Re: [vchkpw] chkusr patch - false negatives
Charles,
this is not a chkuser limit, but a vpopmail limit. vpopmail's vauth_getpw()
does not check for the availability of the resource (that may be MySQL as
LDAP), but simply returns something like 1/0 (pointer exists, pointer does
not exist, despite of the reason why it does not exist).
You have the same problem in vdelivermail, if MySQL is down. You see
chkuser because it is the first filter in the chain.
So I'm aware of this limit (I'm addressing this in version 2.0), and I'm
going to add some code to check MySQL availability before calling vpopmail,
but I can do it only for MySQl, not for LDAP, Oracle, Postgres, ecc.
I feel it would be nice if it could be developed another set of robust
vpopmail calls.
All critical vpopmail (vauth_getpw() and a few else) could should have a
general return status, stating if routine could work without
resources/other limits.
For example if we could have
status = rvauth_getpw(...);
/*
status only reports if routine worked right, if resources are, ok,
if routine could
make his job without external problems.
*/
if (status == VPOPMAIL_SUCCESS) {
.
/* here examine if user really exists */
} else {
/* say at SMTP to retry later */
}
it would be all more simple.
If vpopmail library keeps connections on between consecutives calls, it
could be enought to add just one call to check resources availability, but
this routine should be developed for all resources.
An example of this kind
status = vopenresources(...);
if (status == VPOPMAIL_SUCCESS) {
user = vauth_getpw(...);
.
} else {
/* say at SMTP to retry later */
}
I know this may be a long work, but I feel vpopmail has to improve a lot
his robustness and reliability.
Tonino
At 11/05/2004 11/05/2004 -0400, you wrote:
Howdy,
I've seen a few people complaining that their mail is getting bounced.
Not good, needless to say. On examing the bounces, I see that it's the
chkusr error message that the user does not exist.
At this point my best guess, by looking at overall server activity is that
this is happening when the machine really gets swamped (all incoming smtp
connections chewed up with spam runs - this server and a backup server).
I have mysql set to 500 max connections, and just bumped that up to 800.
I was surprised a bit by how chkusr behaves if the mysql server goes away
- rather than erring on the side of caution and trying to deliver the
mail, it bounces it. I verified this on a test box.
FWIW, this is the Shupp chkusr patch, there's no version info in the
patch, but it looks like it was made 3/16/2003.
Is this how chkusr is supposed to operate? If so, I need an
alternative, as most other parts of vpopmail survive a brief database
outage without dumping good mail.
Are there any other tested chkusr type patches out there? Please share!
Thanks,
Charles
[EMAIL PROTECTED]Interazioni di Antonio Nati
http://www.interazioni.it [EMAIL PROTECTED]
Re: [vchkpw] chkusr patch - false negatives
tonix (Antonio Nati) wrote: I feel it would be nice if it could be developed another set of robust vpopmail calls. What if you had vauth_open() which you can call early in the program. If it returns 0, you have a valid authentication connection and can expect later calls to work. If it returns any other value it is the error returned trying to open the authentication database. You don't have to call it, all the existing calls will open the database if they are called first. (Like they already do.) This gives you a way to check the authentication connection without retrieving any data. Rick
Re: [vchkpw] chkusr patch - false negatives
At 12/05/2004 12/05/2004 -0600, you wrote: tonix (Antonio Nati) wrote: I feel it would be nice if it could be developed another set of robust vpopmail calls. What if you had vauth_open() which you can call early in the program. If it returns 0, you have a valid authentication connection and can expect later calls to work. If it returns any other value it is the error returned trying to open the authentication database. I'm using vpopmail 5.3.6, but the situation looks the same for following releases... In 5.3.6 vauth_open() does not exists for MySQL, while it does exists for other libraries (but not LDAP). The same call should exist for all type of connections, otherwise it is hard to use in a general way. So this robust set I'm asking for should be (at first) available and coherent for all types of databases. Tonino [EMAIL PROTECTED]Interazioni di Antonio Nati http://www.interazioni.it [EMAIL PROTECTED]
Re: [vchkpw] chkusr patch - false negatives
On Wed, 12 May 2004, tonix (Antonio Nati) wrote: You have the same problem in vdelivermail, if MySQL is down. You see chkuser because it is the first filter in the chain. Unless I'm mistaken though, in this case the mail will simply go back in the queue, it won't be lost, right? Thanks, Charles Tonino At 11/05/2004 11/05/2004 -0400, you wrote: Howdy, I've seen a few people complaining that their mail is getting bounced. Not good, needless to say. On examing the bounces, I see that it's the chkusr error message that the user does not exist. At this point my best guess, by looking at overall server activity is that this is happening when the machine really gets swamped (all incoming smtp connections chewed up with spam runs - this server and a backup server). I have mysql set to 500 max connections, and just bumped that up to 800. I was surprised a bit by how chkusr behaves if the mysql server goes away - rather than erring on the side of caution and trying to deliver the mail, it bounces it. I verified this on a test box. FWIW, this is the Shupp chkusr patch, there's no version info in the patch, but it looks like it was made 3/16/2003. Is this how chkusr is supposed to operate? If so, I need an alternative, as most other parts of vpopmail survive a brief database outage without dumping good mail. Are there any other tested chkusr type patches out there? Please share! Thanks, Charles [EMAIL PROTECTED]Interazioni di Antonio Nati http://www.interazioni.it [EMAIL PROTECTED]
