Re: [AMaViS-user] too many disconnects -- help

Sun, 04 Jun 2006 07:25:38 -0700 

--- Mark Martinec <[EMAIL PROTECTED]> wrote:

> Peter,
> 
> > > ICMP type 3 must not be blocked by a firewall!
> 
> > Are talking about outbound or inbound ICMP?  I allow all outbound
> > traffic to exit unmolested.  My f/w is blocking *occasional*
> inbound
> > ICMP type 3 code 1. Meanwhile, disconnections are occurring like
> this:
> 
> This is probably unrelated to your immedate problem,
> although it deserves to be put right nevertheless.
> 
> I'm talking about both incoming and outgoing ICMP type 3 packets.
> 
> Blocked incoming type 3 code 0..3,9..13 packet would cause your
> client
> (Postfix smtp service or any other tcp client such as www, ssh)
> to linger waiting for a connection establishment and eventually
> timing out, while it could otherwise terminate immediately and
> notify user (or log) the actual reason for a reject.
> 
> Blocked incoming or outgoing type 3 code 4 packet (Fragmentation
> Needed
> and Don't Fragment was Set) makes max fragment size negotiation
> impossible,
> which manifests in some mail or some web pages being partly
> or fully inaccessible, while others would work normally.
> 
> Blocking ICMP type 3 is evil!

Mark,

Thank you for your thorough answer.

It seems that the main problem was the low number of processes I had
allocated to postfix inside master.cf.  I changed it from 5 to 150 and
disconnects were reduced dramatically.  Those I still register are
either from "unknown" (unresolvable) or from dubiously-named hosts. 
But I still get one distressing disconnect:

     disconnect from localhost.domain.com[127.0.0.1]

When I look at the context I see:

Jun  4 10:19:32 host postfix/smtpd[23634]: connect from
localhost.domain.com[127.0.0.1]
Jun  4 10:19:32 host postfix/smtpd[23634]: 764E1DD883:
client=localhost.domain.com[127.0.0.1]
Jun  4 10:19:32 host postfix/smtpd[23634]: disconnect from
localhost.domain.com[127.0.0.1]

Where host.domain.com is the name of my machine.

Is this someone trying to spoof my machine?

__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 


_______________________________________________
AMaViS-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/

Reply via email to