What exactly does "stat=Deferred: Connection refused by [x.x.x.x]" mean in sendmail logs?

Mike B asked:

Can someone please clarify what exactly a sendmail log entry for stat=Deferred: Connection refused by [x.x.x.x] means?

At what point in the SMTP conversation can/will sendmail throw this error?

For example, could I get this error if sending to a remote MTA that drops my connection after DATA?

I’m sending to a downstream source and on my side, I’m seeing multiple “Deferred: Connection refused by”. As such, my MTA is retrying the message. The downstream recipient reports receiving the message multiple times but doesn’t have SMTP logs on their end to indicate exactly why they’re getting duplicates.

I’m wondering if it’s possible that the connection could be breaking AFTER I send the message payload but BEFORE the other side sends the 250 confirmation of receipt. Would that type of scenario cause a different error?

My answer:

Connection refused means what it’s always meant: The connection was never established to begin with, as nothing answered on the remote end. Specifically it means a SYN packet was answered with either an RST or an ICMP port unreachable. This happens when no server is listening to that remote port, or when a firewall is configured to explicitly refuse connections rather than drop traffic.

Obviously no SMTP conversation has taken place in this context, as no communication channel was ever opened.

It doesn’t explain why your recipient claims to have received the messages. To answer that, you’ll likely have to go further into your logs, and quite probably into their logs. And it’s rather odd that they don’t seem to have any…

View the full question and answer on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.