Actually, my question may not require the expertise of a famous Belgian
detective, so one of you guys might be able to help...
Server: MX and POP qmail server
Problem: Inbound mail taking unusually long to arrive
When I examined the system, it appeared to be neither cpu, memory, nor i/o
bound. Also, checking the various logs, none of the following concurrencies
were maxed: local, remote, smtp, pop. Also, the error log reported no errors
(such as "unable to fork", etc).
However, when I ran qmail-qstat, it showed ~3300 messages in the queue
(normally this is closer to 400). In the past, this has indicated an
onslaught on spam. But if resources are available, and smtp and local have
concurrency available, I don't understand why ANY incoming message would not
show up in someone's mailbox promptly.
So after an hour or so of analysis, I noticed that the queue was finally
beginning to slowly but steadly drop on its own, and when it dropped to
~1900, some of my own delayed messages arrived, and I assumed the problem
was on its way out, so I left it to heal on its own.
One more thing: normally with spam, the spammer uses an invalid return
address, so the bounces retry in the queue for days before expiring. Perhaps
this spammer used a valid return address, so the bounces delivered promptly,
and were removed from the queue right away. So that might explain why the
queue dropped quickly. But I still don't see why incoming mail would be
delayed.
Your thoughts and analysis are greatly welcome!
Dave
:)
______________________
For whatever it's worth, below is ONE of the more common spam messages I
found in the queue during that time. I have no idea if it was the main
culprit:
--- Below this line is a copy of the message.
Return-Path: <[EMAIL PROTECTED]>
Received: (qmail 62456 invoked from network); 28 Aug 2000 21:09:58 -0000
Received: from relay3.mail.uk.psi.net (154.32.109.6)
by bsdpop.netcarrier.net with SMTP; 28 Aug 2000 21:09:58 -0000
Received: from gate.first-inertia.co.uk ([195.152.181.2])
by relay3.mail.uk.psi.net with esmtp (Exim 2.12 #2)
id 13TW7S-0004js-00; Mon, 28 Aug 2000 22:07:02 +0100
Received: from oLhnYeq7q (slip-32-100-174-30.tx.us.prserv.net
[32.100.174.30]) b
y gate.first-inertia.co.uk with SMTP (Microsoft Exchange Internet
Mail Service V
ersion 5.5.2650.10)
id RTQXGA3J; Mon, 28 Aug 2000 22:06:34 +0100
DATE: 28 Aug 00 4:01:41 PM
FROM: [EMAIL PROTECTED]
Message-ID: <ezFuVPM23y2X7S>
SUBJECT: see for yourself
Bcc:
Greetings:
ALL new members that come into the club
COMPANY WIDE will go under YOU.
A true VERTICAL downline.
YOU can easily get 200 members
under YOU in a month!
How would you like a GUARANTEED
minimum commission every month?
JOIN FREE!!!!!!! JOIN FREE!!!!!!!
To join our FREE postlaunch program
mailto:[EMAIL PROTECTED]?subject=SignMeUp
and type your FIRST AND
LAST NAME as text. That's it.
We'll handle the rest.
all information comes with your membership, no obligation
to be removed from our mailing list
mailto:[EMAIL PROTECTED]?subject=remove
