Hi Eric, My situation was strange. Let me give you detail on my server:
# rpm -qa | grep toaster vpopmail-toaster-5.4.13-1.3.3 ezmlm-cgi-toaster-0.53.324-1.3.2 spamassassin-toaster-3.1.7-1.3.6 ripmime-toaster-1.4.0.6-1.3.2 qmailmrtg-toaster-4.2-1.3.2 qmail-toaster-1.03-1.3.8 qmailtoaster-plus-0.2-1.3.2 courier-authlib-toaster-0.58-1.3.3 daemontools-toaster-0.76-1.3.2 libdomainkeys-toaster-0.68-1.3.2 send-emails-toaster-0.5-1.3.2 ucspi-tcp-toaster-0.88-1.3.2 qmail-pop3d-toaster-1.03-1.3.8 control-panel-toaster-0.5-1.3.2 clamav-toaster-0.88.5-1.3.5 autorespond-toaster-2.0.4-1.3.2 maildrop-toaster-devel-2.0.2-1.3.3 simscan-toaster-1.2-1.3.2 vqadmin-toaster-2.3.4-1.3.2 courier-imap-toaster-4.1.1-1.3.3 maildrop-toaster-2.0.2-1.3.3 qmailadmin-toaster-1.2.9-1.3.3 ezmlm-toaster-0.53.324-1.3.2 isoqlog-toaster-2.1-1.3.2 squirrelmail-toaster-1.4.8-1.3.4 All of them are the current version of qt, except I've also installed Espinoza's qmail-toaster-1.03-1.3.8 so that I can use submission port. All processes were running fine. When I receive complaints from users, I couldn't find any hint. The only thing looked abnormal is large number of status 256 error logged at smtp log. To make sure they are not blocked by spamassassin or RBL, I added certain IP, which I trusted, to my tcp.smtp( <IP>:allow,RBLSMTPD="",RELAYCLIENT=""), but the situation didn't changed. To minimize the chance of timeout issue, my blacklists was changed to include only one entry: # cat blacklists -r sbl-xbl.spamhaus.org In the beginning, I also thought that the status 256 should be sort of timeout stuff. After further studying my smtp log, I found status 256 in different situations: 1. The smtp log only showed a connection, but the process ended very soon: Nov30 18:19:43 tcpserver: status: 1/100 Nov30 18:19:43 tcpserver: pid 8856 from [sender IP] Nov30 18:19:43 tcpserver: ok 8856 [mydomain]:[my IP]:25 :[sender IP]::47596 Nov30 18:19:43 tcpserver: end 8856 status 256 Nov30 18:19:43 tcpserver: status: 0/100 2. It logged CHKUSER has accepted sender and rcpt, but no email delivered to user's mail box and nothing logged at send log: Nov30 18:36:21 tcpserver: pid 9984 from [sender IP] Nov30 18:36:21 tcpserver: ok 9984 [mydomain]:[my IP]:25 :[sender IP]::53431 Nov30 18:36:21 CHKUSER accepted sender: from <[sender] <[EMAIL PROTECTED]>::> remote <[sender server]:unknown:[sender IP]> rcpt <> : sender accepted Nov30 18:36:21 CHKUSER accepted rcpt: from <[sender] <[EMAIL PROTECTED]>::> remote <[sender domain]:unknown:[sender IP]> rcpt <[rcpt]<[EMAIL PROTECTED]>> : found existing recipient Nov30 18:36:21 tcpserver: end 9984 status 256 3. Some, but not all, CHKUSER rejected may show status 256 too: Nov30 22:57:25 tcpserver: status: 1/100 Nov30 22:57:25 tcpserver: pid 24256 from 89.138.229.34 Nov30 22:57:25 tcpserver: ok 24256 [my domain]:[my local IP]:25 : 89.138.229.34::62008 Nov30 22:57:30 CHKUSER rejected sender: from <[EMAIL PROTECTED]::> remote <89-138-229-34.bb.netvision.net.il:unknown:89.138.229.34> rcpt <> : invalid sender MX domain Nov30 22:57:31 tcpserver: end 24256 status 256 Nov30 22:57:31 tcpserver: status: 0/100 As you've mentioned, we should not use such a high setting for the smtp softlimit in normal case. But in my case, I really need to. One more thing to mention: my server need to support multi-language. Best regards, Bill On 12/12/06, Eric Shubes <[EMAIL PROTECTED]> wrote:
Bill Kwok wrote: > Hi all, > > Finally, I found out why I got the status 256 error: the original > softlimit for smtpd is too small. Good find, Bill. > If you have same symptom like me (lot of smtp connections with status > 256 and nothing logged at send / spam / clam log), you better increase > the smtp softlimit. My problem didn't recover a