On 2006-04-18, at 1940, Jesse Sanford wrote:
They appear to hang after the attempt to dump the msg into the working Maildir.From qmail-smtpd log: 2006-04-17 14:00:52.430491500 tcpserver: pid 9220 from 128.32.61.1062006-04-17 14:00:52.447959500 tcpserver: ok 9220 mail.seedboxconnect.com:10.0.0.3:25 smtp-out1.berkeley.edu: 128.32.61.106::37978From qmail-queue.log:Mon, 17 Apr 2006 14:00:53 PDT:9221: +++ starting debugging for process 9221 by uid=89 Mon, 17 Apr 2006 14:00:53 PDT:9221: setting UID to EUID so subprocesses can access files generated by this scriptMon, 17 Apr 2006 14:00:53 PDT:9221: program name is qmail-scanner- queue.pl, version 2.00 Mon, 17 Apr 2006 14:00:53 PDT:9221: w_c: mkdir /var/spool/qscan// tmp/seedboxconnect.com11453076535409221Mon, 17 Apr 2006 14:00:53 PDT:9221: w_c: start dumping incoming msg into /var/spool/qscan//working/tmp/seedboxconnect.com11453076535409221 [0.002144]Dir /var/spool/qscan//tmp/seedboxconnect.com1145307653540 is empty as is the file in working/tmp:-rw-rw---- 1 qscand qscand 0 Apr 17 14:00 seedboxconnect.com11453076535409221Other info: softlimit is 40000000, which the FAQ suggests is higher than necessary. Not sure if that could have side effects here. Most of the zero-length entries in working/tmp trace back to a log pattern like the one above. There are also some 24+ hour-old non- zero files but they are far fewer in number. Originating smtp servers vary.
i haven't used a "softlimit" at all. most people use it because they're copying an install guide which has it in there. it's only there because it is theoretically possible to cause a denial of service through memory exhaustion, but in seven years of building and running qmail systems, i have yet to hear of it happening.
try removing the "softlimit nnnn" portion of the command line. it may help, or it may have no effect at all- but it's certainly worth trying.
Thanks again for any suggestions. Maybe qmail-smtpd can be compiled with a debug mode to log its smtp conversations -- could let me track what is supposed to be transmitted. Looking into that next.
there is no such option for qmail-smtpd itself. there is, however, a program called "recordio" (part of the ucspi-tcp package, if you have "tcpserver" then you also have "recordio") which can be added to the "exec tcpserver ... qmail-smtpd" command line, which will cause the SMTP conversation to be written to the qmail-smtpd log file.
http://cr.yp.to/ucspi-tcp/recordio.html
the place to insert it would be directly in front of "qmail-smtpd" on
the command line, or if you're also using rblsmtpd and you want to
watch rblsmtpd working as well as qmail-smtpd, then insert it just
before "rblsmtpd" on the command line. (and wherever you insert it,
don't forget to restart the qmail-smtpd service using "svc -t" after
changing the "run" script.)
a few things to be aware of:(1) using recordio will make the log file grow much larger than it normally does. once you're done with it, don't forget to pull it out of the command line (and restart the qmail-smtpd service, of course.)
(2) if the connection is encrypted, recordio will probably log the encrypted garbage- which doesn't help you any, and which uses 2-3 times more disk space than just logging the SMTP conversation normally.
(3) if you are using AUTH, the actual AUTH commands will be logged as well. for the AUTH PLAIN or AUTH LOGIN methods, the command you see in the log can be decoded to find the password. be careful with who has access to the log files.
it may also help to manually walk through an SMTP session. i actually wrote this page to explain how to test the AUTH command, but it does show how to manually do an SMTP transaction. if you're not using AUTH, you can ignore the AUTH-related stuff, and after doing your EHLO command, jump directly to the end of the page with the MAIL FROM, RCPT TO, and DATA commands.
http://qmail.jms1.net/test-auth.shtml
--------------------------------------------------
| John M. Simpson - KG4ZOW - Programmer At Large |
| http://www.jms1.net/ <[EMAIL PROTECTED]> |
--------------------------------------------------
| Mac OS X proves that it's easier to make UNIX |
| pretty than it is to make Windows secure. |
--------------------------------------------------
PGP.sig
Description: This is a digitally signed message part
