Re: [AMaViS-user] Amavisd-new/Postfix plugged queue (Long)

Milton Cyrus Tue, 22 Aug 2006 12:31:22 -0700

Hi.

Think you forgot to put


content_filter=smtp-amavis:[127.0.0.1]:10024

in main.conf.


On 22-aug-2006, at 19:56, Tom Gwilt wrote:

> Hi all,
>
> I would like to apolgize in advance for the length of this message.
>
> The hardware:
> Dell SC1600, Xeon 2.4G, 1G RAM, 2 18G SCSI drives
>
> Software (OS, etc)
> hostname: gw1.suite224.net
> FreeBSD 6.1
> amavisd-new amavisd-new-2.4.2 (20060627)
> postfix-2.3.20060207
> perl 5.8.8
> spamassassin 3.1.3 (running Razor2, URI checks, and a few SARE  
> rulesets)
> clamav 0.88.4
>
> Our current email setup
> cambot.suite224.net (currently primary MX) running CGatePro 4.1.8
> gw0.suite224.net (outbound mail scanner) postfix/amavisd/sa/clamd
>
> I decided to place an inbound scanner in front of cambot using
> the same basic setup as I used for outbound mail, which has worked
> perfectly for over 2 years.
>
> Changed our primary MX record to gw1 and tailed (-f) /var/log/maillog.
>
> All seemed to go well for about 25 minutes, then the mailq started  
> to grow
> and inbound mail was delayed.
>
> By the time 8 hours had passed, the mailq had grown to over 14,500
> messages and it appears that these are messages that have made it to
> postfix, but not yet to the smtp-amavis filter.
>
>> From the postfix master.cf:
>
> smtp      inet  n       -       y       -       -       smtpd
>           -o content_filter=smtp-amavis:[127.0.0.1]:10024
> smtp-amavis     unix    -       -       y       -       4       smtp
>         -o smtp_data_done_timeout=1200
>         -o smtp_send_xforward_command=yes
>         -o disable_dns_lookups=yes
>
> 127.0.0.1:10025 inet    n       -       y       -       -       smtpd
>         -o local_recipient_maps=
>         -o smtpd_restriction_classes=
>         -o smtpd_client_restrictions=
>         -o smtpd_helo_restrictions=
>         -o smtpd_sender_restrictions=
>         -o smtpd_recipient_restrictions=permit_mynetworks,reject
>         -o strict_rfc821_envelopes=yes
>
> I'm running a bounce_queue_lifetime value of 2 hours
> initial_destination_concurrency = 50
> local_transport = local
> maximal_backoff_time = 2000s
> maximal_queue_lifetime = 1d
> minimal_backoff_time = 500s
> relayhost = [72.2.95.2]
> smtp_connect_timeout = 10s
> smtp_helo_timeout = 30s
> smtpd_recipient_restrictions = permit_mynetworks,
> reject_unauth_destination, reject_non_fqdn_recipient,  
> reject_rbl_client
> sbl-xbl.spamhaus.org
>
> Here is the amavisd.conf file:
>
> use strict;
>
> $MYHOME = '/var/amavis';
> $mydomain = 'suite224.net';
> $daemon_user = 'vscan';
> $daemon_group = 'vscan';
> #$daemon_chroot_dir = $MYHOME;
> $path = '/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/usr/bin:/ 
> bin';
>
> $QUARANTINEDIR = "/$MYHOME/quarantine";
> $TEMPBASE = "/$MYHOME/tmp";
> $ENV{TMPDIR} = $TEMPBASE;
> $helpers_home = $MYHOME;
> $pid_file  = "/$MYHOME/amavisd.pid";
> $lock_file = "/$MYHOME/amavisd.lock";
> $db_home   = "/$MYHOME/db";
> $SYSLOG_LEVEL = 'mail.info';
>
> $max_servers  = 4;
> $child_timeout=20*60; # we need to adjust the timeout since it is  
> not a
> localhost transfer
>
> $inet_socket_port = 10024;
> $forward_method = 'smtp:[127.0.0.1]:10025';
> $notify_method = $forward_method;
> $inet_socket_bind = '127.0.0.1';
>
> @local_domains_maps = ( read_hash("$MYHOME/local_domains") );
> read_hash(\%local_domains, '/etc/postfix/relay_domains');
>
