Re: smtpd_policy_service_timeout question
Hi Scott On Sun, Dec 29, 2019 at 10:04:39AM -0500, Scott Kitterman wrote: > For the policy server in question, the 100s default should be more than 2x > the > maximum time the policy request can take, even if DNS is very slow, The policy service is supposed to do proper timeouts for everything it requests. The timeouts in Postfix should be considered as last-resort, for when the policy service itself broke. Bastian -- Another dream that failed. There's nothing sadder. -- Kirk, "This side of Paradise", stardate 3417.3
Re: smtpd_policy_service_timeout question
On Sunday, December 29, 2019 9:01:12 AM EST Wietse Venema wrote: > Scott Kitterman: > > If Postfix smtpd is waiting for a response to an in progress request > > An SMTP client request or policy request? Policy request. > > and the smtpd_policy_service_timeout is reached, does Postfix keep > > the pipe open until that request completes or does it close it > > right away? > > smtpd_policy_service_timeout is the limit for connecting to, writing > to, or receiving from a policy server. > > - If this expires while the Postfix SMTP server is waiting for an > SMTP client request, nothing happens. > > - If this expires while writing to, or receiving from a policy > server, the Postfix SMTP server will disconnect from the policy > server, and new connection, and retry the policy request. > > > Is it sufficient to set it to slightly higher than the maximum > > time the policy service is supposed to run for a single request > > are should it be substantially higher than that? > > I would not recommend to set timeouts just a little higher than > needed. If, not when, some system becomes overloaded, having 'tight' > timeouts will just make things worse. > > Wietse For the policy server in question, the 100s default should be more than 2x the maximum time the policy request can take, even if DNS is very slow, but there are configuration options users might select that could make it a much closer thing. That clarifies it for me enough that I believe I can get my documentation correct. Thanks, Scott K
Re: smtpd_policy_service_timeout question
Scott Kitterman: > If Postfix smtpd is waiting for a response to an in progress request An SMTP client request or policy request? > and the smtpd_policy_service_timeout is reached, does Postfix keep > the pipe open until that request completes or does it close it > right away? smtpd_policy_service_timeout is the limit for connecting to, writing to, or receiving from a policy server. - If this expires while the Postfix SMTP server is waiting for an SMTP client request, nothing happens. - If this expires while writing to, or receiving from a policy server, the Postfix SMTP server will disconnect from the policy server, and new connection, and retry the policy request. > Is it sufficient to set it to slightly higher than the maximum > time the policy service is supposed to run for a single request > are should it be substantially higher than that? I would not recommend to set timeouts just a little higher than needed. If, not when, some system becomes overloaded, having 'tight' timeouts will just make things worse. Wietse
smtpd_policy_service_timeout question
If Postfix smtpd is waiting for a response to an in progress request and the smtpd_policy_service_timeout is reached, does Postfix keep the pipe open until that request completes or does it close it right away? Is it sufficient to set it to slightly higher than the maximum time the policy service is supposed to run for a single request are should it be substantially higher than that? Scott K