I've seen similar weird behaviour too. I'm not sure if it has something
in common, but the 'retry timeout exceeded' message did ring a bell.

The scenario: An e-mail was sent to ***@domain.tld, which has two
MXes, alternator.domain.tld and rotanretla.domain.tld; both have
Postfix with sender callouts enabled.

Because both the MXes don't have any ident daemon running and in my
setup there was a rfc1413_query_timeout set to 10s, the situation was as
follows:

myhost.tld -> alternator [conn. 1] EHLO (and stuff)
alternator -> myhost.tld [conn. 2] EHLO (callout), 10s for banner,
probable timeout
alternator -> myhost.tld [conn. 1] 450
myhost.tld -> rotanretla [conn. 3] EHLO (and stuff)
rotanretla -> myhost.tld [conn. 4] EHLO (callout), 10s for banner,
probable timeout
rotanretla -> myhost.tld [conn. 3] 450

So far, so good. Then, something unexpected: the exim daemon creates
immediate bounce for that mail:

--8<--
***@domain.tld
SMTP error from remote mailer after RCPT TO:<***@domain.tld>:
host rotanretla.domain.tld [xxx.xxx.xxx.xxx]: 450 <***@myhost.tld>:
Sender address rejected: unverified address: Address verification in progress:
[this is the error message from the remote server]
retry timeout exceeded
[and this is what the exim has to say in that situation]
--8<--

The behaviour was triggered by two immediate 450s from both the MXes on
the receiving side. Retry rules are pretty standard:

* * F,2h,15m; G,16h,1h,1.5; F,4d,6h

No additional retry controls are set. The exim version is 4.50 (the
Debian package 4.50-5), with a simple, one-file configuration /I don't
use the default Debian way of the Exim configuration/.

Kind regards
Jubal
--
[ Miros/law L Baran, baran-at-knm-org-pl, neg IQ, cert AI ] [ 0101010 is ]
[ BOF2510053411, makabra.knm.org.pl/~baran/, alchemy pany ] [ The Answer ]

Things are more like they used to be than they are now.

That particular problem has indeed gone away as we have no customers with
broken mail servers at the moment. I am seeing something very similar with
outgoing email (this came to light yesterday after Yahoo! decided to
"de-prioritize" our mail servers). I can see that domains are getting
marked as past their final cutoff in the retry DB file:

[***@f2.mail exim/log]% exinext <domain>.com
Transport: <ipaddr> [<ipaddr>] error 110: Connection timed out
first failed: 26-Apr-2005 01:18:00
last tried: 27-Apr-2005 00:10:41
next try at: 27-Apr-2005 10:50:41
past final cutoff time

[***@f2.mail exim/log]% exim -brt <domain>.com
Retry rule: * * F,2h,15m; F,16h,1h; F,4d,8h;

I'm not sure how to get more useful debug information, as I presume the
issue is with the delivery attempt which sets the 'past final cutoff time'
flag (as testing a domain which is already failed simply shows it being
rejected because that flag is set).

mrj
--
Mark Rigby-Jones, Operations Manager @ Community Internet plc
Windsor House, 12 High Street, Kidlington, Oxford OX5 2PJ, UK
Tel: +44-1865-856000 (Direct: +44-1865-856009) Fax: +44-1865-856001
***@community.net.uk <*> http://www.community.net.uk/~mrj