> $DO_SYSLOG = 1; # (1 = syslog, 0 = logfile)
> $log_level = 2; # (0-5)
>
>
> $MAXLEVELS = 14;
> $MAXFILES = 1500;
> $MIN_EXPANSION_QUOTA = 100*1024;
> $MAX_EXPANSION_QUOTA = 300*1024*1024;
>
> # SpamAssassin settings
> $final_spam_destiny = D_DISCARD; # Set to D_REJECT, D_PASS to pass  
> through
> $sa_local_tests_only = 0;
> #$sa_auto_whitelist = 1; # comment this line out to turn off auto
> whitelist
> $sa_mail_body_size_limit = 64*1024; # 64KB
> $sa_spam_level_char = 'x';
> $sa_tag_level_deflt = -999.0; # controls adding the X-Spam-Status and
> X-Spam-Level headers,
> $sa_tag2_level_deflt = 5.0; # controls adding 'X-Spam-Flag: YES', and
> editing Subject,
> $sa_kill_level_deflt = 15.0; # triggers spam evasive actions
> $sa_spam_subject_tag = '[SPAM] ';
> $spam_quarantine_to = '';
> $sa_debug = 1; # comment this line out to turn off debugging
>
> # Anti-Virus Scanner
>
> @av_scanners = (
>
> ### http://www.clamav.net/
> ['ClamAV-clamd',
>   \&ask_daemon, ["CONTSCAN {}\n", "/var/amavis/clamd.sock"],
>   qr/\bOK$/, qr/\bFOUND$/,
>   qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
> );
>
> $X_HEADER_TAG = 'X-Virus-Scanned';
>
> ### End here but keep the line below ###
>
> 1; # insure a defined return
>
> And finally, some of the log entries:
>
> Aug 22 03:58:41 gw1 postfix/qmgr[17562]: warning: mail for
> [127.0.0.1]:10024 is using up 14037 of 14037 active que
> ue entries
> Aug 22 03:58:41 gw1 postfix/qmgr[17562]: warning: you may need to  
> reduce
> smtp-amavis connect and helo timeouts
> Aug 22 03:58:41 gw1 postfix/qmgr[17562]: warning: so that Postfix  
> quickly
> skips unavailable hosts
> Aug 22 03:58:41 gw1 postfix/qmgr[17562]: warning: you may need to  
> increase
> the main.cf minimal_backoff_time and ma
> ximal_backoff_time
> Aug 22 03:58:41 gw1 postfix/qmgr[17562]: warning: so that Postfix  
> wastes
> less time on undeliverable mail
> Aug 22 03:58:41 gw1 postfix/qmgr[17562]: warning: you may need to  
> increase
> the master.cf smtp-amavis process limit
> Aug 22 03:58:41 gw1 postfix/qmgr[17562]: warning: please avoid  
> flushing
> the whole queue when you have
> Aug 22 03:58:41 gw1 postfix/qmgr[17562]: warning: lots of deferred  
> mail,
> that is bad for performance
> Aug 22 03:58:41 gw1 postfix/qmgr[17562]: warning: to turn off these
> warnings specify: qmgr_clog_warn_time = 0
>
>
> I have tried modifying the settings, but to no avail. Any suggestions?
>
> FWIW, amavisd/spamassassin caught and either blocked or flagged  
> 125,667
> SPAM messages in 13 hours.
>
> Thanks
> -- 
> Tom Gwilt
> Conneaut Telephone Company
> 224 State ST
> Conneaut OH 44030
> 440-593-7150
>
> ---------------------------------------------------------------------- 
> ---
> Using Tomcat but need to do more? Need to support web services,  
> security?
> Get stuff done quickly with pre-integrated technology to make your  
> job easier
> Download IBM WebSphere Application Server v.1.0.1 based on Apache  
> Geronimo
> http://sel.as-us.falkag.net/sel? 
> cmd=lnk&kid=120709&bid=263057&dat=121642
> _______________________________________________
> AMaViS-user mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/amavis-user
> AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
> AMaViS-HowTos:http://www.amavis.org/howto/


-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
AMaViS-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/

Re: [AMaViS-user] Amavisd-new/Postfix plugged queue (Long)

Reply via email to