Okay, after much thinking and testing, I think I have figured out
what the problems are. They seem to be related to tcp-env and name
resolution (fwd and reverse). Why I never saw these problems before
yesterday confuses me, but the facts speak for themselves.
1. Qmail has stopped resolving anything in /etc/hosts. I find this very
bizare, as everything else on the system still seems to work fine with
/etc/hosts only entry's that have no corrosponding DNS entry (the
localhost<->127.0.0.1 maping failing for a smtproute to an alpha-pager
program was how I figured this out). /etc/host.conf is properly configured
(order hosts,bind ; multi on).
2. A delay has been introduced for any host for which both forward and
reverse DNS resolution is not possible. After digging through the
doc's/faq's, this would seem to have been the expected behavior, however I
had never seen it until yesterday... ???
For a solution, I've got a bunch of dummy DNS entry's for local stuff that
doesn't speak to the Internet (previously only listed in /etc/hosts), and
I've also gone through and fixed some reverse DNS on a few things that I
had let slide because they weren't causing any problems previous to this,
and I had other fires to put out, so for now the problems are more/less
negated. Anyhoo, I thought I would post the follow-up to the list so that
anyone else who runs into similar situations might benefit from my
experience (or lack thereof, as the case may be) :) Also, thanks to
Jacob, who's comments about some problems he once had led me to start
checking /etc/hosts resolution. Cheers!
--A.L.Lambert
(original post below)
> Upgraded bind daemon to fix/cover latest root exploits. I now
> have 30-120 second timeouts for SMTP or POP-3 connections. ????
> Everything else continues to work as before (all the usual: ftp, nntp,
> http, etc., + even some bizare custom stuff I'm using here and there; all
> works fine). I am out of my league at this point, and was hoping some of
> the smarter-than-mine minds on the list might be able to lend some
> suggestions. Tecnical details below:
>
> General setup:
>
> Linux 2.0.38 (RH 5.2 based), qmail 1.03 (no patches/mods), xinetd
> 2.1.8.6b7, tcpwrapers 7.6 (used to setenv RELAYCLIENT for qmail-smtpd, not
> at all for pop-3), bind 8.2.2P3 (installed from RedHat's posted RPM to fix
> overflow problems), and nothing else (other than base Linux distro stuff)
> in common betwixt the boxes... The one and only change made recently was
> the bind upgrade (hence my suspicion that it's the root cause).
>
> What I've done to try and figure it out so far (not in exactly
> this order):
>
> 1. Checked all logfiles for error messages relating to qmail: found none
>
> 2. tail -f'd all related logfiles, and telneted to smtp and pop3 ports:
> get instant notification of connection from xinetd; ps axf shows tcp-env +
> smtpd or pop3 has started instantly
>
> 3. Timed the timeout to see if there was an exact length of time it
> waited for: averages 30-90 seconds, but can range as high as 120 seconds
> (and presumably higher, at 120 seconds I gave up on it).
>
> 4. Recompiled/reinstalled qmail on one of the boxes: no noticable
> improvements.
>
> 5. Verified that all other services were working properly, without
> delays: they are.
>
> 6. Rebooted boxen: no improvements
>
> 7. Cursed loudly: didn't help
>
> 8. Searched through recent qmail mailing list messages (last few days)
> for possibly related problems: didn't see any
>
> 9. Rebuilt from src RPM's of previously used version of bind using the
> StackGuard GCC compiler, in hopes that it might restore qmail to service,
> and keep out crackers as well: no noticable results.
>
> 10. Repeated test steps outlined above: still broken.
>
> 11. Recompiled/reinstalled qmail again: still broken.
>
> 12. Cursed more loudly than before, and for longer period of time: still
> no results.
>
> 13. Repeated steps above: no changes in status
>
> 14. Sent e-mail to qmail mailing list, in hopes that someone smarter than
> I will know what the problem is/might be, or at least have some new ideas
> of what I might try at this point.
>
>
> Any help will be GREATELY appreciated.
>
> --A.L.Lambert