Re: [vchkpw] chkusr patch - false negatives
At 12/05/2004 12/05/2004 -0400, you wrote: On Wed, 12 May 2004, tonix (Antonio Nati) wrote: You have the same problem in vdelivermail, if MySQL is down. You see chkuser because it is the first filter in the chain. Unless I'm mistaken though, in this case the mail will simply go back in the queue, it won't be lost, right? I can't swear, but I expect vdelivermail to check for the user, calling vauth_getpw() and having back a null pointer, and then rejecting the message because the user does not exist. Exactly like it would do if chkuser would not exist. Ciao, Tonino Thanks, Charles [EMAIL PROTECTED]Interazioni di Antonio Nati http://www.interazioni.it [EMAIL PROTECTED]
Re: [vchkpw] chkusr patch - false negatives
Charles Sprickman wrote: Just following up on my own question a bit... I'm trying to figure out how many mysql hits a single incoming message can generate to arrive at a max_connections setting for mysql. Worst case, I assume it would look like this: -initial chkusr check (is it a valid address?) -smtp-auth (possible if it's a local user sending to another) -vdelivermail (look up where to deliver) -spamc (if user has spamassassin enabled, prefs fetched via mysql) Am I missing anything on the delivery side? Potentially more calls to vuserinfo (like from a maildrop script to determine where the Maildir is) from later delivery pieces. These obviously aren't all concurrent, but the hits are all pretty rapid-fire. So if I am allowing a max of 100 concurrent qmail-smtpd's, what would be a safe number of concurrent mysql connections when the box is maxed out? Multiply 100 by 2, 3, 4? This isn't really the way to approach it. Look at what things can be running concurrently: qmail-smtpd, qmail-local, vdelivermail, spamc. The qmail-local is controllable, which you then just multiply by 3 to account for the rapid fire nature. For mail retrieval, I can measure a bit more easily... Thanks, Charles Hope that helps, Nick Harring
[vchkpw] chkusr patch - false negatives
Howdy, I've seen a few people complaining that their mail is getting bounced. Not good, needless to say. On examing the bounces, I see that it's the chkusr error message that the user does not exist. At this point my best guess, by looking at overall server activity is that this is happening when the machine really gets swamped (all incoming smtp connections chewed up with spam runs - this server and a backup server). I have mysql set to 500 max connections, and just bumped that up to 800. I was surprised a bit by how chkusr behaves if the mysql server goes away - rather than erring on the side of caution and trying to deliver the mail, it bounces it. I verified this on a test box. FWIW, this is the Shupp chkusr patch, there's no version info in the patch, but it looks like it was made 3/16/2003. Is this how chkusr is supposed to operate? If so, I need an alternative, as most other parts of vpopmail survive a brief database outage without dumping good mail. Are there any other tested chkusr type patches out there? Please share! Thanks, Charles
Re: [vchkpw] chkusr patch - false negatives
Just following up on my own question a bit... I'm trying to figure out how many mysql hits a single incoming message can generate to arrive at a max_connections setting for mysql. Worst case, I assume it would look like this: -initial chkusr check (is it a valid address?) -smtp-auth (possible if it's a local user sending to another) -vdelivermail (look up where to deliver) -spamc (if user has spamassassin enabled, prefs fetched via mysql) Am I missing anything on the delivery side? These obviously aren't all concurrent, but the hits are all pretty rapid-fire. So if I am allowing a max of 100 concurrent qmail-smtpd's, what would be a safe number of concurrent mysql connections when the box is maxed out? Multiply 100 by 2, 3, 4? For mail retrieval, I can measure a bit more easily... Thanks, Charles On Tue, 11 May 2004, Charles Sprickman wrote: Howdy, I've seen a few people complaining that their mail is getting bounced. Not good, needless to say. On examing the bounces, I see that it's the chkusr error message that the user does not exist. At this point my best guess, by looking at overall server activity is that this is happening when the machine really gets swamped (all incoming smtp connections chewed up with spam runs - this server and a backup server). I have mysql set to 500 max connections, and just bumped that up to 800. I was surprised a bit by how chkusr behaves if the mysql server goes away - rather than erring on the side of caution and trying to deliver the mail, it bounces it. I verified this on a test box. FWIW, this is the Shupp chkusr patch, there's no version info in the patch, but it looks like it was made 3/16/2003. Is this how chkusr is supposed to operate? If so, I need an alternative, as most other parts of vpopmail survive a brief database outage without dumping good mail. Are there any other tested chkusr type patches out there? Please share! Thanks, Charles