bit even though I > increased it from 5,000,000 to 16,000,000, then even to > 24,000,000. Until today I raise it to 32,000,000, then the problem solved. I'd be careful with this. See http://www.tldp.org/HOWTO/Qmail-ClamAV-HOWTO/x277.html for recommendations. Setting this any higher than necessary might cause excessive paging. The toaster default is 12,000,000. I don't know why you should need much/any more than that. How many RBLs are you using? Also, 256 errors are 'normal' for simple timeouts when the sender isn't responding in a timely fashion. The default is 1200 (20 minutes), which I find too long. I've created a /var/qmail/control/timeoutsmtpd file (not included in basic toaster) with a value of 60. This keeps the number of active smtp sessions down a bit (from 10-20 to 5-10) on a high volume server. BL, don't go tweaking softlimit just because you're seeing 256 errors in the log. Be sure that you're missing some emails first. > I don't know if it's related, but I am using RulesDuJour to update my > spamassassin rules. I doubt it. SA runs as a separate process from smtpd. > Good Luck! > > Best regards, > Bill > > On 12/5/06, *Bill Kwok* <[EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]>> wrote: > > I am sorry I overlook something. The fact is: > > > 1. The tcpserver status 256 error happened even before I changed > the self-signed certificate. > 2. Concerning the email missing problem: From smtp log, I can see > the sender server connected to my server, CHKUSER accpeted > sender and rcpt, then end with status 256. But nothing show > up in send or spamd log. > > Thank you very much. > > Best regards, > Bill > > > On 12/5/06, *Bill Kwok* <[EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]>> wrote: > > Hi, > > My server was running okay until when my self-signed digital > cert. expired. After I regenerated the cert. by using this steps: > > > cd /usr/share/ssl/certs/ > make stunnel.pem > mv stunnel.pem /var/qmail/control/servercert.pem > chown root:qmail /var/qmail/control/servercert.pem > chmod 644 /var/qmail/control/servercert.pem > > It looked okay at the beginning. But then my users reported that there are some email missing. And I found that from smtp log file, there are quite a number of errors: > > @4000000045752a6a34ab5084 tcpserver: status: 18/100 > @4000000045752a6a34ab6024 tcpserver: pid 16588 from nnn.nnn.nnn.nnn > @4000000045752a6a34ab67f4 tcpserver: ok 16588 > mx.my.domain.com:10 <http://mx.my.domain.com:10/>.0.1.1:25 : nnn.nnn.nnn.nnn::39453 > @4000000045752a6a34ed6e4c tcpserver: end 16588 status 256 > > @4000000045752a6a34ed7a04 tcpserver: status: 17/100 > @4000000045752a6a36b4824c tcpserver: status: 18/100 > > @4000000045752a6a36b491ec tcpserver: pid 16600 from nnn.nnn.nnn.nnn > @4000000045752a6a36b499bc tcpserver: ok 16600 > > > mx.my.domain.com:10 <http://mx.my.domain.com:10/>.0.1.1:25 : nnn.nnn.nnn.nnn::39464 > @4000000045752a6a3786d9f4 tcpserver: end 16600 status 256 > > @4000000045752a6a3786e1c4 tcpserver: status: 17/100 > @4000000045752a6a389125d4 tcpserver: end 16437 status 0 > @4000000045752a6a3891b274 tcpserver: status: 16/100 > @4000000045752a6b004655dc tcpserver: status: 17/100 > > @4000000045752a6b0046657c tcpserver: pid 16601 from nnn.nnn.nnn.nnn > @4000000045752a6b00466d4c tcpserver: ok 16601 > > > mx.my.domain.com:10 <http://mx.my.domain.com:10/>.0.1.1:25 : nnn.nnn.nnn.nnn::39489 > @4000000045752a6b008ad8ec tcpserver: end 16601 status 256 > > Would anyone show me how to fix this problem? Thanks in advance. > > Best regards, > Bill > -- -Eric 'shubes' --------------------------------------------------------------------- QmailToaster hosted by: VR Hosted <http://www.vr.org> --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
