Upgraded bind daemon to fix/cover latest root exploits. I now
have 30-120 second timeouts for SMTP or POP-3 connections. ????
Everything else continues to work as before (all the usual: ftp, nntp,
http, etc., + even some bizare custom stuff I'm using here and there; all
works fine). I am out of my league at this point, and was hoping some of
the smarter-than-mine minds on the list might be able to lend some
suggestions. Tecnical details below:
General setup:
Linux 2.0.38 (RH 5.2 based), qmail 1.03 (no patches/mods), xinetd
2.1.8.6b7, tcpwrapers 7.6 (used to setenv RELAYCLIENT for qmail-smtpd, not
at all for pop-3), bind 8.2.2P3 (installed from RedHat's posted RPM to fix
overflow problems), and nothing else (other than base Linux distro stuff)
in common betwixt the boxes... The one and only change made recently was
the bind upgrade (hence my suspicion that it's the root cause).
What I've done to try and figure it out so far (not in exactly
this order):
1. Checked all logfiles for error messages relating to qmail: found none
2. tail -f'd all related logfiles, and telneted to smtp and pop3 ports:
get instant notification of connection from xinetd; ps axf shows tcp-env +
smtpd or pop3 has started instantly
3. Timed the timeout to see if there was an exact length of time it
waited for: averages 30-90 seconds, but can range as high as 120 seconds
(and presumably higher, at 120 seconds I gave up on it).
4. Recompiled/reinstalled qmail on one of the boxes: no noticable
improvements.
5. Verified that all other services were working properly, without
delays: they are.
6. Rebooted boxen: no improvements
7. Cursed loudly: didn't help
8. Searched through recent qmail mailing list messages (last few days)
for possibly related problems: didn't see any
9. Rebuilt from src RPM's of previously used version of bind using the
StackGuard GCC compiler, in hopes that it might restore qmail to service,
and keep out crackers as well: no noticable results.
10. Repeated test steps outlined above: still broken.
11. Recompiled/reinstalled qmail again: still broken.
12. Cursed more loudly than before, and for longer period of time: still
no results.
13. Repeated steps above: no changes in status
14. Sent e-mail to qmail mailing list, in hopes that someone smarter than
I will know what the problem is/might be, or at least have some new ideas
of what I might try at this point.
Any help will be GREATELY appreciated.
--A.L.Lambert
