211.185.207]:20545 lost while reading message data (header)
2020-04-21 12:01:16 SMTP connection from [66.211.185.207]:25443 (TCP/IP connection count = 17)
2020-04-21 12:02:53 SSL_write: (from mxphxpool2044.ebay.com [66.211.185.207]:25443) syscall: Connection reset by peer
2020-04-21 12:02:53 SSL_write: (from mxphxpool2044.ebay.com [66.211.185.207]:25443) syscall: Broken pipe
2020-04-21 12:02:53 SMTP connection from mxphxpool2044.ebay.com [66.211.185.207]:25443 lost while reading message data (header)
2020-04-21 13:05:45 SMTP connection from [66.211.185.207]:41601 (TCP/IP connection count = 13)
2020-04-21 13:07:22 SSL_write: (from mxphxpool2044.ebay.com [66.211.185.207]:41601) syscall: Connection reset by peer
2020-04-21 13:07:22 SSL_write: (from mxphxpool2044.ebay.com [66.211.185.207]:41601) syscall: Broken pipe
2020-04-21 13:07:22 SMTP connection from mxphxpool2044.ebay.com [66.211.185.207]:41601 lost while reading message data (header)
2020-04-21 14:03:02 SMTP connection from [66.211.185.207]:19201 (TCP/IP connection count = 11)
2020-04-21 14:04:39 SSL_write: (from mxphxpool2044.ebay.com [66.211.185.207]:19201) syscall: Connection reset by peer
2020-04-21 14:04:39 SSL_write: (from mxphxpool2044.ebay.com [66.211.185.207]:19201) syscall: Broken pipe
2020-04-21 14:04:39 SMTP connection from mxphxpool2044.ebay.com [66.211.185.207]:19201 lost while reading message data (header)
So its not isolated to one particular eBay host, its them all however the error (Broken pipe) only occurs with incoming email from ebay (obviously one failure out of thousands of hosts sending us emails successfully)
Any suggestions? I thinking perhaps a cipher mismatch perhaps on the SSL connection from their servers?
My openssl connection config is "+no_sslv2 +no_tlsv1" and cipher list is:
ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS
Suggestions welcome.
Regards
Neil
From the exim_mainlog:
4-21 07:02:37 SSL_write: (from mxphxpool2044.ebay.com [66.211.185.207]:22047) syscall: Connection reset by peer
2020-04-21 07:02:37 SSL_write: (from mxphxpool2044.ebay.com [66.211.185.207]:22047) syscall: Broken pipe
2020-04-21 07:02:37 SMTP connection from mxphxpool2044.ebay.com [66.211.185.207]:22047 lost while reading message data (header)
2020-04-21 08:02:49 SMTP connection from [66.211.185.207]:54807 (TCP/IP connection count = 17)
2020-04-21 08:04:25 SSL_write: (from mxphxpool2044.ebay.com [66.211.185.207]:54807) syscall: Connection reset by peer
2020-04-21 08:04:25 SSL_write: (from mxphxpool2044.ebay.com [66.211.185.207]:54807) syscall: Broken pipe
2020-04-21 08:04:25 SMTP connection from mxphxpool2044.ebay.com [66.211.185.207]:54807 lost while reading message data (header)
2020-04-21 09:04:50 SMTP connection from [66.211.185.207]:41235 (TCP/IP connection count = 17)
2020-04-21 09:06:27 SSL_write: (from mxphxpool2044.ebay.com [66.211.185.207]:41235) syscall: Connection reset by peer
2020-04-21 09:06:27 SSL_write: (from mxphxpool2044.ebay.com [66.211.185.207]:41235) syscall: Broken pipe
2020-04-21 09:06:27 SMTP connection from mxphxpool2044.ebay.com [66.211.185.207]:41235 lost while reading message data (header)
2020-04-21 10:03:00 SMTP connection from [66.211.185.207]:10849 (TCP/IP connection count = 23)
2020-04-21 10:04:37 SSL_write: (from mxphxpool2044.ebay.com [66.211.185.207]:10849) syscall: Connection reset by peer
2020-04-21 10:04:37 SSL_write: (from mxphxpool2044.ebay.com [66.211.185.207]:10849) syscall: Broken pipe
2020-04-21 10:04:37 SMTP connection from mxphxpool2044.ebay.com [66.211.185.207]:10849 lost while reading message data (header)
2020-04-21 11:02:07 SMTP connection from [66.211.185.207]:20545 (TCP/IP connection count = 20)
2020-04-21 11:03:43 SSL_write: (from mxphxpool2044.ebay.com [66.211.185.207]:20545) syscall: Connection reset by peer
2020-04-21 11:03:43 SSL_write: (from mxphxpool2044.ebay.com [66.211.185.207]:20545) syscall: Broken pipe
2020-04-21 11:03:43 SMTP connection from mxphxpool2044.ebay.com [66.211.185.207]:20545 lost while reading message data (header)
2020-04-21 12:01:16 SMTP connection from [66.211.185.207]:25443 (TCP/IP connection count = 17)
2020-04-21 12:02:53 SSL_write: (from mxphxpool2044.ebay.com [66.211.185.207]:25443) syscall: Connection reset by peer
2020-04-21 12:02:53 SSL_write: (from mxphxpool2044.ebay.com [66.211.185.207]:25443) syscall: Broken pipe
2020-04-21 12:02:53 SMTP connection from mxphxpool2044.ebay.com [66.211.185.207]:25443 lost while reading message data (header)
2020-04-21 13:05:45 SMTP connection from [66.211.185.207]:41601 (TCP/IP connection count = 13)
2020-04-21 13:07:22 SSL_write: (from mxphxpool2044.ebay.com [66.211.185.207]:41601) syscall: Connection reset by peer
2020-04-21 13:07:22 SSL_write: (from mxphxpool2044.ebay.com [66.211.185.207]:41601) syscall: Broken pipe
2020-04-21 13:07:22 SMTP connection from mxphxpool2044.ebay.com [66.211.185.207]:41601 lost while reading message data (header)
2020-04-21 14:03:02 SMTP connection from [66.211.185.207]:19201 (TCP/IP connection count = 11)
2020-04-21 14:04:39 SSL_write: (from mxphxpool2044.ebay.com [66.211.185.207]:19201) syscall: Connection reset by peer
2020-04-21 14:04:39 SSL_write: (from mxphxpool2044.ebay.com [66.211.185.207]:19201) syscall: Broken pipe
2020-04-21 14:04:39 SMTP connection from mxphxpool2044.ebay.com [66.211.185.207]:19201 lost while reading message data (header)
So its not isolated to one particular eBay host, its them all however the error (Broken pipe) only occurs with incoming email from ebay (obviously one failure out of thousands of hosts sending us emails successfully)
Any suggestions? I thinking perhaps a cipher mismatch perhaps on the SSL connection from their servers?
My openssl connection config is "+no_sslv2 +no_tlsv1" and cipher list is:
ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS
Suggestions welcome.
Regards
Neil