Alexander Leidinger via Postfix-users wrote in <f1bc0fa60ee2119eebf252a3011ea...@leidinger.net>: |Am 2024-05-22 01:22, schrieb Greg Sims via Postfix-users: |> TLS connection reuse is being used. About 10% of the connections are |> reused for large volume ISPs. Small volume ISPs do not see connection |> reuse. I believe this is as expected. |> |> I did some testing of our DNS setup. A DNS query using dig is less |> than 20 msec for both our primary and secondary dns servers in |> /etc/resolv.conf -- see below. | |If all else fails: |The truth can often be seen on the wire. Make a packet trace which |covers the time from "here is the mail you have to send to google" to a |successful delivery and inspect it in wireshark. For TLS traffic you |need the cert/key in wireshark. Do not only trace the smtp traffic, but |all traffic. Inspect what the system is doing (e.g. DNS lookups) and |correlate that to the traffic you see (you can change how timestamps are |displayed in wireshark). This may indicate where those 25 seconds are |spend. | |This is a steep learning curve if you are not familiar already with |interpreting network packets, the smtp protocol, DNS, and wireshark. If |those skills are already available, it may lead to detecting the cause |of what you see faster than the back and forth with guesses here on the |mailinglist.
I have not closely followed the thread, but if it is about "hangs" or "delays" on startup, and here "startup" is a wide field given that postfix is biologically recreating itself anew out of its own "all the time", it might be worth .. that: [.]calls the function uname(2)∞ in order to query the nodename of the box (sometimes the real one is needed instead of the one represented by the internal variable hostname†). One may have varying success by ensuring that the real host‐ name and ‘localhost’ have entries in /etc/hosts, or, more generally, that the name service is properly setup – and does hostname(1)∞ return the ex‐ pected value? Does this local hostname have a domain suffix? RFC 6762 standardized the link-local top-level domain ‘.local’, try again after adding an (additional) entry with this extension. (postfix uses gethostname, but it could still end up uname.) I myself have further problems with ssh(1) and my VMs, because that is all (boxed and) DHCP via dnsmasq, and that does not realize that despite the IPv4 it gives a host authoritatively the same hostname should not cause IPv6 queries over the network (ie i occasionally forget to do use the -4 flag, but i reported that years ago as i think it should not be needed since we have authoritatively served a name, no, and despite that say nothing, i have "Host 203.0.113.*" in ssh config, but somehow it skips that for some, uses the stuff from "Host *", whatever *that* is.) Just an idea, Ciao, --steffen | |Der Kragenbaer, The moon bear, |der holt sich munter he cheerfully and one by one |einen nach dem anderen runter wa.ks himself off |(By Robert Gernhardt) _______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
