George,
Your timing on this is impeccable. I'm presently working at tuning up a
toaster that's approaching 1/s pieces of mail. Scanning is presently turned
off, so cpu isn't strained at all.
Some smtp sessions seem to hang though. I initially had just the 1 default
RBL, and things were backing up then. I changed to the 7 RBLs listed on the
wiki, many more were caught there, and now there's some breathing room. I
see periodic smtp ended status 256 messages. Other smtp sessions hang on for
10, 30, 60+ minutes. After 90 minutes or so I've been killing them, but
was wondering about timeouts. The default is supposed to be 1200 seconds. Is
it possible that the connection is just getting enough data through to keep
the session alive? Maybe sort of like a DOS? I saw a bunch of them today
that hit all at once, from Cairo Egypt. Thoughts/recommendations?
I don't think that the associated rblsmtpd is hanging, but to be honest I
haven't looked closely at that possibility.
George Sweetnam wrote:
451's can be generated in different places....
rblsmtpd -b will give 451 -B gives 553 (what I use because I don't want it
confused with out of memory errors).
I'll consider this. I hadn't looked at 'man rblsmtpd' before now.
Oh, one side effect of using multiple rbls... make sure they are VERY
reliable. If they don't work your smtp session could be sitting on it and
timing out -t 300 is 5 minutes (I use 20 seconds).
I'm wondering what the default value is (appears to be inifinite). Any idea?
I've had users complain
about our server being down in the past when it was actually an rbl which
was not responding! Just image a server with 3-5 pieces of mail a second
getting a 5 minute timeout on an rbl... 18000 messages in the queue very
quickly (about an hour). Someday I might convert the big server to a
toaster, but it's not rpm based and is still using vpasswd files (w /1500
domains) which is a bigger project than I can spare the time for right now.
I'd also recommend checking the spamd logs and seeing if there are errors
about needing more children or reaching the max setting. When all else
fails you can test from the command line sending mail and watch where it's
failing easily.
Good advice. Thanks!
George Sweetnam
----- Original Message -----
From: "Eric "Shubes"" <[EMAIL PROTECTED]>
To: <[email protected]>
Sent: Tuesday, August 29, 2006 2:39 PM
Subject: Re: [qmailtoaster] incoming mail delay, tcpserver status 256,
delayed simscan logging, lost mail
Eric "Shubes" wrote:
I haven't otherwise noticed missing email (except with lists that don't
consider domainkeys). This one is confirmed not spam, and the sending
server repeats every 15 minutes like clockwork. Do you suppose I should
turn recordio on for a spell?
I don't think the failure is in SURBL, because it appears that smtp is
failing very shortly after handing off to SA. Besides which, simscan
reports the message as clean.
I'm not sure about Nate's problem either, but it could be related. Is
nate getting tcpserver end <pid> status 256?
Ok, here's the log with recordio running:
2006-08-29 11:35:39.716219500 17585 < <meta name="s+
2006-08-29 11:35:39.717060500 17585 > 451 See
http://pobox.com/~djb/docs/smtplf.html.^M
2006-08-29 11:35:39.718514500 17585 > [EOF]
2006-08-29 11:35:39.719922500 tcpserver: end 17585 status 256
2006-08-29 11:35:39.720051500 tcpserver: status: 1/100
2006-08-29 11:35:42.999573500 simscan:[1]:CLEAN
(0.60/12.00):3.4350s:Long-Term Care Insurance:66.150.173.104::
2006-08-29 11:36:34.725007500 tcpserver: status: 0/100
In the words of Chief Inspector Clouseau, "Ah yes, the old smtplf ploy". ;)
Looks as if the incoming email is malformed. My question then becomes, if
smtp is sending a temporary failure (451) message to the sender, then why is
simscan processing it?
--
-Eric 'shubes'
---------------------------------------------------------------------
QmailToaster hosted by: VR Hosted <http://www.vr.org>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
