J Potter writes:
Sam -- I've been seeing similar problems in the past few weeks on our servers.Would it be possible to have a config option for max idletime of an smtp connection? I.e., if no data comes in or goes out for a period of, say, 120 seconds, drop the connection and have the submit process exit? (Equivalent to Apache's "Timeout" setting.)
The purpose of zombie spam senders is not to take as long as possible to send their spam. That's absurd. They will try to get through their spam load as quickly as possible. It's not that their connections are idling. Courier is forcing them to spin their wheels, through tarpitting. Look at the trace, the sender keeps sending SMTP commands. It's the tarpitting that's slowing the sender down. Were it not for tarpitting, in addition to all the connection slots getting used up, you'd also have a sky-high CPU load. The reason that strace shows activity only once every couple of minutes is because Courier is explicitly tarpitting the senders.
There is already a timeout setting: esmtptimeout (and esmtptimeoutdata). I suspect that changing esmtptimeout from its default value of 10 minutes to something smaller, like two minutes, won't make any difference. Tarpitting doesn't count towards timeouts. The maximum tarpit delay is two minutes. After two minutes, the esmtptimeout clock starts, but the zombie sender has already sent the next command.
pgpCS3GYSXaiJ.pgp
Description: PGP signature
------------------------------------------------------------------------------ Stay on top of everything new and different, both inside and around Java (TM) technology - register by April 22, and save $200 on the JavaOne (SM) conference, June 2-5, 2009, San Francisco. 300 plus technical and hands-on sessions. Register today. Use priority code J9JMT32. http://p.sf.net/sfu/p
_______________________________________________ courier-users mailing list [email protected] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
